Skip to content
/ tinyproxy-docker Public

Lightweight Docker image for running Tinyproxy - a fast, minimal HTTP/HTTPS proxy server

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

niklasthorild/tinyproxy-docker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.github
.github
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Tinyproxy Docker Image

A lightweight Docker image for running Tinyproxy — a fast, minimal HTTP/HTTPS proxy server.

Quick start

Pull the prebuilt image from GitHub Container Registry and run it:

docker pull ghcr.io/niklasthorild/tinyproxy-docker:latest
docker run -d --name tinyproxy -p 8888:8888 -e TZ=UTC ghcr.io/niklasthorild/tinyproxy-docker:latest

Set your app/system proxy to http://localhost:8888.

Configuration

Use a custom config

Mount your own tinyproxy.conf into the container:

docker run -d --name tinyproxy \
  -p 8888:8888 \
  -e TZ=UTC \
  -v "$(pwd)/tinyproxy.conf:/etc/tinyproxy/tinyproxy.conf:ro" \
  ghcr.io/niklasthorild/tinyproxy-docker:latest

Common options in tinyproxy.conf:

  • Port 8888 — internal proxy port (must match your container port mapping)
  • Allow 127.0.0.1 or Allow 10.0.0.0/8 — restrict access
  • BasicAuth <user> <password> — simple auth (optional)

Docker Compose

services:
  tinyproxy:
    image: ghcr.io/niklasthorild/tinyproxy-docker:latest
    container_name: tinyproxy
    ports:
      - "8888:8888"
    environment:
      - TZ=UTC
    volumes:
      - ./tinyproxy.conf:/etc/tinyproxy/tinyproxy.conf:ro
    restart: unless-stopped

Start it:

docker compose up -d

Security

This image is built with container security best practices in mind and supports strict hardening features:

  • The container runs as a non-privileged user by default
  • Fully compatible with Docker's --user flag to specify exact UID/GID mappings
  • Can safely run with the --read-only=true flag to prevent tampering
  • Compatible with the --security-opt=no-new-privileges:true security option
  • Requires no special Linux capabilities and runs smoothly with --cap-drop=ALL
  • CI automatically re-builds the image weekly to make sure the latest security patches are applied

Hardened docker compose example:

services:
  tinyproxy:
    image: ghcr.io/niklasthorild/tinyproxy-docker:latest
    container_name: tinyproxy
    ports:
      - "8888:8888"
    environment:
      - TZ=UTC
    volumes:
      - ./tinyproxy.conf:/etc/tinyproxy/tinyproxy.conf:ro
    restart: unless-stopped
    # Security Hardening
    user: 1000:1000
    read_only: true
    security_opt:
      - no-new-privileges:true
    cap_drop:
      - ALL

Verify the proxy

# Should return your outbound IP via the proxy
curl -x http://localhost:8888 https://ifconfig.me

Manage the container

docker logs -f tinyproxy        # tail logs
docker stop tinyproxy           # stop
docker rm tinyproxy             # remove

About

Lightweight Docker image for running Tinyproxy - a fast, minimal HTTP/HTTPS proxy server

Topics

docker proxy container tinyproxy

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

 
 
 

Languages