├── README.md
├── docker-compose.yml
├── iyuu.conf
├── iyuu.crt
└── iyuu.key


/README.md:
--------------------------------------------------------------------------------
 1 | # iyuu目前已使用香港轻量云做转发。将更新IYUUPlus代码，全量生效。不用再折腾此方法啦。
 2 | 
 3 | ## docker容器本地自签证书反代iyuu使用例
 4 | #### 思路就是，本地自签证书，nginx反代做假域名，hosts指向反代ip将发起的iyuu域名请求转发至源ip。
 5 | #### 方法不一定要用docker，可自行变通。本人只在ubuntu环境下测试过。
 6 | #### 配置和证书都已经有了，其他环境有问题的，请麻烦自行解决，或者另行方法。
 7 | 
 8 | ### 创建反代容器：
 9 | 容器互相访问，可不开放443端口。以免与其他应用冲突。
10 | 
11 | 如需在局域网内其他设备使用，如macvlan容器、win电脑等，则需要开端口。修改compose文件注释即可。
12 | 
13 | ```
14 | git clone https://github.com/AisukaYuki/iyuuproxy.git
15 | cd ./iyuuproxy
16 | #运行iyuuproxy容器
17 | docker-compose up -d
18 | #查看ip命令，也可在各docker管理器查看
19 | docker inspect iyuuproxy | grep IPAddress 
20 | ```
21 | ```
22 | shell输出：
23 |  "SecondaryIPAddresses": null,
24 |  "IPAddress": "",
25 |     "IPAddress": "172.29.0.2",
26 | ```
27 | 如上ip为 **172.29.0.2**，测试是否生效：
28 | ##### 注：如果开启了443端口映射，则可以直接使用宿主ip。
29 | ```
30 | curl -k --resolve 'api.iyuu.cn:443:172.29.0.2' https://api.iyuu.cn
31 | 
32 | #返回json内容则成功
33 | {"ret":200,"data":{"title":"Welcome IYUU","time":1705208847,"ip":"192.168.0.1","userAgent":"curl\/7.81.0","group":"QQ群：859882209, 931954050, 924099912, 586608623"},"msg":"","version":"2.0.0"}
34 | ```
35 | ### 使用方法：以iyuuplus为例
36 | 修改iyuuplus的compose文件添加**extra_hosts**参数后重建,如：
37 | ```
38 | version: '3.4'
39 |    services:
40 |      iyuuplus:
41 |       container_name: iyuuplus
42 |       image: iyuucn/iyuuplus:latest
43 |       extra_hosts: 
44 |         - "api.iyuu.cn:172.29.0.2"
45 |       ports:
46 |         - 8787:8787
47 |       volumes:
48 |         - ./db:/IYUU/db
49 |       restart: unless-stopped
50 | ```
51 | 或修改容器内 /etc/hosts 添加`172.29.0.2 api.iyuu.cn`
52 | ```
53 | docker exec -it <容器ID或容器名称> /bin/sh -c 'echo "172.29.0.2 api.iyuu.cn" >> /etc/hosts'
54 | #此方法容器重启后需要重新执行，建议添加外部挂载文件替换容器的/etc/hosts。重启容器不会失效。
55 | ```
56 | 
57 | ### 当然你也可以直接修改宿主hosts文件，路由劫持DNS，总之方法很多。
58 | 
59 | #### 其他容器操作同理
60 | 
61 | #### 一般来说，无需导入证书信任，添加完hosts，iyuu登录和mp认证即可正常工作。
62 | ##### 如果有特殊情况无法工作，可尝试导入证书，并添加信任。
63 | ```
64 | docker cp ./iyuu.crt <容器ID或容器名称>:/usr/local/share/ca-certificates/iyuu.crt
65 | docker exec -it <容器ID或容器名称> /bin/sh -c 'update-ca-certificates'
66 | ```
67 | 
68 | #### 恢复则修改compose或hosts文件，删除添加的内容，重建或重启。
69 | 


--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: '3.4'
 2 | services:
 3 |   iyuuproxy:
 4 |     container_name: iyuuproxy
 5 |     image: nginx:latest
 6 | #容器互相访问，可不开放443端口。以免与其他应用冲突。
 7 | #如需在局域网内其他设备使用，则需要开端口。
 8 | #    ports:
 9 | #      - 443:443
10 |     volumes:
11 |       - ./iyuu.conf:/etc/nginx/conf.d/iyuu.conf
12 |       - ./iyuu.crt:/home/iyuu.crt
13 |       - ./iyuu.key:/home/iyuu.key
14 |     restart: always


