Add script for fast deployment

README.md

@@ -144,6 +144,13 @@ $ mtg generate-secret -c google.com tls
 ee852380f362a09343efb4690c4e17862e676f6f676c652e636f6d
 ```
 
+Or, if you prefer docker:
+
+```console
+$ docker run --rm nineseconds/mtg generate-secret tls -c bing.com
+eedf71035a8ed48a623d8e83e66aec4d0562696e672e636f6d
+```
+
 ## Antireplay cache
 
 To prevent replay attacks, we have internal storage of first frames
@@ -215,6 +222,15 @@ $ mtg run <secret> <adtag>
 This tool will listen on port 3128 by default with the given secret.
 
 
+# oneliner to run this proxy
+
+Please ensure that docker is installed. After that just execute
+
+```console
+curl -sfL https:// | bash
+```
+
+
 # statsd integration
 
 mtg provides an integration with statsd, you can enable it with command

config/config.go

@@ -174,13 +174,8 @@ func Init(options ...Opt) error { // nolint: gocyclo, funlen
 	}
 
 	if C.CloakHost != "" {
-		addrs, err := net.LookupHost(C.CloakHost)
-		if err != nil {
-			return fmt.Errorf("cannot resolve address of %s host: %w", C.CloakHost, err)
-		}
-
-		if len(addrs) == 0 {
-			return fmt.Errorf("no known ip addresses for the host %s", C.CloakHost)
+		if _, err := net.LookupHost(C.CloakHost); err != nil {
+			zap.S().Warnw("Cannot resolve address of host", "hostname", C.CloakHost, "error", err)
 		}
 	}
 

run.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+#
+# Configuration options (set by environment variables during script execution)
+#   - MTG_CONFIG    - directory where mtg stores its configuration
+#   - MTG_IMAGENAME - a name of the docker image to use
+#   - MTG_PORT      - which port of the host system should be used
+#   - MTG_CONTAINER - a name of the container to use
+#
+# Example:
+#   export MTG_CONFIG="$HOME/mtg_config"
+#   export MTG_IMAGENAME="nineseconds/mtg:latest"
+#   curl -sfL https://lalala | bash
+
+set -eu -o pipefail
+
+export XDG_CONFIG_HOME="${XDG_CONFIG_HOME:-$HOME/.config}"
+export MTG_CONFIG="${MTG_CONFIG:-$XDG_CONFIG_HOME/mtg}"
+
+mkdir -p "$MTG_CONFIG" || true
+
+MTG_SECRET="$MTG_CONFIG/secret"
+MTG_ENV="$MTG_CONFIG/env"
+
+if [ ! -f "$MTG_ENV" ]; then
+    MTG_IMAGENAME="${MTG_IMAGENAME:-nineseconds/mtg:latest}"
+    MTG_PORT="${MTG_PORT:-3128}"
+    MTG_CONTAINER="${MTG_CONTAINER:-mtg}"
+
+    echo "MTG_IMAGENAME=${MTG_IMAGENAME}" > "$MTG_ENV"
+    echo "MTG_PORT=${MTG_PORT}" >> "$MTG_ENV"
+    echo "MTG_CONTAINER=${MTG_CONTAINER}" >> "$MTG_ENV"
+fi
+
+set -a
+source "$MTG_ENV"
+set +a
+
+docker pull "$MTG_IMAGENAME"
+if [ ! -f "$MTG_SECRET" ]; then
+    docker run \
+            --rm \
+            "$MTG_IMAGENAME" \
+        generate-secret tls -c "$(openssl rand -hex 16).com" \
+    > "$MTG_SECRET"
+fi
+
+echo "Proxy secret is $(cat "$MTG_SECRET")"
+
+docker ps --filter "Name=$MTG_CONTAINER" -aq | xargs -r docker rm -fv
+docker run \
+        -d \
+        --restart=unless-stopped \
+        --name "$MTG_CONTAINER" \
+        --ulimit nofile=51200:51200 \
+        -p "$MTG_PORT:3128" \
+    "$MTG_IMAGENAME" run "$(cat "$MTG_SECRET")"