From 22f6bbdfd9cfeadd13175b2ce96fccbabe6bb59e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 13:59:46 +0000 Subject: [PATCH 01/15] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E6=96=87=E4=BB=B6?= =?UTF-8?q?=E6=98=A0=E5=B0=84=E5=86=97=E4=BD=99=EF=BC=8C=E9=98=B2=E5=81=B7?= =?UTF-8?q?=E6=B5=81=E9=87=8F=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- RATE_LIMIT_README.md | 154 ++++++++++++++++++++++++++++++++++++ reality/Dockerfile | 4 + reality/entrypoint.sh | 78 ++++++++++++------ xhttp_reality/Dockerfile | 4 + xhttp_reality/entrypoint.sh | 82 ++++++++++++------- 5 files changed, 270 insertions(+), 52 deletions(-) create mode 100644 RATE_LIMIT_README.md mode change 100644 => 100755 reality/entrypoint.sh diff --git a/RATE_LIMIT_README.md b/RATE_LIMIT_README.md new file mode 100644 index 0000000..1a79dd3 --- /dev/null +++ b/RATE_LIMIT_README.md @@ -0,0 +1,154 @@ +# Xray Docker 限速配置说明 + +## 功能介绍 + +新增了限速配置功能,支持对上传和下载流量进行限速控制。同时优化了文件结构,将配置文件和生成的信息文件放入 `/app` 目录下,便于持久化。 + +## 环境变量 + +### 新增环境变量 + +- `ENABLE_RATE_LIMIT`: 是否启用限速功能 + - `true`: 启用限速配置 + - `false` 或未设置: 不启用限速(默认) + +### 限速参数说明 + +当 `ENABLE_RATE_LIMIT=true` 时,系统会自动应用以下限速配置: + +```json +{ + "limitFallbackUpload": { + "afterBytes": 4194304, // 前 4MB 不限速 + "burstBytesPerSec": 94208, // 最大突发:92 KB/s + "bytesPerSec": 20480 // 持续限速:20 KB/s + }, + "limitFallbackDownload": { + "afterBytes": 4194304, // 前 4MB 不限速 + "burstBytesPerSec": 94208, // 最大突发:92 KB/s + "bytesPerSec": 20480 // 持续限速:20 KB/s + } +} +``` + +## 文件持久化 + +### 新的文件结构 + +- `/app/config.json`: 运行时配置文件 +- `/app/config_info.txt`: 连接信息和二维码 + +### Docker 挂载 + +推荐使用以下方式挂载 `/app` 目录以实现配置持久化: + +```bash +docker run -d \ + -v /path/to/local/app:/app \ + -p 443:443 \ + -e ENABLE_RATE_LIMIT=true \ + your-image-name +``` + +## 使用示例 + +### Reality 版本 + +```bash +# 启用限速 +docker run -d \ + --name xray-reality \ + -v ./xray-app:/app \ + -p 443:443 \ + -e UUID=your-uuid \ + -e DEST=www.apple.com:443 \ + -e SERVERNAMES="www.apple.com images.apple.com" \ + -e ENABLE_RATE_LIMIT=true \ + xray-reality:latest + +# 不启用限速(默认) +docker run -d \ + --name xray-reality \ + -v ./xray-app:/app \ + -p 443:443 \ + -e UUID=your-uuid \ + -e DEST=www.apple.com:443 \ + -e SERVERNAMES="www.apple.com images.apple.com" \ + xray-reality:latest +``` + +### XHTTP Reality 版本 + +```bash +# 启用限速 +docker run -d \ + --name xray-xhttp-reality \ + -v ./xray-app:/app \ + -p 443:443 \ + -e UUID=your-uuid \ + -e DEST=www.apple.com:443 \ + -e SERVERNAMES="www.apple.com images.apple.com" \ + -e XHTTP_PATH=/custom-path \ + -e ENABLE_RATE_LIMIT=true \ + xray-xhttp-reality:latest +``` + +## Docker Compose 示例 + +```yaml +version: '3.8' + +services: + xray-reality: + image: xray-reality:latest + container_name: xray-reality + ports: + - "443:443" + volumes: + - ./xray-app:/app + environment: + - UUID=your-uuid-here + - DEST=www.apple.com:443 + - SERVERNAMES=www.apple.com images.apple.com + - ENABLE_RATE_LIMIT=true + restart: unless-stopped + + xray-xhttp-reality: + image: xray-xhttp-reality:latest + container_name: xray-xhttp-reality + ports: + - "444:443" + volumes: + - ./xray-xhttp-app:/app + environment: + - UUID=your-uuid-here + - DEST=www.apple.com:443 + - SERVERNAMES=www.apple.com images.apple.com + - XHTTP_PATH=/custom-path + - ENABLE_RATE_LIMIT=true + restart: unless-stopped +``` + +## 配置信息查看 + +容器启动后,可以通过以下方式查看配置信息: + +```bash +# 查看配置信息 +docker exec xray-reality cat /app/config_info.txt + +# 或者直接查看挂载的本地文件 +cat ./xray-app/config_info.txt +``` + +配置信息中会显示是否启用了限速: +``` +RATE_LIMIT_ENABLED: true # 或 false +``` + +## 注意事项 + +1. 限速配置只有在 `ENABLE_RATE_LIMIT=true` 时才会生效 +2. 配置文件会在首次运行时生成,如需重新生成,请删除 `/app/config_info.txt` 文件 +3. 挂载 `/app` 目录可以保持配置在容器重启后不丢失 +4. 