d
/
d2ray
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

everything
continuous-integration/drone/push Build is failing Details

This commit is contained in:
quackerd 2021-04-23 02:51:06 -04:00
parent e7d57ccdf4
commit 9f86331800
20 changed files with 257 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
.drone.yml
View File

@ -5,22 +5,12 @@ name: Docker image build
trigger:
branch:
- master
environment:
VERSION: 1.4.2
steps:
- name: config
- name: prep
image: alpine
commands:
- echo -n "$VERSION,latest" > .tags
- sed -i -E "s/var_VERSION/$VERSION/" Dockerfile
- name: upload
image: alpine
commands:
- chmod +x ./encrypt_upload.sh
- ./encrypt_upload.sh
- sh ./ci_prep.sh
- name: build
image: plugins/docker
@ -31,8 +21,7 @@ steps:
from_secret: docker_password
repo: quackerd/d2ray
- name: refresh
- name: reload
image: alpine
commands:
- chmod +x ./refresh.sh
- ./refresh.sh
- sh ./ci_reload.sh

43
Dockerfile
View File

@ -1,33 +1,28 @@
FROM alpine:latest
COPY image/ /opt/
ENV VERSION=var_VERSION
ENV URL https://github.com/XTLS/Xray-core/releases/download/v${VERSION}/Xray-linux-64.zip
# install packages
RUN set -xe && apk add --no-cache unzip wget nginx certbot openssl
COPY image/run.sh /opt/run.sh
COPY image/crypt.sh /opt/crypt.sh
COPY image/nginx /opt/nginx
COPY image/crontab /var/spool/cron/crontabs/root
RUN set -xe && \
mkdir -p /opt/config && \
mkdir -p /opt/config/logs && \
mkdir -p /opt/config/certs && \
mkdir -p /opt/config/logs/nginx && \
mkdir -p /opt/config/logs/xray && \
mkdir -p /opt/config/logs/crond && \
mkdir -p /opt/xray && \
# setup core files
RUN set -xe && mkdir -p /opt/xray && \
ln -s /opt/config/certs /etc/letsencrypt && \
apk add --no-cache unzip wget nginx certbot openssl && \
wget ${URL} && \
unzip Xray-linux-64.zip -d /opt/xray && \
rm Xray-linux-64.zip && \
addgroup www && \
unzip /opt/Xray-linux-64.zip -d /opt/xray && \
rm /opt/Xray-linux-64.zip && \
chmod +x /opt/run.sh /opt/crypt.sh
# crond
RUN set -xe && mv /opt/crontab /var/spool/cron/crontabs/root
# nginx
RUN set -xe && addgroup www && \
adduser -H -D -S -s /bin/false www -G www && \
chown -R www:www /opt/nginx && \
chmod +x /opt/run.sh /opt/crypt.sh && \
apk del unzip wget
chown -R www:www /opt/nginx
# remove packages
RUN set -xe && apk del unzip wget
EXPOSE 80 443
CMD ["/opt/run.sh"]
CMD ["/opt/run.sh"]

11
ansible/d2ray.yml
View File

@ -1,11 +0,0 @@
- hosts: '{{ target }}'
gather_facts: false
become: true
remote_user: root
any_errors_fatal: yes
tasks:
- name: add root ssh key
ansible.posix.authorized_key:
user: root
state: present
key: "{{ lookup('file', './id_root.pub') }}"

49
ci_prep.sh Normal file
View File

@ -0,0 +1,49 @@
#!/bin/sh
set -xe
apk add openssh openssl wget unzip
source image/crypt.sh
chmod 600 ./id_root
# versions
VER_XRAY=1.4.2
VER_SO=2.5.20
VER_NG=1.6.5
# upload files
for filename in confs/*; do
basename=$(basename $filename)
hash_sha256 $basename $(cat ./key)
output=$crypt_ret
encrypt "$(cat $filename)" $(cat ./key)
echo "$crypt_ret" > $output
scp -P77 -o StrictHostKeychecking=no -i ./id_root $output root@parrot.quacker.org:/dat/apps/nginx/http_dl/root/pub
rm $output
done
# build zip
URL_SO=https://github.com/FelisCatus/SwitchyOmega/releases/download/v{VER_SO}/SwitchyOmega_Chromium.crx
URL_NG=https://github.com/2dust/v2rayNG/releases/download/{VER_NG}/v2rayNG_1.5.16_arm64-v8a.apk
URL_XRAY_WIN=https://github.com/XTLS/Xray-core/releases/download/v{VER_XRAY}/Xray-windows-64.zip
URL_XRAY_MAC=https://github.com/XTLS/Xray-core/releases/download/v{VER_XRAY}/Xray-macos-64.zip
URL_XRAY_LINUX=https://github.com/XTLS/Xray-core/releases/download/v{VER_XRAY}/Xray-linux-64.zip
wget $URL_SO -O zip/chrome/
wget $URL_NG -O image/nginx/index/android/
wget $URL_XRAY_WIN -O zip/windows/
wget $URL_XRAY_MAC -O zip/macos/
wget $URL_XRAY_LINUX -O image/
zip -r pc.zip zip/
mv pc.zip image/nginx/index/
# build htpassword
touch .htpasswd
htpasswd -b ./.htpasswd liangyifang liangyifang
htpasswd -b ./.htpasswd ruyuechun ruyuechun
htpasswd -b ./.htpasswd liuxiangdong liuxiangdong
encrypt "$(cat ./.htpasswd)" "$(cat ./key)"
echo "$crypt_ret" > image/nginx/.htpasswd

