forked from Tardo/docker-privoxy-https
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
106 lines (93 loc) · 3.81 KB
/
Dockerfile
File metadata and controls
106 lines (93 loc) · 3.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
FROM alpine:latest
# Create Privoxy User
RUN set -ex; \
addgroup --gid 7777 --system privoxy; \
adduser \
--disabled-password \
--home /var/lib/privoxy/ \
--ingroup privoxy \
--no-create-home \
--system \
--uid 7777 \
privoxy; \
mkdir /var/lib/privoxy/; \
chown privoxy:privoxy /var/lib/privoxy/;
ARG PRIVOXY_VERSION=4.0.0
# Build Privoxy
RUN set -eux; \
apk add --no-cache --virtual build-tools \
gcc \
autoconf \
make \
git; \
apk add --no-cache --virtual build-deps \
libc-dev \
zlib-dev \
pcre2-dev \
openssl-dev \
brotli-dev; \
mkdir -p /usr/local/src/privoxy-${PRIVOXY_VERSION}-stable; \
wget -O /var/lib/privoxy/privoxy-src.tar.gz https://sourceforge.net/projects/ijbswa/files/Sources/${PRIVOXY_VERSION}%20%28stable%29/privoxy-${PRIVOXY_VERSION}-stable-src.tar.gz/download; \
tar -zxvf /var/lib/privoxy/privoxy-src.tar.gz -C /usr/local/src/; \
cd /usr/local/src/privoxy-${PRIVOXY_VERSION}-stable; \
autoheader; \
autoconf; \
./configure --disable-toggle --disable-editor --disable-force --with-openssl --with-brotli; \
make; \
make -s install USER=privoxy GROUP=privoxy; \
chown -R privoxy:privoxy /usr/local/etc/privoxy/; \
rm -rf /var/lib/privoxy/privoxy-src.tar.gz /usr/local/src/privoxy-${PRIVOXY_VERSION}-stable; \
apk del build-tools build-deps;
# Add system tools
RUN set -eux; \
apk add --no-cache --virtual runtime-deps \
openssl \
python3 \
pcre2 \
brotli \
supervisor \
bash \
sed \
net-tools;
# Enable Privoxy HTTPS inspection
RUN set -ex; \
mv /usr/local/etc/privoxy/config /usr/local/etc/privoxy/config.orig; \
sed -i '/^+set-image-blocker{pattern}/a +https-inspection \\' /usr/local/etc/privoxy/match-all.action;
# Copy project scripts/configs
COPY data/rules/ /usr/local/etc/privoxy/privman-rules/
COPY data/supervisord.conf /usr/local/etc/privoxy/
COPY data/config /usr/local/etc/privoxy/
COPY data/privoxy-blocklist.conf /var/lib/privoxy/
RUN set -eux; \
sed -i 's/\r$//' /var/lib/privoxy/privoxy-blocklist.conf
COPY bin/privman.py /var/lib/privoxy/privman.py
COPY bin/privoxy-blocklist.sh /var/lib/privoxy/privoxy-blocklist.sh
RUN set -eux; \
# Remove CRLF (dos2unix) and ensure LF-only
sed -i 's/\r$//' /var/lib/privoxy/privoxy-blocklist.sh; \
# Make executable
chmod +x /var/lib/privoxy/privoxy-blocklist.sh; \
# (Re)create the symlink
ln -sf /var/lib/privoxy/privoxy-blocklist.sh /usr/local/bin/privoxy-blocklist
COPY docker-entrypoint.sh /usr/local/bin/
RUN sed -i 's/\r$//' /usr/local/bin/docker-entrypoint.sh \
&& chmod +x /usr/local/bin/docker-entrypoint.sh
# Set the correct permissions
RUN set -ex; \
sed -i 's/\r$//' /var/lib/privoxy/privman.py /var/lib/privoxy/privoxy-blocklist.sh; \
head -1 /var/lib/privoxy/privman.py | grep -q '^#!' || \
sed -i '1i #!/usr/bin/env python3' /var/lib/privoxy/privman.py; \
mkdir -p /usr/local/etc/privoxy/CA /usr/local/etc/privoxy/certs /usr/local/etc/privoxy/privman-rules; \
chown -R privoxy:privoxy /usr/local/etc/privoxy/config /usr/local/etc/privoxy/CA /usr/local/etc/privoxy/certs /usr/local/etc/privoxy/privman-rules /var/lib/privoxy/privoxy-blocklist.conf; \
chmod +x /var/lib/privoxy/privman.py; \
ln -sf /var/lib/privoxy/privman.py /usr/local/bin/privman; \
ln -sf /var/lib/privoxy/privoxy-blocklist.sh /usr/local/bin/privoxy-blocklist;
ENV ADBLOCK_URLS="" \
ADBLOCK_FILTERS=""
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
RUN cp -a /usr/local/etc/privoxy /opt/privoxy-default
VOLUME /usr/local/etc/privoxy
EXPOSE 8118/tcp
USER privoxy
WORKDIR /usr/local/etc/privoxy/
CMD ["/usr/bin/supervisord", "-c", "supervisord.conf"]