Skip to content

Instantly share code, notes, and snippets.

@sergeycherepanov
Last active March 29, 2024 12:37
Show Gist options
  • Save sergeycherepanov/d54d5712598c30e87c3f648ad3919fd2 to your computer and use it in GitHub Desktop.
Save sergeycherepanov/d54d5712598c30e87c3f648ad3919fd2 to your computer and use it in GitHub Desktop.
mitm proxy standalone
# REVERSE_URI="https://google.com" BIND_ADDRESS=0.0.0.0 BIND_PORT="3080" docker compose up -d
# curl localhost:3080
services:
traefik:
image: traefik:v2.5
command:
- "--ping=true"
- "--log.level=INFO"
- "--api.dashboard=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.constraints=Label(`traefik.mitmproxy`, `true`)"
- "--entrypoints.mitmproxy-web.address=:80"
- "--entrypoints.mitmproxy-web.forwardedheaders.trustedips=0.0.0.0/0"
- "--entryPoints.mitmproxy-web.forwardedHeaders.insecure"
restart: always
logging:
driver: "json-file"
options:
max-size: "50m"
max-file: "3"
ports:
- "${BIND_ADDRESS:-0.0.0.0}:${BIND_PORT:-80}:80"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
- 'traefik.enable=true'
- 'traefik.mitmproxy=true'
- 'traefik.http.routers.traefik-mitmproxy.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)'
- 'traefik.http.routers.traefik-mitmproxy.priority=5000'
- 'traefik.http.routers.traefik-mitmproxy.entrypoints=mitmproxy-web'
- 'traefik.http.routers.traefik-mitmproxy.service=api@internal'
- 'traefik.http.routers.traefik-mitmproxy.middlewares=traefik-mitmproxy-auth'
- 'traefik.http.middlewares.traefik-mitmproxy-auth.basicauth.users=admin:{SHA}0tTNr469Z7oY3fDRwNoUXE2vTBw='
networks:
- mitmproxy
healthcheck:
test: traefik healthcheck --ping
start_period: 5s
interval: 5s
retries: 30
mitmproxy:
image: mitmproxy/mitmproxy
command: "mitmweb --no-web-open-browser --listen-host 0.0.0.0 --listen-port 80 --web-host 0.0.0.0 --web-port 8080 --mode reverse:${REVERSE_URI:-'https://google.com:443'} --no-http2"
restart: always
logging:
driver: "json-file"
options:
max-size: "50m"
max-file: "3"
healthcheck:
test: /bin/bash -c "</dev/tcp/localhost/8080"
start_period: 6s
interval: 6s
retries: 50
networks:
- mitmproxy
depends_on:
traefik:
condition: service_healthy
labels:
traefik.enable: "true"
traefik.mitmproxy: "true"
traefik.http.services.mitmproxy-web.loadbalancer.server.port: "80"
traefik.http.routers.mitmproxy-web.service: "mitmproxy-web"
traefik.http.routers.mitmproxy-web.entrypoints: "mitmproxy-web"
traefik.http.routers.mitmproxy-web.rule: "PathPrefix(`/`)"
traefik.http.routers.mitmproxy-web.priority: 3000
traefik.http.services.mitmproxy-gui.loadbalancer.server.port: "8080"
traefik.http.routers.mitmproxy-gui.service: "mitmproxy-gui"
traefik.http.routers.mitmproxy-gui.entrypoints: "mitmproxy-web"
traefik.http.routers.mitmproxy-gui.rule: "PathPrefix(`/mitmproxy-gui/`)"
traefik.http.routers.mitmproxy-gui.priority: 3200
traefik.http.routers.mitmproxy-gui.middlewares: "mitmproxy-gui@docker, mitmproxy-gui-header-host@docker"
traefik.http.middlewares.mitmproxy-gui.stripprefix.prefixes: "/mitmproxy-gui/"
traefik.http.middlewares.mitmproxy-gui.stripprefix.forceslash: "true"
traefik.http.middlewares.mitmproxy-gui-header-host.headers.customrequestheaders.Host: "127.0.0.1"
traefik.http.middlewares.mitmproxy-gui-header-host.headers.customrequestheaders.Origin: ""
traefik.http.middlewares.mitmproxy-gui-header-host.headers.customrequestheaders.X-Forwarded-Proto: "https"
networks:
mitmproxy:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment