use tls-only mode in the default config

Config option LISTEN_UNIX_SOCK = "/path/to/socket.file" allows to listen
on specified unix socket in additional to (or instead of) configured ip
addresses. Listening on a socket can be useful for connection from local
reverse proxy w/o wasting tcp ports and network subsystem resources just
for inter-process communication.
Default value is empty - socket not used.

Dockerfile

@@ -1,15 +1,13 @@
-FROM alpine:3.8
+FROM alpine:3.10
 
 RUN adduser tgproxy -u 10000 -D
 
 RUN apk add --no-cache python3 py3-cryptography ca-certificates libcap
 
-COPY mtprotoproxy.py config.py /home/tgproxy/
-
 RUN chown -R tgproxy:tgproxy /home/tgproxy
-RUN setcap cap_net_bind_service=+ep /usr/bin/python3.6
+RUN setcap cap_net_bind_service=+ep /usr/bin/python3.7
 
 USER tgproxy
 
 WORKDIR /home/tgproxy/
-CMD ["./mtprotoproxy.py"]
+CMD ["python3", "mtprotoproxy.py"]

README.md

@@ -1,17 +1,19 @@
 # Async MTProto Proxy #
 
-Fast and simple to setup mtproto proxy.
+Fast and simple to setup MTProto proxy written in Python.
 
 ## Starting Up ##
     
 1. `git clone -b stable https://github.com/alexbers/mtprotoproxy.git; cd mtprotoproxy`
 2. *(optional, recommended)* edit *config.py*, set **PORT**, **USERS** and **AD_TAG**
-3. `docker-compose up --build -d` (or just `python3 mtprotoproxy.py` if you don't like docker)
-4. *(optional, shows telegram link to set the proxy)* `docker-compose logs`
+3. `docker-compose up -d` (or just `python3 mtprotoproxy.py` if you don't like Docker)
+4. *(optional, get a link to share the proxy)* `docker-compose logs`
+
+![Demo](https://alexbers.com/mtprotoproxy/install_demo_v2.gif)
 
 ## Channel Advertising ##
 
-To advertise a channel get a tag from **@MTProxybot** and write it to *config.py*.
+To advertise a channel get a tag from **@MTProxybot** and put it to *config.py*.
 
 ## Performance ##
 
@@ -23,5 +25,5 @@ the VDS instance with 1 CPU core and 1024MB RAM.
 The proxy can be launched:
 - with a custom config: `python3 mtprotoproxy.py [configfile]`
 - several times, clients will be automaticaly balanced between instances
-- using *PyPy* interprteter
-- with runtime statistics exported for [Prometheus](https://prometheus.io/): using [prometheus](https://github.com/alexbers/mtprotoproxy/tree/prometheus) branch
+- with uvloop module to get an extra speed boost
+- with runtime statistics exported to [Prometheus](https://prometheus.io/)

config.py

@@ -6,9 +6,17 @@ USERS = {
     "tg2": "0123456789abcdef0123456789abcdef"
 }
 
+# Makes the proxy harder to detect
+# Can be incompatible with very old clients
+SECURE_ONLY = True
+
+# Makes the proxy even more hard to detect
+# Compatible only with the recent clients
+TLS_ONLY = True
+
+# The domain for TLS, bad clients are proxied there
+# Use random existing domain, proxy checks it on start
+# TLS_DOMAIN = "www.google.com"
+
 # Tag for advertising, obtainable from @MTProxybot
 # AD_TAG = "3c09c680b76ee91a4c25ad51f742267d"
-
-# Uncommenting this do make a proxy harder to detect
-# But it can be incompatible with old clients
-# SECURE_ONLY = True

docker-compose.yml

@@ -4,4 +4,7 @@ services:
     build: .
     restart: unless-stopped
     network_mode: "host"
+    volumes:
+        - ./config.py:/home/tgproxy/config.py
+        - ./mtprotoproxy.py:/home/tgproxy/mtprotoproxy.py
 #    mem_limit: 1024m