Skip to content

Commit

Permalink
Merge pull request #57 from ilteoood/feat/sockd-server
Browse files Browse the repository at this point in the history
Feat/sockd server
  • Loading branch information
ilteoood authored Apr 8, 2023
2 parents 4b1a3f2 + 12b3557 commit 4d209b2
Show file tree
Hide file tree
Showing 7 changed files with 37 additions and 9 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/build_only.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
- name: Build image
uses: ilteoood/docker_buildx@master
with:
tag: latest,1.5.0
tag: latest,1.6.0
platform: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6
imageName: ilteoood/docker-surfshark
- name: Scan image
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/build_publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
- name: Build and publish image
uses: ilteoood/docker_buildx@master
with:
tag: latest,1.5.0
tag: latest,1.6.0
imageName: ilteoood/docker-surfshark
platform: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6
publish: true
Expand Down
10 changes: 7 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
FROM alpine:latest
LABEL maintainer.name="Matteo Pietro Dazzi" \
maintainer.email="matteopietro.dazzi@gmail.com" \
version="1.5.0" \
description="OpenVPN client configured for SurfShark VPN"
version="1.6.0" \
description="OpenVPN client and socks5 server configured for SurfShark VPN"
WORKDIR /vpn
ENV SURFSHARK_USER=
ENV SURFSHARK_PASSWORD=
Expand All @@ -16,5 +16,9 @@ ENV OVPN_CONFIGS=
ENV ENABLE_KILL_SWITCH=true
HEALTHCHECK --interval=60s --timeout=10s --start-period=30s CMD curl -L 'https://ipinfo.io'
COPY startup.sh .
RUN apk add --update --no-cache openvpn wget unzip coreutils curl ufw && chmod +x ./startup.sh
COPY sockd.conf /etc/
COPY sockd.sh .
RUN apk add --update --no-cache openvpn wget unzip coreutils curl ufw dante-server \
&& chmod +x ./startup.sh \
&& chmod +x ./sockd.sh
ENTRYPOINT [ "./startup.sh" ]
10 changes: 7 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ The container is configurable using 5 environment variables:

## Execution

You can run this image using [Docker compose](https://docs.docker.com/compose/) and the [sample file](./docker-compose.yml) provided.
** Remember: if you want to use the web gui of a container, you must open its ports on `docker-surfshark` as described below. **
You can run this image using [Docker compose](https://docs.docker.com/compose/) and the [sample file](./docker-compose.yml) provided.
**Remember: if you want to use the web gui of a container, you must open its ports on `docker-surfshark` as described below.**

```
version: "2"
Expand All @@ -64,6 +64,7 @@ services:
devices:
- /dev/net/tun
ports:
- 1080:1080 #if you want to use the socks5 server
- 9091:9091 #we open here the port for transmission, as this container will be the access point for the others
restart: unless-stopped
dns:
Expand Down Expand Up @@ -101,10 +102,13 @@ If you want to attach a container to the VPN, you can simply run:
sudo docker run -it --net=container:CONTAINER_NAME alpine /bin/sh
```

If you want access to an attached container's web ui you will also need to expose those ports. The attached container must not be started until this container is up and fully running.
If you want access to an attached container's web ui you will also need to expose those ports.
The attached container must not be started until this container is up and fully running.

If you face network connection problems, I suggest you to set a specific DNS server for each container.

Alternatively, if your software supports it, you can use the socks5 server embedded in this container. It will redirect your traffic through the Surfshark's VPN.

## Provide OpenVPN Configs Manually

Sometimes the startup script fails to download OpenVPN configs file from Surfshark's website, possibly due to the DDoS protection on it.
Expand Down
18 changes: 18 additions & 0 deletions sockd.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
logoutput: stdout

internal: eth0 port = 1080
external: tun0

user.unprivileged: sockd

socksmethod: none
clientmethod: none

client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error
}

socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
}
2 changes: 2 additions & 0 deletions sockd.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
#!/bin/sh
sockd -D
2 changes: 1 addition & 1 deletion startup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ if [ "${CREATE_TUN_DEVICE}" = "true" ]; then
chmod 0666 /dev/net/tun
fi

openvpn --config $VPN_FILE --auth-user-pass vpn-auth.txt --mute-replay-warnings $OPENVPN_OPTS
openvpn --config $VPN_FILE --auth-user-pass vpn-auth.txt --mute-replay-warnings $OPENVPN_OPTS --script-security 2 --up /vpn/sockd.sh

if [ "${ENABLE_KILL_SWITCH}" = "true" ]; then
ufw reset
Expand Down

0 comments on commit 4d209b2

Please sign in to comment.