vrr/b4
2
0
Fork 0
mirror of https://github.com/DanielLavrushin/b4.git synced 2026-04-28 03:20:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

feat: add Docker support with workflows, Dockerfile, and docker-compose

Browse source
This commit is contained in:
Daniel Lavrushin 2026-02-10 20:08:07 +01:00 committed by крысавдоме
parent b0237b3291
commit cb928aa2a2
No known key found for this signature in database
GPG key ID: 8633BA8E6F7122A5
6 changed files with 221 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

13
.dockerignore Normal file
View file

@ -0,0 +1,13 @@
out/
docs/
.git/
.github/
.idea/
.vscode/
*.md
!src/http/ui/*.md
src/http/ui/node_modules/
docs/node_modules/
.env
.task/
vendor/

62
.github/workflows/docker.yml vendored Normal file
View file

@ -0,0 +1,62 @@
name: Docker
on:
release:
types: [published]
workflow_dispatch:
inputs:
version:
description: "Image version tag (e.g., 1.34.0)"
required: true
default: "latest"
permissions:
contents: read
env:
IMAGE_NAME: lavrushin/b4
jobs:
docker:
name: Build & Push Docker Image
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set version
id: version
run: |
if [ "${{ github.event_name }}" = "release" ]; then
VERSION="${{ github.event.release.tag_name }}"
VERSION="${VERSION#v}"
else
VERSION="${{ inputs.version }}"
fi
echo "version=${VERSION}" >> $GITHUB_OUTPUT
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
build-args: |
VERSION=${{ steps.version.outputs.version }}
tags: |
${{ env.IMAGE_NAME }}:latest
${{ env.IMAGE_NAME }}:${{ steps.version.outputs.version }}
cache-from: type=gha
cache-to: type=gha,mode=max

43
.github/workflows/release.yml vendored
View file

@ -168,9 +168,50 @@ jobs:
release-assets/checksums.txt
generate_release_notes: true
docker:
name: Docker Image
needs: release
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Determine tags
id: tags
run: |
TAGS="lavrushin/b4:${{ env.VERSION }}"
if [ "${{ inputs.prerelease }}" != "true" ]; then
TAGS="${TAGS},lavrushin/b4:latest"
fi
echo "tags=${TAGS}" >> $GITHUB_OUTPUT
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
build-args: |
VERSION=${{ env.VERSION }}
tags: ${{ steps.tags.outputs.tags }}
cache-from: type=gha
cache-to: type=gha,mode=max
cleanup:
name: Cleanup old artifacts
needs: release
needs: [release, docker]
runs-on: ubuntu-latest
if: always()
steps:

53
Dockerfile Normal file
View file

@ -0,0 +1,53 @@
# Stage 1: Build the web UI
FROM node:22-alpine AS ui-builder
RUN corepack enable && corepack prepare pnpm@10.18.2 --activate
WORKDIR /app/src/http/ui
COPY src/http/ui/package.json src/http/ui/pnpm-lock.yaml ./
RUN pnpm install --frozen-lockfile
COPY src/http/ui/ ./
ARG VERSION=dev
ENV VITE_APP_VERSION=${VERSION}
RUN pnpm build
# Stage 2: Build the Go binary
FROM golang:1.25-alpine AS go-builder
WORKDIR /app
COPY src/go.mod src/go.sum ./src/
RUN cd src && go mod download
COPY src/ ./src/
COPY --from=ui-builder /app/src/http/ui/dist ./src/http/ui/dist
COPY makefile ./
ARG VERSION=dev
ARG TARGETARCH
ARG TARGETVARIANT
RUN COMMIT=$(echo "docker" ) && \
DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) && \
CGO_ENABLED=0 GOOS=linux go -C src build \
-trimpath \
-ldflags "-s -w -X main.Version=${VERSION} -X main.Commit=${COMMIT} -X main.Date=${DATE}" \
-o /b4
# Stage 3: Runtime image
FROM alpine:3.23.3
RUN apk add --no-cache \
iptables \
ip6tables \
nftables \
kmod \
iproute2
COPY --from=go-builder /b4 /usr/local/bin/b4
VOLUME /etc/b4
EXPOSE 7000
ENTRYPOINT ["b4"]

12
docker-compose.yml Normal file
View file

@ -0,0 +1,12 @@
services:
b4:
image: lavrushin/b4:latest
container_name: b4
network_mode: host
cap_add:
- NET_ADMIN
- NET_RAW
- SYS_MODULE
volumes:
- ./config:/etc/b4
restart: unless-stopped

41
readme.md
View file

@ -9,7 +9,6 @@ Network packet processor that bypasses Deep Packet Inspection (DPI) using netfil
<img width="1187" height="787" alt="image" src="https://github.com/user-attachments/assets/3e4c105d-5b28-4e93-ab54-6d92338b1293" />
## Requirements
- Linux-system (desktop, server or router)
@ -37,6 +36,7 @@ Or pass `--help` to get more information about the possible options.
```bash
wget -O ~/b4install.sh https://raw.githubusercontent.com/DanielLavrushin/b4/main/install.sh && chmod +x ~/b4install.sh && ~/b4install.sh --help
```
### Installer options
```bash
@ -88,6 +88,43 @@ make linux-arm64
make linux-armv7
````
## Docker
### Quick Start
```bash
docker run --network host \
--cap-add NET_ADMIN --cap-add NET_RAW --cap-add SYS_MODULE \
-v /etc/b4:/etc/b4 \
lavrushin/b4:latest --web-port 7000
```
Web UI: <http://localhost:7000>
### Docker Compose
```yaml
services:
b4:
image: lavrushin/b4:latest
container_name: b4
network_mode: host
cap_add:
- NET_ADMIN
- NET_RAW
- SYS_MODULE
volumes:
- ./config:/etc/b4
restart: unless-stopped
```
### Docker Requirements
- **Linux host only** — b4 uses netfilter queue (NFQUEUE) which is a Linux kernel feature
- `--network host` is mandatory — b4 must access the host network stack directly
- Capabilities: `NET_ADMIN` (firewall rules), `NET_RAW` (raw sockets), `SYS_MODULE` (kernel module loading)
- Host kernel must have `nfqueue` support (`xt_NFQUEUE`, `nf_conntrack` modules)
## Usage
### Starting B4
@ -107,7 +144,7 @@ sudo systemctl enable b4 # Start on load
### Web UI
```
```text
http://your-device-ip:7000
```