V0.0.1

reality/Dockerfile

@@ -0,0 +1,36 @@
+# builder
+FROM golang:alpine as builder
+LABEL maintainer="wulabing <wulabing@gmail.com>"
+
+
+ENV GOPROXY=https://goproxy.cn,direct
+WORKDIR /app
+
+RUN apk add --no-cache git && git clone https://github.com/XTLS/Xray-core.git . && \
+    go mod download && \
+    go build -o xray /app/main/
+
+# runner
+FROM alpine:3.17 as runner
+
+
+ENV UUID=""
+ENV DEST=""
+ENV SERVERNAMES=""
+ENV PRIVATEKEY=""
+ENV SHORTIDS=""
+ENV NETWORK=""
+ENV TZ=Asia/Shanghai
+
+WORKDIR /
+
+COPY . /
+COPY --from=builder /app/xray /
+
+RUN apk add --no-cache tzdata ca-certificates util-linux jq && \
+    mkdir -p /var/log/xray &&\
+    wget -O /geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat && \
+    wget -O /geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat && \
+    chmod +x /entrypoint.sh
+
+ENTRYPOINT ["./entrypoint.sh"]

reality/config.json

@@ -0,0 +1,128 @@
+{
+  "log": {
+    "loglevel": "error",
+    "access": "/var/log/xray/access.log",
+    "error": "/var/log/xray/error.log"
+  },
+  "api": {
+    "tag": "api",
+    "services": [
+      "HandlerService",
+      "LoggerService",
+      "StatsService"
+    ]
+  },
+  "stats": {},
+  "policy": {
+    "levels": {
+      "0": {
+        "statsUserUplink": true,
+        "statsUserDownlink": true
+      }
+    },
+    "system": {
+      "statsInboundUplink": true,
+      "statsInboundDownlink": true,
+      "statsOutboundUplink": true,
+      "statsOutboundDownlink": true
+    }
+  },
+  "dns": {
+    "servers": [
+      "https+local://cloudflare-dns.com/dns-query",
+      "1.1.1.1",
+      "1.0.0.1",
+      "8.8.8.8",
+      "8.8.4.4",
+      "localhost"
+    ]
+  },
+  "inbounds": [
+    {
+      "listen": "0.0.0.0",
+      "port": 443,
+      "protocol": "vless",
+      "settings": {
+        "clients": [
+          {
+            "id": "xx",
+            "flow": "xtls-rprx-vision"
+          }
+        ],
+        "decryption": "none"
+      },
+      "streamSettings": {
+        "network": "xx",
+        "security": "reality",
+        "realitySettings": {
+          "show": true,
+          "dest": "xx",
+          "xver": 0,
+          "maxTimeDiff": 0,
+          "minClientVer": "",
+          "serverNames": [
+            "xx"
+          ],
+          "privateKey": "xx",
+          "shortIds": [
+            ""
+          ]
+        }
+      },
+      "sniffing": {
+        "enabled": true,
+        "destOverride": [
+          "http",
+          "tls"
+        ]
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "protocol": "freedom",
+      "tag": "direct"
+    },
+    {
+      "protocol": "blackhole",
+      "tag": "blocked"
+    }
+  ],
+  "routing": {
+    "domainStrategy": "IPIfNonMatch",
+    "rules": [
+      {
+        "inboundTag": [
+          "api"
+        ],
+        "outboundTag": "api",
+        "type": "field"
+      },
+      {
+        "domain": [
+          "domain:iqiyi.com",
+          "domain:video.qq.com",
+          "domain:youku.com"
+        ],
+        "type": "field",
+        "outboundTag": "blocked"
+      },
+      {
+        "type": "field",
+        "ip": [
+          "geoip:cn",
+          "geoip:private"
+        ],
+        "outboundTag": "blocked"
+      },
+      {
+        "protocol": [
+          "bittorrent"
+        ],
+        "type": "field",
+        "outboundTag": "blocked"
+      }
+    ]
+  }
+}
+

reality/entrypoint.sh

@@ -0,0 +1,55 @@
+#!/bin/sh
+
+if [ -z "$UUID" ]; then
+    echo "UUID is not set, generate random UUID "
+    UUID="$(uuidgen)"
+    echo "UUID: $UUID"
+    
+fi
+
+if [ -z "$DEST" ]; then
+    echo "DEST is not set. default value www.apple.com:443"
+    DEST="www.apple.com:443"
+fi
+
+if [ -z "$SERVERNAMES" ]; then
+    echo "SERVERNAMES is not set. use default value [\"www.apple.com\",\"images.apple.com\"]"
+    SERVERNAMES="www.apple.com images.apple.com"
+fi
+
+if [ -z "$PRIVATEKEY" ]; then
+    echo "PRIVATEKEY is not set. generate new key"
+    /xray x25519 > /key
+    PRIVATEKEY=$(cat /key | grep "Private" | awk -F ': ' '{print $2}')
+    PUBLICKEY=$(cat /key | grep "Public" |  awk -F ': ' '{print $2}')
+    echo "Private key: $PRIVATEKEY"
+    echo "Public key: $PUBLICKEY"
+fi
+
+if [ -z "$NETWORK" ]; then
+    echo "NETWORK is not set,set default value tcp"
+    NETWORK="tcp"
+fi
+
+# change config
+jq ".inbounds[0].settings.clients[0].id=\"$UUID\"" /config.json > /config.json_tmp && mv /config.json_tmp /config.json
+jq ".inbounds[0].streamSettings.realitySettings.dest=\"$DEST\"" /config.json > /config.json_tmp && mv /config.json_tmp /config.json
+
+SERVERNAMES_JSON_ARRAY="$(echo "[$(echo $SERVERNAMES | awk '{for(i=1;i<=NF;i++) printf "\"%s\",", $i}' | sed 's/,$//')]")"
+jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.inbounds[0].streamSettings.realitySettings.serverNames = $serverNames' /config.json > /config.json_tmp && mv /config.json_tmp /config.json
+
+jq ".inbounds[0].streamSettings.realitySettings.privateKey=\"$PRIVATEKEY\"" /config.json > /config.json_tmp && mv /config.json_tmp /config.json
+jq ".inbounds[0].streamSettings.realitySettings.network=\"$NETWORK\"" /config.json > /config.json_tmp && mv /config.json_tmp /config.json
+
+# config info with green color
+echo -e "\033[32m"
+echo "UUID: $UUID"
+echo "DEST: $DEST"
+echo "SERVERNAMES: $SERVERNAMES (任选其一)"
+echo "PRIVATEKEY: $PRIVATEKEY"
+echo "PUBLICKEY: $PUBLICKEY"
+echo "NETWORK: $NETWORK"
+echo -e "\033[0m"
+
+# run xray
+/xray -config /config.json