├── .gitignore
├── Dockerfile
├── LICENSE
├── README.md
├── preprocess.py
└── supervisord
    ├── dnsmasq.conf
    └── haproxy.conf


/.gitignore:
--------------------------------------------------------------------------------
1 | hosts
2 | config.json
3 | 


--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM ubuntu:trusty
 2 | 
 3 | RUN apt-get update -qq && apt-get install -y software-properties-common
 4 | RUN add-apt-repository -y ppa:vbernat/haproxy-1.5
 5 | RUN apt-get update -qq && apt-get install -y haproxy dnsmasq iptables git php5-cli supervisor
 6 | 
 7 | RUN git clone https://github.com/trick77/tunlr-style-dns-unblocking.git tunlr
 8 | 
 9 | WORKDIR /tunlr/
10 | 
11 | ADD config.json /tunlr/
12 | RUN php5 genconf.php pure-sni
13 | 
14 | RUN sed -i "s/\/dev\/log/127.0.0.1/" haproxy.conf
15 | RUN sed -i "s/bind [0-9\.]\+/bind */" haproxy.conf
16 | RUN sed -i "s/daemon//" haproxy.conf
17 | RUN mv haproxy.conf /etc/haproxy/haproxy.cfg
18 | 
19 | RUN echo "user=root" >> /etc/dnsmasq.conf
20 | RUN cat dnsmasq-haproxy.conf >> /etc/dnsmasq.conf
21 | 
22 | ADD supervisord/haproxy.conf /etc/supervisor/conf.d/
23 | ADD supervisord/dnsmasq.conf /etc/supervisor/conf.d/
24 | 
25 | EXPOSE 53 80 443
26 | 
27 | CMD /usr/bin/supervisord -nc /etc/supervisor/supervisord.conf
28 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2014 Stavros Korokithakis
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 
23 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | netproxy
 2 | ========
 3 | 
 4 | netproxy is a Netflix/Hulu/Pandora/etc proxy in a box. Simply build the Docker image on a US server, set your
 5 | computer's DNS IP to it, and enjoy your favorite US-only sites.
 6 | 
 7 | netproxy uses the excellent `tunlr-style-dns-unblocking` script to do the heavy lifting, calling it behind the scenes
 8 | to set up a Docker container:
 9 | 
10 | https://github.com/trick77/tunlr-style-dns-unblocking/
11 | 
12 | Running
13 | --------
14 | 
15 | Running netproxy is easy. If you have Docker installed, just clone the repository *on your server*, run the
16 | `preprocess.py` script:
17 | 
18 |     python preprocess.py
19 | 
20 | What this will do is download TSDU's config.json file, change a few entries and write it out, for the Dockerfile to
21 | use. It will also autodetect your server's IP and write it in the config file, so make sure you double-check that and
22 | change it if it's wrong, before building the image with:
23 | 
24 |     docker build -t skorokithakis/netproxy .
25 | 
26 | Once building is done, run:
27 | 
28 |     docker run -p 53:53/udp -p 80:80 -p 443:443 -d skorokithakis/netproxy
29 | 
30 | and that's pretty much it! You are now ready to connect to it. Set your computer's primary DNS server to your server's
31 | IP, and you can watch all the Netflix you want.
32 | 
33 | Caveats
34 | -------
35 | There are two problems with this setup:
36 | 
37 | 1) Running a DNS server exposed to the entire internet is a very bad idea.
38 | 2) Setting your primary DNS to a server in the US will slow your internet down significantly.
39 | 
40 | To avoid these problems, you can change your hosts file to point everything to your netproxy IP, and you can omit
41 | forwarding port 53. That means you should run docker like so:
42 | 
43 |     docker run -p 80:80 -p 443:443 -d skorokithakis/netproxy
44 | 
45 | which should be much safer and faster. The hosts file entries will be generated when you run `preprocess.py` in the
46 | directory of the script, so just append them to your normal hosts file *on your local machine* (the one you want to
47 | watch on) like so:
48 | 
49 |     sudo cat hosts >> /etc/hosts
50 | 
51 | And everything should now go through the proxy.
52 | 


--------------------------------------------------------------------------------
/preprocess.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | 
 3 | import argparse
 4 | import json
 5 | import re
 6 | import string
 7 | import random
 8 | import urllib2
 9 | 
10 | 
11 | def main(external_ip=None, config_file=None):
12 |     if config_file:
13 |         json_config = config_file.read()
14 |     else:
15 |         # Download TSDU's config.json.
16 |         print("Downloading configuration...")
17 |         json_config = urllib2.urlopen("https://raw.githubusercontent.com/trick77/tunlr-style-dns-unblocking/master/config.json").read()
18 |     # Remove comments.
19 |     json_config = re.sub("//.*", "", json_config, re.MULTILINE)
20 |     config = json.loads(json_config)
21 | 
22 |     if external_ip is None:
23 |         # Add our IP.
24 |         try:
25 |             print("Autodetecting external IP address...")
26 |             external_ip = urllib2.urlopen("http://checkip.dyndns.org/").read()
27 |             external_ip = re.search("IP Address: (.*?)<", external_ip).group(1)
28 |             print("Detected external IP as %s, using that. If it's wrong, please replace it in config.json before building." % external_ip)
29 |         except:
30 |             print("Could not detect external IP. Please change the haproxy_bind_ip setting in config.json before building.")
31 |             external_ip = "YOUR IP HERE"
32 | 
33 |     config["haproxy_bind_ip"] = external_ip
34 | 
35 |     # Change the stats password.
36 |     config["stats"]["password"] = ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(8))
37 | 
38 |     print("HAProxy stats password is %s, please make a note of it." % config["stats"]["password"])
39 | 
40 |     # Write it out.
41 |     open("config.json", "w").write(json.dumps(config, sort_keys=True, indent=2, separators=(',', ': ')))
42 | 
43 |     print("Creating hosts file...")
44 | 
45 |     # Create the hosts file lines.
46 |     lines = ["%s %s\n" % (config["haproxy_bind_ip"], proxy["dest_addr"]) for proxy in config["proxies"]]
47 | 
48 |     hosts = open("hosts", "w")
49 |     hosts.write("\n\n# netproxy IP section\n")
50 |     hosts.writelines(lines)
51 |     hosts.close()
52 | 
53 |     print("Done!")
54 | 
55 | if __name__ == "__main__":
56 |     parser = argparse.ArgumentParser(description="Preprocess the netproxy config.")
57 |     parser.add_argument("-e", "--externalip", metavar="IP", type=str, help="The external IP of the server (autodetected if not specified)")
58 |     parser.add_argument("-f", "--configfile", type=file, help="local config.json to drive haproxy configuration.  download from trick77 if not specifed")
59 |     args = parser.parse_args()
60 |     main(external_ip=args.externalip, config_file=args.configfile)
61 | 


--------------------------------------------------------------------------------
/supervisord/dnsmasq.conf:
--------------------------------------------------------------------------------
1 | [program:dnsmasq]
2 | command=/usr/sbin/dnsmasq -k
3 | autostart=true
4 | autorestart=true
5 | user=root
6 | 


--------------------------------------------------------------------------------
/supervisord/haproxy.conf:
--------------------------------------------------------------------------------
1 | [program:haproxy]
2 | command=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -n 4096 -N 4096
3 | autostart=true
4 | autorestart=true
5 | user=root
6 | 


--------------------------------------------------------------------------------