--------------------------------------------------------------------------------
/iyuu.conf:
--------------------------------------------------------------------------------
 1 | upstream iyuu{
 2 |   server 120.25.193.2:443;
 3 | }
 4 | server
 5 | {
 6 | 		listen 443 ssl;
 7 | 		listen [::]:443 ssl;
 8 | 		server_name api.iyuu.cn;
 9 | 
10 | 		# 若使用其他方法，非容器运行nginx，注意修改下面两个证书储存位置
11 | 		ssl_certificate   /home/iyuu.crt;
12 | 		ssl_certificate_key    /home/iyuu.key;
13 | 		ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
14 | 		ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
15 | 		ssl_prefer_server_ciphers on;
16 | 		ssl_session_cache shared:SSL:10m;
17 | 		ssl_session_timeout 10m;
18 | 		
19 | 	location ^~ /
20 | 	{
21 | 		proxy_pass https://iyuu;
22 | 		proxy_set_header Host $host;
23 | 		proxy_set_header X-Real-IP $remote_addr;
24 | 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
25 | 		proxy_set_header REMOTE-HOST $remote_addr;
26 | 		proxy_set_header Upgrade $http_upgrade;
27 | 		proxy_http_version 1.1;
28 | 		# proxy_hide_header Upgrade;
29 | 
30 | 		add_header X-Cache $upstream_cache_status;
31 | 	}
32 | }
33 | 


--------------------------------------------------------------------------------
/iyuu.crt:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDMTCCAhkCFH5f0w2yFctNz7yRYuOELfvxei2rMA0GCSqGSIb3DQEBCwUAMFUx
 3 | CzAJBgNVBAYTAkNOMQswCQYDVQQIDAJDTjELMAkGA1UEBwwCQ04xCzAJBgNVBAoM
 4 | AkNOMQswCQYDVQQLDAJDTjESMBAGA1UEAwwJKi5peXV1LmNuMB4XDTI0MDExMjA1
 5 | MTc1MFoXDTI1MDExMTA1MTc1MFowVTELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkNO
 6 | MQswCQYDVQQHDAJDTjELMAkGA1UECgwCQ04xCzAJBgNVBAsMAkNOMRIwEAYDVQQD
 7 | DAkqLml5dXUuY24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5TNrI
 8 | qMPWqGSKo4C7C9a32DCpyPOFSMjkFt6eGY+oaypBkWkayoAOpeSLK/eCYX/v3O/a
 9 | FACYT28M1o39U8FIuzmd+r8Z8adOyutnXv/fL+m7u1AsRU9Q+lif3optHfqg3JuR
10 | nfELrF/A7FSIQRKhREOim0Rnx8GdvuT+ow7aVuccM4jym1XxseKfXO/zp3799JDr
11 | 1uygZs1JML4Prqy+GU2XZmdWe12O4FC4DWS2yuB+oiA/YjHuLUsA5MYdskK1m3qS
12 | 5gytYrrbfNEXalDJFbFyvjlPFl9UTQkJu9OUoNtGJk5Bin2bkyrkDDlF6w5lSd1Q
13 | 9Uv376tOupja0SSTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAFbOdH/rM77FQXDa
14 | mdxI3/TAgqvUK1BzOL5GD6/yJFp3j/vlT+ELptgIvFoUlITq+x2oAzIk4Nl/rU4a
15 | youU+Hic7VlP+127QG9I+05KaW+2zdrs9MSLpvgWM0sIJsSYTMsL8sUedwCWY5AJ
16 | Zk4TXw6ydcwlZPNCIlmROPAcxmvjbGj6sCOE02oI637j5Sra7QWRRd2CMbOWmC/m
17 | sfVcozJ+D1CFs27iLeUiUccDqwATwUSf4KdXbUa8Z5KnrOzIUEQiMGtV0ybxvMt1
18 | N9O4/5idl/3dSvMJNQVlAHHS+LdtnOQ6LvWdn0vQAkFTKKFbuUB59b2qOaQV096t
19 | kDjD5YU=
20 | -----END CERTIFICATE-----
21 | 


