Last active
October 23, 2017 14:11
-
-
Save twang2218/bab6d695f5710249e3c70e6008d7ad3b to your computer and use it in GitHub Desktop.
利用 docker-machine 架设代理服务器
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# set -e | |
DOMAIN=lab99.org | |
NAME=v1 | |
PORT=8080 | |
MODE=aes-256-gcm | |
TOKEN=dockerrocks | |
function start() { | |
# Create a docker host | |
docker-machine create -d vultr --vultr-region-id=25 $NAME | |
docker-machine ls | grep $NAME | |
# Prepare the machine | |
docker-machine ssh $NAME << EOF | |
apt update | |
apt-get install --install-recommends -y linux-generic-hwe-16.04 | |
apt dist-upgrade -y | |
echo 'net.core.default_qdisc=fq' >> /etc/sysctl.conf | |
echo 'net.ipv4.tcp_congestion_control=bbr' >> /etc/sysctl.conf | |
reboot | |
EOF | |
sleep 20 | |
docker-machine ssh $NAME "sysctl net.ipv4.tcp_available_congestion_control; lsmod | grep bbr" | |
# Get IP of the docker host | |
ip=$(docker-machine ip $NAME) | |
if [ -z "$ip" ]; then | |
echo "Failed to created the $NAME host" | |
return 1 | |
else | |
echo "Created docker host: $NAME => $ip" | |
fi | |
# Create DNS record for constant usage | |
local id=`doctl compute domain records list $DOMAIN | grep $NAME | cut -d' ' -f1` | |
if [ -z "$id" ]; then | |
# create one | |
id=`doctl compute domain records create $DOMAIN --record-name=$NAME --record-data=$ip --record-type=A | grep $NAME | cut -d' ' -f1` | |
if [ -z "$id" ]; then | |
echo "Failed to create the $NAME.$DOMAIN records" | |
else | |
echo "Created DNS record: $NAME.$DOMAIN => $ip" | |
fi | |
else | |
# update the existing one | |
doctl compute domain records update $DOMAIN --record-id=$id --record-data=$ip | |
echo "Updated DNS record: $NAME.$DOMAIN => $ip" | |
fi | |
# Start Proxy | |
eval $(docker-machine env $NAME) | |
docker run --name ss -d -p $PORT:$PORT\ | |
mritd/shadowsocks \ | |
-s "-s 0.0.0.0 -p $PORT -m $MODE -k $TOKEN --fast-open" | |
} | |
function stop() { | |
# Simply remove the machine | |
docker-machine rm -y $NAME | |
echo "Removed docker host: $NAME" | |
# Remove the dns record | |
local id=`doctl compute domain records list $DOMAIN | grep $NAME | cut -d' ' -f1` | |
if [ -z "$id" ]; then | |
echo "DNS record '$NAME.$DOMAIN' does not exist" | |
else | |
doctl compute domain records delete lab99.org "$id" -f | |
echo "DNS record '$NAME.$DOMAIN' removed" | |
fi | |
} | |
function status() { | |
docker-machine ls | grep $NAME | |
eval $(docker-machine env $NAME) | |
docker ps | grep ss | |
docker logs $@ ss | |
} | |
function environment() { | |
if [ "$1" == "--unset" ]; then | |
# Unset all proxy env | |
echo unset http_proxy | |
echo unset https_proxy | |
echo unset HTTP_PROXY | |
echo unset HTTPS_PROXY | |
echo unset all_proxy | |
echo "# Run: eval \$($0 env --unset)" | |
else | |
# Set proxy env | |
http_proxy=socks5h://127.0.0.1:1086 | |
echo export http_proxy=socks5h://127.0.0.1:1086 | |
echo export https_proxy=$http_proxy | |
echo export HTTP_PROXY=$http_proxy | |
echo export HTTPS_PROXY=$http_proxy | |
echo export all_proxy=$http_proxy | |
echo "# Run: eval \$($0 env)" | |
fi | |
} | |
command=$1 | |
shift | |
case $command in | |
start) start ;; | |
stop) stop ;; | |
status) status ;; | |
env) environment $@ ;; | |
*) echo "Usage: $0 (start|stop|status|env)" ;; | |
esac |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@vannnnish
domain
是配置域名,这样各种设备上,只需要配置域名即可,不必因为每次服务器的IP 不同,而导致需要修改配置。我这个是应对多个访问设备的。如果只有自己的笔记本,那么完全不需要域名这部分,或者每次根据新的IP修改一下客户端配置;或者修改/etc/hosts
文件,建立一个名字对应 IP 的映射关系,这样客户端就不用变动,每次修改/etc/hosts
即可。TOKEN
是给 ss 服务器作为口令用的docker-machine
来建立云服务器,如果要建立 vultr 的云服务器,就必须使用 vultr 的 docker-machine 的驱动,这样才可以通过 vultr 云 API 建立服务器。VULTR_API_KEY
中,这个在 vultr 的 docker-machine 驱动项目页面有说:https://github.com/janeczku/docker-machine-vultr#pxe-deployment。除了 key 外,一般还会配置VULTR_REGION
,VULTR_PLAN
,VULTR_OS
以确保是自己需要的情况。VULTR_API_KEY
。这类敏感信息我一般独立写在一个文件中,比如.vultr.env
,在使用该脚本前,用source .vultr.env
来加载所需环境变量,然后再执行该脚本。