An0nX / telemt-docker
Secure multi-arch (amd64/arm64) Docker image for Telemt — a fast Rust-based MTProxy (MTProto) server, shipped as a static binary in a distroless non-root container.
AI Architecture Analysis
This repository is indexed by RepoMind. By analyzing An0nX/telemt-docker in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.
Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context on-demand, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.
Embed this Badge
Showcase RepoMind's analysis directly in your repository's README.
Repository Overview (README excerpt)
Crawler view🐳 telemt-docker > **📢 Сборка образов перенесена в GitLab** > > Из-за перманентной блокировки GitHub Actions образы теперь собираются в > **GitLab CI**. GitHub-репозиторий > продолжает существовать как зеркало GitLab. > > Подробности: An0nX/telemt-docker#14 --- A minimal, secure, and production-oriented Docker image for **Telemt** — a fast MTProto proxy server (MTProxy) written in **Rust + Tokio**. Built as a **fully static** binary and shipped in a **distroless** runtime image, running as **non-root** by default. --- ✨ Features • **🔐 Secure by default:** Distroless runtime + non-root user. • **🏗 Multi-arch:** Supports and . • **📦 Fully static binary:** Designed for . • **🧾 Config-driven:** You mount a single configuration file directory and go. • **📈 Metrics-ready:** Supports Telemt metrics port ( ) via config. • **🧰 Build-time pinning:** Upstream repo/ref are configurable via build args. --- ⚠️ Important Notice Telemt is a Telegram proxy (MTProto). Operating proxies may be restricted or monitored depending on your country/ISP and may carry legal/operational risks. You are responsible for compliance with local laws and for safe deployment (firewalling, access control, logs, monitoring). --- 🚀 Quick Start (Docker Compose) • Generate a Secret Telemt users require a **32-hex-char secret** (16 bytes): • Create Configuration Directory Refer to the upstream repository for the configuration format and examples: 👉 **https://github.com/telemt/telemt** To allow the Telemt API to write configuration changes dynamically (e.g. creating users), you **must mount a directory**, not just the file. The API performs atomic saves by creating a temporary file in the same directory and renaming it. Create the directory, place your config inside, and ensure it is writable by the container: • Create > **⚠️ Network mode note:** > This configuration uses , which means the container shares > the host's network stack directly. **Published ports ( section) are > discarded when using host network mode** — port exposure is controlled entirely > by your configuration (i.e. whichever port Telemt listens on will > be available on the host automatically). > > If you need Docker-managed port mapping (e.g. remapping ports, or binding only > to ), remove to use the default **bridge** mode > and uncomment the section below. > **⚠️ Privileged Ports (443) Binding Note:** > The base image uses a non-root user by default to minimize the attack vector. If your configuration binds Telemt to port (or any port **Note:** When using , Docker does not manage port mapping. > Telemt binds directly to host interfaces/ports as configured in . > The table above lists the default ports for reference only. --- 🧠 Container Behavior • **ENTRYPOINT:** • **CMD:** Extracted from the ( ) So the container effectively runs: To run a raw docker command without Compose: --- 🛠 Build This Dockerfile supports pinning upstream Telemt source: • (default: ) • (default: ) Multi-arch build (amd64 + arm64) Build a specific upstream tag/branch/commit --- 🔗 Useful Links • **Telemt upstream:** https://github.com/telemt/telemt • **MTProxy ad tag bot:** https://t.me/mtproxybot • **Distroless images:** https://github.com/GoogleContainerTools/distroless