From 943238b7d2754df57975a52bfe5b417e126820a4 Mon Sep 17 00:00:00 2001 From: Andrei Aleksandrovich Ovcharenko Date: Thu, 9 Apr 2026 09:51:10 +0300 Subject: [PATCH 1/4] Add V2Ray server templates and remove real secrets from configs --- README.md | 41 +++++++++++++++++++++++++- client/proxy.env.example | 11 +++++++ client/proxychains.conf | 9 ++++++ client/v2ray-client.example.json | 43 ++++++++++++++++++++++++++++ docker-compose.yml | 49 ++++++++++++++++++++++++++++++++ proxy/3proxy.cfg | 14 +++++++++ v2ray/server-config.json | 33 +++++++++++++++++++++ wireguard/wg_confs/wg0.conf | 11 +++++++ 8 files changed, 210 insertions(+), 1 deletion(-) create mode 100644 client/proxy.env.example create mode 100644 client/proxychains.conf create mode 100644 client/v2ray-client.example.json create mode 100644 docker-compose.yml create mode 100644 proxy/3proxy.cfg create mode 100644 v2ray/server-config.json create mode 100644 wireguard/wg_confs/wg0.conf diff --git a/README.md b/README.md index 1f15435..0ad5b99 100644 --- a/README.md +++ b/README.md @@ -5,4 +5,43 @@ Профиль https://www.codewars.com/users/krotname -Для запуска в IntelliJ IDEA нажать правой кнопкой на src/main/java и Run 'All Tests' \ No newline at end of file +Для запуска в IntelliJ IDEA нажать правой кнопкой на src/main/java и Run 'All Tests' + +## Amnezia WireGuard proxy in Docker Compose + +Добавлен `docker-compose.yml`, который поднимает: +- WireGuard-клиент с подключением к существующему серверу Amnezia. +- Proxy-сервис (3proxy), работающий через VPN-туннель. +- Опционально `v2ray-server` (профиль `v2ray`). + +Логи отключены для контейнеров через `logging.driver: "none"`. + +### Конфиги сервера +- `wireguard/wg_confs/wg0.conf` — WireGuard-конфигурация клиента (шаблон без реальных ключей). +- `proxy/3proxy.cfg` — прокси с авторизацией (шаблон без реальных логина/пароля). +- `v2ray/server-config.json` — конфиг V2Ray-сервера (VMess + WS). + +### Доступ к прокси +- SOCKS5: `127.0.0.1:1080` +- HTTP: `127.0.0.1:3128` + +Перед запуском обязательно замените шаблонные значения: +- `REPLACE_WITH_*` в `wireguard/wg_confs/wg0.conf` и `v2ray/server-config.json` +- `PROXY_USER`/`PROXY_PASSWORD` в `proxy/3proxy.cfg` + +### Конфиги клиента для подключения к этому серверу +- `client/proxy.env.example` — переменные окружения для `curl`, `wget`, CLI и приложений, которые читают `HTTP_PROXY/HTTPS_PROXY/ALL_PROXY`. +- `client/proxychains.conf` — готовый конфиг для `proxychains` (SOCKS5 + логин/пароль). +- `client/v2ray-client.example.json` — пример клиентского конфига для подключения к `v2ray-server`. + +Перед использованием замените `YOUR_SERVER_IP` на реальный IP/домен сервера. + +### Запуск +```bash +docker compose up -d +``` + +### Запуск с V2Ray сервером +```bash +docker compose --profile v2ray up -d +``` diff --git a/client/proxy.env.example b/client/proxy.env.example new file mode 100644 index 0000000..ccace1e --- /dev/null +++ b/client/proxy.env.example @@ -0,0 +1,11 @@ +# Замените значения на ваши +PROXY_HOST=YOUR_SERVER_IP +PROXY_USER=YOUR_PROXY_USER +PROXY_PASS=YOUR_PROXY_PASSWORD + +# HTTP/HTTPS через 3proxy +HTTP_PROXY=http://${PROXY_USER}:${PROXY_PASS}@${PROXY_HOST}:3128 +HTTPS_PROXY=http://${PROXY_USER}:${PROXY_PASS}@${PROXY_HOST}:3128 + +# SOCKS5 через 3proxy +ALL_PROXY=socks5://${PROXY_USER}:${PROXY_PASS}@${PROXY_HOST}:1080 diff --git a/client/proxychains.conf