-
Notifications
You must be signed in to change notification settings - Fork 25
/
Dockerfile
103 lines (83 loc) · 4.35 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# smartdns
FROM pymumu/smartdns:latest AS smartdns-builder
LABEL previous-stage=smartdns-builder
# mosdns
FROM irinesistiana/mosdns:latest AS mosdns-builder
LABEL previous-stage=mosdns-builder
# adguardhome
FROM adguard/adguardhome:latest AS adguardhome-builder
LABEL previous-stage=adguardhome-builder
# 合并smartdns、mosdns、adguardhome
FROM alpine:latest AS nestingdns-builder
LABEL previous-stage=nestingdns-builder
# 安装依赖,配置时区
RUN apk --no-cache add curl
# 创建目录
RUN mkdir -p /nestingdns && \
mkdir -p /nestingdns/bin && \
mkdir -p /nestingdns/etc && \
mkdir -p /nestingdns/work && \
mkdir -p /nestingdns/log
# 拷入默认配置文件
COPY default /nestingdns/default
# 下载 site 文件
RUN mkdir -p /nestingdns/default/site && \
curl -sSL https://github.boki.moe/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/direct-list.txt -o /nestingdns/default/site/direct-list.txt && \
curl -sSL https://github.boki.moe/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/apple-cn.txt -o /nestingdns/default/site/apple-cn.txt && \
curl -sSL https://github.boki.moe/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/google-cn.txt -o /nestingdns/default/site/google-cn.txt && \
curl -sSL https://github.boki.moe/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/proxy-list.txt -o /nestingdns/default/site/proxy-list.txt && \
curl -sSL https://github.boki.moe/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/gfw.txt -o /nestingdns/default/site/gfw.txt && \
curl -sSL https://github.boki.moe/https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/greatfire.txt -o /nestingdns/default/site/greatfire.txt && \
curl -sSL https://github.boki.moe/https://raw.githubusercontent.com/Loyalsoldier/domain-list-custom/release/private.txt -o /nestingdns/default/site/private.txt && \
curl -sSL https://github.boki.moe/https://raw.githubusercontent.com/Hackl0us/GeoIP2-CN/release/CN-ip-cidr.txt -o /nestingdns/default/site/CN-ip-cidr.txt && \
curl -sSL https://www.cloudflare-cn.com/ips-v4/# -o /nestingdns/default/site/cloudflare.txt
# 修正 private.txt 中 msftconnecttest.com、msftncsi.com 域名拦截,导致 windows 系统网络图标,显示网络不可用
RUN sed -i "/domain:msftncsi.com/d" /nestingdns/default/site/private.txt
RUN sed -i "/domain:msftconnecttest.com/d" /nestingdns/default/site/private.txt
# 修正 private.txt 中 captive.apple.com 域名拦截,导致 ios 设备显示网络不可用
RUN sed -i "/domain:captive.apple.com/d" /nestingdns/default/site/private.txt
# 修正 private.txt 中 ping.archlinux.org 域名拦截,导致 arch 系 Linux 设备显示网络受限
RUN sed -i "/domain:ping.archlinux.org/d" /nestingdns/default/site/private.txt
# 拷入可执行文件
COPY --from=smartdns-builder /usr/sbin/smartdns /nestingdns/bin/smartdns
COPY --from=mosdns-builder /usr/bin/mosdns /nestingdns/bin/mosdns
COPY --from=adguardhome-builder /opt/adguardhome/AdGuardHome /nestingdns/bin/adguardhome
# 拷入entrypoint.sh、update.sh
COPY entrypoint.sh /nestingdns/bin/entrypoint.sh
COPY update.sh /nestingdns/bin/update.sh
# 添加执行权限
RUN chmod +x /nestingdns/bin/*
# 生成 nestingdns 镜像
FROM alpine:latest
LABEL maintainer="217heidai"
LABEL name="nestingdns"
ENV TZ="Asia/Shanghai"
ENV SCHEDULE="0 4 * * *"
# 测试用
#RUN apk --no-cache add nano busybox-extras bind-tools
# 安装依赖,配置时区
RUN apk --no-cache add ca-certificates libcap tzdata curl tini && \
rm -rf /var/cache/apk/*
# 拷入文件
COPY --from=nestingdns-builder /nestingdns /nestingdns
RUN setcap 'cap_net_bind_service=+eip' /nestingdns/bin/adguardhome
# smartdns
# 6053 : TCP, UDP : DNS
# 7053 : TCP, UDP : DNS
# 8053 : TCP, UDP : DNS
# mosdns
# 5053 : TCP, UDP : DNS
# adguardhome
# 4053 : TCP, UDP : DNS
# 443 : TCP, UDP : HTTPS, DNS-over-HTTPS (incl. HTTP/3), DNSCrypt (main)
# 853 : TCP, UDP : DNS-over-TLS, DNS-over-QUIC
# 3000 : TCP, UDP : HTTP(S) (alt, incl. HTTP/3)
EXPOSE 6053/tcp 6053/udp \
7053/tcp 7053/udp \
8053/tcp 8053/udp \
5053/tcp 5053/udp \
4053/tcp 4053/udp \
3000/tcp 3000/udp
WORKDIR /nestingdns/
VOLUME ["/nestingdns/etc/", "/nestingdns/work/", "/nestingdns/log/"]
ENTRYPOINT ["/sbin/tini", "--", "/nestingdns/bin/entrypoint.sh"]