everything
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
This commit is contained in:
parent
e7d57ccdf4
commit
9f86331800
19
.drone.yml
19
.drone.yml
|
@ -5,22 +5,12 @@ name: Docker image build
|
|||
trigger:
|
||||
branch:
|
||||
- master
|
||||
|
||||
environment:
|
||||
VERSION: 1.4.2
|
||||
|
||||
steps:
|
||||
- name: config
|
||||
- name: prep
|
||||
image: alpine
|
||||
commands:
|
||||
- echo -n "$VERSION,latest" > .tags
|
||||
- sed -i -E "s/var_VERSION/$VERSION/" Dockerfile
|
||||
|
||||
- name: upload
|
||||
image: alpine
|
||||
commands:
|
||||
- chmod +x ./encrypt_upload.sh
|
||||
- ./encrypt_upload.sh
|
||||
- sh ./ci_prep.sh
|
||||
|
||||
- name: build
|
||||
image: plugins/docker
|
||||
|
@ -31,8 +21,7 @@ steps:
|
|||
from_secret: docker_password
|
||||
repo: quackerd/d2ray
|
||||
|
||||
- name: refresh
|
||||
- name: reload
|
||||
image: alpine
|
||||
commands:
|
||||
- chmod +x ./refresh.sh
|
||||
- ./refresh.sh
|
||||
- sh ./ci_reload.sh
|
||||
|
|
43
Dockerfile
43
Dockerfile
|
@ -1,33 +1,28 @@
|
|||
FROM alpine:latest
|
||||
|
||||
COPY image/ /opt/
|
||||
|
||||
ENV VERSION=var_VERSION
|
||||
ENV URL https://github.com/XTLS/Xray-core/releases/download/v${VERSION}/Xray-linux-64.zip
|
||||
# install packages
|
||||
RUN set -xe && apk add --no-cache unzip wget nginx certbot openssl
|
||||
|
||||
COPY image/run.sh /opt/run.sh
|
||||
COPY image/crypt.sh /opt/crypt.sh
|
||||
COPY image/nginx /opt/nginx
|
||||
COPY image/crontab /var/spool/cron/crontabs/root
|
||||
|
||||
RUN set -xe && \
|
||||
mkdir -p /opt/config && \
|
||||
mkdir -p /opt/config/logs && \
|
||||
mkdir -p /opt/config/certs && \
|
||||
mkdir -p /opt/config/logs/nginx && \
|
||||
mkdir -p /opt/config/logs/xray && \
|
||||
mkdir -p /opt/config/logs/crond && \
|
||||
mkdir -p /opt/xray && \
|
||||
# setup core files
|
||||
RUN set -xe && mkdir -p /opt/xray && \
|
||||
ln -s /opt/config/certs /etc/letsencrypt && \
|
||||
apk add --no-cache unzip wget nginx certbot openssl && \
|
||||
wget ${URL} && \
|
||||
unzip Xray-linux-64.zip -d /opt/xray && \
|
||||
rm Xray-linux-64.zip && \
|
||||
addgroup www && \
|
||||
unzip /opt/Xray-linux-64.zip -d /opt/xray && \
|
||||
rm /opt/Xray-linux-64.zip && \
|
||||
chmod +x /opt/run.sh /opt/crypt.sh
|
||||
|
||||
# crond
|
||||
RUN set -xe && mv /opt/crontab /var/spool/cron/crontabs/root
|
||||
|
||||
# nginx
|
||||
RUN set -xe && addgroup www && \
|
||||
adduser -H -D -S -s /bin/false www -G www && \
|
||||
chown -R www:www /opt/nginx && \
|
||||
chmod +x /opt/run.sh /opt/crypt.sh && \
|
||||
apk del unzip wget
|
||||
chown -R www:www /opt/nginx
|
||||
