richard
/
shadowsocks-libev
mirror of https://github.com/shadowsocks/shadowsocks-libev.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update 

- Solve the problem of not being able to enter the container
- Execute strip after compilation
- Support multi-threaded compilation
pull/2913/head
vndroid 2 years ago
committed by Max Lv
parent
05e70d4317
commit
c13c464604
2 changed files with 42 additions and 32 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 33
      docker/alpine/Dockerfile
  2. 41
      docker/alpine/entrypoint.sh

33
docker/alpine/Dockerfile
View File

@ -1,21 +1,17 @@
#
# Dockerfile for shadowsocks-libev
#
FROM alpine:3.16
LABEL maintainer="kev <noreply@datageek.info>, Sah <contact@leesah.name>, vndroid <waveworkshop@outlook.com>"
FROM alpine
LABEL maintainer="kev <noreply@datageek.info>, Sah <contact@leesah.name>"
ENV SERVER_ADDR 0.0.0.0
ENV SERVER_PORT 8388
ENV SERVER_ADDR=0.0.0.0
ENV SERVER_PORT=8388
ENV PASSWORD=
ENV METHOD aes-256-gcm
ENV TIMEOUT 300
ENV DNS_ADDRS 8.8.8.8,8.8.4.4
ENV TZ UTC
ENV METHOD=aes-256-gcm
ENV TIMEOUT=300
ENV DNS_ADDRS="8.8.8.8,8.8.4.4"
ENV TZ=UTC
ENV ARGS=
COPY . /tmp/repo
RUN set -ex \
RUN set -x \
# Build environment setup
&& apk add --no-cache --virtual .build-deps \
autoconf \
@ -33,8 +29,10 @@ RUN set -ex \
&& cd /tmp/repo \
&& ./autogen.sh \
&& ./configure --prefix=/usr --disable-documentation \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install \
&& ls /usr/bin/ss-* | xargs -n1 setcap cap_net_bind_service+ep \
&& strip $(ls /usr/local/bin | grep -Ev 'ss-nat') \
&& apk del .build-deps \
# Runtime dependencies setup
&& apk add --no-cache \
@ -46,8 +44,11 @@ RUN set -ex \
| sort -u) \
&& rm -rf /tmp/repo
USER nobody
COPY ./docker/alpine/entrypoint.sh /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]
EXPOSE 8388
COPY ./docker/alpine/entrypoint.sh /entrypoint.sh
STOPSIGNAL SIGINT
CMD /entrypoint.sh
CMD ["ss-server"]

41
docker/alpine/entrypoint.sh
View File

@ -1,22 +1,31 @@
#!/bin/sh
# vim:sw=4:ts=4:et
if [[ -f "$PASSWORD_FILE" ]]; then
PASSWORD=$(cat "$PASSWORD_FILE")
fi
set -e
if [[ -f "/var/run/secrets/$PASSWORD_SECRET" ]]; then
PASSWORD=$(cat "/var/run/secrets/$PASSWORD_SECRET")
fi
if [ "$1" = "ss-server" ]; then
COREVER=$(uname -r | grep -Eo '[0-9].[0-9]+' | sed -n '1,1p')
CMV=$(echo $COREVER | awk -F '.' '{print $1}')
CSV=$(echo $COREVER | awk -F '.' '{print $2}')
if [[ -f "$PASSWORD_FILE" ]]; then
PASSWORD=$(cat "$PASSWORD_FILE")
fi
if [[ -f "/var/run/secrets/$PASSWORD_SECRET" ]]; then
PASSWORD=$(cat "/var/run/secrets/$PASSWORD_SECRET")
fi
if [[ ! -z "$DNS_ADDRS" ]]; then
DNS="-d $DNS_ADDRS"
fi
if [[ ! -z "$DNS_ADDRS" ]]; then
ARGS="-d $DNS_ADDRS $ARGS"
if [ $(echo "$CMV >= 3" | bc) ]; then
if [ $(echo "$CSV > 7" | bc) ]; then
TFO='--fast-open'
fi
fi
RT_ARGS="-s $SERVER_ADDR -p $SERVER_PORT -k ${PASSWORD:-$(hostname)} -m $METHOD -a nobody -t $TIMEOUT -u $DNS $TFO $ARGS"
fi
exec ss-server \
-s $SERVER_ADDR \
-p $SERVER_PORT \
-k ${PASSWORD:-$(hostname)} \
-m $METHOD \
-t $TIMEOUT \
-u \
$ARGS
exec $@ $RT_ARGS
Write Preview
Loading…
Cancel
Save