docker-cfw-proxy

A Lightweight docker image for connecting to CloudFlare WARP troughSocks,HTTPandShadowsocksproxy protocols

---

• Features
• Build locally
• Image
• Environment variables
• Ports
• Usage
  • Docker Compose
  • Command line
• WARP+ license
• Upgrade
• Contributing
• License

Features

• SupportSocks5,HTTPandShadowsocksproxy protocols
• Apply license key to use existingWarp+subscription
• Multi-platform image

Build locally

git clone https://github.com/shahradelahi/docker-cfw-proxy
cddocker-cfw-proxy

#Build image and output to docker (default)
docker buildx bake

#Build multi-platform image
docker buildx bake image-all

Image

Registry	Image
Docker Hub	shahradel/cfw-proxy
GitHub Container Registry	ghcr.io/shahradelahi/cfw-proxy

Following platforms for this image are available:

$ docker run --rm mplatform/mquery shahradel/cfw-proxy:latest
Image: shahradel/cfw-proxy:latest
* Manifest List: Yes (Image type: application/vnd.oci.image.index.v1+json)
* Supported platforms:
- linux/amd64
- linux/arm/v6
- linux/arm/v7
- linux/arm64
- linux/386
- linux/s390x

Environment variables

• TZ:Timezone assigned to the container (defaultUTC)
• PROXY_USERNAME:The username ofSocks5andHTTPproxy (defaultawesome-username)
• PROXY_PASSWORD:The password of all proxy protocols (defaultsuper-secret-password)
• SOCKS5_PORT:The port ofSocks5proxy (default1080)
• HTTP_PORT:The port ofHTTPproxy (default8080)
• SHADOWSOCKS_PORT:The port ofShadowsocksproxy (default8338)
• SHADOWSOCKS_CIPHER:The cipher ofShadowsocksproxy (defaultAES-256-CFB)
• WGCF_ENDPOINT:Theendpointof the WARP endpoint (defaultengage.cloudflareclient.com:2408)
• WGCF_ENDPOINT_CIDR:Thecidrof the WARP endpoint (default162.159.192.0/24)
• WGCF_ENDPOINT_PORT:WARP endpoint port (default2408)
• FAST_ENDPOINT:Enables the feature for searching for endpoint with the lowest latency
• WGCF_LICENSE_KEY:The license key of CloudFlare WARP+
• DNS_PROFILE:Presets of CloudFlare DNS servers (defaultdefault)
• DNS:Thednsof the WireGuard interface (default1.1.1.1, 1.0.0.1, 2606:4700:4700::1111, 2606:4700:4700::1001)
• MTU:Themtuof the WireGuard interface (default1280)

💡WGCF_LICENSE_KEYis optional and to obtain it follow guides inWARP+ licensesection.

Ports

• 1080:Socks5proxy
• 8080:HTTPproxy
• 8338:Shadowsocksproxy

Usage

Docker Compose

Docker compose is the recommended way to run this image. You can use the following docker compose template,then run the container:

docker compose up -d
docker compose logs -f

Command line

You can also use the following minimal command:

$ docker run -d \
--name warp \
-p 1080:1080 -p 8080:8080 -p 8338:8338 \
-e"PROXY_USERNAME=awesome-username"\
-e"PROXY_PASSWORD=super-secret-password"\
-e"SHADOWSOCKS_CIPHER=AES-256-CFB"\
--privileged \
--cap-add NET_ADMIN \
--cap-add SYS_MODULE \
--sysctl net.ipv4.ip_forward=1 \
--sysctl net.ipv4.conf.all.src_valid_mark=1 \
--sysctl net.ipv6.conf.all.disable_ipv6=0 \
shahradel/cfw-proxy

Upgrade

Recreate the container whenever I push an update:

docker compose pull
docker compose up -d

WARP+ license

If you have an existing Warp+ subscription, for an example on your phone, you can bind the account generated by this tool to your phone's account, sharing its Warp+ status. Please note that there is a current limit of maximum 5 linked devices active at a time.

⚠️This device's private key will be changed!

First, get your Warp+ account license key. To view it on Android:

1. Open the1.1.1.1app
2. Click on the hamburger menu button in the top-right corner.
3. Navigate to:Account>Key

Finally, copy and paste the license key into theWGCF_LICENSE_KEYenvironment variable and restart the container.

Contributing

Want to contribute? Awesome! To show your support is to star the project, or to raise issues onGitHub.

Thanks again for your support, it is much appreciated! 🙏

License

GPL-3.0©Shahrad Elahi