├── InstallNET.sh ├── LICENSE ├── README.md ├── backup.sh ├── bbr.sh ├── bench.sh ├── deb ├── xray-plugin │ ├── Makefile │ ├── build-deb │ ├── checkout.sh │ ├── common │ │ ├── control │ │ ├── docs │ │ ├── rules │ │ └── source │ │ │ └── format │ ├── debian-bookworm │ │ └── Dockerfile │ ├── debian-bullseye │ │ └── Dockerfile │ ├── debian-buster │ │ └── Dockerfile │ ├── ubuntu-focal │ │ └── Dockerfile │ ├── ubuntu-jammy │ │ └── Dockerfile │ └── ubuntu-noble │ │ └── Dockerfile └── xray │ ├── Makefile │ ├── build-deb │ ├── checkout.sh │ ├── common │ ├── config.json │ ├── control │ ├── rules │ ├── source │ │ └── format │ ├── xray.docs │ ├── xray.service │ └── xray@.service │ ├── debian-bookworm │ └── Dockerfile │ ├── debian-bullseye │ └── Dockerfile │ ├── debian-buster │ └── Dockerfile │ ├── ubuntu-focal │ └── Dockerfile │ ├── ubuntu-jammy │ └── Dockerfile │ └── ubuntu-noble │ └── Dockerfile ├── docker ├── brook │ ├── Dockerfile │ ├── Dockerfile.architecture │ ├── README.md │ ├── brook.sh │ └── build_brook.sh ├── caddy │ ├── Caddyfile │ ├── Dockerfile │ ├── Dockerfile.architecture │ ├── README.md │ ├── build_caddy_forwardproxy_v1.sh │ ├── caddy.sh │ └── index.html ├── hysteria │ ├── Dockerfile.architecture │ ├── README.md │ ├── build_hysteria.sh │ ├── cert.crt │ ├── client.yaml │ ├── hysteria.sh │ ├── private.key │ └── server.yaml ├── kms │ ├── .dockerignore │ ├── Dockerfile │ ├── Dockerfile.architecture │ └── README.md ├── l2tp │ ├── Dockerfile │ ├── Dockerfile.architecture │ ├── README.md │ ├── ipsec │ ├── l2tp.env │ ├── l2tp.sh │ └── l2tpctl.sh ├── rpmbuild │ ├── Dockerfile.fedora37 │ ├── Dockerfile.fedora38 │ ├── Dockerfile.fedora39 │ ├── Dockerfile.fedora40 │ ├── Dockerfile.fedora41 │ ├── Dockerfile.fedora42 │ ├── Dockerfile.rpmbuild10 │ ├── Dockerfile.rpmbuild7 │ ├── Dockerfile.rpmbuild8 │ ├── Dockerfile.rpmbuild9 │ └── README.md ├── trojan-go │ ├── Dockerfile │ ├── Dockerfile.architecture │ ├── README.md │ ├── build_trojan-go-dev.sh │ ├── build_trojan-go-fork.sh │ ├── build_trojan-go.sh │ ├── config.json │ └── trojan-go.sh ├── trojan │ ├── Dockerfile │ ├── Dockerfile.architecture │ ├── README.md │ └── config.json ├── v2ray │ ├── Dockerfile │ ├── Dockerfile.architecture │ ├── README.md │ ├── build_v2ray.sh │ ├── config.json │ └── v2ray.sh └── xray │ ├── Dockerfile │ ├── Dockerfile.architecture │ ├── README.md │ ├── build_xray.sh │ ├── config.json │ └── xray.sh ├── ftp_upload.sh ├── kms ├── kms-debian ├── kms.sh ├── l2tp.sh ├── pptp.sh ├── rpm ├── xray-plugin │ └── xray-plugin.spec └── xray │ └── xray.spec ├── unixbench.sh └── wireguard.sh /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright {yyyy} {name of copyright owner} 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | 203 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## Across the Great Wall we can reach every corner in the world 2 | 3 | ## wireguard.sh 4 | 5 | - Description: This is a shell script for configure and start WireGuard VPN server. 6 | - Intro: https://teddysun.com/554.html 7 | 8 | ## bbr.sh 9 | 10 | - Description: Auto install latest kernel for TCP BBR 11 | - Intro: https://teddysun.com/489.html 12 | 13 | ## kms.sh 14 | 15 | - Description: Auto install KMS Server 16 | - Intro: https://teddysun.com/530.html 17 | - **KMS Server Docker Image**: https://hub.docker.com/r/teddysun/kms 18 | 19 | ## bench.sh 20 | 21 | - Description: Auto test I/O & upload & download speed script 22 | - Intro: https://teddysun.com/444.html 23 | 24 | ## backup.sh 25 | 26 | - You must modify the config before run it 27 | - Backup MySQL or MariaDB datebases, files and directories 28 | - Backup file is encrypted with AES256-cbc with SHA1 message-digest (Depends on `openssl` command) (option) 29 | - Auto transfer backup file to Google Drive (Depends on [`rclone`](https://teddysun.com/469.html) command) (option) 30 | - Auto transfer backup file to FTP server (Depends on `ftp` command) (option) 31 | - Auto delete remote file from Google Drive or FTP server (option) 32 | - Intro: https://teddysun.com/469.html 33 | 34 | ## ftp_upload.sh 35 | 36 | - You must modify the config before run it 37 | - Upload file(s) to FTP server 38 | - Intro: https://teddysun.com/484.html 39 | 40 | ## unixbench.sh 41 | 42 | - Description: Auto install unixbench and test script 43 | - Intro: https://teddysun.com/245.html 44 | 45 | ## l2tp.sh(Deprecated, DO NOT USE) 46 | 47 | ## pptp.sh(Deprecated, DO NOT USE) 48 | 49 | Copyright (C) 2013-2021 Teddysun 50 | -------------------------------------------------------------------------------- /backup.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright (C) 2013 - 2022 Teddysun 3 | # 4 | # This file is part of the LAMP script. 5 | # 6 | # LAMP is a powerful bash script for the installation of 7 | # Apache + PHP + MySQL/MariaDB and so on. 8 | # You can install Apache + PHP + MySQL/MariaDB in an very easy way. 9 | # Just need to input numbers to choose what you want to install before installation. 10 | # And all things will be done in a few minutes. 11 | # 12 | # Description: Auto backup shell script 13 | # Description URL: https://teddysun.com/469.html 14 | # 15 | # Website: https://lamp.sh 16 | # Github: https://github.com/teddysun/lamp 17 | # 18 | # You must to modify the config before run it!!! 19 | # Backup MySQL/MariaDB datebases, files and directories 20 | # Backup file is encrypted with AES256-cbc with SHA1 message-digest (option) 21 | # Auto transfer backup file to Google Drive (need install rclone command) (option) 22 | # Auto transfer backup file to FTP server (option) 23 | # Auto delete Google Drive's or FTP server's remote file (option) 24 | 25 | [[ $EUID -ne 0 ]] && echo "Error: This script must be run as root!" && exit 1 26 | 27 | ########## START OF CONFIG ########## 28 | 29 | # Encrypt flag (true: encrypt, false: not encrypt) 30 | ENCRYPTFLG=true 31 | 32 | # WARNING: KEEP THE PASSWORD SAFE!!! 33 | # The password used to encrypt the backup 34 | # To decrypt backups made by this script, run the following command: 35 | # openssl enc -aes256 -in [encrypted backup] -out decrypted_backup.tgz -pass pass:[backup password] -d -md sha1 36 | BACKUPPASS="mypassword" 37 | 38 | # Directory to store backups 39 | LOCALDIR="/opt/backups/" 40 | 41 | # Temporary directory used during backup creation 42 | TEMPDIR="/opt/backups/temp/" 43 | 44 | # File to log the outcome of backups 45 | LOGFILE="/opt/backups/backup.log" 46 | 47 | # OPTIONAL: 48 | # If you want to backup the MySQL database, enter the MySQL root password below, otherwise leave it blank 49 | MYSQL_ROOT_PASSWORD="" 50 | 51 | # Below is a list of MySQL database name that will be backed up 52 | # If you want backup ALL databases, leave it blank. 53 | MYSQL_DATABASE_NAME[0]="" 54 | 55 | # Below is a list of files and directories that will be backed up in the tar backup 56 | # For example: 57 | # File: /data/www/default/test.tgz 58 | # Directory: /data/www/default/test 59 | BACKUP[0]="" 60 | 61 | # Number of days to store daily local backups (default 7 days) 62 | LOCALAGEDAILIES="7" 63 | 64 | # Delete remote file from Googole Drive or FTP server flag (true: delete, false: not delete) 65 | DELETE_REMOTE_FILE_FLG=false 66 | 67 | # Rclone remote name 68 | RCLONE_NAME="" 69 | 70 | # Rclone remote folder name (default "") 71 | RCLONE_FOLDER="" 72 | 73 | # Upload local file to FTP server flag (true: upload, false: not upload) 74 | FTP_FLG=false 75 | 76 | # Upload local file to Google Drive flag (true: upload, false: not upload) 77 | RCLONE_FLG=false 78 | 79 | # FTP server 80 | # OPTIONAL: If you want to upload to FTP server, enter the Hostname or IP address below 81 | FTP_HOST="" 82 | 83 | # FTP username 84 | # OPTIONAL: If you want to upload to FTP server, enter the FTP username below 85 | FTP_USER="" 86 | 87 | # FTP password 88 | # OPTIONAL: If you want to upload to FTP server, enter the username's password below 89 | FTP_PASS="" 90 | 91 | # FTP server remote folder 92 | # OPTIONAL: If you want to upload to FTP server, enter the FTP remote folder below 93 | # For example: public_html 94 | FTP_DIR="" 95 | 96 | ########## END OF CONFIG ########## 97 | 98 | # Date & Time 99 | DAY=$(date +%d) 100 | MONTH=$(date +%m) 101 | YEAR=$(date +%C%y) 102 | BACKUPDATE=$(date +%Y%m%d%H%M%S) 103 | # Backup file name 104 | TARFILE="${LOCALDIR}""$(hostname)"_"${BACKUPDATE}".tgz 105 | # Encrypted backup file name 106 | ENC_TARFILE="${TARFILE}.enc" 107 | # Backup MySQL dump file name 108 | SQLFILE="${TEMPDIR}mysql_${BACKUPDATE}.sql" 109 | 110 | log() { 111 | echo "$(date "+%Y-%m-%d %H:%M:%S")" "$1" 112 | echo -e "$(date "+%Y-%m-%d %H:%M:%S")" "$1" >> ${LOGFILE} 113 | } 114 | 115 | # Check for list of mandatory binaries 116 | check_commands() { 117 | # This section checks for all of the binaries used in the backup 118 | # Do not check mysql command if you do not want to backup the MySQL database 119 | if [ -z "${MYSQL_ROOT_PASSWORD}" ]; then 120 | BINARIES=( cat cd du date dirname echo openssl pwd rm tar ) 121 | else 122 | BINARIES=( cat cd du date dirname echo openssl mysql mysqldump pwd rm tar ) 123 | fi 124 | 125 | # Iterate over the list of binaries, and if one isn't found, abort 126 | for BINARY in "${BINARIES[@]}"; do 127 | if [ ! "$(command -v "$BINARY")" ]; then 128 | log "$BINARY is not installed. Install it and try again" 129 | exit 1 130 | fi 131 | done 132 | 133 | # check rclone command 134 | RCLONE_COMMAND=false 135 | if [ "$(command -v "rclone")" ]; then 136 | RCLONE_COMMAND=true 137 | fi 138 | 139 | # check ftp command 140 | if ${FTP_FLG}; then 141 | if [ ! "$(command -v "ftp")" ]; then 142 | log "ftp is not installed. Install it and try again" 143 | exit 1 144 | fi 145 | fi 146 | } 147 | 148 | calculate_size() { 149 | local file_name=$1 150 | local file_size=$(du -h $file_name 2>/dev/null | awk '{print $1}') 151 | if [ "x${file_size}" = "x" ]; then 152 | echo "unknown" 153 | else 154 | echo "${file_size}" 155 | fi 156 | } 157 | 158 | # Backup MySQL databases 159 | mysql_backup() { 160 | if [ -z "${MYSQL_ROOT_PASSWORD}" ]; then 161 | log "MySQL root password not set, MySQL backup skipped" 162 | else 163 | log "MySQL dump start" 164 | mysql -u root -p"${MYSQL_ROOT_PASSWORD}" 2>/dev/null < "${SQLFILE}" 2>/dev/null 173 | if [ $? -ne 0 ]; then 174 | log "MySQL all databases backup failed" 175 | exit 1 176 | fi 177 | log "MySQL all databases dump file name: ${SQLFILE}" 178 | #Add MySQL backup dump file to BACKUP list 179 | BACKUP=(${BACKUP[@]} ${SQLFILE}) 180 | else 181 | for db in ${MYSQL_DATABASE_NAME[@]}; do 182 | unset DBFILE 183 | DBFILE="${TEMPDIR}${db}_${BACKUPDATE}.sql" 184 | mysqldump -u root -p"${MYSQL_ROOT_PASSWORD}" ${db} > "${DBFILE}" 2>/dev/null 185 | if [ $? -ne 0 ]; then 186 | log "MySQL database name [${db}] backup failed, please check database name is correct and try again" 187 | exit 1 188 | fi 189 | log "MySQL database name [${db}] dump file name: ${DBFILE}" 190 | #Add MySQL backup dump file to BACKUP list 191 | BACKUP=(${BACKUP[@]} ${DBFILE}) 192 | done 193 | fi 194 | log "MySQL dump completed" 195 | fi 196 | } 197 | 198 | start_backup() { 199 | [ "${#BACKUP[@]}" -eq 0 ] && echo "Error: You must to modify the [$(basename $0)] config before run it!" && exit 1 200 | 201 | log "Tar backup file start" 202 | tar -zcPf ${TARFILE} ${BACKUP[@]} 203 | if [ $? -gt 1 ]; then 204 | log "Tar backup file failed" 205 | exit 1 206 | fi 207 | log "Tar backup file completed" 208 | 209 | # Encrypt tar file 210 | if ${ENCRYPTFLG}; then 211 | log "Encrypt backup file start" 212 | openssl enc -aes256 -in "${TARFILE}" -out "${ENC_TARFILE}" -pass pass:"${BACKUPPASS}" -md sha1 213 | log "Encrypt backup file completed" 214 | 215 | # Delete unencrypted tar 216 | log "Delete unencrypted tar file: ${TARFILE}" 217 | rm -f ${TARFILE} 218 | fi 219 | 220 | # Delete MySQL temporary dump file 221 | for sql in $(ls ${TEMPDIR}*.sql 2> /dev/null); do 222 | log "Delete MySQL temporary dump file: ${sql}" 223 | rm -f ${sql} 224 | done 225 | 226 | if ${ENCRYPTFLG}; then 227 | OUT_FILE="${ENC_TARFILE}" 228 | else 229 | OUT_FILE="${TARFILE}" 230 | fi 231 | log "File name: ${OUT_FILE}, File size: $(calculate_size ${OUT_FILE})" 232 | } 233 | 234 | # Transfer backup file to Google Drive 235 | # If you want to install rclone command, please visit website: 236 | # https://rclone.org/downloads/ 237 | rclone_upload() { 238 | if ${RCLONE_FLG} && ${RCLONE_COMMAND}; then 239 | [ -z "${RCLONE_NAME}" ] && log "Error: RCLONE_NAME can not be empty!" && return 1 240 | if [ -n "${RCLONE_FOLDER}" ]; then 241 | rclone ls ${RCLONE_NAME}:${RCLONE_FOLDER} 2>&1 > /dev/null 242 | if [ $? -ne 0 ]; then 243 | log "Create the path ${RCLONE_NAME}:${RCLONE_FOLDER}" 244 | rclone mkdir ${RCLONE_NAME}:${RCLONE_FOLDER} 245 | fi 246 | fi 247 | log "Tranferring backup file: ${OUT_FILE} to Google Drive" 248 | rclone copy ${OUT_FILE} ${RCLONE_NAME}:${RCLONE_FOLDER} >> ${LOGFILE} 249 | if [ $? -ne 0 ]; then 250 | log "Error: Tranferring backup file: ${OUT_FILE} to Google Drive failed" 251 | return 1 252 | fi 253 | log "Tranferring backup file: ${OUT_FILE} to Google Drive completed" 254 | fi 255 | } 256 | 257 | # Tranferring backup file to FTP server 258 | ftp_upload() { 259 | if ${FTP_FLG}; then 260 | [ -z "${FTP_HOST}" ] && log "Error: FTP_HOST can not be empty!" && return 1 261 | [ -z "${FTP_USER}" ] && log "Error: FTP_USER can not be empty!" && return 1 262 | [ -z "${FTP_PASS}" ] && log "Error: FTP_PASS can not be empty!" && return 1 263 | [ -z "${FTP_DIR}" ] && log "Error: FTP_DIR can not be empty!" && return 1 264 | local FTP_OUT_FILE=$(basename ${OUT_FILE}) 265 | log "Tranferring backup file: ${FTP_OUT_FILE} to FTP server" 266 | ftp -in ${FTP_HOST} 2>&1 >> ${LOGFILE} <&1 > /dev/null 304 | if [ $? -eq 0 ]; then 305 | rclone delete ${RCLONE_NAME}:${RCLONE_FOLDER}/${FILENAME} >> ${LOGFILE} 306 | if [ $? -eq 0 ]; then 307 | log "Google Drive's old backup file: ${FILENAME} has been deleted" 308 | else 309 | log "Failed to delete Google Drive's old backup file: ${FILENAME}" 310 | fi 311 | else 312 | log "Google Drive's old backup file: ${FILENAME} is not exist" 313 | fi 314 | fi 315 | } 316 | 317 | # Delete FTP server's old backup file 318 | delete_ftp_file() { 319 | local FILENAME=$1 320 | if ${DELETE_REMOTE_FILE_FLG} && ${FTP_FLG}; then 321 | ftp -in ${FTP_HOST} 2>&1 >> ${LOGFILE} < /dev/null)) 340 | else 341 | LS=($(ls *.tgz 2> /dev/null)) 342 | fi 343 | for f in ${LS[@]}; do 344 | get_file_date ${f} 345 | if [ $? -eq 0 ]; then 346 | if [[ ${FILEAGE} -gt ${LOCALAGEDAILIES} ]]; then 347 | rm -f ${f} 348 | log "Old backup file name: ${f} has been deleted" 349 | delete_gdrive_file ${f} 350 | delete_ftp_file ${f} 351 | fi 352 | fi 353 | done 354 | } 355 | 356 | # Main progress 357 | STARTTIME=$(date +%s) 358 | 359 | # Check if the backup folders exist and are writeable 360 | [ ! -d "${LOCALDIR}" ] && mkdir -p ${LOCALDIR} 361 | [ ! -d "${TEMPDIR}" ] && mkdir -p ${TEMPDIR} 362 | 363 | log "Backup progress start" 364 | check_commands 365 | mysql_backup 366 | start_backup 367 | log "Backup progress complete" 368 | 369 | log "Upload progress start" 370 | rclone_upload 371 | ftp_upload 372 | log "Upload progress complete" 373 | 374 | log "Cleaning up" 375 | clean_up_files 376 | ENDTIME=$(date +%s) 377 | DURATION=$((ENDTIME - STARTTIME)) 378 | log "All done" 379 | log "Backup and transfer completed in ${DURATION} seconds" 380 | -------------------------------------------------------------------------------- /deb/xray-plugin/Makefile: -------------------------------------------------------------------------------- 1 | ARCH=$(shell uname -m) 2 | VERSION?=1.8.15 3 | GO_VERSION:=1.22.5 4 | SHELL:=/bin/bash 5 | GO_BASE_IMAGE=golang 6 | GO_IMAGE?=$(GO_BASE_IMAGE):$(GO_VERSION)-bookworm 7 | EPOCH?= 8 | REPO?=https://github.com/teddysun/xray-plugin.git 9 | REF?=v1.8.15 10 | CHOWN:=docker run --rm -v $(CURDIR):/v -w /v alpine chown 11 | 12 | ifdef BUILD_IMAGE 13 | BUILD_IMAGE_FLAG=--build-arg $(BUILD_IMAGE) 14 | endif 15 | 16 | COMMON_FILES=common 17 | BUILD?=DOCKER_BUILDKIT=1 \ 18 | docker build \ 19 | $(BUILD_IMAGE_FLAG) \ 20 | --build-arg GO_IMAGE=$(GO_IMAGE) \ 21 | --build-arg COMMON_FILES=$(COMMON_FILES) \ 22 | -t debbuild-$@/$(ARCH) \ 23 | -f $@/Dockerfile \ 24 | . 25 | 26 | # Additional flags may be necessary at some point 27 | RUN_FLAGS= 28 | RUN?=docker run --rm -h buildbot \ 29 | -e PLATFORM \ 30 | -e EPOCH='$(EPOCH)' \ 31 | -e DEB_VERSION=$(VERSION) \ 32 | -e VERSION=$(VERSION) \ 33 | -v $(CURDIR)/debbuild/$@:/build \ 34 | $(RUN_FLAGS) \ 35 | debbuild-$@/$(ARCH) 36 | 37 | DEBIAN_VERSIONS ?= debian-buster debian-bullseye debian-bookworm 38 | UBUNTU_VERSIONS ?= ubuntu-focal ubuntu-jammy ubuntu-noble 39 | DISTROS := $(DEBIAN_VERSIONS) $(UBUNTU_VERSIONS) 40 | 41 | # Taken from: https://www.cmcrossroads.com/article/printing-value-makefile-variable 42 | print-% : ; @echo $($*) 43 | 44 | .PHONY: help 45 | help: ## show make targets 46 | @awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {sub("\\\\n",sprintf("\n%22c"," "), $$2);printf " \033[36m%-20s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST) 47 | 48 | .PHONY: checkout-src 49 | checkout-src: src/github.com/teddysun/xray-plugin 50 | ./checkout.sh src/github.com/teddysun/xray-plugin "$(REF)" 51 | 52 | src/github.com/teddysun/xray-plugin: 53 | git init $@ 54 | git -C $@ remote add origin "$(REPO)" 55 | 56 | .PHONY: checkout 57 | checkout: checkout-src ## checkout source at the given reference(s) 58 | 59 | .PHONY: clean 60 | clean: ## remove build artifacts 61 | [ ! -d debbuild ] || $(CHOWN) -R $(shell id -u):$(shell id -g) debbuild 62 | $(RM) -r debbuild 63 | [ ! -d sources ] || $(CHOWN) -R $(shell id -u):$(shell id -g) sources 64 | $(RM) -r sources 65 | -docker builder prune -f --filter until=24h 66 | 67 | .PHONY: deb 68 | deb: ubuntu debian ## build all deb packages 69 | 70 | .PHONY: ubuntu 71 | ubuntu: $(UBUNTU_VERSIONS) ## build all ubuntu deb packages 72 | 73 | .PHONY: debian 74 | debian: $(DEBIAN_VERSIONS) ## build all debian deb packages 75 | 76 | .PHONY: $(DISTROS) 77 | $(DISTROS): sources 78 | @echo "== Building packages for $@ ==" 79 | mkdir -p "debbuild/$@" 80 | $(BUILD) 81 | $(RUN) 82 | $(CHOWN) -R $(shell id -u):$(shell id -g) "debbuild/$@" 83 | 84 | .PHONY: sources 85 | sources: sources/xray-plugin.tgz 86 | 87 | sources/xray-plugin.tgz: 88 | mkdir -p $(@D) 89 | docker run --rm -w /v \ 90 | -v $(realpath $(CURDIR)/src/github.com/teddysun/xray-plugin):/xray-plugin \ 91 | -v $(CURDIR)/$(@D):/v \ 92 | alpine \ 93 | tar -C / -c -z -f /v/xray-plugin.tgz --exclude .git xray-plugin 94 | 95 | # See ARCHES in common.mk. Could not figure out how to match both distro and arch. 96 | BUNDLES:=$(addsuffix .tar.gz,$(addprefix debbuild/bundles-%-,$(ARCHES))) 97 | 98 | $(BUNDLES): % 99 | tar czf $@ --transform="s|^debbuild/\(.*\)|bundles/$(VERSION)/build-deb/\1|" debbuild/$* 100 | -------------------------------------------------------------------------------- /deb/xray-plugin/build-deb: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -x 3 | set -e 4 | 5 | # untar sources 6 | mkdir -p /root/build-deb/xray-plugin 7 | tar -C /root/build-deb -xzf /sources/xray-plugin.tgz 8 | 9 | # link them to their canonical path 10 | mkdir -p /go/src/github.com/teddysun 11 | ln -snf /root/build-deb/xray-plugin /go/src/github.com/teddysun/xray-plugin 12 | 13 | EPOCH="${EPOCH:-}" 14 | EPOCH_SEP="" 15 | if [[ -n "$EPOCH" ]]; then 16 | EPOCH_SEP=":" 17 | fi 18 | 19 | if [[ -z "${DEB_VERSION}" ]]; then 20 | echo "DEB_VERSION is required to build deb packages" 21 | exit 1 22 | fi 23 | 24 | echo VERSION AAA ${VERSION} 25 | 26 | VERSION=${VERSION:-$(cat VERSION)} 27 | 28 | debSource="$(awk -F ': ' '$1 == "Source" { print $2; exit }' debian/control)" 29 | debMaintainer="$(awk -F ': ' '$1 == "Maintainer" { print $2; exit }' debian/control)" 30 | debDate="$(date --rfc-2822)" 31 | 32 | # Include an extra `1` in the version, in case we ever would have to re-build an 33 | # already published release with a packaging-only change. 34 | pkgRevision=1 35 | 36 | # Generate changelog. The version/name of the generated packages are based on this. 37 | # 38 | # Resulting packages are formatted as; 39 | # 40 | # - name of the package (e.g., "docker-ce") 41 | # - version (e.g., "23.0.0~beta.0") 42 | # - pkgRevision (usually "-0", see above), which allows updating packages with 43 | # packaging-only changes (without a corresponding release of the software 44 | # that's packaged). 45 | # - distro (e.g., "ubuntu") 46 | # - VERSION_ID (e.g. "22.04" or "11") this must be "sortable" to make sure that 47 | # packages are upgraded when upgrading to a newer distro version ("codename" 48 | # cannot be used for this, as they're not sorted) 49 | # - SUITE ("codename"), e.g. "jammy" or "bullseye". This is mostly for convenience, 50 | # because some places refer to distro versions by codename, others by version. 51 | # we prefix the codename with a tilde (~), which effectively excludes it from 52 | # version comparison. 53 | # 54 | # Note that while the `${EPOCH}${EPOCH_SEP}` is part of the version, it is not 55 | # included in the package's *filename*. (And if you're wondering: we needed the 56 | # EPOCH because of our use of CalVer, which made version comparing not work in 57 | # some cases). 58 | # 59 | # Examples: 60 | # 61 | # docker-ce_23.0.0~beta.0-1~debian.11~bullseye_amd64.deb 62 | # docker-ce_23.0.0~beta.0-1~ubuntu.22.04~jammy_amd64.deb 63 | cat > "debian/changelog" <<-EOF 64 | $debSource (${EPOCH}${EPOCH_SEP}${DEB_VERSION}-${pkgRevision}~${DISTRO}.${VERSION_ID}~${SUITE}) $SUITE; urgency=low 65 | * Version: ${VERSION} 66 | -- $debMaintainer $debDate 67 | EOF 68 | # The space above at the start of the line for the debMaintainer is very important 69 | 70 | echo VERSION BBB ${VERSION} 71 | dpkg-buildpackage -uc -us -I.git 72 | destination="/build" 73 | mkdir -p "$destination" 74 | mv -v /root/xray-plugin* "$destination" 75 | -------------------------------------------------------------------------------- /deb/xray-plugin/checkout.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | 3 | # Copyright 2018-2020 Docker Inc. 4 | 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | checkout() ( 18 | set -ex 19 | SRC="$1" 20 | REF="$2" 21 | REF_FETCH="$REF" 22 | # if ref is branch or tag, retrieve its canonical form 23 | REF=$(git -C "$SRC" ls-remote --refs --heads --tags origin "$REF" | awk '{print $2}') 24 | if [ -n "$REF" ]; then 25 | # if branch or tag then create it locally too 26 | REF_FETCH="$REF:$REF" 27 | else 28 | REF="FETCH_HEAD" 29 | fi 30 | git -C "$SRC" fetch --update-head-ok --depth 1 origin "$REF_FETCH" 31 | git -C "$SRC" checkout -q "$REF" 32 | ) 33 | 34 | 35 | # Only execute checkout function above if this file is executed, not sourced from another script 36 | prog=checkout.sh # needs to be in sync with this file's name 37 | if [ "$(basename -- $0)" = "$prog" ]; then 38 | checkout $* 39 | fi 40 | -------------------------------------------------------------------------------- /deb/xray-plugin/common/control: -------------------------------------------------------------------------------- 1 | Source: xray-plugin 2 | Section: devel 3 | Priority: optional 4 | Maintainer: Teddysun 5 | Build-Depends: bash, 6 | cmake, 7 | dh-apparmor, 8 | debhelper-compat (= 12), 9 | gcc, 10 | git, 11 | libc-dev, 12 | libltdl-dev, 13 | libseccomp-dev, 14 | libseccomp2, 15 | libsystemd-dev, 16 | libtool, 17 | make, 18 | pkg-config 19 | Standards-Version: 3.9.6 20 | Homepage: https://github.com/teddysun/xray-plugin 21 | Vcs-Browser: https://github.com/teddysun/xray-plugin 22 | Vcs-Git: git://github.com/teddysun/xray-plugin.git 23 | 24 | Package: xray-plugin 25 | Architecture: linux-any 26 | Depends: ${shlibs:Depends}, ${misc:Depends} 27 | Description: Xray plugin for shadowsocks 28 | Yet another SIP003 plugin for shadowsocks, based on xray-core. 29 | It should be used with shadowsocks. 30 | -------------------------------------------------------------------------------- /deb/xray-plugin/common/docs: -------------------------------------------------------------------------------- 1 | xray-plugin/README.md 2 | -------------------------------------------------------------------------------- /deb/xray-plugin/common/rules: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make -f 2 | 3 | VERSION?=$(shell cat VERSION) 4 | 5 | # force packages to be built with xz compression, as Ubuntu 21.10 and up use 6 | # zstd compression, which is non-standard, and breaks 'dpkg-sig --verify' 7 | override_dh_builddeb: 8 | dh_builddeb -- -Zxz 9 | 10 | override_dh_auto_build: 11 | cd xray-plugin \ 12 | && GO111MODULE=on \ 13 | env CGO_ENABLED=0 go build -v -trimpath -ldflags "-X main.VERSION=v$(VERSION) -s -w -buildid=" -o "xray-plugin" 14 | 15 | # http://manpages.debian.org/dh_dwz 16 | override_dh_dwz: 17 | # dh_dwz in debhelper versions less than 13 has issues with files that are missing debug symbols (once we update to debhelper-compat 13+ this can be removed) 18 | @# https://packages.debian.org/debhelper 19 | @# https://packages.ubuntu.com/debhelper 20 | 21 | override_dh_auto_install: 22 | install -D -m 0755 xray-plugin/xray-plugin debian/xray-plugin/usr/bin/xray-plugin 23 | 24 | override_dh_shlibdeps: 25 | dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info 26 | 27 | %: 28 | dh $@ 29 | -------------------------------------------------------------------------------- /deb/xray-plugin/common/source/format: -------------------------------------------------------------------------------- 1 | 1.0 2 | -------------------------------------------------------------------------------- /deb/xray-plugin/debian-bookworm/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=debian 5 | ARG SUITE=bookworm 6 | ARG VERSION_ID=12 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | ARG DEBIAN_FRONTEND=noninteractive 14 | RUN apt-get update && apt-get install -y curl devscripts equivs git 15 | 16 | ENV GOPROXY=https://proxy.golang.org|direct 17 | ENV GO111MODULE=off 18 | ENV GOPATH=/go 19 | ENV GOTOOLCHAIN=local 20 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 21 | 22 | ARG COMMON_FILES 23 | COPY --link ${COMMON_FILES} /root/build-deb/debian 24 | RUN apt-get update \ 25 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 26 | 27 | COPY --link sources/ /sources 28 | ARG DISTRO 29 | ARG SUITE 30 | ARG VERSION_ID 31 | ENV DISTRO=${DISTRO} 32 | ENV SUITE=${SUITE} 33 | ENV VERSION_ID=${VERSION_ID} 34 | 35 | COPY --link --from=golang /usr/local/go /usr/local/go 36 | 37 | WORKDIR /root/build-deb 38 | COPY build-deb /root/build-deb/build-deb 39 | 40 | ENTRYPOINT ["/root/build-deb/build-deb"] 41 | -------------------------------------------------------------------------------- /deb/xray-plugin/debian-bullseye/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=debian 5 | ARG SUITE=bullseye 6 | ARG VERSION_ID=11 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | ARG DEBIAN_FRONTEND=noninteractive 14 | RUN apt-get update && apt-get install -y curl devscripts equivs git 15 | 16 | ENV GOPROXY=https://proxy.golang.org|direct 17 | ENV GO111MODULE=off 18 | ENV GOPATH=/go 19 | ENV GOTOOLCHAIN=local 20 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 21 | 22 | ARG COMMON_FILES 23 | COPY --link ${COMMON_FILES} /root/build-deb/debian 24 | RUN apt-get update \ 25 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 26 | 27 | COPY --link sources/ /sources 28 | ARG DISTRO 29 | ARG SUITE 30 | ARG VERSION_ID 31 | ENV DISTRO=${DISTRO} 32 | ENV SUITE=${SUITE} 33 | ENV VERSION_ID=${VERSION_ID} 34 | 35 | COPY --link --from=golang /usr/local/go /usr/local/go 36 | 37 | WORKDIR /root/build-deb 38 | COPY build-deb /root/build-deb/build-deb 39 | 40 | ENTRYPOINT ["/root/build-deb/build-deb"] 41 | -------------------------------------------------------------------------------- /deb/xray-plugin/debian-buster/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=debian 5 | ARG SUITE=buster 6 | ARG VERSION_ID=10 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | ARG DEBIAN_FRONTEND=noninteractive 14 | RUN apt-get update && apt-get install -y curl devscripts equivs git 15 | 16 | ENV GOPROXY=https://proxy.golang.org|direct 17 | ENV GO111MODULE=off 18 | ENV GOPATH=/go 19 | ENV GOTOOLCHAIN=local 20 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 21 | 22 | ARG COMMON_FILES 23 | COPY --link ${COMMON_FILES} /root/build-deb/debian 24 | RUN apt-get update \ 25 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 26 | 27 | COPY --link sources/ /sources 28 | ARG DISTRO 29 | ARG SUITE 30 | ARG VERSION_ID 31 | ENV DISTRO=${DISTRO} 32 | ENV SUITE=${SUITE} 33 | ENV VERSION_ID=${VERSION_ID} 34 | 35 | COPY --link --from=golang /usr/local/go /usr/local/go 36 | 37 | WORKDIR /root/build-deb 38 | COPY build-deb /root/build-deb/build-deb 39 | 40 | ENTRYPOINT ["/root/build-deb/build-deb"] 41 | -------------------------------------------------------------------------------- /deb/xray-plugin/ubuntu-focal/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=ubuntu 5 | ARG SUITE=focal 6 | ARG VERSION_ID=20.04 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | # Remove diverted man binary to prevent man-pages being replaced with "minimized" message. See docker/for-linux#639 14 | RUN if [ "$(dpkg-divert --truename /usr/bin/man)" = "/usr/bin/man.REAL" ]; then \ 15 | rm -f /usr/bin/man; \ 16 | dpkg-divert --quiet --remove --rename /usr/bin/man; \ 17 | fi 18 | 19 | ARG DEBIAN_FRONTEND=noninteractive 20 | RUN apt-get update && apt-get install -y curl devscripts equivs git 21 | 22 | ENV GOPROXY=https://proxy.golang.org|direct 23 | ENV GO111MODULE=off 24 | ENV GOPATH=/go 25 | ENV GOTOOLCHAIN=local 26 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 27 | 28 | ARG COMMON_FILES 29 | COPY --link ${COMMON_FILES} /root/build-deb/debian 30 | RUN apt-get update \ 31 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 32 | 33 | COPY --link sources/ /sources 34 | ARG DISTRO 35 | ARG SUITE 36 | ARG VERSION_ID 37 | ENV DISTRO=${DISTRO} 38 | ENV SUITE=${SUITE} 39 | ENV VERSION_ID=${VERSION_ID} 40 | 41 | COPY --link --from=golang /usr/local/go /usr/local/go 42 | 43 | WORKDIR /root/build-deb 44 | COPY build-deb /root/build-deb/build-deb 45 | 46 | ENTRYPOINT ["/root/build-deb/build-deb"] 47 | -------------------------------------------------------------------------------- /deb/xray-plugin/ubuntu-jammy/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=ubuntu 5 | ARG SUITE=jammy 6 | ARG VERSION_ID=22.04 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | # Remove diverted man binary to prevent man-pages being replaced with "minimized" message. See docker/for-linux#639 14 | RUN if [ "$(dpkg-divert --truename /usr/bin/man)" = "/usr/bin/man.REAL" ]; then \ 15 | rm -f /usr/bin/man; \ 16 | dpkg-divert --quiet --remove --rename /usr/bin/man; \ 17 | fi 18 | 19 | ARG DEBIAN_FRONTEND=noninteractive 20 | RUN apt-get update && apt-get install -y curl devscripts equivs git 21 | 22 | ENV GOPROXY=https://proxy.golang.org|direct 23 | ENV GO111MODULE=off 24 | ENV GOPATH=/go 25 | ENV GOTOOLCHAIN=local 26 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 27 | 28 | ARG COMMON_FILES 29 | COPY --link ${COMMON_FILES} /root/build-deb/debian 30 | RUN apt-get update \ 31 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 32 | 33 | COPY --link sources/ /sources 34 | ARG DISTRO 35 | ARG SUITE 36 | ARG VERSION_ID 37 | ENV DISTRO=${DISTRO} 38 | ENV SUITE=${SUITE} 39 | ENV VERSION_ID=${VERSION_ID} 40 | 41 | COPY --link --from=golang /usr/local/go /usr/local/go 42 | 43 | WORKDIR /root/build-deb 44 | COPY build-deb /root/build-deb/build-deb 45 | 46 | ENTRYPOINT ["/root/build-deb/build-deb"] 47 | -------------------------------------------------------------------------------- /deb/xray-plugin/ubuntu-noble/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=ubuntu 5 | ARG SUITE=noble 6 | ARG VERSION_ID=24.04 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | # Remove diverted man binary to prevent man-pages being replaced with "minimized" message. See docker/for-linux#639 14 | RUN if [ "$(dpkg-divert --truename /usr/bin/man)" = "/usr/bin/man.REAL" ]; then \ 15 | rm -f /usr/bin/man; \ 16 | dpkg-divert --quiet --remove --rename /usr/bin/man; \ 17 | fi 18 | 19 | ARG DEBIAN_FRONTEND=noninteractive 20 | RUN apt-get update && apt-get install -y curl devscripts equivs git 21 | 22 | ENV GOPROXY=https://proxy.golang.org|direct 23 | ENV GO111MODULE=off 24 | ENV GOPATH=/go 25 | ENV GOTOOLCHAIN=local 26 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 27 | 28 | ARG COMMON_FILES 29 | COPY --link ${COMMON_FILES} /root/build-deb/debian 30 | RUN apt-get update \ 31 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 32 | 33 | COPY --link sources/ /sources 34 | ARG DISTRO 35 | ARG SUITE 36 | ARG VERSION_ID 37 | ENV DISTRO=${DISTRO} 38 | ENV SUITE=${SUITE} 39 | ENV VERSION_ID=${VERSION_ID} 40 | 41 | COPY --link --from=golang /usr/local/go /usr/local/go 42 | 43 | WORKDIR /root/build-deb 44 | COPY build-deb /root/build-deb/build-deb 45 | 46 | ENTRYPOINT ["/root/build-deb/build-deb"] 47 | -------------------------------------------------------------------------------- /deb/xray/Makefile: -------------------------------------------------------------------------------- 1 | ARCH=$(shell uname -m) 2 | VERSION?=24.11.30 3 | GO_VERSION:=1.23.3 4 | SHELL:=/bin/bash 5 | GO_BASE_IMAGE=golang 6 | GO_IMAGE?=$(GO_BASE_IMAGE):$(GO_VERSION)-bookworm 7 | EPOCH?= 8 | REPO?=https://github.com/xtls/xray-core.git 9 | REF?