From 6f5fadc085d71d8920524e3582230577889f7e1c Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Mon, 7 Jul 2025 13:33:57 -0400 Subject: [PATCH 1/2] Docker: Do not automatically build Zoraxy plugins --- docker/Dockerfile | 15 +-------------- docker/README.md | 10 +++------- docker/build_plugins.sh | 19 ------------------- docker/entrypoint.sh | 5 ----- 4 files changed, 4 insertions(+), 45 deletions(-) delete mode 100644 docker/build_plugins.sh diff --git a/docker/Dockerfile b/docker/Dockerfile index 6fd609e..1d3bb33 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -34,19 +34,6 @@ RUN curl -Lo ZeroTierOne.tar.gz https://codeload.github.com/zerotier/ZeroTierOne chmod 755 /usr/local/bin/zerotier-one -## Fetch plugin -FROM docker.io/golang:alpine AS fetch-plugin - -RUN mkdir -p /opt/zoraxy/zoraxy_plugin/ - -RUN apk add --update --no-cache git - -WORKDIR /opt/zoraxy/ - -RUN git clone https://github.com/aroz-online/zoraxy-official-plugins &&\ - cp -r ./zoraxy-official-plugins/src/ztnc/mod/zoraxy_plugin/ /opt/zoraxy/zoraxy_plugin/ - - ## Main FROM docker.io/golang:alpine @@ -55,7 +42,7 @@ FROM docker.io/golang:alpine COPY --chmod=700 ./entrypoint.sh /opt/zoraxy/ COPY --chmod=700 ./build_plugins.sh /usr/local/bin/build_plugins -COPY --from=fetch-plugin --chmod=700 /opt/zoraxy/zoraxy_plugin/ /opt/zoraxy/zoraxy_plugin/ +COPY --chmod=700 ./entrypoint.py /opt/zoraxy/ COPY --from=build-zerotier /usr/local/bin/zerotier-one /usr/local/bin/zerotier-one COPY --from=build-zoraxy /usr/local/bin/zoraxy /usr/local/bin/zoraxy diff --git a/docker/README.md b/docker/README.md index 2686fff..a360796 100644 --- a/docker/README.md +++ b/docker/README.md @@ -119,18 +119,14 @@ Or for Docker Compose: ### Plugins -You can find official plugins at https://github.com/aroz-online/zoraxy-official-plugins - -Place your plugins inside the volume `/path/to/zoraxy/plugin/:/opt/zoraxy/plugin/` (Adjust to your actual install location). Any plugins you have added will then be built and used on the next restart. - -> [!IMPORTANT] -> Plugins are currently experimental. +Zoraxy includes a (experimental) store to download and use official plugins right from inside Zoraxy, no preparation required. +For those looking to use custom plugins, build your plugins and place them inside the volume `/path/to/zoraxy/plugin/:/opt/zoraxy/plugin/` (Adjust to your actual install location). ### Building To build the Docker image: - Check out the repository/branch. - - Copy the Zoraxy `src/` and `example/` directory into the `docker/` (here) directory. + - Copy the Zoraxy `src/` directory into the `docker/` (here) directory. - Run the build command with `docker build -t zoraxy_build .` - You can now use the image `zoraxy_build` - If you wish to change the image name, then modify`zoraxy_build` in the previous step and then build again. diff --git a/docker/build_plugins.sh b/docker/build_plugins.sh deleted file mode 100644 index 91a7b26..0000000 --- a/docker/build_plugins.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env bash - -echo "Copying zoraxy_plugin to all mods..." -for dir in "$1"/*; do - if [ -d "$dir" ]; then - cp -r "/opt/zoraxy/zoraxy_plugin/" "$dir/mod/" - fi -done - -echo "Running go mod tidy and go build for all directories..." -for dir in "$1"/*; do - if [ -d "$dir" ]; then - cd "$dir" || exit 1 - go mod tidy - go build - cd "$1" || exit 1 - fi -done - diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 5bb7857..cf36899 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -13,11 +13,6 @@ trap cleanup SIGTERM SIGINT TERM INT update-ca-certificates && echo "CA certificates updated." zoraxy -update_geoip=true && echo "GeoIP data updated ." -echo "Building plugins..." -cd /opt/zoraxy/plugin/ || exit 1 -build_plugins "$PWD" -echo "Plugins built." -cd /opt/zoraxy/config/ || exit 1 if [ "$ZEROTIER" = "true" ]; then if [ ! -d "/opt/zoraxy/config/zerotier/" ]; then From 51334a3a75bcd748a80673123f0f13f7e65a3143 Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Mon, 7 Jul 2025 13:34:50 -0400 Subject: [PATCH 2/2] Docker: Switch to a python entrypoint --- .gitignore | 9 ++- docker/Dockerfile | 13 ++--- docker/entrypoint.py | 128 +++++++++++++++++++++++++++++++++++++++++++ docker/entrypoint.sh | 50 ----------------- 4 files changed, 139 insertions(+), 61 deletions(-) create mode 100644 docker/entrypoint.py delete mode 100644 docker/entrypoint.sh diff --git a/.gitignore b/.gitignore index 1a3606d..3301c8e 100644 --- a/.gitignore +++ b/.gitignore @@ -29,8 +29,6 @@ src/Zoraxy_*_* src/certs/* src/rules/* src/README.md -docker/ContainerTester.sh -docker/docker-compose.yaml src/mod/acme/test/stackoverflow.pem /tools/dns_challenge_update/code-gen/acmedns /tools/dns_challenge_update/code-gen/lego @@ -41,11 +39,15 @@ src/sys.uuid src/zoraxy src/log/ - # dev-tags /Dockerfile /Entrypoint.sh +# docker testing stuff +docker/test/ +docker/container-builder.sh +docker/docker-compose.yaml + # plugins example/plugins/ztnc/ztnc.db example/plugins/ztnc/authtoken.secret @@ -58,3 +60,4 @@ sys.* www/html/index.html *.exe /src/dist + diff --git a/docker/Dockerfile b/docker/Dockerfile index 1d3bb33..c5e98e3 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -35,20 +35,17 @@ RUN curl -Lo ZeroTierOne.tar.gz https://codeload.github.com/zerotier/ZeroTierOne ## Main -FROM docker.io/golang:alpine +FROM docker.io/alpine:latest -# If you build it yourself, you will need to add the example directory into the docker directory. - -COPY --chmod=700 ./entrypoint.sh /opt/zoraxy/ -COPY --chmod=700 ./build_plugins.sh /usr/local/bin/build_plugins +RUN apk add --update --no-cache python3 sudo netcat-openbsd libressl-dev openssh ca-certificates libc6-compat libstdc++ &&\ + rm -rf /var/cache/apk/* /tmp/* COPY --chmod=700 ./entrypoint.py /opt/zoraxy/ COPY --from=build-zerotier /usr/local/bin/zerotier-one /usr/local/bin/zerotier-one COPY --from=build-zoraxy /usr/local/bin/zoraxy /usr/local/bin/zoraxy -RUN apk add --update --no-cache bash sudo netcat-openbsd libressl-dev openssh ca-certificates libc6-compat libstdc++ &&\ - mkdir -p /opt/zoraxy/plugin/ &&\ +RUN mkdir -p /opt/zoraxy/plugin/ &&\ echo "tun" | tee -a /etc/modules WORKDIR /opt/zoraxy/config/ @@ -76,7 +73,7 @@ VOLUME [ "/opt/zoraxy/config/" ] LABEL com.imuslab.zoraxy.container-identifier="Zoraxy" -ENTRYPOINT [ "/opt/zoraxy/entrypoint.sh" ] +ENTRYPOINT [ "python3", "-u", "/opt/zoraxy/entrypoint.py" ] HEALTHCHECK --interval=15s --timeout=5s --start-period=10s --retries=3 CMD nc -vz 127.0.0.1 $PORT || exit 1 diff --git a/docker/entrypoint.py b/docker/entrypoint.py new file mode 100644 index 0000000..d6078d9 --- /dev/null +++ b/docker/entrypoint.py @@ -0,0 +1,128 @@ +#!/usr/bin/env python3 + +import os +import signal +import subprocess +import sys +import time + +zoraxy_proc = None +zerotier_proc = None + +def getenv(key, default=None): + return os.environ.get(key, default) + +def run(command): + try: + subprocess.run(command, check=True) + except subprocess.CalledProcessError as e: + print(f"Command failed: {command} - {e}") + sys.exit(1) + +def popen(command): + proc = subprocess.Popen(command) + time.sleep(1) + if proc.poll() is not None: + print(f"{command} exited early with code {proc.returncode}") + raise RuntimeError(f"Failed to start {command}") + return proc + +def cleanup(_signum, _frame): + print("Shutdown signal received. Cleaning up...") + + global