A Lightweight docker image for connecting to CloudFlare WARP trough Socks, HTTP and Shadowsocks proxy protocols

• Features
• Build locally
• Image
• Environment variables
• Ports
• Usage
  • Docker Compose
  • Command line
• WARP+ license
• Upgrade
• Contributing
• License

• Support Socks5, HTTP and Shadowsocks proxy protocols
• Apply license key to use existing Warp+ subscription
• Multi-platform image

git clone https://github.com/shahradelahi/docker-cfw-proxy
cd docker-cfw-proxy

# Build image and output to docker (default)
docker buildx bake

# Build multi-platform image
docker buildx bake image-all

Following platforms for this image are available:

$ docker run --rm mplatform/mquery shahradel/cfw-proxy:latest
Image: shahradel/cfw-proxy:latest
 * Manifest List: Yes (Image type: application/vnd.oci.image.index.v1+json)
 * Supported platforms:
   - linux/amd64
   - linux/arm/v6
   - linux/arm/v7
   - linux/arm64
   - linux/386
   - linux/s390x

• TZ: Timezone assigned to the container (default UTC)
• SOCKS5_PORT: The port of Socks5 proxy (default 1080)
• HTTP_PORT: The port of HTTP proxy (default 8080)
• WGCF_ENDPOINT: The endpoint of the WARP endpoint (default engage.cloudflareclient.com:2408)
• WGCF_ENDPOINT_CIDR: The cidr of the WARP endpoint (default 162.159.192.0/24)
• WGCF_ENDPOINT_PORT: WARP endpoint port (default 2408)
• FAST_ENDPOINT: Enables the feature for searching for endpoint with the lowest latency
• WGCF_LICENSE_KEY: The license key of CloudFlare WARP+
• DNS_PROFILE: Presets of CloudFlare DNS servers (default default)
• DNS: The dns of the WireGuard interface (default 1.1.1.1, 1.0.0.1, 2606:4700:4700::1111, 2606:4700:4700::1001)
• MTU: The mtu of the WireGuard interface (default 1280)
• KEEP_ALIVE: The keep-alive of the WireGuard interface (default 10)

💡 WGCF_LICENSE_KEY is optional and to obtain it follow guides in WARP+ license section.

• 1080: Socks5 proxy
• 8080: HTTP proxy

Docker compose is the recommended way to run this image. You can use the following docker compose template, then run the container:

docker compose up -d
docker compose logs -f

You can also use the following minimal command:

$ docker run -d \
  --name warp \
  -p 1080:1080 -p 8080:8080 \
  -e "PROXY_USERNAME=awesome-username" \
  -e "PROXY_PASSWORD=super-secret-password" \
  --privileged \
  --cap-add NET_ADMIN \
  --cap-add SYS_MODULE \
  --sysctl net.ipv4.ip_forward=1 \
  --sysctl net.ipv4.conf.all.src_valid_mark=1 \
  --sysctl net.ipv6.conf.all.disable_ipv6=0 \
  shahradel/cfw-proxy

This project utilizes gost for creating proxies. You can find more information about gost here.

It is possible to modify the script of gost by mounting your own script at /etc/s6-overlay/s6-rc.d/svc-gost/run.

Here is a basic example for running socks5 and http proxy with authentication:

#!/usr/bin/with-contenv bash
# shellcheck shell=bash

USERNAME="awesome-username"
PASSWORD="super-secret-password"

gost \
  -L "socks5://${USERNAME}:${PASSWORD}@:1080" \
  -L "http://${USERNAME}:${PASSWORD}@:8080"

Recreate the container whenever I push an update:

docker compose pull
docker compose up -d

If you have an existing Warp+ subscription, for example on your phone, you can bind the account generated by this tool to your phone's account, sharing its Warp+ status. Please note that there is a limit of 5 maximum devices linked at a time. You can remove linked devices from the 1.1.1.1 app on your phone.

First, get your Warp+ account license key. To view it on Android:

1. Open the 1.1.1.1 app
2. Click on the hamburger menu button in the top-right corner
3. Navigate to: Account > Key

Finally, copy and paste the license key into the WGCF_LICENSE_KEY environment variable and restart the container.

Want to contribute? Awesome! To show your support is to star the project, or to raise issues on GitHub.

Thanks again for your support, it is much appreciated! 🙏

• WireGuard
• WGCF CLI for Cloudflare Warp (Unofficial)

GPL-3.0

We are not affiliated, associated, authorized, endorsed by, or officially connected in any way with Cloudflare or any of its subsidiaries or affiliates. The official Cloudflare website is https://www.cloudflare.com.

The names Cloudflare Warp and Cloudflare, as well as any related names, marks, emblems, and images, are registered trademarks of their respective owners.