├── Dockerfile ├── LICENSE ├── README.md ├── conf ├── conf.d │ └── default.conf ├── mime.types └── nginx.conf └── docker-compose.yml /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:jessie 2 | 3 | # Let's install nginx from source! 4 | 5 | # Setup build 6 | WORKDIR /tmp/nginx 7 | RUN apt-get -y update && apt-get -y install build-essential 8 | 9 | # Get nginx's and ngx_http_substitutions_filter_module's source 10 | ADD http://nginx.org/download/nginx-1.9.5.tar.gz nginx-1.9.5.tar.gz 11 | ADD https://github.com/yaoweibin/ngx_http_substitutions_filter_module/archive/v0.6.4.tar.gz ngx_http_substitutions_filter_module-0.6.4.tar.gz 12 | RUN tar xzf nginx-1.9.5.tar.gz 13 | RUN tar xzf ngx_http_substitutions_filter_module-0.6.4.tar.gz 14 | 15 | # Install extra build dependencies 16 | RUN apt-get -y install libpcre3-dev libssl-dev zlib1g-dev 17 | 18 | # Compile and install! 19 | WORKDIR /tmp/nginx/nginx-1.9.5 20 | RUN ./configure \ 21 | --with-http_ssl_module \ 22 | --add-module=../ngx_http_substitutions_filter_module-0.6.4 \ 23 | && make install 24 | RUN ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx 25 | 26 | # Clean up the build 27 | RUN rm -rf /tmp/nginx 28 | 29 | # Let's replace the default configuration with ours 30 | WORKDIR / 31 | COPY conf /usr/local/nginx/conf 32 | 33 | # And we should be good to go! 34 | CMD ["nginx"] 35 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 hackEDU 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | this software and associated documentation files (the "Software"), to deal in 7 | the Software without restriction, including without limitation the rights to 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | the Software, and to permit persons to whom the Software is furnished to do so, 10 | subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Surrogate 2 | 3 | _This repository has been deprecated and merged with an internal nginx proxy. https://surrogate.hackedu.us remains online, just not with this code._ 4 | 5 | --- 6 | 7 | We've run into the issue where some schools block APIs that our workshops use 8 | (like Twilio). Surrogate is our way of making those workshops work. 9 | 10 | Surrogate is an HTTP proxy that we use to bypass school networks in our 11 | workshops. 12 | 13 | ## License 14 | 15 | See [LICENSE](LICENSE). 16 | -------------------------------------------------------------------------------- /conf/conf.d/default.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80 default_server; 3 | 4 | location /elb-status { 5 | access_log off; 6 | return 200 'A-OK!'; 7 | add_header Content-Type text/plain; 8 | } 9 | 10 | location /robots.txt { 11 | return 200 "User-agent: *\nDisallow: /"; 12 | } 13 | 14 | location /api.twilio.com/ { 15 | proxy_pass https://api.twilio.com/; 16 | } 17 | 18 | location /get.tech/ { 19 | if ($request_method = 'OPTIONS') { 20 | add_header 'Access-Control-Allow-Origin' '*'; 21 | add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; 22 | # 23 | # Custom headers and headers various browsers *should* be OK with but aren't 24 | # 25 | add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; 26 | # 27 | # Tell client that this pre-flight info is valid for 20 days 28 | # 29 | add_header 'Access-Control-Max-Age' 1728000; 30 | add_header 'Content-Type' 'text/plain charset=UTF-8'; 31 | add_header 'Content-Length' 0; 32 | return 204; 33 | } 34 | 35 | if ($request_method = 'POST') { 36 | add_header 'Access-Control-Allow-Origin' '*'; 37 | add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; 38 | add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; 39 | } 40 | 41 | if ($request_method = 'GET') { 42 | add_header 'Access-Control-Allow-Origin' '*'; 43 | add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; 44 | add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; 45 | } 46 | 47 | proxy_pass http://get.tech/; 48 | } 49 | 50 | # This can be changed to "~ ^/([A-z]*\.|)imgur.com" to allow any Imgur subdomain. 51 | # 52 | # It's currently limited to i.imgur.com to prevent abuse. 53 | location /i.imgur.com/ { 54 | rewrite ^/([A-z]*\.|)imgur.com(.*)$ $2 break; 55 | 56 | proxy_set_header Accept-Encoding ''; 57 | 58 | subs_filter_types text/css application/javascript; 59 | subs_filter ([A-z]+\.|)imgur.com surrogate.hackedu.us/$1imgur.com r; 60 | subs_filter \"/([A-z]) \"//surrogate.hackedu.us/imgur.com/$1 r; 61 | 62 | resolver 8.8.8.8; 63 | proxy_pass https://$1imgur.com; 64 | } 65 | 66 | location ~ ^/([A-z0-9]*\.|)giphy.com { 67 | rewrite ^/([A-z0-9]*\.