Demonstration of usage of jdeathe/centos-ssh as a local proxy server. Could be used to tunnel a mobile device over hosts VPN for example.

containerised-tinyproxy-demo.sh

# - Create an SSH container on localhost exposing the default port 22.
# - If you have a default SSH public key (i.e. ~/.ssh/id_rsa.pub) use that 
#   but if not the Vagrant insecure public key will be used.
# - Assumes that the docker bridge network is on 172.17.0.1/24
# - Assumes that the host network is 192.168.1.1/24
# - Connect client's (browser/mobile phone) to {host-public-ip-address}:8888 (or localhost:8888 from host).

docker pull jdeathe/centos-ssh:centos-7-2.1.2

eval "sudo -E $(
    docker inspect \
    -f "{{.ContainerConfig.Labels.install}}" \
    jdeathe/centos-ssh:centos-7-2.1.2
  ) install \
  --name=tinyproxy.1.0 \
  --env='SSH_USER=$(whoami)' \
  --env='SSH_SUDO=\"ALL=(ALL) NOPASSWD:ALL\"' \
  --env='SSH_AUTHORIZED_KEYS=\"$(cat ~/.ssh/id_rsa.pub || :)\"' \
  --env='DOCKER_PORT_MAP_TCP_22=22' \
  --setopt='--expose 8888' \
  --setopt='--publish 8888:8888' \
  --setopt='--add-host container-host:$(docker network inspect -f '{{ index (index .IPAM.Config 0).Gateway }}' bridge)'
"

# Install tinyproxy and add a basic configuration. 
# Requests to http://app-1.local will be directed to the host on port 8080
ssh localhost -- sudo yum -y install tinyproxy
ssh localhost -- sudo chmod -x /usr/lib/systemd/system/tinyproxy.service
ssh localhost -- sudo tee -a /etc/tinyproxy/tinyproxy.conf 1> /dev/null <<-CONFIG
ViaProxyName "container-proxy"
no upstream ".local"
no upstream "."
upstream container-host:8080 "app-1.local"
Allow 127.0.0.1
Allow 192.168.1.1/24
Allow 172.17.0.1/24
CONFIG

# Start the proxy service and tail the log file
ssh localhost -- sudo tinyproxy
ssh localhost -- sudo tail -f /var/log/tinyproxy/tinyproxy.log