From fb7bf515aa72bec4b97bc6227710315c9cae0649 Mon Sep 17 00:00:00 2001 From: wulabing Date: Thu, 16 Mar 2023 22:16:08 +0800 Subject: [PATCH] V0.0.1 --- reality/Dockerfile | 36 ++++++++++++ reality/README.MD | 0 reality/config.json | 128 ++++++++++++++++++++++++++++++++++++++++++ reality/entrypoint.sh | 55 ++++++++++++++++++ 4 files changed, 219 insertions(+) create mode 100644 reality/Dockerfile create mode 100644 reality/README.MD create mode 100644 reality/config.json create mode 100644 reality/entrypoint.sh diff --git a/reality/Dockerfile b/reality/Dockerfile new file mode 100644 index 0000000..e137f6f --- /dev/null +++ b/reality/Dockerfile @@ -0,0 +1,36 @@ +# builder +FROM golang:alpine as builder +LABEL maintainer="wulabing " + + +ENV GOPROXY=https://goproxy.cn,direct +WORKDIR /app + +RUN apk add --no-cache git && git clone https://github.com/XTLS/Xray-core.git . && \ + go mod download && \ + go build -o xray /app/main/ + +# runner +FROM alpine:3.17 as runner + + +ENV UUID="" +ENV DEST="" +ENV SERVERNAMES="" +ENV PRIVATEKEY="" +ENV SHORTIDS="" +ENV NETWORK="" +ENV TZ=Asia/Shanghai + +WORKDIR / + +COPY . / +COPY --from=builder /app/xray / + +RUN apk add --no-cache tzdata ca-certificates util-linux jq && \ + mkdir -p /var/log/xray &&\ + wget -O /geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat && \ + wget -O /geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat && \ + chmod +x /entrypoint.sh + +ENTRYPOINT ["./entrypoint.sh"] diff --git a/reality/README.MD b/reality/README.MD new file mode 100644 index 0000000..e69de29 diff --git a/reality/config.json b/reality/config.json new file mode 100644 index 0000000..52f2b11 --- /dev/null +++ b/reality/config.json @@ -0,0 +1,128 @@ +{ + "log": { + "loglevel": "error", + "access": "/var/log/xray/access.log", + "error": "/var/log/xray/error.log" + }, + "api": { + "tag": "api", + "services": [ + "HandlerService", + "LoggerService", + "StatsService" + ] + }, + "stats": {}, + "policy": { + "levels": { + "0": { + "statsUserUplink": true, + "statsUserDownlink": true + } + }, + "system": { + "statsInboundUplink": true, + "statsInboundDownlink": true, + "statsOutboundUplink": true, + "statsOutboundDownlink": true + } + }, + "dns": { + "servers": [ + "https+local://cloudflare-dns.com/dns-query", + "1.1.1.1", + "1.0.0.1", + "8.8.8.8", + "8.8.4.4", + "localhost" + ] + }, + "inbounds": [ + { + "listen": "0.0.0.0", + "port": 443, + "protocol": "vless", + "settings": { + "clients": [ + { + "id": "xx", + "flow": "xtls-rprx-vision" + } + ], + "decryption": "none" + }, + "streamSettings": { + "network": "xx", + "security": "reality", + "realitySettings": { + "show": true, + "dest": "xx", + "xver": 0, + "maxTimeDiff": 0, + "minClientVer": "", + "serverNames": [ + "xx" + ], + "privateKey": "xx", + "shortIds": [ + "" + ] + } + }, + "sniffing": { + "enabled": true, + "destOverride": [ + "http", + "tls" + ] + } + } + ], + "outbounds": [ + { + "protocol": "freedom", + "tag": "direct" + }, + { + "protocol": "blackhole", + "tag": "blocked" + } + ], + "routing": { + "domainStrategy": "IPIfNonMatch", + "rules": [ + { + "inboundTag": [ + "api" + ], + "outboundTag": "api", + "type": "field" + }, + { + "domain": [ + "domain:iqiyi.com", + "domain:video.qq.com", + "domain:youku.com" + ], + "type": "field", + "outboundTag": "blocked" + }, + { + "type": "field", + "ip": [ + "geoip:cn", + "geoip:private" + ], + "outboundTag": "blocked" + }, + { + "protocol": [ + "bittorrent" + ], + "type": "field", + "outboundTag": "blocked" + } + ] + } +} + diff --git a/reality/entrypoint.sh b/reality/entrypoint.sh new file mode 100644 index 0000000..d23bedd --- /dev/null +++ b/reality/entrypoint.sh @@ -0,0 +1,55 @@ +#!/bin/sh + +if [ -z "$UUID" ]; then + echo "UUID is not set, generate random UUID " + UUID="$(uuidgen)" + echo "UUID: $UUID" + +fi + +if [ -z "$DEST" ]; then + echo "DEST is not set. default value www.apple.com:443" + DEST="www.apple.com:443" +fi + +if [ -z "$SERVERNAMES" ]; then + echo "SERVERNAMES is not set. use default value [\"www.apple.com\",\"images.apple.com\"]" + SERVERNAMES="www.apple.com images.apple.com" +fi + +if [ -z "$PRIVATEKEY" ]; then + echo "PRIVATEKEY is not set. generate new key" + /xray x25519 > /key + PRIVATEKEY=$(cat /key | grep "Private" | awk -F ': ' '{print $2}') + PUBLICKEY=$(cat /key | grep "Public" | awk -F ': ' '{print $2}') + echo "Private key: $PRIVATEKEY" + echo "Public key: $PUBLICKEY" +fi + +if [ -z "$NETWORK" ]; then + echo "NETWORK is not set,set default value tcp" + NETWORK="tcp" +fi + +# change config +jq ".inbounds[0].settings.clients[0].id=\"$UUID\"" /config.json > /config.json_tmp && mv /config.json_tmp /config.json +jq ".inbounds[0].streamSettings.realitySettings.dest=\"$DEST\"" /config.json > /config.json_tmp && mv /config.json_tmp /config.json + +SERVERNAMES_JSON_ARRAY="$(echo "[$(echo $SERVERNAMES | awk '{for(i=1;i<=NF;i++) printf "\"%s\",", $i}' | sed 's/,$//')]")" +jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.inbounds[0].streamSettings.realitySettings.serverNames = $serverNames' /config.json > /config.json_tmp && mv /config.json_tmp /config.json + +jq ".inbounds[0].streamSettings.realitySettings.privateKey=\"$PRIVATEKEY\"" /config.json > /config.json_tmp && mv /config.json_tmp /config.json +jq ".inbounds[0].streamSettings.realitySettings.network=\"$NETWORK\"" /config.json > /config.json_tmp && mv /config.json_tmp /config.json + +# config info with green color +echo -e "\033[32m" +echo "UUID: $UUID" +echo "DEST: $DEST" +echo "SERVERNAMES: $SERVERNAMES (任选其一)" +echo "PRIVATEKEY: $PRIVATEKEY" +echo "PUBLICKEY: $PUBLICKEY" +echo "NETWORK: $NETWORK" +echo -e "\033[0m" + +# run xray +/xray -config /config.json \ No newline at end of file