docker部署sing-box
kimlopez3 min read
1.创建docker-compose.yaml文件
services:
sing-box:
image: ghcr.io/sagernet/sing-box:latest
container_name: sing-box
restart: always
network_mode: "host"
volumes:
- ./config:/etc/sing-box
command: run -c /etc/sing-box/config.json
- 创建config目录,写入config.json文件
{
"dns": {
"servers": [
{
"tag": "cloudflare-doh",
"address": "https://1.1.1.1/dns-query"
},
{
"tag": "google-dot",
"address": "tls://8.8.8.8"
},
{
"tag": "local",
"address": "119.29.29.29"
}
],
"strategy": "prefer_ipv4",
"rules": [
{
"domain": [
"geosite:cn"
],
"server": "local"
},
{
"domain": [
"geosite:geolocation-!cn"
],
"server": "cloudflare-doh"
},
{
"query_type": [
"A",
"AAAA"
],
"server": "google-dot"
}
]
},
"inbounds": [
{
"type": "vless",
"tag": "vless-in",
"listen": "::",
"listen_port": 443,
"users": [
{
"uuid": "b9xx1",
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"server_name": "www.xxx.com",
"reality": {
"enabled": true,
"handshake": {
"server": "www.xxx.com",
"server_port": 443
},
"private_key": "MWM",
"short_id": [
"facb2xx1"
]
}
}
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct"
}
],
"route": {
"rules": [
{
"geoip": "private",
"outbound": "direct"
},
{
"source_geoip": "private",
"outbound": "direct"
}
],
"final": "direct"
}
}
3.客户端配置
- name: "LAX-XTLS"
type: vless
server: ip
port: port
uuid: 你的uuid
network: tcp
tls: true
udp: true
flow: xtls-rprx-vision
servername: www.xxxx.com # REALITY servername rdrr.io
reality-opts:
public-key: 你的公钥
short-id: 你的short-id # optional
client-fingerprint: chrome # cannot be empty
4.用到的工具生成命令
docker run --rm ghcr.io/sagernet/sing-box:latest generate reality-keypair
docker run --rm ghcr.io/sagernet/sing-box:latest generate rand --hex 8
5.sing-box中转机配置落地(sing-box version 1.11.15)
#检测版本命令
docker exec -it sing-box sing-box version
{
"dns": {
"servers": [
{
"tag": "cloudflare-doh",
"address": "https://1.1.1.1/dns-query"
},
{
"tag": "google-dot",
"address": "tls://8.8.8.8"
},
{
"tag": "local",
"address": "119.29.29.29"
}
],
"strategy": "prefer_ipv4",
"rules": [
{
"domain": [
"geosite:cn"
],
"server": "local"
},
{
"domain": [
"geosite:geolocation-!cn"
],
"server": "cloudflare-doh"
},
{
"query_type": [
"A",
"AAAA"
],
"server": "google-dot"
}
]
},
"inbounds": [
{
"type": "vless",
"tag": "vless-in",
"listen": "::",
"listen_port": 56551,
"users": [
{
"uuid": "中转服务uuid",
"flow": "xtls-rprx-vision"
}
],
"tls": {
"enabled": true,
"server_name": "www.xxxx.com",
"reality": {
"enabled": true,
"handshake": {
"server": "www.xxxx.com",
"server_port": 443
},
"private_key": "中转服务私钥",
"short_id": [
"中转服务short_id"
]
}
}
}
],
"outbounds": [
{
"type": "selector",
"tag": "proxy",
"outbounds": [
"auto-fallback",
"direct"
],
"default": "auto-fallback"
},
{
"type": "urltest",
"tag": "auto-fallback",
"outbounds": [
"landing-node",
"transit-direct"
],
"url": "https://www.google.com/generate_204",
"interval": "30s",
"tolerance": 50,
"interrupt_exist_connections": false
},
{
"type": "vless",
"tag": "landing-node",
"server": "落地服务IP",
"server_port": 8443,
"uuid": "落地服务uuid",
"flow": "xtls-rprx-vision",
"tls": {
"enabled": true,
"server_name": "xxxx.io",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "落地服务公钥",
"short_id": "落地服务short_id"
}
}
},
{
"type": "direct",
"tag": "transit-direct"
},
{
"type": "direct",
"tag": "direct"
},
{
"type": "block",
"tag": "block"
}
],
"route": {
"rule_set": [
{
"tag": "geoip-cn",
"type": "remote",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geoip/rule-set/geoip-cn.srs",
"download_detour": "direct"
},
{
"tag": "geosite-cn",
"type": "remote",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-cn.srs",
"download_detour": "direct"
}
],
"rules": [
{
"protocol": "dns",
"outbound": "dns-out"
},
{
"domain_suffix": [
".cn"
],
"outbound": "direct"
},
{
"rule_set": "geosite-cn",
"outbound": "direct"
},
{
"rule_set": "geoip-cn",
"outbound": "direct"
},
{
"ip_cidr": [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16",
"127.0.0.0/8"
],
"outbound": "direct"
}
],
"final": "proxy",
"auto_detect_interface": true
}
}
0
Subscribe to my newsletter
Read articles from kimlopez directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by