前言

总所周知,Clash 是一款开源的跨平台网络代理工具,支持 Windows、macOS、Linux、Android 等系统 。它能帮助你实现自由、快速的互联网体验,例如科学上网、加速国际网络访问等。

最近在折腾飞牛的Docker,想着在Docker中装一个Clash,然后让局域网的设备通过飞牛OS进行流量代理转发到外网,从而提高Github的访问速度。

clash.jpg

一、创建docker-compose.yaml文件

在飞牛的任意位置新建一个openClash文件夹

复制以下代码,保存为docker-compose.yaml,并上传到我们刚刚在飞牛创建的openClash文件夹里

services:
  clash:
    image: dreamacro/clash-premium
    container_name: clash-premium
    volumes:
      - ./config.yaml:/root/.config/clash/config.yaml
      - ./ui:/root/.config/clash/ui
    ports:
      - "7890:7890"
      - "9090:9090"
    restart: unless-stopped
    network_mode: "bridge"


二、安装Yacd UI

默认Docker中的Clash是没有Web UI界面的,需要安装一个Yacd UI界面方便使用节点切换等功能

下载链接:https://github.com/haishanh/yacd/releases

下载后将yacd.tar.xz解压,解压后得到yacd.tar这个文件

需要再次解压得到public这个文件夹

将这个文件夹上传到飞牛中的openClash文件夹里

在飞牛中将public这个文件夹重命名为ui

三、config.yaml 配置

请自行准备订阅节点,节点配置文件获取方式如下:

  1. 打开Clash(我这里以Windows版举例),点击左侧栏中的订阅

  1. 在右侧找到.yaml的配置文件,鼠标右击》打开所在文件夹

接着会弹出资源管理器并默认选中一个.yaml的文件,我这里默认选中的是1749921972239.yml这个文件,用编辑器打开这个文件,我这里用的是VS Code,用快捷键Ctrl + F搜索external-ui,找到以下代码:

# external-ui: ui

改为以下代码并保存:

external-ui: ui

然后将这个文件上传到飞牛的openClash文件夹里

在飞牛中将刚刚上传的Clash节点配置文件重命名为config.yaml即可,我这里上传的是1749921972239.yml


以下这是我自己用的配置, 请根据自身情况进行修改

# HTTP 代理端口
#port: 7890
 
# SOCKS5 代理端口
#socks-port: 7891
 
# 混合代理端口
mixed-port: 7890
 
# Linux 和 macOS 的 redir 代理端口 (如需使用此功能,请取消注释)
# redir-port: 7892
 
# 允许局域网的连接(可用来共享代理)
allow-lan: true
 
# 规则模式:Global(全局代理)/ Rule(规则) / Script(腳本) / Direct(全局直连)
mode: Rule
 
# 设置日志输出级别 (默认级别:silent,即不输出任何内容,以避免因日志内容过大而导致程序内存溢出)。
# 5 个级别:silent / info / warning / error / debug。级别越高日志输出量越大,越倾向于调试,若需要请自行开启。
log-level: info
 
# clash 的 RESTful API
external-controller: '0.0.0.0:9090'
 
 
# 您可以将静态网页资源(如 clash-dashboard)放置在一个目录中,clash 将会服务于 `${API}/ui`
# 参数应填写配置目录的相对路径或绝对路径。
external-ui: /ui
 
# RESTful API 的口令 (可选)
secret: ""
 
# DNS 设置
 
dns:
 enable: true
 ipv6: false
 listen: 0.0.0.0:53
 enhanced-mode: redir-host
 nameserver:
  - 8.8.8.8
  - 119.29.29.29
  - 223.5.5.5
  - https://rubyfish.cn/dns-query
 fallback:
  - https://cloudflare-dns.com/dns-query
  - tls://1.0.0.1:853
  - https://dns.google/dns-query#
 
# 代理节点
proxy-providers:
 
  HaoJiaHuo:
    type: http
    path: ./Server/HaoJiaHuo.yaml # 这里文件名称需要与订阅节点名称一样
    url: xxxxx		# 订阅地址
    interval: 86400
    health-check:
        enable: true
        url: http://www.gstatic.com/generate_204
        interval: 300
 