--------------------------------------------------------------------------------
/iyuu.key:
--------------------------------------------------------------------------------
 1 | -----BEGIN PRIVATE KEY-----
 2 | MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5TNrIqMPWqGSK
 3 | o4C7C9a32DCpyPOFSMjkFt6eGY+oaypBkWkayoAOpeSLK/eCYX/v3O/aFACYT28M
 4 | 1o39U8FIuzmd+r8Z8adOyutnXv/fL+m7u1AsRU9Q+lif3optHfqg3JuRnfELrF/A
 5 | 7FSIQRKhREOim0Rnx8GdvuT+ow7aVuccM4jym1XxseKfXO/zp3799JDr1uygZs1J
 6 | ML4Prqy+GU2XZmdWe12O4FC4DWS2yuB+oiA/YjHuLUsA5MYdskK1m3qS5gytYrrb
 7 | fNEXalDJFbFyvjlPFl9UTQkJu9OUoNtGJk5Bin2bkyrkDDlF6w5lSd1Q9Uv376tO
 8 | upja0SSTAgMBAAECggEAT9uDXn79B4HC8szMKdBMVSbisglcidB4Y3RHtLMnalnk
 9 | +CUGuvkSfz2XZTMplBMY4/K/m6iLKRjyrwG4Z7i0z/eAOUlbGn8+r4JcOUyD0VgA
10 | z1tGjg3AxRFfKGbsGWKWJMVudi8vNuyux6ISPDZvJPkafPWVYXSBSM6AOg1j1Uxq
11 | BRU8SGjtb1RHlHkYws3zsOddRGFyTOzqgJIsXhnUSK6xJpW5glQovrjcFVBvAuru
12 | BNHFaWUu6iP6DIrZ9BTVZvxNU+2PGgXpvY+HgVI4EMYsR9FRxciCd4DyhOnRhm2L
13 | KvCaEvAf7c0DZc7QTlPPm9CkXDCs7ghzSRwDNQr+QQKBgQDudjT3mqtlnwx5UMcH
14 | UPjh+WR70tVs1g8mceiERALtK0N19/YyQhYhta+bAC0vElciKuwWHgd3AAj4PvC8
15 | VpwBWMD88VwwCs4fKRr/a6upIN51QrUYvjxvMyNjRNiSmjX2UwyrnZZ9Cypx9H+u
16 | AzDV8+Q//AjgdH0WsS9BXMxnewKBgQDG7bbqHkeyUtkfHxWyuXZSfKZJj8pd1XGU
17 | X5i9njkM9M6TFp7Ld4oBV5k+x9LUDGpO/RlAKJT9bc64679oqv/7IzEaLhxzm1H5
18 | BfCCzrc1wGC88veHZP9shaHHpq8PYOJOMeWQMMkokpyzsHsMt/oDOSmS6zq4v9Yy
19 | 20Hr6aQfyQKBgE8VpvVjN2rJd9KYJpnXkeMn2dpzDtM8nuOqLWoIQEw15/as2NrM
20 | LhjZ77ZhNZsB4yHyyD+BkAo4WcEy5pYfxzdvHvoEdgV83+VXtZt2MwUxYHXVPMhK
21 | 9zIN7LOUdpsQR8s8udwEtI8d7+LBKsMkTcL3UwChbrQ6De5Drx9nTmcXAoGBALbt
22 | F3vYVmPDzYbRxdkwtH6Lwzn38MYypZwkAEe1vI6Oe3tEnMdLaGttiyzxAY0e0Y9L
23 | LLIT31XgaO0hVEVCodvlc5y4dE9Wr52H+a+/uTfDbPGzly05EaxQggEe5PIGTHRN
24 | a+UZB5G4qEKQccazU0MtiG5iwv/q4GSpvMfcdKEJAoGBAImfQpWUkwWgMPi7N80B
25 | TjoVCfP0PgJM0K4JgCCgK/k/YPLHVCvcnCGaZuZ+28XJbMbjkTaAKSSLBLWqSCJ1
26 | mERqJkyoL+C1pfkB+oziBC4UDUcDd37BrZbjiTAPn7BhyDphnT0U0KTicW/d8sos
27 | jsEqzln/qs0prWT3SH4Y0RHt
28 | -----END PRIVATE KEY-----
29 | 


--------------------------------------------------------------------------------