热门搜索:
bwalia/wslproxy
bwalia
OpenResty-based API Gateway with Auto SSL, Reverse Proxy, and Admin Dashboard
下载次数: 0状态:社区镜像维护者:bwalia仓库类型:镜像最近更新:1 个月前
WSLProxy Docker Guide
Complete guide for deploying WSLProxy using Docker in various scenarios.
Quick Start
Pull Latest Image
bashdocker pull bwalia/wslproxy:latest
Run with Default Configuration
bashdocker run -d \ --name wslproxy \ -p 80:80 \ -p 443:443 \ -p 8080:8080 \ bwalia/wslproxy:latest
Available Docker Images
Main Images (Published to Docker Hub)
| Image | Purpose | Tags |
|---|---|---|
bwalia/wslproxy | Full WSLProxy OpenResty application | latest, <commit-sha> |
bwalia/wslproxy-alternate | WSLProxy alternate build variant | latest, <commit-sha> |
bwalia/node-app | Node.js sample backend API | latest, <commit-sha> |
bwalia/s3-browser-app | S3 browser application | latest, <commit-sha> |
Architecture Overview
┌─────────────────────────────────────────────────────────┐ │ wslproxy Container │ ├─────────────────────────────────────────────────────────┤ │ │ │ OpenResty (Nginx with Lua) │ │ ├─ SSL/TLS Termination (auto-ssl) │ │ ├─ Lua API Gateway │ │ ├─ Reverse Proxy │ │ ├─ Prometheus Metrics │ │ ├─ Traffic Logging & Analytics │ │ └─ Admin Dashboard (React) │ │ │ │ Port 80 - HTTP │ │ Port 443 - HTTPS │ │ Port 8080 - Admin Dashboard & Metrics │ │ │ └─────────────────────────────────────────────────────────┘ ↓ ↓ ↓ Upstream Servers Configuration Redis Cache
Deployment Scenarios
Scenario 1: Development Setup
Quick local development with hot-reload capabilities:
bashdocker-compose -f docker-compose-dev.yml up -d
See docker-compose-dev.yml below for details.
Features:
- Hot-reload of Lua files
- Volume mounts for development
- Redis for session storage
- Admin dashboard on http://localhost:8080
Scenario 2: Production Deployment
Single container production deployment:
bashdocker run -d \ --name wslproxy-prod \ --restart always \ -p 80:80 \ -p 443:443 \ -p 8080:8080 \ -e NGINX_CONFIG_DIR=/opt/nginx \ -v wslproxy-data:/opt/nginx/data \ -v wslproxy-certs:/etc/resty-auto-ssl \ bwalia/wslproxy:latest
With Redis backend:
bash# Start Redis docker run -d \ --name wslproxy-redis \ --restart always \ redis:alpine # Start WSLProxy with Redis docker run -d \ --name wslproxy-prod \ --restart always \ --link wslproxy-redis:redis \ -p 80:80 \ -p 443:443 \ -p 8080:8080 \ -e REDIS_HOST=redis \ -e REDIS_PORT=6379 \ -v wslproxy-data:/opt/nginx/data \ -v wslproxy-certs:/etc/resty-auto-ssl \ bwalia/wslproxy:latest
Scenario 3: Kubernetes Deployment
Using Helm chart (recommended):
bashhelm install wslproxy ./infra/helm-charts/wslproxy \ -n wslproxy \ --create-namespace \ -f values-prod.yaml
See infra/helm-charts/wslproxy/ for Helm configuration.
Scenario 4: Multi-Node Cluster with Persistent Storage
Using Docker Compose with shared volumes:
yamlversion: '3.8' services: wslproxy-1: image: bwalia/wslproxy:latest ports: - "80:80" - "443:443" - "8080:8080" volumes: - wslproxy-config:/opt/nginx - wslproxy-certs:/etc/resty-auto-ssl environment: REDIS_HOST: redis NGINX_CONFIG_DIR: /opt/nginx depends_on: - redis wslproxy-2: image: bwalia/wslproxy:latest ports: - "8080:80" - "8443:443" - "8081:8080" volumes: - wslproxy-config:/opt/nginx - wslproxy-certs:/etc/resty-auto-ssl environment: REDIS_HOST: redis NGINX_CONFIG_DIR: /opt/nginx depends_on: - redis redis: image: redis:alpine volumes: - redis-data:/data volumes: wslproxy-config: wslproxy-certs: redis-data:
Configuration
Environment Variables
| Variable | Default | Purpose |
|---|---|---|
NGINX_CONFIG_DIR | /opt/nginx | Configuration directory path |
REDIS_HOST | localhost | Redis server hostname |
REDIS_PORT | 6379 | Redis server port |
DNS_RESOLVER | 127.0.0.11 | DNS resolver for requests |
PRIMARY_DNS_RESOLVER | 8.8.8.8 | Primary DNS for ACME |
SECONDARY_DNS_RESOLVER | 8.8.4.4 | Secondary DNS for ACME |
SSL_STAGING | false | Use Let's Encrypt staging environment |
SSL_OCSP_STAPLING | true | Enable OCSP stapling |
Volume Mounts
bash# Data persistence -v /path/to/config:/opt/nginx/data # SSL certificates (auto-renewing) -v /path/to/certs:/etc/resty-auto-ssl # Configuration files -v /path/to/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf # Custom Lua scripts -v /path/to/api:/usr/local/openresty/nginx/html/api
Settings File (settings.json)
The container requires a settings.json file in the data volume:
json{ "instance_id": "my-proxy", "instance_name": "My Proxy Instance", "env_profile": "prod", "redis_host": "redis", "storage_type": "disk", "env_vars": { "REDIS_HOST": "redis", "REDIS_PORT": 6379, "CONTROL_PLANE_API_URL": "https://example.com/api", "FRONT_URL": "https://example.com" }, "super_user": { "email": "admin@example.com", "password": "hashed_password", "username": "admin" } }