# 代理组策略
proxy-groups:
 
# 策略组说明
 
# 「Proxy」是代理规则策略,它可以指定为某个节点或嵌套一个其他策略组,如:「url-test」(自动测试)、「Fallback」或「load-balance」(负载均衡)的策略组
 
  - { name: "MATCH", type: select, proxies: ["Proxy"]} 
  - { name: "Apple", type: select, proxies: ["DIRECT"], use: ["HaoJiaHuo"]}
  - { name: "Adobe", type: url-test, use: ["HaoJiaHuo"]}
  - { name: "Amazon", type: url-test, use: ["HaoJiaHuo"]}
  - { name: "China", type: select, proxies: ["DIRECT"]}
  - { name: "GitHub", type: url-test, use: ["HaoJiaHuo"]}
  - { name: "Google", type: url-test, use: ["HaoJiaHuo"]}
  - { name: "Microsoft", type: select, proxies: ["DIRECT"], use: ["HaoJiaHuo"]}
  - { name: "Netflix", type: select, use: ["HaoJiaHuo"]}
  - { name: "Speedtest", type: select, proxies: ["DIRECT"]} 
  - { name: "Steam", type: url-test, use: ["HaoJiaHuo"]}
  - { name: "Spotify", type: url-test, use: ["HaoJiaHuo"]}
  - { name: "Telegram", type: url-test, use: ["HaoJiaHuo"]}
  - { name: "Tencent", type: select, proxies: ["DIRECT"]} 
  - { name: "YouTube", type: url-test, use: ["HaoJiaHuo"]}
  - { name: "Proxy", type: url-test, use: ["HaoJiaHuo"]} 
  - { name: "🎬哔哩哔哩", type: select, proxies: ["DIRECT"], use: ["HaoJiaHuo"]} 
 
 
rule-providers:
  Adobe:
    type: http
    behavior: classical
    path: ./ruleset/Adobe.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Adobe.yaml
    interval: 3600
 
  Amazon:
    type: http
    behavior: classical
    path: ./ruleset/Amazon.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Amazon.yaml
    interval: 3600
 
  GitHub:
    type: http
    behavior: classical
    path: ./ruleset/GitHub.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/GitHub.yaml
    interval: 3600
  
  Microsoft:
    type: http
    behavior: classical
    path: ./ruleset/Microsoft.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Microsoft.yaml
    interval: 3600
  
  Netflix:
    type: http
    behavior: classical
    path: ./ruleset/Netflix.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Netflix.yaml
    interval: 3600
  
  Spotify:
    type: http
    behavior: classical
    path: ./ruleset/Spotify.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Spotify.yaml
    interval: 3600
 
  Speedtest:
    type: http
    behavior: classical
    path: ./ruleset/Speedtest.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Speedtest.yaml
    interval: 3600
 
  Steam:
    type: http
    behavior: classical
    path: ./ruleset/Steam.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Steam.yaml
    interval: 3600
 
  Tencent:
    type: http
    behavior: classical
    path: ./ruleset/Tencent.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/Tencent.yaml
    interval: 3600
 
  YouTube:
    type: http
    behavior: classical
    path: ./ruleset/YouTube.yaml
    url: https://cdn.jsdelivr.net/gh/Semporia/Clash-X@master/Filter/YouTube.yaml
    interval: 3600
 
  reject:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/reject.txt"
    path: ./ruleset/reject.yaml
    interval: 86400
 
  icloud:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/icloud.txt"
    path: ./ruleset/icloud.yaml
    interval: 86400
 
  apple:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/apple.txt"
    path: ./ruleset/apple.yaml
    interval: 86400
 
  google:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/google.txt"
    path: ./ruleset/google.yaml
    interval: 86400
 
  proxy:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/proxy.txt"
    path: ./ruleset/proxy.yaml
    interval: 86400
 
  direct:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/direct.txt"
    path: ./ruleset/direct.yaml
    interval: 86400
 
  private:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/private.txt"
    path: ./ruleset/private.yaml
    interval: 86400
 
  gfw:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/gfw.txt"
    path: ./ruleset/gfw.yaml
    interval: 86400
 
  greatfire:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/greatfire.txt"
    path: ./ruleset/greatfire.yaml
    interval: 86400
 
  tld-not-cn:
    type: http
    behavior: domain
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/tld-not-cn.txt"
    path: ./ruleset/tld-not-cn.yaml
    interval: 86400
 
  telegramcidr:
    type: http
    behavior: ipcidr
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/telegramcidr.txt"
    path: ./ruleset/telegramcidr.yaml
    interval: 86400
 
  cncidr:
    type: http
    behavior: ipcidr
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/cncidr.txt"
    path: ./ruleset/cncidr.yaml
    interval: 86400
 
  lancidr:
    type: http
    behavior: ipcidr
    url: "https://cdn.jsdelivr.net/gh/Loyalsoldier/clash-rules@release/lancidr.txt"
    path: ./ruleset/lancidr.yaml
    interval: 86400
 
  Whitelist:
    type: http
    behavior: classical
    url: "https://gitee.com/myisafei/script/raw/master/clash/rule/Whitelist.yaml"
    path: ./ruleset/Whitelist.yaml
    interval: 86400
    
  ME:
    type: http
    behavior: classical
    url: "https://gitee.com/myisafei/script/raw/master/clash/rule/Other.yaml"
    path: ./ruleset/Other.yaml
    interval: 3600
  
  TW:
    type: http
    behavior: classical
    url: "https://gitee.com/myisafei/script/raw/master/clash/rule/Tw.yaml"
    path: ./ruleset/Tw.yaml
    interval: 3600
 
 
# 分流规则  
rules:
  # Local Area Network
  - DOMAIN-SUFFIX,local,DIRECT
  - IP-CIDR,192.168.0.0/16,DIRECT
  - IP-CIDR,10.0.0.0/8,DIRECT
  - IP-CIDR,172.16.0.0/12,DIRECT
  - IP-CIDR,127.0.0.0/8,DIRECT
 
