feat: add goose

src/frpc/.env.example

@@ -1,7 +1,28 @@
-# FRP Client Version
-FRPC_VERSION=0.64.0
+# Global registry prefix for pulling images (optional)
+# GLOBAL_REGISTRY=
 
-# FRP server configuration
-FRP_SERVER_ADDR=your.server.com
+# Timezone setting (default: UTC)
+TZ=UTC
+
+# FRP Client Version
+FRPC_VERSION=0.65.0
+
+# FRP server connection settings
+FRP_SERVER_ADDR=127.0.0.1
 FRP_SERVER_PORT=7000
-FRP_SERVER_TOKEN=your_token_here
+FRP_SERVER_TOKEN=server_token
+
+# Local application host (use host.docker.internal to access host machine)
+FRP_APP_HOST=127.0.0.1
+
+# Admin dashboard configuration
+FRP_ADMIN_ADDR=0.0.0.0
+FRP_ADMIN_PORT=7400
+FRP_ADMIN_USER=admin
+FRP_ADMIN_PASSWORD=password
+
+# Resource limits
+FRPC_CPU_LIMIT=0.5
+FRPC_MEMORY_LIMIT=128M
+FRPC_CPU_RESERVATION=0.1
+FRPC_MEMORY_RESERVATION=64M

src/frpc/README.md

@@ -1,12 +1,40 @@
-# FRPC (Intranet Penetration Client)
+# FRPC (FRP Client)
 
 [English](./README.md) | [中文](./README.zh.md)
 
-This is an FRPC (Intranet Penetration Client) service.
+FRPC is a fast reverse proxy client that connects to an FRP server to expose local services to the internet. This is the client component of the FRP (Fast Reverse Proxy) tool.
 
-## Example
+## Quick Start
 
-Taking SSH service penetration as an example, create a new `frpc.toml` configuration file with the following content:
+1. Create a `.env` file from `.env.example`:
+
+    ```bash
+    cp .env.example .env
+    ```
+
+2. Edit the `.env` file and configure the FRP server connection:
+
+    ```properties
+    FRP_SERVER_ADDR=your.frp.server.com
+    FRP_SERVER_PORT=7000
+    FRP_SERVER_TOKEN=your_server_token
+    ```
+
+3. Create a `frpc.toml` configuration file with your proxy rules (see example below).
+
+4. Start the service:
+
+    ```bash
+    docker compose up -d
+    ```
+
+## Configuration File
+
+The client requires a `frpc.toml` file to define proxy rules. Here are some common examples:
+
+### Example 1: SSH Service Proxy
+
+Expose a local SSH service to the internet:
 
 ```toml
 serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
@@ -14,38 +42,165 @@ serverPort = {{ .Envs.FRP_SERVER_PORT }}
 auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
 
 [[proxies]]
-name = "app_22"
+name = "ssh"
 type = "tcp"
-remotePort = 23922
-localIP = "192.168.10.100"
+remotePort = 6000
+localIP = "{{ .Envs.FRP_APP_HOST }}"
 localPort = 22
 ```
 
-Configure the remote FRPS service address in the `.env` file:
+This configuration will:
 
-```properties
-FRP_SERVER_ADDR=frps.example.com
-FRP_SERVER_PORT=9870
-FRP_SERVER_TOKEN=password
+- Connect to the FRP server at `FRP_SERVER_ADDR:FRP_SERVER_PORT`
+- Expose local SSH (port 22) through the server's port 6000
+- Access the service via `FRP_SERVER_ADDR:6000`
+
+### Example 2: Web Service Proxy
+
+Expose a local web application:
+
+```toml
+serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
+serverPort = {{ .Envs.FRP_SERVER_PORT }}
+auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
+
+[[proxies]]
+name = "web"
+type = "http"
+customDomains = ["your-domain.com"]
+localIP = "{{ .Envs.FRP_APP_HOST }}"
+localPort = 8080
 ```
 
-Start the service to proxy `192.168.10.100:22` to `FRP_SERVER_ADDR:23922`.
+### Example 3: Multiple Services
 
-```bash
-docker compose up -d
+Proxy multiple services simultaneously:
+
+```toml
+serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
+serverPort = {{ .Envs.FRP_SERVER_PORT }}
+auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
+
+[[proxies]]
+name = "ssh"
+type = "tcp"
+remotePort = 6000
+localIP = "192.168.1.100"
+localPort = 22
+
+[[proxies]]
+name = "web"
+type = "tcp"
+remotePort = 8080
+localIP = "192.168.1.101"
+localPort = 80
 ```
 