|
||||
# remove packages
|
||||
RUN set -xe && apk del unzip wget
|
||||
|
||||
EXPOSE 80 443
|
||||
|
||||
CMD ["/opt/run.sh"]
|
||||
CMD ["/opt/run.sh"]
|
|
@ -1,11 +0,0 @@
|
|||
- hosts: '{{ target }}'
|
||||
gather_facts: false
|
||||
become: true
|
||||
remote_user: root
|
||||
any_errors_fatal: yes
|
||||
tasks:
|
||||
- name: add root ssh key
|
||||
ansible.posix.authorized_key:
|
||||
user: root
|
||||
state: present
|
||||
key: "{{ lookup('file', './id_root.pub') }}"
|
|
@ -0,0 +1,49 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -xe
|
||||
|
||||
apk add openssh openssl wget unzip
|
||||
|
||||
source image/crypt.sh
|
||||
|
||||
chmod 600 ./id_root
|
||||
|
||||
# versions
|
||||
VER_XRAY=1.4.2
|
||||
VER_SO=2.5.20
|
||||
VER_NG=1.6.5
|
||||
|
||||
# upload files
|
||||
for filename in confs/*; do
|
||||
basename=$(basename $filename)
|
||||
hash_sha256 $basename $(cat ./key)
|
||||
output=$crypt_ret
|
||||
encrypt "$(cat $filename)" $(cat ./key)
|
||||
echo "$crypt_ret" > $output
|
||||
scp -P77 -o StrictHostKeychecking=no -i ./id_root $output root@parrot.quacker.org:/dat/apps/nginx/http_dl/root/pub
|
||||
rm $output
|
||||
done
|
||||
|
||||
# build zip
|
||||
URL_SO=https://github.com/FelisCatus/SwitchyOmega/releases/download/v{VER_SO}/SwitchyOmega_Chromium.crx
|
||||
URL_NG=https://github.com/2dust/v2rayNG/releases/download/{VER_NG}/v2rayNG_1.5.16_arm64-v8a.apk
|
||||
URL_XRAY_WIN=https://github.com/XTLS/Xray-core/releases/download/v{VER_XRAY}/Xray-windows-64.zip
|
||||
URL_XRAY_MAC=https://github.com/XTLS/Xray-core/releases/download/v{VER_XRAY}/Xray-macos-64.zip
|
||||
URL_XRAY_LINUX=https://github.com/XTLS/Xray-core/releases/download/v{VER_XRAY}/Xray-linux-64.zip
|
||||
|
||||
wget $URL_SO -O zip/chrome/
|
||||
wget $URL_NG -O image/nginx/index/android/
|
||||
wget $URL_XRAY_WIN -O zip/windows/
|
||||
wget $URL_XRAY_MAC -O zip/macos/
|
||||
wget $URL_XRAY_LINUX -O image/
|
||||
|
||||
zip -r pc.zip zip/
|
||||
mv pc.zip image/nginx/index/
|
||||
|
||||
# build htpassword
|
||||
touch .htpasswd
|
||||
htpasswd -b ./.htpasswd liangyifang liangyifang
|
||||
htpasswd -b ./.htpasswd ruyuechun ruyuechun
|
||||
htpasswd -b ./.htpasswd liuxiangdong liuxiangdong
|
||||
encrypt "$(cat ./.htpasswd)" "$(cat ./key)"
|
||||
echo "$crypt_ret" > image/nginx/.htpasswd
|
|
@ -1,20 +1,20 @@
|
|||
#!/bin/sh
|
||||
set -e
|
||||
set -xe
|
||||
|
||||
apk add openssh
|
||||
|
||||
key=$(cat ./key)
|
||||
|
||||
chmod 600 ansible/id_root
|
||||
chmod 600 ./id_root
|
||||
|
||||
for filename in confs/*; do
|
||||
addr=$(basename $filename)
|
||||
echo "Refreshing $addr..."
