From 59668f5d261212159e2b7d01c9a24207c424f91b Mon Sep 17 00:00:00 2001 From: yylt Date: Fri, 29 May 2026 11:26:14 +0800 Subject: [PATCH] smartdns --- .github/workflows/smartdns.yaml | 77 +++++++++++++++++++++++++++++++++ Dockerfile-smartdns | 60 +++++++++++++++++++++++++ 2 files changed, 137 insertions(+) create mode 100644 .github/workflows/smartdns.yaml create mode 100644 Dockerfile-smartdns diff --git a/.github/workflows/smartdns.yaml b/.github/workflows/smartdns.yaml new file mode 100644 index 0000000..a160ddc --- /dev/null +++ b/.github/workflows/smartdns.yaml @@ -0,0 +1,77 @@ +name: smartdns +permissions: + contents: read + +on: + push: + branches: [ smartdns ] + workflow_dispatch: + inputs: + branch: + description: 'smartdns tag/branch' + required: true + default: 'master' + tag: + description: 'image tag' + required: false + default: '' +env: + PROJECT: smartdns + BRANCH: master + DOCKERHUB_REPO: yylt/smartdns + REGISTRY_NAME: "docker.io" + REGISTRY_USER: "${{ secrets.DOCKER_HUB_USER }}" + REGISTRY_PASS: "${{ secrets.DOCKER_HUB_PASSWORD }}" + Dockerfile: Dockerfile-smartdns + BUILDX_NO_DEFAULT_ATTESTATIONS: 1 + +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + - name: Getting image tag + id: tag + run: | + echo "trigger by ${{ github.event_name }}" + echo "sha256 is ${{ github.sha }}" + + if ${{ github.event_name == 'workflow_dispatch' }} ; then + echo "vbranch=${{ github.event.inputs.branch }}" >> $GITHUB_ENV + if [ "${{ github.event.inputs.tag }}" != "" ] ; then + echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_ENV + else + echo "tag=${{ github.event.inputs.branch }}" >> $GITHUB_ENV + fi + else + echo "vbranch=${{ env.BRANCH }}" >> $GITHUB_ENV + echo "tag=${{ env.BRANCH }}" >> $GITHUB_ENV + fi + + - uses: actions/checkout@v6 + - uses: ./.github/actions/setup + + - name: Login to Docker Hub + uses: docker/login-action@v4 + with: + registry: ${{ env.REGISTRY_NAME }} + username: ${{ env.REGISTRY_USER }} + password: ${{ env.REGISTRY_PASS }} + + - name: Check out build code + uses: actions/checkout@v6 + with: + repository: pymumu/smartdns + ref: ${{ env.vbranch }} + path: ${{ env.PROJECT }} + + - name: Docker Buildx (push) + run: | + cd ${{ env.PROJECT }} + docker buildx build \ + --no-cache \ + --provenance false --sbom false \ + --platform linux/amd64,linux/arm64 \ + --output "type=image,push=true" \ + --tag ${{ env.REGISTRY_NAME }}/${{ env.DOCKERHUB_REPO }}:${{ env.tag }} \ + --file ../${{ env.Dockerfile }} ./ diff --git a/Dockerfile-smartdns b/Dockerfile-smartdns new file mode 100644 index 0000000..e5f4f5b --- /dev/null +++ b/Dockerfile-smartdns @@ -0,0 +1,60 @@ +FROM alpine:latest AS smartdns-builder +LABEL previous-stage=smartdns-builder + +# prepare builder +ARG OPENSSL_VER=3.5.6 +RUN apk add --no-cache binutils perl curl make gcc g++ clang wget unzip ca-certificates musl-dev linux-headers && \ + update-ca-certificates && \ + \ + curl https://sh.rustup.rs -sSf | sh -s -- -y && \ + export PATH="$HOME/.cargo/bin:$PATH" && \ + \ + mkdir -p /build/openssl && \ + cd /build/openssl && \ + curl -sSL https://www.github.com/openssl/openssl/releases/download/openssl-${OPENSSL_VER}/openssl-${OPENSSL_VER}.tar.gz | tar --strip-components=1 -zxv && \ + \ + OPENSSL_OPTIONS="no-argon2 no-aria no-async no-bf no-blake2 no-camellia no-cmp no-cms " \ + OPENSSL_OPTIONS="$OPENSSL_OPTIONS no-comp no-des no-dh no-dsa no-ec2m no-engine no-gost "\ + OPENSSL_OPTIONS="$OPENSSL_OPTIONS no-http no-idea no-legacy no-md4 no-mdc2 no-multiblock "\ + OPENSSL_OPTIONS="$OPENSSL_OPTIONS no-nextprotoneg no-ocb no-ocsp no-rc2 no-rc4 no-rmd160 "\ + OPENSSL_OPTIONS="$OPENSSL_OPTIONS no-scrypt no-seed no-siphash no-siv no-sm2 no-sm3 no-sm4 "\ + OPENSSL_OPTIONS="$OPENSSL_OPTIONS no-srp no-srtp no-ts no-whirlpool no-apps no-ssl-trace "\ + OPENSSL_OPTIONS="$OPENSSL_OPTIONS no-ssl no-ssl3 no-tests -Os" \ + cd /build/openssl && \ + if [ "$(uname -m)" = "aarch64" ]; then \ + ./config --prefix=/opt/build $OPENSSL_OPTIONS -mno-outline-atomics ; \ + else \ + ./config --prefix=/opt/build $OPENSSL_OPTIONS ; \ + fi && \ + mkdir -p /opt/build/lib /opt/build/lib64 && \ + make all -j8 && make install_sw && \ + cd / && rm -rf /build + +# do make +COPY . /build/smartdns/ +RUN cd /build/smartdns && \ + export CFLAGS="-I /opt/build/include" && \ + export LDFLAGS="-L /opt/build/lib -L /opt/build/lib64" && \ + export PATH="$HOME/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" && \ + rm -fr /build/smartdns/package/*.tar.gz && \ + ARCH=$(uname -m) && \ + if [ "$ARCH" = "x86_64" ]; then ARCH="amd64"; elif [ "$ARCH" = "aarch64" ]; then ARCH="arm64"; fi && \ + sh ./package/build-pkg.sh --platform linux --arch $ARCH --static && \ + \ + ( cd package && tar -xvf *.tar.gz && chmod a+x smartdns/etc/init.d/smartdns ) && \ + \ + mkdir -p /release/var/log /release/run /release/var/lib/smartdns && \ + cp package/smartdns/etc /release/ -a && \ + cp package/smartdns/usr /release/ -a && \ + rm -f /release/usr/local/smartdns/lib/libssl* && \ + rm -f /release/usr/local/smartdns/lib/libcrypto* && \ + cp /opt/build/lib/lib*.so* /release/usr/local/lib/smartdns/lib/ -a 2>/dev/null || true && \ + cp /opt/build/lib64/lib*.so* /release/usr/local/lib/smartdns/lib/ -a 2>/dev/null || true && \ + cd / && rm -rf /build + +FROM busybox:stable-musl +COPY --from=smartdns-builder /release/ / +EXPOSE 53/udp 6080/tcp +VOLUME ["/etc/smartdns/", "/var/lib/smartdns/"] + +CMD ["/usr/sbin/smartdns", "-f", "-x"]