I would like to install the most recent tinyproxy version 1.11.0 on Ubuntu. How can I do that?
Unfortunetly does sudo apt update; sudo apt install tinyproxy -y; not work for me and only gives me the most recent stable version 1.10.0 from 2018.
So I tried to download and unzip the most recent version on GitHub https://github.com/tinyproxy/tinyproxy/releases
But I couldn’t get it to work properly installed yet.
What I tried so far:
sudo apt update; ... [loading the unzipped tinyproxy 1.11.0 folder via own GitHub repo] cd OwnGitHubRepo/tinyproxy-1.11.0 sudo apt-get install build-essential -y sudo apt install autoconf -y autoconf ./configure make sudo make install
The installation seems to have been working somehow as tinyproxy -v returns: tinyproxy 1.11.0
But I now can not run following command which I would usually do:
sudo /etc/init.d/tinyproxy restart;
As there is no tinyproxy folder inside /etc/ listed yet. :/
(Also sudo lsof -i:8888 doesn’t show any listing server yet)
Documentations:
Tried under AWS EC2 Ubuntu Server 20.04 LTS (HVM), SSD Volume Type
Advertisement
Answer
- Make sure you update the system with the latest packages
ubuntu@ip-172-30-2-209:~$ sudo su - root@ip-172-30-2-209:~#
root@ip-172-30-2-209:~# apt-get update root@ip-172-30-2-209:~# apt-get dist-upgrade
You can reboot the server if a new kernel is available
root@ip-172-30-2-209:~# reboot
- Install the build tools:
root@ip-172-30-2-209:~# apt-get install build-essential root@ip-172-30-2-209:~# apt-get install autoconf
- Download the source code and build the software
root@ip-172-30-2-209:~# wget https://github.com/tinyproxy/tinyproxy/releases/download/1.11.0/tinyproxy-1.11.0.tar.bz2 root@ip-172-30-2-209:~# tar -jxvf tinyproxy-1.11.0.tar.bz2 root@ip-172-30-2-209:~# cd tinyproxy-1.11.0/ root@ip-172-30-2-209:~/tinyproxy-1.11.0# ./configure root@ip-172-30-2-209:~/tinyproxy-1.11.0# make root@ip-172-30-2-209:~/tinyproxy-1.11.0# make install
Important directories/files to track:
/usr/bin/mkdir -p '/usr/local/bin' /usr/bin/install -c tinyproxy '/usr/local/bin' /usr/bin/mkdir -p '/usr/local/share/tinyproxy' /usr/bin/install -c -m 644 debug.html default.html stats.html '/usr/local/share/tinyproxy' /usr/bin/mkdir -p '/usr/local/etc/tinyproxy' /usr/bin/install -c -m 644 tinyproxy.conf '/usr/local/etc/tinyproxy' /usr/bin/mkdir -p '/usr/local/share/man/man5' /usr/bin/install -c -m 644 tinyproxy.conf.5 '/usr/local/share/man/man5' /usr/bin/mkdir -p '/usr/local/share/man/man8' /usr/bin/install -c -m 644 tinyproxy.8 '/usr/local/share/man/man8' /usr/bin/mkdir -p '/usr/local/share/doc/tinyproxy' /usr/bin/install -c -m 644 AUTHORS NEWS README README.md '/usr/local/share/doc/tinyproxy'
- Configure the software
Symlink the configuration folder
root@ip-172-30-2-209:~/tinyproxy-1.11.0# ln -s /usr/local/etc/tinyproxy /etc/ root@ip-172-30-2-209:~/tinyproxy-1.11.0# ls -la /etc/ | grep tinyproxy lrwxrwxrwx 1 root root 24 Apr 3 09:53 tinyproxy -> /usr/local/etc/tinyproxy
Check the nobody user group
root@ip-172-30-2-209:~/tinyproxy-1.11.0# cat /etc/passwd | grep nobody nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin root@ip-172-30-2-209:~/tinyproxy-1.11.0# cat /etc/group | grep 65534 nogroup:x:65534:
Since nobody is assigned to the nogroup group, change the Group element in tinyproxy config from nobody group to nogroup
root@ip-172-30-2-209:~/tinyproxy-1.11.0# sed -i s/'Group nobody'/'Group nogroup'/g /etc/tinyproxy/tinyproxy.conf
Configure the rest of tinyproxy to your expectations (here is the minimal setup)
root@ip-172-30-2-209:~/tinyproxy-1.11.0# cat /etc/tinyproxy/tinyproxy.conf | grep -v "^#|^$" User nobody Group nogroup Port 8888 Timeout 600 DefaultErrorFile "/usr/local/share/tinyproxy/default.html" StatFile "/usr/local/share/tinyproxy/stats.html" LogLevel Info MaxClients 100 Allow 127.0.0.1 Allow ::1 ViaProxyName "tinyproxy"
Test the connection
root@ip-172-30-2-209:~/tinyproxy-1.11.0# tinyproxy -d -c /etc/tinyproxy/tinyproxy.conf NOTICE Apr 03 09:56:13.294 [8179]: Initializing tinyproxy ... NOTICE Apr 03 09:56:13.294 [8179]: Reloading config file INFO Apr 03 09:56:13.294 [8179]: Setting "Via" header to 'tinyproxy' NOTICE Apr 03 09:56:13.294 [8179]: Reloading config file finished INFO Apr 03 09:56:13.294 [8179]: listen_sock called with addr = '(NULL)' INFO Apr 03 09:56:13.294 [8179]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6] INFO Apr 03 09:56:13.294 [8179]: listening on fd [3] INFO Apr 03 09:56:13.294 [8179]: trying to listen on host[::], family[10], socktype[1], proto[6] INFO Apr 03 09:56:13.294 [8179]: listening on fd [4] INFO Apr 03 09:56:13.294 [8179]: Now running as group "nogroup". INFO Apr 03 09:56:13.294 [8179]: Now running as user "nobody". INFO Apr 03 09:56:13.294 [8179]: Setting the various signals. INFO Apr 03 09:56:13.294 [8179]: Starting main loop. Accepting connections. CTRL+C
- Create a service to run tinyproxy
root@ip-172-30-2-209:~/tinyproxy-1.11.0# nano /lib/systemd/system/tinyproxy.service
[Unit] Description=tinyproxy service After=network.target StartLimitIntervalSec=0 [Service] Type=simple Restart=always RestartSec=1 User=nobody Group=nogroup ExecStart=/usr/local/bin/tinyproxy -d -c /etc/tinyproxy/tinyproxy.conf [Install] WantedBy=multi-user.target
- Start the service and check if everything is working fine
root@ip-172-30-2-209:~/tinyproxy-1.11.0# systemctl enable tinyproxy.service Created symlink /etc/systemd/system/multi-user.target.wants/tinyproxy.service → /lib/systemd/system/tinyproxy.service.