=v24.11.30 10 | CHOWN:=docker run --rm -v $(CURDIR):/v -w /v alpine chown 11 | 12 | ifdef BUILD_IMAGE 13 | BUILD_IMAGE_FLAG=--build-arg $(BUILD_IMAGE) 14 | endif 15 | 16 | COMMON_FILES=common 17 | BUILD?=DOCKER_BUILDKIT=1 \ 18 | docker build \ 19 | $(BUILD_IMAGE_FLAG) \ 20 | --build-arg GO_IMAGE=$(GO_IMAGE) \ 21 | --build-arg COMMON_FILES=$(COMMON_FILES) \ 22 | -t debbuild-$@/$(ARCH) \ 23 | -f $@/Dockerfile \ 24 | . 25 | 26 | # Additional flags may be necessary at some point 27 | RUN_FLAGS= 28 | RUN?=docker run --rm -h buildbot \ 29 | -e PLATFORM \ 30 | -e EPOCH='$(EPOCH)' \ 31 | -e DEB_VERSION=$(VERSION) \ 32 | -e VERSION=$(VERSION) \ 33 | -v $(CURDIR)/debbuild/$@:/build \ 34 | $(RUN_FLAGS) \ 35 | debbuild-$@/$(ARCH) 36 | 37 | DEBIAN_VERSIONS ?= debian-buster debian-bullseye debian-bookworm 38 | UBUNTU_VERSIONS ?= ubuntu-focal ubuntu-jammy ubuntu-noble 39 | DISTROS := $(DEBIAN_VERSIONS) $(UBUNTU_VERSIONS) 40 | 41 | # Taken from: https://www.cmcrossroads.com/article/printing-value-makefile-variable 42 | print-% : ; @echo $($*) 43 | 44 | .PHONY: help 45 | help: ## show make targets 46 | @awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {sub("\\\\n",sprintf("\n%22c"," "), $$2);printf " \033[36m%-20s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST) 47 | 48 | .PHONY: checkout-src 49 | checkout-src: src/github.com/xtls/xray 50 | ../checkout.sh src/github.com/xtls/xray "$(REF)" 51 | @curl -sSLo src/github.com/xtls/xray/geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat 52 | @curl -sSLo src/github.com/xtls/xray/geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat 53 | 54 | src/github.com/xtls/xray: 55 | git init $@ 56 | git -C $@ remote add origin "$(REPO)" 57 | 58 | .PHONY: checkout 59 | checkout: checkout-src ## checkout source at the given reference(s) 60 | 61 | .PHONY: clean 62 | clean: ## remove build artifacts 63 | [ ! -d debbuild ] || $(CHOWN) -R $(shell id -u):$(shell id -g) debbuild 64 | $(RM) -r debbuild 65 | [ ! -d sources ] || $(CHOWN) -R $(shell id -u):$(shell id -g) sources 66 | $(RM) -r sources 67 | -docker builder prune -f --filter until=24h 68 | 69 | .PHONY: deb 70 | deb: ubuntu debian ## build all deb packages 71 | 72 | .PHONY: ubuntu 73 | ubuntu: $(UBUNTU_VERSIONS) ## build all ubuntu deb packages 74 | 75 | .PHONY: debian 76 | debian: $(DEBIAN_VERSIONS) ## build all debian deb packages 77 | 78 | .PHONY: $(DISTROS) 79 | $(DISTROS): sources 80 | @echo "== Building packages for $@ ==" 81 | mkdir -p "debbuild/$@" 82 | $(BUILD) 83 | $(RUN) 84 | $(CHOWN) -R $(shell id -u):$(shell id -g) "debbuild/$@" 85 | 86 | .PHONY: sources 87 | sources: sources/xray.tgz 88 | 89 | sources/xray.tgz: 90 | mkdir -p $(@D) 91 | docker run --rm -w /v \ 92 | -v $(realpath $(CURDIR)/src/github.com/xtls/xray):/xray \ 93 | -v $(CURDIR)/$(@D):/v \ 94 | alpine \ 95 | tar -C / -c -z -f /v/xray.tgz --exclude .git xray 96 | 97 | # See ARCHES in common.mk. Could not figure out how to match both distro and arch. 98 | BUNDLES:=$(addsuffix .tar.gz,$(addprefix debbuild/bundles-%-,$(ARCHES))) 99 | 100 | $(BUNDLES): % 101 | tar czf $@ --transform="s|^debbuild/\(.*\)|bundles/$(VERSION)/build-deb/\1|" debbuild/$* 102 | -------------------------------------------------------------------------------- /deb/xray/build-deb: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -x 3 | set -e 4 | 5 | # untar sources 6 | mkdir -p /root/build-deb/xray 7 | tar -C /root/build-deb -xzf /sources/xray.tgz 8 | 9 | # link them to their canonical path 10 | mkdir -p /go/src/github.com/xtls 11 | ln -snf /root/build-deb/xray /go/src/github.com/xtls/xray-core 12 | 13 | EPOCH="${EPOCH:-}" 14 | EPOCH_SEP="" 15 | if [[ -n "$EPOCH" ]]; then 16 | EPOCH_SEP=":" 17 | fi 18 | 19 | if [[ -z "${DEB_VERSION}" ]]; then 20 | echo "DEB_VERSION is required to build deb packages" 21 | exit 1 22 | fi 23 | 24 | echo VERSION AAA ${VERSION} 25 | 26 | VERSION=${VERSION:-$(cat VERSION)} 27 | 28 | debSource="$(awk -F ': ' '$1 == "Source" { print $2; exit }' debian/control)" 29 | debMaintainer="$(awk -F ': ' '$1 == "Maintainer" { print $2; exit }' debian/control)" 30 | debDate="$(date --rfc-2822)" 31 | 32 | # Include an extra `1` in the version, in case we ever would have to re-build an 33 | # already published release with a packaging-only change. 34 | pkgRevision=1 35 | 36 | # Generate changelog. The version/name of the generated packages are based on this. 37 | # 38 | # Resulting packages are formatted as; 39 | # 40 | # - name of the package (e.g., "docker-ce") 41 | # - version (e.g., "23.0.0~beta.0") 42 | # - pkgRevision (usually "-0", see above), which allows updating packages with 43 | # packaging-only changes (without a corresponding release of the software 44 | # that's packaged). 45 | # - distro (e.g., "ubuntu") 46 | # - VERSION_ID (e.g. "22.04" or "11") this must be "sortable" to make sure that 47 | # packages are upgraded when upgrading to a newer distro version ("codename" 48 | # cannot be used for this, as they're not sorted) 49 | # - SUITE ("codename"), e.g. "jammy" or "bullseye". This is mostly for convenience, 50 | # because some places refer to distro versions by codename, others by version. 51 | # we prefix the codename with a tilde (~), which effectively excludes it from 52 | # version comparison. 53 | # 54 | # Note that while the `${EPOCH}${EPOCH_SEP}` is part of the version, it is not 55 | # included in the package's *filename*. (And if you're wondering: we needed the 56 | # EPOCH because of our use of CalVer, which made version comparing not work in 57 | # some cases). 58 | # 59 | # Examples: 60 | # 61 | # docker-ce_23.0.0~beta.0-1~debian.11~bullseye_amd64.deb 62 | # docker-ce_23.0.0~beta.0-1~ubuntu.22.04~jammy_amd64.deb 63 | cat > "debian/changelog" <<-EOF 64 | $debSource (${EPOCH}${EPOCH_SEP}${DEB_VERSION}-${pkgRevision}~${DISTRO}.${VERSION_ID}~${SUITE}) $SUITE; urgency=low 65 | * Version: ${VERSION} 66 | -- $debMaintainer $debDate 67 | EOF 68 | # The space above at the start of the line for the debMaintainer is very important 69 | 70 | echo VERSION BBB ${VERSION} 71 | dpkg-buildpackage -uc -us -I.git 72 | destination="/build" 73 | mkdir -p "$destination" 74 | mv -v /root/xray* "$destination" 75 | -------------------------------------------------------------------------------- /deb/xray/checkout.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env sh 2 | 3 | # Copyright 2018-2020 Docker Inc. 4 | 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | checkout() ( 18 | set -ex 19 | SRC="$1" 20 | REF="$2" 21 | REF_FETCH="$REF" 22 | # if ref is branch or tag, retrieve its canonical form 23 | REF=$(git -C "$SRC" ls-remote --refs --heads --tags origin "$REF" | awk '{print $2}') 24 | if [ -n "$REF" ]; then 25 | # if branch or tag then create it locally too 26 | REF_FETCH="$REF:$REF" 27 | else 28 | REF="FETCH_HEAD" 29 | fi 30 | git -C "$SRC" fetch --update-head-ok --depth 1 origin "$REF_FETCH" 31 | git -C "$SRC" checkout -q "$REF" 32 | ) 33 | 34 | 35 | # Only execute checkout function above if this file is executed, not sourced from another script 36 | prog=checkout.sh # needs to be in sync with this file's name 37 | if [ "$(basename -- $0)" = "$prog" ]; then 38 | checkout $* 39 | fi 40 | -------------------------------------------------------------------------------- /deb/xray/common/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "inbounds": [{ 3 | "port": 9000, 4 | "protocol": "vmess", 5 | "settings": { 6 | "clients": [ 7 | { 8 | "id": "1eb6e917-774b-4a84-aff6-b058577c60a5", 9 | "level": 1, 10 | "alterId": 64 11 | } 12 | ] 13 | } 14 | }], 15 | "outbounds": [{ 16 | "protocol": "freedom", 17 | "settings": {} 18 | }] 19 | } -------------------------------------------------------------------------------- /deb/xray/common/control: -------------------------------------------------------------------------------- 1 | Source: xray 2 | Section: net 3 | Priority: optional 4 | Maintainer: Teddysun 5 | Build-Depends: bash, 6 | cmake, 7 | dh-apparmor, 8 | debhelper-compat (= 12), 9 | gcc, 10 | git, 11 | libc-dev, 12 | libltdl-dev, 13 | libseccomp-dev, 14 | libseccomp2, 15 | libsystemd-dev, 16 | libtool, 17 | make, 18 | pkg-config 19 | Standards-Version: 3.9.6 20 | Homepage: https://github.com/xtls/xray-core 21 | Rules-Requires-Root: no 22 | Vcs-Browser: https://github.com/xtls/xray-core 23 | Vcs-Git: git://github.com/xtls/xray-core.git 24 | 25 | Package: xray 26 | Architecture: linux-any 27 | Depends: ${shlibs:Depends}, ${misc:Depends} 28 | Description: Xray, Penetrates Everything. 29 | Also the best v2ray-core, with XTLS support. Fully compatible configuration. 30 | -------------------------------------------------------------------------------- /deb/xray/common/rules: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make -f 2 | 3 | # force packages to be built with xz compression, as Ubuntu 21.10 and up use 4 | # zstd compression, which is non-standard, and breaks 'dpkg-sig --verify' 5 | override_dh_builddeb: 6 | dh_builddeb -- -Zxz 7 | 8 | override_dh_auto_build: 9 | cd xray \ 10 | && GO111MODULE=on \ 11 | env CGO_ENABLED=0 go build -v -trimpath -ldflags "-s -w -buildid=" -o "xray" ./main 12 | 13 | # http://manpages.debian.org/dh_dwz 14 | override_dh_dwz: 15 | # dh_dwz in debhelper versions less than 13 has issues with files that are missing debug symbols (once we update to debhelper-compat 13+ this can be removed) 16 | @# https://packages.debian.org/debhelper 17 | @# https://packages.ubuntu.com/debhelper 18 | 19 | override_dh_auto_install: 20 | install -D -m 0644 debian/config.json debian/xray/etc/xray/config.json 21 | install -D -m 0755 xray/xray debian/xray/usr/bin/xray 22 | install -D -m 0644 xray/geoip.dat debian/xray/usr/share/xray/geoip.dat 23 | install -D -m 0644 xray/geosite.dat debian/xray/usr/share/xray/geosite.dat 24 | 25 | override_dh_installsystemd: 26 | dh_installsystemd --no-enable --no-start 27 | 28 | override_dh_shlibdeps: 29 | dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info 30 | 31 | %: 32 | dh $@ -------------------------------------------------------------------------------- /deb/xray/common/source/format: -------------------------------------------------------------------------------- 1 | 1.0 2 | -------------------------------------------------------------------------------- /deb/xray/common/xray.docs: -------------------------------------------------------------------------------- 1 | xray/README.md 2 | -------------------------------------------------------------------------------- /deb/xray/common/xray.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Xray Service 3 | Documentation=https://github.com/xtls 4 | After=network.target nss-lookup.target 5 | 6 | [Service] 7 | CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 8 | AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 9 | NoNewPrivileges=true 10 | ExecStart=/usr/bin/xray run -config /etc/xray/config.json 11 | Restart=on-failure 12 | RestartPreventExitStatus=23 13 | LimitNPROC=10000 14 | LimitNOFILE=1000000 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /deb/xray/common/xray@.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Xray Service 3 | Documentation=https://github.com/xtls 4 | After=network.target nss-lookup.target 5 | 6 | [Service] 7 | CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 8 | AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE 9 | NoNewPrivileges=true 10 | ExecStart=/usr/bin/xray run -config /etc/xray/%i.json 11 | Restart=on-failure 12 | RestartPreventExitStatus=23 13 | LimitNPROC=10000 14 | LimitNOFILE=1000000 15 | 16 | [Install] 17 | WantedBy=multi-user.target 18 | -------------------------------------------------------------------------------- /deb/xray/debian-bookworm/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=debian 5 | ARG SUITE=bookworm 6 | ARG VERSION_ID=12 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | ARG DEBIAN_FRONTEND=noninteractive 14 | RUN apt-get update && apt-get install -y curl devscripts equivs git 15 | 16 | ENV GOPROXY=https://proxy.golang.org|direct 17 | ENV GO111MODULE=off 18 | ENV GOPATH=/go 19 | ENV GOTOOLCHAIN=local 20 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 21 | 22 | ARG COMMON_FILES 23 | COPY --link ${COMMON_FILES} /root/build-deb/debian 24 | RUN apt-get update \ 25 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 26 | 27 | COPY --link sources/ /sources 28 | ARG DISTRO 29 | ARG SUITE 30 | ARG VERSION_ID 31 | ENV DISTRO=${DISTRO} 32 | ENV SUITE=${SUITE} 33 | ENV VERSION_ID=${VERSION_ID} 34 | 35 | COPY --link --from=golang /usr/local/go /usr/local/go 36 | 37 | WORKDIR /root/build-deb 38 | COPY build-deb /root/build-deb/build-deb 39 | 40 | ENTRYPOINT ["/root/build-deb/build-deb"] 41 | -------------------------------------------------------------------------------- /deb/xray/debian-bullseye/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=debian 5 | ARG SUITE=bullseye 6 | ARG VERSION_ID=11 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | ARG DEBIAN_FRONTEND=noninteractive 14 | RUN apt-get update && apt-get install -y curl devscripts equivs git 15 | 16 | ENV GOPROXY=https://proxy.golang.org|direct 17 | ENV GO111MODULE=off 18 | ENV GOPATH=/go 19 | ENV GOTOOLCHAIN=local 20 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 21 | 22 | ARG COMMON_FILES 23 | COPY --link ${COMMON_FILES} /root/build-deb/debian 24 | RUN apt-get update \ 25 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 26 | 27 | COPY --link sources/ /sources 28 | ARG DISTRO 29 | ARG SUITE 30 | ARG VERSION_ID 31 | ENV DISTRO=${DISTRO} 32 | ENV SUITE=${SUITE} 33 | ENV VERSION_ID=${VERSION_ID} 34 | 35 | COPY --link --from=golang /usr/local/go /usr/local/go 36 | 37 | WORKDIR /root/build-deb 38 | COPY build-deb /root/build-deb/build-deb 39 | 40 | ENTRYPOINT ["/root/build-deb/build-deb"] 41 | -------------------------------------------------------------------------------- /deb/xray/debian-buster/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=debian 5 | ARG SUITE=buster 6 | ARG VERSION_ID=10 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | ARG DEBIAN_FRONTEND=noninteractive 14 | RUN apt-get update && apt-get install -y curl devscripts equivs git 15 | 16 | ENV GOPROXY=https://proxy.golang.org|direct 17 | ENV GO111MODULE=off 18 | ENV GOPATH=/go 19 | ENV GOTOOLCHAIN=local 20 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 21 | 22 | ARG COMMON_FILES 23 | COPY --link ${COMMON_FILES} /root/build-deb/debian 24 | RUN apt-get update \ 25 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 26 | 27 | COPY --link sources/ /sources 28 | ARG DISTRO 29 | ARG SUITE 30 | ARG VERSION_ID 31 | ENV DISTRO=${DISTRO} 32 | ENV SUITE=${SUITE} 33 | ENV VERSION_ID=${VERSION_ID} 34 | 35 | COPY --link --from=golang /usr/local/go /usr/local/go 36 | 37 | WORKDIR /root/build-deb 38 | COPY build-deb /root/build-deb/build-deb 39 | 40 | ENTRYPOINT ["/root/build-deb/build-deb"] 41 | -------------------------------------------------------------------------------- /deb/xray/ubuntu-focal/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=ubuntu 5 | ARG SUITE=focal 6 | ARG VERSION_ID=20.04 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | # Remove diverted man binary to prevent man-pages being replaced with "minimized" message. See docker/for-linux#639 14 | RUN if [ "$(dpkg-divert --truename /usr/bin/man)" = "/usr/bin/man.REAL" ]; then \ 15 | rm -f /usr/bin/man; \ 16 | dpkg-divert --quiet --remove --rename /usr/bin/man; \ 17 | fi 18 | 19 | ARG DEBIAN_FRONTEND=noninteractive 20 | RUN apt-get update && apt-get install -y curl devscripts equivs git 21 | 22 | ENV GOPROXY=https://proxy.golang.org|direct 23 | ENV GO111MODULE=off 24 | ENV GOPATH=/go 25 | ENV GOTOOLCHAIN=local 26 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 27 | 28 | ARG COMMON_FILES 29 | COPY --link ${COMMON_FILES} /root/build-deb/debian 30 | RUN apt-get update \ 31 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 32 | 33 | COPY --link sources/ /sources 34 | ARG DISTRO 35 | ARG SUITE 36 | ARG VERSION_ID 37 | ENV DISTRO=${DISTRO} 38 | ENV SUITE=${SUITE} 39 | ENV VERSION_ID=${VERSION_ID} 40 | 41 | COPY --link --from=golang /usr/local/go /usr/local/go 42 | 43 | WORKDIR /root/build-deb 44 | COPY build-deb /root/build-deb/build-deb 45 | 46 | ENTRYPOINT ["/root/build-deb/build-deb"] 47 | -------------------------------------------------------------------------------- /deb/xray/ubuntu-jammy/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=ubuntu 5 | ARG SUITE=jammy 6 | ARG VERSION_ID=22.04 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | # Remove diverted man binary to prevent man-pages being replaced with "minimized" message. See docker/for-linux#639 14 | RUN if [ "$(dpkg-divert --truename /usr/bin/man)" = "/usr/bin/man.REAL" ]; then \ 15 | rm -f /usr/bin/man; \ 16 | dpkg-divert --quiet --remove --rename /usr/bin/man; \ 17 | fi 18 | 19 | ARG DEBIAN_FRONTEND=noninteractive 20 | RUN apt-get update && apt-get install -y curl devscripts equivs git 21 | 22 | ENV GOPROXY=https://proxy.golang.org|direct 23 | ENV GO111MODULE=off 24 | ENV GOPATH=/go 25 | ENV GOTOOLCHAIN=local 26 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 27 | 28 | ARG COMMON_FILES 29 | COPY --link ${COMMON_FILES} /root/build-deb/debian 30 | RUN apt-get update \ 31 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 32 | 33 | COPY --link sources/ /sources 34 | ARG DISTRO 35 | ARG SUITE 36 | ARG VERSION_ID 37 | ENV DISTRO=${DISTRO} 38 | ENV SUITE=${SUITE} 39 | ENV VERSION_ID=${VERSION_ID} 40 | 41 | COPY --link --from=golang /usr/local/go /usr/local/go 42 | 43 | WORKDIR /root/build-deb 44 | COPY build-deb /root/build-deb/build-deb 45 | 46 | ENTRYPOINT ["/root/build-deb/build-deb"] 47 | -------------------------------------------------------------------------------- /deb/xray/ubuntu-noble/Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | 3 | ARG GO_IMAGE 4 | ARG DISTRO=ubuntu 5 | ARG SUITE=noble 6 | ARG VERSION_ID=24.04 7 | ARG BUILD_IMAGE=${DISTRO}:${SUITE} 8 | 9 | FROM ${GO_IMAGE} AS golang 10 | 11 | FROM ${BUILD_IMAGE} 12 | 13 | # Remove diverted man binary to prevent man-pages being replaced with "minimized" message. See docker/for-linux#639 14 | RUN if [ "$(dpkg-divert --truename /usr/bin/man)" = "/usr/bin/man.REAL" ]; then \ 15 | rm -f /usr/bin/man; \ 16 | dpkg-divert --quiet --remove --rename /usr/bin/man; \ 17 | fi 18 | 19 | ARG DEBIAN_FRONTEND=noninteractive 20 | RUN apt-get update && apt-get install -y curl devscripts equivs git 21 | 22 | ENV GOPROXY=https://proxy.golang.org|direct 23 | ENV GO111MODULE=off 24 | ENV GOPATH=/go 25 | ENV GOTOOLCHAIN=local 26 | ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 27 | 28 | ARG COMMON_FILES 29 | COPY --link ${COMMON_FILES} /root/build-deb/debian 30 | RUN apt-get update \ 31 | && mk-build-deps -t "apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y" -i /root/build-deb/debian/control 32 | 33 | COPY --link sources/ /sources 34 | ARG DISTRO 35 | ARG SUITE 36 | ARG VERSION_ID 37 | ENV DISTRO=${DISTRO} 38 | ENV SUITE=${SUITE} 39 | ENV VERSION_ID=${VERSION_ID} 40 | 41 | COPY --link --from=golang /usr/local/go /usr/local/go 42 | 43 | WORKDIR /root/build-deb 44 | COPY build-deb /root/build-deb/build-deb 45 | 46 | ENTRYPOINT ["/root/build-deb/build-deb"] 47 | -------------------------------------------------------------------------------- /docker/brook/Dockerfile: -------------------------------------------------------------------------------- 1 | # Dockerfile for Brook based alpine 2 | # Copyright (C) 2019 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/txthinking/brook 5 | 6 | FROM alpine:latest 7 | LABEL maintainer="Teddysun " 8 | 9 | WORKDIR /root 10 | COPY brook.sh /root/brook.sh 11 | RUN set -ex \ 12 | && apk add --no-cache tzdata \ 13 | && chmod +x /root/brook.sh \ 14 | && /root/brook.sh \ 15 | && rm -fv /root/brook.sh 16 | 17 | ENV TZ=Asia/Shanghai 18 | ENV ARGS="server -l :9000 -p password0" 19 | 20 | CMD /usr/bin/brook $ARGS 21 | -------------------------------------------------------------------------------- /docker/brook/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for Brook based alpine 2 | # Copyright (C) 2019 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/txthinking/brook 5 | 6 | FROM alpine:latest 7 | LABEL maintainer="Teddysun " 8 | 9 | ARG TARGETPLATFORM 10 | WORKDIR /root 11 | COPY brook.sh /root/brook.sh 12 | RUN set -ex \ 13 | && apk add --no-cache tzdata \ 14 | && chmod +x /root/brook.sh \ 15 | && /root/brook.sh "${TARGETPLATFORM}" \ 16 | && rm -fv /root/brook.sh 17 | 18 | ENV TZ=Asia/Shanghai 19 | ENV ARGS="server -l :9000 -p password0" 20 | 21 | CMD /usr/bin/brook $ARGS 22 | -------------------------------------------------------------------------------- /docker/brook/README.md: -------------------------------------------------------------------------------- 1 | ## Brook Docker Image by Teddysun 2 | 3 | [Brook][1] is a cross-platform proxy/VPN software which can help you get through firewalls. 4 | 5 | Docker images are built for quick deployment in various computing cloud providers. 6 | 7 | For more information on docker and containerization technologies, refer to [official document][2]. 8 | 9 | ## Prepare the host 10 | 11 | If you need to install docker by yourself, follow the [official installation guide][3]. 12 | 13 | ## Pull the image 14 | 15 | ```bash 16 | $ docker pull teddysun/brook 17 | ``` 18 | 19 | This pulls the latest release of Brook. 20 | 21 | It can be found at [Docker Hub][4]. 22 | 23 | ## Start a container 24 | 25 | You **must set environment variable** `ARGS` at first. 26 | 27 | There is an example to start a container that listen on port `9000`, password is `password0` (both TCP and UDP) run as a brook server like below: 28 | 29 | ```bash 30 | $ docker run -d -p 9000:9000 -p 9000:9000/udp --name brook --restart=always -e "ARGS=server -l :9000 -p password0" teddysun/brook 31 | ``` 32 | 33 | **Warning**: The port number must be same as environment variable and opened in firewall. 34 | 35 | [1]: https://github.com/txthinking/brook 36 | [2]: https://docs.docker.com/ 37 | [3]: https://docs.docker.com/install/ 38 | [4]: https://hub.docker.com/r/teddysun/brook/ -------------------------------------------------------------------------------- /docker/brook/brook.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for brook based alpine with Docker image 4 | # 5 | # Copyright (C) 2019 - 2020 Teddysun 6 | # 7 | # Reference URL: 8 | # https://github.com/txthinking/brook 9 | 10 | PLATFORM=$1 11 | if [ -z "$PLATFORM" ]; then 12 | ARCH="amd64" 13 | else 14 | case "$PLATFORM" in 15 | linux/386) 16 | ARCH="386" 17 | ;; 18 | linux/amd64) 19 | ARCH="amd64" 20 | ;; 21 | linux/arm/v6) 22 | ARCH="arm6" 23 | ;; 24 | linux/arm/v7) 25 | ARCH="arm7" 26 | ;; 27 | linux/arm64|linux/arm64/v8) 28 | ARCH="arm64" 29 | ;; 30 | linux/ppc64le) 31 | ARCH="ppc64le" 32 | ;; 33 | linux/s390x) 34 | ARCH="s390x" 35 | ;; 36 | *) 37 | ARCH="" 38 | ;; 39 | esac 40 | fi 41 | [ -z "${ARCH}" ] && echo "Error: Not supported OS Architecture" && exit 1 42 | # Download binary file 43 | BROOK_FILE="brook_linux_${ARCH}" 44 | echo "Downloading binary file: ${BROOK_FILE}" 45 | wget -O /usr/bin/brook https://dl.lamp.sh/files/${BROOK_FILE} > /dev/null 2>&1 46 | if [ $? -ne 0 ]; then 47 | echo "Error: Failed to download binary file: ${BROOK_FILE}" && exit 1 48 | fi 49 | chmod +x /usr/bin/brook 50 | echo "Download binary file: ${BROOK_FILE} completed" 51 | -------------------------------------------------------------------------------- /docker/brook/build_brook.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for build multi-architectures brook binary file 4 | # 5 | # Supported architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x 6 | # 7 | # Copyright (C) 2020 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/txthinking/brook 11 | 12 | cur_dir="$(pwd)" 13 | 14 | COMMANDS=( git go ) 15 | for CMD in "${COMMANDS[@]}"; do 16 | if [ ! "$(command -v "${CMD}")" ]; then 17 | echo "${CMD} is not installed, please install it and try again" && exit 1 18 | fi 19 | done 20 | 21 | cd ${cur_dir} 22 | git clone https://github.com/txthinking/brook.git 23 | cd brook/cli/brook || exit 2 24 | go get -d -v 25 | 26 | LDFLAGS="-s -w" 27 | ARCHS=( 386 amd64 arm arm64 ppc64le s390x ) 28 | ARMS=( 6 7 ) 29 | 30 | for ARCH in ${ARCHS[@]}; do 31 | if [ "${ARCH}" = "arm" ]; then 32 | for V in ${ARMS[@]}; do 33 | echo "Building brook_linux_${ARCH}${V}" 34 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -ldflags "${LDFLAGS}" -o ${cur_dir}/brook_linux_${ARCH}${V} 35 | done 36 | else 37 | echo "Building brook_linux_${ARCH}" 38 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -ldflags "${LDFLAGS}" -o ${cur_dir}/brook_linux_${ARCH} 39 | fi 40 | done 41 | 42 | chmod +x ${cur_dir}/brook_linux_* 43 | # clean up 44 | cd ${cur_dir} && rm -fr brook 45 | -------------------------------------------------------------------------------- /docker/caddy/Caddyfile: -------------------------------------------------------------------------------- 1 | # The Caddyfile is an easy way to configure your Caddy web server. 2 | # 3 | # Unless the file starts with a global options block, the first 4 | # uncommented line is always the address of your site. 5 | # 6 | # To use your own domain name (with automatic HTTPS), first make 7 | # sure your domain's A/AAAA DNS records are properly pointed to 8 | # this machine's public IP, then replace the line below with your 9 | # domain name. 10 | :80 11 | 12 | # Set this path to your site's directory. 13 | root * /usr/share/caddy 14 | 15 | # Enable the static file server. 16 | file_server 17 | 18 | # Another common task is to set up a reverse proxy: 19 | # reverse_proxy localhost:8080 20 | 21 | # Or serve a PHP site through php-fpm: 22 | # php_fastcgi localhost:9000 23 | 24 | # Refer to the Caddy docs for more information: 25 | # https://caddyserver.com/docs/caddyfile 26 | -------------------------------------------------------------------------------- /docker/caddy/Dockerfile: -------------------------------------------------------------------------------- 1 | # Dockerfile for caddy v1.0.5 based alpine 2 | # Copyright (C) 2021 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/caddyserver/caddy 5 | # https://github.com/caddyserver/forwardproxy 6 | 7 | FROM alpine:3.14 8 | LABEL maintainer="Teddysun " 9 | 10 | WORKDIR /root 11 | COPY caddy.sh /root/caddy.sh 12 | RUN set -ex \ 13 | && mkdir -p /config/caddy /data/caddy /etc/caddy /usr/share/caddy \ 14 | && apk add --no-cache tzdata ca-certificates mailcap \ 15 | && chmod +x /root/caddy.sh \ 16 | && /root/caddy.sh \ 17 | && rm -fv /root/caddy.sh 18 | 19 | # set up nsswitch.conf for Go's "netgo" implementation 20 | # see: https://github.com/docker-library/golang/blob/1eb096131592bcbc90aa3b97471811c798a93573/1.14/alpine3.12/Dockerfile#L9 21 | RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf 22 | 23 | COPY Caddyfile /etc/caddy/Caddyfile 24 | COPY index.html /usr/share/caddy/index.html 25 | 26 | # See https://caddyserver.com/docs/conventions#file-locations for details 27 | ENV XDG_CONFIG_HOME /config 28 | ENV XDG_DATA_HOME /data 29 | 30 | VOLUME /etc/caddy 31 | VOLUME /config 32 | VOLUME /data 33 | 34 | EXPOSE 80 443 2015 35 | 36 | ENV TZ=Asia/Shanghai 37 | CMD [ "/usr/bin/caddy", "-conf", "/etc/caddy/Caddyfile", "-agree" ] 38 | -------------------------------------------------------------------------------- /docker/caddy/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for caddy v1.0.5 based alpine 2 | # Copyright (C) 2021 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/caddyserver/caddy 5 | # https://github.com/caddyserver/forwardproxy 6 | 7 | FROM alpine:3.14 8 | LABEL maintainer="Teddysun " 9 | 10 | ARG TARGETPLATFORM 11 | WORKDIR /root 12 | COPY caddy.sh /root/caddy.sh 13 | RUN set -ex \ 14 | && mkdir -p /config/caddy /data/caddy /etc/caddy /usr/share/caddy \ 15 | && apk add --no-cache tzdata ca-certificates mailcap \ 16 | && chmod +x /root/caddy.sh \ 17 | && /root/caddy.sh "${TARGETPLATFORM}" \ 18 | && rm -fv /root/caddy.sh 19 | 20 | # set up nsswitch.conf for Go's "netgo" implementation 21 | # see: https://github.com/docker-library/golang/blob/1eb096131592bcbc90aa3b97471811c798a93573/1.14/alpine3.12/Dockerfile#L9 22 | RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf 23 | 24 | COPY Caddyfile /etc/caddy/Caddyfile 25 | COPY index.html /usr/share/caddy/index.html 26 | 27 | # See https://caddyserver.com/docs/conventions#file-locations for details 28 | ENV XDG_CONFIG_HOME /config 29 | ENV XDG_DATA_HOME /data 30 | 31 | VOLUME /etc/caddy 32 | VOLUME /config 33 | VOLUME /data 34 | 35 | EXPOSE 80 443 2015 36 | 37 | ENV TZ=Asia/Shanghai 38 | CMD [ "/usr/bin/caddy", "-conf", "/etc/caddy/Caddyfile", "-agree" ] 39 | -------------------------------------------------------------------------------- /docker/caddy/README.md: -------------------------------------------------------------------------------- 1 | ## Caddy Docker Image by Teddysun 2 | 3 | [Caddy][1] is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go. 4 | 5 | Docker images are built for quick deployment in various computing cloud providers. 6 | 7 | For more information on docker and containerization technologies, refer to [official document][2]. 8 | 9 | ## Prepare the host 10 | 11 | If you need to install docker by yourself, follow the [official installation guide][3]. 12 | 13 | ## Pull the image 14 | 15 | ```bash 16 | $ docker pull teddysun/caddy 17 | ``` 18 | 19 | This pulls the version **v1.0.5** of Caddy. 20 | 21 | It can be found at [Docker Hub][4]. 22 | 23 | ## Start a container 24 | 25 | You **must create a configuration file** `/etc/caddy/Caddyfile` in host at first: 26 | 27 | ``` 28 | $ mkdir -p /etc/caddy 29 | ``` 30 | 31 | Mount your site root using the `www` volume, a sample `Caddyfile` like below: 32 | 33 | ``` 34 | :80 { 35 | root /www 36 | index index.html 37 | } 38 | ``` 39 | 40 | There is an example to override the default `Caddyfile`, you can mount a new one at `/etc/caddy/Caddyfile` like below: 41 | 42 | ```bash 43 | $ docker run -d -p 80:80 --name caddy --restart=always -v /etc/caddy:/etc/caddy -v $(pwd)/site:/www teddysun/caddy 44 | ``` 45 | 46 | [1]: https://caddyserver.com/ 47 | [2]: https://docs.docker.com/ 48 | [3]: https://docs.docker.com/install/ 49 | [4]: https://hub.docker.com/r/teddysun/caddy/ -------------------------------------------------------------------------------- /docker/caddy/build_caddy_forwardproxy_v1.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for build multi-architectures caddy binary file with forwardproxy plugin 4 | # 5 | # Supported architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x 6 | # 7 | # Copyright (C) 2020 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/caddyserver/caddy 11 | # https://github.com/caddyserver/forwardproxy 12 | 13 | cur_dir="$(pwd)" 14 | 15 | COMMANDS=( git go ) 16 | for CMD in "${COMMANDS[@]}"; do 17 | if [ ! "$(command -v "${CMD}")" ]; then 18 | echo "${CMD} is not installed, please install it and try again" && exit 1 19 | fi 20 | done 21 | 22 | cd ${cur_dir} 23 | echo "git clone https://github.com/caddyserver/forwardproxy.git" 24 | git clone https://github.com/caddyserver/forwardproxy.git 25 | cd forwardproxy/cmd/caddy || exit 2 26 | go get -d -v 27 | 28 | LDFLAGS="-s -w" 29 | ARCHS=( 386 amd64 arm arm64 ppc64le s390x ) 30 | ARMS=( 6 7 ) 31 | 32 | for ARCH in ${ARCHS[@]}; do 33 | if [ "${ARCH}" = "arm" ]; then 34 | for V in ${ARMS[@]}; do 35 | echo "Building caddy_linux_${ARCH}${V}" 36 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -ldflags "${LDFLAGS}" -o ${cur_dir}/caddy_linux_${ARCH}${V} 37 | done 38 | else 39 | echo "Building caddy_linux_${ARCH}" 40 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -ldflags "${LDFLAGS}" -o ${cur_dir}/caddy_linux_${ARCH} 41 | fi 42 | done 43 | 44 | chmod +x ${cur_dir}/caddy_* 45 | # clean up 46 | cd ${cur_dir} && rm -fr forwardproxy 47 | -------------------------------------------------------------------------------- /docker/caddy/caddy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for caddy based alpine with Docker image 4 | # 5 | # Copyright (C) 2019 - 2021 Teddysun 6 | # 7 | # Reference URL: 8 | # https://github.com/caddyserver/caddy 9 | # https://github.com/caddyserver/forwardproxy 10 | 11 | PLATFORM=$1 12 | if [ -z "$PLATFORM" ]; then 13 | ARCH="amd64" 14 | else 15 | case "$PLATFORM" in 16 | linux/386) 17 | ARCH="386" 18 | ;; 19 | linux/amd64) 20 | ARCH="amd64" 21 | ;; 22 | linux/arm/v6) 23 | ARCH="arm6" 24 | ;; 25 | linux/arm/v7) 26 | ARCH="arm7" 27 | ;; 28 | linux/arm64|linux/arm64/v8) 29 | ARCH="arm64" 30 | ;; 31 | linux/ppc64le) 32 | ARCH="ppc64le" 33 | ;; 34 | linux/s390x) 35 | ARCH="s390x" 36 | ;; 37 | *) 38 | ARCH="" 39 | ;; 40 | esac 41 | fi 42 | [ -z "${ARCH}" ] && echo "Error: Not supported OS Architecture" && exit 1 43 | # Download binary file 44 | CADDY_FILE="caddy_linux_${ARCH}" 45 | 46 | echo "Downloading binary file: ${CADDY_FILE}" 47 | wget -O /usr/bin/caddy https://dl.lamp.sh/files/${CADDY_FILE} > /dev/null 2>&1 48 | if [ $? -ne 0 ]; then 49 | echo "Error: Failed to download binary file: ${CADDY_FILE}" && exit 1 50 | fi 51 | echo "Download binary file: ${CADDY_FILE} completed" 52 | 53 | chmod +x /usr/bin/caddy 54 | -------------------------------------------------------------------------------- /docker/caddy/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Caddy works! 5 | 6 | 7 | 8 | 181 | 182 | 183 |
184 |
185 |
186 |
187 | 188 | 189 |

190 | Congratulations! 191 | おめでとう! 192 | Felicidades! 193 | 恭喜! 194 | बधाई हो! 195 | Поздравляю!
 196 | 🎊 197 |

198 | 199 |

200 | Your web server is working. Now make it work for you. 💪 201 |

202 |

203 | Caddy is ready to serve your site over HTTPS: 204 |

205 |
    206 |
  1. Point your domain's A/AAAA DNS records at this machine.
    2. 207 |
  2. Upload your site's files to /var/www/html. 208 |
  3. 209 | Edit your Caddyfile at /etc/caddy/Caddyfile: 210 |
      211 |
    1. Replace :80 with your domain name
      2. 212 |
    2. Change the site root to /var/www/html
      3. 213 |
    214 |
    4. 215 |
  4. Reload the configuration: systemctl reload caddy
    5. 216 |
  5. Visit your site!
    6. 217 |
218 |

If that worked 🥳

219 |

220 | Awesome! You won't have to look at this slanted page anymore. 221 |

222 |

223 | Remember, Caddy can do a lot more than serve static files. It's also a powerful reverse proxy and application platform. You can use the Caddyfile to enable any other features you need. Or you could use Caddy's API to configure it programmatically. 224 |

225 |

226 | Everything you need to know is either in the 📖 Caddy documentation or the manual for your OS/platform. Have fun! 227 |

228 | 229 |

If that didn't work 😶

230 |

231 | It's okay, you can fix it! First check the following things: 232 |

233 |
    234 |
  • Service status: systemctl status caddy
    • 235 |
  • Logs: journalctl --no-pager -u caddy
    • 236 |
  • Are your site's files readable by the caddy user and group? ls -la /var/www/html
    • 237 |
  • Is the caddy home directory writeable? ls -la /var/lib/caddy
    • 238 |
  • Ensure your domain's A and/or AAAA records point to your machine's public IP address: dig example.com
    • 239 |
  • Are your ports 80 and 443 externally reachable, and is Caddy able to bind to them? Check your firewalls, port forwarding, and other network configuration.
    • 240 |
241 |

242 | WAIT! Before trying again, switch to Let's Encrypt's staging environment to avoid being accidentally rate limited. Once you get everything else working, it's safe to switch back. 243 |

244 |

245 | Depending on your DNS provider, it may take a while for the DNS records to propagate. Even when everything is configured properly, automated challenges to obtain TLS certificates usually take several seconds, but may take up to several minutes or hours. 246 |

247 | If you still need help, we have a great community! First try a search, and if your question is original, go ahead and ask it! Remember to pay it forward and help others too. 😁 248 |

249 |

250 | Visit Caddy on: 251 | GitHub 252 | or 253 | Twitter 254 | or 255 | Our Forum 256 |