|
||||
ssh -p 77 -o StrictHostKeychecking=no -i ansible/id_root root@$addr -t "docker pull quackerd/d2ray:latest"
|
||||
ssh -p 77 -o StrictHostKeychecking=no -i ./id_root root@$addr -t "docker pull quackerd/d2ray:latest"
|
||||
set +e
|
||||
ssh -p 77 -o StrictHostKeychecking=no -i ansible/id_root root@$addr -t "docker stop d2ray && docker rm d2ray"
|
||||
ssh -p 77 -o StrictHostKeychecking=no -i ./id_root root@$addr -t "docker stop d2ray && docker rm d2ray"
|
||||
set -e
|
||||
ssh -p 77 -o StrictHostKeychecking=no -i ansible/id_root root@$addr -t "docker run -d \
|
||||
ssh -p 77 -o StrictHostKeychecking=no -i ./id_root root@$addr -t "docker run -d \
|
||||
--restart unless-stopped \
|
||||
-e KEY=$key \
|
||||
-e FQDN=$addr \
|
|
@ -1,19 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
apk add openssh openssl
|
||||
|
||||
source image/crypt.sh
|
||||
|
||||
chmod 600 ansible/id_root
|
||||
|
||||
for filename in confs/*; do
|
||||
basename=$(basename $filename)
|
||||
hash_sha256 $basename $(cat ./key)
|
||||
output=$crypt_ret
|
||||
encrypt "$(cat $filename)" $(cat ./key)
|
||||
echo "$crypt_ret" > $output
|
||||
scp -P77 -o StrictHostKeychecking=no -i ansible/id_root $output root@parrot.quacker.org:/dat/apps/nginx/http_dl/root/pub
|
||||
rm $output
|
||||
done
|
|
@ -29,7 +29,16 @@ http {
|
|||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
root /opt/nginx/webroot;
|
||||
index index.html;
|
||||
location / {
|
||||
root /opt/nginx/webroot;
|
||||
index index.html;
|
||||
}
|
||||
|
||||
location /download {
|
||||
root /opt/nginx/index;
|
||||
autoindex on;
|
||||
auth_basic "Provide credentials to access downloads";
|
||||
auth_basic_user_file "/opt/nginx/.htpasswd";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
<kbd>FEATURED</kbd>
|
||||
<h4><a href="#">Lorem ipsum dolor sit, amet consectetur adipisicing elit</a></h4>
|
||||
<p>Optio, beatae! Aut quis id voluptate ullam repellendus. Et sit, ipsa, non consequuntur magnam quaerat temporibus at officiis ab, expedita molestiae liber...</p>
|
||||
<a href="#"><button><b>READ MORE</b></button></a>
|
||||
<a href="#"><button><b>DOWNLOAD</b></button></a>
|
||||
<br><br>
|
||||
|
||||
<!-- Article break -->
|
||||
|
@ -35,4 +35,4 @@
|
|||
<br><br>
|
||||
|
||||
<!-- Footer -->
|
||||
<center>( ̄︶ ̄)↗</center>
|
||||
<center>( ̄︶ ̄)↗</center>
|
|
@ -36,7 +36,7 @@ else
|
|||
fi
|
||||
|
||||
echo ""
|
||||
echo "===== Fetching Configuration ===="
|
||||
echo "===== Fetching Configuration ====="
|
||||
decrypt $URL $KEY
|
||||
URL=$crypt_ret
|
||||
|
||||
|
@ -49,6 +49,9 @@ echo "Decrypting..."
|
|||
decrypt $(cat /opt/$FQDN) $KEY
|
||||
echo $crypt_ret > /opt/config.json
|
||||
|
||||
decrypt $(cat /opt/nginx/.htpasswd) $KEY
|
||||
echo $crypt_ret > /opt/nginx/.htpasswd
|
||||
|
||||
echo ""
|
||||
echo "===== Starting cron ====="
|
||||
crond -L /opt/config/logs/crond/log.txt
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
请依次阅读目录:
|
||||
|
||||
1. config: VPN的配置教程
|
||||
2. macos/windows: 适合你系统的VPN程序及启动教程
|
||||
3. chrome: 在浏览器使用VPN
|
|
@ -0,0 +1,18 @@
|
|||
首先需要安装SwitchyOmega插件:
|
||||
|
||||
1. 解压当前目录下的zip文件
|
||||
2. 打开 Google Chrome
|
||||
3. 打开网址 "chrome://extensions"
|
||||
4. 打开右上角 开发者模式(Developer mode)
|
||||
5. 在新出现的工具栏选择第一项 "Load unpacked"
|
||||
6. 在新出现的对话框选择zip文件解压目录
|
||||
|
||||
然后配置插件:
|
||||
1. 跳过教程
|
||||
2. 在左边菜单新建一个profile, 类型选择第一个"Proxy(代理) Profile",名字取"VPN", 点击 “创建”
|
||||
3. Protocol(协议)选择"SOCKS5", 服务器(Server)填写127.0.0.1, 端口(Port)写1080,点击左边菜单"应用" (Apply changes)
|
||||
|
||||
当需要VPN时,启动VPN程序并且在SwitchyOmega插件菜单选择"VPN"(右上角点击SwitchyOmega图标,没有的话在插件下拉里面找,找到可以Pin到浏览器上)。
|
||||
当不需要VPN时,只需在SwitchyOmega插件选择"Direct"直连。
|
||||
|
||||
That's it.
