diff --git a/DockerEntrypoint.sh b/DockerEntrypoint.sh new file mode 100644 index 00000000..26083c5d --- /dev/null +++ b/DockerEntrypoint.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +# Start fail2ban +fail2ban-client -x -f start + +# Run x-ui +exec /app/x-ui diff --git a/DockerInit.sh b/DockerInit.sh index 0b83457c..d1a5e40a 100755 --- a/DockerInit.sh +++ b/DockerInit.sh @@ -1,22 +1,28 @@ #!/bin/sh -if [ $1 == "amd64" ]; then - ARCH="64"; - FNAME="amd64"; -elif [ $1 == "arm64" ]; then - ARCH="arm64-v8a" - FNAME="arm64"; -else - ARCH="64"; - FNAME="amd64"; -fi + +case $1 in + amd64) + ARCH="64" + FNAME="amd64" + ;; + arm64) + ARCH="arm64-v8a" + FNAME="arm64" + ;; + *) + ARCH="64" + FNAME="amd64" + ;; +esac + mkdir -p build/bin cd build/bin + wget "https://github.com/mhsanaei/xray-core/releases/latest/download/Xray-linux-${ARCH}.zip" unzip "Xray-linux-${ARCH}.zip" rm -f "Xray-linux-${ARCH}.zip" geoip.dat geosite.dat iran.dat mv xray "xray-linux-${FNAME}" + wget "https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat" wget "https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat" wget "https://github.com/bootmortis/iran-hosted-domains/releases/latest/download/iran.dat" - -cd ../../ \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 6114d548..ba2a1dc0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,20 +1,45 @@ -#Build latest x-ui from source +# ======================================================== +# Stage: Builder +# ======================================================== FROM --platform=$BUILDPLATFORM golang:1.20.4-alpine AS builder WORKDIR /app -ARG TARGETARCH -RUN apk --no-cache --update add build-base gcc wget unzip +ARG TARGETARCH +ENV CGO_ENABLED=1 + +RUN apk --no-cache --update add \ + build-base \ + gcc \ + wget \ + unzip + COPY . . -RUN env CGO_ENABLED=1 go build -o build/x-ui main.go + +RUN go build -o build/x-ui main.go RUN ./DockerInit.sh "$TARGETARCH" - -#Build app image using latest x-ui +# ======================================================== +# Stage: Final Image of 3x-ui +# ======================================================== FROM alpine ENV TZ=Asia/Tehran WORKDIR /app -RUN apk add ca-certificates tzdata +RUN apk add --no-cache --update \ + ca-certificates \ + tzdata \ + fail2ban COPY --from=builder /app/build/ /app/ +COPY --from=builder /app/DockerEntrypoint.sh /app/ + +# Configure fail2ban +RUN rm -f /etc/fail2ban/jail.d/alpine-ssh.conf \ + && cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local \ + && sed -i "s/^\[ssh\]$/&\nenabled = false/" /etc/fail2ban/jail.local + +RUN chmod +x \ + /app/DockerEntrypoint.sh \ + /app/x-ui + VOLUME [ "/etc/x-ui" ] -ENTRYPOINT [ "/app/x-ui" ] +ENTRYPOINT [ "/app/DockerEntrypoint.sh" ] diff --git a/install.sh b/install.sh index 9e995095..653fe979 100644 --- a/install.sh +++ b/install.sh @@ -8,7 +8,7 @@ plain='\033[0m' cur_dir=$(pwd) # check root -[[ $EUID -ne 0 ]] && echo -e "${red}Fatal error:${plain} Please run this script with root privilege \n " && exit 1 +[[ $EUID -ne 0 ]] && echo -e "${red}Fatal error: ${plain} Please run this script with root privilege \n " && exit 1 # Check OS and set release variable if [[ -f /etc/os-release ]]; then @@ -41,12 +41,12 @@ if [[ "${release}" == "centos" ]]; then fi elif [[ "${release}" == "ubuntu" ]]; then if [[ ${os_version} -lt 20 ]]; then - echo -e "${red}please use Ubuntu 20 or higher version!${plain}\n" && exit 1 + echo -e "${red}please use Ubuntu 20 or higher version!${plain}\n" && exit 1 fi elif [[ "${release}" == "fedora" ]]; then if [[ ${os_version} -lt 36 ]]; then - echo -e "${red}please use Fedora 36 or higher version!${plain}\n" && exit 1 + echo -e "${red}please use Fedora 36 or higher version!${plain}\n" && exit 1 fi elif [[ "${release}" == "debian" ]]; then @@ -68,7 +68,7 @@ install_base() { esac } -#This function will be called when user installed x-ui out of sercurity +# This function will be called when user installed x-ui out of sercurity config_after_install() { echo -e "${yellow}Install/update finished! For security it's recommended to modify panel settings ${plain}" read -p "Do you want to continue with the modification [y/n]? ": config_confirm