Commit Graph

28 Commits (0d6e3d68902026ce909c5ceefdfc333f1a06eca2)

Author SHA1 Message Date
Jonas Letzbor 0d6e3d6890
Add option to disable IPV6 for resolving 2023-12-27 15:19:41 +01:00
Ales Nosek fcf8fc1ca2 Mitmproxy won't start due to soft_unicode removed from markupsafe
After building the debug image and trying to run it, the mitproxy
would fail to start:

Traceback (most recent call last):
  File "/usr/bin/mitmweb", line 8, in <module>
    sys.exit(mitmweb())
  File "/usr/lib/python3.8/site-packages/mitmproxy/tools/_main.py", line 172, in mitmweb
    from mitmproxy.tools import web
  File "/usr/lib/python3.8/site-packages/mitmproxy/tools/web/__init__.py", line 1, in <module>
    from mitmproxy.tools.web import master
  File "/usr/lib/python3.8/site-packages/mitmproxy/tools/web/master.py", line 5, in <module>
    from mitmproxy import addons
  File "/usr/lib/python3.8/site-packages/mitmproxy/addons/__init__.py", line 12, in <module>
    from mitmproxy.addons import onboarding
  File "/usr/lib/python3.8/site-packages/mitmproxy/addons/onboarding.py", line 2, in <module>
    from mitmproxy.addons.onboardingapp import app
  File "/usr/lib/python3.8/site-packages/mitmproxy/addons/onboardingapp/__init__.py", line 3, in <module>
    from flask import Flask, render_template
  File "/usr/lib/python3.8/site-packages/flask/__init__.py", line 14, in <module>
    from jinja2 import escape
  File "/usr/lib/python3.8/site-packages/jinja2/__init__.py", line 12, in <module>
    from .environment import Environment
  File "/usr/lib/python3.8/site-packages/jinja2/environment.py", line 25, in <module>
    from .defaults import BLOCK_END_STRING
  File "/usr/lib/python3.8/site-packages/jinja2/defaults.py", line 3, in <module>
    from .filters import FILTERS as DEFAULT_FILTERS  # noqa: F401
  File "/usr/lib/python3.8/site-packages/jinja2/filters.py", line 13, in <module>
    from markupsafe import soft_unicode
ImportError: cannot import name 'soft_unicode' from 'markupsafe' (/usr/lib/python3.8/site-packages/markupsafe/__init__.py)

Fixed the issue by explicitly requiring an older version of MarkupSafe.

The issue is related to:
https://github.com/pallets/markupsafe/issues/282
2022-08-12 19:54:59 +02:00
saces 45ad55d3f1 add option to disable request buffering.
If push is allowed, buffering requests can cause issues on slow upstreams.
The put requests pile up, and since `proxy_ignore_client_abort` is on...
...the push fails.

If you have trouble pushing, set `PROXY_REQUEST_BUFFERING`to false, then fix
remainig issues/timeouts.

