Last active
March 29, 2024 12:37
-
-
Save sergeycherepanov/d54d5712598c30e87c3f648ad3919fd2 to your computer and use it in GitHub Desktop.
mitm proxy standalone
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # REVERSE_URI="https://google.com" BIND_ADDRESS=0.0.0.0 BIND_PORT="3080" docker compose up -d | |
| # curl localhost:3080 | |
| services: | |
| traefik: | |
| image: traefik:v2.5 | |
| command: | |
| - "--ping=true" | |
| - "--log.level=INFO" | |
| - "--api.dashboard=true" | |
| - "--providers.docker=true" | |
| - "--providers.docker.exposedbydefault=false" | |
| - "--providers.docker.constraints=Label(`traefik.mitmproxy`, `true`)" | |
| - "--entrypoints.mitmproxy-web.address=:80" | |
| - "--entrypoints.mitmproxy-web.forwardedheaders.trustedips=0.0.0.0/0" | |
| - "--entryPoints.mitmproxy-web.forwardedHeaders.insecure" | |
| restart: always | |
| logging: | |
| driver: "json-file" | |
| options: | |
| max-size: "50m" | |
| max-file: "3" | |
| ports: | |
| - "${BIND_ADDRESS:-0.0.0.0}:${BIND_PORT:-80}:80" | |
| volumes: | |
| - "/var/run/docker.sock:/var/run/docker.sock:ro" | |
| labels: | |
| - 'traefik.enable=true' | |
| - 'traefik.mitmproxy=true' | |
| - 'traefik.http.routers.traefik-mitmproxy.rule=PathPrefix(`/api`) || PathPrefix(`/dashboard`)' | |
| - 'traefik.http.routers.traefik-mitmproxy.priority=5000' | |
| - 'traefik.http.routers.traefik-mitmproxy.entrypoints=mitmproxy-web' | |
| - 'traefik.http.routers.traefik-mitmproxy.service=api@internal' | |
| - 'traefik.http.routers.traefik-mitmproxy.middlewares=traefik-mitmproxy-auth' | |
| - 'traefik.http.middlewares.traefik-mitmproxy-auth.basicauth.users=admin:{SHA}0tTNr469Z7oY3fDRwNoUXE2vTBw=' | |
| networks: | |
| - mitmproxy | |
| healthcheck: | |
| test: traefik healthcheck --ping | |
| start_period: 5s | |
| interval: 5s | |
| retries: 30 | |
| mitmproxy: | |
| image: mitmproxy/mitmproxy | |
| command: "mitmweb --no-web-open-browser --listen-host 0.0.0.0 --listen-port 80 --web-host 0.0.0.0 --web-port 8080 --mode reverse:${REVERSE_URI:-'https://google.com:443'} --no-http2" | |
| restart: always | |
| logging: | |
| driver: "json-file" | |
| options: | |
| max-size: "50m" | |
| max-file: "3" | |
| healthcheck: | |
| test: /bin/bash -c "</dev/tcp/localhost/8080" | |
| start_period: 6s | |
| interval: 6s | |
| retries: 50 | |
| networks: | |
| - mitmproxy | |
| depends_on: | |
| traefik: | |
| condition: service_healthy | |
| labels: | |
| traefik.enable: "true" | |
| traefik.mitmproxy: "true" | |
| traefik.http.services.mitmproxy-web.loadbalancer.server.port: "80" | |
| traefik.http.routers.mitmproxy-web.service: "mitmproxy-web" | |
| traefik.http.routers.mitmproxy-web.entrypoints: "mitmproxy-web" | |
| traefik.http.routers.mitmproxy-web.rule: "PathPrefix(`/`)" | |
| traefik.http.routers.mitmproxy-web.priority: 3000 | |
| traefik.http.services.mitmproxy-gui.loadbalancer.server.port: "8080" | |
| traefik.http.routers.mitmproxy-gui.service: "mitmproxy-gui" | |
| traefik.http.routers.mitmproxy-gui.entrypoints: "mitmproxy-web" | |
| traefik.http.routers.mitmproxy-gui.rule: "PathPrefix(`/mitmproxy-gui/`)" | |
| traefik.http.routers.mitmproxy-gui.priority: 3200 | |
| traefik.http.routers.mitmproxy-gui.middlewares: "mitmproxy-gui@docker, mitmproxy-gui-header-host@docker" | |
| traefik.http.middlewares.mitmproxy-gui.stripprefix.prefixes: "/mitmproxy-gui/" | |
| traefik.http.middlewares.mitmproxy-gui.stripprefix.forceslash: "true" | |
| traefik.http.middlewares.mitmproxy-gui-header-host.headers.customrequestheaders.Host: "127.0.0.1" | |
| traefik.http.middlewares.mitmproxy-gui-header-host.headers.customrequestheaders.Origin: "" | |
| traefik.http.middlewares.mitmproxy-gui-header-host.headers.customrequestheaders.X-Forwarded-Proto: "https" | |
| networks: | |
| mitmproxy: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment