From 5d722fc2a3fe92e47f69dc427406b48675eb9171 Mon Sep 17 00:00:00 2001 From: PaperDragon-SH <2678885646@qq.com> Date: Tue, 10 Oct 2023 16:04:13 +0800 Subject: [PATCH] optimize docker --- Dockerfile | 1 + README.md | 17 ++++++++++++++--- docker/entrypoint.sh | 34 ++++++++++++++++++++-------------- 3 files changed, 35 insertions(+), 17 deletions(-) diff --git a/Dockerfile b/Dockerfile index 59479b6..912fdca 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,6 +19,7 @@ ENV PROXY= ENV DNS=virtual ENV MODE=auto ENV BYPASS_IP= +ENV VERBOSITY=info RUN apt update && apt install -y iproute2 curl && apt clean all diff --git a/README.md b/README.md index db598a7..b83837a 100644 --- a/README.md +++ b/README.md @@ -119,16 +119,27 @@ Next, start a container from the tun2proxy image: ```bash docker run -d \ - -e PROXY=PROXY_TYPE://PROXY_IP:PROXY_PORT \ + -e PROXY=proto://[username[:password]@]host:port \ -v /dev/net/tun:/dev/net/tun \ - --sysctl net.ipv6.conf.all.disable_ipv6=0 \ --sysctl net.ipv6.conf.default.disable_ipv6=0 \ --cap-add NET_ADMIN \ --name tun2proxy \ tun2proxy ``` -You can then provide the running container's network to another worker container by sharing the network namespace: +container env list + +| container env | Default | program option | mean | +| ------------- | ------- | ----------------------- | ------------------------------------------------------------ | +| TUN | tun0 | -t, --tun | Name of the tun interface [default: tun0] | +| PROXY | None | -p, --proxy | Proxy URL in the form proto://[username[:password]@]host:port | +| DNS | virtual | -d, --dns | DNS handling strategy [default: virtual] [possible values: virtual, over-tcp, direct] | +| MODE | auto | -s, --setup | Routing and system setup [possible values: auto] | +| BYPASS_IP | None | -b, --bypass | Public proxy IP used in routing setup which should bypassing the tunnel | +| VERBOSITY | info | -v, --verbosity | Verbosity level [default: info] [possible values: off, error, warn, info, debug, trace] | +| | | | | + +You can then provide the running container's network to another worker container by sharing the network namespace (like kubernetes sidecar): ```bash docker run -it \ diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index f0e9e5c..661380c 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -2,28 +2,34 @@ run() { - if [ -n "$BYPASS_IP" ]; then - BYPASS_IP="--bypass $BYPASS_IP" - fi - - if [ -n "$DNS" ]; then - DNS="--dns $DNS" - fi - - if [ -n "$MODE" ]; then - MODE="--setup $MODE" + if [ -n "$TUN" ]; then + TUN="--tun $TUN" fi if [ -n "$PROXY" ]; then PROXY="--proxy $PROXY" fi - if [ -n "$TUN" ]; then - TUN="--tun $TUN" + if [ -n "$DNS" ]; then + DNS="--dns $DNS" fi - exec tun2proxy $TUN $PROXY $DNS $MODE $BYPASS_IP + if [ -n "$BYPASS_IP" ]; then + BYPASS_IP="--bypass $BYPASS_IP" + fi + + if [ -n "$VERBOSITY" ]; then + VERBOSITY="-v $VERBOSITY" + fi + + if [ -n "$MODE" ]; then + MODE="--setup $MODE" + fi + + echo "Bootstrap ready!! Exec Command: tun2proxy $TUN $PROXY $DNS $VERBOSITY $MODE $BYPASS_IP $@" + + exec tun2proxy $TUN $PROXY $DNS $VERBOSITY $MODE $BYPASS_IP $@ } -run || echo "Runing ERROR!!" +run $@ || echo "Runing ERROR!!"