Default is true to not change default behavior.
2022-01-10 23:17:49 +01:00
Ricardo Pardini c949381a10
nginx-1.18.0-alpine-3.12.1 -> nginx-1.20.1-alpine-3.12.7 2021-07-11 20:18:39 +02:00
Ricardo Pardini d0101cbac5
try to build & run on podman via one more hack to resolv.conf parsing
- why the hell does nginx need a resolver config, again?
2021-05-27 23:59:46 +02:00
Sezer Bülent 51585675e6
DRP-70: add timeoutes as ENVs, update README.md, update nginx config (#73)
Authored-by: Bulent <bt.sezer29@gmail.com>
2021-01-28 12:12:18 +01:00
Federico Gimenez 536f0fc8a0
Allow push (#59)
Introduce ALLOW_PUSH, if set to true, allows non-GET methods through the proxy
2020-12-02 14:58:19 +01:00
Ricardo Pardini a726f88049
3-tier implementation of manifest caching (#57)
* implement manifest caching; refactor config with includes, and generate from ENVs in entrypoint.sh
- disabled by default; enable with -e ENABLE_MANIFEST_CACHE=true
- default times and regexes are a wild guess, make sure to tune for your use case.
-  add manifest caching/anti-ratelimit usage note to README
- add -e ENABLE_MANIFEST_CACHE=true to examples, some wording changes
- add -e ENABLE_MANIFEST_CACHE=true to one the steps in test workflow.
2020-10-30 18:54:10 +01:00
Ricardo Pardini 227a397225 Link image to original repository on GitHub via LABEL 2020-10-30 13:24:08 +01:00
Ricardo Pardini 1856d821fc bump base image to nginx-1.18.0-alpine-3.12.1 2020-10-30 12:31:52 +01:00
Ricardo Pardini a2fd8bb32b upgrade to mitmproxy 5.x; do not store large bodies in memory; use separate config dirs for each mitmweb; better mitmweb logging 2020-10-30 12:02:56 +01:00
Ricardo Pardini aaf7fa0308 introduce env DEBUG_HUB; to help understand #54
- injects a mitmproxy between the caching layer and DockerHub's registry-1.docker.io
- it also disables VERIFY_SSL so the mitmproxy can be used;
- DEBUG_HUB's mitmweb is exposed on port 8082
- both DEBUG and DEBUG_HUB can be enabled independently
2020-10-30 00:20:18 +01:00
Ricardo Pardini fe388f560b silence mitmweb, nginx logs are hard enough to read 2020-10-08 02:45:49 +02:00
Ricardo Pardini 67edf7efda fix python3 deps for mitmproxy/mitmweb (-e DEBUG=true) 2020-10-08 02:32:00 +02:00
Ricardo Pardini ec4df7b4b7 GitHub Actions: multiarch build, new -debug version, much lighter layers 2020-10-08 01:57:49 +02:00
ricardop a2c0afcbc4 upgrade to nginx-1.18.0-alpine-3.12; alpine 3.12 changed a lot of python/pip/wheel stuff 2020-09-22 10:15:15 +02:00
ricardop 2c8be197be fix, we need openssl package even in non-debug builds 2020-06-08 15:48:14 +02:00
ricardop 6a1fe384f5 introduce Docker build-args:
- BASE_IMAGE, used in FROM line
- DEBUG_BUILD, build mitmproxy or not
2020-06-08 14:49:21 +02:00
ricardop 056c8521f9 use specific mitmproxy version (latest in 4.x branch) 2020-04-03 14:12:43 +02:00
ricardop 72dc9a8819 use alpine's coreutils base64, which supports -w 0 to avoid wrapping -- thanks @miihael 2020-04-03 14:06:19 +02:00
ricardop bb8ab751a7 Merge branch 'pull/30' 2020-04-03 13:41:12 +02:00
ricardop 2bd42f9a5b Bump base image version to nginx 1.16.1 and alpine 3.11 2020-04-03 13:34:29 +02:00
Jeff Bachtel 75bc9e0825 Move apk add and del into same layer
Prevents bloating of final image
2020-01-28 15:28:22 -07:00
Ricardo Pardini 7737bf807a
disable debug by default; fixes #9 2019-01-16 20:53:45 +01:00
Ricardo Pardini 7724f3ba15
completely reworked caching, now cache by exception (/blobs/ only essentially)
- now only /v2/.../blobs/... URIs are actually cached (together with their redirect catchers)
- /manifests/, /token, and /v2/ are not cached anymore, which should solve a lot of problems
- better messages for /v1 attempts
- fix usage of $connect_host:443 (which is hostname:port and causes errors to be logged) to $connect_addr (which returns an IP:port) in the proxy layer
2018-11-04 16:43:53 +01:00
Ricardo Pardini 8ff06e3dec
add mitmproxy/nginx-debug inspection capabilities
- avoid some caching for non-blob urls
2018-11-04 11:23:52 +01:00
ricardop 0abd4ca51a
completely reworked into an HTTPS_PROXY-based solution
- emit our own certificates
- configurable via ENVs
- generates config dinamically
2018-06-29 01:39:02 +02:00
ricardop 325dd23ae5
initial commit 2018-06-27 13:08:09 +02:00