separate SNIs from URLs

This commit is contained in:
quackerd 2023-08-21 12:12:10 -04:00
parent c9b7e01b5d
commit 935fdce393
4 changed files with 24 additions and 19 deletions

View File

@ -7,8 +7,9 @@ d2ray is a single Docker container that provides easy 5-minute setups and braind
1. You can start with the example `docker-compose.yml` from this repo. 1. You can start with the example `docker-compose.yml` from this repo.
2. Adjust environment variables: 2. Adjust environment variables:
- `PORT`: the port Xray listens on. - `PORT`: the port Xray listens on.
- `TARGET_URL`: the target domain to redirect non proxy connections. - `TARGET_HOST`: the target host to redirect non proxy connections.
- `TARGET_PORT`: the target port to redirect non proxy connections. - `TARGET_PORT`: the target port to redirect non proxy connections.
- `TARGET_SNI`: comma separated list of the target website's SNIs.
- `USERS`: comma separated list of usernames that can access Xray. - `USERS`: comma separated list of usernames that can access Xray.
- `LOG_LEVEL`: the verbosity of Xray logs. Default: `warn`. - `LOG_LEVEL`: the verbosity of Xray logs. Default: `warn`.
3. `docker compose up -d` 3. `docker compose up -d`

View File

@ -10,10 +10,11 @@ services:
- 8443:8443 - 8443:8443
environment: environment:
- PORT=8443 - PORT=8443
- TARGET_URL=example.com - TARGET_HOST=example.com
- TARGET_PORT=443 - TARGET_PORT=443
- TARGET_SNI=www.example.com,example.com
- USERS=exampleuser1,exampleuser2 - USERS=exampleuser1,exampleuser2
- LOG_LEVEL=${LOG_LEVEL} - LOG_LEVEL=warn
restart: unless-stopped restart: unless-stopped
networks: networks:
- d2ray_br - d2ray_br

View File

@ -13,13 +13,15 @@ XRAY_BIN = pathlib.Path("/opt/xray/xray")
class d2args: class d2args:
port : int port : int
target_port : int target_port : int
target_url : str target_host : str
target_sni : str
log_level : str log_level : str
users : list[str] users : list[str]
def __init__(self) -> None: def __init__(self) -> None:
self.port = 443 self.port = 443
self.target_host = "localhost"
self.target_port = 443 self.target_port = 443
self.target_url = "localhost" self.target_sni = "localhost"
self.log_level = "warn" self.log_level = "warn"
self.users = [''.join(random.choices(string.ascii_uppercase + string.digits, k=24))] self.users = [''.join(random.choices(string.ascii_uppercase + string.digits, k=24))]
@ -32,9 +34,13 @@ class d2args:
if env != None: if env != None:
self.target_port = int(env) self.target_port = int(env)
env = os.getenv("TARGET_URL") env = os.getenv("TARGET_SNI")
if env != None: if env != None:
self.target_url = env self.target_sni = env.split(",")
env = os.getenv("TARGET_HOST")
if env != None:
self.target_host = env
env = os.getenv("LOG_LEVEL") env = os.getenv("LOG_LEVEL")
if env != None: if env != None:
@ -47,7 +53,8 @@ class d2args:
def __str__(self): def __str__(self):
ret = (f"Port: {self.port}\n" ret = (f"Port: {self.port}\n"
f"Target Port: {self.target_port}\n" f"Target Port: {self.target_port}\n"
f"Target URL: {self.target_url}\n" f"Target Host: {self.target_host}\n"
f"Target SNI: {', '.join(self.target_sni)}\n"
f"Log Level: {self.log_level}\n" f"Log Level: {self.log_level}\n"
f"Users: {', '.join(self.users)}" f"Users: {', '.join(self.users)}"
) )
@ -68,12 +75,8 @@ def process_directory(path : str, vars : dict[str, str], delete_template : bool
if delete_template: if delete_template:
subprocess.check_call(f"rm {full_path}", shell=True) subprocess.check_call(f"rm {full_path}", shell=True)
def build_target_fqdns(url : str) -> str: def build_target_snis(snis : list[str]) -> str:
prefix = "www." return ', '.join(['"' + item + '"' for item in snis])
fqdns = [url, f"{prefix}{url}"]
if url.startswith(prefix) and len(url) > len(prefix):
fqdns.append(url[len(prefix):])
return ', '.join(['"' + item + '"' for item in fqdns])
def build_users_json(users: list[str]) -> str: def build_users_json(users: list[str]) -> str:
return ', '.join(["{\"id\": \"" + item + "\", \"flow\": \"xtls-rprx-vision\"}" for item in users]) return ', '.join(["{\"id\": \"" + item + "\", \"flow\": \"xtls-rprx-vision\"}" for item in users])
@ -81,10 +84,10 @@ def build_users_json(users: list[str]) -> str:
def build_jinja_dict(args : d2args, skey : str) -> dict[str, str]: def build_jinja_dict(args : d2args, skey : str) -> dict[str, str]:
jinja_dict : dict[str,str] = dict() jinja_dict : dict[str,str] = dict()
jinja_dict["PORT"] = str(args.port) jinja_dict["PORT"] = str(args.port)
jinja_dict["TARGET_URL"] = args.target_url jinja_dict["TARGET_HOST"] = args.target_host
jinja_dict["TARGET_PORT"] = str(args.target_port) jinja_dict["TARGET_PORT"] = str(args.target_port)
jinja_dict["TARGET_FQDNS"] = build_target_fqdns(args.target_url) jinja_dict["TARGET_SNI"] = build_target_snis(args.target_sni)
jinja_dict["LOG_DIR"] = str(LOG_DIR) jinja_dict["LOG_DIR"] = str(LOG_DIR)
jinja_dict["LOG_LEVEL"] = args.log_level jinja_dict["LOG_LEVEL"] = args.log_level

View File

@ -19,10 +19,10 @@
"security": "reality", "security": "reality",
"realitySettings": { "realitySettings": {
"show": false, "show": false,
"dest": "{{ TARGET_URL }}:{{ TARGET_PORT }}", "dest": "{{ TARGET_HOST }}:{{ TARGET_PORT }}",
"xver": 0, "xver": 0,
"serverNames": [ "serverNames": [
{{ TARGET_FQDNS }} {{ TARGET_SNI }}
], ],
"privateKey": "{{ PRIVATE_KEY }}", "privateKey": "{{ PRIVATE_KEY }}",
"shortIds": [ "shortIds": [