【NAS】群辉docker镜像访问加速方案

2024-06-07 22:04:19 1点赞 3收藏 2评论

背景

近两天dockerhub各个镜像站都已经下线,作为docker重度使用者,分享一个稳定的方式来拉取镜像。

解决方案

1、又到大善人cf出场的时候了,直接新建worker,编辑index.js代码,复制下面内容,记得修改成自己的域名。

'use strict'

const hub_host = 'registry-1.docker.io'

const auth_url = 'https://auth.docker.io'

const workers_url = 'https://你的域名'

/**

* static files (404.html, sw.js, conf.js)

*/

/** @type {RequestInit} */

const PREFLIGHT_INIT = {

status: 204,

headers: new Headers({

'access-control-allow-origin': '*',

'access-control-allow-methods': 'GET,POST,PUT,PATCH,TRACE,DELETE,HEAD,OPTIONS',

'access-control-max-age': '1728000',

}),

}

/**

* @param {any} body

* @param {number} status

* @param {Object} headers

*/

function makeRes(body, status = 200, headers = {}) {

headers['access-control-allow-origin'] = '*'

return new Response(body, {status, headers})

}

/**

* @param {string} urlStr

*/

function newUrl(urlStr) {

try {

return new URL(urlStr)

} catch (err) {

return null

}

}

addEventListener('fetch', e => {

const ret = fetchHandler(e)

.catch(err => makeRes('cfworker error:n' + err.stack, 502))

e.respondWith(ret)

})

/**

* @param {FetchEvent} e

*/

async function fetchHandler(e) {

const getReqHeader = (key) => e.request.headers.get(key);

let url = new URL(e.request.url);

if (url.pathname === '/token') {

let token_parameter = {

headers: {

'Host': 'auth.docker.io',

'User-Agent': getReqHeader("User-Agent"),

'Accept': getReqHeader("Accept"),

'Accept-Language': getReqHeader("Accept-Language"),

'Accept-Encoding': getReqHeader("Accept-Encoding"),

'Connection': 'keep-alive',

'Cache-Control': 'max-age=0'

}

};

let token_url = auth_url + url.pathname + url.search

return fetch(new Request(token_url, e.request), token_parameter)

}

url.hostname = hub_host;

let parameter = {

headers: {

'Host': hub_host,

'User-Agent': getReqHeader("User-Agent"),

'Accept': getReqHeader("Accept"),

'Accept-Language': getReqHeader("Accept-Language"),

'Accept-Encoding': getReqHeader("Accept-Encoding"),

'Connection': 'keep-alive',

'Cache-Control': 'max-age=0'

},

cacheTtl: 3600

};

if (e.request.headers.has("Authorization")) {

parameter.headers.Authorization = getReqHeader("Authorization");

}

let original_response = await fetch(new Request(url, e.request), parameter)

let original_response_clone = original_response.clone();

let original_text = original_response_clone.body;

let response_headers = original_response.headers;

let new_response_headers = new Headers(response_headers);

let status = original_response.status;

if (new_response_headers.get("Www-Authenticate")) {

let auth = new_response_headers.get("Www-Authenticate");

let re = new RegExp(auth_url, 'g');

new_response_headers.set("Www-Authenticate", response_headers.get("Www-Authenticate").replace(re, workers_url));

}

if (new_response_headers.get("Location")) {

return httpHandler(e.request, new_response_headers.get("Location"))

}

let response = new Response(original_text, {

status,

headers: new_response_headers

})

return response;

}

/**

* @param {Request} req

* @param {string} pathname

*/

function httpHandler(req, pathname) {

const reqHdrRaw = req.headers

// preflight

if (req.method === 'OPTIONS' &&

reqHdrRaw.has('access-control-request-headers')

) {

return new Response(null, PREFLIGHT_INIT)

}

let rawLen = ''

const reqHdrNew = new Headers(reqHdrRaw)

const refer = reqHdrNew.get('referer')

let urlStr = pathname

const urlObj = newUrl(urlStr)

/** @type {RequestInit} */

const reqInit = {

method: req.method,

headers: reqHdrNew,

redirect: 'follow',

body: req.body

}

return proxy(urlObj, reqInit, rawLen, 0)

}

/**

*

* @param {URL} urlObj

* @param {RequestInit} reqInit

*/

async function proxy(urlObj, reqInit, rawLen) {

const res = await fetch(urlObj.href, reqInit)

const resHdrOld = res.headers

const resHdrNew = new Headers(resHdrOld)

// verify

if (rawLen) {

const newLen = resHdrOld.get('content-length') || ''

const badLen = (rawLen !== newLen)

if (badLen) {

return makeRes(res.body, 400, {

'--error': bad len: ${newLen}, except: ${rawLen},

'access-control-expose-headers': '--error',

})

}

}

const status = res.status

resHdrNew.set('access-control-expose-headers', '*')

resHdrNew.set('access-control-allow-origin', '*')

resHdrNew.set('Cache-Control', 'max-age=1500')

resHdrNew.delete('content-security-policy')

resHdrNew.delete('content-security-policy-report-only')

resHdrNew.delete('clear-site-data')

return new Response(res.body, {

status,

headers: resHdrNew

})

}

2、绑定下自定义域名,设置下路由,设置完毕。

【NAS】群辉docker镜像访问加速方案

3、镜像拉取:docker pull 自定义域名/nginx/nginx,把自定义域名改成上面设置的,搞定。大家记得点赞关注加收藏,后续分享更多好玩的内容

作者声明本文无利益相关,欢迎值友理性交流,和谐讨论~

展开 收起
2评论

  • 精彩
  • 最新
  • 好复杂

    校验提示文案

    提交
    其余的方法可以参考下这个,去看看

    校验提示文案

    提交
    收起所有回复
提示信息

取消
确认
评论举报

相关文章推荐

更多精彩文章
更多精彩文章
最新文章 热门文章
3
扫一下,分享更方便,购买更轻松