飞牛FnOS:Docker安装搭建图形化 Clash 服务端支持自动更新订阅
前言
总所周知,Clash 是一款开源的跨平台网络代理工具,支持 Windows、macOS、Linux、Android 等系统 。它能帮助你实现自由、快速的互联网体验,例如科学上网、加速国际网络访问等。
最近在折腾飞牛的Docker,想着在Docker中装一个Clash,然后让局域网的设备通过飞牛OS进行流量代理转发到外网,从而提高Github的访问速度。
一、创建docker-compose.yaml文件
在飞牛的任意位置新建一个openClash文件夹
复制以下代码,保存为docker-compose.yaml,并上传到我们刚刚在飞牛创建的openClash文件夹里
services:
clash:
image: dreamacro/clash-premium
container_name: clash-premium
volumes:
- ./config.yaml:/root/.config/clash/config.yaml
- ./ui:/root/.config/clash/ui
ports:
- "7890:7890"
- "9090:9090"
restart: unless-stopped
network_mode: "bridge"
二、安装Yacd UI
默认Docker中的Clash是没有Web UI界面的,需要安装一个Yacd UI界面方便使用节点切换等功能
下载链接:https://github.com/haishanh/yacd/releases
下载后将yacd.tar.xz解压,解压后得到yacd.tar这个文件
需要再次解压得到public这个文件夹
将这个文件夹上传到飞牛中的openClash文件夹里
在飞牛中将public这个文件夹重命名为ui
三、config.yaml 配置
请自行准备订阅节点,节点配置文件获取方式如下:
打开Clash(我这里以Windows版举例),点击左侧栏中的订阅
在右侧找到.yaml的配置文件,鼠标右击》打开所在文件夹
接着会弹出资源管理器并默认选中一个.yaml的文件,我这里默认选中的是1749921972239.yml这个文件,用编辑器打开这个文件,我这里用的是VS Code,用快捷键Ctrl + F搜索external-ui,找到以下代码:
# external-ui: ui改为以下代码并保存:
external-ui: ui然后将这个文件上传到飞牛的openClash文件夹里
在飞牛中将刚刚上传的Clash节点配置文件重命名为config.yaml即可,我这里上传的是1749921972239.yml
以下这是我自己用的配置, 请根据自身情况进行修改
# HTTP 代理端口
#port: 7890
# SOCKS5 代理端口
#socks-port: 7891
# 混合代理端口
mixed-port: 7890
# Linux 和 macOS 的 redir 代理端口 (如需使用此功能,请取消注释)
# redir-port: 7892
# 允许局域网的连接(可用来共享代理)
allow-lan: true
# 规则模式:Global(全局代理)/ Rule(规则) / Script(腳本) / Direct(全局直连)
mode: Rule
# 设置日志输出级别 (默认级别:silent,即不输出任何内容,以避免因日志内容过大而导致程序内存溢出)。
# 5 个级别:silent / info / warning / error / debug。级别越高日志输出量越大,越倾向于调试,若需要请自行开启。
log-level: info
# clash 的 RESTful API
external-controller: '0.0.0.0:9090'
# 您可以将静态网页资源(如 clash-dashboard)放置在一个目录中,clash 将会服务于 `${API}/ui`
# 参数应填写配置目录的相对路径或绝对路径。
external-ui: /ui
# RESTful API 的口令 (可选)
secret: ""
# DNS 设置
dns:
enable: true
ipv6: false
listen: 0.0.0.0:53
enhanced-mode: redir-host
nameserver:
- 8.8.8.8
- 119.29.29.29
- 223.5.5.5
- https://rubyfish.cn/dns-query
fallback:
- https://cloudflare-dns.com/dns-query
- tls://1.0.0.1:853
- https://dns.google/dns-query#
# 代理节点
proxy-providers:
HaoJiaHuo:
type: http
path: ./Server/HaoJiaHuo.yaml # 这里文件名称需要与订阅节点名称一样
url: xxxxx # 订阅地址
interval: 86400
health-check:
enable: true
url: http://www.gstatic.com/generate_204
interval: 300
# 代理组策略
proxy-groups:
# 策略组说明
# 「Proxy」是代理规则策略,它可以指定为某个节点或嵌套一个其他策略组,如:「url-test」(自动测试)、「Fallback」或「load-balance」(负载均衡)的策略组
- { name: "MATCH", type: select, proxies: ["Proxy"]}
- { name: "Apple", type: select, proxies: ["DIRECT"], use: ["HaoJiaHuo"]}
- { name: "Adobe", type: url-test, use: ["HaoJiaHuo"]}
- { name: "Amazon", type: url-test, use: ["HaoJiaHuo"]}
- { name: "China", type: select, proxies: ["DIRECT"]}
- { name: "GitHub", type: url-test, use: ["HaoJiaHuo"]}
- { name: "Google", type: url-test, use: ["HaoJiaHuo"]}
- { name: "Microsoft", type: select, proxies: ["DIRECT"], use: ["HaoJiaHuo"]}
- { name: "Netflix", type: select, use: ["HaoJiaHuo"]}
- { name: "Speedtest", type: select, proxies: ["DIRECT"]}
- { name: "Steam", type: url-test, use: ["HaoJiaHuo"]}
- { name: "Spotify", type: url-test, use: ["HaoJiaHuo"]}
- { name: "Telegram", type: url-test, use: ["HaoJiaHuo"]}
- { name: "Tencent", type: select, proxies: ["DIRECT"]}
- { name: "YouTube", type: url-test, use: ["HaoJiaHuo"]}
- { name: "Proxy", type: url-test, use: ["HaoJiaHuo"]}
- { name: "🎬哔哩哔哩", type: select, proxies: ["DIRECT"], use: ["HaoJiaHuo"]}
rule-providers:
Adobe:
type: http
behavior: classical
path: ./ruleset/Adobe.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Adobe.yaml
interval: 3600
Amazon:
type: http
behavior: classical
path: ./ruleset/Amazon.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Amazon.yaml
interval: 3600
GitHub:
type: http
behavior: classical
path: ./ruleset/GitHub.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/GitHub.yaml
interval: 3600
Microsoft:
type: http
behavior: classical
path: ./ruleset/Microsoft.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Microsoft.yaml
interval: 3600
Netflix:
type: http
behavior: classical
path: ./ruleset/Netflix.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Netflix.yaml
interval: 3600
Spotify:
type: http
behavior: classical
path: ./ruleset/Spotify.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Spotify.yaml
interval: 3600
Speedtest:
type: http
behavior: classical
path: ./ruleset/Speedtest.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Speedtest.yaml
interval: 3600
Steam:
type: http
behavior: classical
path: ./ruleset/Steam.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Steam.yaml
interval: 3600
Tencent:
type: http
behavior: classical
path: ./ruleset/Tencent.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Tencent.yaml
interval: 3600
YouTube:
type: http
behavior: classical
path: ./ruleset/YouTube.yaml
url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/YouTube.yaml
interval: 3600
reject:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt"
path: ./ruleset/reject.yaml
interval: 86400
icloud:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt"
path: ./ruleset/icloud.yaml
interval: 86400
apple:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt"
path: ./ruleset/apple.yaml
interval: 86400
google:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt"
path: ./ruleset/google.yaml
interval: 86400
proxy:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt"
path: ./ruleset/proxy.yaml
interval: 86400
direct:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt"
path: ./ruleset/direct.yaml
interval: 86400
private:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt"
path: ./ruleset/private.yaml
interval: 86400
gfw:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt"
path: ./ruleset/gfw.yaml
interval: 86400
greatfire:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/greatfire.txt"
path: ./ruleset/greatfire.yaml
interval: 86400
tld-not-cn:
type: http
behavior: domain
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt"
path: ./ruleset/tld-not-cn.yaml
interval: 86400
telegramcidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt"
path: ./ruleset/telegramcidr.yaml
interval: 86400
cncidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt"
path: ./ruleset/cncidr.yaml
interval: 86400
lancidr:
type: http
behavior: ipcidr
url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt"
path: ./ruleset/lancidr.yaml