Port Mappings
| Port | Protocol | Purpose |
|---|---|---|
| 80 | HTTP | Standard web traffic |
| 443 | HTTPS | Encrypted web traffic |
| 8080 | HTTP | Admin Dashboard & Prometheus metrics |
| 8500 | HTTP | Consul API (optional) |
Health Checks
Container Health
bashdocker exec wslproxy curl -f http://localhost:8080/health || exit 1
Nginx Configuration Test
bashdocker exec wslproxy openresty -t
API Health Check
bashcurl -s http://localhost:8080/api/health
Logging
View Logs
bash# Real-time logs docker logs -f wslproxy # Last 100 lines docker logs --tail 100 wslproxy # With timestamps docker logs -f -t wslproxy
Access Nginx Error Log
bashdocker exec wslproxy tail -f /usr/local/openresty/nginx/logs/error.log
Access Nginx Access Log
bashdocker exec wslproxy tail -f /usr/local/openresty/nginx/logs/access.log
Monitoring & Metrics
Prometheus Metrics
bashcurl http://localhost:8080/metrics
Metrics Available
nginx_http_requests_total- Total HTTP requestsnginx_http_request_duration_seconds- Request latencynginx_http_request_size_bytes- Request sizenginx_http_response_size_bytes- Response sizenginx_http_errors_total- Total errors by status code
Upgrading
Pull Latest Version
bashdocker pull bwalia/wslproxy:latest
Update Running Container
bash# Stop old container docker stop wslproxy # Remove old container (if needed) docker rm wslproxy # Start new container docker run -d \ --name wslproxy \ -p 80:80 \ -p 443:443 \ -p 8080:8080 \ -v wslproxy-data:/opt/nginx/data \ -v wslproxy-certs:/etc/resty-auto-ssl \ bwalia/wslproxy:latest
Zero-Downtime Upgrade (with load ***)
bash# 1. Start new container docker run -d --name wslproxy-new bwalia/wslproxy:latest # 2. Point load balancer to new container # 3. Wait for requests to drain from old container # 4. Stop old container docker stop wslproxy # 5. Rename new container docker rename wslproxy-new wslproxy
Troubleshooting
Container Won't Start
bash# Check logs docker logs wslproxy # Check if Nginx configuration is valid docker exec wslproxy openresty -t # Check port availability netstat -tuln | grep -E ':(80|443|8080)'
High Memory Usage
bash# Check memory usage docker stats wslproxy # Reduce worker processes # Modify nginx.conf: worker_processes auto; → worker_processes 2;
SSL Certificate Issues
bash# Check certificate directory docker exec wslproxy ls -la /etc/resty-auto-ssl # View certificate details docker exec wslproxy openssl x509 -in /etc/resty-auto-ssl/certs/example.com.crt -text -noout
DNS Resolution Issues
bash# Test DNS inside container docker exec wslproxy nslookup google.com # Check resolver configuration docker exec wslproxy cat /usr/local/openresty/nginx/conf/nginx.conf | grep resolver
Security Best Practices
-
Use specific image tags (not
latestin production)bashdocker run bwalia/wslproxy:abc123def456 -
Run as non-root (already configured in image)
bashdocker run --user nobody bwalia/wslproxy:latest -
Use read-only filesystem where possible
bashdocker run --read-only --tmpfs /tmp bwalia/wslproxy:latest -
Restrict capabilities
bashdocker run --cap-drop=ALL --cap-add=NET_BIND_SERVICE \ bwalia/wslproxy:latest -
Use secrets for sensitive data
bashdocker run \ --secret db_password \ -e DB_PASSWORD_FILE=/run/secrets/db_password \ bwalia/wslproxy:latest -
Regular updates
bashdocker pull bwalia/wslproxy:latest docker-compose up -d # Automatically uses latest
Docker Compose Templates
Development (docker-compose-dev.yml)
yamlversion: '3.8' services: wslproxy: build: context: . dockerfile: Dockerfile args: APP_ENV: dev ports: - "80:80" - "443:443" - "8080:8080" volumes: - ./api:/usr/local/openresty/nginx/html/api - ./html:/usr/local/openresty/nginx/html - ./openresty-admin/src:/usr/local/openresty/nginx/html/openresty-admin/src - ./data:/opt/nginx/data - wslproxy-certs:/etc/resty-auto-ssl environment: NGINX_CONFIG_DIR: /opt/nginx REDIS_HOST: redis REDIS_PORT: 6379 depends_on: - redis redis: image: redis:alpine ports: - "6379:6379" volumes: - redis-data:/data
Production (docker-compose-prod.yml)
yamlversion: '3.8' services: wslproxy: image: bwalia/wslproxy:latest restart: always ports: - "80:80" - "443:443" - "8080:8080" volumes: - wslproxy-data:/opt/nginx/data - wslproxy-certs:/etc/resty-auto-ssl environment: NGINX_CONFIG_DIR: /opt/nginx REDIS_HOST: redis REDIS_PORT: 6379 depends_on: - redis healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s redis: image: redis:alpine restart: always volumes: - redis-data:/data command: redis-server --appendonly yes volumes: wslproxy-data: wslproxy-certs: redis-data:
Building from Source
Build Image Locally
bashdocker build -t wslproxy:dev .
