diff --git a/apps/headscale-derp/README.md b/apps/headscale-derp/README.md new file mode 100644 index 00000000..b29afd2b --- /dev/null +++ b/apps/headscale-derp/README.md @@ -0,0 +1,28 @@ +# Derper + +[![docker workflow](https://github.com/fredliang44/derper-docker/actions/workflows/docker-image.yml/badge.svg)](https://hub.docker.com/r/fredliang/derper) +[![docker pulls](https://img.shields.io/docker/pulls/fredliang/derper.svg?color=brightgreen)](https://hub.docker.com/r/fredliang/derper) +[![platfrom](https://img.shields.io/badge/platform-amd64%20%7C%20arm64-brightgreen)](https://hub.docker.com/r/fredliang/derper/tags) + +# Setup + +> required: set env `DERP_DOMAIN` to your domain + +```bash +docker run -e DERP_DOMAIN=derper.your-domain.com -p 80:80 -p 443:443 -p 3478:3478/udp fredliang/derper +``` + +| env | required | description | default value | +| ------------------- | -------- | ---------------------------------------------------------------------- | ----------------- | +| DERP_DOMAIN | true | derper server hostname | your-hostname.com | +| DERP_CERT_DIR | false | directory to store LetsEncrypt certs(if addr's port is :443) | /app/certs | +| DERP_CERT_MODE | false | mode for getting a cert. possible options: manual, letsencrypt | letsencrypt | +| DERP_ADDR | false | listening server address | :443 | +| DERP_STUN | false | also run a STUN server | true | +| DERP_STUN_PORT | false | The UDP port on which to serve STUN. | 3478 | +| DERP_HTTP_PORT | false | The port on which to serve HTTP. Set to -1 to disable | 80 | +| DERP_VERIFY_CLIENTS | false | verify clients to this DERP server through a local tailscaled instance | false | + +# Usage + +Fully DERP setup offical documentation: https://tailscale.com/kb/1118/custom-derp-servers/ \ No newline at end of file diff --git a/apps/headscale-derp/data.yml b/apps/headscale-derp/data.yml new file mode 100644 index 00000000..37bab264 --- /dev/null +++ b/apps/headscale-derp/data.yml @@ -0,0 +1,20 @@ +name: Headscale-DERP +tags: + - 工具 +title: Headscale 的中继服务 +type: 工具 +description: Headscale 的中继服务 +additionalProperties: + key: headscale-derp + name: Headscale-DERP + tags: + - Tool + shortDescZh: Headscale 的中继服务 + shortDescEn: Headscale relay service + type: tool + crossVersionUpdate: true + limit: 0 + recommend: 0 + website: https://hub.docker.com/r/fredliang/derper + github: https://github.com/fredliang44/derper-docker + document: https://headscale.net diff --git a/apps/headscale-derp/latest/.env.sample b/apps/headscale-derp/latest/.env.sample new file mode 100644 index 00000000..fd637df8 --- /dev/null +++ b/apps/headscale-derp/latest/.env.sample @@ -0,0 +1,5 @@ +CONTAINER_NAME="headscale-derp" +PANEL_APP_PORT_HTTPS="40184" +PANEL_APP_PORT_STUN="3478" +DATA_PATH="./data" +DERP_DOMAIN="derper.your-domain.com" diff --git a/apps/headscale-derp/latest/data.yml b/apps/headscale-derp/latest/data.yml new file mode 100644 index 00000000..95a31a63 --- /dev/null +++ b/apps/headscale-derp/latest/data.yml @@ -0,0 +1,32 @@ +additionalProperties: + formFields: + - default: 40184 + edit: true + envKey: PANEL_APP_PORT_HTTPS + labelEn: Port + labelZh: 端口 + required: true + rule: paramPort + type: number + - default: 3478 + edit: true + envKey: PANEL_APP_PORT_STUN + labelEn: STUN Service Port + labelZh: STUN 服务端口 + required: true + rule: paramPort + type: number + - default: ./data + edit: true + envKey: DATA_PATH + labelEn: Data folder path (Domain certificate needs to be replaced, certificate file name is the same as the server hostname) + labelZh: 数据文件夹路径 (需要替换域名证书,证书文件名与服务器主机名相同) + required: true + type: text + - default: 'derper.your-domain.com' + edit: true + envKey: DERP_DOMAIN + labelEn: Derper server hostname + labelZh: Derper服务器主机名 + required: true + type: text diff --git a/apps/headscale-derp/latest/data/derper.your-domain.com.crt b/apps/headscale-derp/latest/data/derper.your-domain.com.crt new file mode 100644 index 00000000..1e9988a5 --- /dev/null +++ b/apps/headscale-derp/latest/data/derper.your-domain.com.