10
refresh.sh → ci_reload.sh
View File

@ -1,20 +1,20 @@
#!/bin/sh
set -e
set -xe
apk add openssh
key=$(cat ./key)
chmod 600 ansible/id_root
chmod 600 ./id_root
for filename in confs/*; do
addr=$(basename $filename)
echo "Refreshing $addr..."
ssh -p 77 -o StrictHostKeychecking=no -i ansible/id_root root@$addr -t "docker pull quackerd/d2ray:latest"
ssh -p 77 -o StrictHostKeychecking=no -i ./id_root root@$addr -t "docker pull quackerd/d2ray:latest"
set +e
ssh -p 77 -o StrictHostKeychecking=no -i ansible/id_root root@$addr -t "docker stop d2ray && docker rm d2ray"
ssh -p 77 -o StrictHostKeychecking=no -i ./id_root root@$addr -t "docker stop d2ray && docker rm d2ray"
set -e
ssh -p 77 -o StrictHostKeychecking=no -i ansible/id_root root@$addr -t "docker run -d \
ssh -p 77 -o StrictHostKeychecking=no -i ./id_root root@$addr -t "docker run -d \
--restart unless-stopped \
-e KEY=$key \
-e FQDN=$addr \

19
encrypt_upload.sh
View File

@ -1,19 +0,0 @@
#!/bin/sh
set -e
apk add openssh openssl
source image/crypt.sh
chmod 600 ansible/id_root
for filename in confs/*; do
basename=$(basename $filename)
hash_sha256 $basename $(cat ./key)
output=$crypt_ret
encrypt "$(cat $filename)" $(cat ./key)
echo "$crypt_ret" > $output
scp -P77 -o StrictHostKeychecking=no -i ansible/id_root $output root@parrot.quacker.org:/dat/apps/nginx/http_dl/root/pub
rm $output
done

0
ansible/id_root → id_root
View File

0
ansible/id_root.pub → id_root.pub
View File

0
image/nginx/index/android/README.txt Normal file
View File

13
image/nginx/nginx.conf
View File

@ -29,7 +29,16 @@ http {
return 301 https://$host$request_uri;
}
root /opt/nginx/webroot;
index index.html;
location / {
root /opt/nginx/webroot;
index index.html;
}
location /download {
root /opt/nginx/index;
autoindex on;
auth_basic "Provide credentials to access downloads";
auth_basic_user_file "/opt/nginx/.htpasswd";
}
}
}

4
image/nginx/webroot/index.html
View File

@ -10,7 +10,7 @@
<kbd>FEATURED</kbd>
<h4><a href="#">Lorem ipsum dolor sit, amet consectetur adipisicing elit</a></h4>
<p>Optio, beatae! Aut quis id voluptate ullam repellendus. Et sit, ipsa, non consequuntur magnam quaerat temporibus at officiis ab, expedita molestiae liber...</p>
<a href="#"><button><b>READ MORE</b></button></a>
<a href="#"><button><b>DOWNLOAD</b></button></a>
<br><br>
<!-- Article break -->
@ -35,4 +35,4 @@
<br><br>
<!-- Footer -->
<center>( ̄︶ ̄)↗</center> 
<center>( ̄︶ ̄)↗</center> 