-## Services
+### Example 4: Admin Dashboard
 
-- `frpc`: The FRPC client service.
+Enable the admin dashboard to monitor the client:
 
-## Configuration
+```toml
+serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
+serverPort = {{ .Envs.FRP_SERVER_PORT }}
+auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
 
-- `FRPC_VERSION`: The version of the FRPC image, default is `0.64.0`.
-- `FRP_SERVER_ADDR`: The remote FRPS server address.
-- `FRP_SERVER_PORT`: The remote FRPS server port.
-- `FRP_SERVER_TOKEN`: The token for connecting to FRPS.
+webServer.addr = "{{ .Envs.FRP_ADMIN_ADDR }}"
+webServer.port = {{ .Envs.FRP_ADMIN_PORT }}
+webServer.user = "{{ .Envs.FRP_ADMIN_USER }}"
+webServer.password = "{{ .Envs.FRP_ADMIN_PASSWORD }}"
+
+[[proxies]]
+name = "app"
+type = "tcp"
+remotePort = 9000
+localIP = "{{ .Envs.FRP_APP_HOST }}"
+localPort = 3000
+```
+
+Access the admin dashboard at `http://localhost:7400` (default).
+
+## Environment Variables
+
+### Image Configuration
+
+- `GLOBAL_REGISTRY`: Optional global registry prefix for pulling images
+- `FRPC_VERSION`: FRPC image version (default: `0.65.0`)
+- `TZ`: Timezone setting (default: `UTC`)
+
+### Server Connection
+
+- `FRP_SERVER_ADDR`: FRP server address (**required**, e.g., `frp.example.com` or `192.168.1.1`)
+- `FRP_SERVER_PORT`: FRP server port (default: `7000`)
+- `FRP_SERVER_TOKEN`: Authentication token for connecting to the server (**must match server token**)
+
+### Local Application
+
+- `FRP_APP_HOST`: Local application host address (default: `127.0.0.1`)
+  - Use `host.docker.internal` to access services running on the host machine
+  - Use specific IP addresses for services on your local network
+
+### Admin Dashboard (Optional)
+
+- `FRP_ADMIN_ADDR`: Admin dashboard bind address (default: `0.0.0.0`)
+- `FRP_ADMIN_PORT`: Admin dashboard port (default: `7400`)
+- `FRP_ADMIN_USER`: Admin dashboard username (default: `admin`)
+- `FRP_ADMIN_PASSWORD`: Admin dashboard password (default: `password`)
+
+### Resource Limits
+
+- `FRPC_CPU_LIMIT`: CPU limit (default: `0.5`)
+- `FRPC_MEMORY_LIMIT`: Memory limit (default: `128M`)
+- `FRPC_CPU_RESERVATION`: CPU reservation (default: `0.1`)
+- `FRPC_MEMORY_RESERVATION`: Memory reservation (default: `64M`)
 