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIICTzCCAfWgAwIBAgIUVimWHYcwGCEzjo2PIWRX+pk5xk4wCgYIKoZIzj0EAwIw +czELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAcMC0xv +cyBBbmdlbGVzMRgwFgYDVQQKDA9NeSBPcmdhbml6YXRpb24xHzAdBgNVBAMMFmRl +cnBlci55b3VyLWRvbWFpbi5jb20wIBcNMjMxMjEzMTMzMTM1WhgPMjEyMzExMTkx +MzMxMzVaMHMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYD +VQQHDAtMb3MgQW5nZWxlczEYMBYGA1UECgwPTXkgT3JnYW5pemF0aW9uMR8wHQYD +VQQDDBZkZXJwZXIueW91ci1kb21haW4uY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D +AQcDQgAEuQsY4F6ixzijQoNJ5qhRwiXIQVRi8/4+ARi9y2XDqno+mRTe6kcqbWza +o1Qvnb+bDQX3TlI0znR07/TBbnKm3KNlMGMwIQYDVR0RBBowGIIWZGVycGVyLnlv +dXItZG9tYWluLmNvbTAdBgNVHQ4EFgQU42YYF2rWI639HjHPYr4T4XNDs5gwHwYD +VR0jBBgwFoAUM05GUd0314M3wxC0/hXTJDS/RiswCgYIKoZIzj0EAwIDSAAwRQIg +IeK6zsPY9KH9LooAzG5IMjTFfhL66I/LpMxwhD4ZoHkCIQDV4aWOeE/1SH9OJeUQ +J9KKE11IOW5ieMP/UGLq5g7I8A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICPTCCAeOgAwIBAgIUM8dtduktU0oMp6IbjUdN0NYfth4wCgYIKoZIzj0EAwIw +czELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAcMC0xv +cyBBbmdlbGVzMRgwFgYDVQQKDA9NeSBPcmdhbml6YXRpb24xHzAdBgNVBAMMFmRl +cnBlci55b3VyLWRvbWFpbi5jb20wIBcNMjMxMjEzMTMzMTM0WhgPMjEyMzExMTkx +MzMxMzRaMHMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYD +VQQHDAtMb3MgQW5nZWxlczEYMBYGA1UECgwPTXkgT3JnYW5pemF0aW9uMR8wHQYD +VQQDDBZkZXJwZXIueW91ci1kb21haW4uY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D +AQcDQgAEYg7HUFZFXMrnG44AFGKASd5UX5Oo70k09G1+OSkCLcyqQPQyHnlLUnEg +01kpVOxAM7hEl0WaDdiT6PuyJHO1xKNTMFEwHQYDVR0OBBYEFDNORlHdN9eDN8MQ +tP4V0yQ0v0YrMB8GA1UdIwQYMBaAFDNORlHdN9eDN8MQtP4V0yQ0v0YrMA8GA1Ud +EwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAJwSWKP0yDpBe8RAfwwm49Ym +clETnK7i3vnFG/OE3Z6UAiBgT8UBSt5surHTtMQIYfezWBTx2pxYSKJxaUStFyDi +tw== +-----END CERTIFICATE----- diff --git a/apps/headscale-derp/latest/data/derper.your-domain.com.key b/apps/headscale-derp/latest/data/derper.your-domain.com.key new file mode 100644 index 00000000..a2e748a8 --- /dev/null +++ b/apps/headscale-derp/latest/data/derper.your-domain.com.key @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgFMO2b7macGU9gXYD +NNVXS+NaDgVBT7chDLvRckGHNUmhRANCAAS5CxjgXqLHOKNCg0nmqFHCJchBVGLz +/j4BGL3LZcOqej6ZFN7qRyptbNqjVC+dv5sNBfdOUjTOdHTv9MFucqbc +-----END PRIVATE KEY----- diff --git a/apps/headscale-derp/latest/docker-compose.yml b/apps/headscale-derp/latest/docker-compose.yml new file mode 100644 index 00000000..64a051bf --- /dev/null +++ b/apps/headscale-derp/latest/docker-compose.yml @@ -0,0 +1,28 @@ +version: '3' +services: + headscale-derp: + container_name: ${CONTAINER_NAME} + restart: always + networks: + - 1panel-network + ports: + - "${PANEL_APP_PORT_HTTPS}:${PANEL_APP_PORT_HTTPS}" + - "${PANEL_APP_PORT_STUN}:${PANEL_APP_PORT_STUN}/udp" + volumes: + - "${DATA_PATH}:/app/certs" + environment: + - DERP_DOMAIN=${DERP_DOMAIN} + - DERP_CERT_MODE=manual + - DERP_ADDR=:${PANEL_APP_PORT_HTTPS} + - DERP_HTTP_PORT=-1 + - DERP_STUN=true + - DERP_STUN_PORT=${PANEL_APP_PORT_STUN} + - DERP_CERT_DIR=/app/certs + - DERP_VERIFY_CLIENTS=false + image: fredliang/derper:latest + labels: + createdBy: "Apps" + +networks: + 1panel-network: + external: true diff --git a/apps/headscale-derp/logo.png b/apps/headscale-derp/logo.png new file mode 100644 index 00000000..54422190 Binary files /dev/null and b/apps/headscale-derp/logo.png differ