add Dockerfile build support

ellermister · Nov 27, 2021 · e78e980 · e78e980
1 parent c8199c8
commit e78e980
Show file tree

Hide file tree

Showing 7 changed files with 187 additions and 0 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,36 @@
+FROM nginx
+
+COPY . /home/mtproxy
+
+ENV WORKDIR=/home/mtproxy
+
+WORKDIR /home/mtproxy 
+
+# setup config
+RUN set -ex \
+	&& cd $WORKDIR \
+	&& cp src/* /usr/share/nginx/html \
+    && cp mtp_config mtp_config.bak \
+	&& rm -rf .git \
+	&& cp mtproxy-entrypoint.sh /docker-entrypoint.d/40-mtproxy-start.sh \
+	&& chmod +x /docker-entrypoint.d/40-mtproxy-start.sh \
+	&& /bin/cp -f nginx/default.conf /etc/nginx/conf.d/default.conf \
+	&& /bin/cp -f nginx/ip_white.conf /etc/nginx/ip_white.conf \
+	&& /bin/cp -f nginx/nginx.conf /etc/nginx/nginx.conf
+
+# build mtproxy and install php
+RUN set -ex \
+	&& apt-get update \
+    && apt-get install -y --no-install-recommends git curl build-essential libssl-dev zlib1g-dev iproute2 php7.4-fpm vim-common \
+	&& git clone https://github.com/TelegramMessenger/MTProxy \
+	&& cd MTProxy \
+    && sed -i 's/CFLAGS\s*=[^\r]\+/& -fcommon\r/' Makefile \
+	&& sed -i 's/^user\s*=[^\r]\+/user = root/' /etc/php/7.4/fpm/pool.d/www.conf \
+	&& sed -i 's/^group\s*=[^\r]\+/group = root/' /etc/php/7.4/fpm/pool.d/www.conf \
+	&& make && cd objs/bin && cp -f mtproto-proxy $WORKDIR \
+    && rm -rf $WORKDIR/MTProxy \
+	&& mkdir /run/php -p && mkdir $WORKDIR/pid \
+	&& apt-get purge -y git build-essential libssl-dev zlib1g-dev \
+    && apt-get clean \
+	&& apt-get autoremove --purge -y \
+    && rm -rf /var/lib/apt/lists/*
diff --git a/mtp_config b/mtp_config
@@ -0,0 +1,6 @@
+#!/bin/bash
+secret="4451023506896290666356006a67ce93"
+port=8443
+web_port=8888
+domain="azure.microsoft.com"
+proxy_tag="4451023506896290666356006a67ce91"
diff --git a/mtproxy-entrypoint.sh b/mtproxy-entrypoint.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+/usr/sbin/php-fpm7.4 -R
+chmod 777 /etc/nginx/ip_white.conf
+chmod 777 /run/php/php7.4-fpm.sock
+
+mtp_config="/home/mtproxy/mtp_config"
+init_lock="/home/mtproxy/mtp_config.lock"
+set_config(){
+  if [ "$secret" ] && [[ "$secret" =~ ^[A-Za-z0-9]{32}$ ]]; then
+    sed -i 's/secret="[0-9A-Za-z]*"/secret="'$secret'"/' $mtp_config
+  fi
+  if [ "$tag" ] && [[ "$tag" =~ ^[A-Za-z0-9]{32}$ ]]; then
+    sed -i 's/proxy_tag="[0-9A-Za-z]*"/proxy_tag="'$tag'"/' $mtp_config
+  fi
+  if [ "$domain" ]; then
+    sed -i 's/domain="[A-z\.\-\d]*"/domain="'$domain'"/' $mtp_config
+  fi
+}
+if [ ! -f $init_lock ];then
+  cp "${mtp_config}.bak" "$mtp_config"
+  echo 1>"$init_lock"
+  set_config
+fi;
+
+set_config
+echo "=================================================="
+echo -e "Default port is \033[31m443\033[0m by docker started mtproxy!!!"
+echo "=================================================="
+cd /home/mtproxy
+curl -s https://core.telegram.org/getProxySecret -o proxy-secret
+curl -s https://core.telegram.org/getProxyConfig -o proxy-multi.conf
+bash /home/mtproxy/mtproxy.sh start
diff --git a/nginx/default.conf b/nginx/default.conf
@@ -0,0 +1,25 @@
+server {
+    listen       80;
+    server_name  localhost;
+
+    #charset koi8-r;
+    #access_log  /var/log/nginx/host.access.log  main;
+
+    root   /usr/share/nginx/html;
+    location / {
+        root   /usr/share/nginx/html;
+        index  index.html index.htm;
+    }
+
+    location ~ \.php$ {
+            fastcgi_pass   unix:/run/php/php7.4-fpm.sock;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        fastcgi_params;
+    }
+
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+}
diff --git a/nginx/ip_white.conf b/nginx/ip_white.conf
@@ -0,0 +1 @@
+1.1.1.1 1;
diff --git a/nginx/nginx.conf b/nginx/nginx.conf
@@ -0,0 +1,59 @@
+user  www-data;
+worker_processes  4;
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  10240;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}
+
+
+stream {
+  resolver 8.8.8.8;
+  geo $remote_addr $ip_whitelist {
+    default 0;
+    include ip_white.conf;
+  }
+  map $ssl_preread_server_name $name {
+    default 127.0.0.1:8443;
+  }
+  map $ip_whitelist $name2{
+    1 $name;
+    0 eller;
+  }
+
+  upstream eller {
+    server "127.0.0.0:443";
+  }
+  server {
+        listen 443;
+        proxy_pass $name2;
+        #proxy_protocol on;
+        ssl_preread on;
+        access_log off;
+        error_log off;
+    }
+}
diff --git a/src/add.php b/src/add.php
@@ -0,0 +1,27 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: ellermister
+ * Date: 2021/11/24
+ * Time: 11:44
+ */
+$ip = trim($_SERVER['REMOTE_ADDR']);
+$ip = long2ip(ip2long($ip) >> 8 << 8)."/24"; //增加IP段
+
+$file_path = '/etc/nginx/ip_white.conf';
+$raw = file_get_contents($file_path);
+$arr = explode("\n", $raw);
+foreach ($arr as $seg) {
+    $buffer = explode(' ', $seg);
+    if (trim($buffer[0]) == $ip) {
+        echo "already added";
+        die;
+    }
+}
+$arr[] = "$ip 1;";
+if (file_put_contents($file_path, implode("\n", $arr))) {
+    echo "Added successfully";
+    system("nginx -s reload");
+} else {
+    echo "Added fail";
+}