forked from mirrors/amnezia-wg-easy
- Add files via upload
- patched for kmod usage - https://github.com/w0rng/amnezia-wg-easy/compare/master...timopheysky:amnezia-wg-easy:master - build witch docker compose - support Alpine Linux
This commit is contained in:
parent
1391267437
commit
c133e22a12
5 changed files with 53 additions and 9 deletions
41
Dockerfile
41
Dockerfile
|
|
@ -1,6 +1,6 @@
|
|||
# As a workaround we have to build on nodejs 18
|
||||
# nodejs 20 hangs on build with armv6/armv7
|
||||
FROM docker.io/library/node:18-alpine AS build_node_modules
|
||||
FROM docker.io/library/node:20-alpine AS build_node_modules
|
||||
|
||||
# Update npm to latest
|
||||
RUN npm install -g npm@latest
|
||||
|
|
@ -13,7 +13,7 @@ RUN npm ci --omit=dev &&\
|
|||
|
||||
# Copy build result to a new image.
|
||||
# This saves a lot of disk space.
|
||||
FROM amneziavpn/amnezia-wg:latest
|
||||
FROM amneziavpn/amneziawg-go:latest
|
||||
HEALTHCHECK CMD /usr/bin/timeout 5s /bin/sh -c "/usr/bin/wg show | /bin/grep -q interface || exit 1" --interval=1m --timeout=5s --retries=3
|
||||
COPY --from=build_node_modules /app /app
|
||||
|
||||
|
|
@ -38,8 +38,41 @@ RUN apk add --no-cache \
|
|||
nodejs \
|
||||
npm
|
||||
|
||||
# Use iptables-legacy
|
||||
RUN update-alternatives --install /sbin/iptables iptables /sbin/iptables-legacy 10 --slave /sbin/iptables-restore iptables-restore /sbin/iptables-legacy-restore --slave /sbin/iptables-save iptables-save /sbin/iptables-legacy-save
|
||||
#Use iptables-legacy
|
||||
# RUN update-alternatives --install /sbin/iptables iptables /sbin/iptables-legacy 10 --slave /sbin/iptables-restore iptables-restore /sbin/iptables-legacy-restore --slave /sbin/iptables-save iptables-save /sbin/iptables-legacy-save
|
||||
|
||||
# Tune network
|
||||
RUN echo -e " \n\
|
||||
fs.file-max = 51200 \n\
|
||||
\n\
|
||||
net.core.rmem_max = 67108864 \n\
|
||||
net.core.wmem_max = 67108864 \n\
|
||||
net.core.netdev_max_backlog = 250000 \n\
|
||||
net.core.somaxconn = 4096 \n\
|
||||
\n\
|
||||
net.ipv4.tcp_syncookies = 1 \n\
|
||||
net.ipv4.tcp_tw_reuse = 1 \n\
|
||||
net.ipv4.tcp_tw_recycle = 0 \n\
|
||||
net.ipv4.tcp_fin_timeout = 30 \n\
|
||||
net.ipv4.tcp_keepalive_time = 1200 \n\
|
||||
net.ipv4.ip_local_port_range = 10000 65000 \n\
|
||||
net.ipv4.tcp_max_syn_backlog = 8192 \n\
|
||||
net.ipv4.tcp_max_tw_buckets = 5000 \n\
|
||||
net.ipv4.tcp_fastopen = 3 \n\
|
||||
net.ipv4.tcp_mem = 25600 51200 102400 \n\
|
||||
net.ipv4.tcp_rmem = 4096 87380 67108864 \n\
|
||||
net.ipv4.tcp_wmem = 4096 65536 67108864 \n\
|
||||
net.ipv4.tcp_mtu_probing = 1 \n\
|
||||
net.ipv4.tcp_congestion_control = hybla \n\
|
||||
# for low-latency network, use cubic instead \n\
|
||||
# net.ipv4.tcp_congestion_control = cubic \n\
|
||||
" | sed -e 's/^\s\+//g' | tee -a /etc/sysctl.conf && \
|
||||
mkdir -p /etc/security && \
|
||||
echo -e " \n\
|
||||
* soft nofile 51200 \n\
|
||||
* hard nofile 51200 \n\
|
||||
" | sed -e 's/^\s\+//g' | tee -a /etc/security/limits.conf
|
||||
|
||||
|
||||
# Set Environment
|
||||
ENV DEBUG=Server,WireGuard
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue