feat: migrate to wgcf + wireproxy

This commit is contained in:
ArcticLampyrid 2024-02-13 19:14:39 +08:00
parent 3777cb3fe6
commit b92bfc0d3c
No known key found for this signature in database
GPG key ID: DC72A2519E77D6CF
3 changed files with 39 additions and 37 deletions

View file

@ -1,27 +1,25 @@
FROM rust:latest AS builder FROM alpine:3.19
RUN apt update && apt install -y git
RUN update-ca-certificates
WORKDIR /tcp-relay-rust
RUN git clone https://github.com/cedric05/tcp-relay-rust . --no-checkout && git checkout 6de9bd191fa97aa73e8696ebefd5a50286eb2b25
RUN cargo build --release
FROM debian:bullseye-slim RUN apk add --no-cache curl \
ENV APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn && ARCH=$(uname -m) \
ENV DEBIAN_FRONTEND=noninteractive && if [ "${ARCH}" = "i386" ]; then ARCH="386"; fi \
COPY --from=builder /tcp-relay-rust/target/release/tcp-relay-rust /tcp-relay-rust && if [ "${ARCH}" = "i686" ]; then ARCH="386"; fi \
&& if [ "${ARCH}" = "x86_64" ]; then ARCH="amd64"; fi \
&& if [ "${ARCH}" = "aarch64" ]; then ARCH="arm64"; fi \
&& WGCF_URL=$(curl -fsSL https://api.github.com/repos/ViRb3/wgcf/releases/latest | grep 'browser_download_url' | cut -d'"' -f4 | grep "_linux_${ARCH}") \
&& curl -fsSL "${WGCF_URL}" -o ./wgcf \
&& chmod +x ./wgcf \
&& mv ./wgcf /usr/bin \
&& WIREPROXY_URL=$(curl -fsSL https://api.github.com/repos/pufferffish/wireproxy/releases/latest | grep 'browser_download_url' | cut -d'"' -f4 | grep "wireproxy_linux_${ARCH}.tar.gz") \
&& curl -fsSL "${WIREPROXY_URL}" -o ./wireproxy.tar.gz \
&& tar -xzf wireproxy.tar.gz \
&& rm wireproxy.tar.gz \
&& chmod +x ./wireproxy \
&& mv ./wireproxy /usr/bin
RUN apt update \ ADD entrypoint.sh /usr/local/bin/entrypoint.sh
&& apt install -y curl gnupg \ ADD warp-health-check.sh /usr/local/bin/warp-health-check.sh
&& curl -fsSL https://pkg.cloudflareclient.com/pubkey.gpg | gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg \
&& echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ bullseye main" | tee /etc/apt/sources.list.d/cloudflare-client.list \
&& apt update \
&& apt install -y cloudflare-warp \
&& apt remove -y curl \
&& apt autoremove -y \
&& apt clean \
&& rm -rf /var/lib/apt/lists/*
ADD entrypoint.sh /entrypoint.sh
EXPOSE 40000/tcp EXPOSE 40000/tcp
ENTRYPOINT ["/bin/bash"] ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
CMD ["/entrypoint.sh"] CMD []
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "/usr/local/bin/warp-health-check.sh" ]

View file

@ -1,15 +1,13 @@
#!/bin/bash #!/bin/sh
mkdir -p /opt/wgcf
wgcf register --accept-tos --config /opt/wgcf/wgcf-account.toml
wgcf generate --config /opt/wgcf/wgcf-account.toml
mv wgcf-profile.conf /opt/wireproxy.conf
( echo -e "\n[Socks5]\nBindAddress = 0.0.0.0:40000" >>/opt/wireproxy.conf
while ! warp-cli --accept-tos register; do
sleep 1
>&2 echo "Awaiting warp-svc become online..."
done
warp-cli --accept-tos set-mode proxy
warp-cli --accept-tos set-proxy-port 40001
warp-cli --accept-tos connect
warp-cli --accept-tos enable-always-on
/tcp-relay-rust 127.0.0.1:40001 0.0.0.0:40000
) &
exec warp-svc if [ -n "$SOCKS5_USERNAME" ]; then
echo -e "\nUsername = $SOCKS5_USERNAME\nPassword = $SOCKS5_PASSWORD" >>/opt/wireproxy.conf
fi
wireproxy -c /opt/wireproxy.conf

6
warp-health-check.sh Normal file
View file

@ -0,0 +1,6 @@
#!/bin/sh
if [ -n "$SOCKS5_USERNAME" ]; then
curl --proxy-user $SOCKS5_USERNAME:$SOCKS5_PASSWORD -x socks5h://localhost:40000 -f -s https://www.cloudflare.com/cdn-cgi/trace
else
curl -x socks5h://localhost:40000 -f -s https://www.cloudflare.com/cdn-cgi/trace
fi