$ wget https://s3.amazonaws.com/outline-releases/manager/linux/stable/Outline-Manager.AppImage $ chmod +x Outline-Manager.AppImage $ ./Outline-Manager.AppImage Outline Manager is starting libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null) [42740:0925/174650.529715:ERROR:viz_main_impl.cc(186)] Exiting GPU process due to errors during initialization Launching web app from outline://web_app/index.html?version=1.15.2&sentryDsn=https%3A%2F%2F9df8c810bf1b482d979da996e3e63c40%40o74047.ingest.sentry.io%2F215496 libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null) [42774:0925/174651.006194:ERROR:viz_main_impl.cc(186)] Exiting GPU process due to errors during initialization libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null) [42800:0925/174651.310808:ERROR:gpu_memory_buffer_support_x11.cc(44)] dri3 extension not supported. Checking for update Generated new staging user ID: c5db7469-3a5b-5365-a374-7e29a6e0c71a Update for version 1.15.2 is not available (latest version: 1.15.2, downgrade is disallowed).
Outline 环境中,VPN Server 负责具体的 VPN 节点实现。要部署 VPN Server,选择合适的服务器环境,比如使用自己的本地服务器则选择 Set up Outline anywhere,然后根据提示在具体的 VPN Server 上部署程序即可
根据提示,执行以下命令,部署 VPN Server 环境程序
# sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/src/server_manager/install_scripts/install_server.sh)" > Verifying that Docker is installed .......... OK > Verifying that Docker daemon is running ..... OK > Setting PUBLIC_HOSTNAME to external IP ...... OK > Creating persistent state dir ............... OK > Generating secret key ....................... OK > Generating TLS certificate .................. OK > Generating SHA-256 certificate fingerprint .. OK > Writing config .............................. OK > Starting Shadowbox .......................... OK > Starting Watchtower ......................... OK > Removing watchtower container ............... OK > Restarting watchtower ....................... OK > Waiting for Outline server to be healthy .... OK > Creating first user ......................... OK > Adding API URL to config .................... OK > Checking host firewall ...................... OK
CONGRATULATIONS! Your Outline server is up and running.
To manage your Outline server, please copy the following line (including curly brackets) into Step 2 of the Outline Manager interface:
If you have connection problems, it may be that your router or cloud provider blocks inbound connections, even though your machine seems to allow them.
Make sure to open the following ports on your firewall, router or cloud provider: - Management port 50472, for TCP - Access key port 13279, for TCP and UDP
根据提示 Management port 50472, for TCP、Access key port 13279, for TCP and UDP,防火墙放通对应的端口
默认情况下,Management port 和 Access key port 使用随机端口,要使用自定义的固定端口,使用以下命令配置 VPN Server 环境
wget http://ftp.gnu.org/gnu/automake/automake-1.14.1.tar.gz tar -xf automake-1.14.1.tar.gz cd automake-1.14.1 ./bootstrap.sh
以上步骤执行完成后,会生成 configure 可执行文件
./configure make make install
安装完成后,执行以下命令验证版本
$ automake --version automake (GNU automake) 1.14.1 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl-2.0.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
$ ln -s /proc/84040/ns/net /var/run/netns/84040 $ ip netns ls 84040 (id: 0)
通过 network namespace 名称(此处为 84040)配置容器中网卡的 IP 地址信息
ip netns exec 84040 ip link set dev veth0_p name eth0 ip netns exec 84040 ip link set dev eth0 up
ip netns exec 84040 ip add add 172.17.0.10/16 dev eth0
ip netns exec 84040 ip route add default via 172.17.0.1
进入容器检查网络信息
$ ip add 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 15: eth0@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 7e:36:b3:20:a1:8c brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.0.10/16 scope global eth0 valid_lft forever preferred_lft forever $ ip route show default via 172.17.0.1 dev eth0 172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.10
进入容器测试网络连接
$ ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=127 time=37.4 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=127 time=37.0 ms ^C --- 8.8.8.8 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 37.047/37.234/37.422/0.269 ms
certificate verify failed: unable to get local issuer certificate
报错信息如下:
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007) ... urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)>
# pip install --upgrade pip Requirement already satisfied: pip in /usr/local/lib/python3.9/site-packages (23.0.1) Collecting pip Downloading pip-23.2.1-py3-none-any.whl (2.1 MB) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 0.0/2.1 MB ? eta -:--:--ERROR: Exception: Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/pip/_internal/cli/base_command.py", line 160, in exc_logging_wrapper status = run_func(*args) File "/usr/local/lib/python3.9/site-packages/pip/_internal/cli/req_command.py", line 247, in wrapper return func(self, options, args) ... File "/usr/local/lib/python3.9/site-packages/pip/_internal/operations/prepare.py", line 107, in get_http_url from_path, content_type = download(link, temp_dir.path) File "/usr/local/lib/python3.9/site-packages/pip/_internal/network/download.py", line 147, in __call__ for chunk in chunks: File "/usr/local/lib/python3.9/site-packages/pip/_internal/cli/progress_bars.py", line 52, in _rich_progress_bar with progress: File "/usr/local/lib/python3.9/site-packages/pip/_vendor/rich/progress.py", line 1169, in __enter__ self.start() File "/usr/local/lib/python3.9/site-packages/pip/_vendor/rich/progress.py", line 1160, in start self.live.start(refresh=True) File "/usr/local/lib/python3.9/site-packages/pip/_vendor/rich/live.py", line 132, in start self._refresh_thread.start() File "/usr/local/lib/python3.9/threading.py", line 899, in start _start_new_thread(self._bootstrap, ()) RuntimeError: can't start new thread
[notice] A new release of pip is available: 23.0.1 -> 23.2.1 [notice] To update, run: pip install --upgrade pip
>>> help(requests.get) get(url, params=None, **kwargs) Sends a GET request. :param url: URL for the new :class:`Request` object. :param params: (optional) Dictionary, list of tuples orbytes to send in the query string for the :class:`Request`. :param \*\*kwargs: Optional arguments that ``request`` takes. :return: :class:`Response <Response>` object :rtype: requests.Response