mirror of https://github.com/wulabing/Xray_onekey
wulabing
parent
6e851ee2d5
commit
e1e22e5039
|
|
@ -0,0 +1,107 @@
|
|||
user root;
|
||||
# This number should be, at maximum, the number of CPU cores on your system.
|
||||
worker_processes auto;
|
||||
worker_rlimit_nofile 655350;
|
||||
|
||||
pcre_jit on;
|
||||
|
||||
error_log logs/error.log;
|
||||
pid logs/nginx.pid;
|
||||
|
||||
|
||||
|
||||
events {
|
||||
use epoll;
|
||||
worker_connections 60000;
|
||||
multi_accept on;
|
||||
}
|
||||
|
||||
stream {
|
||||
preread_timeout 120s;
|
||||
proxy_connect_timeout 30s;
|
||||
proxy_protocol_timeout 30s;
|
||||
proxy_buffer_size 64k;
|
||||
proxy_timeout 120s;
|
||||
tcp_nodelay on;
|
||||
proxy_next_upstream on;
|
||||
proxy_socket_keepalive on;
|
||||
|
||||
log_format proxy '$remote_addr [$time_local] '
|
||||
'$protocol $status $bytes_sent $bytes_received '
|
||||
'$session_time "$upstream_addr" "$upstream_bytes_sent"'
|
||||
'"$upstream_bytes_received" "$upstream_connect_time"';
|
||||
|
||||
upstream ss {
|
||||
server shadowsocks:8388;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 7777;
|
||||
listen 7777 udp;
|
||||
include allow.list;
|
||||
deny all;
|
||||
proxy_pass ss;
|
||||
}
|
||||
}
|
||||
|
||||
http {
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
reset_timedout_connection on;
|
||||
client_header_timeout 15;
|
||||
client_body_timeout 10;
|
||||
send_timeout 15;
|
||||
keepalive_timeout 30;
|
||||
keepalive_requests 30;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 10m;
|
||||
proxy_read_timeout 180s;
|
||||
|
||||
gzip on;
|
||||
gzip_min_length 10240;
|
||||
gzip_proxied expired no-cache no-store private auth;
|
||||
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
|
||||
gzip_disable "msie6";
|
||||
|
||||
sendfile on;
|
||||
tcp_nodelay on;
|
||||
tcp_nopush on;
|
||||
|
||||
|
||||
server_tokens off;
|
||||
|
||||
error_page 404 /404.html;
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
|
||||
server{
|
||||
listen 80;
|
||||
location / {
|
||||
auth_basic "";
|
||||
auth_basic_user_file /etc/openresty/auth;
|
||||
autoindex on;
|
||||
add_header Content-Type text/plain;
|
||||
real_ip_header proxy_protocol;
|
||||
set_real_ip_from 0.0.0.0/8;
|
||||
proxy_set_header X-Real-IP $proxy_protocol_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_protocol_addr;
|
||||
content_by_lua_block {
|
||||
clientIP=ngx.var.remote_addr;
|
||||
ngx.header.content_type = "text/plain;charset=UTF-8";
|
||||
file = io.open("/etc/openresty/allow.list","a+")
|
||||
io.input(file)
|
||||
io.output(file)
|
||||
io.write("allow "..clientIP..";\n")
|
||||
ngx.print("当前IP:"..clientIP.."已添加至白名单")
|
||||
io.close(file)
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
version: "3.9"
|
||||
services:
|
||||
shadowsocks:
|
||||
image: shadowsocks/shadowsocks-libev:latest
|
||||
expose:
|
||||
- 8388
|
||||
- 8388/udp
|
||||
environment:
|
||||
- METHOD=chacha20-ietf-poly1305
|
||||
- PASSWORD=96166477-95b6-41a1-92c5-e33bce9694b0
|
||||
restart: always
|
||||
networks:
|
||||
- backend
|
||||
openresty:
|
||||
image: openresty/openresty:latest
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
- "7777:7777"
|
||||
- "7777:7777/udp"
|
||||
volumes:
|
||||
- /usr/local/src/ss/nginx.conf:/etc/openresty/nginx.conf
|
||||
- /usr/local/src/ss/allow.list:/etc/openresty/allow.list
|
||||
- /usr/local/src/ss/auth:/etc/openresty/auth
|
||||
restart: always
|
||||
networks:
|
||||
- backend
|
||||
depends_on:
|
||||
- shadowsocks
|
||||
networks:
|
||||
backend:
|
||||
Loading…
Reference in New Issue