257 |
258 |
259 | 260 |
261 | © Copyright 2020 The Caddy Authors. 262 |
263 | Caddy® is a registered trademark of Light Code Labs, LLC. 264 | 265 |
The Caddy project is not responsible for the content, disposition, or behavior of this Web property, which is independently owned and maintained. For inquiries, please contact the site owner or hosting provider.
266 |
267 | 268 | 269 | -------------------------------------------------------------------------------- /docker/hysteria/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for hysteria based alpine 2 | # Copyright (C) 2023 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/HyNetwork/hysteria 5 | 6 | FROM alpine:latest 7 | LABEL maintainer="Teddysun " 8 | 9 | ARG TARGETPLATFORM 10 | WORKDIR /root 11 | COPY hysteria.sh /root/hysteria.sh 12 | COPY server.yaml /etc/hysteria/server.yaml 13 | RUN set -ex \ 14 | && apk add --no-cache bash tzdata ca-certificates \ 15 | && chmod +x /root/hysteria.sh \ 16 | && /root/hysteria.sh "${TARGETPLATFORM}" \ 17 | && rm -fv /root/hysteria.sh 18 | 19 | VOLUME /etc/hysteria 20 | ENV TZ=Asia/Shanghai 21 | CMD [ "/usr/bin/hysteria", "server", "-c", "/etc/hysteria/server.yaml" ] 22 | -------------------------------------------------------------------------------- /docker/hysteria/README.md: -------------------------------------------------------------------------------- 1 | ## Hysteria Docker Image by Teddysun 2 | 3 | [Hysteria][1] is a feature-packed proxy & relay utility optimized for lossy, unstable connections, powered by a customized QUIC protocol. 4 | 5 | Docker images are built for quick deployment in various computing cloud providers. 6 | 7 | For more information on docker and containerization technologies, refer to [official document][2]. 8 | 9 | ## Prepare the host 10 | 11 | If you need to install docker by yourself, follow the [official installation guide][3]. 12 | 13 | ## Pull the image 14 | 15 | ```bash 16 | $ docker pull teddysun/hysteria 17 | ``` 18 | 19 | This pulls the latest release of Hysteria. 20 | 21 | It can be found at [Docker Hub][4]. 22 | 23 | ## Start a container 24 | 25 | You **must create a configuration file** `/etc/hysteria/server.yaml` in host at first: 26 | 27 | ``` 28 | $ mkdir -p /etc/hysteria 29 | ``` 30 | 31 | A sample in yaml like below: 32 | 33 | ``` 34 | listen: :8998 35 | 36 | tls: 37 | cert: /etc/hysteria/cert.crt 38 | key: /etc/hysteria/private.key 39 | 40 | auth: 41 | type: password 42 | password: your_password 43 | 44 | resolver: 45 | type: https 46 | https: 47 | addr: 8.8.8.8:443 48 | timeout: 10s 49 | ``` 50 | 51 | And put the `cert.crt`, `private.key` to the `/etc/hysteria/`. 52 | 53 | There is an example to start a container that listen on port `8998`, run as a Hysteria server like below: 54 | 55 | ```bash 56 | $ docker run -d -p 8998:8998 --name hysteria --restart=always -v /etc/hysteria:/etc/hysteria teddysun/hysteria 57 | ``` 58 | 59 | **Warning**: The port number must be same as configuration and opened in firewall. 60 | 61 | [1]: https://github.com/apernet/hysteria 62 | [2]: https://docs.docker.com/ 63 | [3]: https://docs.docker.com/install/ 64 | [4]: https://hub.docker.com/r/teddysun/hysteria/ -------------------------------------------------------------------------------- /docker/hysteria/build_hysteria.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for build multi-architectures hysteria binary file 4 | # 5 | # Supported architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x 6 | # 7 | # Copyright (C) 2022 - 2023 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/apernet/hysteria 11 | 12 | cur_dir="$(pwd)" 13 | 14 | COMMANDS=( git go ) 15 | for CMD in "${COMMANDS[@]}"; do 16 | if [ ! "$(command -v "${CMD}")" ]; then 17 | echo "${CMD} is not installed, please install it and try again" && exit 1 18 | fi 19 | done 20 | 21 | cd ${cur_dir} 22 | echo "git clone https://github.com/apernet/hysteria.git" 23 | git clone https://github.com/apernet/hysteria.git 24 | cd hysteria || exit 2 25 | 26 | APP_SRC_CMD_PKG="github.com/apernet/hysteria/app/cmd" 27 | VERSION="$(git describe)" 28 | COMMIT="$(git rev-parse HEAD)" 29 | TIMESTAMP="$(date "+%F")" 30 | 31 | LDFLAGS="-s -w -X '${APP_SRC_CMD_PKG}.appVersion=${VERSION}' -X '${APP_SRC_CMD_PKG}.appCommit=${COMMIT}' -X '${APP_SRC_CMD_PKG}.appDate=${TIMESTAMP}' -X '${APP_SRC_CMD_PKG}.appType=release' -buildid=" 32 | ARCHS=( 386 amd64 arm arm64 ppc64le s390x ) 33 | ARMS=( 6 7 ) 34 | 35 | for ARCH in ${ARCHS[@]}; do 36 | if [ "${ARCH}" = "arm" ]; then 37 | for V in ${ARMS[@]}; do 38 | echo "Building hysteria_linux_${ARCH}${V}" 39 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -trimpath -ldflags "${LDFLAGS} -X '${APP_SRC_CMD_PKG}.appPlatform=linux' -X '${APP_SRC_CMD_PKG}.appArch=${ARCH}'" -o ${cur_dir}/hysteria_linux_${ARCH}${V} ./app || exit 1 40 | done 41 | else 42 | echo "Building hysteria_linux_${ARCH}" 43 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -trimpath -ldflags "${LDFLAGS} -X '${APP_SRC_CMD_PKG}.appPlatform=linux' -X '${APP_SRC_CMD_PKG}.appArch=${ARCH}'" -o ${cur_dir}/hysteria_linux_${ARCH} ./app || exit 1 44 | fi 45 | done 46 | 47 | ARCHS=( 386 amd64 ) 48 | for ARCH in ${ARCHS[@]}; do 49 | echo "Building hysteria_windows_${ARCH}.exe" 50 | env CGO_ENABLED=0 GOOS=windows GOARCH=${ARCH} go build -v -trimpath -ldflags "${LDFLAGS} -X '${APP_SRC_CMD_PKG}.appPlatform=windows' -X '${APP_SRC_CMD_PKG}.appArch=${ARCH}'" -o ${cur_dir}/hysteria_windows_${ARCH}.exe ./app 51 | done 52 | 53 | chmod +x ${cur_dir}/hysteria_* 54 | # clean up 55 | cd ${cur_dir} && rm -fr hysteria 56 | -------------------------------------------------------------------------------- /docker/hysteria/cert.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIBhzCCAS2gAwIBAgIUdeX0JHrXkaZmqP1Mz3Zf2G/jpSYwCgYIKoZIzj0EAwIw 3 | GDEWMBQGA1UEAwwNd3d3LmJhaWR1LmNvbTAgFw0yMjA2MjIxMTA0NDRaGA8yMTIy 4 | MDUyOTExMDQ0NFowGDEWMBQGA1UEAwwNd3d3LmJhaWR1LmNvbTBZMBMGByqGSM49 5 | AgEGCCqGSM49AwEHA0IABFrHHjYyV1qmM1JqCpSWyjpDUbHPE8q9a/qJaM/CRgxI 6 | nqHHlxP/jobvBE4cCrh6oaSZ1xsC4GzsPJ/mOTFbWnGjUzBRMB0GA1UdDgQWBBSX 7 | JHqdgl1xasGZL4G3dpIaqjBCBzAfBgNVHSMEGDAWgBSXJHqdgl1xasGZL4G3dpIa 8 | qjBCBzAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIQCkJlvygG51 9 | DbKUFvlRofEkTa/wxKb5VdTMSM9mtl5erAIgTnExoE8QExf+Bo3Vp24Nhc3JXG8P 10 | UyovWYeLSyooH/s= 11 | -----END CERTIFICATE----- 12 | -------------------------------------------------------------------------------- /docker/hysteria/client.yaml: -------------------------------------------------------------------------------- 1 | server: "IP:8998" 2 | 3 | auth: your_password 4 | 5 | tls: 6 | sni: www.example.com 7 | 8 | socks5: 9 | listen: 127.0.0.1:1080 10 | -------------------------------------------------------------------------------- /docker/hysteria/hysteria.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for hysteria based alpine with Docker image 4 | # 5 | # Copyright (C) 2022 Teddysun 6 | # 7 | # Reference URL: 8 | # https://github.com/HyNetwork/hysteria 9 | 10 | PLATFORM=$1 11 | if [ -z "$PLATFORM" ]; then 12 | ARCH="amd64" 13 | else 14 | case "$PLATFORM" in 15 | linux/386) 16 | ARCH="386" 17 | ;; 18 | linux/amd64) 19 | ARCH="amd64" 20 | ;; 21 | linux/arm/v6) 22 | ARCH="arm6" 23 | ;; 24 | linux/arm/v7) 25 | ARCH="arm7" 26 | ;; 27 | linux/arm64|linux/arm64/v8) 28 | ARCH="arm64" 29 | ;; 30 | linux/ppc64le) 31 | ARCH="ppc64le" 32 | ;; 33 | linux/s390x) 34 | ARCH="s390x" 35 | ;; 36 | *) 37 | ARCH="" 38 | ;; 39 | esac 40 | fi 41 | [ -z "${ARCH}" ] && echo "Error: Not supported OS Architecture" && exit 1 42 | # Download binary file 43 | HYSTERIA_FILE="hysteria_linux_${ARCH}" 44 | 45 | echo "Downloading binary file: ${HYSTERIA_FILE}" 46 | wget -O /usr/bin/hysteria https://dl.lamp.sh/files/${HYSTERIA_FILE} > /dev/null 2>&1 47 | if [ $? -ne 0 ]; then 48 | echo "Error: Failed to download binary file: ${HYSTERIA_FILE}" && exit 1 49 | fi 50 | echo "Download binary file: ${HYSTERIA_FILE} completed" 51 | chmod +x /usr/bin/hysteria 52 | -------------------------------------------------------------------------------- /docker/hysteria/private.key: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BggqhkjOPQMBBw== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MHcCAQEEID1ebxNPwh/nuBj/QqFSg36K75lS0E+iMaPUkaa1J/JRoAoGCCqGSM49 6 | AwEHoUQDQgAEWsceNjJXWqYzUmoKlJbKOkNRsc8Tyr1r+oloz8JGDEieoceXE/+O 7 | hu8EThwKuHqhpJnXGwLgbOw8n+Y5MVtacQ== 8 | -----END EC PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /docker/hysteria/server.yaml: -------------------------------------------------------------------------------- 1 | listen: :8998 2 | 3 | tls: 4 | cert: /etc/hysteria/cert.crt 5 | key: /etc/hysteria/private.key 6 | 7 | auth: 8 | type: password 9 | password: your_password 10 | 11 | resolver: 12 | type: https 13 | https: 14 | addr: 8.8.8.8:443 15 | timeout: 10s 16 | -------------------------------------------------------------------------------- /docker/kms/.dockerignore: -------------------------------------------------------------------------------- 1 | .dockerignore 2 | README.md -------------------------------------------------------------------------------- /docker/kms/Dockerfile: -------------------------------------------------------------------------------- 1 | # Dockerfile for KMS Server 2 | # Copyright (C) 2018 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/Wind4/vlmcsd 5 | 6 | FROM alpine:latest AS builder 7 | WORKDIR /root 8 | RUN apk add --no-cache git make build-base && \ 9 | git clone --branch master --single-branch https://github.com/Wind4/vlmcsd.git && \ 10 | cd vlmcsd/ && \ 11 | make 12 | 13 | FROM alpine:latest 14 | LABEL maintainer="Teddysun " 15 | 16 | COPY --from=builder /root/vlmcsd/bin/vlmcsd /usr/bin/vlmcsd 17 | EXPOSE 1688 18 | CMD [ "/usr/bin/vlmcsd", "-D", "-e" ] 19 | -------------------------------------------------------------------------------- /docker/kms/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for KMS Server 2 | # Copyright (C) 2018 - 2020 Teddysun 3 | # Reference URL: 4 | # https://github.com/Wind4/vlmcsd 5 | 6 | FROM alpine:latest AS builder 7 | WORKDIR /root 8 | RUN apk add --no-cache git make build-base && \ 9 | git clone --branch master --single-branch https://github.com/Wind4/vlmcsd.git && \ 10 | cd vlmcsd/ && \ 11 | make 12 | 13 | FROM alpine:latest 14 | LABEL maintainer="Teddysun " 15 | 16 | COPY --from=builder /root/vlmcsd/bin/vlmcsd /usr/bin/vlmcsd 17 | EXPOSE 1688 18 | CMD [ "/usr/bin/vlmcsd", "-D", "-e" ] 19 | -------------------------------------------------------------------------------- /docker/kms/README.md: -------------------------------------------------------------------------------- 1 | ## KMS Server Docker Image by Teddysun 2 | 3 | This is A fully Microsoft compatible KMS server with Docker Image. 4 | 5 | vlmcsd is a fully Microsoft compatible KMS server that provides product activation services to clients. It is meant as a drop-in replacement for a Microsoft KMS server (Windows computer with KMS key entered). It currently supports KMS protocol versions 4, 5 and 6. 6 | 7 | vlmcsd is designed to run on POSIX compatible operating systens. It only requires a basic C library with a BSD-style sockets API and either `fork` or `pthreads`. That allows it to run on most embedded systems like routers, NASes, mobile phones, tablets, TVs, settop boxes, etc. Some efforts have been made that it also runs on Windows. 8 | 9 | ## Prepare the host 10 | 11 | Docker images are built for quick deployment in various computing cloud providers. 12 | For more information on docker and containerization technologies, refer to [official document][1]. 13 | 14 | If you need to install docker by yourself, follow the [official installation guide][2]. 15 | 16 | ## Pull the image 17 | 18 | ```bash 19 | $ docker pull teddysun/kms 20 | ``` 21 | 22 | This pulls the latest release of KMS Server. 23 | It can be found at [Docker Hub][3]. 24 | 25 | ## Start a container 26 | 27 | ```bash 28 | $ docker run -d -p 1688:1688 --name kms --restart=always teddysun/kms 29 | ``` 30 | 31 | **Note**: The TCP port number `1688` must be opened in firewall. 32 | 33 | [1]: https://docs.docker.com/ 34 | [2]: https://docs.docker.com/install/ 35 | [3]: https://hub.docker.com/r/teddysun/kms/ -------------------------------------------------------------------------------- /docker/l2tp/Dockerfile: -------------------------------------------------------------------------------- 1 | # Dockerfile for L2TP/IPSec VPN Server based alpine 2 | # Copyright (C) 2018 - 2019 Teddysun 3 | 4 | FROM alpine:edge 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN apk add --no-cache ca-certificates bash openssl libreswan xl2tpd \ 8 | && ipsec initnss \ 9 | && rm -rf /var/cache/apk/* 10 | 11 | COPY ipsec /etc/init.d/ipsec 12 | COPY l2tp.sh /usr/bin/l2tp 13 | COPY l2tpctl.sh /usr/bin/l2tpctl 14 | RUN chmod 755 /etc/init.d/ipsec /usr/bin/l2tp /usr/bin/l2tpctl 15 | 16 | VOLUME /lib/modules 17 | 18 | EXPOSE 500/udp 4500/udp 19 | 20 | CMD [ "l2tp" ] 21 | -------------------------------------------------------------------------------- /docker/l2tp/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for L2TP/IPSec VPN Server based alpine 2 | # Copyright (C) 2018 - 2020 Teddysun 3 | 4 | FROM --platform=$TARGETPLATFORM alpine:edge 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN apk add --no-cache ca-certificates bash openssl libreswan xl2tpd \ 8 | && ipsec initnss \ 9 | && rm -rf /var/cache/apk/* 10 | 11 | COPY ipsec /etc/init.d/ipsec 12 | COPY l2tp.sh /usr/bin/l2tp 13 | COPY l2tpctl.sh /usr/bin/l2tpctl 14 | RUN chmod 755 /etc/init.d/ipsec /usr/bin/l2tp /usr/bin/l2tpctl 15 | 16 | VOLUME /lib/modules 17 | 18 | EXPOSE 500/udp 4500/udp 19 | 20 | CMD [ "l2tp" ] 21 | -------------------------------------------------------------------------------- /docker/l2tp/README.md: -------------------------------------------------------------------------------- 1 | ## L2TP/IPsec VPN Server Docker Image by Teddysun 2 | 3 | Docker image to run a L2TP/IPsec VPN Server, with both `L2TP/IPsec PSK` and `IPSec Xauth PSK`. 4 | 5 | Based on Alpine with [libreswan-3.29 (IPsec VPN software)](https://pkgs.alpinelinux.org/package/edge/community/x86_64/libreswan) and [xl2tpd-1.3.15 (L2TP daemon)](https://pkgs.alpinelinux.org/package/edge/main/x86_64/xl2tpd). 6 | 7 | Docker images are built for quick deployment in various computing cloud providers. 8 | 9 | For more information on docker and containerization technologies, refer to [official document][1]. 10 | 11 | ## Prepare the host 12 | 13 | If you need to install docker by yourself, follow the [official installation guide][2]. 14 | 15 | ## Pull the image 16 | 17 | ```bash 18 | $ docker pull teddysun/l2tp 19 | ``` 20 | 21 | This pulls the latest release of L2TP/IPsec VPN Server. 22 | It can be found at [Docker Hub][3]. 23 | 24 | ## Start a container 25 | 26 | You **must create a environment file** `/etc/l2tp.env` in host at first, and sample value is below: 27 | 28 | ``` 29 | VPN_IPSEC_PSK=teddysun.com 30 | VPN_USER=vpnuser 31 | VPN_PASSWORD=vpnpassword 32 | VPN_PUBLIC_IP= 33 | VPN_L2TP_NET= 34 | VPN_L2TP_LOCAL= 35 | VPN_L2TP_REMOTE= 36 | VPN_XAUTH_NET= 37 | VPN_XAUTH_REMOTE= 38 | VPN_DNS1= 39 | VPN_DNS2= 40 | VPN_SHA2_TRUNCBUG= 41 | ``` 42 | 43 | This will create a default user account for L2TP/IPsec VPN login, which can be used by your **multiple devices**. 44 | 45 | The IPSec PSK (pre-shared key) is specified by the `VPN_IPSEC_PSK`. 46 | 47 | The **default username** is specified in `VPN_USER`. 48 | 49 | The **default password** is specified in `VPN_PASSWORD`. 50 | 51 | If your VPS has multiple public IP addresses, maybe public IP need to specified in `VPN_PUBLIC_IP`. 52 | 53 | If you want to specify a other private network, maybe need to specified in `VPN_L2TP_NET` (default `192.168.18.0/24`). 54 | 55 | If you want to specify a other private network, maybe need to specified in `VPN_XAUTH_NET` (default `192.168.20.0/24`). 56 | 57 | If you want to specify a `local ip` for `xl2tpd.conf`, maybe need to specified in `VPN_L2TP_LOCAL` (default `192.168.18.1`). 58 | 59 | If you want to specify a `ip range` for `xl2tpd.conf`, maybe need to specified in `VPN_L2TP_REMOTE` (default `192.168.18.10-192.168.18.250`). 60 | 61 | If you want to specify a `rightaddresspool` for `ipsec.conf`, maybe need to specified in `VPN_XAUTH_REMOTE` (default `192.168.20.10-192.168.20.250`). 62 | 63 | If you want to specify a other DNS servers, maybe need to specified in `VPN_DNS1` and `VPN_DNS2` (default `8.8.8.8`, `8.8.4.4`). 64 | 65 | **Android 6 and 7 users**: If you encounter connection issues, you may set `sha2-truncbug=yes` (default is no) in `/etc/ipsec.conf` by adding `VPN_SHA2_TRUNCBUG=yes` to `/etc/l2tp.env` file, then re-create the Docker container. 66 | 67 | There is an example to start a container: 68 | 69 | ```bash 70 | $ docker run -d --privileged -p 500:500/udp -p 4500:4500/udp --name l2tp --restart=always --env-file /etc/l2tp.env -v /lib/modules:/lib/modules teddysun/l2tp 71 | ``` 72 | 73 | **Warning**: The UDP port number `500` and `4500` must be opened in firewall. 74 | 75 | ## Check container details 76 | 77 | If you want to view the container logs: 78 | 79 | ```bash 80 | $ docker logs l2tp 81 | ``` 82 | 83 | Output log like below: 84 | 85 | ``` 86 | L2TP/IPsec VPN Server with the Username and Password is below: 87 | 88 | Server IP: Your Server public IP 89 | IPSec PSK: IPSec PSK (pre-shared key) 90 | Username : VPN username 91 | Password : VPN password 92 | 93 | Redirecting to: /etc/init.d/ipsec start 94 | Starting pluto IKE daemon for IPsec: Initializing NSS database 95 | 96 | xl2tpd[1]: Not looking for kernel SAref support. 97 | xl2tpd[1]: Using l2tp kernel support. 98 | xl2tpd[1]: xl2tpd version xl2tpd-1.3.15 started on 1d20eaecd9f2 PID:1 99 | xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. 100 | xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 101 | xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 102 | xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016 103 | xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 104 | ``` 105 | 106 | To check the status of your L2TP/IPSec VPN server, you can confirm `ipsec status` to your container like below: 107 | 108 | ```bash 109 | $ docker exec -it l2tp ipsec status 110 | ``` 111 | 112 | ## Manage VPN Users 113 | 114 | If you want to add, modify or remove user accounts, please do it simple like below: 115 | 116 | ### List all users 117 | 118 | ```bash 119 | $ docker exec -it l2tp l2tpctl -l 120 | ``` 121 | 122 | ### Add a user 123 | 124 | ```bash 125 | $ docker exec -it l2tp l2tpctl -a 126 | ``` 127 | 128 | ### Delete a user 129 | 130 | ```bash 131 | $ docker exec -it l2tp l2tpctl -d 132 | ``` 133 | 134 | ### Modify a user password 135 | 136 | ```bash 137 | $ docker exec -it l2tp l2tpctl -m 138 | ``` 139 | 140 | ### Print Libreswan & xl2tpd version 141 | 142 | ```bash 143 | $ docker exec -it l2tp l2tpctl -v 144 | ``` 145 | 146 | ### Print help information 147 | 148 | ```bash 149 | $ docker exec -it l2tp l2tpctl -h 150 | ``` 151 | 152 | 153 | [1]: https://docs.docker.com/ 154 | [2]: https://docs.docker.com/install/ 155 | [3]: https://hub.docker.com/r/teddysun/l2tp/ -------------------------------------------------------------------------------- /docker/l2tp/ipsec: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # IPsec startup and shutdown script 3 | # 4 | ### BEGIN INIT INFO 5 | # Provides: ipsec 6 | # Required-Start: $network $remote_fs $syslog $named 7 | # Required-Stop: $syslog $remote_fs 8 | # Default-Start: 9 | # Default-Stop: 0 1 6 10 | # Short-Description: Start Libreswan IPsec at boot time 11 | # Description: Enable automatic key management for IPsec (KLIPS and NETKEY) 12 | ### END INIT INFO 13 | # 14 | ### see https://bugzilla.redhat.com/show_bug.cgi?id=636572 15 | ### Debian and Fedora interpret the LSB differently for Default-Start: 16 | 17 | # Copyright (C) 1998, 1999, 2001 Henry Spencer. 18 | # Copyright (C) 2002 Michael Richardson 19 | # Copyright (C) 2006 Michael Richardson 20 | # Copyright (C) 2008 Michael Richardson 21 | # Copyright (C) 2008-2015 Tuomo Soini 22 | # Copyright (C) 2012 Paul Wouters 23 | # 24 | # This program is free software; you can redistribute it and/or modify it 25 | # under the terms of the GNU General Public License as published by the 26 | # Free Software Foundation; either version 2 of the License, or (at your 27 | # option) any later version. See . 28 | # 29 | # This program is distributed in the hope that it will be useful, but 30 | # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 31 | # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 32 | # for more details. 33 | # 34 | # ipsec sysv style init.d script for starting and stopping 35 | # the IPsec security subsystem (KLIPS and Pluto). 36 | # 37 | # This script becomes /etc/init.d/ipsec 38 | # and is also accessible as "ipsec setup" 39 | # 40 | # The startup and shutdown times are a difficult compromise (in particular, 41 | # it is almost impossible to reconcile them with the insanely early/late 42 | # times of NFS filesystem startup/shutdown). Startup is after startup of 43 | # syslog and pcmcia support; shutdown is just before shutdown of syslog. 44 | # 45 | # chkconfig: - 47 76 46 | # description: IPsec provides encrypted and authenticated communications; \ 47 | # NETKEY/KLIPS is the kernel half of it, Pluto is the user-level management daemon. 48 | 49 | test ${IPSEC_INIT_SCRIPT_DEBUG} && set -v -x 50 | 51 | # Source function library. 52 | if [ -f /etc/init.d/functions ]; then 53 | . /etc/init.d/functions 54 | elif [ -f /lib/lsb/init-functions ]; then 55 | . /lib/lsb/init-functions 56 | fi 57 | 58 | # Check that networking is up. 59 | [ "${NETWORKING}" = "no" ] && exit 6 60 | 61 | if [ $(id -u) -ne 0 ]; then 62 | echo "permission denied (must be superuser)" | \ 63 | logger -s -p daemon.error -t ipsec_setup 2>&1 64 | exit 4 65 | fi 66 | 67 | if [ $(ip addr list | grep -c cipsec) -ne 0 ]; then 68 | echo "Cisco IPsec client is already loaded, aborting! (cipsec# device found)" 69 | exit 1 70 | fi 71 | 72 | # where the private directory and the config files are 73 | IPSEC_CONF="${IPSEC_CONF:-/etc/ipsec.conf}" 74 | IPSEC_EXECDIR="${IPSEC_EXECDIR:-/usr/libexec/ipsec}" 75 | IPSEC_SBINDIR="${IPSEC_SBINDIR:-/usr/sbin}" 76 | unset PLUTO_OPTIONS 77 | 78 | rundir=/run/pluto 79 | plutopid=${rundir}/pluto.pid 80 | plutoctl=${rundir}/pluto.ctl 81 | lockdir=/var/lock/subsys 82 | lockfile=${lockdir}/ipsec 83 | 84 | # /etc/resolv.conf related paths 85 | LIBRESWAN_RESOLV_CONF=${rundir}/libreswan-resolv-conf-backup 86 | ORIG_RESOLV_CONF=/etc/resolv.conf 87 | 88 | # there is some confusion over the name - just do both 89 | [ -f /etc/sysconfig/ipsec ] && . /etc/sysconfig/ipsec 90 | [ -f /etc/sysconfig/pluto ] && . /etc/sysconfig/pluto 91 | 92 | # misc setup 93 | umask 022 94 | 95 | # standardize PATH, and export it for everything else's benefit 96 | PATH="${IPSEC_SBINDIR}:/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin" 97 | export PATH 98 | 99 | mkdir -p ${rundir} 100 | chmod 700 ${rundir} 101 | 102 | verify_config() { 103 | [ -f ${IPSEC_CONF} ] || exit 6 104 | 105 | config_error=$(ipsec addconn --config ${IPSEC_CONF} --checkconfig 2>&1) 106 | RETVAL=$? 107 | if [ ${RETVAL} -gt 0 ]; then 108 | echo "Configuration error - the following error occurred:" 109 | echo ${config_error} 110 | echo "IKE daemon status was not modified" 111 | exit ${RETVAL} 112 | fi 113 | } 114 | 115 | start() { 116 | echo -n "Starting pluto IKE daemon for IPsec: " 117 | ipsec _stackmanager start 118 | 119 | # pluto searches the current directory, so this is required for making it selinux compliant 120 | cd / 121 | # Create nss db or convert from old format to new sql format 122 | ipsec --checknss 123 | # Enable nflog if configured 124 | ipsec --checknflog > /dev/null 125 | # This script will enter an endless loop to ensure pluto restarts on crash 126 | ipsec _plutorun --config ${IPSEC_CONF} --nofork ${PLUTO_OPTIONS} & 127 | [ -d ${lockdir} ] || mkdir -p ${lockdir} 128 | touch ${lockfile} 129 | # Because _plutorun starts pluto at background we need to make sure pluto is started 130 | # before we know if start was successful or not 131 | for waitsec in 1 2 3 4 5; do 132 | if status >/dev/null; then 133 | RETVAL=0 134 | break 135 | else 136 | echo -n "." 137 | sleep 1 138 | RETVAL=1 139 | fi 140 | done 141 | if [ ${RETVAL} -ge 1 ]; then 142 | rm -f ${lockfile} 143 | fi 144 | echo 145 | if [ -f /usr/libexec/ipsec/portexcludes ] ; then 146 | /usr/libexec/ipsec/portexcludes 147 | fi 148 | return ${RETVAL} 149 | } 150 | 151 | 152 | stop() { 153 | if [ -e ${plutoctl} ]; then 154 | echo "Shutting down pluto IKE daemon" 155 | ipsec whack --shutdown 2>/dev/null 156 | # don't use seq, might not exist on embedded 157 | for waitsec in 1 2 3 4 5 6 7 8 9 10; do 158 | if [ -s ${plutopid} ]; then 159 | echo -n "." 160 | sleep 1 161 | else 162 | break 163 | fi 164 | done 165 | echo 166 | rm -f ${plutoctl} # we won't be using this anymore 167 | fi 168 | if [ -s ${plutopid} ]; then 169 | # pluto did not die peacefully 170 | pid=$(cat ${plutopid}) 171 | if [ -d /proc/${pid} ]; then 172 | kill -TERM ${pid} 173 | RETVAL=$? 174 | sleep 5; 175 | if [ -d /proc/${pid} ]; then 176 | kill -KILL ${pid} 177 | RETVAL=$? 178 | fi 179 | if [ ${RETVAL} -ne 0 ]; then 180 | echo "Kill failed - removing orphaned ${plutopid}" 181 | fi 182 | else 183 | echo "Removing orphaned ${plutopid}" 184 | fi 185 | rm -f ${plutopid} 186 | fi 187 | 188 | ipsec _stackmanager stop 189 | ipsec --stopnflog > /dev/null 190 | 191 | # cleaning up backup resolv.conf 192 | if [ -e ${LIBRESWAN_RESOLV_CONF} ]; then 193 | if grep 'Libreswan' ${ORIG_RESOLV_CONF} > /dev/null 2>&1; then 194 | cp ${LIBRESWAN_RESOLV_CONF} ${ORIG_RESOLV_CONF} 195 | fi 196 | rm -f ${LIBRESWAN_RESOLV_CONF} 197 | fi 198 | 199 | rm -f ${lockfile} 200 | return ${RETVAL} 201 | } 202 | 203 | restart() { 204 | verify_config 205 | stop 206 | start 207 | return $? 208 | } 209 | 210 | status() { 211 | local RC 212 | if [ -f ${plutopid} ]; then 213 | if [ -r ${plutopid} ]; then 214 | pid=$(cat ${plutopid}) 215 | if [ -n "$pid" -a -d /proc/${pid} ]; then 216 | RC=0 # running 217 | else 218 | RC=1 # not running but pid exists 219 | fi 220 | else 221 | RC=4 # insufficient privileges 222 | fi 223 | fi 224 | if [ -z "${RC}" ]; then 225 | if [ -f ${lockfile} ]; then 226 | RC=2 227 | else 228 | RC=3 229 | fi 230 | fi 231 | case "${RC}" in 232 | 0) 233 | echo "ipsec: pluto (pid ${pid}) is running..." 234 | return 0 235 | ;; 236 | 1) 237 | echo "ipsec: pluto dead but pid file exits" 238 | return 1 239 | ;; 240 | 2) 241 | echo "ipsec: pluto dead but subsys locked" 242 | return 2 243 | ;; 244 | 4) 245 | echo "ipsec: pluto status unknown due to insufficient privileges." 246 | return 4 247 | ;; 248 | esac 249 | echo "ipsec: pluto is stopped" 250 | return 3 251 | } 252 | 253 | condrestart() { 254 | verify_config 255 | RETVAL=$? 256 | if [ -f ${lockfile} ]; then 257 | restart 258 | RETVAL=$? 259 | fi 260 | return ${RETVAL} 261 | } 262 | 263 | version() { 264 | ipsec version 265 | return $? 266 | } 267 | 268 | 269 | # do it 270 | case "$1" in 271 | start) 272 | start 273 | RETVAL=$? 274 | ;; 275 | stop) 276 | stop 277 | RETVAL=$? 278 | ;; 279 | restart) 280 | restart 281 | RETVAL=$? 282 | ;; 283 | reload|force-reload) 284 | restart 285 | RETVAL=$? 286 | ;; 287 | condrestart|try-restart) 288 | condrestart 289 | RETVAL=$? 290 | ;; 291 | status) 292 | status 293 | RETVAL=$? 294 | ${IPSEC_EXECDIR}/whack --status 2>/dev/null | grep Total | sed 's/^000\ Total\ //' 295 | ;; 296 | version) 297 | version 298 | RETVAL=$? 299 | ;; 300 | *) 301 | echo "Usage: $0 {start|stop|restart|reload|force-reload|condrestart|try-restart|status|version}" 302 | RETVAL=2 303 | esac 304 | 305 | exit ${RETVAL} 306 | -------------------------------------------------------------------------------- /docker/l2tp/l2tp.env: -------------------------------------------------------------------------------- 1 | # This file is part of L2TP/IPSec VPN Server Docker image. 2 | # Define your own values for these environment variables. 3 | # DO NOT put "" or '' around values, or add space around = 4 | # DO NOT use these special characters within values: \ " ' 5 | 6 | VPN_IPSEC_PSK=teddysun.com 7 | VPN_USER=vpnuser 8 | VPN_PASSWORD=vpnpassword 9 | VPN_PUBLIC_IP= 10 | VPN_L2TP_NET= 11 | VPN_L2TP_LOCAL= 12 | VPN_L2TP_REMOTE= 13 | VPN_XAUTH_NET= 14 | VPN_XAUTH_REMOTE= 15 | VPN_DNS1= 16 | VPN_DNS2= 17 | VPN_SHA2_TRUNCBUG= 18 | -------------------------------------------------------------------------------- /docker/l2tp/l2tp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | # 5 | # This is a Shell script for configure and start L2TP/IPSec VPN server with Docker image 6 | # 7 | # Copyright (C) 2018 - 2019 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/libreswan/libreswan 11 | # https://github.com/xelerance/xl2tpd 12 | 13 | if [ ! -f "/.dockerenv" ]; then 14 | echo "Error: This script must be run in a Docker container." >&2 15 | exit 1 16 | fi 17 | 18 | if ip link add dummy0 type dummy 2>&1 | grep -q "not permitted"; then 19 | echo "Error: This Docker image must be run in privileged mode." >&2 20 | exit 1 21 | fi 22 | 23 | ip link delete dummy0 >/dev/null 2>&1 24 | 25 | rand(){ 26 | str=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1) 27 | echo ${str} 28 | } 29 | 30 | is_64bit(){ 31 | if [ "$(getconf WORD_BIT)" = "32" ] && [ "$(getconf LONG_BIT)" = "64" ]; then 32 | return 0 33 | else 34 | return 1 35 | fi 36 | } 37 | 38 | # Environment file name 39 | l2tp_env_file="/etc/l2tp.env" 40 | # Auto generated 41 | if [ -z "${VPN_IPSEC_PSK}" ] && [ -z "${VPN_USER}" ] && [ -z "${VPN_PASSWORD}" ]; then 42 | if [ -f "${l2tp_env_file}" ]; then 43 | echo "Loading previously generated environment variables for L2TP/IPSec VPN Server..." 44 | . "${l2tp_env_file}" 45 | else 46 | echo "L2TP/IPSec VPN Server environment variables is not set. Use default environment variables..." 47 | VPN_IPSEC_PSK="teddysun.com" 48 | VPN_USER="vpnuser" 49 | VPN_PASSWORD="$(rand)" 50 | echo "VPN_IPSEC_PSK=${VPN_IPSEC_PSK}" > ${l2tp_env_file} 51 | echo "VPN_USER=${VPN_USER}" >> ${l2tp_env_file} 52 | echo "VPN_PASSWORD=${VPN_PASSWORD}" >> ${l2tp_env_file} 53 | chmod 600 ${l2tp_env_file} 54 | fi 55 | fi 56 | 57 | # Environment variables: 58 | # VPN_IPSEC_PSK 59 | # VPN_USER 60 | # VPN_PASSWORD 61 | if [ -z "${VPN_IPSEC_PSK}" ] || [ -z "${VPN_USER}" ] || [ -z "${VPN_PASSWORD}" ]; then 62 | echo "Error: Environment variables must be specified. please edit your environment file and retry again." >&2 63 | exit 1 64 | fi 65 | 66 | if printf '%s' "${VPN_IPSEC_PSK} ${VPN_USER} ${VPN_PASSWORD}" | LC_ALL=C grep -q '[^ -~]\+'; then 67 | echo "Error: Environment variables must not contain non-ASCII characters." >&2 68 | exit 1 69 | fi 70 | 71 | case "${VPN_IPSEC_PSK} ${VPN_USER} ${VPN_PASSWORD}" in 72 | *[\\\"\']*) 73 | echo "Error: Environment variables must not contain these special characters like: \\ \" '" 74 | exit 1 75 | ;; 76 | esac 77 | 78 | # Environment variables: 79 | # VPN_PUBLIC_IP 80 | PUBLIC_IP=${VPN_PUBLIC_IP:-''} 81 | 82 | [ -z "${PUBLIC_IP}" ] && PUBLIC_IP=$( wget -qO- -t1 -T2 ipv4.icanhazip.com ) 83 | [ -z "${PUBLIC_IP}" ] && PUBLIC_IP=$( wget -qO- -t1 -T2 ipinfo.io/ip ) 84 | 85 | # Environment variables: 86 | # VPN_L2TP_NET 87 | # VPN_L2TP_LOCAL 88 | # VPN_L2TP_REMOTE 89 | # VPN_XAUTH_NET 90 | # VPN_XAUTH_REMOTE 91 | # VPN_DNS1 92 | # VPN_DNS2 93 | # VPN_SHA2_TRUNCBUG 94 | L2TP_NET=${VPN_L2TP_NET:-'192.168.18.0/24'} 95 | L2TP_LOCAL=${VPN_L2TP_LOCAL:-'192.168.18.1'} 96 | L2TP_REMOTE=${VPN_L2TP_REMOTE:-'192.168.18.10-192.168.18.250'} 97 | XAUTH_NET=${VPN_XAUTH_NET:-'192.168.20.0/24'} 98 | XAUTH_REMOTE=${VPN_XAUTH_REMOTE:-'192.168.20.10-192.168.20.250'} 99 | DNS1=${VPN_DNS1:-'8.8.8.8'} 100 | DNS2=${VPN_DNS2:-'8.8.4.4'} 101 | 102 | case ${VPN_SHA2_TRUNCBUG} in 103 | [yY][eE][sS]) 104 | SHA2_TRUNCBUG=yes 105 | ;; 106 | *) 107 | SHA2_TRUNCBUG=no 108 | ;; 109 | esac 110 | 111 | # Create IPSec config 112 | cat > /etc/ipsec.conf < /etc/xl2tpd/xl2tpd.conf < /etc/ppp/options.xl2tpd < /etc/ipsec.secrets </dev/null; then 198 | cat > /etc/ppp/chap-secrets </dev/null; then 205 | cat > /etc/ipsec.d/passwd < 8 | # 9 | # Reference URL: 10 | # https://github.com/libreswan/libreswan 11 | # https://github.com/xelerance/xl2tpd 12 | 13 | rand(){ 14 | str=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1) 15 | echo ${str} 16 | } 17 | 18 | list_users(){ 19 | if [ ! -f /etc/ppp/chap-secrets ];then 20 | echo "Error: /etc/ppp/chap-secrets file not found." 21 | exit 1 22 | fi 23 | local line="+-------------------------------------------+\n" 24 | local string=%20s 25 | printf "${line}|${string} |${string} |\n${line}" Username Password 26 | grep -v "^#" /etc/ppp/chap-secrets | awk '{printf "|'${string}' |'${string}' |\n", $1,$3}' 27 | printf ${line} 28 | } 29 | 30 | add_user(){ 31 | while : 32 | do 33 | read -p "Please enter Username:" user 34 | if [ -z ${user} ]; then 35 | echo "Username can not be empty" 36 | else 37 | grep -w "${user}" /etc/ppp/chap-secrets > /dev/null 2>&1 38 | if [ $? -eq 0 ];then 39 | echo "Username (${user}) already exists. Please re-enter your username." 40 | else 41 | break 42 | fi 43 | fi 44 | done 45 | pass="$(rand)" 46 | echo "Please enter ${user}'s password:" 47 | read -p "(Default Password: ${pass}):" tmppass 48 | [ ! -z ${tmppass} ] && pass=${tmppass} 49 | pass_enc=$(openssl passwd -1 "${pass}") 50 | echo "${user} l2tpd ${pass} *" >> /etc/ppp/chap-secrets 51 | echo "${user}:${pass_enc}:xauth-psk" >> /etc/ipsec.d/passwd 52 | echo "Username (${user}) add completed." 53 | } 54 | 55 | del_user(){ 56 | while : 57 | do 58 | read -p "Please enter Username you want to delete it:" user 59 | if [ -z ${user} ]; then 60 | echo "Username can not be empty" 61 | else 62 | grep -w "${user}" /etc/ppp/chap-secrets >/dev/null 2>&1 63 | if [ $? -eq 0 ];then 64 | break 65 | else 66 | echo "Username (${user}) is not exists. Please re-enter your username." 67 | fi 68 | fi 69 | done 70 | sed -i "/^\<${user}\>/d" /etc/ppp/chap-secrets 71 | sed -i "/^\<${user}\>/d" /etc/ipsec.d/passwd 72 | echo "Username (${user}) delete completed." 73 | } 74 | 75 | mod_user(){ 76 | while : 77 | do 78 | read -p "Please enter Username you want to change password:" user 79 | if [ -z ${user} ]; then 80 | echo "Username can not be empty" 81 | else 82 | grep -w "${user}" /etc/ppp/chap-secrets >/dev/null 2>&1 83 | if [ $? -eq 0 ];then 84 | break 85 | else 86 | echo "Username (${user}) is not exists. Please re-enter your username." 87 | fi 88 | fi 89 | done 90 | pass="$(rand)" 91 | echo "Please enter ${user}'s new password:" 92 | read -p "(Default Password: ${pass}):" tmppass 93 | [ ! -z ${tmppass} ] && pass=${tmppass} 94 | pass_enc=$(openssl passwd -1 "${pass}") 95 | sed -i "/^\<${user}\>/d" /etc/ppp/chap-secrets 96 | sed -i "/^\<${user}\>/d" /etc/ipsec.d/passwd 97 | echo "${user} l2tpd ${pass} *" >> /etc/ppp/chap-secrets 98 | echo "${user}:${pass_enc}:xauth-psk" >> /etc/ipsec.d/passwd 99 | echo "Username ${user}'s password has been changed." 100 | } 101 | 102 | get_version(){ 103 | ipsec --version 104 | xl2tpd --version 105 | } 106 | 107 | action=$1 108 | case ${action} in 109 | -l|--list) 110 | list_users 111 | ;; 112 | -a|--add) 113 | add_user 114 | ;; 115 | -d|--del) 116 | del_user 117 | ;; 118 | -m|--mod) 119 | mod_user 120 | ;; 121 | -v|--version) 122 | get_version 123 | ;; 124 | -h|--help) 125 | echo "Usage: `basename $0` -l,--list List all users" 126 | echo " `basename $0` -a,--add Add a user" 127 | echo " `basename $0` -d,--del Delete a user" 128 | echo " `basename $0` -m,--mod Modify a user password" 129 | echo " `basename $0` -v,--version Print program version" 130 | echo " `basename $0` -h,--help Print this help information" 131 | ;; 132 | *) 133 | echo "Usage: `basename $0` [-l,--list|-a,--add|-d,--del|-m,--mod|-v,--version|-h,--help]" && exit 134 | ;; 135 | esac 136 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.fedora37: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2023 Teddysun 3 | 4 | FROM fedora:37 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y yum-utils && \ 8 | dnf install -y tar wget git tree gcc gcc-c++ vim automake \ 9 | sudo net-tools make cmake zstd libzstd chkconfig libtool \ 10 | bash coreutils diffutils patch ca-certificates pcre-devel \ 11 | rpm-build rpm-devel rpmlint rpmdevtools ncurses which procps \ 12 | asciidoc audit-libs-devel binutils-devel flex jq gettext mbedtls-devel \ 13 | libcap-devel newt-devel pciutils-devel perl-generators c-ares-devel libev-devel \ 14 | python3 python3-devel python3-docutils rsync xmlto bc bison libsodium-devel \ 15 | java-devel ncurses-devel numactl-devel openssl-devel perl-devel \ 16 | bpftool dwarves gcc-plugin-devel glibc-static hmaccalc kernel-rpm-macros \ 17 | libbabeltrace-devel libbpf-devel libcap-ng-devel libnl3-devel libtraceevent-devel \ 18 | elfutils-devel xz-devel perl-ExtUtils-Embed && \ 19 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 20 | 21 | RUN useradd builder -u 1000 -m -G users,wheel && \ 22 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 23 | echo "# macros" > /home/builder/.rpmmacros && \ 24 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 25 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 26 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 27 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "set enable-bracketed-paste off" >> /etc/inputrc && \ 31 | mkdir -p /home/builder/rpmbuild && \ 32 | chown -R builder /home/builder 33 | 34 | USER builder 35 | VOLUME /home/builder 36 | WORKDIR /home/builder/rpmbuild 37 | CMD ["/bin/bash"] 38 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.fedora38: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2023 Teddysun 3 | 4 | FROM fedora:38 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y yum-utils && \ 8 | dnf install -y tar wget git tree gcc gcc-c++ vim automake \ 9 | sudo net-tools make cmake zstd libzstd chkconfig libtool \ 10 | bash coreutils diffutils patch ca-certificates pcre-devel \ 11 | rpm-build rpm-devel rpmlint rpmdevtools ncurses which procps \ 12 | asciidoc audit-libs-devel binutils-devel flex jq gettext mbedtls-devel \ 13 | libcap-devel newt-devel pciutils-devel perl-generators c-ares-devel libev-devel \ 14 | python3 python3-devel python3-docutils rsync xmlto bc bison libsodium-devel \ 15 | java-devel ncurses-devel numactl-devel openssl-devel perl-devel \ 16 | bpftool dwarves gcc-plugin-devel glibc-static hmaccalc kernel-rpm-macros \ 17 | libbabeltrace-devel libbpf-devel libcap-ng-devel libnl3-devel libtraceevent-devel \ 18 | elfutils-devel xz-devel perl-ExtUtils-Embed && \ 19 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 20 | 21 | RUN useradd builder -u 1000 -m -G users,wheel && \ 22 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 23 | echo "# macros" > /home/builder/.rpmmacros && \ 24 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 25 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 26 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 27 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "set enable-bracketed-paste off" >> /etc/inputrc && \ 31 | mkdir -p /home/builder/rpmbuild && \ 32 | chown -R builder /home/builder 33 | 34 | USER builder 35 | VOLUME /home/builder 36 | WORKDIR /home/builder/rpmbuild 37 | CMD ["/bin/bash"] 38 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.fedora39: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2023 Teddysun 3 | 4 | FROM fedora:39 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y yum-utils && \ 8 | dnf install -y tar wget git tree gcc gcc-c++ vim automake \ 9 | sudo net-tools make cmake zstd libzstd chkconfig libtool \ 10 | bash coreutils diffutils patch ca-certificates pcre-devel \ 11 | rpm-build rpm-devel rpmlint rpmdevtools ncurses which procps \ 12 | asciidoc audit-libs-devel binutils-devel flex jq gettext mbedtls-devel \ 13 | libcap-devel newt-devel pciutils-devel perl-generators c-ares-devel libev-devel \ 14 | python3 python3-devel python3-docutils rsync xmlto bc bison libsodium-devel \ 15 | java-devel ncurses-devel numactl-devel openssl-devel perl-devel \ 16 | bpftool dwarves gcc-plugin-devel glibc-static hmaccalc kernel-rpm-macros \ 17 | libbabeltrace-devel libbpf-devel libcap-ng-devel libnl3-devel libtraceevent-devel \ 18 | elfutils-devel xz-devel perl-ExtUtils-Embed && \ 19 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 20 | 21 | RUN useradd builder -u 1000 -m -G users,wheel && \ 22 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 23 | echo "# macros" > /home/builder/.rpmmacros && \ 24 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 25 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 26 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 27 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "set enable-bracketed-paste off" >> /etc/inputrc && \ 31 | mkdir -p /home/builder/rpmbuild && \ 32 | chown -R builder /home/builder 33 | 34 | USER builder 35 | VOLUME /home/builder 36 | WORKDIR /home/builder/rpmbuild 37 | CMD ["/bin/bash"] 38 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.fedora40: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2024 Teddysun 3 | 4 | FROM fedora:40 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y yum-utils && \ 8 | dnf install -y tar wget git tree gcc gcc-c++ vim automake \ 9 | sudo net-tools make cmake zstd libzstd chkconfig libtool \ 10 | bash coreutils diffutils patch ca-certificates pcre-devel \ 11 | rpm-build rpm-devel rpmlint rpmdevtools ncurses which procps \ 12 | asciidoc audit-libs-devel binutils-devel flex jq gettext mbedtls-devel \ 13 | libcap-devel newt-devel pciutils-devel perl-generators c-ares-devel libev-devel \ 14 | python3 python3-devel python3-docutils rsync xmlto bc bison libsodium-devel \ 15 | java-devel ncurses-devel numactl-devel openssl-devel perl-devel \ 16 | bpftool dwarves gcc-plugin-devel glibc-static hmaccalc kernel-rpm-macros \ 17 | libbabeltrace-devel libbpf-devel libcap-ng-devel libnl3-devel libtraceevent-devel \ 18 | elfutils-devel xz-devel perl-ExtUtils-Embed && \ 19 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 20 | 21 | RUN useradd builder -u 1000 -m -G users,wheel && \ 22 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 23 | echo "# macros" > /home/builder/.rpmmacros && \ 24 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 25 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 26 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 27 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "set enable-bracketed-paste off" >> /etc/inputrc && \ 31 | mkdir -p /home/builder/rpmbuild && \ 32 | chown -R builder /home/builder 33 | 34 | USER builder 35 | VOLUME /home/builder 36 | WORKDIR /home/builder/rpmbuild 37 | CMD ["/bin/bash"] 38 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.fedora41: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2024 Teddysun 3 | 4 | FROM fedora:41 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y yum-utils && \ 8 | dnf install -y tar wget git tree gcc gcc-c++ vim automake \ 9 | sudo net-tools make cmake zstd libzstd chkconfig libtool \ 10 | bash coreutils diffutils patch ca-certificates pcre-devel \ 11 | rpm-build rpm-devel rpmlint rpmdevtools ncurses which procps \ 12 | asciidoc audit-libs-devel binutils-devel flex jq gettext mbedtls-devel \ 13 | libcap-devel newt-devel pciutils-devel perl-generators c-ares-devel libev-devel \ 14 | python3 python3-devel python3-docutils rsync xmlto bc bison libsodium-devel \ 15 | java-devel ncurses-devel numactl-devel openssl-devel perl-devel \ 16 | bpftool dwarves gcc-plugin-devel glibc-static hmaccalc kernel-rpm-macros \ 17 | libbabeltrace-devel libbpf-devel libcap-ng-devel libnl3-devel libtraceevent-devel \ 18 | elfutils-devel xz-devel perl-ExtUtils-Embed && \ 19 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 20 | 21 | RUN useradd builder -u 1000 -m -G users,wheel && \ 22 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 23 | echo "# macros" > /home/builder/.rpmmacros && \ 24 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 25 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 26 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 27 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "set enable-bracketed-paste off" >> /etc/inputrc && \ 31 | mkdir -p /home/builder/rpmbuild && \ 32 | chown -R builder /home/builder 33 | 34 | USER builder 35 | VOLUME /home/builder 36 | WORKDIR /home/builder/rpmbuild 37 | CMD ["/bin/bash"] 38 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.fedora42: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2025 Teddysun 3 | 4 | FROM fedora:42 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y yum-utils && \ 8 | dnf install -y tar wget git tree gcc gcc-c++ vim automake \ 9 | sudo net-tools make cmake zstd libzstd chkconfig libtool \ 10 | bash coreutils diffutils patch ca-certificates pcre-devel \ 11 | rpm-build rpm-devel rpmlint rpmdevtools ncurses which procps \ 12 | asciidoc audit-libs-devel binutils-devel flex jq gettext mbedtls-devel \ 13 | libcap-devel newt-devel pciutils-devel perl-generators c-ares-devel libev-devel \ 14 | python3 python3-devel python3-docutils rsync xmlto bc bison libsodium-devel \ 15 | java-devel ncurses-devel numactl-devel openssl-devel perl-devel \ 16 | bpftool dwarves gcc-plugin-devel glibc-static hmaccalc kernel-rpm-macros \ 17 | libbabeltrace-devel libbpf-devel libcap-ng-devel libnl3-devel libtraceevent-devel \ 18 | elfutils-devel xz-devel perl-ExtUtils-Embed && \ 19 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 20 | 21 | RUN useradd builder -u 1000 -m -G users,wheel && \ 22 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 23 | echo "# macros" > /home/builder/.rpmmacros && \ 24 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 25 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 26 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 27 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "set enable-bracketed-paste off" >> /etc/inputrc && \ 31 | mkdir -p /home/builder/rpmbuild && \ 32 | chown -R builder /home/builder 33 | 34 | USER builder 35 | VOLUME /home/builder 36 | WORKDIR /home/builder/rpmbuild 37 | CMD ["/bin/bash"] 38 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.rpmbuild10: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2025 Teddysun 3 | 4 | FROM almalinux:10 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-10.noarch.rpm && \ 8 | dnf config-manager --enable epel && \ 9 | dnf config-manager --enable crb && \ 10 | rpm -e --nodeps coreutils-single && \ 11 | dnf install -y tar wget tree git gcc gcc-c++ coreutils bash diffutils patch ca-certificates \ 12 | sudo net-tools make cmake zstd libzstd chkconfig pcre2-devel \ 13 | rpm-build rpm-devel rpmlint rpmdevtools ncurses which procps \ 14 | asciidoc audit-libs-devel binutils-devel flex jq gettext \ 15 | libcap-devel newt-devel pciutils-devel perl-generators \ 16 | python3 python3-devel python3-docutils rsync xmlto bc bison \ 17 | java-devel ncurses-devel numactl-devel openssl-devel perl-devel \ 18 | bpftool dwarves gcc-plugin-devel glibc-static hmaccalc kernel-rpm-macros \ 19 | libbabeltrace-devel libbpf-devel libcap-ng-devel libnl3-devel libtraceevent-devel \ 20 | elfutils-devel xz-devel perl-ExtUtils-Embed && \ 21 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 22 | 23 | RUN useradd builder -u 1000 -m -G users,wheel && \ 24 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 25 | echo "# macros" > /home/builder/.rpmmacros && \ 26 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 27 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 31 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 32 | echo "set enable-bracketed-paste off" >> /etc/inputrc && \ 33 | mkdir -p /home/builder/rpmbuild && \ 34 | chown -R builder /home/builder 35 | 36 | USER builder 37 | VOLUME /home/builder 38 | WORKDIR /home/builder/rpmbuild 39 | CMD ["/bin/bash"] 40 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.rpmbuild7: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2021 - 2022 Teddysun 3 | 4 | FROM centos:7 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN yum install -y yum-utils epel-release centos-release-scl-rh && \ 8 | yum-config-manager --enable epel && \ 9 | yum install -y tar wget git tree gcc gcc-c++ \ 10 | sudo net-tools make cmake zstd libzstd chkconfig \ 11 | python bash coreutils diffutils patch ca-certificates \ 12 | rpm-build rpm-devel rpmlint rpmdevtools which procps \ 13 | devtoolset-9-gcc devtoolset-9-binutils devtoolset-9-runtime \ 14 | scl-utils asciidoc bison elfutils-libelf-devel m4 newt-devel \ 15 | openssl-devel openssl xmlto audit-libs-devel binutils-devel elfutils-devel \ 16 | gettext java-1.8.0-openjdk-devel libcap-devel numactl-devel python-devel python3 \ 17 | slang-devel xz-devel zlib-devel ncurses-devel pciutils-devel perl-ExtUtils-Embed epel-rpm-macros && \ 18 | yum clean all && rm -rf /var/cache/yum /var/lib/rpm/__db* 19 | 20 | RUN useradd builder -u 1000 -m -G users,wheel && \ 21 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 22 | echo "# macros" > /home/builder/.rpmmacros && \ 23 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 24 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 25 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 26 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 27 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | mkdir -p /home/builder/rpmbuild && \ 30 | chown -R builder /home/builder 31 | 32 | USER builder 33 | VOLUME /home/builder 34 | WORKDIR /home/builder/rpmbuild 35 | CMD ["/bin/bash"] 36 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.rpmbuild8: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2021 - 2025 Teddysun 3 | 4 | FROM rockylinux:8 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y yum-utils epel-release && \ 8 | dnf config-manager --enable epel && \ 9 | dnf config-manager --enable powertools && \ 10 | dnf install -y https://dl.lamp.sh/linux/rhel/el8/x86_64/teddysun-release-1.0-1.el8.noarch.rpm && \ 11 | rpm -e --nodeps coreutils-single && \ 12 | dnf install -y tar wget wget2 git tree gcc gcc-c++ \ 13 | sudo net-tools make cmake zstd libzstd chkconfig pcre-devel pcre2-devel \ 14 | bash coreutils diffutils patch ca-certificates \ 15 | rpm-build rpm-devel rpmlint rpmdevtools which procps \ 16 | asciidoc audit-libs-devel binutils-devel flex \ 17 | libcap-devel newt-devel pciutils-devel perl-generators \ 18 | python3 python3-devel python3-docutils rsync xmlto bc bison libnl3-devel \ 19 | java-devel ncurses-devel numactl-devel openssl-devel openssl3-devel perl-devel dwarves \ 20 | elfutils-devel xz-devel perl-ExtUtils-Embed gettext kmod libkcapi-hmaccalc && \ 21 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 22 | 23 | RUN useradd builder -u 1000 -m -G users,wheel && \ 24 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 25 | echo "# macros" > /home/builder/.rpmmacros && \ 26 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 27 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 28 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 29 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 31 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 32 | mkdir -p /home/builder/rpmbuild && \ 33 | chown -R builder /home/builder 34 | 35 | USER builder 36 | VOLUME /home/builder 37 | WORKDIR /home/builder/rpmbuild 38 | CMD ["/bin/bash"] 39 | -------------------------------------------------------------------------------- /docker/rpmbuild/Dockerfile.rpmbuild9: -------------------------------------------------------------------------------- 1 | # Dockerfile for build RPM packages. 2 | # Copyright (C) 2022 - 2025 Teddysun 3 | 4 | FROM rockylinux:9 5 | LABEL maintainer="Teddysun " 6 | 7 | RUN dnf install -y yum-utils epel-release && \ 8 | dnf config-manager --enable epel && \ 9 | dnf config-manager --enable crb && \ 10 | dnf install -y https://dl.lamp.sh/linux/rhel/el9/x86_64/teddysun-release-1.0-1.el9.noarch.rpm && \ 11 | rpm -e --nodeps coreutils-single && \ 12 | dnf install -y tar wget wget2 git tree gcc gcc-c++ \ 13 | sudo net-tools make cmake zstd libzstd chkconfig pcre-devel pcre2-devel \ 14 | bash coreutils diffutils patch ca-certificates \ 15 | rpm-build rpm-devel rpmlint rpmdevtools ncurses which procps \ 16 | asciidoc audit-libs-devel binutils-devel flex jq gettext \ 17 | libcap-devel newt-devel pciutils-devel perl-generators \ 18 | python3 python3-devel python3-docutils rsync xmlto bc bison \ 19 | java-devel ncurses-devel numactl-devel openssl-devel perl-devel \ 20 | bpftool dwarves gcc-plugin-devel glibc-static hmaccalc kernel-rpm-macros \ 21 | libbabeltrace-devel libbpf-devel libcap-ng-devel libnl3-devel libtraceevent-devel \ 22 | elfutils-devel xz-devel perl-ExtUtils-Embed && \ 23 | dnf clean all && rm -rf /var/cache/dnf /var/lib/rpm/__db* 24 | 25 | RUN useradd builder -u 1000 -m -G users,wheel && \ 26 | echo "builder ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \ 27 | echo "# macros" > /home/builder/.rpmmacros && \ 28 | echo "%_topdir /home/builder/rpmbuild" >> /home/builder/.rpmmacros && \ 29 | echo "%_sourcedir %{_topdir}" >> /home/builder/.rpmmacros && \ 30 | echo "%_builddir %{_topdir}" >> /home/builder/.rpmmacros && \ 31 | echo "%_specdir %{_topdir}" >> /home/builder/.rpmmacros && \ 32 | echo "%_rpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 33 | echo "%_srcrpmdir %{_topdir}" >> /home/builder/.rpmmacros && \ 34 | echo "set enable-bracketed-paste off" >> /etc/inputrc && \ 35 | mkdir -p /home/builder/rpmbuild && \ 36 | chown -R builder /home/builder 37 | 38 | USER builder 39 | VOLUME /home/builder 40 | WORKDIR /home/builder/rpmbuild 41 | CMD ["/bin/bash"] 42 | -------------------------------------------------------------------------------- /docker/rpmbuild/README.md: -------------------------------------------------------------------------------- 1 | ## RHEL RPM package building environment by Teddysun 2 | 3 | This docker image can be used to build RPM packages. 4 | 5 | For more information on docker and containerization technologies, refer to [official document][1]. 6 | 7 | ## Supported tags and respective `Dockerfile` links 8 | 9 | - `latest`, `10` [*(Dockerfile)*][8] 10 | - `9` [*(Dockerfile)*][7] 11 | - `8` [*(Dockerfile)*][2] 12 | - `7` [*(Dockerfile)*][3] 13 | 14 | ### Reference 15 | 16 | - Supported architectures ([*more info*][4]): `amd64`, `arm64` 17 | 18 | ## Integration 19 | 20 | RPMs will be built in `/home/builder/rpmbuild` folder, which should contain source archives, patches and built RPM/SRPM files. 21 | 22 | ## Prepare the host 23 | 24 | If you need to install docker by yourself, follow the [official installation guide][5]. 25 | 26 | ## User Account and Root Access 27 | 28 | The `builder` user (UID 1000) is a member of users and wheel, and has password-less sudo as any user, any group. 29 | 30 | ## Pull the image 31 | 32 | For CentOS 7 33 | 34 | ```bash 35 | $ docker pull teddysun/rpmbuild:7 36 | ``` 37 | 38 | For CentOS 8 Stream / Rockylinux 8 / Almalinux 8 39 | 40 | ```bash 41 | $ docker pull teddysun/rpmbuild:8 42 | ``` 43 | 44 | For CentOS 9 Stream / Rockylinux 9 / Almalinux 9 45 | 46 | ```bash 47 | $ docker pull teddysun/rpmbuild:9 48 | ``` 49 | 50 | For CentOS 10 Stream / Rockylinux 10 / Almalinux 10 51 | 52 | ```bash 53 | $ docker pull teddysun/rpmbuild:10 54 | ``` 55 | 56 | It can be found at [Docker Hub][6]. 57 | 58 | ## Start a container 59 | 60 | There is an example to start a container for CentOS 7 like below: 61 | 62 | ```bash 63 | $ mkdir -m 777 -p /opt/builder7 64 | $ docker run -it --rm -h buildbot --name rpmbuild7 -v /opt/builder7:/home/builder/rpmbuild teddysun/rpmbuild:7 65 | ``` 66 | 67 | There is an example to start a container for CentOS 8 Stream / Rockylinux 8 / Almalinux 8 like below: 68 | 69 | ```bash 70 | $ mkdir -m 777 -p /opt/builder8 71 | $ docker run -it --rm -h buildbot --name rpmbuild8 -v /opt/builder8:/home/builder/rpmbuild teddysun/rpmbuild:8 72 | ``` 73 | 74 | There is an example to start a container for CentOS 9 Stream / Rockylinux 9 / Almalinux 9 like below: 75 | 76 | ```bash 77 | $ mkdir -m 777 -p /opt/builder9 78 | $ docker run -it --rm -h buildbot --name rpmbuild9 -v /opt/builder9:/home/builder/rpmbuild teddysun/rpmbuild:9 79 | ``` 80 | 81 | There is an example to start a container for CentOS 10 Stream / Rockylinux 10 / Almalinux 10 like below: 82 | 83 | ```bash 84 | $ mkdir -m 777 -p /opt/builder10 85 | $ docker run -it --rm -h buildbot --name rpmbuild10 -v /opt/builder10:/home/builder/rpmbuild teddysun/rpmbuild:10 86 | ``` 87 | 88 | [1]: https://docs.docker.com/ 89 | [2]: https://github.com/teddysun/across/blob/master/docker/rpmbuild/Dockerfile.rpmbuild8 90 | [3]: https://github.com/teddysun/across/blob/master/docker/rpmbuild/Dockerfile.rpmbuild7 91 | [4]: https://github.com/docker-library/official-images#architectures-other-than-amd64 92 | [5]: https://docs.docker.com/install/ 93 | [6]: https://hub.docker.com/r/teddysun/rpmbuild/ 94 | [7]: https://github.com/teddysun/across/blob/master/docker/rpmbuild/Dockerfile.rpmbuild9 95 | [8]: https://github.com/teddysun/across/blob/master/docker/rpmbuild/Dockerfile.rpmbuild10 96 | -------------------------------------------------------------------------------- /docker/trojan-go/Dockerfile: -------------------------------------------------------------------------------- 1 | # Dockerfile for trojan-go based alpine 2 | # Copyright (C) 2019 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/p4gefau1t/trojan-go 5 | # https://github.com/v2fly/v2ray-core 6 | # https://github.com/v2fly/geoip 7 | # https://github.com/v2fly/domain-list-community 8 | 9 | FROM alpine:latest 10 | LABEL maintainer="Teddysun " 11 | 12 | COPY trojan-go.sh /root/trojan-go.sh 13 | COPY config.json /etc/trojan-go/config.json 14 | RUN set -ex \ 15 | && apk add --no-cache tzdata ca-certificates \ 16 | && chmod +x /root/trojan-go.sh \ 17 | && /root/trojan-go.sh \ 18 | && rm -fv /root/trojan-go.sh \ 19 | && mkdir -p /usr/share/trojan-go \ 20 | && wget -O /usr/share/trojan-go/geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat \ 21 | && wget -O /usr/share/trojan-go/geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat \ 22 | && wget -O /usr/share/trojan-go/geoip-only-cn-private.dat https://github.com/v2fly/geoip/releases/latest/download/geoip-only-cn-private.dat \ 23 | && ln -fs /usr/share/trojan-go/geoip.dat /usr/bin/ \ 24 | && ln -fs /usr/share/trojan-go/geoip-only-cn-private.dat /usr/bin/ \ 25 | && ln -fs /usr/share/trojan-go/geosite.dat /usr/bin/ 26 | 27 | VOLUME /etc/trojan-go 28 | ENV TZ=Asia/Shanghai 29 | CMD [ "/usr/bin/trojan-go", "-config", "/etc/trojan-go/config.json" ] 30 | -------------------------------------------------------------------------------- /docker/trojan-go/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for trojan-go based alpine 2 | # Copyright (C) 2019 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/p4gefau1t/trojan-go 5 | # https://github.com/v2fly/v2ray-core 6 | # https://github.com/v2fly/geoip 7 | # https://github.com/v2fly/domain-list-community 8 | # https://github.com/Potterli20/trojan-go-fork 9 | 10 | FROM alpine:latest 11 | LABEL maintainer="Teddysun " 12 | 13 | ARG TARGETPLATFORM 14 | COPY trojan-go.sh /root/trojan-go.sh 15 | COPY config.json /etc/trojan-go/config.json 16 | RUN set -ex \ 17 | && apk add --no-cache tzdata ca-certificates \ 18 | && chmod +x /root/trojan-go.sh \ 19 | && /root/trojan-go.sh "${TARGETPLATFORM}" \ 20 | && rm -fv /root/trojan-go.sh \ 21 | && mkdir -p /usr/share/trojan-go \ 22 | && wget -O /usr/share/trojan-go/geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat \ 23 | && wget -O /usr/share/trojan-go/geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat \ 24 | && wget -O /usr/share/trojan-go/geoip-only-cn-private.dat https://github.com/v2fly/geoip/releases/latest/download/geoip-only-cn-private.dat \ 25 | && ln -fs /usr/share/trojan-go/geoip.dat /usr/bin/ \ 26 | && ln -fs /usr/share/trojan-go/geoip-only-cn-private.dat /usr/bin/ \ 27 | && ln -fs /usr/share/trojan-go/geosite.dat /usr/bin/ 28 | 29 | VOLUME /etc/trojan-go 30 | ENV TZ=Asia/Shanghai 31 | CMD [ "/usr/bin/trojan-go", "-config", "/etc/trojan-go/config.json" ] 32 | -------------------------------------------------------------------------------- /docker/trojan-go/README.md: -------------------------------------------------------------------------------- 1 | ## Trojan-Go Docker Image by Teddysun 2 | 3 | [Trojan-Go][1] is An unidentifiable mechanism that helps you bypass [GFW](https://en.wikipedia.org/wiki/Great_Firewall). 4 | 5 | Trojan-Go features multiple protocols over `TLS` to avoid both active/passive detections and ISP `QoS` limitations. 6 | 7 | Docker images are built for quick deployment in various computing cloud providers. 8 | 9 | For more information on docker and containerization technologies, refer to [official document][2]. 10 | 11 | ## Prepare the host 12 | 13 | If you need to install docker by yourself, follow the [official installation guide][3]. 14 | 15 | ## Pull the image 16 | 17 | ```bash 18 | $ docker pull teddysun/trojan-go 19 | ``` 20 | 21 | This pulls the latest release of trojan-go. 22 | 23 | It can be found at [Docker Hub][4]. 24 | 25 | ## Start a container 26 | 27 | You **must create a configuration file** `/etc/trojan-go/config.json` in host at first: 28 | 29 | ``` 30 | $ mkdir -p /etc/trojan-go 31 | ``` 32 | 33 | A sample in JSON like below: 34 | 35 | ``` 36 | { 37 | "run_type": "server", 38 | "local_addr": "0.0.0.0", 39 | "local_port": 443, 40 | "remote_addr": "127.0.0.1", 41 | "remote_port": 80, 42 | "password": [ 43 | "your_password" 44 | ], 45 | "ssl": { 46 | "cert": "your_cert.crt", 47 | "key": "your_key.key", 48 | "sni": "your-domain-name.com" 49 | }, 50 | "router": { 51 | "enabled": true, 52 | "block": [ 53 | "geoip:private" 54 | ], 55 | "geoip": "/usr/share/trojan-go/geoip.dat", 56 | "geosite": "/usr/share/trojan-go/geosite.dat" 57 | } 58 | } 59 | ``` 60 | 61 | An online documentation can be found [here](https://p4gefau1t.github.io/trojan-go/) 62 | 63 | There is an example to start a container that use host network, run as a trojan-go server like below: 64 | 65 | ```bash 66 | $ docker run -d --network host --name trojan-go --restart=always -v /etc/trojan-go:/etc/trojan-go teddysun/trojan-go 67 | ``` 68 | 69 | [1]: https://github.com/p4gefau1t/trojan-go 70 | [2]: https://docs.docker.com/ 71 | [3]: https://docs.docker.com/install/ 72 | [4]: https://hub.docker.com/r/teddysun/trojan-go/ -------------------------------------------------------------------------------- /docker/trojan-go/build_trojan-go-dev.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for build multi-architectures trojan-go binary file 4 | # 5 | # Supported architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x 6 | # 7 | # Copyright (C) 2020 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/p4gefau1t/trojan-go 11 | 12 | cur_dir="$(pwd)" 13 | 14 | COMMANDS=( git go ) 15 | for CMD in "${COMMANDS[@]}"; do 16 | if [ ! "$(command -v "${CMD}")" ]; then 17 | echo "${CMD} is not installed, please install it and try again" && exit 1 18 | fi 19 | done 20 | 21 | cd ${cur_dir} 22 | git clone -b dev https://github.com/p4gefau1t/trojan-go.git 23 | cd trojan-go || exit 2 24 | 25 | PACKAGE_NAME="github.com/p4gefau1t/trojan-go" 26 | VERSION="$(git describe)" 27 | COMMIT="$(git rev-parse HEAD)" 28 | 29 | VAR_SETTING="" 30 | VAR_SETTING="${VAR_SETTING} -X ${PACKAGE_NAME}/constant.Version=${VERSION}" 31 | VAR_SETTING="${VAR_SETTING} -X ${PACKAGE_NAME}/constant.Commit=${COMMIT}" 32 | 33 | go get -d -v 34 | 35 | LDFLAGS="-s -w ${VAR_SETTING}" 36 | ARCHS=( 386 amd64 arm arm64 ppc64le s390x ) 37 | ARMS=( 6 7 ) 38 | 39 | for ARCH in ${ARCHS[@]}; do 40 | if [ "${ARCH}" = "arm" ]; then 41 | for V in ${ARMS[@]}; do 42 | echo "Building trojan-go-dev_linux_${ARCH}${V}" 43 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -tags "full" -ldflags "${LDFLAGS}" -o ${cur_dir}/trojan-go-dev_linux_${ARCH}${V} 44 | done 45 | else 46 | echo "Building trojan-go-dev_linux_${ARCH}" 47 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -tags "full" -ldflags "${LDFLAGS}" -o ${cur_dir}/trojan-go-dev_linux_${ARCH} 48 | fi 49 | done 50 | 51 | chmod +x ${cur_dir}/trojan-go-dev_linux_* 52 | # clean up 53 | cd ${cur_dir} && rm -fr trojan-go 54 | 55 | -------------------------------------------------------------------------------- /docker/trojan-go/build_trojan-go-fork.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # This is a Shell script for build multi-architectures trojan-go binary file 4 | # 5 | # Supported architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x 6 | # 7 | # Copyright (C) 2020 - 2023 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/p4gefau1t/trojan-go 11 | # https://github.com/Potterli20/trojan-go-fork 12 | 13 | cur_dir="$(pwd)" 14 | 15 | COMMANDS=( git go ) 16 | for CMD in "${COMMANDS[@]}"; do 17 | if [ ! "$(command -v "${CMD}")" ]; then 18 | echo "${CMD} is not installed, please install it and try again" && exit 1 19 | fi 20 | done 21 | 22 | cd ${cur_dir} 23 | #version=$(wget --no-check-certificate -qO- https://api.github.com/repos/p4gefau1t/trojan-go/tags | grep 'name' | cut -d\" -f4 | head -1) 24 | #echo "git clone -b ${version} https://github.com/p4gefau1t/trojan-go.git" 25 | echo "git clone https://github.com/Potterli20/trojan-go-fork.git" 26 | #git clone -b ${version} https://github.com/p4gefau1t/trojan-go.git 27 | git clone https://github.com/Potterli20/trojan-go-fork.git 28 | cd trojan-go-fork || exit 2 29 | 30 | PACKAGE_NAME="github.com/Potterli20/trojan-go-fork" 31 | VERSION="$(git describe --tags)" 32 | # VERSION="v2023.11.15" 33 | COMMIT="$(git rev-parse HEAD)" 34 | 35 | VAR_SETTING="-X ${PACKAGE_NAME}/constant.Version=${VERSION} -X ${PACKAGE_NAME}/constant.Commit=${COMMIT}" 36 | 37 | LDFLAGS="-s -w ${VAR_SETTING} -buildid=" 38 | ARCHS=( 386 amd64 arm arm64 ppc64le s390x ) 39 | ARMS=( 6 7 ) 40 | 41 | for ARCH in ${ARCHS[@]}; do 42 | if [ "${ARCH}" = "arm" ]; then 43 | for V in ${ARMS[@]}; do 44 | echo "Building trojan-go_linux_${ARCH}${V}" 45 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -tags "full" -ldflags "${LDFLAGS}" -o ${cur_dir}/trojan-go_linux_${ARCH}${V} 46 | done 47 | else 48 | echo "Building trojan-go_linux_${ARCH}" 49 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -tags "full" -ldflags "${LDFLAGS}" -o ${cur_dir}/trojan-go_linux_${ARCH} 50 | fi 51 | done 52 | 53 | chmod +x ${cur_dir}/trojan-go_linux_* 54 | # clean up 55 | cd ${cur_dir} && rm -fr trojan-go-fork 56 | -------------------------------------------------------------------------------- /docker/trojan-go/build_trojan-go.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for build multi-architectures trojan-go binary file 4 | # 5 | # Supported architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x 6 | # 7 | # Copyright (C) 2020 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/p4gefau1t/trojan-go 11 | 12 | cur_dir="$(pwd)" 13 | 14 | COMMANDS=( git go ) 15 | for CMD in "${COMMANDS[@]}"; do 16 | if [ ! "$(command -v "${CMD}")" ]; then 17 | echo "${CMD} is not installed, please install it and try again" && exit 1 18 | fi 19 | done 20 | 21 | cd ${cur_dir} 22 | version=$(wget --no-check-certificate -qO- https://api.github.com/repos/p4gefau1t/trojan-go/tags | grep 'name' | cut -d\" -f4 | head -1) 23 | echo "git clone -b ${version} https://github.com/p4gefau1t/trojan-go.git" 24 | git clone -b ${version} https://github.com/p4gefau1t/trojan-go.git 25 | cd trojan-go || exit 2 26 | 27 | PACKAGE_NAME="github.com/p4gefau1t/trojan-go" 28 | VERSION="$(git describe)" 29 | COMMIT="$(git rev-parse HEAD)" 30 | 31 | VAR_SETTING="" 32 | VAR_SETTING="${VAR_SETTING} -X ${PACKAGE_NAME}/constant.Version=${VERSION}" 33 | VAR_SETTING="${VAR_SETTING} -X ${PACKAGE_NAME}/constant.Commit=${COMMIT}" 34 | 35 | go get -d -v 36 | 37 | LDFLAGS="-s -w ${VAR_SETTING}" 38 | ARCHS=( 386 amd64 arm arm64 ppc64le s390x ) 39 | ARMS=( 6 7 ) 40 | 41 | for ARCH in ${ARCHS[@]}; do 42 | if [ "${ARCH}" = "arm" ]; then 43 | for V in ${ARMS[@]}; do 44 | echo "Building trojan-go_linux_${ARCH}${V}" 45 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -tags "full" -ldflags "${LDFLAGS}" -o ${cur_dir}/trojan-go_linux_${ARCH}${V} 46 | done 47 | else 48 | echo "Building trojan-go_linux_${ARCH}" 49 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -tags "full" -ldflags "${LDFLAGS}" -o ${cur_dir}/trojan-go_linux_${ARCH} 50 | fi 51 | done 52 | 53 | chmod +x ${cur_dir}/trojan-go_linux_* 54 | # clean up 55 | cd ${cur_dir} && rm -fr trojan-go 56 | 57 | -------------------------------------------------------------------------------- /docker/trojan-go/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "run_type": "server", 3 | "local_addr": "0.0.0.0", 4 | "local_port": 443, 5 | "remote_addr": "127.0.0.1", 6 | "remote_port": 80, 7 | "password": [ 8 | "your_password" 9 | ], 10 | "ssl": { 11 | "cert": "your_cert.crt", 12 | "key": "your_key.key", 13 | "sni": "your-domain-name.com" 14 | }, 15 | "router": { 16 | "enabled": true, 17 | "block": [ 18 | "geoip:private" 19 | ], 20 | "geoip": "/usr/share/trojan-go/geoip.dat", 21 | "geosite": "/usr/share/trojan-go/geosite.dat" 22 | } 23 | } -------------------------------------------------------------------------------- /docker/trojan-go/trojan-go.