init

Dockerfile

-FROM debian:bullseye as frp
+FROM openwrt/rootfs:openwrt-21.02
 
-ENV FRP_VERSION=0.37.1
-ADD https://github.com/fatedier/frp/releases/download/v${FRP_VERSION}/frp_${FRP_VERSION}_linux_amd64.tar.gz ./
-RUN tar xf frp_${FRP_VERSION}_linux_amd64.tar.gz
-RUN mv frp_${FRP_VERSION}_linux_amd64 frp
-COPY frpc.ini frp/
+RUN mkdir /var/lock && opkg update && opkg install luci-i18n-frpc-zh-cn
 
-# https://github.com/masipcat/wireguard-go-docker/blob/master/Dockerfile
-FROM golang:1.16-buster as wireguard
-
-ARG wg_go_tag=0.0.20210424
-ARG wg_tools_tag=v1.0.20210424
-
-RUN git clone --depth 1 --branch $wg_go_tag https://git.zx2c4.com/wireguard-go && \
-    cd wireguard-go && \
-    make && \
-    make install
-
-ENV WITH_WGQUICK=yes
-RUN git clone --depth 1 --branch $wg_tools_tag https://git.zx2c4.com/wireguard-tools && \
-    cd wireguard-tools && \
-    cd src && \
-    make && \
-    make install
-
-
-FROM debian:bullseye
-
-RUN apt update && apt install --no-install-recommends -y \
-  supervisor openssh-server python3 iptables iproute2 babeld \
-  && rm -rf /var/lib/apt/lists/*
-
-COPY --from=frp /frp /opt/frp
-RUN mkdir -p /var/run/sshd
-COPY --from=wireguard /usr/bin/wireguard-go /usr/bin/wg* /usr/bin/
-
-COPY supervisord.conf /etc/supervisord.conf
 COPY entrypoint.sh /
 
-EXPOSE 22
 CMD ["/entrypoint.sh"]
\ No newline at end of file

entrypoint.sh

-#!/bin/bash
+#!/bin/sh
 
-sed -i "/^remote_port =/s/= .*/= ${frpc}/" /opt/frp/frpc.ini
-supervisord
+# https://linuxgeeks.github.io/2015/09/20/114131-shell%E5%AE%9E%E7%8E%B0netmask%E6%8E%A9%E7%A0%81%E5%92%8Ccidr%E6%8E%A9%E7%A0%81%E4%BD%8D%E8%BD%AC%E6%8D%A2/
+cdr2mask ()
\ No newline at end of file
+{
+   # Number of args to shift, 255..255, first non-255 byte, zeroes
+   set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+   [ $1 -gt 1 ] && shift $1 || shift
+   echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
+# set container address to openwrt config
+cidr=$(ip -o -f inet addr show dev eth0 | awk '/scope global/ {print $4}')
+
+# TODO: if 没有预先分配过地址，就跳过这一段
+ipaddr=$(echo $cidr | cut -d/ -f1)
+prefixlen=$(echo $cidr | cut -d/ -f2)
+gateway=$(/sbin/ip route | awk '/default/ { print $3 }')
+uci set network.wan.proto=static
+uci set network.wan.ipaddr=$ipaddr
+uci set network.wan.netmask=$(cdr2mask $prefixlen)
+uci set network.wan.gateway=$gateway
+# 跳过到这里
+
+#TODO: if没有配置frp，就跳过这一段
+uci set frpc.common.server_addr=$frp_server_addr
+uci set frpc.common.server_port=$frp_server_port
+uci set frpc.common.token=$frp_token
+uci set frpc.ssh.remote_port=$frp_port
+# 跳过到这里
+
+uci commit
+
+exec /sbin/init

frpc.ini

-[common]
-server_addr = 121.46.232.12
-server_port = 7001
-tcp_mux = true
-protocol = tcp
-token = hst4jy6uwy53qsehtu46
-
-[frpc_ssh_JJzxdidQ]
-privilege_mode = true
-type = tcp
-local_ip = 127.0.0.1
-local_port = 22
-remote_port = 40030
-use_encryption = true
-use_compression = true
\ No newline at end of file

supervisord.conf

-[supervisord]
-nodaemon=true
-
-[unix_http_server]
-file=/tmp/supervisor.sock
-
-[supervisorctl]
-serverurl=unix:///tmp/supervisor.sock
-
-[rpcinterface:supervisor]
-supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
-
-[program:sshd]
-command=/usr/sbin/sshd -D
-
-[program:frpc]
-directory=/opt/frp
-command=/opt/frp/frpc
\ No newline at end of file