Skip to content

feat(docker): add containerization setup and build scripts (README updated) #151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
pouya6672 wants to merge 1 commit into from
Closed

feat(docker): add containerization setup and build scripts (README updated) #151

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
117 changes: 117 additions & 0 deletions README.MD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172,6 +172,123 @@ sudo firewall-cmd --reload

---

### Section 1.3: 📦 MasterDnsVPN Docker Image

---

#### Section 1.3.1: ⚠️ Overview

This Docker image runs the MasterDnsVPN server in a containerized environment and supports multi-architecture builds.

It automatically:

* Boots a default configuration if none exists
* Injects your domain on first startup
* Stores persistent data in `/data`

---

#### Section 1.3.2: 🖥 Supported Architectures

* linux/amd64
* linux/arm/v5
* linux/arm/v7
* linux/arm64/v8
* linux/mips64le

---

#### Section 1.3.3: 🚀 Quick Start

Run the container with Docker:

```bash
docker run -d \
--name masterdnsvpn \
--restart unless-stopped \
-e DOMAIN=v.example.com \
-v $(pwd)/data:/data \
-p 53:53/tcp \
-p 53:53/udp \
ghcr.io/masterking32/masterdnsvpn:latest
```

---

#### Section 1.3.4: 🧪 Example with docker-compose

```yaml
services:
masterdnsvpn:
image: ghcr.io/masterking32/masterdnsvpn:latest
restart: unless-stopped
environment:
- DOMAIN=v.example.com
volumes:
- ./data:/data
ports:
- "53:53/tcp"
- "53:53/udp"
```

---

#### Section 1.3.5: ⚙️ Required Environment Variables

| Variable | Description |
| -------- | --------------------------------------- |
| DOMAIN | Your DNS domain (required on first run) |

> ⚠️ If `DOMAIN` is not set on first boot, the container will stop with an error.

---

#### Section 1.3.6: 📁 Persistent Data

Stored in `/data`:

* `server_config.toml`
* `encrypt_key.txt`

You can mount it as volume:

```bash
-v ./data:/data
```

---

#### Section 1.3.7: 🔧 MikroTik / RouterOS Usage

For MikroTik containers:

* Use latest v7 MikroTik RouterOS
* Destination NAT port UDP/TCP 53 to your container
* Full MikroTik container setup: https://help.mikrotik.com/docs/spaces/ROS/pages/84901929/Container

Example:

```bash
/container mounts
add dst=/data list=MasterDnsVPN src=/containers/mounts/MasterDnsVPN

/container envs
add key=DOMAIN list=MasterDnsVPN value=v.example.com

/container add check-certificate=no dns=1.1.1.1 envlists=MasterDnsVPN hostname=MasterDnsVPN interface=MasterDnsVPN layer-dir="" mountlists=MasterDnsVPN name=MasterDnsVPN remote-image=ghcr.io/masterking32/masterdnsvpn:latest root-dir=/containers/data/MasterDnsVPN start-on-boot=yes
```

---

#### Section 1.3.8: 📌 Notes

* DNS port `53` is required (UDP/TCP)
* Do NOT run another DNS service on the same host
* Designed for production use but still lightweight
* No systemd or host modifications required

---

## Section 2: 🚀 Installation and Launch (Client and Server)

You can install and run this project in two ways:
Expand Down
118 changes: 118 additions & 0 deletions README_FA.MD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -169,6 +169,124 @@ sudo firewall-cmd --reload
- اگر پورت `53` توسط سرویس دیگری اشغال شده باشد (مثلاً `systemd-resolved` در برخی توزیع‌ها)، راه‌حل را در بخش «رفع مشکل اشغال بودن پورت ۵۳» ببینید.
- کلید رمزنگاری (`encrypt_key.txt`) پس از نصب نمایش داده می‌شود؛ آن را کپی و امن نگه دارید، زیرا برای اتصال کلاینت لازم است.

---

### بخش ۱.۳: 📦 ایمیج Docker مربوط به MasterDnsVPN

---

#### بخش ۱.۳.۱: ⚠️ نمای کلی

این ایمیج Docker سرور MasterDnsVPN را در یک محیط کانتینری اجرا می‌کند و از ساخت‌های چندمعماری پشتیبانی می‌کند.

این ایمیج به‌صورت خودکار:

* اگر هیچ پیکربندی‌ای وجود نداشته باشد، یک پیکربندی پیش‌فرض راه‌اندازی می‌کند
* در اولین اجرا دامنهٔ شما را تزریق می‌کند
* داده‌های پایدار را در مسیر `/data` ذخیره می‌کند

---

#### بخش ۱.۳.۲: 🖥 معماری‌های پشتیبانی‌شده

* linux/amd64
* linux/arm/v5
* linux/arm/v7
* linux/arm64/v8
* linux/mips64le

---

#### بخش ۱.۳.۳: 🚀 شروع سریع

کانتینر را با Docker اجرا کنید:

```bash
docker run -d \
--name masterdnsvpn \
--restart unless-stopped \
-e DOMAIN=v.example.com \
-v $(pwd)/data:/data \
-p 53:53/tcp \
-p 53:53/udp \
ghcr.io/masterking32/masterdnsvpn:latest
```

---

#### بخش ۱.۳.۴: 🧪 نمونه با docker-compose

```yaml
services:
masterdnsvpn:
image: ghcr.io/masterking32/masterdnsvpn:latest
restart: unless-stopped
environment:
- DOMAIN=v.example.com
volumes:
- ./data:/data
ports:
- "53:53/tcp"
- "53:53/udp"
```

---

#### بخش ۱.۳.۵: ⚙️ متغیرهای محیطی موردنیاز

| متغیر | توضیح |
| ------ | ----------------------------------------- |
| DOMAIN | دامنهٔ DNS شما (در اولین اجرا الزامی است) |

> ⚠️ اگر `DOMAIN` در اولین بوت تنظیم نشده باشد، کانتینر با خطا متوقف می‌شود.

---

#### بخش ۱.۳.۶: 📁 داده‌های پایدار

در مسیر `/data` ذخیره می‌شوند:

* `server_config.toml`
* `encrypt_key.txt`

می‌توانید آن را به‌صورت volume mount کنید:

```bash
-v ./data:/data
```

---

#### بخش ۱.۳.۷: 🔧 استفاده در MikroTik / RouterOS

برای کانتینرهای MikroTik:

* از آخرین نسخهٔ v7 MikroTik RouterOS استفاده کنید
* با Destination NAT پورت UDP/TCP 53 را به کانتینر خود هدایت کنید
* راهنمای کامل راه‌اندازی کانتینر MikroTik: [https://help.mikrotik.com/docs/spaces/ROS/pages/84901929/Container](https://help.mikrotik.com/docs/spaces/ROS/pages/84901929/Container)

نمونه:

```bash
/container mounts
add dst=/data list=MasterDnsVPN src=/containers/mounts/MasterDnsVPN

/container envs
add key=DOMAIN list=MasterDnsVPN value=v.example.com

/container add check-certificate=no dns=1.1.1.1 envlists=MasterDnsVPN hostname=MasterDnsVPN interface=MasterDnsVPN layer-dir="" mountlists=MasterDnsVPN name=MasterDnsVPN remote-image=ghcr.io/masterking32/masterdnsvpn:latest root-dir=/containers/data/MasterDnsVPN start-on-boot=yes
```

---

#### بخش ۱.۳.۸: 📌 نکات

* پورت DNS یعنی `53` لازم است (UDP/TCP)
* هیچ سرویس DNS دیگری را روی همان میزبان اجرا نکنید
* برای استفادهٔ production طراحی شده، اما همچنان سبک است
* نیازی به systemd یا تغییرات در سیستم میزبان ندارد


---

## بخش ۲: 🚀 نصب و راه‌اندازی (کلاینت و سرور)
Expand Down
72 changes: 72 additions & 0 deletions docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
FROM debian:bookworm-slim AS downloader

ARG TARGETARCH
ARG TARGETVARIANT
ARG RELEASE_TAG=latest

RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
curl \
unzip \
&& rm -rf /var/lib/apt/lists/*

WORKDIR /out

RUN set -eux; \
case "${TARGETARCH}" in \
amd64) \
ARTIFACT="MasterDnsVPN_Server_Linux_AMD64.zip"; PREFIX="MasterDnsVPN_Server_Linux_AMD64" ;; \
arm64) \
ARTIFACT="MasterDnsVPN_Server_Linux_ARM64.zip"; PREFIX="MasterDnsVPN_Server_Linux_ARM64" ;; \
arm) \
case "${TARGETVARIANT}" in \
v5) ARTIFACT="MasterDnsVPN_Server_Linux_ARMV5.zip"; PREFIX="MasterDnsVPN_Server_Linux_ARMV5" ;; \
v7|"") ARTIFACT="MasterDnsVPN_Server_Linux_ARMV7.zip"; PREFIX="MasterDnsVPN_Server_Linux_ARMV7" ;; \
*) echo "Unsupported ARM variant: ${TARGETVARIANT}" >&2; exit 1 ;; \
esac ;; \
mips64le) \
ARTIFACT="MasterDnsVPN_Server_Linux_MIPS64LE.zip"; PREFIX="MasterDnsVPN_Server_Linux_MIPS64LE" ;; \
*) \
echo "Unsupported TARGETARCH=${TARGETARCH}" >&2; exit 1 ;; \
esac; \
curl -fsSL --retry 3 --retry-delay 2 \
-o /tmp/masterdnsvpn.zip \
"https://github.com/masterking32/MasterDnsVPN/releases/${RELEASE_TAG}/download/${ARTIFACT}"; \
unzip -q /tmp/masterdnsvpn.zip -d /out; \
rm -f /tmp/masterdnsvpn.zip; \
BIN="$(find /out -maxdepth 1 -type f -name "${PREFIX}_v*" | sort -V | tail -n1)"; \
if [ -z "${BIN}" ]; then echo "Could not find extracted binary for ${PREFIX}" >&2; exit 1; fi; \
mv "${BIN}" /out/masterdnsvpn; \
chmod 0755 /out/masterdnsvpn; \
find /out -maxdepth 1 -type f ! -name masterdnsvpn -delete

FROM debian:bookworm-slim

LABEL org.opencontainers.image.source=https://github.com/masterking32/MasterDnsVPN

ENV DEBIAN_FRONTEND=noninteractive \
APP_DIR=/opt/masterdnsvpn \
DATA_DIR=/data \
CONFIG_FILE=server_config.toml \
KEY_FILE=encrypt_key.txt

RUN apt-get update && apt-get install -y --no-install-recommends \
bash \
ca-certificates \
curl \
tini \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /opt/masterdnsvpn /data

COPY --from=downloader /out/masterdnsvpn /opt/masterdnsvpn/masterdnsvpn
COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh

RUN chmod 0755 /opt/masterdnsvpn/masterdnsvpn /usr/local/bin/docker-entrypoint.sh

WORKDIR /opt/masterdnsvpn

EXPOSE 53/tcp 53/udp
VOLUME ["/data"]

ENTRYPOINT ["/usr/bin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
CMD ["-nowait"]
25 changes: 25 additions & 0 deletions docker/build-single-platform.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
#!/usr/bin/env bash
set -euo pipefail

# ===== Prompt for IMAGE_NAME =====
if [[ -z "${IMAGE_NAME:-}" ]]; then
read -rp "Enter Docker image name (example: something/masterdnsvpn): " IMAGE_NAME
fi

if [[ -z "${IMAGE_NAME}" ]]; then
echo "IMAGE_NAME cannot be empty" >&2
exit 1
fi

# ===== Defaults =====
TAG="${TAG:-latest}"
RELEASE_TAG="${RELEASE_TAG:-latest}"

# ===== Build (local only) =====
docker build \
--build-arg RELEASE_TAG="${RELEASE_TAG}" \
-t "${IMAGE_NAME}:${TAG}" \
-f Dockerfile \
.

echo "Local image built successfully: ${IMAGE_NAME}:${TAG}"
Loading