handle unknown ips, e.g. from unix sockets

`chown` needs to be done "after" the file copy, otherwise there is no
meaning to do it as /home/tgproxy is default owned by tgproxy already.

Dockerfile

@@ -1,11 +1,14 @@
-FROM alpine:3.10
+FROM python:3.8-slim-buster
 
-RUN adduser tgproxy -u 10000 -D
+RUN apt-get update && apt-get install -y libcap2-bin && rm -rf /var/lib/apt/lists/*
+RUN setcap cap_net_bind_service=+ep /usr/local/bin/python3.8
 
-RUN apk add --no-cache python3 py3-cryptography ca-certificates libcap
+RUN pip3 --no-cache-dir install cryptography uvloop
 
+COPY mtprotoproxy.py config.py /home/tgproxy/
+
+RUN useradd tgproxy -u 10000
 RUN chown -R tgproxy:tgproxy /home/tgproxy
-RUN setcap cap_net_bind_service=+ep /usr/bin/python3.7
 
 USER tgproxy
 

README.md

@@ -1,6 +1,6 @@
 # Async MTProto Proxy #
 
-Fast and simple to setup mtproto proxy written on Python.
+Fast and simple to setup MTProto proxy written in Python.
 
 ## Starting Up ##
     
@@ -20,10 +20,15 @@ To advertise a channel get a tag from **@MTProxybot** and put it to *config.py*.
 The proxy performance should be enough to comfortably serve about 4 000 simultaneous users on
 the VDS instance with 1 CPU core and 1024MB RAM.
 
+## More Instructions ##
+
+- [Running without Docker](https://github.com/alexbers/mtprotoproxy/wiki/Running-Without-Docker)
+- [Optimization and fine tuning](https://github.com/alexbers/mtprotoproxy/wiki/Optimization-and-Fine-Tuning)
+
 ## Advanced Usage ##
 
 The proxy can be launched:
 - with a custom config: `python3 mtprotoproxy.py [configfile]`
 - several times, clients will be automaticaly balanced between instances
 - with uvloop module to get an extra speed boost
-- with runtime statistics exported for [Prometheus](https://prometheus.io/): using [prometheus](https://github.com/alexbers/mtprotoproxy/tree/prometheus) branch
+- with runtime statistics exported to [Prometheus](https://prometheus.io/)

config.py

@@ -1,20 +1,25 @@
-PORT = 3256
+PORT = 443
 
 # name -> secret (32 hex chars)
 USERS = {
-    "tg":  "00000000000000000000000000000000",
-    "tg2": "0123456789abcdef0123456789abcdef"
+    "tg":  "00000000000000000000000000000001",
+    # "tg2": "0123456789abcdef0123456789abcdef",
 }
 
-# Makes the proxy harder to detect
-# Can be incompatible with very old clients
-SECURE_ONLY = True
+MODES = {
+    # Classic mode, easy to detect
+    "classic": False,
 
-# Makes the proxy even more hard to detect
-# Compatible only with the recent clients
-# TLS_ONLY = True
+    # Makes the proxy harder to detect
+    # Can be incompatible with very old clients
+    "secure": False,
 
-# The domain for TLS, bad clients are proxied there
+    # Makes the proxy even more hard to detect
+    # Can be incompatible with old clients
+    "tls": True
+}
+
+# The domain for TLS mode, bad clients are proxied there
 # Use random existing domain, proxy checks it on start
 # TLS_DOMAIN = "www.google.com"