 ## Volumes
 
-- `frpc.toml`: The configuration file for FRPC.
+- `./frpc.toml:/etc/frp/frpc.toml`: FRPC configuration file
+
+## Accessing Host Services
+
+To access services running on your host machine from within the container, use `host.docker.internal`:
+
+```properties
+FRP_APP_HOST=host.docker.internal
+```
+
+Then in your `frpc.toml`:
+
+```toml
+[[proxies]]
+name = "local-service"
+type = "tcp"
+remotePort = 8080
+localIP = "{{ .Envs.FRP_APP_HOST }}"
+localPort = 3000
+```
+
+This will expose your host's port 3000 through the FRP server's port 8080.
+
+## Security Notes
+
+1. **Secure your token**: Keep your `FRP_SERVER_TOKEN` secret and use a strong, random value
+2. **Limit exposure**: Only expose the services you actually need
+3. **Use encryption**: Consider using HTTPS/TLS for sensitive services
+4. **Monitor access**: Enable the admin dashboard to monitor active connections
+
+## Troubleshooting
+
+### Cannot connect to FRP server
+
+- Verify `FRP_SERVER_ADDR` and `FRP_SERVER_PORT` are correct
+- Ensure the FRP server is running and accessible
+- Check that `FRP_SERVER_TOKEN` matches the server configuration
+
+### Cannot access local service
+
+- Verify `FRP_APP_HOST` is correct
+- For host services, ensure you're using `host.docker.internal`
+- For network services, ensure the IP address and port are correct
+- Check firewall rules on both client and server sides
+
+## License
+
+FRP is licensed under the Apache License 2.0. See the [FRP GitHub repository](https://github.com/fatedier/frp) for more details.

src/frpc/README.zh.md

@@ -1,12 +1,40 @@
-# FRPC (内网穿透客户端)
+# FRPC（FRP 客户端）
 
 [English](./README.md) | [中文](./README.zh.md)
 
-这是一个 FRPC（内网穿透客户端）服务。
+FRPC 是一个快速反向代理客户端，连接到 FRP 服务器以将本地服务暴露到互联网。这是 FRP（Fast Reverse Proxy）工具的客户端组件。
 
-## 示例
+## 快速开始
 
-以 SSH 服务穿透为例，新建 `frpc.toml` 配置文件，内容如下：
+1. 从 `.env.example` 创建 `.env` 文件：
+
+    ```bash
+    cp .env.example .env
+    ```
+
+2. 编辑 `.env` 文件并配置 FRP 服务器连接：
+
+    ```properties
+    FRP_SERVER_ADDR=your.frp.server.com
+    FRP_SERVER_PORT=7000
+    FRP_SERVER_TOKEN=your_server_token
+    ```
+
+3. 创建包含代理规则的 `frpc.toml` 配置文件（参见下面的示例）。
+
+4. 启动服务：
+
+    ```bash
+    docker compose up -d
+    ```
+
+## 配置文件
+
+客户端需要一个 `frpc.toml` 文件来定义代理规则。以下是一些常见示例：
+
+### 示例 1：SSH 服务代理
+
+将本地 SSH 服务暴露到互联网：
 
 ```toml
 serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
@@ -14,38 +42,165 @@ serverPort = {{ .Envs.FRP_SERVER_PORT }}
 auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
 
 [[proxies]]
-name = "app_22"
+name = "ssh"
 type = "tcp"
-remotePort = 23922
-localIP = "192.168.10.100"
+remotePort = 6000
+localIP = "{{ .Envs.FRP_APP_HOST }}"
 localPort = 22
 ```
 
-配置远程 FRPS 服务地址到 `.env` 文件中：
+此配置将：
 
-```properties
-FRP_SERVER_ADDR=frps.example.com
-FRP_SERVER_PORT=9870
-FRP_SERVER_TOKEN=password
+- 连接到 `FRP_SERVER_ADDR:FRP_SERVER_PORT` 的 FRP 服务器
+- 通过服务器的 6000 端口暴露本地 SSH（22 端口）
+- 通过 `FRP_SERVER_ADDR:6000` 访问服务
+
+### 示例 2：Web 服务代理
+
+暴露本地 Web 应用程序：
+
+```toml
+serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
+serverPort = {{ .Envs.FRP_SERVER_PORT }}
+auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
+
+[[proxies]]
+name = "web"
+type = "http"
+customDomains = ["your-domain.com"]
+localIP = "{{ .Envs.FRP_APP_HOST }}"
+localPort = 8080
 ```
 
-启动服务，即可代理 `192.168.10.100:22` 到 `FRP_SERVER_ADDR:23922`。
+### 示例 3：多个服务
 
-```bash
-docker compose up -d
+同时代理多个服务：
+
+```toml
+serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
+serverPort = {{ .Envs.FRP_SERVER_PORT }}
+auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
+
+[[proxies]]
+name = "ssh"
+type = "tcp"
+remotePort = 6000
+localIP = "192.168.1.100"
+localPort = 22
+
+[[proxies]]
+name = "web"
+type = "tcp"
+remotePort = 8080
+localIP = "192.168.1.101"
+localPort = 80
 ```
 
