mirror of
https://github.com/whyvl/wireproxy.git
synced 2025-04-29 19:01:42 +02:00
Merge pull request #45 from jordemort/distroless-docker
Redo Dockerfile
This commit is contained in:
octeep
GitHub
commit
275c628654
6 changed files with 96 additions and 36 deletions
6
.dockerignore
Normal file
6
.dockerignore
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
.dockerignore
|
||||
.github
|
||||
.gitignore
|
||||
Dockerfile
|
||||
LICENSE
|
||||
README.md
|
||||
71
.github/workflows/container.yml
vendored
Normal file
71
.github/workflows/container.yml
vendored
Normal file
|
|
@ -0,0 +1,71 @@
|
|||
name: Build container
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
pull_request:
|
||||
|
||||
# Allow for manually running
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
container_tag:
|
||||
description: Tag for container
|
||||
default: "latest"
|
||||
required: true
|
||||
|
||||
permissions:
|
||||
packages: write
|
||||
|
||||
jobs:
|
||||
container:
|
||||
runs-on: ubuntu-20.04
|
||||
|
||||
env:
|
||||
CONTAINER_NAME: ghcr.io/${{ github.repository }}
|
||||
BUILD_PLATFORMS: linux/amd64,linux/arm,linux/arm64,linux/ppc64le,linux/s390x
|
||||
RAW_CONTAINER_TAG: ${{ github.event.inputs.container_tag || github.event.pull_request.head.ref || 'latest' }}
|
||||
RAW_REF_NAME: ${{ github.event.pull_request.head.ref || github.ref }}
|
||||
|
||||
steps:
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v2.0.0
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
submodules: recursive
|
||||
|
||||
# Needed for buildx gha cache to work
|
||||
- name: Expose GitHub Runtime
|
||||
uses: crazy-max/ghaction-github-runtime@v2
|
||||
|
||||
- name: Build container
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: |
|
||||
CONTAINER_TAG=$(echo "$RAW_CONTAINER_TAG" | sed 's/[^a-zA-Z0-9]\+/-/')
|
||||
REF_NAME=$(echo "$RAW_REF_NAME" | sed -r 's#^refs/(heads|tags)/##')
|
||||
|
||||
docker buildx build \
|
||||
--platform "$BUILD_PLATFORMS" \
|
||||
--tag "$CONTAINER_NAME:$CONTAINER_TAG" \
|
||||
--label "org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}" \
|
||||
--label "org.opencontainers.image.documentation=${{ github.server_url }}/${{ github.repository }}" \
|
||||
--label "org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }}/packages" \
|
||||
--label "org.opencontainers.image.ref.name=$REF_NAME" \
|
||||
--label "org.opencontainers.image.revision=${{ github.sha }}" \
|
||||
--label "org.opencontainers.image.vendor=${{ github.repository_owner }}" \
|
||||
--label "org.opencontainers.image.created=$(date -u --rfc-3339=seconds)" \
|
||||
--cache-from type=gha \
|
||||
--cache-to type=gha,mode=max \
|
||||
--pull ${{ github.event_name == 'push' && '--push' || '' }} .
|
||||
19
Dockerfile
Normal file
19
Dockerfile
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
# Start by building the application.
|
||||
FROM golang:1.18 as build
|
||||
|
||||
WORKDIR /usr/src/wireproxy
|
||||
COPY . .
|
||||
|
||||
RUN CGO_ENABLED=0 go build ./cmd/wireproxy
|
||||
|
||||
# Now copy it into our base image.
|
||||
FROM gcr.io/distroless/static-debian11:nonroot
|
||||
COPY --from=build /usr/src/wireproxy/wireproxy /usr/bin/wireproxy
|
||||
|
||||
VOLUME [ "/etc/wireproxy"]
|
||||
ENTRYPOINT [ "/usr/bin/wireproxy" ]
|
||||
CMD [ "--config", "/etc/wireproxy/config" ]
|
||||
|
||||
LABEL org.opencontainers.image.title wireproxy
|
||||
LABEL org.opencontainers.image.description "Wireguard client that exposes itself as a socks5 proxy"
|
||||
LABEL org.opencontainers.image.licenses ISC
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
FROM golang:alpine AS go-build
|
||||
|
||||
RUN apk --no-cache add --update git
|
||||
RUN git clone https://github.com/octeep/wireproxy.git
|
||||
RUN cd ./wireproxy && go build ./cmd/wireproxy
|
||||
|
||||
|
||||
FROM alpine:latest
|
||||
|
||||
RUN apk upgrade
|
||||
COPY --from=go-build /go/wireproxy/wireproxy /usr/bin/
|
||||
|
||||
VOLUME [ "/etc/wireproxy"]
|
||||
ENTRYPOINT [ "/usr/bin/wireproxy", "--config", "/etc/wireproxy/config" ]
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
build:
|
||||
docker build -t wireproxy .
|
||||
|
||||
run:
|
||||
docker run \
|
||||
--rm --tty --interactive \
|
||||
--name=wireproxy \
|
||||
--publish 2534:2534 \
|
||||
--volume "${PWD}/config:/etc/wireproxy/config:ro" \
|
||||
wireproxy
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
[Interface]
|
||||
Address = ###Interface - Address###
|
||||
PrivateKey = ###Interface - PrivateKey###
|
||||
DNS = ###Interface - DNS###
|
||||
|
||||
[Peer]
|
||||
PublicKey = ###Peer - PublicKey###
|
||||
Endpoint = ###Peer - Endpoint###
|
||||
|
||||
# Socks5 create a socks5 proxy on your LAN, and any traffic would be routed via wireguard
|
||||
[Socks5]
|
||||
BindAddress = 0.0.0.0:2534
|
||||
Loading…
Add table
Add a link
Reference in a new issue