Repository containing a multi-platform shadowbox docker image to run in a generic docker-compose.yml file.
Available on Dockerhub: https://hub.docker.com/r/diffusehyperion/outline-vpn
-
Run the compose stack here.
-
Create an access key with
docker exec shadowbox /app/create-key
. -
Copy the given URL into your Outline Client.
There are also other scripts to help manage keys:
/app/list-keys
shows all access keys and their corresponding ID./app/delete-key <id>
deletes the access key with the ID provided./app/show-key <id>
shows the connection URL of the access key with the ID provided.
Although the image does automatically create an access.txt
file which contains the JSON needed to paste into Outline Manager, the manager itself is bugged (at least I think so) and doesn't request any data from the server (such as access keys and transfer metrics).
I also have no clue if watchtower actually works lol
The Outline Server, internal name "Shadowbox," is designed to streamline the setup and sharing of Shadowsocks servers. It includes a user management API and creates Shadowsocks instances when needed. It's managed by the Outline Manager and used as proxy by the Outline Client apps. Shadowbox is also compatible with standard Shadowsocks clients.
-
Run the Installation Script
sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/Jigsaw-Code/outline-apps/master/server_manager/install_scripts/install_server.sh)"
-
Customize (Optional)
Add flags for hostname, port, etc. Example:
sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/Jigsaw-Code/outline-apps/master/server_manager/install_scripts/install_server.sh)" install_server.sh \ --hostname=myserver.com \ --keys-port=443
- Use
sudo --preserve-env
for environment variables. - Use
bash -x
for debugging.
- Use
Prerequisites
Tip
If you use nvm
, switch to the correct Node version with nvm use
.
-
Build and Run:
Shadowbox supports running on linux and macOS hosts.
-
Node.js App
task shadowbox:start
-
Docker Container
task shadowbox:docker:start
[!TIP] Some useful commands when working with Docker images and containers:
-
Debug Image:
docker run --rm -it --entrypoint=sh localhost/outline/shadowbox
-
Debug Running Container:
docker exec -it shadowbox sh
-
Cleanup Dangling Images:
docker rmi $(docker images -f dangling=true -q)
-
-
-
Send a Test Request
curl --insecure https://[::]:8081/TestApiPrefix/server
The Outline Server provides a REST API for access key management. If you know the apiUrl
of your Outline Server (e.g. https://1.2.3.4:1234/3pQ4jf6qSr5WVeMO0XOo4z
), you can directly manage the server's access keys using HTTP requests:
-
Find the Server's
apiUrl
:-
Deployed with the Installation Script: Run
grep "apiUrl" /opt/outline/access.txt | cut -d: -f 2-
-
Deployed with the Outline Manager: Check the "Settings" tab.
-
Local Deployments from Source:
https://[::]:8081/TestApiPrefix
-
-
API Examples:
Replace
$API_URL
with your actualapiUrl
.-
List access keys:
curl --insecure $API_URL/access-keys/
-
Create an access key:
curl --insecure -X POST $API_URL/access-keys
-
Get an access key (e.g. ID 1):
curl --insecure $API_URL/access-keys/1
-
Rename an access key:
curl --insecure -X PUT -F 'name=albion' $API_URL/access-keys/2/name
-
Remove an access key:
curl --insecure -X DELETE $API_URL/access-keys/1
-
Set a data limit for all access keys: (e.g. limit outbound data transfer access keys to 1MB over 30 days)
curl --insecure -X PUT -H "Content-Type: application/json" -d '{"limit": {"bytes": 1000}}' $API_URL/server/access-key-data-limit
-
Remove the access key data limit:
curl --insecure -X DELETE $API_URL/server/access-key-data-limit
-
And more...
-
-
Further Options:
Consult the OpenAPI spec and documentation for more options.
Build and run your image with:
task shadowbox:docker:start
The integration test will not only build and run your image, but also run a number of automated tests.
task shadowbox:integration_test
This does the following:
- Sets up three containers (
client
,shadowbox
,target
) and two networks. - Creates a user on
shadowbox
. - Connects to
target
throughshadowbox
using a Shadowsocksclient
:client <-> shadowbox <-> target
- Testing Changes to the Server Config:
If your change includes new fields in the server config which are needed at server start-up time, then you mey need to remove the pre-existing test config:
-
Delete Existing Config:
rm /tmp/outline/persisted-state/shadowbox_server_config.json
-
Manually Edit: You'll need to edit the JSON string within
src/shadowbox/docker/start.action.sh
.