Cloudflare反代

LDD LDD 收录于 技术
 约 1300 字 预计阅读 3 分钟 

如何使用cloudflare反代脚本以及dockerhub。

cloudflare 反代

前提:需要有一个域名

1.反代脚本

创建应用

    1. 转到 Worker & Pages 页面,点击 Create 按钮。

image-20240718135312286.png

    1. 点击 Create Worker 按钮。

image-20240718135513683.png

    1. 命名自己的worker,点击 Deploy 按钮。

image-20240718140137808.png

    1. 点击 Worker & Pages 页面,点击 proxy-scripts(我这里是proxy-scripts),找到settings下的Triggers点击Add Custom Domain填入自己要用的二级域名。绑定完成就能拿看到Domain里有记录了。

image-20240718140452513.png

image-20240718140856559.png

    1. 点击Edit Code

image-20240718141108148.png

    1. 填入要反代的GitHub Gist脚本URL,点击Deploy按钮

       1
 2
 3
 4
 5
 6
 7
 8
 9
10

      addEventListener('fetch', event => {
  event.respondWith(handleRequest(event.request))
})

async function handleRequest(request) {
  // Github GIST URL
  const targetUrl = 'Your Github GIST URL';

  return Response.redirect(targetUrl, 301);
}

image-20240718141646076.png

    1. 接下来使用就可以发现可以用自己域名来反代脚本了。

image-20240718142228400.png

2.反代docker

6 月 6 日,上海交大的 Docker Hub 镜像加速器宣布因收到通知要求被下架。声明称:“即时起我们将中止对 dockerhub 仓库的镜像。docker 相关工具默认会自动处理失效镜像的回退,如果对官方源有访问困难问题,建议尝试使用其他仍在服务的镜像源。我们对给您带来的不便表示歉意,感谢您的理解与支持。”Docker Hub 是目前最大的容器镜像社区,去年 5 月起国内用户报告 Docker Hub 官网无法访问,其网址解析返回了错误 IP 地址。

1.反代脚本一样的步骤。

    1. 将以下配置复制至worker.js中
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168

'use strict';

const hub_host = 'registry-1.docker.io';
const auth_url = 'https://auth.docker.io';
const worker_url = '';   改为你配置好的Custom Domain

/**
 * 静态文件 (404.html、sw.js、conf.js)
 */

/** @type {RequestInit} */
const PREFLIGHT_INIT = {
  status: 204,
  headers: new Headers({
    'access-control-allow-origin': '*',
    'access-control-allow-methods': 'GET, POST, PUT, PATCH, TRACE, DELETE, HEAD, OPTIONS',
    'access-control-max-age': '1728000',
  }),
};

/**
 * @param {any} body
 * @param {number} status
 * @param {Object<string, string>} headers
 */
function makeRes(body, status = 200, headers = {}) {
  headers['access-control-allow-origin'] = '*';
  return new Response(body, { status, headers });
}

/**
 * @param {string} urlStr
 */
function newUrl(urlStr) {
  try {
    return new URL(urlStr);
  } catch (err) {
    return null;
  }
}

addEventListener('fetch', e => {
  const ret = fetchHandler(e).catch(err => makeRes('cfworker error:\n' + err.stack, 502));
  e.respondWith(ret);
});

/**
 * @param {FetchEvent} e
 */
async function fetchHandler(e) {
  const getReqHeader = key => e.request.headers.get(key);
  let url = new URL(e.request.url);

  if (url.pathname === '/token') {
    let token_parameter = {
      headers: {
        'Host': 'auth.docker.io',
        'User-Agent': getReqHeader('User-Agent'),
        'Accept': getReqHeader('Accept'),
        'Accept-Language': getReqHeader('Accept-Language'),
        'Accept-Encoding': getReqHeader('Accept-Encoding'),
        'Connection': 'keep-alive',
        'Cache-Control': 'max-age=0',
      },
    };
    let token_url = auth_url + url.pathname + url.search;
    return fetch(new Request(token_url, e.request), token_parameter);
  }

  url.hostname = hub_host;
  let parameters = {
    headers: {
      'Host': hub_host,
      'User-Agent': getReqHeader('User-Agent'),
      'Accept': getReqHeader('Accept'),
      'Accept-Language': getReqHeader('Accept-Language'),
      'Accept-Encoding': getReqHeader('Accept-Encoding'),
      'Connection': 'keep-alive',
      'Cache-Control': 'max-age=0',
    },
    cacheTtl: 3600,
  };

  if (e.request.headers.has('Authorization')) {
    parameters.headers.Authorization = getReqHeader('Authorization');
  }

  let original_response = await fetch(new Request(url, e.request), parameters);
  let original_response_clone = original_response.clone();
  let original_text = await original_response_clone.text();
  let response_headers = original_response.headers;
  let new_response_headers = new Headers(response_headers);
  let status = original_response.status;

  if (new_response_headers.get('Www-Authenticate')) {
    let auth = new_response_headers.get('Www-Authenticate');
    let re = new RegExp(auth_url, 'g');
    new_response_headers.set('Www-Authenticate', response_headers.get('Www-Authenticate').replace(re, worker_url));
  }

  if (new_response_headers.get('Location')) {
    return httpHandler(e.request, new_response_headers.get('Location'));
  }

  let response = new Response(original_text, { status, headers: new_response_headers });
  return response;
}

/**
 * @param {Request} req
 * @param {string} pathname
 */
function httpHandler(req, pathname) {
  const reqHdrRaw = req.headers;

  // 预检
  if (req.method === 'OPTIONS' && reqHdrRaw.has('access-control-request-headers')) {
    return new Response(null, PREFLIGHT_INIT);
  }

  let rawLen = '';
  const reqHdrNew = new Headers(reqHdrRaw);
  const refer = reqHdrNew.get('referer');
  let urlStr = pathname;
  const urlObj = newUrl(urlStr);

  /** @type {RequestInit} */
  const reqInit = {
    method: req.method,
    headers: reqHdrNew,
    redirect: 'follow',
    body: req.body,
  };

  return proxy(urlObj, reqInit, rawLen);
}

/**
 * @param {URL} urlObj
 * @param {RequestInit} reqInit
 */
async function proxy(urlObj, reqInit, rawLen) {
  const res = await fetch(urlObj.href, reqInit);
  const resHdrOld = res.headers;
  const resHdrNew = new Headers(resHdrOld);

  // 验证
  if (rawLen) {
    const newLen = resHdrOld.get('content-length') || '';
    const badLen = (rawLen !== newLen);
    if (badLen) {
      return makeRes(res.body, 400, {
        '--error': `bad len: ${newLen}, except: ${rawLen}`,
        'access-control-expose-headers': '--error',
      });
    }
  }

  const status = res.status;
  resHdrNew.set('access-control-expose-headers', '*');
  resHdrNew.set('access-control-allow-origin', '*');
  resHdrNew.set('Cache-Control', 'max-age=1500');
  resHdrNew.delete('content-security-policy');
  resHdrNew.delete('content-security-policy-report-only');
  resHdrNew.delete('clear-site-data');

  return new Response(res.body, { status, headers: resHdrNew });
}

    1. 使用如下命令测试一下。

      1

      docker pull 你配置好的Custom Domain/library/mysql:latest

后续没问题就可以配置至镜像仓库

更新于 2024-06-18 
Cloudflare反向代理
返回 | 主页
💬评论
0%