From 8fc550387933ffe7d2a19f177fb405596609fc31 Mon Sep 17 00:00:00 2001 From: Patrick Kishino Date: Fri, 29 May 2020 15:03:10 +0900 Subject: [PATCH] Added BasicAuth to tinyproxy, updated docs and dockerfiles --- DockerEnv | 2 ++ Dockerfile | 12 +++++++----- Dockerfile.alpine | 6 +++++- Dockerfile.armhf | 8 +++++--- docs/arguments.md | 3 +++ docs/readme.md | 2 ++ openvpn/tunnelUp.sh | 1 - tinyproxy/start.sh | 10 ++++++++++ transmission/environment-variables.tmpl | 2 ++ 9 files changed, 36 insertions(+), 10 deletions(-) diff --git a/DockerEnv b/DockerEnv index c9b9a97f9..78617adc0 100644 --- a/DockerEnv +++ b/DockerEnv @@ -85,4 +85,6 @@ #TRANSMISSION_WATCH_DIR_FORCE_GENERIC=false #WEBPROXY_ENABLED=false #WEBPROXY_PORT=8888 +#WEBPROXY_USERNAME= +#WEBPROXY_PASSWORD= #DOCKER_LOG=false diff --git a/Dockerfile b/Dockerfile index 8c9336df6..6716ec9b9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:18.04 +FROM ubuntu:19.10 VOLUME /data VOLUME /config @@ -12,12 +12,12 @@ ENV DEBIAN_FRONTEND=noninteractive # Update, upgrade and install core software RUN apt update \ - && apt -y upgrade \ - && apt -y install software-properties-common wget git curl jq \ + && apt -y install apt-utils software-properties-common wget git curl jq \ && add-apt-repository ppa:transmissionbt/ppa \ && apt update \ - && apt install -y sudo transmission-cli transmission-common transmission-daemon curl rar unrar zip unzip ufw iputils-ping openvpn bc tzdata \ + && apt install -y sudo transmission-cli transmission-common transmission-daemon curl rar unrar zip unzip ufw iputils-ping openvpn bc tzdata bash \ python2.7 python2.7-pysqlite2 && ln -sf /usr/bin/python2.7 /usr/bin/python2 \ + && apt -y upgrade \ && wget https://github.com/Secretmapper/combustion/archive/release.zip \ && unzip release.zip -d /opt/transmission-ui/ \ && rm release.zip \ @@ -28,7 +28,7 @@ RUN apt update \ && ln -s /usr/share/transmission/web/javascript /opt/transmission-ui/transmission-web-control \ && ln -s /usr/share/transmission/web/index.html /opt/transmission-ui/transmission-web-control/index.original.html \ && git clone git://github.com/endor/kettu.git /opt/transmission-ui/kettu \ - && apt install -y tinyproxy telnet \ + && apt install -y tinyproxy telnet vim \ && wget https://github.com/Yelp/dumb-init/releases/download/v${DUMBINIT_VERSION}/dumb-init_${DUMBINIT_VERSION}_amd64.deb \ && dpkg -i dumb-init_${DUMBINIT_VERSION}_amd64.deb \ && rm -rf dumb-init_${DUMBINIT_VERSION}_amd64.deb \ @@ -133,6 +133,8 @@ ENV OPENVPN_USERNAME=**None** \ DROP_DEFAULT_ROUTE= \ WEBPROXY_ENABLED=false \ WEBPROXY_PORT=8888 \ + WEBPROXY_USERNAME= \ + WEBPROXY_PASSWORD= \ HEALTH_CHECK_HOST=google.com \ DOCKER_LOG=false diff --git a/Dockerfile.alpine b/Dockerfile.alpine index abb8fd280..abdb157ab 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -6,7 +6,7 @@ VOLUME /config ARG DOCKERIZE_ARCH=amd64 ENV DOCKERIZE_VERSION=v0.6.0 RUN echo "@testing http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \ - && apk --no-cache add bash dumb-init ip6tables ufw@testing openvpn shadow transmission-daemon transmission-cli curl jq tzdata \ + && apk --no-cache add bash dumb-init ip6tables ufw@testing openvpn shadow transmission-daemon transmission-cli curl jq tzdata tinyproxy \ && echo "Install dockerize $DOCKERIZE_VERSION ($DOCKERIZE_ARCH)" \ && wget -qO- https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-$DOCKERIZE_ARCH-$DOCKERIZE_VERSION.tar.gz | tar xz -C /usr/bin \ && mkdir -p /opt/transmission-ui \ @@ -27,8 +27,10 @@ RUN echo "@testing http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/ap && useradd -u 911 -U -d /config -s /bin/false abc \ && usermod -G users abc +# Add configuration and scripts ADD openvpn/ /etc/openvpn/ ADD transmission/ /etc/transmission/ +ADD tinyproxy /opt/tinyproxy/ ADD scripts /etc/scripts/ ENV OPENVPN_USERNAME=**None** \ @@ -121,6 +123,8 @@ ENV OPENVPN_USERNAME=**None** \ DROP_DEFAULT_ROUTE= \ WEBPROXY_ENABLED=false \ WEBPROXY_PORT=8888 \ + WEBPROXY_USERNAME= \ + WEBPROXY_PASSWORD= \ DOCKER_LOG=false \ HEALTH_CHECK_HOST=google.com diff --git a/Dockerfile.armhf b/Dockerfile.armhf index 8ebc25ffb..759b0cb50 100644 --- a/Dockerfile.armhf +++ b/Dockerfile.armhf @@ -9,9 +9,9 @@ VOLUME /config # Update packages and install software RUN apt-get update \ - && apt-get -y install apt-utils \ - && apt-get -y install transmission-cli transmission-common transmission-daemon \ - && apt-get install -y dumb-init unzip openvpn curl ufw git tinyproxy jq \ + && apt-get -y install apt-utils transmission-cli transmission-common transmission-daemon \ + && apt-get install -y dumb-init unzip openvpn curl ufw git tinyproxy jq bash \ + && apt-get -y upgrade \ && curl -L -o /tmp/release.zip https://github.com/Secretmapper/combustion/archive/release.zip \ && unzip /tmp/release.zip -d /opt/transmission-ui/ \ && rm /tmp/release.zip \ @@ -127,6 +127,8 @@ ENV OPENVPN_USERNAME=**None** \ DROP_DEFAULT_ROUTE= \ WEBPROXY_ENABLED=false \ WEBPROXY_PORT=8888 \ + WEBPROXY_USERNAME= \ + WEBPROXY_PASSWORD= \ DOCKER_LOG=false \ HEALTH_CHECK_HOST=google.com diff --git a/docs/arguments.md b/docs/arguments.md index 9abd05ba1..74732cc30 100755 --- a/docs/arguments.md +++ b/docs/arguments.md @@ -78,11 +78,14 @@ This is useful if you are using a private tracker that needs to see you login fr The default listening port is 8888. Note that only ports above 1024 can be specified as all ports below 1024 are privileged and would otherwise require root permissions to run. Remember to add a port binding for your selected (or default) port when starting the container. +If you set Username and Password it will enable BasicAuth for the proxy | Variable | Function | Example | | ------------------ | ----------------------- | ----------------------- | | `WEBPROXY_ENABLED` | Enables the web proxy | `WEBPROXY_ENABLED=true` | | `WEBPROXY_PORT` | Sets the listening port | `WEBPROXY_PORT=8888` | +| `WEBPROXY_USERNAME`| Sets the BasicAuth username | `WEBPROXY_USERNAME=test` | +| `WEBPROXY_PASSWORD`| Sets the BasicAuth password | `WEBPROXY_PASSWORD=password` | ### User configuration options diff --git a/docs/readme.md b/docs/readme.md index 6eca681de..504380c28 100644 --- a/docs/readme.md +++ b/docs/readme.md @@ -230,6 +230,8 @@ Remember to add a port binding for your selected (or default) port when starting | ------------------ | ----------------------- | ----------------------- | | `WEBPROXY_ENABLED` | Enables the web proxy | `WEBPROXY_ENABLED=true` | | `WEBPROXY_PORT` | Sets the listening port | `WEBPROXY_PORT=8888` | +| `WEBPROXY_USERNAME`| Sets the BasicAuth username | `WEBPROXY_USERNAME=test` | +| `WEBPROXY_PASSWORD`| Sets the BasicAuth password | `WEBPROXY_PASSWORD=password` | ### User configuration options diff --git a/openvpn/tunnelUp.sh b/openvpn/tunnelUp.sh index 3f4effd33..eb8957cc7 100755 --- a/openvpn/tunnelUp.sh +++ b/openvpn/tunnelUp.sh @@ -1,4 +1,3 @@ #!/bin/bash - /etc/transmission/start.sh "$@" [[ ! -f /opt/tinyproxy/start.sh ]] || /opt/tinyproxy/start.sh diff --git a/tinyproxy/start.sh b/tinyproxy/start.sh index 7627623b5..08341d796 100755 --- a/tinyproxy/start.sh +++ b/tinyproxy/start.sh @@ -38,6 +38,12 @@ set_port() sed -i -e"s,^Port .*,Port $1," $2 } +set_authentication() +{ + echo "Setting tinyproxy basic auth"; + echo "BasicAuth $1 $2" >> $3 +} + if [[ "${WEBPROXY_ENABLED}" = "true" ]]; then echo "STARTING TINYPROXY" @@ -47,6 +53,10 @@ if [[ "${WEBPROXY_ENABLED}" = "true" ]]; then set_port ${WEBPROXY_PORT} ${PROXY_CONF} + if [[ ! -z "${WEBPROXY_USERNAME}" ]] && [[ ! -z "${WEBPROXY_PASSWORD}" ]]; then + set_authentication ${WEBPROXY_USERNAME} ${WEBPROXY_PASSWORD} ${PROXY_CONF} + fi + # Allow all clients sed -i -e"s/^Allow /#Allow /" ${PROXY_CONF} diff --git a/transmission/environment-variables.tmpl b/transmission/environment-variables.tmpl index 9774943a4..806e4a541 100644 --- a/transmission/environment-variables.tmpl +++ b/transmission/environment-variables.tmpl @@ -85,6 +85,8 @@ export PGID={{ .Env.PGID }} # Need to pass through our tinyproxy settings export WEBPROXY_ENABLED={{ .Env.WEBPROXY_ENABLED }} export WEBPROXY_PORT={{ .Env.WEBPROXY_PORT }} +export WEBPROXY_USERNAME={{ .Env.WEBPROXY_USERNAME }} +export WEBPROXY_PASSWORD={{ .Env.WEBPROXY_PASSWORD }} # Support custom web frontend {{ if .Env.TRANSMISSION_WEB_HOME }} export TRANSMISSION_WEB_HOME={{ .Env.TRANSMISSION_WEB_HOME }} {{end}}