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for trojan-go based alpine with Docker image 4 | # 5 | # Copyright (C) 2019 - 2020 Teddysun 6 | # 7 | # Reference URL: 8 | # https://github.com/p4gefau1t/trojan-go 9 | 10 | PLATFORM=$1 11 | if [ -z "$PLATFORM" ]; then 12 | ARCH="amd64" 13 | else 14 | case "$PLATFORM" in 15 | linux/386) 16 | ARCH="386" 17 | ;; 18 | linux/amd64) 19 | ARCH="amd64" 20 | ;; 21 | linux/arm/v6) 22 | ARCH="arm6" 23 | ;; 24 | linux/arm/v7) 25 | ARCH="arm7" 26 | ;; 27 | linux/arm64|linux/arm64/v8) 28 | ARCH="arm64" 29 | ;; 30 | linux/ppc64le) 31 | ARCH="ppc64le" 32 | ;; 33 | linux/s390x) 34 | ARCH="s390x" 35 | ;; 36 | *) 37 | ARCH="" 38 | ;; 39 | esac 40 | fi 41 | [ -z "${ARCH}" ] && echo "Error: Not supported OS Architecture" && exit 1 42 | # Download binary file 43 | TROJAN_FILE="trojan-go_linux_${ARCH}" 44 | 45 | echo "Downloading binary file: ${TROJAN_FILE}" 46 | wget -O /usr/bin/trojan-go https://dl.lamp.sh/files/${TROJAN_FILE} > /dev/null 2>&1 47 | if [ $? -ne 0 ]; then 48 | echo "Error: Failed to download binary file: ${TROJAN_FILE}" && exit 1 49 | fi 50 | echo "Download binary file: ${TROJAN_FILE} completed" 51 | 52 | chmod +x /usr/bin/trojan-go 53 | -------------------------------------------------------------------------------- /docker/trojan/Dockerfile: -------------------------------------------------------------------------------- 1 | # Dockerfile for trojan based alpine 2 | # Copyright (C) 2020 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/trojan-gfw/trojan 5 | # https://trojan-gfw.github.io/trojan/ 6 | 7 | FROM alpine:latest AS builder 8 | WORKDIR /root 9 | RUN set -ex \ 10 | && VERSION="$(wget --no-check-certificate -qO- https://api.github.com/repos/trojan-gfw/trojan/tags | grep 'name' | cut -d\" -f4 | head -1)" \ 11 | && apk add --no-cache git build-base make cmake boost-dev openssl-dev mariadb-connector-c-dev \ 12 | && git clone --branch ${VERSION} --single-branch https://github.com/trojan-gfw/trojan.git \ 13 | && cd trojan \ 14 | && cmake . \ 15 | && make \ 16 | && strip -s trojan 17 | 18 | FROM alpine:latest 19 | LABEL maintainer="Teddysun " 20 | 21 | RUN set -ex \ 22 | && apk add --no-cache tzdata ca-certificates libstdc++ boost-system boost-program_options mariadb-connector-c 23 | 24 | COPY --from=builder /root/trojan/trojan /usr/bin 25 | COPY config.json /etc/trojan/config.json 26 | VOLUME /etc/trojan 27 | ENV TZ=Asia/Shanghai 28 | CMD [ "/usr/bin/trojan", "-c", "/etc/trojan/config.json" ] 29 | -------------------------------------------------------------------------------- /docker/trojan/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for trojan based alpine 2 | # Copyright (C) 2020 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/trojan-gfw/trojan 5 | # https://trojan-gfw.github.io/trojan/ 6 | 7 | FROM alpine:latest AS builder 8 | WORKDIR /root 9 | RUN set -ex \ 10 | && VERSION="$(wget --no-check-certificate -qO- https://api.github.com/repos/trojan-gfw/trojan/tags | grep 'name' | cut -d\" -f4 | head -1)" \ 11 | && apk add --no-cache git build-base make cmake boost-dev openssl-dev mariadb-connector-c-dev \ 12 | && git clone --branch ${VERSION} --single-branch https://github.com/trojan-gfw/trojan.git \ 13 | && cd trojan \ 14 | && cmake . \ 15 | && make \ 16 | && strip -s trojan 17 | 18 | FROM alpine:latest 19 | LABEL maintainer="Teddysun " 20 | 21 | RUN set -ex \ 22 | && apk add --no-cache tzdata ca-certificates libstdc++ boost-system boost-program_options mariadb-connector-c 23 | 24 | COPY --from=builder /root/trojan/trojan /usr/bin 25 | COPY config.json /etc/trojan/config.json 26 | VOLUME /etc/trojan 27 | ENV TZ=Asia/Shanghai 28 | CMD [ "/usr/bin/trojan", "-c", "/etc/trojan/config.json" ] 29 | -------------------------------------------------------------------------------- /docker/trojan/README.md: -------------------------------------------------------------------------------- 1 | ## Trojan Docker Image by Teddysun 2 | 3 | [Trojan][1] is An unidentifiable mechanism that helps you bypass [GFW](https://en.wikipedia.org/wiki/Great_Firewall). 4 | 5 | Trojan features multiple protocols over `TLS` to avoid both active/passive detections and ISP `QoS` limitations. 6 | 7 | Docker images are built for quick deployment in various computing cloud providers. 8 | 9 | For more information on docker and containerization technologies, refer to [official document][2]. 10 | 11 | ## Prepare the host 12 | 13 | If you need to install docker by yourself, follow the [official installation guide][3]. 14 | 15 | ## Pull the image 16 | 17 | ```bash 18 | $ docker pull teddysun/trojan 19 | ``` 20 | 21 | This pulls the latest release of Trojan. 22 | 23 | It can be found at [Docker Hub][4]. 24 | 25 | ## Start a container 26 | 27 | You **must create a configuration file** `/etc/trojan/config.json` in host at first: 28 | 29 | ``` 30 | $ mkdir -p /etc/trojan 31 | ``` 32 | 33 | A sample in JSON like below: 34 | 35 | ``` 36 | { 37 | "run_type": "server", 38 | "local_addr": "0.0.0.0", 39 | "local_port": 443, 40 | "remote_addr": "127.0.0.1", 41 | "remote_port": 80, 42 | "password": [ 43 | "password1", 44 | "password2" 45 | ], 46 | "log_level": 1, 47 | "ssl": { 48 | "cert": "/path/to/certificate.crt", 49 | "key": "/path/to/private.key", 50 | "key_password": "", 51 | "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384", 52 | "cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384", 53 | "prefer_server_cipher": true, 54 | "alpn": [ 55 | "http/1.1" 56 | ], 57 | "reuse_session": true, 58 | "session_ticket": false, 59 | "session_timeout": 600, 60 | "plain_http_response": "", 61 | "curves": "", 62 | "dhparam": "" 63 | }, 64 | "tcp": { 65 | "prefer_ipv4": false, 66 | "no_delay": true, 67 | "keep_alive": true, 68 | "reuse_port": false, 69 | "fast_open": false, 70 | "fast_open_qlen": 20 71 | }, 72 | "mysql": { 73 | "enabled": false, 74 | "server_addr": "127.0.0.1", 75 | "server_port": 3306, 76 | "database": "trojan", 77 | "username": "trojan", 78 | "password": "" 79 | } 80 | } 81 | ``` 82 | 83 | An online documentation can be found [here](https://trojan-gfw.github.io/trojan/) 84 | 85 | There is an example to start a container that listen on port `443`, run as a Trojan server like below: 86 | 87 | ```bash 88 | $ docker run -d -p 443:443 --name trojan --restart=always -v /etc/trojan:/etc/trojan teddysun/trojan 89 | ``` 90 | 91 | **Warning**: The port number `443` must be same as configuration and opened in firewall. 92 | 93 | [1]: https://github.com/trojan-gfw/trojan 94 | [2]: https://docs.docker.com/ 95 | [3]: https://docs.docker.com/install/ 96 | [4]: https://hub.docker.com/r/teddysun/trojan/ -------------------------------------------------------------------------------- /docker/trojan/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "run_type": "server", 3 | "local_addr": "0.0.0.0", 4 | "local_port": 443, 5 | "remote_addr": "127.0.0.1", 6 | "remote_port": 80, 7 | "password": [ 8 | "password1", 9 | "password2" 10 | ], 11 | "log_level": 1, 12 | "ssl": { 13 | "cert": "/path/to/certificate.crt", 14 | "key": "/path/to/private.key", 15 | "key_password": "", 16 | "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384", 17 | "cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384", 18 | "prefer_server_cipher": true, 19 | "alpn": [ 20 | "http/1.1" 21 | ], 22 | "reuse_session": true, 23 | "session_ticket": false, 24 | "session_timeout": 600, 25 | "plain_http_response": "", 26 | "curves": "", 27 | "dhparam": "" 28 | }, 29 | "tcp": { 30 | "prefer_ipv4": false, 31 | "no_delay": true, 32 | "keep_alive": true, 33 | "reuse_port": false, 34 | "fast_open": false, 35 | "fast_open_qlen": 20 36 | }, 37 | "mysql": { 38 | "enabled": false, 39 | "server_addr": "127.0.0.1", 40 | "server_port": 3306, 41 | "database": "trojan", 42 | "username": "trojan", 43 | "password": "" 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /docker/v2ray/Dockerfile: -------------------------------------------------------------------------------- 1 | # Dockerfile for v2ray based alpine 2 | # Copyright (C) 2019 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/v2fly/v2ray-core 5 | # https://github.com/v2fly/geoip 6 | # https://github.com/v2fly/domain-list-community 7 | 8 | FROM alpine:latest 9 | LABEL maintainer="Teddysun " 10 | 11 | WORKDIR /root 12 | COPY v2ray.sh /root/v2ray.sh 13 | COPY config.json /etc/v2ray/config.json 14 | RUN set -ex \ 15 | && apk add --no-cache tzdata ca-certificates \ 16 | && mkdir -p /var/log/v2ray /usr/share/v2ray \ 17 | && chmod +x /root/v2ray.sh \ 18 | && /root/v2ray.sh \ 19 | && rm -fv /root/v2ray.sh \ 20 | && wget -O /usr/share/v2ray/geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat \ 21 | && wget -O /usr/share/v2ray/geoip-only-cn-private.dat https://github.com/v2fly/geoip/releases/latest/download/geoip-only-cn-private.dat \ 22 | && wget -O /usr/share/v2ray/geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat 23 | 24 | VOLUME /etc/v2ray 25 | ENV TZ=Asia/Shanghai 26 | CMD [ "/usr/bin/v2ray", "run", "-config", "/etc/v2ray/config.json" ] 27 | -------------------------------------------------------------------------------- /docker/v2ray/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for v2ray based alpine 2 | # Copyright (C) 2019 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/v2fly/v2ray-core 5 | # https://github.com/v2fly/geoip 6 | # https://github.com/v2fly/domain-list-community 7 | 8 | FROM alpine:latest 9 | LABEL maintainer="Teddysun " 10 | 11 | ARG TARGETPLATFORM 12 | WORKDIR /root 13 | COPY v2ray.sh /root/v2ray.sh 14 | COPY config.json /etc/v2ray/config.json 15 | RUN set -ex \ 16 | && apk add --no-cache tzdata ca-certificates \ 17 | && mkdir -p /var/log/v2ray /usr/share/v2ray \ 18 | && chmod +x /root/v2ray.sh \ 19 | && /root/v2ray.sh "${TARGETPLATFORM}" \ 20 | && rm -fv /root/v2ray.sh \ 21 | && wget -O /usr/share/v2ray/geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat \ 22 | && wget -O /usr/share/v2ray/geoip-only-cn-private.dat https://github.com/v2fly/geoip/releases/latest/download/geoip-only-cn-private.dat \ 23 | && wget -O /usr/share/v2ray/geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat 24 | 25 | VOLUME /etc/v2ray 26 | ENV TZ=Asia/Shanghai 27 | CMD [ "/usr/bin/v2ray", "run", "-config", "/etc/v2ray/config.json" ] 28 | -------------------------------------------------------------------------------- /docker/v2ray/README.md: -------------------------------------------------------------------------------- 1 | ## V2Ray Docker Image by Teddysun 2 | 3 | [V2Ray][1] is a platform for building proxies to bypass network restrictions. 4 | 5 | It secures your network connections and thus protects your privacy. 6 | 7 | Docker images are built for quick deployment in various computing cloud providers. 8 | 9 | For more information on docker and containerization technologies, refer to [official document][2]. 10 | 11 | ## Prepare the host 12 | 13 | If you need to install docker by yourself, follow the [official installation guide][3]. 14 | 15 | ## Pull the image 16 | 17 | ```bash 18 | $ docker pull teddysun/v2ray 19 | ``` 20 | 21 | This pulls the latest release of V2Ray. 22 | 23 | It can be found at [Docker Hub][4]. 24 | 25 | ## Start a container 26 | 27 | You **must create a configuration file** `/etc/v2ray/config.json` in host at first: 28 | 29 | ``` 30 | $ mkdir -p /etc/v2ray 31 | ``` 32 | 33 | A sample in JSON like below: 34 | 35 | ``` 36 | { 37 | "inbounds": [{ 38 | "port": 9000, 39 | "protocol": "vmess", 40 | "settings": { 41 | "clients": [ 42 | { 43 | "id": "11c2a696-0366-4524-b8f0-9a9c21512b02", 44 | "level": 1, 45 | "alterId": 64 46 | } 47 | ] 48 | } 49 | }], 50 | "outbounds": [{ 51 | "protocol": "freedom", 52 | "settings": {} 53 | }] 54 | } 55 | ``` 56 | 57 | Or generate a configuration file online by [https://tools.sprov.xyz/v2ray/](https://tools.sprov.xyz/v2ray/) 58 | 59 | There is an example to start a container that listen on port `9000`, run as a V2Ray server like below: 60 | 61 | ```bash 62 | $ docker run -d -p 9000:9000 --name v2ray --restart=always -v /etc/v2ray:/etc/v2ray teddysun/v2ray 63 | ``` 64 | 65 | **Warning**: The port number must be same as configuration and opened in firewall. 66 | 67 | [1]: https://github.com/v2fly/v2ray-core 68 | [2]: https://docs.docker.com/ 69 | [3]: https://docs.docker.com/install/ 70 | [4]: https://hub.docker.com/r/teddysun/v2ray/ -------------------------------------------------------------------------------- /docker/v2ray/build_v2ray.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for build multi-architectures v2ray binary file 4 | # 5 | # Supported architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x 6 | # 7 | # Copyright (C) 2020 - 2022 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/v2fly/v2ray-core.git 11 | 12 | cur_dir="$(pwd)" 13 | 14 | COMMANDS=( git go ) 15 | for CMD in "${COMMANDS[@]}"; do 16 | if [ ! "$(command -v "${CMD}")" ]; then 17 | echo "${CMD} is not installed, please install it and try again" && exit 1 18 | fi 19 | done 20 | 21 | cd ${cur_dir} 22 | git clone https://github.com/v2fly/v2ray-core.git 23 | cd v2ray-core || exit 2 24 | 25 | LDFLAGS="-s -w -buildid=" 26 | ARCHS=( 386 amd64 arm arm64 ppc64le s390x ) 27 | ARMS=( 6 7 ) 28 | 29 | for ARCH in ${ARCHS[@]}; do 30 | if [ "${ARCH}" = "arm" ]; then 31 | for V in ${ARMS[@]}; do 32 | # echo "Building v2ray_linux_${ARCH}${V} and v2ctl_linux_${ARCH}${V}" 33 | echo "Building v2ray_linux_${ARCH}${V}" 34 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -trimpath -ldflags "${LDFLAGS}" -o ${cur_dir}/v2ray_linux_${ARCH}${V} ./main 35 | # env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -trimpath -ldflags "${LDFLAGS}" -tags confonly -o ${cur_dir}/v2ctl_linux_${ARCH}${V} ./infra/control/main 36 | done 37 | else 38 | # echo "Building v2ray_linux_${ARCH} and v2ctl_linux_${ARCH}" 39 | echo "Building v2ray_linux_${ARCH}" 40 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -trimpath -ldflags "${LDFLAGS}" -o ${cur_dir}/v2ray_linux_${ARCH} ./main 41 | # env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -trimpath -ldflags "${LDFLAGS}" -tags confonly -o ${cur_dir}/v2ctl_linux_${ARCH} ./infra/control/main 42 | fi 43 | done 44 | 45 | # chmod +x ${cur_dir}/v2ray_linux_* ${cur_dir}/v2ctl_linux_* 46 | chmod +x ${cur_dir}/v2ray_linux_* 47 | # clean up 48 | cd ${cur_dir} && rm -fr v2ray-core 49 | -------------------------------------------------------------------------------- /docker/v2ray/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "inbounds": [{ 3 | "port": 9000, 4 | "protocol": "vmess", 5 | "settings": { 6 | "clients": [ 7 | { 8 | "id": "11c2a696-0366-4524-b8f0-9a9c21512b02", 9 | "level": 1, 10 | "alterId": 64 11 | } 12 | ] 13 | } 14 | }], 15 | "outbounds": [{ 16 | "protocol": "freedom", 17 | "settings": {} 18 | }] 19 | } -------------------------------------------------------------------------------- /docker/v2ray/v2ray.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for v2ray based alpine with Docker image 4 | # 5 | # Copyright (C) 2019 - 2022 Teddysun 6 | # 7 | # Reference URL: 8 | # https://github.com/v2fly/v2ray-core.git 9 | 10 | PLATFORM=$1 11 | if [ -z "$PLATFORM" ]; then 12 | ARCH="amd64" 13 | else 14 | case "$PLATFORM" in 15 | linux/386) 16 | ARCH="386" 17 | ;; 18 | linux/amd64) 19 | ARCH="amd64" 20 | ;; 21 | linux/arm/v6) 22 | ARCH="arm6" 23 | ;; 24 | linux/arm/v7) 25 | ARCH="arm7" 26 | ;; 27 | linux/arm64|linux/arm64/v8) 28 | ARCH="arm64" 29 | ;; 30 | linux/ppc64le) 31 | ARCH="ppc64le" 32 | ;; 33 | linux/s390x) 34 | ARCH="s390x" 35 | ;; 36 | *) 37 | ARCH="" 38 | ;; 39 | esac 40 | fi 41 | [ -z "${ARCH}" ] && echo "Error: Not supported OS Architecture" && exit 1 42 | # Download binary file 43 | V2RAY_FILE="v2ray_linux_${ARCH}" 44 | # V2CTL_FILE="v2ctl_linux_${ARCH}" 45 | 46 | echo "Downloading binary file: ${V2RAY_FILE}" 47 | wget -O /usr/bin/v2ray https://dl.lamp.sh/files/${V2RAY_FILE} > /dev/null 2>&1 48 | if [ $? -ne 0 ]; then 49 | echo "Error: Failed to download binary file: ${V2RAY_FILE}" && exit 1 50 | fi 51 | echo "Download binary file: ${V2RAY_FILE} completed" 52 | 53 | # echo "Downloading binary file: ${V2CTL_FILE}" 54 | # wget -O /usr/bin/v2ctl https://dl.lamp.sh/files/${V2CTL_FILE} > /dev/null 2>&1 55 | # if [ $? -ne 0 ]; then 56 | # echo "Error: Failed to download binary file: ${V2CTL_FILE}" && exit 1 57 | # fi 58 | # echo "Download binary file: ${V2CTL_FILE} completed" 59 | chmod +x /usr/bin/v2ray 60 | # chmod +x /usr/bin/v2ctl 61 | -------------------------------------------------------------------------------- /docker/xray/Dockerfile: -------------------------------------------------------------------------------- 1 | # Dockerfile for xray based alpine 2 | # Copyright (C) 2019 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/XTLS/Xray-core 5 | # https://github.com/v2fly/v2ray-core 6 | # https://github.com/v2fly/geoip 7 | # https://github.com/v2fly/domain-list-community 8 | 9 | FROM alpine:latest 10 | LABEL maintainer="Teddysun " 11 | 12 | WORKDIR /root 13 | COPY xray.sh /root/xray.sh 14 | COPY config.json /etc/xray/config.json 15 | RUN set -ex \ 16 | && apk add --no-cache tzdata ca-certificates \ 17 | && mkdir -p /var/log/xray /usr/share/xray \ 18 | && chmod +x /root/xray.sh \ 19 | && /root/xray.sh \ 20 | && rm -fv /root/xray.sh \ 21 | && wget -O /usr/share/xray/geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat \ 22 | && wget -O /usr/share/xray/geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat 23 | 24 | VOLUME /etc/xray 25 | ENV TZ=Asia/Shanghai 26 | CMD [ "/usr/bin/xray", "-config", "/etc/xray/config.json" ] 27 | -------------------------------------------------------------------------------- /docker/xray/Dockerfile.architecture: -------------------------------------------------------------------------------- 1 | # Dockerfile for xray based alpine 2 | # Copyright (C) 2019 - 2024 Teddysun 3 | # Reference URL: 4 | # https://github.com/XTLS/Xray-core 5 | # https://github.com/v2fly/v2ray-core 6 | # https://github.com/v2fly/geoip 7 | # https://github.com/v2fly/domain-list-community 8 | 9 | FROM alpine:latest 10 | LABEL maintainer="Teddysun " 11 | 12 | ARG TARGETPLATFORM 13 | WORKDIR /root 14 | COPY xray.sh /root/xray.sh 15 | COPY config.json /etc/xray/config.json 16 | RUN set -ex \ 17 | && apk add --no-cache tzdata ca-certificates \ 18 | && mkdir -p /var/log/xray /usr/share/xray \ 19 | && chmod +x /root/xray.sh \ 20 | && /root/xray.sh "${TARGETPLATFORM}" \ 21 | && rm -fv /root/xray.sh \ 22 | && wget -O /usr/share/xray/geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat \ 23 | && wget -O /usr/share/xray/geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat 24 | 25 | VOLUME /etc/xray 26 | ENV TZ=Asia/Shanghai 27 | CMD [ "/usr/bin/xray", "-config", "/etc/xray/config.json" ] 28 | -------------------------------------------------------------------------------- /docker/xray/README.md: -------------------------------------------------------------------------------- 1 | ## Xray Docker Image by Teddysun 2 | 3 | [Xray][1] is a platform for building proxies to bypass network restrictions. 4 | 5 | It secures your network connections and thus protects your privacy. 6 | 7 | Docker images are built for quick deployment in various computing cloud providers. 8 | 9 | For more information on docker and containerization technologies, refer to [official document][2]. 10 | 11 | ## Prepare the host 12 | 13 | If you need to install docker by yourself, follow the [official installation guide][3]. 14 | 15 | ## Pull the image 16 | 17 | ```bash 18 | $ docker pull teddysun/xray 19 | ``` 20 | 21 | This pulls the latest release of Xray. 22 | 23 | It can be found at [Docker Hub][4]. 24 | 25 | ## Start a container 26 | 27 | You **must create a configuration file** `/etc/xray/config.json` in host at first: 28 | 29 | ``` 30 | $ mkdir -p /etc/xray 31 | ``` 32 | 33 | A sample in JSON like below: 34 | 35 | ``` 36 | { 37 | "inbounds": [{ 38 | "port": 9000, 39 | "protocol": "vmess", 40 | "settings": { 41 | "clients": [ 42 | { 43 | "id": "1eb6e917-774b-4a84-aff6-b058577c60a5" 44 | } 45 | ] 46 | } 47 | }], 48 | "outbounds": [{ 49 | "protocol": "freedom", 50 | "settings": {} 51 | }] 52 | } 53 | ``` 54 | 55 | Or some examples of uses for Xray-core [https://github.com/XTLS/Xray-examples](https://github.com/XTLS/Xray-examples) 56 | 57 | There is an example to start a container that listen on port `9000`, run as a Xray server like below: 58 | 59 | ```bash 60 | $ docker run -d -p 9000:9000 --name xray --restart=always -v /etc/xray:/etc/xray teddysun/xray 61 | ``` 62 | 63 | **Warning**: The port number must be same as configuration and opened in firewall. 64 | 65 | [1]: https://github.com/XTLS/Xray-core 66 | [2]: https://docs.docker.com/ 67 | [3]: https://docs.docker.com/install/ 68 | [4]: https://hub.docker.com/r/teddysun/xray/ -------------------------------------------------------------------------------- /docker/xray/build_xray.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for build multi-architectures xray binary file 4 | # 5 | # Supported architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x 6 | # 7 | # Copyright (C) 2020 - 2024 Teddysun 8 | # 9 | # Reference URL: 10 | # https://github.com/XTLS/Xray-core 11 | 12 | cur_dir="$(pwd)" 13 | 14 | COMMANDS=( git go ) 15 | for CMD in "${COMMANDS[@]}"; do 16 | if [ ! "$(command -v "${CMD}")" ]; then 17 | echo "${CMD} is not installed, please install it and try again" && exit 1 18 | fi 19 | done 20 | 21 | cd ${cur_dir} 22 | git clone https://github.com/XTLS/Xray-core.git 23 | cd Xray-core || exit 2 24 | 25 | LDFLAGS="-s -w -buildid=" 26 | ARCHS=( 386 amd64 arm arm64 ppc64le s390x ) 27 | ARMS=( 6 7 ) 28 | 29 | for ARCH in ${ARCHS[@]}; do 30 | if [ "${ARCH}" = "arm" ]; then 31 | for V in ${ARMS[@]}; do 32 | echo "Building xray_linux_${ARCH}${V}" 33 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GOARM=${V} go build -v -trimpath -ldflags "${LDFLAGS}" -o ${cur_dir}/xray_linux_${ARCH}${V} ./main || exit 1 34 | done 35 | else 36 | echo "Building xray_linux_${ARCH}" 37 | env CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} go build -v -trimpath -ldflags "${LDFLAGS}" -o ${cur_dir}/xray_linux_${ARCH} ./main || exit 1 38 | fi 39 | done 40 | 41 | chmod +x ${cur_dir}/xray_linux_* 42 | # clean up 43 | cd ${cur_dir} && rm -fr Xray-core 44 | -------------------------------------------------------------------------------- /docker/xray/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "inbounds": [{ 3 | "port": 9000, 4 | "protocol": "vmess", 5 | "settings": { 6 | "clients": [ 7 | { 8 | "id": "1eb6e917-774b-4a84-aff6-b058577c60a5", 9 | "level": 1, 10 | "alterId": 64 11 | } 12 | ] 13 | } 14 | }], 15 | "outbounds": [{ 16 | "protocol": "freedom", 17 | "settings": {} 18 | }] 19 | } -------------------------------------------------------------------------------- /docker/xray/xray.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # This is a Shell script for xray based alpine with Docker image 4 | # 5 | # Copyright (C) 2019 - 2020 Teddysun 6 | # 7 | # Reference URL: 8 | # https://github.com/XTLS/Xray-core 9 | 10 | PLATFORM=$1 11 | if [ -z "$PLATFORM" ]; then 12 | ARCH="amd64" 13 | else 14 | case "$PLATFORM" in 15 | linux/386) 16 | ARCH="386" 17 | ;; 18 | linux/amd64) 19 | ARCH="amd64" 20 | ;; 21 | linux/arm/v6) 22 | ARCH="arm6" 23 | ;; 24 | linux/arm/v7) 25 | ARCH="arm7" 26 | ;; 27 | linux/arm64|linux/arm64/v8) 28 | ARCH="arm64" 29 | ;; 30 | linux/ppc64le) 31 | ARCH="ppc64le" 32 | ;; 33 | linux/s390x) 34 | ARCH="s390x" 35 | ;; 36 | *) 37 | ARCH="" 38 | ;; 39 | esac 40 | fi 41 | [ -z "${ARCH}" ] && echo "Error: Not supported OS Architecture" && exit 1 42 | # Download binary file 43 | XRAY_FILE="xray_linux_${ARCH}" 44 | 45 | echo "Downloading binary file: ${XRAY_FILE}" 46 | wget -O /usr/bin/xray https://dl.lamp.sh/files/${XRAY_FILE} > /dev/null 2>&1 47 | if [ $? -ne 0 ]; then 48 | echo "Error: Failed to download binary file: ${XRAY_FILE}" && exit 1 49 | fi 50 | echo "Download binary file: ${XRAY_FILE} completed" 51 | 52 | chmod +x /usr/bin/xray 53 | -------------------------------------------------------------------------------- /ftp_upload.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # Upload file(s) to FTP server 4 | # 5 | # Copyright (C) 2016 - 2018 Teddysun 6 | # 7 | # Argument example: 8 | # 1) ./ftp_upload.sh filename 9 | # 2) ./ftp_upload.sh filename1 filename2 filename3 ... 10 | # 3) ./ftp_upload.sh "*.extension" 11 | # 4) ./ftp_upload.sh "*.extension1" "*.extension2" 12 | # 13 | 14 | ########## START OF CONFIG ########## 15 | 16 | # Local directory (current folder) 17 | LOCALDIR=$( pwd ) 18 | 19 | # File to log the outcome of backups 20 | LOGFILE="/var/log/ftp_upload.log" 21 | 22 | # FTP server 23 | # Enter the Hostname or IP address below 24 | FTP_HOST="" 25 | 26 | # FTP username 27 | # Enter the FTP username below 28 | FTP_USER="" 29 | 30 | # FTP password 31 | # Enter the username's password below 32 | FTP_PASS="" 33 | 34 | # FTP server remote folder 35 | # Enter the FTP remote folder below 36 | # For example: public_html 37 | FTP_DIR="" 38 | 39 | ########## END OF CONFIG ########## 40 | 41 | 42 | log() { 43 | echo "$(date "+%Y-%m-%d %H:%M:%S")" "$1" 44 | echo -e "$(date "+%Y-%m-%d %H:%M:%S")" "$1" >> ${LOGFILE} 45 | } 46 | 47 | # Check ftp command 48 | check_command() { 49 | if [ ! "$(command -v "ftp")" ]; then 50 | log "ftp command is not installed, please install it and try again" 51 | exit 1 52 | fi 53 | } 54 | 55 | # Tranferring backup file to FTP server 56 | ftp_upload() { 57 | cd ${LOCALDIR} || exit 58 | 59 | [ -z ${FTP_HOST} ] && log "Error: FTP_HOST can not be empty!" && exit 1 60 | [ -z ${FTP_USER} ] && log "Error: FTP_USER can not be empty!" && exit 1 61 | [ -z ${FTP_PASS} ] && log "Error: FTP_PASS can not be empty!" && exit 1 62 | [ -z ${FTP_DIR} ] && log "Error: FTP_DIR can not be empty!" && exit 1 63 | 64 | echo "$@" | grep "*" > /dev/null 2>&1 65 | if [ $? -eq 0 ]; then 66 | ls $@ > /dev/null 2>&1 67 | [ $? -ne 0 ] && log "Error: [$@] file(s) not exists!" && exit 1 68 | else 69 | for f in $@ 70 | do 71 | [ ! -f ${f} ] && log "Error: [${f}] not exists!" && exit 1 72 | done 73 | fi 74 | 75 | local FTP_OUT_FILE=("$@") 76 | 77 | log "Tranferring file(s) list below to FTP server:" 78 | for file in ${FTP_OUT_FILE[@]} 79 | do 80 | log "$file" 81 | done 82 | ftp -in ${FTP_HOST} 2>&1 >> ${LOGFILE} < 16 | 17 | # Source function library 18 | . /etc/rc.d/init.d/functions 19 | 20 | # Check that networking is up. 21 | [ ${NETWORKING} ="yes" ] || exit 0 22 | 23 | NAME="KMS Server" 24 | DAEMON=/usr/bin/vlmcsd 25 | PID_DIR=/var/run 26 | PID_FILE=$PID_DIR/vlmcsd.pid 27 | LOG_DIR=/var/log 28 | LOG_FILE=$LOG_DIR/vlmcsd.log 29 | RET_VAL=0 30 | 31 | [ -x $DAEMON ] || exit 0 32 | 33 | if [ ! -d $PID_DIR ]; then 34 | mkdir -p $PID_DIR 35 | if [ $? -ne 0 ]; then 36 | echo "Creating PID directory $PID_DIR failed" 37 | exit 1 38 | fi 39 | fi 40 | 41 | if [ ! -d $LOG_DIR ]; then 42 | mkdir -p $LOG_DIR 43 | if [ $? -ne 0 ]; then 44 | echo "Creating LOG directory $LOG_DIR failed" 45 | exit 1 46 | fi 47 | fi 48 | 49 | check_running() { 50 | if [ -r $PID_FILE ]; then 51 | read PID < $PID_FILE 52 | if [ -d "/proc/$PID" ]; then 53 | return 0 54 | else 55 | rm -f $PID_FILE 56 | return 1 57 | fi 58 | else 59 | return 2 60 | fi 61 | } 62 | 63 | do_status() { 64 | check_running 65 | case $? in 66 | 0) 67 | echo "$NAME (pid $PID) is running..." 68 | ;; 69 | 1|2) 70 | echo "$NAME is stopped" 71 | RET_VAL=1 72 | ;; 73 | esac 74 | } 75 | 76 | do_start() { 77 | if check_running; then 78 | echo "$NAME (pid $PID) is already running..." 79 | return 0 80 | fi 81 | $DAEMON -p $PID_FILE -l $LOG_FILE 82 | sleep 0.3 83 | if check_running; then 84 | echo "Starting $NAME success" 85 | else 86 | echo "Starting $NAME failed" 87 | RET_VAL=1 88 | fi 89 | } 90 | 91 | do_stop() { 92 | if check_running; then 93 | kill -9 $PID 94 | rm -f $PID_FILE 95 | echo "Stopping $NAME success" 96 | else 97 | echo "$NAME is stopped" 98 | RET_VAL=1 99 | fi 100 | } 101 | 102 | do_restart() { 103 | do_stop 104 | do_start 105 | } 106 | 107 | case "$1" in 108 | start|stop|restart|status) 109 | do_$1 110 | ;; 111 | *) 112 | echo "Usage: $0 { start | stop | restart | status }" 113 | RET_VAL=1 114 | ;; 115 | esac 116 | 117 | exit $RET_VAL 118 | -------------------------------------------------------------------------------- /kms-debian: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ### BEGIN INIT INFO 4 | # Provides: KMS Emulator 5 | # Required-Start: $network $local_fs $remote_fs 6 | # Required-Stop: $network $local_fs $remote_fs 7 | # Default-Start: 2 3 4 5 8 | # Default-Stop: 0 1 6 9 | # Short-Description: Build yourself KMS Server 10 | # Description: Start or stop the KMS Server 11 | ### END INIT INFO 12 | 13 | # Author: Teddysun 14 | 15 | NAME="KMS Server" 16 | DAEMON=/usr/bin/vlmcsd 17 | PID_DIR=/var/run 18 | PID_FILE=$PID_DIR/vlmcsd.pid 19 | LOG_DIR=/var/log 20 | LOG_FILE=$LOG_DIR/vlmcsd.log 21 | RET_VAL=0 22 | 23 | [ -x $DAEMON ] || exit 0 24 | 25 | if [ ! -d $PID_DIR ]; then 26 | mkdir -p $PID_DIR 27 | if [ $? -ne 0 ]; then 28 | echo "Creating PID directory $PID_DIR failed" 29 | exit 1 30 | fi 31 | fi 32 | 33 | if [ ! -d $LOG_DIR ]; then 34 | mkdir -p $LOG_DIR 35 | if [ $? -ne 0 ]; then 36 | echo "Creating LOG directory $LOG_DIR failed" 37 | exit 1 38 | fi 39 | fi 40 | 41 | check_running() { 42 | if [ -r $PID_FILE ]; then 43 | read PID < $PID_FILE 44 | if [ -d "/proc/$PID" ]; then 45 | return 0 46 | else 47 | rm -f $PID_FILE 48 | return 1 49 | fi 50 | else 51 | return 2 52 | fi 53 | } 54 | 55 | do_status() { 56 | check_running 57 | case $? in 58 | 0) 59 | echo "$NAME (pid $PID) is running..." 60 | ;; 61 | 1|2) 62 | echo "$NAME is stopped" 63 | RET_VAL=1 64 | ;; 65 | esac 66 | } 67 | 68 | do_start() { 69 | if check_running; then 70 | echo "$NAME (pid $PID) is already running..." 71 | return 0 72 | fi 73 | $DAEMON -p $PID_FILE -l $LOG_FILE 74 | sleep 0.3 75 | if check_running; then 76 | echo "Starting $NAME success" 77 | else 78 | echo "Starting $NAME failed" 79 | RET_VAL=1 80 | fi 81 | } 82 | 83 | do_stop() { 84 | if check_running; then 85 | kill -9 $PID 86 | rm -f $PID_FILE 87 | echo "Stopping $NAME success" 88 | else 89 | echo "$NAME is stopped" 90 | RET_VAL=1 91 | fi 92 | } 93 | 94 | do_restart() { 95 | do_stop 96 | do_start 97 | } 98 | 99 | case "$1" in 100 | start|stop|restart|status) 101 | do_$1 102 | ;; 103 | *) 104 | echo "Usage: $0 { start | stop | restart | status }" 105 | RET_VAL=1 106 | ;; 107 | esac 108 | 109 | exit $RET_VAL 110 | -------------------------------------------------------------------------------- /kms.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # Auto install KMS Server 4 | # System Required: CentOS 6+, Debian7+, Ubuntu12+ 5 | # Copyright (C) 2017-2018 Teddysun 6 | # URL: https://teddysun.com/530.html 7 | # 8 | # Thanks: https://github.com/Wind4/vlmcsd 9 | # 10 | 11 | red='\033[0;31m' 12 | green='\033[0;32m' 13 | yellow='\033[0;33m' 14 | plain='\033[0m' 15 | 16 | cur_dir=$(pwd) 17 | 18 | [[ $EUID -ne 0 ]] && echo -e "${red}Error:${plain} This script must be run as root!" && exit 1 19 | 20 | if [ -f /etc/redhat-release ]; then 21 | release="centos" 22 | elif grep -Eqi "debian" /etc/issue; then 23 | release="debian" 24 | elif grep -Eqi "ubuntu" /etc/issue; then 25 | release="ubuntu" 26 | elif grep -Eqi "centos|red hat|redhat" /etc/issue; then 27 | release="centos" 28 | elif grep -Eqi "debian" /proc/version; then 29 | release="debian" 30 | elif grep -Eqi "ubuntu" /proc/version; then 31 | release="ubuntu" 32 | elif grep -Eqi "centos|red hat|redhat" /proc/version; then 33 | release="centos" 34 | else 35 | release="" 36 | fi 37 | 38 | boot_start(){ 39 | if [[ x"${release}" == x"debian" || x"${release}" == x"ubuntu" ]]; then 40 | update-rc.d -f "${1}" defaults 41 | elif [[ x"${release}" == x"centos" ]]; then 42 | chkconfig --add "${1}" 43 | chkconfig "${1}" on 44 | fi 45 | } 46 | 47 | boot_stop(){ 48 | if [[ x"${release}" == x"debian" || x"${release}" == x"ubuntu" ]]; then 49 | update-rc.d -f "${1}" remove 50 | elif [[ x"${release}" == x"centos" ]]; then 51 | chkconfig "${1}" off 52 | chkconfig --del "${1}" 53 | fi 54 | } 55 | 56 | # Get version 57 | getversion(){ 58 | if [[ -s /etc/redhat-release ]]; then 59 | grep -oE "[0-9.]+" /etc/redhat-release 60 | else 61 | grep -oE "[0-9.]+" /etc/issue 62 | fi 63 | } 64 | 65 | # CentOS version 66 | centosversion(){ 67 | if [[ x"${release}" == x"centos" ]]; then 68 | local code=$1 69 | local version="$(getversion)" 70 | local main_ver=${version%%.*} 71 | if [ "$main_ver" == "$code" ]; then 72 | return 0 73 | else 74 | return 1 75 | fi 76 | else 77 | return 1 78 | fi 79 | } 80 | 81 | get_opsy() { 82 | [ -f /etc/redhat-release ] && awk '{print ($1,$3~/^[0-9]/?$3:$4)}' /etc/redhat-release && return 83 | [ -f /etc/os-release ] && awk -F'[= "]' '/PRETTY_NAME/{print $3,$4,$5}' /etc/os-release && return 84 | [ -f /etc/lsb-release ] && awk -F'[="]+' '/DESCRIPTION/{print $2}' /etc/lsb-release && return 85 | } 86 | 87 | get_char() { 88 | SAVEDSTTY=$(stty -g) 89 | stty -echo 90 | stty cbreak 91 | dd if=/dev/tty bs=1 count=1 2> /dev/null 92 | stty -raw 93 | stty echo 94 | stty "$SAVEDSTTY" 95 | } 96 | 97 | set_firewall() { 98 | if centosversion 6; then 99 | /etc/init.d/iptables status > /dev/null 2>&1 100 | if [ $? -eq 0 ]; then 101 | iptables -L -n | grep -i 1688 > /dev/null 2>&1 102 | if [ $? -ne 0 ]; then 103 | iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 1688 -j ACCEPT 104 | /etc/init.d/iptables save 105 | /etc/init.d/iptables restart 106 | fi 107 | else 108 | echo -e "${yellow}Warning:${plain} iptables looks like shutdown or not installed, please enable port 1688 manually set if necessary." 109 | fi 110 | elif centosversion 7; then 111 | systemctl status firewalld > /dev/null 2>&1 112 | if [ $? -eq 0 ]; then 113 | firewall-cmd --permanent --zone=public --add-port=1688/tcp 114 | firewall-cmd --reload 115 | else 116 | echo -e "${yellow}Warning:${plain} firewalld looks like shutdown or not installed, please enable port 1688 manually set if necessary." 117 | fi 118 | fi 119 | } 120 | 121 | install_main() { 122 | [ -f /usr/bin/vlmcsd ] && echo -e "${yellow}Warning:${plain} KMS Server is already installed. nothing to do..." && exit 1 123 | 124 | clear 125 | opsy=$( get_opsy ) 126 | arch=$( uname -m ) 127 | lbit=$( getconf LONG_BIT ) 128 | kern=$( uname -r ) 129 | echo "---------- System Information ----------" 130 | echo " OS : $opsy" 131 | echo " Arch : $arch ($lbit Bit)" 132 | echo " Kernel : $kern" 133 | echo "----------------------------------------" 134 | echo " Auto install KMS Server" 135 | echo 136 | echo " URL: https://teddysun.com/530.html" 137 | echo "----------------------------------------" 138 | echo 139 | echo "Press any key to start...or Press Ctrl+C to cancel" 140 | char=$(get_char) 141 | 142 | if [[ x"${release}" == x"centos" ]]; then 143 | yum -y install gcc git make nss curl libcurl 144 | if ! wget --no-check-certificate -O /etc/init.d/kms https://raw.githubusercontent.com/teddysun/across/master/kms; then 145 | echo -e "[${red}Error:${plain}] Failed to download KMS Server script." 146 | exit 1 147 | fi 148 | elif [[ x"${release}" == x"debian" || x"${release}" == x"ubuntu" ]]; then 149 | apt-get -y update 150 | apt-get install -y gcc git make libnss3 curl libcurl3-nss 151 | if ! wget --no-check-certificate -O /etc/init.d/kms https://raw.githubusercontent.com/teddysun/across/master/kms-debian; then 152 | echo -e "[${red}Error:${plain}] Failed to download KMS Server script." 153 | exit 1 154 | fi 155 | else 156 | echo -e "${red}Error:${plain} OS is not be supported, please change to CentOS/Debian/Ubuntu and try again." 157 | exit 1 158 | fi 159 | 160 | cd "${cur_dir}" || exit 161 | git clone https://github.com/Wind4/vlmcsd.git > /dev/null 2>&1 162 | [ -d vlmcsd ] && cd vlmcsd || echo -e "[${red}Error:${plain}] Failed to git clone vlmcsd." 163 | make 164 | if [ $? -ne 0 ]; then 165 | echo -e "${red}Error:${plain} Install KMS Server failed, please check it and try again." 166 | exit 1 167 | fi 168 | cp -p bin/vlmcsd /usr/bin/ 169 | chmod 755 /usr/bin/vlmcsd 170 | chmod 755 /etc/init.d/kms 171 | boot_start kms 172 | /etc/init.d/kms start 173 | if [ $? -ne 0 ]; then 174 | echo -e "${red}Error:${plain} KMS server start failed." 175 | fi 176 | if [[ x"${release}" == x"centos" ]]; then 177 | set_firewall 178 | fi 179 | cd "${cur_dir}" || exit 180 | rm -rf vlmcsd 181 | echo 182 | echo "Install KMS Server success" 183 | echo "Welcome to visit:https://teddysun.com/530.html" 184 | echo "Enjoy it!" 185 | echo 186 | } 187 | 188 | 189 | install_kms() { 190 | install_main 2>&1 | tee "${cur_dir}"/install_kms.log 191 | } 192 | 193 | # Uninstall KMS Server 194 | uninstall_kms() { 195 | printf "Are you sure uninstall KMS Server? (y/n) " 196 | printf "\n" 197 | read -p "(Default: n):" answer 198 | [ -z "${answer}" ] && answer="n" 199 | if [ "${answer}" == "y" ] || [ "${answer}" == "Y" ]; then 200 | /etc/init.d/kms status > /dev/null 2>&1 201 | if [ $? -eq 0 ]; then 202 | /etc/init.d/kms stop 203 | fi 204 | boot_stop kms 205 | # delete kms server 206 | rm -f /usr/bin/vlmcsd 207 | rm -f /etc/init.d/kms 208 | rm -f /var/log/vlmcsd.log 209 | echo "KMS Server uninstall success" 210 | else 211 | echo 212 | echo "Uninstall cancelled, nothing to do..." 213 | echo 214 | fi 215 | } 216 | 217 | # Initialization step 218 | action=$1 219 | [ -z "$1" ] && action=install 220 | case "$action" in 221 | install|uninstall) 222 | ${action}_kms 223 | ;; 224 | *) 225 | echo "Arguments error! [${action}]" 226 | echo "Usage: $(basename $0) [install|uninstall]" 227 | ;; 228 | esac 229 | -------------------------------------------------------------------------------- /pptp.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin 3 | export PATH 4 | #=================================================================== 5 | # SYSTEM REQUIRED: CentOS 6 (32bit/64bit) 6 | # DESCRIPTION: Auto install pptpd for CentOS 6 7 | # Author: Teddysun 8 | #=================================================================== 9 | 10 | if [[ $EUID -ne 0 ]]; then 11 | echo "Error:This script must be run as root!" 12 | exit 1 13 | fi 14 | 15 | if [[ ! -e /dev/net/tun ]]; then 16 | echo "TUN/TAP is not available!" 17 | exit 1 18 | fi 19 | 20 | cur_dir=`pwd` 21 | clear 22 | echo "" 23 | echo "#############################################################" 24 | echo "# Auto Install PPTP for CentOS 6 #" 25 | echo "# System Required: CentOS 6(32bit/64bit) #" 26 | echo "# Intro: http://teddysun.com/134.html #" 27 | echo "# Author: Teddysun #" 28 | echo "#############################################################" 29 | echo "" 30 | 31 | # Remove installed pptpd & ppp 32 | yum remove -y pptpd ppp 33 | iptables --flush POSTROUTING --table nat 34 | iptables --flush FORWARD 35 | rm -f /etc/pptpd.conf 36 | rm -rf /etc/ppp 37 | arch=`uname -m` 38 | IP=`ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\." | head -n 1` 39 | 40 | # Download pptpd 41 | if [ -s pptpd-1.4.0-3.el6.$arch.rpm ]; then 42 | echo "pptpd-1.4.0-3.el6.$arch.rpm [found]" 43 | else 44 | echo "pptpd-1.4.0-3.el6.$arch.rpm not found! download now......" 45 | if ! wget http://lamp.teddysun.com/files/pptpd-1.4.0-3.el6.$arch.rpm; then 46 | echo "Failed to download pptpd-1.4.0-3.el6.$arch.rpm, please download it to $cur_dir directory manually and retry." 47 | exit 1 48 | fi 49 | fi 50 | 51 | # Install some necessary tools 52 | yum -y install net-tools make libpcap iptables gcc-c++ logrotate tar cpio perl pam tcp_wrappers dkms ppp 53 | rpm -ivh pptpd-1.4.0-3.el6.$arch.rpm 54 | 55 | rm -f /dev/ppp 56 | mknod /dev/ppp c 108 0 57 | echo 1 > /proc/sys/net/ipv4/ip_forward 58 | echo "mknod /dev/ppp c 108 0" >> /etc/rc.local 59 | echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.local 60 | echo "localip 192.168.8.1" >> /etc/pptpd.conf 61 | echo "remoteip 192.168.8.2-254" >> /etc/pptpd.conf 62 | echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd 63 | echo "ms-dns 8.8.4.4" >> /etc/ppp/options.pptpd 64 | 65 | pass=`openssl rand 6 -base64` 66 | if [ "$1" != "" ] 67 | then pass=$1 68 | fi 69 | 70 | echo "vpn pptpd ${pass} *" >> /etc/ppp/chap-secrets 71 | 72 | iptables -t nat -A POSTROUTING -s 192.168.8.0/24 -j SNAT --to-source ${IP} 73 | iptables -A FORWARD -p tcp --syn -s 192.168.8.0/24 -j TCPMSS --set-mss 1356 74 | service iptables save 75 | chkconfig --add pptpd 76 | chkconfig pptpd on 77 | service iptables restart 78 | service pptpd start 79 | 80 | echo 81 | echo "PPTP VPN service is installed." 82 | echo "ServerIP:${IP}" 83 | echo "Username:vpn" 84 | echo "Password:${pass}" 85 | echo "Welcome to visit: https://teddysun.com/134.html" 86 | echo 87 | 88 | exit 0 89 | -------------------------------------------------------------------------------- /rpm/xray-plugin/xray-plugin.spec: -------------------------------------------------------------------------------- 1 | # 2 | # spec file for package xray-plugin 3 | # 4 | Name: xray-plugin 5 | Version: 1.8.15 6 | Release: 1%{?dist} 7 | Summary: A SIP003 plugin for shadowsocks 8 | License: MIT 9 | Group: Productivity/Networking/Security 10 | URL: https://github.com/teddysun/xray-plugin 11 | Source0: %{name}-%{version}.tar.gz 12 | BuildRequires: bash 13 | 14 | %global debug_package %{nil} 15 | %global _missing_build_ids_terminate_build 0 16 | 17 | %description 18 | Yet another SIP003 plugin for shadowsocks, based on xray-core 19 | 20 | %prep 21 | %setup -q 22 | 23 | %build 24 | 25 | export CGO_ENABLED=0 26 | go build -v -trimpath -ldflags "-X main.VERSION=v%{version} -s -w -buildid=" -o xray-plugin 27 | 28 | %install 29 | # install binary 30 | install -D -p -m 0755 xray-plugin %{buildroot}%{_bindir}/xray-plugin 31 | 32 | %files 33 | %defattr(-,root,root) 34 | %doc README.md 35 | %{_bindir}/xray-plugin 36 | %license LICENSE 37 | -------------------------------------------------------------------------------- /rpm/xray/xray.spec: -------------------------------------------------------------------------------- 1 | %global debug_package %{nil} 2 | 3 | Name: xray 4 | Version: 24.11.30 5 | Release: 1%{?dist} 6 | Summary: Xray, Penetrates Everything. 7 | License: MPL-2.0 8 | URL: https://github.com/XTLS/Xray-core 9 | Packager: Teddysun 10 | 11 | Source0: https://github.com/XTLS/Xray-core/archive/refs/tags/v%{version}.tar.gz#/Xray-core-%{version}.tar.gz 12 | Source1: https://github.com/teddysun/across/raw/master/rpm/xray/config.json 13 | Source2: https://github.com/v2fly/geoip/releases/latest/download/geoip.dat 14 | Source3: https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat 15 | 16 | #BuildRequires: golang >= 1.20 17 | %if 0%{?rhel} && 0%{?rhel} < 8 18 | BuildRequires: systemd 19 | %else 20 | BuildRequires: systemd-rpm-macros 21 | %endif 22 | %{?systemd_requires} 23 | Provides: Productivity/Networking/Web/Proxy 24 | 25 | %description 26 | Xray, Penetrates Everything. 27 | Also the best v2ray-core, with XTLS support. Fully compatible configuration. 28 | 29 | %prep 30 | %setup -q -n Xray-core-%{version} 31 | 32 | %build 33 | # https://pagure.io/go-rpm-macros/c/1cc7f5d9026175bb6cb1b8c889355d0c4fc0e40a 34 | %undefine _auto_set_build_flags 35 | 36 | LDFLAGS='-s -w -buildid=' 37 | env CGO_ENABLED=0 go build -v -trimpath -ldflags "$LDFLAGS" -o %{name} ./main 38 | 39 | %install 40 | %{__install} -d %{buildroot}%{_bindir} 41 | %{__install} -p -m 755 %{name} %{buildroot}%{_bindir} 42 | 43 | %{__install} -d %{buildroot}%{_sysconfdir}/%{name} 44 | %{__install} -p -m 644 %{S:1} %{buildroot}%{_sysconfdir}/%{name}/config.json 45 | 46 | %{__install} -d %{buildroot}%{_datadir}/%{name} 47 | %{__install} -p -m 0644 %{S:2} %{buildroot}%{_datadir}/%{name}/geoip.dat 48 | %{__install} -p -m 0644 %{S:3} %{buildroot}%{_datadir}/%{name}/geosite.dat 49 | 50 | %{__install} -d %{buildroot}%{_unitdir} 51 | cat > %{buildroot}%{_unitdir}/%{name}.service < %{buildroot}%{_unitdir}/%{name}@.service < - 24.11.30-1 112 | - Update version to 24.11.30 113 | 114 | * Thu Nov 21 2024 Teddysun - 24.11.21-1 115 | - Update version to 24.11.21 116 | 117 | * Mon Nov 11 2024 Teddysun - 24.11.11-1 118 | - Update version to 24.11.11 119 | 120 | * Tue Nov 05 2024 Teddysun - 24.11.5-1 121 | - Update version to 24.11.5 122 | 123 | * Thu Oct 31 2024 Teddysun - 24.10.31-1 124 | - Update version to 24.10.31 125 | 126 | * Wed Oct 16 2024 Teddysun - 24.10.16-1 127 | - Update version to 24.10.16 128 | 129 | * Mon Sep 30 2024 Teddysun - 24.9.30-1 130 | - Update version to 24.9.30 131 | 132 | * Thu Sep 19 2024 Teddysun - 24.9.19-1 133 | - Update version to 24.9.19 134 | 135 | * Mon Sep 16 2024 Teddysun - 24.9.16-1 136 | - Update version to 24.9.16 137 | 138 | * Sat Sep 07 2024 Teddysun - 24.9.7-1 139 | - Update version to 24.9.7 (New version naming rule, based release date) 140 | 141 | * Fri Aug 30 2024 Teddysun - 1.8.24-1 142 | - Update version to 1.8.24 143 | 144 | * Sun Aug 04 2024 Teddysun - 1.8.23-1 145 | - Update to version 1.8.23 146 | 147 | * Wed Jul 17 2024 Teddysun - 1.8.19-1 148 | - Update to version 1.8.19 149 | 150 | * Mon Jul 15 2024 Teddysun - 1.8.18-1 151 | - Update to version 1.8.18 152 | 153 | * Fri Jul 12 2024 Teddysun - 1.8.17-1 154 | - Update to version 1.8.17 155 | 156 | * Fri Jun 21 2024 Teddysun - 1.8.16-1 157 | - Update to version 1.8.16 158 | 159 | * Tue Jun 18 2024 Teddysun - 1.8.15-1 160 | - Update to version 1.8.15 161 | 162 | * Thu May 23 2024 Teddysun - 1.8.13-1 163 | - Update to version 1.8.13 164 | 165 | * Wed May 22 2024 Teddysun - 1.8.12-1 166 | - Update to version 1.8.12 167 | 168 | * Fri Apr 26 2024 Teddysun - 1.8.11-1 169 | - Update to version 1.8.11 170 | 171 | * Sat Mar 30 2024 Teddysun - 1.8.10-1 172 | - Update to version 1.8.10 173 | 174 | * Mon Mar 11 2024 Teddysun - 1.8.9-1 175 | - Update to version 1.8.9 176 | 177 | * Mon Feb 26 2024 Teddysun - 1.8.8-1 178 | - Update to version 1.8.8 179 | 180 | * Mon Jan 08 2024 Teddysun - 1.8.7-1 181 | - Update to version 1.8.7 182 | 183 | * Sat Nov 18 2023 Teddysun - 1.8.6-1 184 | - Update to version 1.8.6 185 | 186 | * Tue Nov 14 2023 Teddysun - 1.8.5-1 187 | - Update to version 1.8.5 188 | 189 | * Wed Oct 18 2023 Teddysun - 1.8.4-1 190 | - Update to version 1.8.4 191 | -------------------------------------------------------------------------------- /unixbench.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | #==============================================================# 3 | # Description: Unixbench script # 4 | # Author: Teddysun # 5 | # Intro: https://teddysun.com/245.html # 6 | #==============================================================# 7 | cur_dir=/opt/unixbench 8 | 9 | # Check System 10 | [[ $EUID -ne 0 ]] && echo 'Error: This script must be run as root!' && exit 1 11 | [[ -f /etc/redhat-release ]] && os='centos' 12 | [[ ! -z "`egrep -i debian /etc/issue`" ]] && os='debian' 13 | [[ ! -z "`egrep -i ubuntu /etc/issue`" ]] && os='ubuntu' 14 | [[ "$os" == '' ]] && echo 'Error: Your system is not supported to run it!' && exit 1 15 | 16 | # Install necessary libaries 17 | if [ "$os" == 'centos' ]; then 18 | yum -y install make automake gcc autoconf gcc-c++ time perl-Time-HiRes 19 | else 20 | apt-get -y update 21 | apt-get -y install make automake gcc autoconf time perl 22 | fi 23 | 24 | # Create new soft download dir 25 | mkdir -p ${cur_dir} 26 | cd ${cur_dir} 27 | 28 | # Download UnixBench5.1.3 29 | if [ -s UnixBench5.1.3.tgz ]; then 30 | echo "UnixBench5.1.3.tgz [found]" 31 | else 32 | echo "UnixBench5.1.3.tgz not found!!!download now..." 33 | if ! wget -c https://dl.lamp.sh/files/UnixBench5.1.3.tgz; then 34 | echo "Failed to download UnixBench5.1.3.tgz, please download it to ${cur_dir} directory manually and try again." 35 | exit 1 36 | fi 37 | fi 38 | tar -zxvf UnixBench5.1.3.tgz && rm -f UnixBench5.1.3.tgz 39 | cd UnixBench/ 40 | 41 | #Run unixbench 42 | make 43 | ./Run 44 | 45 | echo 46 | echo 47 | echo "======= Script description and score comparison completed! ======= " 48 | echo 49 | echo 50 | --------------------------------------------------------------------------------