merge key file
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
d32be906d9
commit
30849818aa
|
|
@ -18,9 +18,11 @@ d2ray is a single Docker container that provides easy 5-minute setups and braind
|
|||
All d2ray logs and private/public key pairs are stored in `/etc/d2ray` in the container. You can mount an external folder to that location to persist settings. See the example `docker-compose.yml`.
|
||||
|
||||
## Key Generation
|
||||
d2ray checks whether a private key file exists at path `/etc/xray/certs/private_key` and generates a new private key if not found.
|
||||
d2ray checks whether a key file exists at path `/etc/xray/certs/keys` and generates a new key pair if not found.
|
||||
|
||||
You can either supply a pre-generated private key using `xray x25519` or let d2ray generate one. The corresponding public key is both printed to the container log (`docker logs`) and written to `/etc/xray/certs/public_key`, which clients use to connect.
|
||||
You can either supply a pre-generated private key using `xray x25519` or let d2ray generate one. The corresponding public key is printed to the container log (`docker logs`), which clients use to connect.
|
||||
|
||||
If you are generating the private key yourself, the key file must contain exactly the output of `xray x25519`.
|
||||
|
||||
## How To Update?
|
||||
- `docker compose down`
|
||||
|
|
|
|||
29
opt/init.py
29
opt/init.py
|
|
@ -6,8 +6,7 @@ import string
|
|||
import pathlib
|
||||
|
||||
CONFIG_DIR = pathlib.Path("/etc/d2ray")
|
||||
PRIVKEY = CONFIG_DIR.joinpath("certs/private_key")
|
||||
PUBKEY = CONFIG_DIR.joinpath("certs/public_key")
|
||||
KEY_FILE = CONFIG_DIR.joinpath("certs/keys")
|
||||
LOG_DIR = CONFIG_DIR.joinpath("logs")
|
||||
XRAY_BIN = pathlib.Path("/opt/xray/xray")
|
||||
|
||||
|
|
@ -118,21 +117,23 @@ def main():
|
|||
args.from_env()
|
||||
|
||||
print("====== init.py ======", flush=True)
|
||||
print(f"Checking server private key...", flush=True)
|
||||
if not PRIVKEY.exists():
|
||||
print(f"Server private key not found at {PRIVKEY}. Generating...")
|
||||
skey, _ = parse_xray_x25519_output(subprocess.check_output(f"{XRAY_BIN} x25519", shell = True).decode())
|
||||
with open(PRIVKEY, "w") as f:
|
||||
f.write(skey)
|
||||
print(f"Checking key file...", flush=True)
|
||||
if not KEY_FILE.exists():
|
||||
print(f"Key file not found at {KEY_FILE}. Generating...")
|
||||
out = subprocess.check_output(f"{XRAY_BIN} x25519", shell = True).decode()
|
||||
with open(KEY_FILE, "w") as f:
|
||||
f.write(out)
|
||||
|
||||
with open(PRIVKEY, "r") as f:
|
||||
skey = f.read().strip()
|
||||
with open(KEY_FILE, "r") as f:
|
||||
out = f.read()
|
||||
|
||||
print(f"Deriving public key...", flush=True)
|
||||
_, pkey = parse_xray_x25519_output(subprocess.check_output(f"{XRAY_BIN} x25519 -i {skey}", shell = True).decode())
|
||||
print(f"Reading keys...", flush=True)
|
||||
skey, pkey = parse_xray_x25519_output(out)
|
||||
|
||||
with open(PUBKEY, "w") as f:
|
||||
f.write(pkey)
|
||||
print(f"Verifying public key...", flush=True)
|
||||
_, _pkey = parse_xray_x25519_output(subprocess.check_output(f"{XRAY_BIN} x25519 -i {skey}", shell = True).decode())
|
||||
if (_pkey != pkey):
|
||||
print(f"Unmatching public key: expected \"{_pkey}\" but key file provided \"{pkey}\". Please verify the key file.", flush=True)
|
||||
|
||||
print(f"\nConfigurations:\n{str(args)}\nPublic key: {pkey}\n", flush=True)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue