Initial commit

.gitignore

@@ -0,0 +1 @@
+wg0.conf

3proxy.cfg

@@ -0,0 +1,15 @@
+## DNS servers
+# nserver 1.1.1.1
+# nserver 8.8.8.8
+nscache 65536
+
+## Log settings
+log
+logformat "L%Y-%m-%d %H:%M:%S %U %C:%c %R:%r %O %I %h %T"
+
+## Set up the HTTP proxy on port 3128
+proxy -p3128
+
+## Set up the SOCKS5 proxy on port 1080
+socks -p1080
+

Dockerfile

@@ -0,0 +1,47 @@
+# Stage 1: Build 3proxy
+FROM debian:bullseye-slim AS builder
+
+# Install build dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    build-essential \
+    git \
+    ca-certificates \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Clone and build 3proxy
+WORKDIR /usr/src/3proxy
+RUN git clone https://github.com/3proxy/3proxy.git . && \
+    ln -s Makefile.Linux Makefile && \
+    make -f Makefile
+
+# Stage 2: Runtime Image
+FROM debian:bullseye-slim
+
+# Install runtime dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openresolv \
+    iproute2 \
+    iptables \
+    wireguard-tools \
+    ca-certificates \
+    procps \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Copy 3proxy from the builder stage
+COPY --from=builder /usr/src/3proxy/bin/ /usr/local/bin/
+
+# Create necessary directories
+RUN mkdir -p /etc/3proxy /var/log/3proxy && \
+    chown -R nobody:nogroup /var/log/3proxy
+
+# Copy configuration files
+COPY 3proxy.cfg /etc/3proxy/3proxy.cfg
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+# Expose proxy ports
+EXPOSE 3128 1080
+
+# Set entrypoint
+ENTRYPOINT ["/entrypoint.sh"]
+

Makefile

@@ -0,0 +1,35 @@
+CONTAINER_MANAGER := docker
+COMPOSE := $(CONTAINER_MANAGER) compose
+DC_FILE := compose.yaml
+
+.PHONY: ps
+ps:
+	$(COMPOSE) -f $(DC_FILE) ps
+
+.PHONY: config
+config:
+	$(COMPOSE) -f $(DC_FILE) config
+
+.PHONY: up
+up:
+	$(COMPOSE) -f $(DC_FILE) up -d
+
+.PHONY: down
+down:
+	$(COMPOSE) -f $(DC_FILE) down
+
+.PHONY: start
+start:
+	$(COMPOSE) -f $(DC_FILE) start
+
+.PHONY: stop
+stop:
+	$(COMPOSE) -f $(DC_FILE) stop
+
+.PHONY: restart
+restart:
+	$(COMPOSE) -f $(DC_FILE) restart
+
+.PHONY: logs
+logs:
+	$(COMPOSE) -f $(DC_FILE) logs -f

README.md

@@ -0,0 +1,87 @@
+# wireguard-3proxy-docker
+
+Docker container combining WireGuard VPN with 3proxy to provide HTTP and SOCKS5 proxy services through an encrypted tunnel.
+
+## Features
+
+- WireGuard VPN for secure, encrypted tunneling
+- HTTP proxy (port 3128)
+- SOCKS5 proxy (port 1080)
+- DNS resolution through VPN
+- Container logs to stdout
+- Multi-stage build for minimal image size
+
+## Requirements
+
+- Docker
+- Docker Compose
+- WireGuard configuration file (`wg0.conf`)
+
+## Quick Start
+
+1. Clone the repository:
+```bash
+git clone https://github.com/rbehzadan/wireguard-3proxy-docker.git
+cd wireguard-3proxy-docker
+```
+
+2. Create WireGuard configuration file `wg0.conf`:
+```ini
+[Interface]
+PrivateKey = your_private_key
+Address = your_ip_address
+DNS = 1.1.1.1, 8.8.8.8
+
+[Peer]
+PublicKey = peer_public_key
+AllowedIPs = 0.0.0.0/0
+Endpoint = peer_endpoint:port
+```
+
+3. Start the container:
+```bash
+docker compose up -d
+```
+
+## Docker Compose Configuration
+
+```yaml
+services:
+  wireguard:
+    image: rbehzadan/wireguard-3proxy
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    devices:
+      - /dev/net/tun
+    privileged: true
+    volumes:
+      - ./wg0.conf:/etc/wireguard/wg0.conf
+    ports:
+      - "3128:3128"
+      - "1080:1080"
+```
+
+## Build from Source
+
+```bash
+git clone https://github.com/rbehzadan/wireguard-3proxy-docker.git
+cd wireguard-3proxy-docker
+docker build -t wireguard-3proxy:latest .
+```
+
+## Security Notes
+
+- Container runs with privileged access (required for WireGuard)
+- No authentication configured by default
+- All traffic routed through VPN tunnel
+- DNS queries resolved through VPN DNS servers
+
+## Contributing
+
+Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
+
+## License
+
+This project is licensed under the MIT License.