限速参数目前是固定的,如需自定义可以修改 `entrypoint.sh` 脚本 \ No newline at end of file diff --git a/reality/Dockerfile b/reality/Dockerfile index d4bd478..75b68e7 100644 --- a/reality/Dockerfile +++ b/reality/Dockerfile @@ -26,6 +26,7 @@ ENV SHORTIDS="" ENV NETWORK="" ENV INTERNAL_PORT="" ENV HOSTMODE_PORT="" +ENV ENABLE_RATE_LIMIT="" ENV TZ=Asia/Shanghai WORKDIR / @@ -37,10 +38,13 @@ COPY --from=builder /app/xray / RUN apk add --no-cache tzdata ca-certificates jq curl libqrencode-tools && \ mkdir -p /var/log/xray && \ + mkdir -p /app && \ wget -O /geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat && \ wget -O /geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat && \ chmod +x /entrypoint.sh +# 创建一个挂载点,用于持久化配置文件 +VOLUME ["/app"] ENTRYPOINT ["./entrypoint.sh"] EXPOSE 443 diff --git a/reality/entrypoint.sh b/reality/entrypoint.sh old mode 100644 new mode 100755 index 2d1eed3..50b41a1 --- a/reality/entrypoint.sh +++ b/reality/entrypoint.sh @@ -1,5 +1,8 @@ #!/bin/sh -if [ -f /config_info.txt ]; then +# 创建 app 目录用于持久化 +mkdir -p /app + +if [ -f /app/config_info.txt ]; then echo "config.json exist" else IPV6=$(curl -6 -sSL --connect-timeout 3 --retry 2 ip.sb || echo "null") @@ -44,49 +47,74 @@ else NETWORK="tcp" fi + if [ -z "$ENABLE_RATE_LIMIT" ]; then + echo "ENABLE_RATE_LIMIT is not set, default value false" + ENABLE_RATE_LIMIT="false" + fi + + # 复制配置文件到 app 目录 + cp /config.json /app/config.json + # change config - jq ".inbounds[1].settings.clients[0].id=\"$UUID\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json - jq ".inbounds[1].streamSettings.realitySettings.dest=\"$DEST\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json + jq ".inbounds[1].settings.clients[0].id=\"$UUID\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + jq ".inbounds[1].streamSettings.realitySettings.dest=\"$DEST\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json SERVERNAMES_JSON_ARRAY="$(echo "[$(echo $SERVERNAMES | awk '{for(i=1;i<=NF;i++) printf "\"%s\",", $i}' | sed 's/,$//')]")" - jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.inbounds[1].streamSettings.realitySettings.serverNames = $serverNames' /config.json >/config.json_tmp && mv /config.json_tmp /config.json - jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.routing.rules[0].domain = $serverNames' /config.json >/config.json_tmp && mv /config.json_tmp /config.json - - jq ".inbounds[1].streamSettings.realitySettings.privateKey=\"$PRIVATEKEY\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json - jq ".inbounds[1].streamSettings.network=\"$NETWORK\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json + jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.inbounds[1].streamSettings.realitySettings.serverNames = $serverNames' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.routing.rules[0].domain = $serverNames' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + + jq ".inbounds[1].streamSettings.realitySettings.privateKey=\"$PRIVATEKEY\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + jq ".inbounds[1].streamSettings.network=\"$NETWORK\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + + # 添加限速配置 + if [ "$ENABLE_RATE_LIMIT" = "true" ]; then + echo "Enabling rate limit configuration" + jq '.policy.levels."0".limitFallbackUpload = { + "afterBytes": 4194304, + "burstBytesPerSec": 94208, + "bytesPerSec": 20480 + }' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + + jq '.policy.levels."0".limitFallbackDownload = { + "afterBytes": 4194304, + "burstBytesPerSec": 94208, + "bytesPerSec": 20480 + }' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + fi FIRST_SERVERNAME=$(echo $SERVERNAMES | awk '{print $1}') # config info with green color - echo -e "\033[32m" >/config_info.txt - echo "IPV6: $IPV6" >>/config_info.txt - echo "IPV4: $IPV4" >>/config_info.txt - echo "UUID: $UUID" >>/config_info.txt - echo "DEST: $DEST" >>/config_info.txt - echo "PORT: $EXTERNAL_PORT" >>/config_info.txt - echo "SERVERNAMES: $SERVERNAMES (任选其一)" >>/config_info.txt - echo "PRIVATEKEY: $PRIVATEKEY" >>/config_info.txt - echo "PUBLICKEY/PASSWORD: $PUBLICKEY" >>/config_info.txt - echo "NETWORK: $NETWORK" >>/config_info.txt + echo -e "\033[32m" >/app/config_info.txt + echo "IPV6: $IPV6" >>/app/config_info.txt + echo "IPV4: $IPV4" >>/app/config_info.txt + echo "UUID: $UUID" >>/app/config_info.txt + echo "DEST: $DEST" >>/app/config_info.txt + echo "PORT: $EXTERNAL_PORT" >>/app/config_info.txt + echo "SERVERNAMES: $SERVERNAMES (任选其一)" >>/app/config_info.txt + echo "PRIVATEKEY: $PRIVATEKEY" >>/app/config_info.txt + echo "PUBLICKEY/PASSWORD: $PUBLICKEY" >>/app/config_info.txt + echo "NETWORK: $NETWORK" >>/app/config_info.txt + echo "RATE_LIMIT_ENABLED: $ENABLE_RATE_LIMIT" >>/app/config_info.txt if [ "$IPV4" != "null" ]; then SUB_IPV4="vless://$UUID@$IPV4:$EXTERNAL_PORT?encryption=none&security=reality&type=$NETWORK&sni=$FIRST_SERVERNAME&fp=chrome&pbk=$PUBLICKEY&flow=xtls-rprx-vision#${IPV4}-wulabing_docker_vless_reality_vision" - echo "IPV4 订阅连接: $SUB_IPV4" >>/config_info.txt - echo -e "IPV4 订阅二维码:\n$(echo "$SUB_IPV4" | qrencode -o - -t UTF8)" >>/config_info.txt + echo "IPV4 订阅连接: $SUB_IPV4" >>/app/config_info.txt + echo -e "IPV4 订阅二维码:\n$(echo "$SUB_IPV4" | qrencode -o - -t UTF8)" >>/app/config_info.txt fi if [ "$IPV6" != "null" ];then SUB_IPV6="vless://$UUID@$IPV6:$EXTERNAL_PORT?encryption=none&security=reality&type=$NETWORK&sni=$FIRST_SERVERNAME&fp=chrome&pbk=$PUBLICKEY&flow=xtls-rprx-vision#${IPV6}-wulabing_docker_vless_reality_vision" - echo "IPV6 订阅连接: $SUB_IPV6" >>/config_info.txt - echo -e "IPV6 订阅二维码:\n$(echo "$SUB_IPV6" | qrencode -o - -t UTF8)" >>/config_info.txt + echo "IPV6 订阅连接: $SUB_IPV6" >>/app/config_info.txt + echo -e "IPV6 订阅二维码:\n$(echo "$SUB_IPV6" | qrencode -o - -t UTF8)" >>/app/config_info.txt fi - echo -e "\033[0m" >>/config_info.txt + echo -e "\033[0m" >>/app/config_info.txt fi # show config info -cat /config_info.txt +cat /app/config_info.txt # run xray -exec /xray -config /config.json +exec /xray -config /app/config.json diff --git a/xhttp_reality/Dockerfile b/xhttp_reality/Dockerfile index ec39cbe..0f82e55 100644 --- a/xhttp_reality/Dockerfile +++ b/xhttp_reality/Dockerfile @@ -26,6 +26,7 @@ ENV NETWORK="" ENV XHTTP_PATH="" ENV INTERNAL_PORT="" ENV HOSTMODE_PORT="" +ENV ENABLE_RATE_LIMIT="" ENV TZ=Asia/Shanghai WORKDIR / @@ -37,10 +38,13 @@ COPY --from=builder /app/xray / RUN apk add --no-cache tzdata ca-certificates jq curl libqrencode-tools && \ mkdir -p /var/log/xray && \ + mkdir -p /app && \ wget -O /geosite.dat https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat && \ wget -O /geoip.dat https://github.com/v2fly/geoip/releases/latest/download/geoip.dat && \ chmod +x /entrypoint.sh +# 创建一个挂载点,用于持久化配置文件 +VOLUME ["/app"] ENTRYPOINT ["./entrypoint.sh"] EXPOSE 443 diff --git a/xhttp_reality/entrypoint.sh b/xhttp_reality/entrypoint.sh index 4957cdb..23df609 100644 --- a/xhttp_reality/entrypoint.sh +++ b/xhttp_reality/entrypoint.sh @@ -1,5 +1,8 @@ #!/bin/sh -if [ -f /config_info.txt ]; then +# 创建 app 目录用于持久化 +mkdir -p /app + +if [ -f /app/config_info.txt ]; then echo "config.json exist" else IPV6=$(curl -6 -sSL --connect-timeout 3 --retry 2 ip.sb || echo "null") @@ -51,52 +54,77 @@ else NETWORK="xhttp" fi + if [ -z "$ENABLE_RATE_LIMIT" ]; then + echo "ENABLE_RATE_LIMIT is not set, default value false" + ENABLE_RATE_LIMIT="false" + fi + + # 复制配置文件到 app 目录 + cp /config.json /app/config.json + # change config - jq ".inbounds[1].settings.clients[0].id=\"$UUID\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json - jq ".inbounds[1].streamSettings.realitySettings.dest=\"$DEST\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json - jq ".inbounds[1].streamSettings.xhttpSettings.path=\"$XHTTP_PATH\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json + jq ".inbounds[1].settings.clients[0].id=\"$UUID\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + jq ".inbounds[1].streamSettings.realitySettings.dest=\"$DEST\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + jq ".inbounds[1].streamSettings.xhttpSettings.path=\"$XHTTP_PATH\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json SERVERNAMES_JSON_ARRAY="$(echo "[$(echo $SERVERNAMES | awk '{for(i=1;i<=NF;i++) printf "\"%s\",", $i}' | sed 's/,$//')]")" - jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.inbounds[1].streamSettings.realitySettings.serverNames = $serverNames' /config.json >/config.json_tmp && mv /config.json_tmp /config.json - # jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.routing.rules[0].domain = $serverNames' /config.json >/config.json_tmp && mv /config.json_tmp /config.json - - jq ".inbounds[1].streamSettings.realitySettings.privateKey=\"$PRIVATEKEY\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json - jq ".inbounds[1].streamSettings.network=\"$NETWORK\"" /config.json >/config.json_tmp && mv /config.json_tmp /config.json + jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.inbounds[1].streamSettings.realitySettings.serverNames = $serverNames' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + # jq --argjson serverNames "$SERVERNAMES_JSON_ARRAY" '.routing.rules[0].domain = $serverNames' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + + jq ".inbounds[1].streamSettings.realitySettings.privateKey=\"$PRIVATEKEY\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + jq ".inbounds[1].streamSettings.network=\"$NETWORK\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + + # 添加限速配置 + if [ "$ENABLE_RATE_LIMIT" = "true" ]; then + echo "Enabling rate limit configuration" + jq '.policy.levels."0".limitFallbackUpload = { + "afterBytes": 4194304, + "burstBytesPerSec": 94208, + "bytesPerSec": 20480 + }' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + + jq '.policy.levels."0".limitFallbackDownload = { + "afterBytes": 4194304, + "burstBytesPerSec": 94208, + "bytesPerSec": 20480 + }' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json + fi FIRST_SERVERNAME=$(echo $SERVERNAMES | awk '{print $1}') # config info with green color - echo -e "\033[32m" >/config_info.txt - echo "IPV6: $IPV6" >>/config_info.txt - echo "IPV4: $IPV4" >>/config_info.txt - echo "UUID: $UUID" >>/config_info.txt - echo "DEST: $DEST" >>/config_info.txt - echo "PORT: $EXTERNAL_PORT" >>/config_info.txt - echo "SERVERNAMES: $SERVERNAMES (任选其一)" >>/config_info.txt - echo "PRIVATEKEY: $PRIVATEKEY" >>/config_info.txt - echo "PUBLICKEY/PASSWORD: $PUBLICKEY" >>/config_info.txt - echo "NETWORK: $NETWORK" >>/config_info.txt - echo "XHTTP_PATH: $XHTTP_PATH" >>/config_info.txt + echo -e "\033[32m" >/app/config_info.txt + echo "IPV6: $IPV6" >>/app/config_info.txt + echo "IPV4: $IPV4" >>/app/config_info.txt + echo "UUID: $UUID" >>/app/config_info.txt + echo "DEST: $DEST" >>/app/config_info.txt + echo "PORT: $EXTERNAL_PORT" >>/app/config_info.txt + echo "SERVERNAMES: $SERVERNAMES (任选其一)" >>/app/config_info.txt + echo "PRIVATEKEY: $PRIVATEKEY" >>/app/config_info.txt + echo "PUBLICKEY/PASSWORD: $PUBLICKEY" >>/app/config_info.txt + echo "NETWORK: $NETWORK" >>/app/config_info.txt + echo "XHTTP_PATH: $XHTTP_PATH" >>/app/config_info.txt + echo "RATE_LIMIT_ENABLED: $ENABLE_RATE_LIMIT" >>/app/config_info.txt if [ "$IPV4" != "null" ]; then SUB_IPV4="vless://$UUID@$IPV4:$EXTERNAL_PORT?encryption=none&security=reality&type=$NETWORK&sni=$FIRST_SERVERNAME&fp=chrome&pbk=$PUBLICKEY&path=$XHTTP_PATH&mode=auto#${IPV4}-wulabing_docker_xhttp_reality" - echo "IPV4 订阅连接: $SUB_IPV4" >>/config_info.txt - echo -e "IPV4 订阅二维码:\n$(echo "$SUB_IPV4" | qrencode -o - -t UTF8)" >>/config_info.txt + echo "IPV4 订阅连接: $SUB_IPV4" >>/app/config_info.txt + echo -e "IPV4 订阅二维码:\n$(echo "$SUB_IPV4" | qrencode -o - -t UTF8)" >>/app/config_info.txt fi if [ "$IPV6" != "null" ];then SUB_IPV6="vless://$UUID@$IPV6:$EXTERNAL_PORT?encryption=none&security=reality&type=$NETWORK&sni=$FIRST_SERVERNAME&fp=chrome&pbk=$PUBLICKEY&path=$XHTTP_PATH&mode=auto#${IPV6}-wulabing_docker_xhttp_reality" - echo "IPV6 订阅连接: $SUB_IPV6" >>/config_info.txt - echo -e "IPV6 订阅二维码:\n$(echo "$SUB_IPV6" | qrencode -o - -t UTF8)" >>/config_info.txt + echo "IPV6 订阅连接: $SUB_IPV6" >>/app/config_info.txt + echo -e "IPV6 订阅二维码:\n$(echo "$SUB_IPV6" | qrencode -o - -t UTF8)" >>/app/config_info.txt fi - echo -e "\033[0m" >>/config_info.txt + echo -e "\033[0m" >>/app/config_info.txt fi # show config info -cat /config_info.txt +cat /app/config_info.txt # run xray -exec /xray -config /config.json +exec /xray -config /app/config.json From 09a51983042155982140364dda00ee55932b6f11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:04:11 +0800 Subject: [PATCH 02/15] Change image repository from wulabing to kwxos --- .github/workflows/xray_docker_reality.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/xray_docker_reality.yml b/.github/workflows/xray_docker_reality.yml index 03120f6..6f8ac10 100644 --- a/.github/workflows/xray_docker_reality.yml +++ b/.github/workflows/xray_docker_reality.yml @@ -56,6 +56,6 @@ jobs: file: ./reality/Dockerfile platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 tags: | - wulabing/xray_docker_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} - wulabing/xray_docker_reality:latest + kwxos/xray_docker_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} + kwxos/xray_docker_reality:latest push: true From f352be6fe794a6348d48af43c0efd2535888b898 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:10:02 +0800 Subject: [PATCH 03/15] Update xray_docker_reality.yml --- .github/workflows/xray_docker_reality.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/xray_docker_reality.yml b/.github/workflows/xray_docker_reality.yml index 6f8ac10..b0a9e9d 100644 --- a/.github/workflows/xray_docker_reality.yml +++ b/.github/workflows/xray_docker_reality.yml @@ -54,7 +54,7 @@ jobs: with: context: ./reality file: ./reality/Dockerfile - platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 + platforms: linux/amd64 tags: | kwxos/xray_docker_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} kwxos/xray_docker_reality:latest From 3cd01f2913c4e1b23a2a219feac4d8b877092f4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:10:16 +0800 Subject: [PATCH 04/15] Update xray_docker_xhttp_reality.yml --- .github/workflows/xray_docker_xhttp_reality.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/xray_docker_xhttp_reality.yml b/.github/workflows/xray_docker_xhttp_reality.yml index 9370ef6..ee9a84a 100644 --- a/.github/workflows/xray_docker_xhttp_reality.yml +++ b/.github/workflows/xray_docker_xhttp_reality.yml @@ -54,7 +54,7 @@ jobs: with: context: ./xhttp_reality file: ./xhttp_reality/Dockerfile - platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 + platforms: linux/amd64 tags: | wulabing/xray_docker_xhttp_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} wulabing/xray_docker_xhttp_reality:latest From 5c303270286dcf87b6f98059663701dfc0e9da68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:30:20 +0800 Subject: [PATCH 05/15] Update entrypoint.sh --- reality/entrypoint.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/reality/entrypoint.sh b/reality/entrypoint.sh index 50b41a1..ebe0809 100755 --- a/reality/entrypoint.sh +++ b/reality/entrypoint.sh @@ -66,16 +66,16 @@ else jq ".inbounds[1].streamSettings.realitySettings.privateKey=\"$PRIVATEKEY\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json jq ".inbounds[1].streamSettings.network=\"$NETWORK\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json - # 添加限速配置 + # 添加防盗流量限速配置 if [ "$ENABLE_RATE_LIMIT" = "true" ]; then - echo "Enabling rate limit configuration" - jq '.policy.levels."0".limitFallbackUpload = { + echo "Enabling rate limit configuration for reality fallback" + jq '.inbounds[1].streamSettings.realitySettings.limitFallbackUpload = { "afterBytes": 4194304, "burstBytesPerSec": 94208, "bytesPerSec": 20480 }' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json - jq '.policy.levels."0".limitFallbackDownload = { + jq '.inbounds[1].streamSettings.realitySettings.limitFallbackDownload = { "afterBytes": 4194304, "burstBytesPerSec": 94208, "bytesPerSec": 20480 From f961367722dfc5cb4a7e7f271d5f80c22820f863 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:30:52 +0800 Subject: [PATCH 06/15] Update rate limit configuration for reality settings --- xhttp_reality/entrypoint.