A container of Openvpn to shadowsocks adapter.

README.md

Build

mkdir build
mv Dockerfile build
mv entrypoint.sh build

sudo docker compose build

Run

Put your OpenVPN config file in config dir and rename it to client.ovpn.

sudo docker compose up -d

docker-compose.yml

version: '3.3'

x-ovpn: &ovpn
  build: ./build
  image: dishuostec/ovpn-ss
  environment:
    - PASSWORD=CHANGE_TO_YOUR_PASSWORD
  cap_add:
    - NET_ADMIN
  devices:
    - /dev/net/tun
  extra_hosts:
    - "private.domain.com:1.2.3.4"
  logging:
    options:
      max-size: '5m'
      max-file: '3'

services:
  ovpn-ss:
    <<: *ovpn
    volumes:
      - ./config:/vpn
    ports:
      - '127.0.0.1:18000:8388/tcp'
      - '127.0.0.1:18000:8388/udp'

Dockerfile

FROM shadowsocks/shadowsocks-libev:latest

USER root
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
ENV DNS_ADDRS=

# ---------- openvpn ----------
ENV OPENVPN_CFG=client.ovpn
RUN set -x \
 && apk add --update --no-cache openvpn

# ENTRYPOINT ["openvpn"]
VOLUME ["/vpn"]

COPY ./entrypoint.sh /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]

entrypoint.sh

#!/bin/sh
set -e

COREVER=$(uname -r | grep -Eo '[0-9].[0-9]+' | sed -n '1,1p')
CMV=$(echo $COREVER | awk -F '.' '{print $1}')
CSV=$(echo $COREVER | awk -F '.' '{print $2}')

if [[ -f "$PASSWORD_FILE" ]]; then
		PASSWORD=$(cat "$PASSWORD_FILE")
fi

if [[ -f "/var/run/secrets/$PASSWORD_SECRET" ]]; then
		PASSWORD=$(cat "/var/run/secrets/$PASSWORD_SECRET")
fi

if [[ ! -z "$DNS_ADDRS" ]]; then
		DNS="-d $DNS_ADDRS"
fi

if [ $(echo "$CMV >= 3" | bc) ]; then
		if [ $(echo "$CSV > 7" | bc) ]; then
		TFO='--fast-open'
		fi
fi 
RT_ARGS="-s $SERVER_ADDR -p $SERVER_PORT -k ${PASSWORD:-$(hostname)} -m $METHOD -a nobody -t $TIMEOUT -u $DNS $TFO $ARGS"

ss-server $RT_ARGS &

openvpn --config /vpn/$OPENVPN_CFG --auth-nocache &

wait -n

exit $?