diff --git a/.gitignore b/.gitignore index e6fce2a..16e763a 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ /src/node_modules .DS_Store *.swp +.idea \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index c9238f3..60c4eb4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,7 +13,7 @@ RUN npm ci --omit=dev &&\ # Copy build result to a new image. # This saves a lot of disk space. -FROM docker.io/library/node:20-alpine +FROM amneziavpn/amnezia-wg:latest HEALTHCHECK CMD /usr/bin/timeout 5s /bin/sh -c "/usr/bin/wg show | /bin/grep -q interface || exit 1" --interval=1m --timeout=5s --retries=3 COPY --from=build_node_modules /app /app @@ -35,8 +35,8 @@ RUN apk add --no-cache \ dpkg \ dumb-init \ iptables \ - iptables-legacy \ - wireguard-tools + nodejs \ + npm # Use iptables-legacy RUN update-alternatives --install /sbin/iptables iptables /sbin/iptables-legacy 10 --slave /sbin/iptables-restore iptables-restore /sbin/iptables-legacy-restore --slave /sbin/iptables-save iptables-save /sbin/iptables-legacy-save diff --git a/docker-compose.yml b/docker-compose.yml index 7a6a4f4..5a886b0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,10 +6,11 @@ services: environment: # Change Language: # (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi) - - LANG=de + - LANG=ru # ⚠️ Required: # Change this to your host's public address - - WG_HOST=raspberrypi.local + - WG_HOST=192.168.3.142 + - UI_CHART_TYPE=2 # Optional: # - PASSWORD=foobar123 (deprecated, see readme) @@ -44,3 +45,5 @@ services: sysctls: - net.ipv4.ip_forward=1 - net.ipv4.conf.all.src_valid_mark=1 + devices: + - /dev/net/tun:/dev/net/tun \ No newline at end of file diff --git a/src/config.js b/src/config.js index 9785053..cf4e8cd 100644 --- a/src/config.js +++ b/src/config.js @@ -37,3 +37,17 @@ iptables -D FORWARD -o wg0 -j ACCEPT; module.exports.LANG = process.env.LANG || 'en'; module.exports.UI_TRAFFIC_STATS = process.env.UI_TRAFFIC_STATS || 'false'; module.exports.UI_CHART_TYPE = process.env.UI_CHART_TYPE || 0; + +const getRandomInt = (min, max) => min + Math.floor(Math.random() * (max - min)); +const getRandomJunkSize = () => getRandomInt(15, 150); +const getRandomHeader = () => getRandomInt(1, 2_147_483_647); + +module.exports.JC = process.env.JC || getRandomInt(3, 10); +module.exports.JMIN = process.env.JMIN || 50; +module.exports.JMAX = process.env.JMAX || 1000; +module.exports.S1 = process.env.S1 || getRandomJunkSize(); +module.exports.S2 = process.env.S2 || getRandomJunkSize(); +module.exports.H1 = process.env.H1 || getRandomHeader(); +module.exports.H2 = process.env.H2 || getRandomHeader(); +module.exports.H3 = process.env.H3 || getRandomHeader(); +module.exports.H4 = process.env.H4 || getRandomHeader(); diff --git a/src/lib/WireGuard.js b/src/lib/WireGuard.js index adf6ca9..518330e 100644 --- a/src/lib/WireGuard.js +++ b/src/lib/WireGuard.js @@ -23,6 +23,15 @@ const { WG_POST_UP, WG_PRE_DOWN, WG_POST_DOWN, + JC, + JMIN, + JMAX, + S1, + S2, + H1, + H2, + H3, + H4, } = require('../config'); module.exports = class WireGuard { @@ -51,6 +60,15 @@ module.exports = class WireGuard { privateKey, publicKey, address, + jc: JC, + jmin: JMIN, + jmax: JMAX, + s1: S1, + s2: S2, + h1: H1, + h2: H2, + h3: H3, + h4: H4, }, clients: {}, }; @@ -106,6 +124,24 @@ PreUp = ${WG_PRE_UP} PostUp = ${WG_POST_UP} PreDown = ${WG_PRE_DOWN} PostDown = ${WG_POST_DOWN} +Jc = ${config.server.jc} +Jmin = ${config.server.jmin} +Jmax = ${config.server.jmax} +S1 = ${config.server.s1} +S2 = ${config.server.s2} +H1 = ${config.server.h1} +H2 = ${config.server.h2} +H3 = ${config.server.h3} +H4 = ${config.server.h4} +Jc = ${config.server.jc} +Jmin = ${config.server.jmin} +Jmax = ${config.server.jmax} +S1 = ${config.server.s1} +S2 = ${config.server.s2} +H1 = ${config.server.h1} +H2 = ${config.server.h2} +H3 = ${config.server.h3} +H4 = ${config.server.h4} `; for (const [clientId, client] of Object.entries(config.clients)) { @@ -208,6 +244,15 @@ PrivateKey = ${client.privateKey ? `${client.privateKey}` : 'REPLACE_ME'} Address = ${client.address}/24 ${WG_DEFAULT_DNS ? `DNS = ${WG_DEFAULT_DNS}\n` : ''}\ ${WG_MTU ? `MTU = ${WG_MTU}\n` : ''}\ +Jc = ${config.server.jc} +Jmin = ${config.server.jmin} +Jmax = ${config.server.jmax} +S1 = ${config.server.s1} +S2 = ${config.server.s2} +H1 = ${config.server.h1} +H2 = ${config.server.h2} +H3 = ${config.server.h3} +H4 = ${config.server.h4} [Peer] PublicKey = ${config.server.publicKey}