在 Ubuntu 20.04 上安装 Mihomo

Docker Pull Timeout

Unfortunately, docker hub has been banned in mainland China due to some reasons. So many docker register proxy website were stopped, and the docker pull command output is here, when you use docker pull.

$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
docker: Error response from daemon: Get "https://registry-1.docker.io/v2/": net/http: request canceled while waiting
for connection (Client.Timeout exceeded while awaiting headers).
See 'docker run --help'.

I try to use the LAN proxy, it doesn’t work, so i think the best way is to deploy mihomo in TUN mode on my development machine, maybe use Docker Images Proxy, but i don’t want to use it.

Simple Usage

Download the latest Mihomo release package using Github Proxy and move it to /usr/local/bin/mihomo.

curl -O -L https://gh.llkk.cc/https://github.com/MetaCubeX/mihomo/releases/download/v1.18.9/mihomo-linux-arm64-v1.18.9.gz
gunzip mihomo-linux-arm64-v1.18.9.gz
sudo mv mihomo-linux-arm64-v1.18.9 /usr/local/bin/mihomo
sudo chmod +x /usr/local/bin/mihomo

Download your Mihomo configuration to /etc/mihomo/config.yaml.

sudo mkdir -p /etc/mihomo
sudo curl -o /etc/mihomo/config.yaml https://sub.reajason.eu.org/clash.yaml

Create a systemd configuration file /etc/systemd/system/mihomo.service.

sudo vim /etc/systemd/system/mihomo.service

[Unit]
Description=mihomo Daemon, Another Clash Kernel
After=network.target NetworkManager.service systemd-networkd.service iwd.service
[Service]
Type=simple
LimitNPROC=500
LimitNOFILE=1000000
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SYS_TIME CAP_SYS_PTRACE CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW CAP_NET_BIND_SERVICE CAP_SYS_TIME CAP_SYS_PTRACE CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE
Restart=always
ExecStartPre=/usr/bin/sleep 1s
ExecStart=/usr/local/bin/mihomo -d /etc/mihomo
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

Start the mihomo service using systemctl.

sudo systemctl daemon-reload # Reload systemd
sudo systemctl enable mihomo # Start when start up
sudo systemctl start mihomo # Start Mihomo

# Other systemctl command
# If you change the config.yaml, use this command to reload config
sudo systemctl reload mihomo
# Show the status of Mihomo
sudo systemctl status mihomo
# Show the running logs of Mihomo
sudo journalctl -u mihomo -o cat -f

Edit /etc/sysctl.conf to allow ipv4 and ipv6 forward, and open the following switch.

sudo vim /etc/sysctl.conf

# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1

If the edit was successful, use the reboot command to reboot your system.

Then use curl to check the mihomo proxy. (if you run systemctl enable mihomo, the computer will start mihomo on startup)

curl -v https://www.google.com

sudo docker pull hello-world

result3600×2338 232 KB

Tips

TUN

System proxy does not work for docker pull, but tun mode does, here is my tun mode config. Check the sub link for my entir mihomo configuration.

tun:
  enable: true
  stack: mixed
  strict_route: true
  auto-route: true
  auto-redirect: true
  auto-detect-interface: true
  dns-hijack:
    - any:53
    - tcp://any:53

dns:
  enable: true
  prefer-h3: true
  ipv6: true
  listen: 0.0.0.0:53
  fake-ip-range: 198.18.0.1/16
  enhanced-mode: fake-ip
  fake-ip-filter: [ 'rule-set:fakeip-filter,private,cn' ]
  nameserver:
    - https://doh.pub/dns-query
    - https://dns.alidns.com/dns-query

External Control

Maybe you can consider using metacube to control your mihomo runtime config. Open the external control by adding follow config to your mihomo config.

The entrypoint is http://127.0.0.1:9090/ui.

external-controller: 127.0.0.1:9090
external-ui: ui
external-ui-url: https://github.com/MetaCubeX/metacubexd/archive/refs/heads/gh-pages.zip

If you want to use public ip, use follow config, make sure to use secret to protect your mihomo.

The entrypoint is http://publicip:9090/ui.

external-controller: 0.0.0.0:9090
secret: "generateLZQ*HRSP$kC4Nlpu"
external-ui: ui
external-ui-url: https://github.com/MetaCubeX/metacubexd/archive/refs/heads/gh-pages.zip

See the official tutorial docs for other config of external control configurations.

Diagnostic

It’s possible that your mihomo service is not running as expected or maybe your proxy is not working, set the log level to debug and check the running logs.

log-level: debug

Reload and check the runing log.

sudo systemctl reload mihomo
sudo jornalctl -u mihomo -o cat -f

Thanks

1. 创建运行服务 - 虚空终端 Docs
2. Linux 搭建 mihomo(2024.8.11)
3. Linux 系统 mihomo 安装教程
4. 搭载 mihomo 内核进行 DNS 分流教程-ruleset 方案
5. Clash-Butler - 节点测速合并

一星期前，倒腾了这个，没整明白，放弃了 先mark了 明天看

有点厉害支持~~

有点厉害了

早上刚好部署了一次

我也是折腾好几次，终于成功了，不容易，所以赶紧记录一下

感谢大佬教程

好奇点击来，结果看到满篇英语，直接放弃查看了

抄作业的， 记得下载对应的 mihomo 架构的安装包。 楼主用的 arm

不太理解在中文论坛发纯英文帖子配中文标题的想法

大佬请问下,配置文件 config.yml 是怎么弄的? 自己的订阅地址放在哪

shellcrash 简单些 可以试试

放在这儿，/etc/mihomo/config.yaml，只能自己下载下来重命名到这儿

好的谢谢大佬

有个待解决的问题，开启 TUN 模式之后，通过 docker 启动的容器服务（例如 springboot）无法通过外部 IP 进行访问只能通过 localhost，暂时的解决办法是 docker 容器使用主机模式启动。

有一个可用的方案，不过不太完美，[求助] 开启mihomo后，无法访问docker容器，并且之前进行的外网端口映射也打不开。 · Issue #1260 · MetaCubeX/mihomo · GitHub

我遇到了另一个问题，麻烦大佬能看一下吗：

我的debian12上安装了mihomo代理软件和sing-box代理软件，在使用tun代理过程中（同时只启用了一个软件，没有两个软件同时启用），均发现debian12上可以直接访问外部网络，但是docker容器中均无法访问外部网络，症状为：代理软件能劫持到容器的dns请求，容器也能够ping通外部网络的IP，但是容器访问外部网络均超时，代理软件中也没有检测到访问网站的请求。

我在两台Debian12服务器上都尝试了，其中一台会出现这样的问题，另一台却没有问题。docker container能够curl ip.sb并输出正确的代理IP。