Overview
This guide walks through deploying a SOCKS5 proxy server containerized with Docker. The setup uses the ss5 package and includes optional username/password authentication support.
Project Structure
Create a project directory with the following files:
docker-compose.yml- Container orchestration configurationss5.conf- Main SOCKS5 server settingsss5.passwd- Credentials file for authenticated access
Docker Compose Configuration
version: '3.3'
services:
proxy:
image: registry.cn-hangzhou.aliyuncs.com/study-namespace/socks5
container_name: proxy
restart: unless-stopped
ports:
- "10808:1080"
entrypoint: ["bash", "-c", "/usr/sbin/ss5 && tail -f /var/log/ss5/ss5.log"]
volumes:
- "./config/ss5.conf:/etc/opt/ss5/ss5.conf:ro"
- "./config/ss5.passwd:/etc/opt/ss5/ss5.passwd:ro"
SOCKS5 Server Configuration
The following configuration file enables authentication-based access control. For open access without credentials, replace the auth directive with auth 0.0.0.0/0 - - and change permit u to permit -.
# Authentication settings
auth 0.0.0.0/0 - u
# Access control - permit authenticated users from any source
permit u 0.0.0.0/0 - 0.0.0.0/0 - - - - -
# Optional: Bandwidth limiting per group
# bandwidth Admin 2 - -
# bandwidth Users - 102400 -
Authentication Credentials
The credentials file stores username/password pairs. Format each line as username password:
admin P@ssw0rd!2024
devuser d3v3l0p3r_t3st
Deployment
Start the SOCKS5 proxy service with the following command:
docker-compose up -d
Usage
Connect to the proxy using the configured host and port (default 10808). Applications supporting SOCKS5 protocol can be configured with the username and password from the credentials file.
Configuration Notes
- Modify the port maping in
docker-compose.ymlif10808conflicts with other services - Update the authentication credentials file to use secure passwords
- Container logs are available via
docker logs proxy - The entrypoint script keeps the container running while streaming log output