更新配置方式

Dockerfile

@@ -1,26 +1,43 @@
-FROM golang:alpine as builder
+# web
+FROM node:lts-alpine as builder_node
+WORKDIR /web
+COPY ./web /web
+RUN npx browserslist@latest --update-db \
+ && npm install \
+ && npm run build \
+ && ls /web/ui
+
+# server
+FROM golang:alpine as builder_golang
 ENV GOPROXY=https://goproxy.io \
- GO111MODULE=on \
  GOOS=linux
-WORKDIR /root/
-RUN apk add --no-cache --update bash git g++ nodejs npm \
- && git clone https://github.com/bjdgyc/anylink.git \
- && cd anylink/server \
- && go build -o anylink -ldflags "-X main.COMMIT_ID=$(git rev-parse HEAD)" \
- && cd ../web \
- && npm install \
- && npx browserslist@latest --update-db \
- && npm run build
+WORKDIR /anylink
+COPY . /anylink
+COPY --from=builder_node /web/ui /anylink/server/ui
+
+RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
+RUN apk add --no-cache git
+RUN cd /anylink/server;go build -o anylink -ldflags "-X main.COMMIT_ID=$(git rev-parse HEAD)" \
+ && /anylink/server/anylink tool -v
 
+# anylink
+FROM alpine
+LABEL maintainer="github.com/bjdgyc"
+
+ENV IPV4_CIDR="192.168.10.0/24"
 
-FROM golang:alpine
-LABEL maintainer="www.mrdoc.fun"
-COPY --from=builder /root/anylink/server /app/
-COPY --from=builder /root/anylink/web/ui /app/ui/
-COPY --from=builder /root/anylink/docker /app/
 WORKDIR /app
-RUN apk add --no-cache pwgen bash iptables openssl ca-certificates \
- && rm -f /app/conf/server.toml \
- && chmod +x docker_entrypoint.sh
+COPY --from=builder_node /web/ui /app/ui
+COPY --from=builder_golang /anylink/server/anylink /app/
+COPY ./server/conf /app/conf
+COPY ./server/files /app/files
+COPY docker_entrypoint.sh /app/
+
+RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
+RUN apk add --no-cache bash iptables && ls /app
+
+EXPOSE 443 8800
+
+#CMD ["/app/anylink"]
+ENTRYPOINT ["/app/docker_entrypoint.sh"]
 
-ENTRYPOINT ["./docker_entrypoint.sh"]

README.md

@@ -28,22 +28,29 @@ AnyLink 服务端仅在CentOS 7、Ubuntu 18.04测试通过，如需要安装在
 
 ## Installation
 
+> 没有编程基础的同学建议直接下载release包，从下面的地址下载 anylink-deploy.tar.gz
+>
+> https://github.com/bjdgyc/anylink/releases
+
 > 升级 go version = 1.15
+>
+> 需要提前安装好 golang 和 nodejs
 
 ```shell
 git clone https://github.com/bjdgyc/anylink.git
 
 cd anylink
-sh -x build.sh
+sh build.sh
 
 # 注意使用root权限运行
 cd anylink-deploy
 sudo ./anylink -conf="conf/server.toml"
 
 # 默认管理后台访问地址
 # http:https://host:8800
-# 默认日志文件
-# log/anylink.log
+# 默认账号密码
+# admin 123456
+
 ```
 
 ## Feature
@@ -70,29 +77,76 @@ sudo ./anylink -conf="conf/server.toml"
 
 ```shell
 # 生成后台密码
-./anylink -passwd 123456
+./anylink tool -p 123456
 
 # 生成jwt密钥
-./anylink -secret
+./anylink tool -s
 ```
 
 [conf/server.toml](server/conf/server.toml)
 
-## systemd
+## Systemd
 
 添加 systemd脚本
+
 * anylink 程序目录放入 `/usr/local/anylink-deploy`
 
 systemd 脚本放入：
+
 * centos: `/usr/lib/systemd/system/`
 * ubuntu: `/lib/systemd/system/`
 
 操作命令:
+
 * 启动: `systemctl start anylink`
 * 停止: `systemctl stop anylink`
 * 开机自启: `systemctl enable anylink`
 
+## Docker
+
+1. 构建镜像
+
+ ```bash
+ #获取仓库源码
+ git clone https://github.com/bjdgyc/anylink.git
+ # 构建镜像
+ docker build -t anylink .
+ ```
 
+2. 生成密码
+
+ ```bash
+ docker run -it --rm anylink tool -p 123456
+ #Passwd:$2a$10$lCWTCcGmQdE/4Kb1wabbLelu4vY/cUwBwN64xIzvXcihFgRzUvH2a
+ ```
+
+3. 生成jwt secret
+
+ ```bash
+ docker run -it --rm anylink tool -s
+ #Secret:9qXoIhY01jqhWIeIluGliOS4O_rhcXGGGu422uRZ1JjZxIZmh17WwzW36woEbA
+ ```
+
+4. 启动容器
+
+ ```bash
+ docker run -itd --privileged \
+ -p 443:443 \
+ -p 8800:8800 \
+ --restart=always \
+ anylink
+ ```
+
+5. 使用自定义参数启动容器
+
+ ```bash
+ docker run -itd --privileged \
+ -e IPV4_CIDR=192.168.10.0/24 \
+ -p 443:443 \
+ -p 8800:8800 \
+ --restart=always \
+ anylink -c=/etc/server.toml --admin_addr=:8080
+ ```
 
 ## Setting
 
@@ -116,7 +170,7 @@ systemd 脚本放入：
 
 ```shell
 # eth0为服务器内网网卡
-iptables -t nat -A POSTROUTING -s 192.168.10.0/255.255.255.0 -o eth0 -j MASQUERADE
+iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
 ```
 
