๐Ÿ“ฆ dockur / stunnel

Stunnel in a Docker container

โ˜… 8 stars โ‘‚ 3 forks ๐Ÿ‘ 8 watching โš–๏ธ MIT License
dockerdocker-containerstunneltlstls-proxy
stunnel
๐Ÿ“ฅ Clone https://github.com/dockur/stunnel.git
HTTPS git clone https://github.com/dockur/stunnel.git
SSH git clone git@github.com:dockur/stunnel.git
CLI gh repo clone dockur/stunnel
ZIP Desktop VS Code
dependabot[bot] dependabot[bot] build(deps): Bump actions/checkout from 5 to 6 (#4) 76ccb99 16 days ago ๐Ÿ“ History
๐Ÿ“‚ master View all commits โ†’
๐Ÿ“ .github
๐Ÿ“„ .dockerignore
๐Ÿ“„ .gitignore
๐Ÿ“„ compose.yml
๐Ÿ“„ Dockerfile
๐Ÿ“„ license.md
๐Ÿ“„ readme.md
๐Ÿ“„ stunnel.sh
๐Ÿ“„ README.md

stunnel

[![Build]][build_url] [![Version]][tag_url] [![Size]][tag_url] [![Package]][pkg_url] [![Pulls]][hub_url]

Docker container of stunnel, a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs' code.

Usage ๐Ÿณ

Via Docker Compose:

services:
  stunnel:
    hostname: stunnel
    image: dockurr/stunnel
    container_name: stunnel
    environment:
      LISTEN_PORT: "853"
      CONNECT_PORT: "53"
      CONNECT_HOST: "1.1.1.1"
    volumes:
      - ./privkey.pem:/private.pem
      - ./certificate.pem:/cert.pem
    ports:
      - 853:853
    restart: always

Via Docker CLI:

docker run -it --rm --name stunnel -p 853:853 -e "LISTEN_PORT=853" -e "CONNECT_PORT=53" -e "CONNECT_HOST=1.1.1.1" -v "${PWD:-.}/privkey.pem:/private.pem" -v "${PWD:-.}/certificate.pem:/cert.pem" docker.io/dockurr/stunnel

Configuration โš™๏ธ

How do I select the mode?

Stunnel can operate in two modes. The server mode works as a transparent proxy in front of a server, so that clients that connect negotiate an TLS connection while the traffic forwarded to the destination server will be unencrypted.

The client mode does the opposite thing. Clients connecting to stunnel running in client mode can establish a plain text connection and stunnel will create an encrypted TLS tunnel to the destination server.

By default it will run in server mode, but to switch modes you can set the CLIENT variable like this:

environment:
  CLIENT: "yes"

How do I select the certificate?

When running in server mode, a certificate is needed. By default, a self-signed certificate will be generated, but you can supply your own .pem certificates by adding:

volumes:
  - ./privkey.pem:/private.pem
  - ./certificate.pem:/cert.pem

Instead of .pem files you can also use .crt/.key files:

volumes:
  - ./privkey.key:/private.key
  - ./certificate.crt:/cert.crt

How do I modify the permissions?

You can set UID and GID environment variables to change the user and group ID.

environment:
  UID: "1002"
  GID: "1005"

How do I modify other settings?

If you need more advanced features, you can completely override the default configuration by binding your custom config to the container like this:

volumes:
  - ./custom.conf:/stunnel.conf

Stars ๐ŸŒŸ

Stars