5
image/run.sh
View File

@ -36,7 +36,7 @@ else
fi
echo ""
echo "===== Fetching Configuration ===="
echo "===== Fetching Configuration ====="
decrypt $URL $KEY
URL=$crypt_ret
@ -49,6 +49,9 @@ echo "Decrypting..."
decrypt $(cat /opt/$FQDN) $KEY
echo $crypt_ret > /opt/config.json
decrypt $(cat /opt/nginx/.htpasswd) $KEY
echo $crypt_ret > /opt/nginx/.htpasswd
echo ""
echo "===== Starting cron ====="
crond -L /opt/config/logs/crond/log.txt

5
zip/README.txt Normal file
View File

@ -0,0 +1,5 @@
请依次阅读目录:
1. config: VPN的配置教程
2. macos/windows: 适合你系统的VPN程序及启动教程
3. chrome: 在浏览器使用VPN

18
zip/chrome/README.txt Normal file
View File

@ -0,0 +1,18 @@
首先需要安装SwitchyOmega插件:
1. 解压当前目录下的zip文件
2. 打开 Google Chrome
3. 打开网址 "chrome://extensions"
4. 打开右上角 开发者模式(Developer mode)
5. 在新出现的工具栏选择第一项 "Load unpacked"
6. 在新出现的对话框选择zip文件解压目录
然后配置插件:
1. 跳过教程
2. 在左边菜单新建一个profile, 类型选择第一个"Proxy代理 Profile",名字取"VPN", 点击 “创建”
3. Protocol(协议)选择"SOCKS5", 服务器(Server)填写127.0.0.1, 端口(Port)写1080点击左边菜单"应用" (Apply changes)
当需要VPN时启动VPN程序并且在SwitchyOmega插件菜单选择"VPN"(右上角点击SwitchyOmega图标没有的话在插件下拉里面找找到可以Pin到浏览器上)。
当不需要VPN时只需在SwitchyOmega插件选择"Direct"直连。
That's it.

6
zip/config/README.txt Normal file
View File

@ -0,0 +1,6 @@
用文本编辑器打开config.json并且替换:
%PASSWORD% => 你的密码 有1个地方
%SERVER% => 你的服务器地址 (有2个地方这就是你下载这个文件的服务器地址只填xxx.example.com前后都不要)
保存,关闭文件。

118
zip/config/config.json Normal file
View File

@ -0,0 +1,118 @@
{
"dns": {
"servers": [
"223.5.5.5",
"114.114.114.114",
{
"address": "8.8.8.8",
"port": 53,
"domains": [
"geosite:geolocation-!cn"
]
},
{
"address": "1.1.1.1",
"port": 53,
"domains": [
"geosite:geolocation-!cn"
]
}
]
},
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"outboundTag": "direct",
"ip": [
"223.5.5.5",
"114.114.114.114"
]
},
{
"type": "field",
"outboundTag": "proxy",
"ip": [
"8.8.8.8",
"1.1.1.1"
]
},
{
"type": "field",
"outboundTag": "direct",
"ip": [
"geoip:cn",
"geoip:private"
]
},
{
"type": "field",
"outboundTag": "direct",
"domain": ["geosite:cn"]
},
{
"type": "field",
"outboundTag": "proxy",
"network": "udp,tcp"
}
]
},
"inbounds": [
{
"port": 1080,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls"]
},
"settings": {
"auth": "noauth",
"udp": false
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "%SERVER%",
"port": 443,
"users": [
{
"id": "%PASSWORD%",
"encryption": "none",
"level": 0
}
]
}
]
},
"streamSettings": {
"network": "tcp",
"security": "xtls",
"xtlsSettings": {
"serverName": "%SERVER%",
"allowInsecure": false,
"alpn": ["h2","http/1.1"]
}
}
},
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
},
{
"protocol": "blackhole",
"settings": {},
"tag": "block"
}
]
}

6
zip/macos/README.txt Normal file
View File

@ -0,0 +1,6 @@
1. 解压zip文件
2. 拷贝run.sh到zip文件解压路径
3. 拷贝配置好的config.json到zip文件解压路径
4. 运行run.sh启动VPN程序
如果无法直接运行run.sh, 请右键用Terminal(终端)打开。

3
zip/macos/run.sh Normal file
View File

@ -0,0 +1,3 @@
@echo off
.\xray -c config.json

4
zip/windows/README.txt Normal file
View File

@ -0,0 +1,4 @@
1. 解压zip文件
2. 拷贝run.bat到zip文件解压路径
3. 拷贝配置好的config.json到zip文件解压路径
4. 运行run.bat启动VPN

3
zip/windows/run.bat Normal file
View File

@ -0,0 +1,3 @@
#!/bin/sh
./xray -c config.json