root@ip-172-30-2-209:~/tinyproxy-1.11.0# systemctl status tinyproxy.service
● tinyproxy.service - tinyproxy service
Loaded: loaded (/lib/systemd/system/tinyproxy.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2022-04-03 10:00:20 UTC; 5s ago
Main PID: 8236 (tinyproxy)
Tasks: 1 (limit: 1145)
Memory: 1.0M
CGroup: /system.slice/tinyproxy.service
└─8236 /usr/local/bin/tinyproxy -d -c /etc/tinyproxy/tinyproxy.conf
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: Setting "Via" header to 'tinyproxy'
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: NOTICE Apr 03 10:00:20.980 [8236]: Reloading config file finished
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: listen_sock called with addr = '(NULL)'
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6]
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: listening on fd [3]
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: trying to listen on host[::], family[10], socktype[1], proto[6]
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: listening on fd [4]
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: Not running as root, so not changing UID/GID.
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: Setting the various signals.
Apr 03 10:00:20 ip-172-30-2-209 tinyproxy[8236]: INFO Apr 03 10:00:20.980 [8236]: Starting main loop. Accepting connections.
Install net-tools to check the listening ports
root@ip-172-30-2-209:~/tinyproxy-1.11.0# apt-get install net-tools
root@ip-172-30-2-209:~/tinyproxy-1.11.0# netstat -napt | grep LISTEN | grep tinyproxy tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 8236/tinyproxy tcp6 0 0 :::8888 :::* LISTEN 8236/tinyproxy
root@ip-172-30-2-209:~/tinyproxy-1.11.0# lsof -i:8888 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME tinyproxy 8236 nobody 3u IPv4 34119 0t0 TCP *:8888 (LISTEN) tinyproxy 8236 nobody 4u IPv6 34120 0t0 TCP *:8888 (LISTEN)
- Extras
a) Logging and Pid file
Prepare pid and log directories
root@ip-172-30-2-209:~/tinyproxy-1.11.0# mkdir /var/run/tinyproxy/ root@ip-172-30-2-209:~/tinyproxy-1.11.0# mkdir /var/log/tinyproxy/ root@ip-172-30-2-209:~/tinyproxy-1.11.0# chown -R nobody:nogroup /var/run/tinyproxy/ root@ip-172-30-2-209:~/tinyproxy-1.11.0# chown -R nobody:nogroup /var/log/tinyproxy/
Add pid and log parameters into tinyproxy config
root@ip-172-30-2-209:~/tinyproxy-1.11.0# root@ip-172-30-2-209:~/tinyproxy-1.11.0# cat /etc/tinyproxy/tinyproxy.conf | grep ^LogFile LogFile "/var/log/tinyproxy/tinyproxy.log" root@ip-172-30-2-209:~/tinyproxy-1.11.0# cat /etc/tinyproxy/tinyproxy.conf | grep ^PidFile PidFile "/var/run/tinyproxy/tinyproxy.pid"
Restart service
root@ip-172-30-2-209:~/tinyproxy-1.11.0# systemctl restart tinyproxy.service
b) Process limits
root@ip-172-30-2-209:~# ps aux | grep tinyproxy nobody 64427 9.8 0.5 789836 10232 ? Ssl 12:11 0:00 /usr/local/bin/tinyproxy -d -c /etc/tinyproxy/tinyproxy.conf root 65436 0.0 0.0 7696 644 pts/0 S+ 12:11 0:00 grep --color=auto tinyproxy
root@ip-172-30-2-209:~# cat /proc/64427/limits | grep "Max processes|Max open files" Max processes 7151 7151 processes Max open files 1024 524288 files
To bump up those, edit the /lib/systemd/system/tinyproxy.service file and add the following lines in the [Service] section
[Service] ... LimitNOFILE=700000 LimitNPROC=700000 ...
Then reload systemd and restart the service
root@ip-172-30-2-209:~# systemctl daemon-reload root@ip-172-30-2-209:~# systemctl restart tinyproxy.service
Check the results
root@ip-172-30-2-209:~# ps axu | grep tinyproxy nobody 68439 0.6 0.1 533092 3068 ? Ssl 12:13 0:00 /usr/local/bin/tinyproxy -d -c /etc/tinyproxy/tinyproxy.conf root 68490 0.0 0.0 7696 656 pts/0 S+ 12:13 0:00 grep --color=auto tinyproxy root@ip-172-30-2-209:~# cat /proc/68439/limits | grep "Max processes|Max open files" Max processes 700000 700000 processes Max open files 700000 700000 files