Build with Specific Environment
bashdocker build \ --build-arg APP_ENV=prod \ -t wslproxy:prod \ .
Build Multiple Architectures (with buildx)
bashdocker buildx build \ --platform linux/amd64,linux/arm64 \ -t bwalia/wslproxy:latest \ --push \ .
CI/CD Pipeline
Images are automatically built and pushed to Docker Hub on:
- Every push to
mainbranch - Manual workflow dispatch
See .github/workflows/k3s-build-push-deploy.yaml for automation details.
Tags Applied
bwalia/wslproxy:latest- Latest versionbwalia/wslproxy:<commit-sha>- Specific commit
Support & Issues
For issues, bugs, or feature requests:
- Check existing issues on GitHub
- Review logs:
docker logs wslproxy - Test Nginx configuration:
docker exec wslproxy openresty -t - Create detailed bug report with logs
License
See LICENSE file for details.
镜像拉取方式
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
DockerHub 原生拉取命令
docker pull bwalia/wslproxy:<标签>
轩辕镜像配置手册
探索更多轩辕镜像的使用方法,找到最适合您系统的配置方式
Docker 配置
登录仓库拉取
通过 Docker 登录认证访问私有仓库
专属域名拉取
无需登录使用专属域名
K8s Containerd
Kubernetes 集群配置 Containerd
K3s
K3s 轻量级 Kubernetes 镜像加速
Dev Containers
VS Code Dev Containers 配置
Podman
Podman 容器引擎配置
Singularity/Apptainer
HPC 科学计算容器配置
其他仓库配置
ghcr、Quay、nvcr 等镜像仓库
Harbor 镜像源配置
Harbor Proxy Repository 对接专属域名
Portainer 镜像源配置
Portainer Registries 加速拉取
Nexus 镜像源配置
Nexus3 Docker Proxy 内网缓存
系统配置
需要其他帮助?请查看我们的 常见问题Docker 镜像访问常见问题解答 或 提交工单
镜像拉取常见问题
使用与功能问题
配置了专属域名后,docker search 为什么会报错?
docker search 限制
Docker Hub 上有的镜像,为什么在轩辕镜像网站搜不到?
站内搜不到镜像
机器不能直连外网时,怎么用 docker save / load 迁镜像?
离线 save/load
docker pull 拉插件报错(plugin v1+json)怎么办?
插件要用 plugin install
WSL 里 Docker 拉镜像特别慢,怎么排查和优化?
WSL 拉取慢
轩辕镜像安全吗?如何用 digest 校验镜像没被篡改?
安全与 digest
第一次用轩辕镜像拉 Docker 镜像,要怎么登录和配置?
新手拉取配置
轩辕镜像合规吗?轩辕镜像的合规是怎么做的?
镜像合规机制
错误码与失败问题
docker pull 提示 manifest unknown 怎么办?
manifest unknown
docker pull 提示 no matching manifest 怎么办?
no matching manifest(架构)
镜像已拉取完成,却提示 invalid tar header 或 failed to register layer 怎么办?
invalid tar header(解压)
Docker pull 时 HTTPS / TLS 证书验证失败怎么办?
TLS 证书失败
Docker pull 时 DNS 解析超时或连不上仓库怎么办?
DNS 超时
docker 无法连接轩辕镜像域名怎么办?
域名连通性排查
Docker 拉取出现 410 Gone 怎么办?
410 Gone 排查
出现 402 或「流量用尽」提示怎么办?
402 与流量用尽
Docker 拉取提示 UNAUTHORIZED(401)怎么办?
401 认证失败
遇到 429 Too Many Requests(请求太频繁)怎么办?
429 限流
docker login 提示 Cannot autolaunch D-Bus,还算登录成功吗?
D-Bus 凭证提示
为什么会出现「单层超过 20GB」或 413,无法加速拉取?
413 与超大单层
账号 / 计费 / 权限
用户好评
来自真实用户的反馈,见证轩辕镜像的优质服务
oldzhang
运维工程师
Linux服务器
5
"Docker访问体验非常流畅,大镜像也能快速完成下载。"