b/client/proxychains.conf new file mode 100644 index 0000000..f489e9c --- /dev/null +++ b/client/proxychains.conf @@ -0,0 +1,9 @@ +strict_chain +proxy_dns +remote_dns_subnet 224 +tcp_read_time_out 15000 +tcp_connect_time_out 8000 + +[ProxyList] +# type host port user pass +socks5 YOUR_SERVER_IP 1080 YOUR_PROXY_USER YOUR_PROXY_PASSWORD diff --git a/client/v2ray-client.example.json b/client/v2ray-client.example.json new file mode 100644 index 0000000..4b351eb --- /dev/null +++ b/client/v2ray-client.example.json @@ -0,0 +1,43 @@ +{ + "log": { + "access": "none", + "error": "none", + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 10808, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "vmess", + "settings": { + "vnext": [ + { + "address": "YOUR_SERVER_IP", + "port": 10000, + "users": [ + { + "id": "REPLACE_WITH_CLIENT_UUID", + "alterId": 0, + "security": "auto" + } + ] + } + ] + }, + "streamSettings": { + "network": "ws", + "wsSettings": { + "path": "/ray" + } + } + } + ] +} diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..1eb66f0 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,49 @@ +version: "3.9" + +services: + wireguard: + image: lscr.io/linuxserver/wireguard:latest + container_name: amnezia-wireguard-client + cap_add: + - NET_ADMIN + - SYS_MODULE + environment: + - PUID=1000 + - PGID=1000 + - TZ=UTC + volumes: + - ./wireguard:/config + - /lib/modules:/lib/modules:ro + sysctls: + - net.ipv4.conf.all.src_valid_mark=1 + restart: unless-stopped + ports: + - "1080:1080" # SOCKS5 proxy (with auth) + - "3128:3128" # HTTP proxy (with auth) + logging: + driver: "none" + + proxy: + image: ghcr.io/tarampampam/3proxy:latest + container_name: amnezia-proxy + depends_on: + - wireguard + network_mode: "service:wireguard" + restart: unless-stopped + volumes: + - ./proxy/3proxy.cfg:/etc/3proxy/3proxy.cfg:ro + logging: + driver: "none" + + v2ray-server: + image: v2fly/v2fly-core:latest + container_name: v2ray-server + command: ["run", "-c", "/etc/v2ray/config.json"] + restart: unless-stopped + profiles: ["v2ray"] + ports: + - "10000:10000" + volumes: + - ./v2ray/server-config.json:/etc/v2ray/config.json:ro + logging: + driver: "none" diff --git a/proxy/3proxy.cfg b/proxy/3proxy.cfg new file mode 100644 index 0000000..7635834 --- /dev/null +++ b/proxy/3proxy.cfg @@ -0,0 +1,14 @@ +log /dev/null D +nserver 1.1.1.1 +nserver 1.0.0.1 +nscache 65536 +timeouts 1 5 30 60 180 1800 15 60 + +# Замените на реальные значения перед запуском +users PROXY_USER:CL:PROXY_PASSWORD +auth strong +allow PROXY_USER + +socks -p1080 +proxy -p3128 +flush diff --git a/v2ray/server-config.json b/v2ray/server-config.json new file mode 100644 index 0000000..9e621f6 --- /dev/null +++ b/v2ray/server-config.json @@ -0,0 +1,33 @@ +{ + "log": { + "access": "none", + "error": "none", + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 10000, + "protocol": "vmess", + "settings": { + "clients": [ + { + "id": "REPLACE_WITH_CLIENT_UUID", + "alterId": 0 + } + ] + }, + "streamSettings": { + "network": "ws", + "wsSettings": { + "path": "/ray" + } + } + } + ], + "outbounds": [ + { + "protocol": "freedom", + "settings": {} + } + ] +} diff --git a/wireguard/wg_confs/wg0.conf b/wireguard/wg_confs/wg0.conf new file mode 100644 index 0000000..19eb3ae --- /dev/null +++ b/wireguard/wg_confs/wg0.conf @@ -0,0 +1,11 @@ +[Interface] +Address = 10.8.1.20/32 +DNS = 172.29.172.254, 1.0.0.1 +PrivateKey = REPLACE_WITH_PRIVATE_KEY + +[Peer] +PublicKey = REPLACE_WITH_SERVER_PUBLIC_KEY +PresharedKey = REPLACE_WITH_PRESHARED_KEY +AllowedIPs = 0.0.0.0/0, ::/0 +Endpoint = REPLACE_WITH_ENDPOINT_HOST:REPLACE_WITH_ENDPOINT_PORT +PersistentKeepalive = 25 From 56b0acce9ec786a0f4b25c9f1111790705a56121 Mon Sep 17 00:00:00 2001 From: Andrei Aleksandrovich Ovcharenko Date: Thu, 9 Apr 2026 10:16:24 +0300 Subject: [PATCH 2/4] Fix compose networking for V2Ray and validate config syntax --- README.md | 9 +++++---- docker-compose.yml | 6 ++++-- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 0ad5b99..d798d87 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Добавлен `docker-compose.yml`, который поднимает: - WireGuard-клиент с подключением к существующему серверу Amnezia. - Proxy-сервис (3proxy), работающий через VPN-туннель. -- Опционально `v2ray-server` (профиль `v2ray`). +- Опционально `v2ray-server` (профиль `v2ray`) в том же network namespace, что и WireGuard. Логи отключены для контейнеров через `logging.driver: "none"`. @@ -21,9 +21,10 @@ - `proxy/3proxy.cfg` — прокси с авторизацией (шаблон без реальных логина/пароля). - `v2ray/server-config.json` — конфиг V2Ray-сервера (VMess + WS). -### Доступ к прокси -- SOCKS5: `127.0.0.1:1080` -- HTTP: `127.0.0.1:3128` +### Доступ к сервисам +- SOCKS5 (3proxy): `127.0.0.1:1080` +- HTTP (3proxy): `127.0.0.1:3128` +- V2Ray VMess+WS: `127.0.0.1:10000` Перед запуском обязательно замените шаблонные значения: - `REPLACE_WITH_*` в `wireguard/wg_confs/wg0.conf` и `v2ray/server-config.json` diff --git a/docker-compose.yml b/docker-compose.yml index 1eb66f0..2c6a1d5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -20,6 +20,7 @@ services: ports: - "1080:1080" # SOCKS5 proxy (with auth) - "3128:3128" # HTTP proxy (with auth) + - "10000:10000" # V2Ray VMess + WS logging: driver: "none" @@ -39,10 +40,11 @@ services: image: v2fly/v2fly-core:latest container_name: v2ray-server command: ["run", "-c", "/etc/v2ray/config.json"] + depends_on: + - wireguard + network_mode: "service:wireguard" restart: unless-stopped profiles: ["v2ray"] - ports: - - "10000:10000" volumes: - ./v2ray/server-config.json:/etc/v2ray/config.json:ro logging: From 22c492baf42b0317c85fc6ca4bd26bfd5b15079a Mon Sep 17 00:00:00 2001 From: Andrei Aleksandrovich Ovcharenko Date: Thu, 9 Apr 2026 21:52:40 +0300 Subject: [PATCH 3/4] Add local validation script for compose and config templates --- README.md | 8 +++++++ scripts/validate.sh | 52 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100755 scripts/validate.sh diff --git a/README.md b/README.md index d798d87..3486874 100644 --- a/README.md +++ b/README.md @@ -37,6 +37,14 @@ Перед использованием замените `YOUR_SERVER_IP` на реальный IP/домен сервера. + +### Проверка конфигов +```bash +./scripts/validate.sh +``` + +Скрипт проверяет YAML/JSON синтаксис, наличие обязательных файлов и запускает `docker compose config`, если Docker доступен в системе. + ### Запуск ```bash docker compose up -d diff --git a/scripts/validate.sh b/scripts/validate.sh new file mode 100755 index 0000000..c8652f0 --- /dev/null +++ b/scripts/validate.sh @@ -0,0 +1,52 @@ +#!