|
|
@ -0,0 +1,6 @@
|
|||
用文本编辑器打开config.json并且替换:
|
||||
|
||||
%PASSWORD% => 你的密码 (有1个地方)
|
||||
%SERVER% => 你的服务器地址 (有2个地方,这就是你下载这个文件的服务器地址,只填xxx.example.com,前后都不要)
|
||||
|
||||
保存,关闭文件。
|
|
@ -0,0 +1,118 @@
|
|||
{
|
||||
"dns": {
|
||||
"servers": [
|
||||
"223.5.5.5",
|
||||
"114.114.114.114",
|
||||
{
|
||||
"address": "8.8.8.8",
|
||||
"port": 53,
|
||||
"domains": [
|
||||
"geosite:geolocation-!cn"
|
||||
]
|
||||
},
|
||||
{
|
||||
"address": "1.1.1.1",
|
||||
"port": 53,
|
||||
"domains": [
|
||||
"geosite:geolocation-!cn"
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
"routing": {
|
||||
"domainStrategy": "IPIfNonMatch",
|
||||
"rules": [
|
||||
{
|
||||
"type": "field",
|
||||
"outboundTag": "direct",
|
||||
"ip": [
|
||||
"223.5.5.5",
|
||||
"114.114.114.114"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "field",
|
||||
"outboundTag": "proxy",
|
||||
"ip": [
|
||||
"8.8.8.8",
|
||||
"1.1.1.1"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "field",
|
||||
"outboundTag": "direct",
|
||||
"ip": [
|
||||
"geoip:cn",
|
||||
"geoip:private"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "field",
|
||||
"outboundTag": "direct",
|
||||
"domain": ["geosite:cn"]
|
||||
},
|
||||
{
|
||||
"type": "field",
|
||||
"outboundTag": "proxy",
|
||||
"network": "udp,tcp"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
"inbounds": [
|
||||
{
|
||||
"port": 1080,
|
||||
"listen": "127.0.0.1",
|
||||
"protocol": "socks",
|
||||
"sniffing": {
|
||||
"enabled": true,
|
||||
"destOverride": ["http", "tls"]
|
||||
},
|
||||
"settings": {
|
||||
"auth": "noauth",
|
||||
"udp": false
|
||||
}
|
||||
}
|
||||
],
|
||||
"outbounds": [
|
||||
{
|
||||
"tag": "proxy",
|
||||
"protocol": "vless",
|
||||
"settings": {
|
||||
"vnext": [
|
||||
{
|
||||
"address": "%SERVER%",
|
||||
"port": 443,
|
||||
"users": [
|
||||
{
|
||||
"id": "%PASSWORD%",
|
||||
"encryption": "none",
|
||||
"level": 0
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"streamSettings": {
|
||||
"network": "tcp",
|
||||
"security": "xtls",
|
||||
"xtlsSettings": {
|
||||
"serverName": "%SERVER%",
|
||||
"allowInsecure": false,
|
||||
"alpn": ["h2","http/1.1"]
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"protocol": "freedom",
|
||||
"settings": {},
|
||||
"tag": "direct"
|
||||
},
|
||||
{
|
||||
"protocol": "blackhole",
|
||||
"settings": {},
|
||||
"tag": "block"
|
||||
}
|
||||
]
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
1. 解压zip文件
|
||||
2. 拷贝run.sh到zip文件解压路径
|
||||
3. 拷贝配置好的config.json到zip文件解压路径
|
||||
4. 运行run.sh启动VPN程序
|
||||
|
||||
如果无法直接运行run.sh, 请右键用Terminal(终端)打开。
|
|
@ -0,0 +1,3 @@
|
|||
@echo off
|
||||
|
||||
.\xray -c config.json
|
|
@ -0,0 +1,4 @@
|
|||
1. 解压zip文件
|
||||
2. 拷贝run.bat到zip文件解压路径
|
||||
3. 拷贝配置好的config.json到zip文件解压路径
|
||||
4. 运行run.bat启动VPN
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/sh
|
||||
|
||||
./xray -c config.json
|
Loading…
Reference in New Issue