mirror of
https://github.com/vimagick/dockerfiles.git
synced 2025-01-10 04:19:24 +02:00
add proxyhub
This commit is contained in:
parent
9f76f8d2c4
commit
03ccdd845b
44
proxyhub/Dockerfile
Normal file
44
proxyhub/Dockerfile
Normal file
@ -0,0 +1,44 @@
|
||||
#
|
||||
# Dockerfile for ProxyHub
|
||||
#
|
||||
|
||||
FROM ubuntu:14.04
|
||||
MAINTAINER kev <noreply@datageek.info>
|
||||
|
||||
RUN apt-get update
|
||||
RUN apt-get install -y build-essential pdnsd haproxy nginx
|
||||
RUN apt-get clean
|
||||
|
||||
RUN curl -sSL https://bootstrap.pypa.io/get-pip.py | python
|
||||
RUN pip install supervisor shadowsocks
|
||||
|
||||
ADD ./supervisord.conf /etc/supervisor/
|
||||
ADD ./services.conf /etc/supervisor/conf.d/
|
||||
ADD ./pdnsd.conf /etc/
|
||||
ADD ./shadowsocks /etc/shadowsocks
|
||||
ADD ./haproxy.cfg /etc/haproxy/
|
||||
|
||||
ADD https://download.libsodium.org/libsodium/releases/libsodium-1.0.2.tar.gz /tmp/pkgs/
|
||||
ADD http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.4.3.tar.gz /tmp/pkgs/
|
||||
|
||||
WORKDIR /tmp/pkgs/
|
||||
|
||||
RUN tar xzf libsodium-1.0.2.tar.gz && \
|
||||
cd libsodium-1.0.2 && \
|
||||
./configure && \
|
||||
make && \
|
||||
make install
|
||||
|
||||
RUN echo /usr/local/lib > /etc/ld.so.conf.d/local.conf && ldconfig
|
||||
|
||||
RUN tar xzf dnscrypt-proxy-1.4.3.tar.gz && \
|
||||
cd dnscrypt-proxy-1.4.3 && \
|
||||
./configure && \
|
||||
make && \
|
||||
make install
|
||||
|
||||
WORKDIR /
|
||||
RUN rm -r /tmp/pkgs/
|
||||
EXPOSE 80 1080
|
||||
|
||||
CMD supervisord -n -c /etc/supervisor/supervisord.conf
|
29
proxyhub/README.md
Normal file
29
proxyhub/README.md
Normal file
@ -0,0 +1,29 @@
|
||||
ProxyHub
|
||||
========
|
||||
|
||||
## About
|
||||
|
||||
- shadowsocks: A secure socks5 proxy, designed to protect your Internet traffic.
|
||||
- haproxy: A free, very fast and reliable solution offering high availability,
|
||||
load balancing, and proxying for TCP and HTTP-based applications.
|
||||
- dnscrypt: A protocol for securing communications between a client and a DNS resolver.
|
||||
- pdnsd: A DNS server designed for local caching of DNS information.
|
||||
- nginx: an open source reverse proxy server for HTTP, HTTPS, SMTP, POP3,
|
||||
and IMAP protocols, as well as a load balancer, caching and SSL offload.
|
||||
|
||||
## Fig
|
||||
|
||||
proxyhub:
|
||||
image: vimagick/proxyhub
|
||||
ports:
|
||||
- "1080:1080"
|
||||
restart: always
|
||||
|
||||
## Run
|
||||
|
||||
fig up -d
|
||||
|
||||
## Test
|
||||
|
||||
curl -x socks5h://localhost:1080 https://www.youtube.com
|
||||
|
7
proxyhub/fig.yml
Normal file
7
proxyhub/fig.yml
Normal file
@ -0,0 +1,7 @@
|
||||
dnscrypt:
|
||||
image: vimagick/dnscrypt
|
||||
ports:
|
||||
- "1080:1080"
|
||||
dns:
|
||||
- 127.0.0.1
|
||||
restart: always
|
21
proxyhub/haproxy.cfg
Normal file
21
proxyhub/haproxy.cfg
Normal file
@ -0,0 +1,21 @@
|
||||
global
|
||||
maxconn 4000
|
||||
|
||||
defaults
|
||||
mode tcp
|
||||
timeout connect 5000ms
|
||||
timeout client 50000ms
|
||||
timeout server 50000ms
|
||||
|
||||
frontend front
|
||||
bind *:1080
|
||||
default_backend back
|
||||
|
||||
backend back
|
||||
balance roundrobin
|
||||
server s1 127.0.0.1:1981 check
|
||||
server s2 127.0.0.1:1982 check
|
||||
server s3 127.0.0.1:1983 check
|
||||
server s4 127.0.0.1:1984 check
|
||||
server s5 127.0.0.1:1985 check
|
||||
|
37
proxyhub/pdnsd.conf
Normal file
37
proxyhub/pdnsd.conf
Normal file
@ -0,0 +1,37 @@
|
||||
global {
|
||||
perm_cache=16384;
|
||||
cache_dir="/var/cache/pdnsd";
|
||||
run_as="pdnsd";
|
||||
server_ip = 0.0.0.0;
|
||||
status_ctl = on;
|
||||
query_method=udp_tcp;
|
||||
min_ttl=15m; # Retain cached entries at least 15 minutes.
