在三分鐘內使用docker藉助sing-box搭建一個hysteria2代理伺服端
本文所提及的主要內容是:如何以最簡單的方式,在三分鐘內藉助docker,使用sing-box程式組啟動一個hysteria2代理服務端用於客戶端連接上網。
前提條件:
1.對應的伺服器上已經安裝docker程式
2.對應的伺服器上合理設定防火牆規則
以下是具體方法:
1.在合適的目錄下創建一個資料夾,名爲sing-box
mkdir sing-box
2.切換到這個目錄下,創建一個文件,名爲docker-compose.yml,並寫入以下內容
version: '3'
services:
sing-box:
image: gzxhwq/sing-box:git
container_name: sing-box
restart: always
network_mode: "host"
volumes:
- $PWD/:/etc/sing-box/
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
deploy:
resources:
limits:
cpus: '1.0'
memory: 128M
reservations:
cpus: '1.0'
memory: 128M
3.在此目錄下,再次創建一個文件,名爲config.json,並寫入以下內容(中文註解部分需要按需刪除後修改填寫)
{
"inbounds": [
{
"type": "hysteria2",
"listen": "::",
"listen_port": 填寫服務所使用的端口,僅數字,
"tcp_fast_open": false,
"udp_fragment": true,
"tcp_multi_path": true,
"udp_timeout": 30,
"sniff": true,
"sniff_override_destination": false,
"sniff_timeout": "300ms",
"domain_strategy": "prefer_ipv6",
"udp_disable_domain_unmapping": true,
"ignore_client_bandwidth": false,
"brutal_debug": false,
"up_mbps": 100,
"down_mbps": 100,
"users": [
{
"password": "填寫客戶端認證密碼"
}
],
"tls": {
"enabled": true,
"alpn": [
"h3"
],
"min_version": "1.3",
"max_version": "1.3",
"certificate_path": "/etc/sing-box/server.crt",
"key_path": "/etc/sing-box/server.key"
}
}
],
"outbounds": [
{
"type": "direct",
"inet4_bind_address": "0.0.0.0",
"inet6_bind_address": "::",
"routing_mark": 1234,
"reuse_addr": true,
"connect_timeout": "6s",
"tcp_fast_open": false,
"tcp_multi_path": true,
"udp_fragment": true,
"domain_strategy": "prefer_ipv6",
"fallback_delay": "300ms"
}
]
}
4.停留在當前目錄下,生成一個自簽發SSL證書和密鑰,放在該目錄下(運行以下命令後,需要按需填寫相應信息用於生成證書)
openssl req -x509 -sha256 -nodes -days 3650 -newkey rsa:4096 -keyout server.key -out server.crt
5.在此目錄下,運行 docker compose up -d 命令,使其自動啓動一個容器
完成上述步驟後,並且確認對應port已經開放了的話,那就可以試試讓客戶端連線它了。