Lib.rs

#podman-container #proxy #podman #networking #container

app podfox

A SOCKS5 proxy for accessing local rootless Podman containers

by Val Packett

1 unstable release

Uses new Rust 2024

new 0.1.0 May 3, 2025

#3 in #podman-container

Unlicense

17KB
172 lines

unlicense Support me on Patreon

Podfox

Makes Firefox the World's First Cloud-Native Dev Browser!

Seriously though, Podfox is a SOCKS5 proxy for accessing Podman's rootless network namespace from the host. Podfox creates a convenient virtual domain hierarchy in the proxy: a <container>.<network>.podman request gets resolved as <container>.dns.podman on <network>'s aardvark-dns server. Firefox can be configured to use it through a PAC policy or an included one-liner extension (TODO: maybe publish to AMO?).

Forget about -p 8081:8080, restarting containers because you forgot a -p, Address already in use port clashes when starting the same component in various projects. No need for DNS configuration whatsoever! Just having one process running as your user account enables instant access to all ports on all containers you run as yourself.

Screenshot showing a RabbitMQ admin console at http://myrabbit.randomtests.podman:15672 and a terminal running the RabbitMQ container with podman run --rm -it --network randomtests --name myrabbit rabbitmq:3-management

Installation

First, get the binary. Currently, the only supported way is to use Cargo:

cargo install --locked podfox

Or from git:

cargo install --locked --git https://codeberg.org/valpackett/podfox

Or from a local checkout of this repo:

cargo install --locked --path .

Then, run it manually at first for testing, ensure it launches (it should if you have run a rootless podman container at least once).

After you're done testing, set it up to autostart, for example with a systemd user service (conveniently podfox supports socket activation).

Now configure Firefox. The simplest way is to use a PAC (Proxy Auto-Configuration) file, at least if you don't use proxies for anything else. Take the included podfox.pac file, place it somewhere Firefox can see (mind the flatpak), go to Preferences, General, Network Settings. Set "Automatic proxy configuration URL" to the file URL pointing to the path, like file:///home/…/…/podfox.pac. Make sure "Proxy DNS when using SOCKS v5" is checked.

Now you should be able to navigate to an http://container_name.network_name.podman URL and have it go through the proxy to your podman container!

As an alternative to the PAC file, we provide an extension, though it's not published to AMO yet.

License

This is free and unencumbered software released into the public domain.
For more information, please refer to the UNLICENSE file or unlicense.org.

Dependencies

~22–51MB
~897K SLoC