interval: 86400
Whitelist:
type: http
behavior: classical
url: "https://gitee.com/myisafei/script/raw/master/clash/rule/Whitelist.yaml"
path: ./ruleset/Whitelist.yaml
interval: 86400
ME:
type: http
behavior: classical
url: "https://gitee.com/myisafei/script/raw/master/clash/rule/Other.yaml"
path: ./ruleset/Other.yaml
interval: 3600
TW:
type: http
behavior: classical
url: "https://gitee.com/myisafei/script/raw/master/clash/rule/Tw.yaml"
path: ./ruleset/Tw.yaml
interval: 3600
# 分流规则
rules:
# Local Area Network
- DOMAIN-SUFFIX,local,DIRECT
- IP-CIDR,192.168.0.0/16,DIRECT
- IP-CIDR,10.0.0.0/8,DIRECT
- IP-CIDR,172.16.0.0/12,DIRECT
- IP-CIDR,127.0.0.0/8,DIRECT
# 自定义部分
- DOMAIN-SUFFIX,hexieshe.com,MATCH
- DOMAIN-SUFFIX,themoviedb.org,MATCH
- DOMAIN-SUFFIX,mangabz.com,MATCH
- DOMAIN-SUFFIX,manhuagui.com,MATCH
- DOMAIN-SUFFIX,taobao.com,DIRECT
# BT,PT 规则
- DOMAIN-KEYWORD,tracker,DIRECT
- DOMAIN-KEYWORD,announce.php?passkey=,DIRECT
- DOMAIN-KEYWORD,torrent,DIRECT
- DOMAIN-KEYWORD,peer_id=,DIRECT
- DOMAIN-KEYWORD,info_hash,DIRECT
- DOMAIN-KEYWORD,get_peers,DIRECT
- DOMAIN-KEYWORD,find_node,DIRECT
- DOMAIN-KEYWORD,BitTorrent,DIRECT
- DOMAIN-KEYWORD,announce_peer,DIRECT
# 哔哩哔哩
- DOMAIN-SUFFIX,biliapi.com,🎬哔哩哔哩
- DOMAIN-SUFFIX,biliapi.net,🎬哔哩哔哩
- DOMAIN-SUFFIX,bilibili.com,🎬哔哩哔哩
- DOMAIN-SUFFIX,bilibili.tv,🎬哔哩哔哩
- DOMAIN-SUFFIX,bilivideo.com,🎬哔哩哔哩
- DOMAIN-SUFFIX,biligame.com,🎬哔哩哔哩
- DOMAIN-SUFFIX,biligame.net,🎬哔哩哔哩
######### 自己的规则 start ##############
# (直通)
- RULE-SET,Whitelist,China
# (自己平时访问的网址)
- RULE-SET,ME,Proxy
# (自己平时访问的网址)
- RULE-SET,TW,Proxy
######### 自己的规则 end ##############
# (adobe 服务)
- RULE-SET,Adobe,Adobe
# (亚马逊)
- RULE-SET,Amazon,Amazon
# (GitHub)
- RULE-SET,GitHub,GitHub
# (Microsoft)
- RULE-SET,Microsoft,Microsoft
# (奈飞)
- RULE-SET,Netflix,Netflix
# (测速)
- RULE-SET,Speedtest,Speedtest
# (Steam)
- RULE-SET,Steam,Steam
# (Spotify)
- RULE-SET,Spotify,Spotify
# (腾讯)
- RULE-SET,Tencent,Tencent
# (YouTube)
- RULE-SET,YouTube,YouTube
- DOMAIN-SUFFIX,live.cn,China
# (广告域名列表)
- RULE-SET,reject,REJECT
# (Apple 域名列表)
- RULE-SET,apple,Apple
# (iCloud 域名列表)
- RULE-SET,icloud,Apple
# (Google 域名列表)
- RULE-SET,google,Google
# (代理域名列表)
- RULE-SET,proxy,Proxy
# (直连域名列表)
- RULE-SET,direct,China
# (私有网络专用域名列表)
- RULE-SET,private,China
# (GFWList 域名列表)
- RULE-SET,gfw,MATCH
# (GreatFire 域名列表)
- RULE-SET,greatfire,REJECT
# (非中国大陆使用的顶级域名列表)
- RULE-SET,tld-not-cn,MATCH
# (Telegram 使用的 IP 地址列表)
- RULE-SET,telegramcidr,Telegram
# (中国大陆 IPv4 地址列表)
- RULE-SET,cncidr,China
# (局域网 IP 及保留 IP 地址列表)
- RULE-SET,lancidr,China
# GeoIP China
- GEOIP,CN,DIRECT
- MATCH,MATCH四、开始部署
打开飞牛的Docker,点击Compose》新建项目
项目名称随意,我这里填Clash,路径选择我们步骤一中创建的openClash文件夹
这时候会提示文件夹中存在docker-compose配置文件,点击确认即可
继续点击确定,之后就会回到docker compose界面
点击启动按钮,启动Docker容器,启动后会出现报错提示启动失败,这里是一个坑
点击左侧的容器,然后把容器关闭
打开容器设置,找到存储位置,找到config.yaml这个配置文件的路径设置,点击旁边的文件夹图标,重新选择一下config.yaml的路径
选择完路径后,重启容器即可
说明:这个坑可能是个bug,在用docker compose映射config.yaml这个配置文件的存储路径时,被当成文件夹并映射到了config.yaml这个文件夹,导致Clash无法读取到config.yaml这个文件导致报错,所以需要重新选择一下config.yaml配置文件的路径
五、使用教程
使用链接 http://IP地址:9090/ui 即可访问你的Clash Web UI界面
我的后台链接是:http://192.168.1.9:9090/ui
阅读建议
评论
匿名评论
隐私政策
你无需删除空行,直接评论以获取最佳展示效果
