优化Dockerfile使用

2025-08-07 21:54:17 +08:00 · 2021-04-09 14:49:41 +08:00
parent 9b509c33f3
commit d8eb8ab7ed
8 changed files with 201 additions and 48 deletions
--- a/docker/docker_entrypoint_fix.sh
+++ b/docker/docker_entrypoint_fix.sh
@@ -0,0 +1,37 @@
+#! /bin/bash
+version=(`wget -qO- -t1 -T2 "https://api.github.com/repos/bjdgyc/anylink/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g'`)
+count=(`ls anylink | wc -w `)
+wget https://github.com/bjdgyc/anylink/releases/download/${version}/anylink-deploy.tar.gz
+tar xf anylink-deploy.tar.gz
+rm -rf anylink-deploy.tar.gz
+if [ ${count} -eq 0 ]; then
+	echo "init anylink"
+	mv anylink-deploy/* anylink/
+else
+	if [ ! -d "/anylink/log" ]; then
+		mv anylink-deploy/log anylink/
+	fi
+	if [ ! -d "/anylink/conf" ]; then
+                mv anylink-deploy/conf anylink/
+        fi
+	echo "update anylink"
+	rm -rf anylink/ui anylink/anylink anylink/files
+	mv anylink-deploy/ui anylink/
+	mv anylink-deploy/anylink anylink/
+	mv anylink-deploy/files anylink/
+fi
+rm -rf anylink-deploy
+sysctl -w net.ipv4.ip_forward=1
+if [[ ${mode} == pro ]];then
+	iptables -t nat -A POSTROUTING -s ${iproute} -o eth0 -j MASQUERADE
+	iptables -L -n -t nat
+	/anylink/anylink -conf=/anylink/conf/server.toml
+elif [[ ${mode} == password ]];then
+	if [ -z ${password} ];then
+		echo "invalid password"
+	else
+		/anylink/anylink -passwd ${password}
+	fi
+elif [[ ${mode} -eq jwt ]];then
+	/anylink/anylink -secret
+fi
--- a/docker/generate-certs.sh
+++ b/docker/generate-certs.sh
@@ -1,8 +1,8 @@
 #!/bin/sh

-mkdir -p ssl
+mkdir -p /ssl

-OUTPUT_FILENAME="example.com"
+OUTPUT_FILENAME="vpn.xx.com"

 printf "[req]
 prompt                  = no
@@ -19,9 +19,9 @@ x509_extensions         = req_x509v3_extensions
 C  = CN
 ST = BJ
 L  = BJ
-O  = example.com
-OU = example.com
-CN = example.com
+O  = xx.com
+OU = xx.com
+CN = xx.com

 [req_x509v3_extensions]
 basicConstraints        = critical,CA:true
@@ -31,9 +31,11 @@ extendedKeyUsage        = critical,serverAuth #, clientAuth
 subjectAltName          = @alt_names

 [alt_names]
-DNS.1 = example.com
-DNS.2 = *.example.com
+DNS.1 = xx.com
+DNS.2 = *.xx.com

-">ssl/${OUTPUT_FILENAME}.conf
+">/ssl/${OUTPUT_FILENAME}.conf
+
+openssl req -x509 -newkey rsa:2048 -keyout /ssl/test_vpn_key.pem -out /ssl/test_vpn_cert.pem \
+-days 3600 -nodes -config /ssl/${OUTPUT_FILENAME}.conf

-openssl req -x509 -newkey rsa:2048 -keyout /app/conf/$OUTPUT_FILENAME.key -out /app/conf/$OUTPUT_FILENAME.crt -days 3600 -nodes -config ssl/${OUTPUT_FILENAME}.conf