Replace TinyProxy with 3proxy and update configuration

claffin · claffin · commit 3b8057928b56 · 2025-02-24T08:08:53.000Z
diff --git a/cloudproxy/providers/config.py b/cloudproxy/providers/config.py
@@ -12,14 +12,20 @@ def set_auth(username, password):
         filedata = file.read()
 
     if settings.config["no_auth"]:
-        filedata = filedata.replace("\nsudo sed -i 's/#BasicAuth user pass.*/BasicAuth username password/g' /etc/tinyproxy/tinyproxy.conf", "")
+        # Remove auth configuration for 3proxy
+        filedata = filedata.replace('users username:CL:password\nauth strong cache 60\n', '')
+        filedata = filedata.replace('allow username * *', 'allow * * *')
     else:
+        # Replace username and password in 3proxy config
         filedata = filedata.replace("username", username)
         filedata = filedata.replace("password", password)
 
     if settings.config["only_host_ip"]:
         ip_address = requests.get('https://ipecho.net/plain').text.strip()
+        # Update UFW rules
         filedata = filedata.replace("sudo ufw allow 22/tcp", f"sudo ufw allow from {ip_address} to any port 22 proto tcp")
         filedata = filedata.replace("sudo ufw allow 8899/tcp", f"sudo ufw allow from {ip_address} to any port 8899 proto tcp")
+        # Update 3proxy access rule to require both username and IP
+        filedata = filedata.replace("allow username * *", f"allow username * {ip_address}")
 
     return filedata
diff --git a/cloudproxy/providers/user_data.sh b/cloudproxy/providers/user_data.sh
@@ -1,13 +1,40 @@
 #!/bin/bash
 sudo apt-get -y update
-sudo apt-get install -y ca-certificates tinyproxy
-sudo sed -i 's/Port 8888/Port 8899/g' /etc/tinyproxy/tinyproxy.conf
-sudo sed -i 's/Allow 127.0.0.1/#Allow 127.0.0.1/g' /etc/tinyproxy/tinyproxy.conf
-sudo sed -i 's/Allow ::1/#Allow ::1/g' /etc/tinyproxy/tinyproxy.conf
-sudo sed -i 's/#BasicAuth user pass.*/BasicAuth username password/g' /etc/tinyproxy/tinyproxy.conf
-sudo sed -i 's/#DisableViaHeader Yes/DisableViaHeader Yes/g' /etc/tinyproxy/tinyproxy.conf
-sudo systemctl restart tinyproxy
+sudo apt-get install -y ca-certificates 3proxy
+
+# Create 3proxy config directory and config
+sudo mkdir -p /etc/3proxy
+sudo cat > /etc/3proxy/3proxy.cfg << EOF
+# Main settings
+daemon
+maxconn 100
+nserver 1.1.1.1
+nserver 8.8.8.8
+nscache 65536
+timeouts 1 5 30 60 180 1800 15 60
+
+# Access control and authentication
+users username:CL:password
+auth strong cache 60
+
+# Privacy settings
+deny * * 127.0.0.1,192.168.1.1-192.168.255.255
+# IP-based access will be configured here if enabled
+allow username * *
+
+# Proxy settings
+proxy -p8899 -n -a
+EOF
+
+# Create log directory
+sudo mkdir -p /var/log/3proxy
+
+# Setup firewall
 sudo ufw default deny incoming
 sudo ufw allow 22/tcp
 sudo ufw allow 8899/tcp
 sudo ufw --force enable
+
+# Start service
+sudo systemctl enable 3proxy
+sudo systemctl start 3proxy