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/xhttp_reality/entrypoint.sh b/xhttp_reality/entrypoint.sh index 23df609..9da9058 100644 --- a/xhttp_reality/entrypoint.sh +++ b/xhttp_reality/entrypoint.sh @@ -74,16 +74,16 @@ else jq ".inbounds[1].streamSettings.realitySettings.privateKey=\"$PRIVATEKEY\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json jq ".inbounds[1].streamSettings.network=\"$NETWORK\"" /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json - # 添加限速配置 + # 添加防盗流量限速配置 if [ "$ENABLE_RATE_LIMIT" = "true" ]; then - echo "Enabling rate limit configuration" - jq '.policy.levels."0".limitFallbackUpload = { + echo "Enabling rate limit configuration for reality fallback" + jq '.inbounds[1].streamSettings.realitySettings.limitFallbackUpload = { "afterBytes": 4194304, "burstBytesPerSec": 94208, "bytesPerSec": 20480 }' /app/config.json >/app/config.json_tmp && mv /app/config.json_tmp /app/config.json - jq '.policy.levels."0".limitFallbackDownload = { + jq '.inbounds[1].streamSettings.realitySettings.limitFallbackDownload = { "afterBytes": 4194304, "burstBytesPerSec": 94208, "bytesPerSec": 20480 From 93d5784d75460b4e9acab43f97725627e9d505c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:33:24 +0800 Subject: [PATCH 07/15] Update xray_docker_xhttp_reality.yml --- .github/workflows/xray_docker_xhttp_reality.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/xray_docker_xhttp_reality.yml b/.github/workflows/xray_docker_xhttp_reality.yml index ee9a84a..5736795 100644 --- a/.github/workflows/xray_docker_xhttp_reality.yml +++ b/.github/workflows/xray_docker_xhttp_reality.yml @@ -56,6 +56,6 @@ jobs: file: ./xhttp_reality/Dockerfile platforms: linux/amd64 tags: | - wulabing/xray_docker_xhttp_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} - wulabing/xray_docker_xhttp_reality:latest + kwxos/xray_docker_xhttp_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} + kwxos/xray_docker_xhttp_reality:latest push: true From 1c014e56bd03e38ce362dac9ea8f97eb0f4ad6e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:51:49 +0800 Subject: [PATCH 08/15] Update README.MD --- reality/README.MD | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/reality/README.MD b/reality/README.MD index 814852c..a038189 100644 --- a/reality/README.MD +++ b/reality/README.MD @@ -21,6 +21,26 @@ EXTERNAL_PORT=2333 && docker run -d --name xray_reality --restart=always --log-o ``` curl -fsSL get.docker.com -o get-docker.sh && sh get-docker.sh ``` + +``` +version: '3.8' + +services: + xray-reality: + image: xray-reality:latest + container_name: xray-reality + ports: + - "443:443" + volumes: + - ./xray-app:/app + environment: + - UUID=your-uuid-here + - DEST=www.apple.com:443 + - SERVERNAMES=www.apple.com images.apple.com + - ENABLE_RATE_LIMIT=true + restart: unless-stopped +``` + ### 端口映射模式 如果你已经安装 docker,可以直接使用下面的命令,运行后会自动下载镜像并启动容器, EXTERNAL_PORT 为你想要使用的端口,如下所示,你将使用443端口 @@ -91,6 +111,22 @@ docker rm -f xray_reality * SERVERNAMES:服务器名称列表。默认值为 www.apple.com images.apple.com。 * PRIVATEKEY:私钥。若未设置,脚本将自动生成一个新的私钥和对应的公钥。 * NETWORK:网络类型。默认值为 tcp。 +* `ENABLE_RATE_LIMIT=true` 时,系统会自动应用以下限速配置: + +```json +{ + "limitFallbackUpload": { + "afterBytes": 4194304, // 前 4MB 不限速 + "burstBytesPerSec": 94208, // 最大突发:92 KB/s + "bytesPerSec": 20480 // 持续限速:20 KB/s + }, + "limitFallbackDownload": { + "afterBytes": 4194304, // 前 4MB 不限速 + "burstBytesPerSec": 94208, // 最大突发:92 KB/s + "bytesPerSec": 20480 // 持续限速:20 KB/s + } +} +```:网络类型。默认值为 tcp。 ## 常量 * flow:xtls-rprx-vision From df22d1e53bc147625ad80a26e9dfa4a90597e95f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:52:14 +0800 Subject: [PATCH 09/15] Delete RATE_LIMIT_README.md --- RATE_LIMIT_README.md | 154 ------------------------------------------- 1 file changed, 154 deletions(-) delete mode 100644 RATE_LIMIT_README.md diff --git a/RATE_LIMIT_README.md b/RATE_LIMIT_README.md deleted file mode 100644 index 1a79dd3..0000000 --- a/RATE_LIMIT_README.md +++ /dev/null @@ -1,154 +0,0 @@ -# Xray Docker 限速配置说明 - -## 功能介绍 - -新增了限速配置功能,支持对上传和下载流量进行限速控制。同时优化了文件结构,将配置文件和生成的信息文件放入 `/app` 目录下,便于持久化。 - -## 环境变量 - -### 新增环境变量 - -- `ENABLE_RATE_LIMIT`: 是否启用限速功能 - - `true`: 启用限速配置 - - `false` 或未设置: 不启用限速(默认) - -### 限速参数说明 - -当 `ENABLE_RATE_LIMIT=true` 时,系统会自动应用以下限速配置: - -```json -{ - "limitFallbackUpload": { - "afterBytes": 4194304, // 前 4MB 不限速 - "burstBytesPerSec": 94208, // 最大突发:92 KB/s - "bytesPerSec": 20480 // 持续限速:20 KB/s - }, - "limitFallbackDownload": { - "afterBytes": 4194304, // 前 4MB 不限速 - "burstBytesPerSec": 94208, // 最大突发:92 KB/s - "bytesPerSec": 20480 // 持续限速:20 KB/s - } -} -``` - -## 文件持久化 - -### 新的文件结构 - -- `/app/config.json`: 运行时配置文件 -- `/app/config_info.txt`: 连接信息和二维码 - -### Docker 挂载 - -推荐使用以下方式挂载 `/app` 目录以实现配置持久化: - -```bash -docker run -d \ - -v /path/to/local/app:/app \ - -p 443:443 \ - -e ENABLE_RATE_LIMIT=true \ - your-image-name -``` - -## 使用示例 - -### Reality 版本 - -```bash -# 启用限速 -docker run -d \ - --name xray-reality \ - -v ./xray-app:/app \ - -p 443:443 \ - -e UUID=your-uuid \ - -e DEST=www.apple.com:443 \ - -e SERVERNAMES="www.apple.com images.apple.com" \ - -e ENABLE_RATE_LIMIT=true \ - xray-reality:latest - -# 不启用限速(默认) -docker run -d \ - --name xray-reality \ - -v ./xray-app:/app \ - -p 443:443 \ - -e UUID=your-uuid \ - -e DEST=www.apple.com:443 \ - -e SERVERNAMES="www.apple.com images.apple.com" \ - xray-reality:latest -``` - -### XHTTP Reality 版本 - -```bash -# 启用限速 -docker run -d \ - --name xray-xhttp-reality \ - -v ./xray-app:/app \ - -p 443:443 \ - -e UUID=your-uuid \ - -e DEST=www.apple.com:443 \ - -e SERVERNAMES="www.apple.com images.apple.com" \ - -e XHTTP_PATH=/custom-path \ - -e ENABLE_RATE_LIMIT=true \ - xray-xhttp-reality:latest -``` - -## Docker Compose 示例 - -```yaml -version: '3.8' - -services: - xray-reality: - image: xray-reality:latest - container_name: xray-reality - ports: - - "443:443" - volumes: - - ./xray-app:/app - environment: - - UUID=your-uuid-here - - DEST=www.apple.com:443 - - SERVERNAMES=www.apple.com images.apple.com - - ENABLE_RATE_LIMIT=true - restart: unless-stopped - - xray-xhttp-reality: - image: xray-xhttp-reality:latest - container_name: xray-xhttp-reality - ports: - - "444:443" - volumes: - - ./xray-xhttp-app:/app - environment: - - UUID=your-uuid-here - - DEST=www.apple.com:443 - - SERVERNAMES=www.apple.com images.apple.com - - XHTTP_PATH=/custom-path - - ENABLE_RATE_LIMIT=true - restart: unless-stopped -``` - -## 配置信息查看 - -容器启动后,可以通过以下方式查看配置信息: - -```bash -# 查看配置信息 -docker exec xray-reality cat /app/config_info.txt - -# 或者直接查看挂载的本地文件 -cat ./xray-app/config_info.txt -``` - -配置信息中会显示是否启用了限速: -``` -RATE_LIMIT_ENABLED: true # 或 false -``` - -## 注意事项 - -1. 限速配置只有在 `ENABLE_RATE_LIMIT=true` 时才会生效 -2. 配置文件会在首次运行时生成,如需重新生成,请删除 `/app/config_info.txt` 文件 -3. 挂载 `/app` 目录可以保持配置在容器重启后不丢失 -4. 限速参数目前是固定的,如需自定义可以修改 `entrypoint.sh` 脚本 \ No newline at end of file From fcf07a1b0fc5fdea1ad81a7b573e9c41096db497 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:52:43 +0800 Subject: [PATCH 10/15] Update README.MD --- reality/README.MD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/reality/README.MD b/reality/README.MD index a038189..18b9f3a 100644 --- a/reality/README.MD +++ b/reality/README.MD @@ -126,7 +126,7 @@ docker rm -f xray_reality "bytesPerSec": 20480 // 持续限速:20 KB/s } } -```:网络类型。默认值为 tcp。 +``` ## 常量 * flow:xtls-rprx-vision From 5f77444e476257d3ae8d17adb895ab5dd75be5ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:54:20 +0800 Subject: [PATCH 11/15] Update README.MD --- reality/README.MD | 2 ++ 1 file changed, 2 insertions(+) diff --git a/reality/README.MD b/reality/README.MD index 18b9f3a..04891ea 100644 --- a/reality/README.MD +++ b/reality/README.MD @@ -22,6 +22,7 @@ EXTERNAL_PORT=2333 && docker run -d --name xray_reality --restart=always --log-o curl -fsSL get.docker.com -o get-docker.sh && sh get-docker.sh ``` +### docker-compose.yml文件: ``` version: '3.8' @@ -39,6 +40,7 @@ services: - SERVERNAMES=www.apple.com images.apple.com - ENABLE_RATE_LIMIT=true restart: unless-stopped + network_mode: bridge ``` ### 端口映射模式 From 62f2b69b52e45df9501344ecef2cfb6b7479ee3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:59:39 +0800 Subject: [PATCH 12/15] Update xray_docker_reality.yml --- .github/workflows/xray_docker_reality.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/xray_docker_reality.yml b/.github/workflows/xray_docker_reality.yml index b0a9e9d..e62f37f 100644 --- a/.github/workflows/xray_docker_reality.yml +++ b/.github/workflows/xray_docker_reality.yml @@ -56,6 +56,6 @@ jobs: file: ./reality/Dockerfile platforms: linux/amd64 tags: | - kwxos/xray_docker_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} - kwxos/xray_docker_reality:latest + wulabing/xray_docker_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} + wulabing/xray_docker_reality:latest push: true From 471df500f7fca5a4430b337dd231353737da1e56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 22:59:59 +0800 Subject: [PATCH 13/15] Update Docker image repository in workflow --- .github/workflows/xray_docker_xhttp_reality.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/xray_docker_xhttp_reality.yml b/.github/workflows/xray_docker_xhttp_reality.yml index 5736795..ee9a84a 100644 --- a/.github/workflows/xray_docker_xhttp_reality.yml +++ b/.github/workflows/xray_docker_xhttp_reality.yml @@ -56,6 +56,6 @@ jobs: file: ./xhttp_reality/Dockerfile platforms: linux/amd64 tags: | - kwxos/xray_docker_xhttp_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} - kwxos/xray_docker_xhttp_reality:latest + wulabing/xray_docker_xhttp_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} + wulabing/xray_docker_xhttp_reality:latest push: true From 39e9d10b971ee27191e7a9ed194b4664bb172677 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 23:01:06 +0800 Subject: [PATCH 14/15] Update xray_docker_reality.yml --- .github/workflows/xray_docker_reality.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/xray_docker_reality.yml b/.github/workflows/xray_docker_reality.yml index e62f37f..03120f6 100644 --- a/.github/workflows/xray_docker_reality.yml +++ b/.github/workflows/xray_docker_reality.yml @@ -54,7 +54,7 @@ jobs: with: context: ./reality file: ./reality/Dockerfile - platforms: linux/amd64 + platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 tags: | wulabing/xray_docker_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} wulabing/xray_docker_reality:latest From 144ea097991b0b3f7ece38c628cbe9678134678d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=99=E9=9B=A8=C2=B7=E5=AE=89=E5=A9=B5?= <102129419+IonRh@users.noreply.github.com> Date: Tue, 2 Dec 2025 23:01:23 +0800 Subject: [PATCH 15/15] Support multiple platforms in Docker build --- .github/workflows/xray_docker_xhttp_reality.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/xray_docker_xhttp_reality.yml b/.github/workflows/xray_docker_xhttp_reality.yml index ee9a84a..9370ef6 100644 --- a/.github/workflows/xray_docker_xhttp_reality.yml +++ b/.github/workflows/xray_docker_xhttp_reality.yml @@ -54,7 +54,7 @@ jobs: with: context: ./xhttp_reality file: ./xhttp_reality/Dockerfile - platforms: linux/amd64 + platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 tags: | wulabing/xray_docker_xhttp_reality:${{env.VERSION}}-ubuntu-22.04-xray-${{env.XRAY_VERSION}} wulabing/xray_docker_xhttp_reality:latest