|)giphy.com(.*)$ $2 break; 68 | 69 | proxy_set_header Accept-Encoding ''; 70 | 71 | subs_filter_types text/css application/javascript application/json; 72 | subs_filter ([A-z0-9]+\.|)giphy.com surrogate.hackedu.us/$1giphy.com r; 73 | subs_filter \"/([A-z]) \"//surrogate.hackedu.us/giphy.com/$1 r; 74 | 75 | resolver 8.8.8.8; 76 | proxy_pass https://$1giphy.com; 77 | } 78 | 79 | location / { 80 | return 200 "Hello there! See https://github.com/hackclub/surrogate for details on what I am."; 81 | add_header Content-Type text/plain; 82 | } 83 | } 84 | -------------------------------------------------------------------------------- /conf/mime.types: -------------------------------------------------------------------------------- 1 | types { 2 | text/html html htm shtml; 3 | text/css css; 4 | text/xml xml; 5 | image/gif gif; 6 | image/jpeg jpeg jpg; 7 | application/javascript js; 8 | application/atom+xml atom; 9 | application/rss+xml rss; 10 | 11 | text/mathml mml; 12 | text/plain txt; 13 | text/vnd.sun.j2me.app-descriptor jad; 14 | text/vnd.wap.wml wml; 15 | text/x-component htc; 16 | 17 | image/png png; 18 | image/tiff tif tiff; 19 | image/vnd.wap.wbmp wbmp; 20 | image/x-icon ico; 21 | image/x-jng jng; 22 | image/x-ms-bmp bmp; 23 | image/svg+xml svg svgz; 24 | image/webp webp; 25 | 26 | application/font-woff woff; 27 | application/java-archive jar war ear; 28 | application/json json; 29 | application/mac-binhex40 hqx; 30 | application/msword doc; 31 | application/pdf pdf; 32 | application/postscript ps eps ai; 33 | application/rtf rtf; 34 | application/vnd.apple.mpegurl m3u8; 35 | application/vnd.ms-excel xls; 36 | application/vnd.ms-fontobject eot; 37 | application/vnd.ms-powerpoint ppt; 38 | application/vnd.wap.wmlc wmlc; 39 | application/vnd.google-earth.kml+xml kml; 40 | application/vnd.google-earth.kmz kmz; 41 | application/x-7z-compressed 7z; 42 | application/x-cocoa cco; 43 | application/x-java-archive-diff jardiff; 44 | application/x-java-jnlp-file jnlp; 45 | application/x-makeself run; 46 | application/x-perl pl pm; 47 | application/x-pilot prc pdb; 48 | application/x-rar-compressed rar; 49 | application/x-redhat-package-manager rpm; 50 | application/x-sea sea; 51 | application/x-shockwave-flash swf; 52 | application/x-stuffit sit; 53 | application/x-tcl tcl tk; 54 | application/x-x509-ca-cert der pem crt; 55 | application/x-xpinstall xpi; 56 | application/xhtml+xml xhtml; 57 | application/xspf+xml xspf; 58 | application/zip zip; 59 | 60 | application/octet-stream bin exe dll; 61 | application/octet-stream deb; 62 | application/octet-stream dmg; 63 | application/octet-stream iso img; 64 | application/octet-stream msi msp msm; 65 | 66 | application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; 67 | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; 68 | application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; 69 | 70 | audio/midi mid midi kar; 71 | audio/mpeg mp3; 72 | audio/ogg ogg; 73 | audio/x-m4a m4a; 74 | audio/x-realaudio ra; 75 | 76 | video/3gpp 3gpp 3gp; 77 | video/mp2t ts; 78 | video/mp4 mp4; 79 | video/mpeg mpeg mpg; 80 | video/quicktime mov; 81 | video/webm webm; 82 | video/x-flv flv; 83 | video/x-m4v m4v; 84 | video/x-mng mng; 85 | video/x-ms-asf asx asf; 86 | video/x-ms-wmv wmv; 87 | video/x-msvideo avi; 88 | } 89 | -------------------------------------------------------------------------------- /conf/nginx.conf: -------------------------------------------------------------------------------- 1 | worker_processes 1; 2 | daemon off; 3 | 4 | error_log /dev/stdout info; 5 | pid /var/run/nginx.pid; 6 | 7 | events { 8 | worker_connections 1024; 9 | } 10 | 11 | http { 12 | include /usr/local/nginx/conf/mime.types; 13 | default_type application/octet-stream; 14 | 15 | log_format main '$remote_addr - $remote_user [$time_local] ' 16 | '"$request_method $host $request_uri" ' 17 | '$status $body_bytes_sent "$http_referer" ' 18 | '"$http_user_agent" "$http_x_forwarded_for"'; 19 | 20 | access_log /dev/stdout main; 21 | 22 | proxy_buffering on; 23 | proxy_buffer_size 8k; 24 | proxy_buffers 2048 8k; 25 | 26 | sendfile on; 27 | #tcp_nopush on; 28 | 29 | keepalive_timeout 65; 30 | 31 | #gzip on; 32 | 33 | include /usr/local/nginx/conf/conf.d/*.conf; 34 | } 35 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | main: 2 | build: . 3 | ports: 4 | - 80:80 5 | - 443:80 6 | volumes: 7 | - ./conf:/usr/local/nginx/conf 8 | --------------------------------------------------------------------------------