-## 服务
+### 示例 4：管理面板
 
-- `frpc`: FRPC 客户端服务。
+启用管理面板以监控客户端：
 
-## 配置
+```toml
+serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
+serverPort = {{ .Envs.FRP_SERVER_PORT }}
+auth.token = "{{ .Envs.FRP_SERVER_TOKEN }}"
 
-- `FRPC_VERSION`: FRPC 镜像的版本，默认为 `0.64.0`。
-- `FRP_SERVER_ADDR`: 远程 FRPS 服务器地址。
-- `FRP_SERVER_PORT`: 远程 FRPS 服务器端口。
-- `FRP_SERVER_TOKEN`: 用于连接 FRPS 的令牌。
+webServer.addr = "{{ .Envs.FRP_ADMIN_ADDR }}"
+webServer.port = {{ .Envs.FRP_ADMIN_PORT }}
+webServer.user = "{{ .Envs.FRP_ADMIN_USER }}"
+webServer.password = "{{ .Envs.FRP_ADMIN_PASSWORD }}"
+
+[[proxies]]
+name = "app"
+type = "tcp"
+remotePort = 9000
+localIP = "{{ .Envs.FRP_APP_HOST }}"
+localPort = 3000
+```
+
+在 `http://localhost:7400`（默认）访问管理面板。
+
+## 环境变量
+
+### 镜像配置
+
+- `GLOBAL_REGISTRY`：可选的全局镜像仓库前缀
+- `FRPC_VERSION`：FRPC 镜像版本（默认：`0.65.0`）
+- `TZ`：时区设置（默认：`UTC`）
+
+### 服务器连接
+
+- `FRP_SERVER_ADDR`：FRP 服务器地址（**必需**，例如 `frp.example.com` 或 `192.168.1.1`）
+- `FRP_SERVER_PORT`：FRP 服务器端口（默认：`7000`）
+- `FRP_SERVER_TOKEN`：连接到服务器的认证令牌（**必须与服务器令牌匹配**）
+
+### 本地应用
+
+- `FRP_APP_HOST`：本地应用主机地址（默认：`127.0.0.1`）
+  - 使用 `host.docker.internal` 访问运行在主机上的服务
+  - 使用特定 IP 地址访问本地网络上的服务
+
+### 管理面板（可选）
+
+- `FRP_ADMIN_ADDR`：管理面板绑定地址（默认：`0.0.0.0`）
+- `FRP_ADMIN_PORT`：管理面板端口（默认：`7400`）
+- `FRP_ADMIN_USER`：管理面板用户名（默认：`admin`）
+- `FRP_ADMIN_PASSWORD`：管理面板密码（默认：`password`）
+
+### 资源限制
+
+- `FRPC_CPU_LIMIT`：CPU 限制（默认：`0.5`）
+- `FRPC_MEMORY_LIMIT`：内存限制（默认：`128M`）
+- `FRPC_CPU_RESERVATION`：CPU 预留（默认：`0.1`）
+- `FRPC_MEMORY_RESERVATION`：内存预留（默认：`64M`）
 