/usr/bin/env bash +set -euo pipefail + +ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +cd "$ROOT_DIR" + +echo "[1/4] Validate docker-compose YAML syntax" +ruby -e 'require "yaml"; YAML.load_file("docker-compose.yml"); puts "docker-compose.yml: OK"' + +echo "[2/4] Validate JSON configs" +python - <<'PY' +import json +from pathlib import Path + +files = [ + 'v2ray/server-config.json', + 'client/v2ray-client.example.json', +] + +for f in files: + json.loads(Path(f).read_text(encoding='utf-8')) + print(f"{f}: OK") +PY + +echo "[3/4] Check required config files exist" +required=( + "docker-compose.yml" + "wireguard/wg_confs/wg0.conf" + "proxy/3proxy.cfg" + "v2ray/server-config.json" + "client/proxy.env.example" + "client/proxychains.conf" + "client/v2ray-client.example.json" +) + +for file in "${required[@]}"; do + if [[ ! -f "$file" ]]; then + echo "Missing file: $file" >&2 + exit 1 + fi + echo "$file: OK" +done + +echo "[4/4] Docker Compose semantic validation (if docker exists)" +if command -v docker >/dev/null 2>&1; then + docker compose config >/dev/null + echo "docker compose config: OK" +else + echo "docker not found: skip docker compose config" +fi + +echo "Validation completed" From 6034a5324c4e0b3b29f2f38774235cffdacbca4e Mon Sep 17 00:00:00 2001 From: Andrei Aleksandrovich Ovcharenko Date: Thu, 9 Apr 2026 22:36:00 +0300 Subject: [PATCH 4/4] Generate V2Ray UUIDs and proxy credentials in configs --- README.md | 18 ++++++++----- client/proxy.env.example | 6 ++--- client/proxychains.conf | 4 +-- client/v2ray-client-2.example.json | 43 ++++++++++++++++++++++++++++++ client/v2ray-client.example.json | 2 +- proxy/3proxy.cfg | 5 ++-- scripts/validate.sh | 2 ++ v2ray/server-config.json | 6 ++++- 8 files changed, 70 insertions(+), 16 deletions(-) create mode 100644 client/v2ray-client-2.example.json diff --git a/README.md b/README.md index 3486874..95f21e9 100644 --- a/README.md +++ b/README.md @@ -17,27 +17,33 @@ Логи отключены для контейнеров через `logging.driver: "none"`. ### Конфиги сервера -- `wireguard/wg_confs/wg0.conf` — WireGuard-конфигурация клиента (шаблон без реальных ключей). -- `proxy/3proxy.cfg` — прокси с авторизацией (шаблон без реальных логина/пароля). +- `wireguard/wg_confs/wg0.conf` — WireGuard-конфигурация клиента. +- `proxy/3proxy.cfg` — прокси с авторизацией. - `v2ray/server-config.json` — конфиг V2Ray-сервера (VMess + WS). +### Сгенерированные доступы +- Proxy user: `proxy_9b93b2` +- Proxy password: `DTvWPDSk6UeD3HGXiji7` +- V2Ray UUID #1: `229545ae-a4b5-4fd6-8146-77c3f3267bce` +- V2Ray UUID #2: `ad1ead97-6a7c-433d-9b53-03d7d881f510` + ### Доступ к сервисам - SOCKS5 (3proxy): `127.0.0.1:1080` - HTTP (3proxy): `127.0.0.1:3128` - V2Ray VMess+WS: `127.0.0.1:10000` Перед запуском обязательно замените шаблонные значения: -- `REPLACE_WITH_*` в `wireguard/wg_confs/wg0.conf` и `v2ray/server-config.json` -- `PROXY_USER`/`PROXY_PASSWORD` в `proxy/3proxy.cfg` +- `REPLACE_WITH_*` в `wireguard/wg_confs/wg0.conf` +- `YOUR_SERVER_IP` в клиентских файлах ### Конфиги клиента для подключения к этому серверу - `client/proxy.env.example` — переменные окружения для `curl`, `wget`, CLI и приложений, которые читают `HTTP_PROXY/HTTPS_PROXY/ALL_PROXY`. - `client/proxychains.conf` — готовый конфиг для `proxychains` (SOCKS5 + логин/пароль). -- `client/v2ray-client.example.json` — пример клиентского конфига для подключения к `v2ray-server`. +- `client/v2ray-client.example.json` — пример клиента для V2Ray UUID #1. +- `client/v2ray-client-2.example.json` — пример клиента для V2Ray UUID #2. Перед