README_DOCKER_HUB.md

@@ -0,0 +1,103 @@
+# WireGuard with 3proxy Docker Image
+
+This Docker image combines WireGuard VPN with 3proxy to provide both HTTP and SOCKS5 proxy services through a VPN tunnel.
+
+## Features
+
+- WireGuard VPN connectivity
+- HTTP proxy (port 3128)
+- SOCKS5 proxy (port 1080)
+- DNS resolution through VPN
+- Logging to stdout for container monitoring
+
+## Prerequisites
+
+- Docker
+- Docker Compose
+- WireGuard configuration file (`wg0.conf`)
+
+## Usage
+
+1. Prepare your WireGuard configuration file `wg0.conf`. Example:
+```ini
+[Interface]
+PrivateKey = your_private_key
+Address = your_ip_address
+DNS = 1.1.1.1, 8.8.8.8
+
+[Peer]
+PublicKey = peer_public_key
+AllowedIPs = 0.0.0.0/0
+Endpoint = peer_endpoint:port
+```
+
+2. Run with Docker Compose:
+```bash
+docker compose up -d
+```
+
+## Docker Compose Configuration
+
+```yaml
+services:
+  wireguard:
+    image: rbehzadan/wireguard-3proxy
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    devices:
+      - /dev/net/tun
+    privileged: true
+    volumes:
+      - ./wg0.conf:/etc/wireguard/wg0.conf
+    ports:
+      - "3128:3128"
+      - "1080:1080"
+```
+
+## Configuration
+
+The image uses the following default ports:
+- HTTP Proxy: 3128
+- SOCKS5 Proxy: 1080
+
+### Environment Variables
+None required.
+
+### Volumes
+Mount your WireGuard configuration:
+```yaml
+volumes:
+  - ./wg0.conf:/etc/wireguard/wg0.conf
+```
+
+### Required Capabilities
+```yaml
+cap_add:
+  - NET_ADMIN
+  - SYS_MODULE
+devices:
+  - /dev/net/tun
+privileged: true
+```
+
+## Security Considerations
+
+- The container runs in privileged mode due to WireGuard requirements
+- No authentication is configured by default
+- All traffic is routed through the VPN tunnel
+- DNS queries are resolved through the VPN's DNS servers
+
+## Building
+
+```bash
+docker build -t rbehzadan/wireguard-3proxy:tag .
+```
+
+## License
+
+This project is licensed under the MIT License.
+
+## Similar Projects
+[linuxserver/wireguard](https://hub.docker.com/r/linuxserver/wireguard) - A robust WireGuard container that focuses on VPN functionality. Our project extends this concept by adding HTTP and SOCKS5 proxy capabilities through 3proxy.

compose.yaml

@@ -0,0 +1,16 @@
+services:
+  wireguard:
+    image: rbehzadan/wireguard-3proxy
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    devices:
+      - /dev/net/tun
+    privileged: true
+    volumes:
+      - ./wg0.conf:/etc/wireguard/wg0.conf
+    ports:
+      - "3128:3128"
+      - "1080:1080"
+

entrypoint.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+# Start WireGuard
+wg-quick up /etc/wireguard/wg0.conf
+
+# Wait for WireGuard interface to be up
+sleep 1
+
+exec /usr/local/bin/3proxy /etc/3proxy/3proxy.cfg