zoraxy_proc, zerotier_proc + + if zoraxy_proc and zoraxy_proc.poll() is None: + print("Terminating Zoraxy...") + zoraxy_proc.terminate() + + if zerotier_proc and zerotier_proc.poll() is None: + print("Terminating ZeroTier-One...") + zerotier_proc.terminate() + + if zoraxy_proc: + try: + zoraxy_proc.wait(timeout=8) + except subprocess.TimeoutExpired: + zoraxy_proc.kill() + zoraxy_proc.wait() + + if zerotier_proc: + try: + zerotier_proc.wait(timeout=8) + except subprocess.TimeoutExpired: + zerotier_proc.kill() + zerotier_proc.wait() + + try: + os.unlink("/var/lib/zerotier-one") + except FileNotFoundError: + pass + except Exception as e: + print(f"Failed to unlink ZeroTier socket: {e}") + + sys.exit(0) + +def start_zerotier(): + print("Starting ZeroTier...") + + global zerotier_proc + + config_dir = "/opt/zoraxy/config/zerotier/" + zt_path = "/var/lib/zerotier-one" + + os.makedirs(config_dir, exist_ok=True) + + os.symlink(config_dir, zt_path, target_is_directory=True) + + zerotier_proc = popen(["zerotier-one"]) + +def start_zoraxy(): + print("Starting Zoraxy...") + + global zoraxy_proc + + zoraxy_args = [ + "zoraxy", + f"-autorenew={getenv('AUTORENEW', '86400')}", + f"-cfgupgrade={getenv('CFGUPGRADE', 'true')}", + f"-db={getenv('DB', 'auto')}", + f"-docker={getenv('DOCKER', 'true')}", + f"-earlyrenew={getenv('EARLYRENEW', '30')}", + f"-fastgeoip={getenv('FASTGEOIP', 'false')}", + f"-mdns={getenv('MDNS', 'true')}", + f"-mdnsname={getenv('MDNSNAME', "''")}", + f"-noauth={getenv('NOAUTH', 'false')}", + f"-plugin={getenv('PLUGIN', '/opt/zoraxy/plugin/')}", + f"-port=:{getenv('PORT', '8000')}", + f"-sshlb={getenv('SSHLB', 'false')}", + f"-update_geoip={getenv('UPDATE_GEOIP', 'false')}", + f"-version={getenv('VERSION', 'false')}", + f"-webfm={getenv('WEBFM', 'true')}", + f"-webroot={getenv('WEBROOT', './www')}", + ] + + zoraxy_proc = popen(zoraxy_args) + +def main(): + signal.signal(signal.SIGTERM, cleanup) + signal.signal(signal.SIGINT, cleanup) + + print("Updating CA certificates...") + run(["update-ca-certificates"]) + + print("Updating GeoIP data...") + run(["zoraxy", "-update_geoip=true"]) + + os.chdir("/opt/zoraxy/config/") + + if getenv("ZEROTIER", "false") == "true": + start_zerotier() + + start_zoraxy() + + signal.pause() + +if __name__ == "__main__": + main() + diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh deleted file mode 100644 index cf36899..0000000 --- a/docker/entrypoint.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/usr/bin/env bash - -cleanup() { - echo "Stop signal received. Shutting down..." - kill -TERM "$(pidof zoraxy)" &> /dev/null && echo "Zoraxy stopped." - kill -TERM "$(pidof zerotier-one)" &> /dev/null && echo "ZeroTier-One stopped." - unlink /var/lib/zerotier-one/zerotier/ - exit 0 -} - -trap cleanup SIGTERM SIGINT TERM INT - -update-ca-certificates && echo "CA certificates updated." -zoraxy -update_geoip=true && echo "GeoIP data updated ." - - -if [ "$ZEROTIER" = "true" ]; then - if [ ! -d "/opt/zoraxy/config/zerotier/" ]; then - mkdir -p /opt/zoraxy/config/zerotier/ - fi - ln -s /opt/zoraxy/config/zerotier/ /var/lib/zerotier-one - zerotier-one -d & - zerotierpid=$! - echo "ZeroTier daemon started." -fi - -echo "Starting Zoraxy..." -zoraxy \ - -autorenew="$AUTORENEW" \ - -cfgupgrade="$CFGUPGRADE" \ - -db="$DB" \ - -docker="$DOCKER" \ - -earlyrenew="$EARLYRENEW" \ - -fastgeoip="$FASTGEOIP" \ - -mdns="$MDNS" \ - -mdnsname="$MDNSNAME" \ - -noauth="$NOAUTH" \ - -plugin="$PLUGIN" \ - -port=:"$PORT" \ - -sshlb="$SSHLB" \ - -update_geoip="$UPDATE_GEOIP" \ - -version="$VERSION" \ - -webfm="$WEBFM" \ - -webroot="$WEBROOT" \ - & - -zoraxypid=$! -wait "$zoraxypid" -wait "$zerotierpid" -