caddyserver · foxmeyson · Nov 1, 2021 · Nov 2, 2021 · Nov 2, 2021 · sergeyfrolov
diff --git a/README.md b/README.md
@@ -19,26 +19,29 @@ The simplest way to enable the forward proxy without authentication just include
 Open a block for more control; here's an example of all properties in use (note that the syntax is subject to change):
 
 ```
-forwardproxy {
-    basicauth user1 password1
-    basicauth user2 password2
-    ports     80 443
-    hide_ip
-    hide_via
-    probe_resistance secret-link-kWWL9Q.com # alternatively you can use a real domain, such as caddyserver.com
-    serve_pac        /secret-proxy.pac
-    response_timeout 30
-    dial_timeout     30
-    upstream         https://user:[email protected]
-    acl {
-      allow     *.caddyserver.com
-      deny      192.168.1.1/32 192.168.0.0/16 *.prohibitedsite.com *.localhost
-      allow     ::1/128 8.8.8.8 github.com *.github.io
-      allowfile /path/to/whitelist.txt
-      denyfile  /path/to/blacklist.txt
-      allow     all
-      deny      all # unreachable rule, remaining requests are matched by `allow all` above
-    }
+:80, :443 {
+      log / stdout "{remote} - {user} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {hostonly} {request_id} {latency_ms}"
+      forwardproxy {
+          basicauth user1 password1
+          basicauth user2 password2
+          ports     80 443
+          hide_ip
+          hide_via
+          probe_resistance secret-link-kWWL9Q.com # alternatively you can use a real domain, such as caddyserver.com
+          serve_pac        /secret-proxy.pac
+          response_timeout 30
+          dial_timeout     30
+          upstream         https://user:[email protected]
+          acl {
+            allow     *.caddyserver.com
+            deny      192.168.1.1/32 192.168.0.0/16 *.prohibitedsite.com *.localhost
+            allow     ::1/128 8.8.8.8 github.com *.github.io
+            allowfile /path/to/whitelist.txt
+            denyfile  /path/to/blacklist.txt
+            allow     all
+            deny      all # unreachable rule, remaining requests are matched by `allow all` above
+          }
+      }
 }
 ```
 
@@ -168,4 +171,4 @@ Licensed under the [Apache License](LICENSE)
 
 USE AT YOUR OWN RISK. THIS IS DELIVERED AS-IS. By using this software, you agree and assert that authors, maintainers, and contributors of this software are not responsible or liable for any risks, costs, or problems you may encounter. Consider your threat model and be smart. If you find a flaw or bug, please submit a patch and help make things better!
 
-Initial version of this plugin was developed by Google. This is not an official Google product.
+Initial version of this plugin was developed by Google. This is not an official Google product.
diff --git a/docker-build/Dockerfile b/docker-build/Dockerfile
@@ -1,16 +1,10 @@
-FROM alpine:3.6
-
-LABEL description="Docker image for caddy+forwardproxy plugin."
-LABEL maintainer="[email protected]"
-
-RUN apk add --no-cache ca-certificates bash curl
-
-RUN curl --fail https://getcaddy.com | bash -s http.forwardproxy
-
-COPY gen_caddyfile_and_start.sh /bin/
-
-VOLUME /root/.caddy
-
-EXPOSE 80 443 2015
-
-ENTRYPOINT /bin/gen_caddyfile_and_start.sh
+FROM golang:1.14.15 AS builder
+RUN git clone https://github.com/caddyserver/forwardproxy.git
+WORKDIR /go/forwardproxy/cmd/caddy 
+RUN go build caddy.go
+
+FROM ubuntu:20.04
+COPY --from=builder /go/forwardproxy/cmd/caddy/caddy /usr/bin/caddy
+EXPOSE 80 443
+ENTRYPOINT ["/usr/bin/caddy"] 
+CMD ["-conf", "/etc/caddy/Caddyfile", "--log", "/dev/stdout", "--agree=true"]