 3. 使用AnyConnect客户端连接即可
@@ -157,7 +211,9 @@ sh bridge-init.sh
 
 ## Contribution
 
-欢迎提交 PR、Issues，感谢为AnyLink做出贡献
+欢迎提交 PR、Issues，感谢为AnyLink做出贡献。 
+
+注意新建PR，需要提交到dev分支，其他分支暂不会合并。
 
 ## Other Screenshot
 

build.sh

@@ -1,11 +1,21 @@
-#!/usr/bin/env bash
+#!/bin/env bash
+
+set -x
+function RETVAL() {
+ rt=$1
+ if [ $rt != 0 ]; then
+ echo $rt
+ exit 1
+ fi
+}
 
 #当前目录
 cpath=$(pwd)
 
 echo "编译二进制文件"
 cd $cpath/server
 go build -o anylink -ldflags "-X main.COMMIT_ID=$(git rev-parse HEAD)"
+RETVAL $?
 
 echo "编译前端项目"
 cd $cpath/web
@@ -14,6 +24,7 @@ npm install --registry=https://registry.npm.taobao.org
 npm run build --registry=https://registry.npm.taobao.org
 #npm install
 #npm run build
+RETVAL $?
 
 cd $cpath
 

docker/Dockerfile

@@ -0,0 +1,6 @@
+FROM ubuntu:18.04
+WORKDIR /
+COPY docker_entrypoint.sh docker_entrypoint.sh
+RUN mkdir /anylink && apt update && apt install -y wget iptables tar iproute2
+ENTRYPOINT ["/docker_entrypoint.sh"]
+#CMD ["/anylink/anylink","-conf=/anylink/conf/server.toml"]

docker/docker_entrypoint_fix.sh

@@ -0,0 +1,37 @@
+#! /bin/bash
+version=(`wget -qO- -t1 -T2 "https://api.github.com/repos/bjdgyc/anylink/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g'`)
+count=(`ls anylink | wc -w `)
+wget https://github.com/bjdgyc/anylink/releases/download/${version}/anylink-deploy.tar.gz
+tar xf anylink-deploy.tar.gz
+rm -rf anylink-deploy.tar.gz
+if [ ${count} -eq 0 ]; then
+ echo "init anylink"
+ mv anylink-deploy/* anylink/
+else
+ if [ ! -d "/anylink/log" ]; then
+ mv anylink-deploy/log anylink/
+ fi
+ if [ ! -d "/anylink/conf" ]; then
+ mv anylink-deploy/conf anylink/
+ fi
+ echo "update anylink"
+ rm -rf anylink/ui anylink/anylink anylink/files
+ mv anylink-deploy/ui anylink/
+ mv anylink-deploy/anylink anylink/
+ mv anylink-deploy/files anylink/
+fi
+rm -rf anylink-deploy
+sysctl -w net.ipv4.ip_forward=1
+if [[ ${mode} == pro ]];then
+ iptables -t nat -A POSTROUTING -s ${iproute} -o eth0 -j MASQUERADE
+ iptables -L -n -t nat
+ /anylink/anylink -conf=/anylink/conf/server.toml
+elif [[ ${mode} == password ]];then
+ if [ -z ${password} ];then
+ echo "invalid password"
+ else
+ /anylink/anylink -passwd ${password}
+ fi
+elif [[ ${mode} -eq jwt ]];then
+ /anylink/anylink -secret
+fi

docker/generate-certs.sh

@@ -1,8 +1,8 @@
 #!/bin/sh
 
-mkdir -p ssl
+mkdir -p /ssl
 
-OUTPUT_FILENAME="example.com"
+OUTPUT_FILENAME="vpn.xx.com"
 
 printf "[req]
 prompt = no
@@ -19,9 +19,9 @@ x509_extensions = req_x509v3_extensions
 C = CN
 ST = BJ
 L = BJ
-O = example.com
-OU = example.com
-CN = example.com
+O = xx.com
+OU = xx.com
+CN = xx.com
 
 [req_x509v3_extensions]
 basicConstraints = critical,CA:true
@@ -31,9 +31,11 @@ extendedKeyUsage = critical,serverAuth #, clientAuth
 subjectAltName = @alt_names
 
 [alt_names]
-DNS.1 = example.com
-DNS.2 = *.example.com
+DNS.1 = xx.com
+DNS.2 = *.xx.com
 
-">ssl/${OUTPUT_FILENAME}.conf
+">/ssl/${OUTPUT_FILENAME}.conf
+
+openssl req -x509 -newkey rsa:2048 -keyout /ssl/test_vpn_key.pem -out /ssl/test_vpn_cert.pem \
+-days 3600 -nodes -config /ssl/${OUTPUT_FILENAME}.conf
 
-openssl req -x509 -newkey rsa:2048 -keyout /app/conf/$OUTPUT_FILENAME.key -out /app/conf/$OUTPUT_FILENAME.crt -days 3600 -nodes -config ssl/${OUTPUT_FILENAME}.conf

docker_entrypoint.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+var1=$1
+
+#set -x
+
+case $var1 in
+"bash" | "sh")
+ echo $var1
+ exec "$@"
+ ;;
+
+"tool")
+ /app/anylink "$@"
+ ;;
+
+*)
+ sysctl -w net.ipv4.ip_forward=1
+ iptables -t nat -A POSTROUTING -s "${IPV4_CIDR}" -o eth0+ -j MASQUERADE
+ # iptables -nL -t nat
+
+ /app/anylink "$@"
+ ;;
+esac