использованием замените `YOUR_SERVER_IP` на реальный IP/домен сервера. - ### Проверка конфигов ```bash ./scripts/validate.sh diff --git a/client/proxy.env.example b/client/proxy.env.example index ccace1e..f4a814b 100644 --- a/client/proxy.env.example +++ b/client/proxy.env.example @@ -1,7 +1,7 @@ -# Замените значения на ваши +# Замените PROXY_HOST на IP/домен хоста, где запущен docker-compose PROXY_HOST=YOUR_SERVER_IP -PROXY_USER=YOUR_PROXY_USER -PROXY_PASS=YOUR_PROXY_PASSWORD +PROXY_USER=proxy_9b93b2 +PROXY_PASS=DTvWPDSk6UeD3HGXiji7 # HTTP/HTTPS через 3proxy HTTP_PROXY=http://${PROXY_USER}:${PROXY_PASS}@${PROXY_HOST}:3128 diff --git a/client/proxychains.conf b/client/proxychains.conf index f489e9c..3673da7 100644 --- a/client/proxychains.conf +++ b/client/proxychains.conf @@ -5,5 +5,5 @@ tcp_read_time_out 15000 tcp_connect_time_out 8000 [ProxyList] -# type host port user pass -socks5 YOUR_SERVER_IP 1080 YOUR_PROXY_USER YOUR_PROXY_PASSWORD +# type host port user pass +socks5 YOUR_SERVER_IP 1080 proxy_9b93b2 DTvWPDSk6UeD3HGXiji7 diff --git a/client/v2ray-client-2.example.json b/client/v2ray-client-2.example.json new file mode 100644 index 0000000..4e637e5 --- /dev/null +++ b/client/v2ray-client-2.example.json @@ -0,0 +1,43 @@ +{ + "log": { + "access": "none", + "error": "none", + "loglevel": "warning" + }, + "inbounds": [ + { + "port": 10808, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "vmess", + "settings": { + "vnext": [ + { + "address": "YOUR_SERVER_IP", + "port": 10000, + "users": [ + { + "id": "ad1ead97-6a7c-433d-9b53-03d7d881f510", + "alterId": 0, + "security": "auto" + } + ] + } + ] + }, + "streamSettings": { + "network": "ws", + "wsSettings": { + "path": "/ray" + } + } + } + ] +} diff --git a/client/v2ray-client.example.json b/client/v2ray-client.example.json index 4b351eb..997a9f3 100644 --- a/client/v2ray-client.example.json +++ b/client/v2ray-client.example.json @@ -24,7 +24,7 @@ "port": 10000, "users": [ { - "id": "REPLACE_WITH_CLIENT_UUID", + "id": "229545ae-a4b5-4fd6-8146-77c3f3267bce", "alterId": 0, "security": "auto" } diff --git a/proxy/3proxy.cfg b/proxy/3proxy.cfg index 7635834..bd12132 100644 --- a/proxy/3proxy.cfg +++ b/proxy/3proxy.cfg @@ -4,10 +4,9 @@ nserver 1.0.0.1 nscache 65536 timeouts 1 5 30 60 180 1800 15 60 -# Замените на реальные значения перед запуском -users PROXY_USER:CL:PROXY_PASSWORD +users proxy_9b93b2:CL:DTvWPDSk6UeD3HGXiji7 auth strong -allow PROXY_USER +allow proxy_9b93b2 socks -p1080 proxy -p3128 diff --git a/scripts/validate.sh b/scripts/validate.sh index c8652f0..6df7560 100755 --- a/scripts/validate.sh +++ b/scripts/validate.sh @@ -15,6 +15,7 @@ from pathlib import Path files = [ 'v2ray/server-config.json', 'client/v2ray-client.example.json', + 'client/v2ray-client-2.example.json', ] for f in files: @@ -31,6 +32,7 @@ required=( "client/proxy.env.example" "client/proxychains.conf" "client/v2ray-client.example.json" + "client/v2ray-client-2.example.json" ) for file in "${required[@]}"; do diff --git a/v2ray/server-config.json b/v2ray/server-config.json index 9e621f6..4ae3e24 100644 --- a/v2ray/server-config.json +++ b/v2ray/server-config.json @@ -11,7 +11,11 @@ "settings": { "clients": [ { - "id": "REPLACE_WITH_CLIENT_UUID", + "id": "229545ae-a4b5-4fd6-8146-77c3f3267bce", + "alterId": 0 + }, + { + "id": "ad1ead97-6a7c-433d-9b53-03d7d881f510", "alterId": 0 } ]