  # 自定义部分
  - DOMAIN-SUFFIX,hexieshe.com,MATCH
  - DOMAIN-SUFFIX,themoviedb.org,MATCH
  - DOMAIN-SUFFIX,mangabz.com,MATCH
  - DOMAIN-SUFFIX,manhuagui.com,MATCH
  - DOMAIN-SUFFIX,taobao.com,DIRECT
 
  # BT,PT 规则
  - DOMAIN-KEYWORD,tracker,DIRECT
  - DOMAIN-KEYWORD,announce.php?passkey=,DIRECT
  - DOMAIN-KEYWORD,torrent,DIRECT
  - DOMAIN-KEYWORD,peer_id=,DIRECT
  - DOMAIN-KEYWORD,info_hash,DIRECT
  - DOMAIN-KEYWORD,get_peers,DIRECT
  - DOMAIN-KEYWORD,find_node,DIRECT
  - DOMAIN-KEYWORD,BitTorrent,DIRECT
  - DOMAIN-KEYWORD,announce_peer,DIRECT
 
  # 哔哩哔哩
  - DOMAIN-SUFFIX,biliapi.com,🎬哔哩哔哩
  - DOMAIN-SUFFIX,biliapi.net,🎬哔哩哔哩
  - DOMAIN-SUFFIX,bilibili.com,🎬哔哩哔哩
  - DOMAIN-SUFFIX,bilibili.tv,🎬哔哩哔哩
  - DOMAIN-SUFFIX,bilivideo.com,🎬哔哩哔哩
  - DOMAIN-SUFFIX,biligame.com,🎬哔哩哔哩
  - DOMAIN-SUFFIX,biligame.net,🎬哔哩哔哩
  
    ######### 自己的规则 start ##############
  # (直通)
  - RULE-SET,Whitelist,China
  # (自己平时访问的网址)
  - RULE-SET,ME,Proxy
  # (自己平时访问的网址)
  - RULE-SET,TW,Proxy
 
    ######### 自己的规则 end ##############
 
  # (adobe 服务)
  - RULE-SET,Adobe,Adobe
  # (亚马逊)
  - RULE-SET,Amazon,Amazon
  # (GitHub)
  - RULE-SET,GitHub,GitHub
  # (Microsoft)
  - RULE-SET,Microsoft,Microsoft
  # (奈飞)
  - RULE-SET,Netflix,Netflix 
  # (测速)
  - RULE-SET,Speedtest,Speedtest
  # (Steam)
  - RULE-SET,Steam,Steam
  # (Spotify)
  - RULE-SET,Spotify,Spotify
  # (腾讯)
  - RULE-SET,Tencent,Tencent
  # (YouTube)
  - RULE-SET,YouTube,YouTube
  - DOMAIN-SUFFIX,live.cn,China
  
  
  # (广告域名列表)
  - RULE-SET,reject,REJECT
  # (Apple 域名列表)
  - RULE-SET,apple,Apple
  # (iCloud 域名列表)
  - RULE-SET,icloud,Apple
  # (Google 域名列表)
  - RULE-SET,google,Google
  # (代理域名列表)
  - RULE-SET,proxy,Proxy
  # (直连域名列表)
  - RULE-SET,direct,China
  # (私有网络专用域名列表)
  - RULE-SET,private,China
  # (GFWList 域名列表)
  - RULE-SET,gfw,MATCH
  # (GreatFire 域名列表)
  - RULE-SET,greatfire,REJECT
  # (非中国大陆使用的顶级域名列表)
  - RULE-SET,tld-not-cn,MATCH
  # (Telegram 使用的 IP 地址列表)
  - RULE-SET,telegramcidr,Telegram
  # (中国大陆 IPv4 地址列表)
  - RULE-SET,cncidr,China
  # (局域网 IP 及保留 IP 地址列表)
  - RULE-SET,lancidr,China
 
 
  # GeoIP China
  - GEOIP,CN,DIRECT
  - MATCH,MATCH

四、开始部署

打开飞牛的Docker,点击Compose新建项目

项目名称随意,我这里填Clash,路径选择我们步骤一中创建的openClash文件夹

这时候会提示文件夹中存在docker-compose配置文件,点击确认即可

继续点击确定,之后就会回到docker compose界面

点击启动按钮,启动Docker容器,启动后会出现报错提示启动失败,这里是一个坑

点击左侧的容器,然后把容器关闭

打开容器设置,找到存储位置,找到config.yaml这个配置文件的路径设置,点击旁边的文件夹图标,重新选择一下config.yaml的路径

选择完路径后,重启容器即可

说明:这个坑可能是个bug,在用docker compose映射config.yaml这个配置文件的存储路径时,被当成文件夹并映射到了config.yaml这个文件夹,导致Clash无法读取到config.yaml这个文件导致报错,所以需要重新选择一下config.yaml配置文件的路径


五、使用教程

使用链接 http://IP地址:9090/ui 即可访问你的Clash Web UI界面

我的后台链接是:http://192.168.1.9:9090/ui