Skip to content

Instantly share code, notes, and snippets.

@jdeathe
Last active November 14, 2016 10:37
Show Gist options
  • Save jdeathe/def743b9f58de070c376c4613681f348 to your computer and use it in GitHub Desktop.
Save jdeathe/def743b9f58de070c376c4613681f348 to your computer and use it in GitHub Desktop.
Demonstration of usage of jdeathe/centos-ssh as a local proxy server. Could be used to tunnel a mobile device over hosts VPN for example.
# - Create an SSH container on localhost exposing the default port 22.
# - If you have a default SSH public key (i.e. ~/.ssh/id_rsa.pub) use that
# but if not the Vagrant insecure public key will be used.
# - Assumes that the docker bridge network is on 172.17.0.1/24
# - Assumes that the host network is 192.168.1.1/24
# - Connect client's (browser/mobile phone) to {host-public-ip-address}:8888 (or localhost:8888 from host).
docker pull jdeathe/centos-ssh:centos-7-2.1.2
eval "sudo -E $(
docker inspect \
-f "{{.ContainerConfig.Labels.install}}" \
jdeathe/centos-ssh:centos-7-2.1.2
) install \
--name=tinyproxy.1.0 \
--env='SSH_USER=$(whoami)' \
--env='SSH_SUDO=\"ALL=(ALL) NOPASSWD:ALL\"' \
--env='SSH_AUTHORIZED_KEYS=\"$(cat ~/.ssh/id_rsa.pub || :)\"' \
--env='DOCKER_PORT_MAP_TCP_22=22' \
--setopt='--expose 8888' \
--setopt='--publish 8888:8888' \
--setopt='--add-host container-host:$(docker network inspect -f '{{ index (index .IPAM.Config 0).Gateway }}' bridge)'
"
# Install tinyproxy and add a basic configuration.
# Requests to http://app-1.local will be directed to the host on port 8080
ssh localhost -- sudo yum -y install tinyproxy
ssh localhost -- sudo chmod -x /usr/lib/systemd/system/tinyproxy.service
ssh localhost -- sudo tee -a /etc/tinyproxy/tinyproxy.conf 1> /dev/null <<-CONFIG
ViaProxyName "container-proxy"
no upstream ".local"
no upstream "."
upstream container-host:8080 "app-1.local"
Allow 127.0.0.1
Allow 192.168.1.1/24
Allow 172.17.0.1/24
CONFIG
# Start the proxy service and tail the log file
ssh localhost -- sudo tinyproxy
ssh localhost -- sudo tail -f /var/log/tinyproxy/tinyproxy.log
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment