开发板

本文收集了常用 Docker 应用的一键部署命令

1. 代理

1.1 Zerotier 内网穿透神器

需要首先到官网注册账号
docker run --restart always --name zerotier --network host --cap-add NET_ADMIN --device /dev/net/tun \
  -v /var/lib/zerotier-one:/var/lib/zerotier-one -m 64MB -d zerotier/zerotier:1.12.2 <网络ID>

1.2 frp 内网穿透的反向代理

# 客户端
sudo tee /etc/frp/frpc.toml << EOF
serverAddr = "<服务端IP>"
serverPort = 7000
auth.method = "token"
auth.token = "123456"

[[proxies]]
name = "ssh"
type = "tcp"
localIP = "127.0.0.1"
localPort = 22
remotePort = 8022
EOF

docker run --restart always --name frpc --network host -v /etc/frp:/etc/frp \
  -v /etc/localtime:/etc/localtime:ro -m 128MB -d snowdreamtech/frpc:0.52.3

# 服务端
sudo tee /etc/frp/frps.toml << EOF
bindPort = 7000
quicBindPort = 7000
vhostHTTPPort = 8080
vhostHTTPSPort = 8443
auth.method = "token"
auth.token = "123456"
EOF

docker run --restart always --name frps --network kind -v /etc/frp:/etc/frp \
  -p 0.0.0.0:7000:7000 -p 0.0.0.0:7000:7000/udp -m 128MB \
  -v /etc/localtime:/etc/localtime:ro -d snowdreamtech/frps:0.52.3
详细配置参考 https://gofrp.org/docs/

1.3 Traefik 动态配置的云原生反向代理

docker run --restart always --name traefik --network host -v traefik:/data \ 
  -e ALICLOUD_ACCESS_KEY -e ALICLOUD_SECRET_KEY -m 64MB \
  -v /var/run/docker.sock:/var/run/docker.sock -d traefik \ 
  --providers.docker.exposedbydefault=false \
  --accesslog.filepath=/dev/stdout \
  --entrypoints.web.address=:80 \
  --entrypoints.web.http.redirections.entryPoint.to=websecure \
  --entrypoints.websecure.address=:443 \
  --entrypoints.websecure.http.tls.certResolver=leresolver \
  --entrypoints.websecure.http.tls.domains[0].main=domain.com \
  --entrypoints.websecure.http.tls.domains[0].sans=*.domain.com \
  --certificatesresolvers.leresolver.acme.email=admin@domain.com \
  --certificatesresolvers.leresolver.acme.storage=/data/acme.json \
  --certificatesresolvers.leresolver.acme.dnschallenge.provider=alidns
官方文档 https://doc.traefik.io/traefik/https/acme/

2. 证书签发

# 创建守护进程
docker run --restart always --name acme --network host -v /opt/certs:/acme.sh --env-file /opt/acme.env -d neilpang/acme.sh daemon
# 第一次使用创建账户
docker exec -it acme acme.sh --register-account -m admin@domain.com
# 申请泛域名证书
docker exec -it acme acme.sh --issue --dns dns_ali -d domain.com -d *.domain.com

3. 数据存储

3.1 NextCloud 私有网盘

sudo tee /opt/apache/000-default.conf << EOF
<VirtualHost *:80> 
  ServerName domain.com
  Redirect permanent / https://domain.com/
</VirtualHost>

<IfModule mod_ssl.c>
  <VirtualHost _default_:443>
    ServerName domain.com
    DocumentRoot /var/www/html

    SSLEngine on
    SSLCertificateFile    /etc/apache2/sites-available/domain.com.pem
    SSLCertificateKeyFile /etc/apache2/sites-available/domain.com.key

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
      SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
      SSLOptions +StdEnvVars
    </Directory>
  </VirtualHost>
</IfModule>
EOF

docker build -t nextcloud -<<EOF
FROM nextcloud:stable
RUN a2enmod ssl
EOF

docker run --restart always --name nextcloud --network host -h domain.com \
  -e SMTP_HOST=smtpdm.aliyun.com -e SMTP_SECURE=ssl -e SMTP_NAME -e SMTP_PASSWORD \
  -v /opt/apache:/etc/apache2/sites-available -v /media/nextcloud:/var/www/html \
  -m 1024MB -d nextcloud
官方仓库 https://github.com/nextcloud/docker

3.2 FileBrowser 轻量级 HTTP 文件服务器

touch filebrowser.db
docker run --restart always --name filebrowser --network host -v /media:/srv --no-healthcheck \
  -l 'traefik.http.routers.filebrowser.rule=Host(`pan.domain.com`) && ClientIP(`192.168.1.0/16`)' \
  -l 'traefik.http.services.filebrowser.loadbalancer.server.port=8380' -l 'traefik.enable=true' \
  -v $(pwd)/filebrowser.db:/database.db -m 256MB -d filebrowser/filebrowser:v2 -a 127.0.0.1 -p 8380
官方文档 https://filebrowser.org/

3.3 Cloudreve 公私兼备的网盘系统

mkdir -p uploads avatar && touch cloudreve.db

# 基于 Traefik 部署
docker run --restart always --name cloudreve --network kind \
  -v $(pwd)/cloudreve.db:/cloudreve/cloudreve.db \
  -v $(pwd)/uploads:/cloudreve/uploads --tmpfs /data \
  -v $(pwd)/avatar:/cloudreve/avatar \
  -l 'traefik.http.routers.cloudreve.rule=Host(`pan.domain.com`)' \
  -l 'traefik.http.services.cloudreve.loadbalancer.server.port=5212' \
  -l 'traefik.enable=true' -m 128MB -d cloudreve/cloudreve

# 独立部署
sudo tee conf.ini << EOF
[SSL]
Listen = :443
CertPath = /data/fullchain.cer
KeyPath = /data/domain.com.key

[Database]
DBFile = cloudreve.db
EOF
docker run --restart always --name cloudreve --network host \
  -v $(pwd)/conf.ini:/cloudreve/conf.ini \
  -v $(pwd)/cloudreve.db:/cloudreve/cloudreve.db \
  -v $(pwd)/uploads:/cloudreve/uploads \
  -v $(pwd)/avatar:/cloudreve/avatar \
  -v /opt/certs/domain.com:/data -m 128MB -d cloudreve/cloudreve
官方文档 https://docs.cloudreve.org/

3.4 Rclone

docker run --restart always --network host --name rclone -v /media/downloads:/srv \
  -d rclone/rclone serve http /srv --read-only
官方文档 https://rclone.org/docs/

3.5 icloudpd iCloud同步工具

docker run --rm --network host --name icloudpd -e TZ=Asia/Shanghai \
  -v /media/Photos:/data -v icloudpd:/cookies \
  -it icloudpd/icloudpd:1.13.0 icloudpd --size original \
  --directory /data --cookie-directory /cookies \
  --folder-structure {:%Y/%Y-%m-%d} \
  --username testuser@example.com \
  --password pass1234

4. 下载工具

4.1 迅雷

docker run --restart always --name=xunlei --network host -h `hostname` --privileged \
  -e UID=$(id -u) -e GID=$(id -g) -e XL_WEB_ADDRESS=127.0.0.1 --cpus 1.0 -m 1GB \
  -l 'traefik.http.routers.xunlei.rule=Host(`xl.domain.com`) && ClientIP(`192.168.1.0/16`)' \
  -l 'traefik.http.services.xunlei.loadbalancer.server.port=2345' -l 'traefik.enable=true' \
  -v xunlei:/xunlei/data -v /media/downloads:/xunlei/downloads -d cnk3x/xunlei:3.7.1

4.2 Aria2 轻量级下载工具

docker run --restart always --name aria2 --network host -h `hostname` \
  -e RPC_SECRET=dietpi -e PUID=$(id -u) -e PGID=$(id -g) -m 512MB \
  -l 'traefik.http.routers.aria2.rule=Host(`aria2.domain.com`) && ClientIP(`192.168.1.0/16`)' \
  -l 'traefik.http.services.aria2.loadbalancer.server.port=6800' -l 'traefik.enable=true' \
  -v aria2:/config -v /media/downloads:/downloads -d p3terx/aria2-pro
更好用的 Aria2 Docker 容器镜像

4.3 Transmission

docker run --restart always --name transmission --network host -h `hostname` \
  -e PUID=$(id -u) -e PGID=$(id -g) -e TZ=Asia/Shanghai -e WHITELIST=127.0.0.1 -m 512MB \
  -l 'traefik.http.routers.transmission.rule=Host(`dl.domain.com`) && ClientIP(`192.168.1.0/16`)' \
  -l 'traefik.http.services.transmission.loadbalancer.server.port=9091' -l 'traefik.enable=true' \
  -v transmission:/config -v /media/downloads:/downloads -d linuxserver/transmission:4.0.5

4.4 百度云盘

docker run --restart always --name baidunetdisk --network host -v baidunetdisk:/config \
  -l 'traefik.http.routers.baidunetdisk.rule=Host(`baidu.domain.com`) && ClientIP(`192.168.1.0/16`)' \
  -l 'traefik.http.services.baidunetdisk.loadbalancer.server.port=5800' -l 'traefik.enable=true' \
  -v /media/downloads:/config/baidunetdiskdownload -d johngong/baidunetdisk

评论

This is just a placeholder img.