# yaml-language-server: $schema=https://schema.zeabur.app/template.json apiVersion: zeabur.com/v1 kind: Template metadata: name: HubProxy spec: description: Self-hosted acceleration proxy for Docker registries, GitHub files, and Hugging Face downloads. coverImage: https://raw.githubusercontent.com/sky22333/hubproxy/main/.github/demo/demo1.jpg icon: https://cdn.simpleicons.org/docker/2496ED variables: - key: HUBPROXY_DOMAIN type: DOMAIN name: Domain description: Public domain used to access HubProxy and configure Docker registry mirrors. tags: - Tool - Networking readme: |- # HubProxy HubProxy is a lightweight self-hosted acceleration proxy for Docker registries, GitHub release/raw files, and Hugging Face downloads. ## What this template deploys - One HubProxy service from `ghcr.io/sky22333/hubproxy:latest`. - HTTP port `5000`, bound to the domain selected during deployment. - A persistent volume mounted at `/data` for `config.toml`. - The container starts with `cd /data && /root/hubproxy`, so HubProxy reads `/data/config.toml` without masking the binary in `/root`. ## Usage Open the deployed domain to use the built-in web interface. Docker pull acceleration: ```bash docker pull ${ZEABUR_WEB_DOMAIN}/nginx docker pull ${ZEABUR_WEB_DOMAIN}/ghcr.io/sky22333/hubproxy ``` Docker daemon registry mirror: ```json { "registry-mirrors": ["${ZEABUR_WEB_URL}"] } ``` GitHub file acceleration: ```bash curl -L ${ZEABUR_WEB_URL}/https://raw.githubusercontent.com///main/path/to/file -o file ``` ## Operations notes HubProxy is intended for learning, lawful acceleration, and private/self-hosted usage. A public proxy can attract abuse, so keep rate limits enabled and adjust the access whitelist or blacklist in `/data/config.toml` when exposing it broadly. The upstream Docker Compose example uses the default `latest` tag. If upstream publishes stable versioned container tags later, pin this template to a specific tag for more reproducible deployments. ## 持久化与配置迁移 (Persistence) 本模板已在服务中挂载持久化卷: - `config` -> `/data`:保存 `/data/config.toml`。 HubProxy Docker 镜像的二进制文件位于 `/root/hubproxy`,不能把硬盘直接挂载到 `/root`,否则会覆盖二进制并导致 `exec: "./hubproxy": stat ./hubproxy: no such file or directory`。因此模板使用自定义启动命令 `cd /data && /root/hubproxy`,让程序从持久化目录读取 `config.toml`。 挂载卷的操作(Dashboard): 1. 打开项目 -> 点击该服务 -> 进入 `Volumes` 选项卡,点击 `Mount Volumes`。 2. 挂载配置卷:Volume ID 填写 `config`,Mount Directory 填写 `/data`。 3. 注意:首次挂载会清空目标挂载目录的现有文件。如果服务已经有生效配置,请先备份,再在挂载后把备份内容写回 `/data/config.toml`。 迁移现有配置示例: - 备份旧配置: `npx zeabur@latest service exec --name HubProxy -- cat /root/config.toml` - 挂载卷后写入新配置: `npx zeabur@latest service exec --name HubProxy -- sh -c 'cat > /data/config.toml'` 然后把备份内容粘贴进去并结束输入;也可以直接在 Zeabur Dashboard 的 Config Editor 中编辑 `/data/config.toml`。 存储建议: - 仅保存配置文件:100MB 即足够。 - 如果后续 HubProxy 增加磁盘缓存能力,再按上游配置要求额外挂载缓存目录。 - 挂载卷后服务将不支持零停机滚动更新(会先停止再启动)。 services: - name: HubProxy icon: https://cdn.simpleicons.org/docker/2496ED template: PREBUILT spec: id: hubproxy source: image: ghcr.io/sky22333/hubproxy:latest command: - /bin/sh - -c - cd /data && /root/hubproxy ports: - id: web port: 5000 type: HTTP volumes: - id: config dir: /data instructions: - title: Open HubProxy content: ${ZEABUR_WEB_URL} - title: Docker daemon registry mirror (example) content: ${ZEABUR_WEB_URL} - title: Docker pull example content: docker pull ${ZEABUR_WEB_DOMAIN}/nginx:latest - title: GitHub / Raw file acceleration example content: curl -L ${ZEABUR_WEB_URL}/https://raw.githubusercontent.com///main/path/to/file -o file env: ENABLE_FRONTEND: default: "true" ENABLE_H2C: default: "false" MAX_FILE_SIZE: default: "2147483648" MAX_IMAGES: default: "10" RATE_LIMIT: default: "500" RATE_PERIOD_HOURS: default: "3" SERVER_HOST: default: 0.0.0.0 SERVER_PORT: default: "5000" configs: - path: /data/config.toml template: |- [server] host = "0.0.0.0" port = 5000 fileSize = 2147483648 enableH2C = false enableFrontend = true [rateLimit] requestLimit = 500 periodHours = 3.0 [security] # 只保留本机白名单,避免公共反向代理地址意外绕过限流。 whiteList = ["127.0.0.1"] blackList = [] [access] # 为空表示不限制可代理的仓库或镜像;公开服务建议按需收紧。 whiteList = [] blackList = [] proxy = "" [download] maxImages = 10 [registries] [registries."ghcr.io"] upstream = "ghcr.io" authHost = "ghcr.io/token" authType = "github" enabled = true [registries."gcr.io"] upstream = "gcr.io" authHost = "gcr.io/v2/token" authType = "google" enabled = true [registries."quay.io"] upstream = "quay.io" authHost = "quay.io/v2/auth" authType = "quay" enabled = true [registries."registry.k8s.io"] upstream = "registry.k8s.io" authHost = "registry.k8s.io" authType = "anonymous" enabled = true [tokenCache] enabled = true defaultTTL = "20m" permission: 420 envsubst: null domainKey: HUBPROXY_DOMAIN