 ## 卷
 
-- `frpc.toml`: FRPC 的配置文件。
+- `./frpc.toml:/etc/frp/frpc.toml`：FRPC 配置文件
+
+## 访问主机服务
+
+要从容器内访问运行在主机上的服务，请使用 `host.docker.internal`：
+
+```properties
+FRP_APP_HOST=host.docker.internal
+```
+
+然后在 `frpc.toml` 中：
+
+```toml
+[[proxies]]
+name = "local-service"
+type = "tcp"
+remotePort = 8080
+localIP = "{{ .Envs.FRP_APP_HOST }}"
+localPort = 3000
+```
+
+这将通过 FRP 服务器的 8080 端口暴露主机的 3000 端口。
+
+## 安全注意事项
+
+1. **保护令牌安全**：保持 `FRP_SERVER_TOKEN` 机密并使用强随机值
+2. **限制暴露**：只暴露实际需要的服务
+3. **使用加密**：对于敏感服务考虑使用 HTTPS/TLS
+4. **监控访问**：启用管理面板以监控活动连接
+
+## 故障排除
+
+### 无法连接到 FRP 服务器
+
+- 验证 `FRP_SERVER_ADDR` 和 `FRP_SERVER_PORT` 是否正确
+- 确保 FRP 服务器正在运行且可访问
+- 检查 `FRP_SERVER_TOKEN` 是否与服务器配置匹配
+
+### 无法访问本地服务
+
+- 验证 `FRP_APP_HOST` 是否正确
+- 对于主机服务，确保使用 `host.docker.internal`
+- 对于网络服务，确保 IP 地址和端口正确
+- 检查客户端和服务器端的防火墙规则
+
+## 许可证
+
+FRP 采用 Apache License 2.0 许可证。详情请参阅 [FRP GitHub 仓库](https://github.com/fatedier/frp)。

src/frpc/docker-compose.yaml

@@ -9,14 +9,23 @@ x-defaults: &defaults
 services:
   frpc:
     <<: *defaults
-    image: ${GLOBAL_REGISTRY:-}snowdreamtech/frpc:${FRPC_VERSION:-0.64.0}
+    image: ${GLOBAL_REGISTRY:-}snowdreamtech/frpc:${FRPC_VERSION:-0.65.0}
+    ports:
+      - "${FRP_ADMIN_PORT:-7400}:${FRP_ADMIN_PORT:-7400}"
     volumes:
-      - ./frpc.toml:/etc/frp/frpc.toml:ro
+      - ./frpc.toml:/etc/frp/frpc.toml
     environment:
       TZ: ${TZ:-UTC}
-      FRP_SERVER_ADDR: ${FRP_SERVER_ADDR}
-      FRP_SERVER_PORT: ${FRP_SERVER_PORT}
-      FRP_SERVER_TOKEN: ${FRP_SERVER_TOKEN}
+      FRP_SERVER_ADDR: ${FRP_SERVER_ADDR:-127.0.0.1}
+      FRP_SERVER_PORT: ${FRP_SERVER_PORT:-7000}
+      FRP_SERVER_TOKEN: ${FRP_SERVER_TOKEN:-server_token}
+      FRP_APP_HOST: ${FRP_APP_HOST:-127.0.0.1}
+      FRP_ADMIN_ADDR: ${FRP_ADMIN_ADDR:-0.0.0.0}
+      FRP_ADMIN_PORT: ${FRP_ADMIN_PORT:-7400}
+      FRP_ADMIN_USER: ${FRP_ADMIN_USER:-admin}
+      FRP_ADMIN_PASSWORD: ${FRP_ADMIN_PASSWORD:-password}
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
     deploy:
       resources:
         limits:

src/frpc/frpc.toml

@@ -1,10 +1,21 @@
-[common]
-server_addr = {{ .Envs.FRP_SERVER_ADDR }}
-server_port = {{ .Envs.FRP_SERVER_PORT }}
-token       = {{ .Envs.FRP_SERVER_TOKEN }}
+serverAddr = "{{ .Envs.FRP_SERVER_ADDR }}"
+serverPort = {{ .Envs.FRP_SERVER_PORT }}
 
-[app]
+[auth]
+token = "{{ .Envs.FRP_SERVER_TOKEN }}"
+
+[transport]
+protocol = "kcp"
+
+[webServer]
+addr = "{{ .Envs.FRP_ADMIN_ADDR }}"
+port = {{ .Envs.FRP_ADMIN_PORT }}
+user = "{{ .Envs.FRP_ADMIN_USER }}"
+password = "{{ .Envs.FRP_ADMIN_PASSWORD }}"
+
+[[proxies]]
+name = "ssh"
 type = "tcp"
-remote_port = 22
-local_ip    = {{ .Envs.APP_HOST }}
-local_port  = 22
+localPort  = 22
+remotePort = 22
+localIp    = "{{ .Envs.FRP_APP_HOST }}"