To build a certain image I need to create a tunnel and make docker use this tunnel as a socks5 proxy (to use the proxy for DNS too).
So now i've got several problems:
Since I spent all day researching this, here are the answers.
I will leave the partially incomplete/wrong/old answer below, since I set up a new system today and needed to figure out all of the questions again because some parts of the old answer didn't make sense anymore.
Using localhost:port
does not work. Until this issue is resolved, you need to use the IP address of your docker0 network interface (172.17.0.1
in my case). If your host OS is linux, you can use localhost:port
by passing additional --network=host
parameter to docker build
as mentioned in some other answer.
and 3. Just put this content (change IP and port if needed) into ~/.docker/config.json
(notice that the protocol is socks5h)
{
"proxies":
{
"default":
{
"httpProxy": "socks5h://172.17.0.1:3128",
// or "httpProxy": "socks5h://localhost:3128", with --network=host
"httpsProxy": "socks5h://172.17.0.1:3128",
"noProxy": ""
}
}
}
ADD
command is executed with the (proxy) environment variables of the host, ignoring those in config.json
. To make things more complicated, since the daemon is usually running with the root
user, only root
user's environment variables are picked up. Even more complicated because the host of course needs to use localhost as host for the proxy. And the cherry on top: the protocol needs to be socks5
(missing the h
at the end) in this case for whatever reason.In my case, since I switched to WSL2 and use docker within WSL2 (starting the dockerd
docker daemon manually), I just export the needed environment variable before the call to dockerd
:
#!/bin/bash
# Start Docker daemon automatically when logging in if not running.
RUNNING=`ps aux | grep dockerd | grep -v grep`
if [ -z "$RUNNING" ]; then
unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY
export http_proxy=socks5h://localhost:30000
sudo -E dockerd > /dev/null 2>&1 &
disown
fi
If you have the "regular" setup on a linux machine, you could use the old answer to 4., but beware the probably there you also need to use localhost.
Incomplete/wrong/old answer starting here
~/.docker/config.json
(notice that the protocol is socks5h) {
"proxies":
{
"default":
{
"httpProxy": "socks5h://172.17.0.1:3128",
"httpsProxy": "socks5h://172.17.0.1:3128",
"noProxy": ""
}
}
}
dockerd
is running as root and it does not pick up proxy environment variables from the regular user), but for the ADD instruction the former settings to not apply (names do not get resolved through proxy). We need to put this content into /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=socks5://172.17.0.1:3128/"
then
sudo systemctl daemon-reload
sudo systemctl restart docker
(This is just wrong/unneeded with answer 2.)Also, for package managers like yum
to be able to update the packages during build, you need to pass the environment variable like this:
docker build --build-arg http_proxy=socks5://172.17.0.1:3128