|
||||
max_ttl=1w; # One week.
|
||||
timeout=10; # Global timeout option (10 seconds).
|
||||
neg_domain_pol=on;
|
||||
udpbufsize=1024; # Upper limit on the size of UDP messages.
|
||||
}
|
||||
|
||||
server {
|
||||
label = "dnscrypt-proxy";
|
||||
ip = 127.0.0.1;
|
||||
port = 2053;
|
||||
timeout = 4;
|
||||
uptest = query;
|
||||
interval = 15m;
|
||||
proxy_only=on;
|
||||
}
|
||||
|
||||
source {
|
||||
owner=localhost;
|
||||
file="/etc/hosts";
|
||||
}
|
||||
|
||||
|
||||
rr {
|
||||
name=localhost;
|
||||
reverse=on;
|
||||
a=127.0.0.1;
|
||||
owner=localhost;
|
||||
soa=localhost,root.localhost,42,86400,900,86400,86400;
|
||||
}
|
23
proxyhub/services.conf
Normal file
23
proxyhub/services.conf
Normal file
@ -0,0 +1,23 @@
|
||||
[program:dnscrypt]
|
||||
priority = 100
|
||||
command = dnscrypt-proxy -a 127.0.0.1:2053 -R opendns
|
||||
|
||||
[program:pdnsd]
|
||||
priority = 200
|
||||
command = pdnsd -c /etc/pdnsd.conf
|
||||
|
||||
[program:shadowsocks]
|
||||
priority = 300
|
||||
command = /usr/bin/sslocal -c /etc/shadowsocks/%(process_num)d.json
|
||||
numprocs_start = 1981
|
||||
numprocs = 5
|
||||
process_name = %(process_num)d
|
||||
|
||||
[program:haproxy]
|
||||
priority = 400
|
||||
command = /usr/bin/haproxy -f /etc/haproxy/haproxy.cfg
|
||||
|
||||
[program:nginx]
|
||||
priority = 500
|
||||
command = /usr/bin/nginx -g "daemon off; pid /run/nginx.pid; error_log stderr;"
|
||||
|
9
proxyhub/shadowsocks/1981.json
Normal file
9
proxyhub/shadowsocks/1981.json
Normal file
@ -0,0 +1,9 @@
|
||||
{
|
||||
"server": "free1.5z3.pw",
|
||||
"server_port": 443,
|
||||
"local_address": "127.0.0.1",
|
||||
"local_port": 1981,
|
||||
"password": "fogss.com",
|
||||
"method": "rc4-md5",
|
||||
"timeout": 600
|
||||
}
|
9
proxyhub/shadowsocks/1982.json
Normal file
9
proxyhub/shadowsocks/1982.json
Normal file
@ -0,0 +1,9 @@
|
||||
{
|
||||
"server": "192.243.118.108",
|
||||
"server_port": 8989,
|
||||
"local_address": "127.0.0.1",
|
||||
"local_port": 1982,
|
||||
"password": "dht.me",
|
||||
"method": "aes-256-cfb",
|
||||
"timeout": 600
|
||||
}
|
9
proxyhub/shadowsocks/1983.json
Normal file
9
proxyhub/shadowsocks/1983.json
Normal file
@ -0,0 +1,9 @@
|
||||
{
|
||||
"server": "ova.pw",
|
||||
"server_port": 8388,
|
||||
"local_address": "127.0.0.1",
|
||||
"local_port": 1983,
|
||||
"password": "goagent",
|
||||
"method": "aes-256-cfb",
|
||||
"timeout": 600
|
||||
}
|
8
proxyhub/shadowsocks/1984.json
Normal file
8
proxyhub/shadowsocks/1984.json
Normal file
@ -0,0 +1,8 @@
|
||||
{
|
||||
"server": "107.191.53.58",
|
||||
"server_port": 1789,
|
||||
"local_address": "127.0.0.1",
|
||||
"local_port": 1984,
|
||||
"password": "123_FUCK_gfw",
|
||||
"method": "aes-192-cfb"
|
||||
}
|
8
proxyhub/shadowsocks/1985.json
Normal file
8
proxyhub/shadowsocks/1985.json
Normal file
@ -0,0 +1,8 @@
|
||||
{
|
||||
"server": "104.238.180.87",
|
||||
"server_port": 1789,
|
||||
"local_address": "127.0.0.1",
|
||||
"local_port": 1985,
|
||||
"password": "123_FUCK_gfw",
|
||||
"method": "aes-192-cfb"
|
||||
}
|
141
proxyhub/supervisord.conf
Normal file
141
proxyhub/supervisord.conf
Normal file
@ -0,0 +1,141 @@
|
||||
; Sample supervisor config file.
|
||||
;
|
||||
; For more information on the config file, please see:
|
||||
; http://supervisord.org/configuration.html
|
||||
;
|
||||
; Notes:
|
||||
; - Shell expansion ("~" or "$HOME") is not supported. Environment
|
||||
; variables can be expanded using this syntax: "%(ENV_HOME)s".
|
||||
; - Comments must have a leading space: "a=b ;comment" not "a=b;comment".
|
||||
|
||||
[unix_http_server]
|
||||
file=/tmp/supervisor.sock ; (the path to the socket file)
|
||||
;chmod=0700 ; socket file mode (default 0700)
|
||||
;chown=nobody:nogroup ; socket file uid:gid owner
|
||||
;username=user ; (default is no username (open server))
|
||||
;password=123 ; (default is no password (open server))
|
||||
|
||||
[inet_http_server] ; inet (TCP) server disabled by default
|
||||
port=0.0.0.0:9001 ; (ip_address:port specifier, *:port for all iface)
|
||||
;username=user ; (default is no username (open server))
|
||||
;password=123 ; (default is no password (open server))
|
||||
|
||||
[supervisord]
|
||||
logfile=/tmp/supervisord.log ; (main log file;default $CWD/supervisord.log)
|
||||
logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)
|
||||
logfile_backups=10 ; (num of main logfile rotation backups;default 10)
|
||||
loglevel=info ; (log level;default info; others: debug,warn,trace)
|
||||
pidfile=/tmp/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
|
||||
nodaemon=false ; (start in foreground if true;default false)
|
||||
minfds=1024 ; (min. avail startup file descriptors;default 1024)
|
||||
minprocs=200 ; (min. avail process descriptors;default 200)
|
||||
;umask=022 ; (process file creation umask;default 022)
|
||||
;user=chrism ; (default is current user, required if root)
|
||||
;identifier=supervisor ; (supervisord identifier, default is 'supervisor')
|
||||
;directory=/tmp ; (default is not to cd during start)
|
||||
;nocleanup=true ; (don't clean up tempfiles at start;default false)
|
||||
;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP)
|
||||
;environment=KEY="value" ; (key value pairs to add to environment)
|
||||
;strip_ansi=false ; (strip ansi escape codes in logs; def. false)
|
||||
|
||||
; the below section must remain in the config file for RPC
|
||||
; (supervisorctl/web interface) to work, additional interfaces may be
|
||||
; added by defining them in separate rpcinterface: sections
|
||||
[rpcinterface:supervisor]
|
||||
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
|
||||
|
||||
[supervisorctl]
|
||||
serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket
|
||||
;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket
|
||||
;username=chris ; should be same as http_username if set
|
||||
;password=123 ; should be same as http_password if set
|
||||
;prompt=mysupervisor ; cmd line prompt (default "supervisor")
|
||||
;history_file=~/.sc_history ; use readline history if available
|
||||
|
||||
; The below sample program section shows all possible program subsection values,
|
||||
; create one or more 'real' program: sections to be able to control them under
|
||||
; supervisor.
|
||||
|
||||
;[program:theprogramname]
|
||||
;command=/bin/cat ; the program (relative uses PATH, can take args)
|
||||
;process_name=%(program_name)s ; process_name expr (default %(program_name)s)
|
||||
;numprocs=1 ; number of processes copies to start (def 1)
|
||||
;directory=/tmp ; directory to cwd to before exec (def no cwd)
|
||||
;umask=022 ; umask for process (default None)
|
||||
;priority=999 ; the relative start priority (default 999)
|
||||
;autostart=true ; start at supervisord start (default: true)
|
||||
;autorestart=unexpected ; whether/when to restart (default: unexpected)
|
||||
;startsecs=1 ; number of secs prog must stay running (def. 1)
|
||||
;startretries=3 ; max # of serial start failures (default 3)
|
||||
;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)
|
||||
;stopsignal=QUIT ; signal used to kill process (default TERM)
|
||||
;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)
|
||||
;stopasgroup=false ; send stop signal to the UNIX process group (default false)
|
||||
;killasgroup=false ; SIGKILL the UNIX process group (def false)
|
||||
;user=chrism ; setuid to this UNIX account to run the program
|
||||
;redirect_stderr=true ; redirect proc stderr to stdout (default false)
|
||||
;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO
|
||||
;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
|
||||
;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)
|
||||
;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)
|
||||
;stdout_events_enabled=false ; emit events on stdout writes (default false)
|
||||
;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO
|
||||
;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
|
||||
;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10)
|
||||
;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)
|
||||
;stderr_events_enabled=false ; emit events on stderr writes (default false)
|
||||
;environment=A="1",B="2" ; process environment additions (def no adds)
|
||||
;serverurl=AUTO ; override serverurl computation (childutils)
|
||||
|
||||
; The below sample eventlistener section shows all possible
|
||||
; eventlistener subsection values, create one or more 'real'
|
||||
; eventlistener: sections to be able to handle event notifications
|
||||
; sent by supervisor.
|
||||
|
||||
;[eventlistener:theeventlistenername]
|
||||
;command=/bin/eventlistener ; the program (relative uses PATH, can take args)
|
||||
;process_name=%(program_name)s ; process_name expr (default %(program_name)s)
|
||||
;numprocs=1 ; number of processes copies to start (def 1)
|
||||
;events=EVENT ; event notif. types to subscribe to (req'd)
|
||||
;buffer_size=10 ; event buffer queue size (default 10)
|
||||
;directory=/tmp ; directory to cwd to before exec (def no cwd)
|
||||
;umask=022 ; umask for process (default None)
|
||||
;priority=-1 ; the relative start priority (default -1)
|
||||
;autostart=true ; start at supervisord start (default: true)
|
||||
;autorestart=unexpected ; whether/when to restart (default: unexpected)
|
||||
;startsecs=1 ; number of secs prog must stay running (def. 1)
|
||||
;startretries=3 ; max # of serial start failures (default 3)
|
||||
;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)
|
||||
;stopsignal=QUIT ; signal used to kill process (default TERM)
|
||||
;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)
|
||||
;stopasgroup=false ; send stop signal to the UNIX process group (default false)
|
||||
;killasgroup=false ; SIGKILL the UNIX process group (def false)
|
||||
;user=chrism ; setuid to this UNIX account to run the program
|
||||
;redirect_stderr=true ; redirect proc stderr to stdout (default false)
|
||||
;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO
|
||||
;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
|
||||
;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)
|
||||
;stdout_events_enabled=false ; emit events on stdout writes (default false)
|
||||
;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO
|
||||
;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
|
||||
;stderr_logfile_backups ; # of stderr logfile backups (default 10)
|
||||
;stderr_events_enabled=false ; emit events on stderr writes (default false)
|
||||
;environment=A="1",B="2" ; process environment additions
|
||||
;serverurl=AUTO ; override serverurl computation (childutils)
|
||||
|
||||
; The below sample group section shows all possible group values,
|
||||
; create one or more 'real' group: sections to create "heterogeneous"
|
||||
; process groups.
|
||||
|
||||
;[group:thegroupname]
|
||||
;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions
|
||||
;priority=999 ; the relative start priority (default 999)
|
||||
|
||||
; The [include] section can just contain the "files" setting. This
|
||||
; setting can list multiple files (separated by whitespace or
|
||||
; newlines). It can also contain wildcards. The filenames are
|
||||
; interpreted as relative to this file. Included files *cannot*
|
||||
; include files themselves.
|
||||
|
||||
[include]
|
||||
files = conf.d/*.ini
|
Loading…
Reference in New Issue
Block a user