explaingit

zzzhhh1/mg-koyeb

Analysis updated 2026-06-24

105ShellAudience · developerComplexity · 2/5LicenseSetup · moderate

TLDR

Step-by-step recipe to run a single VLESS proxy in a Docker container on Koyeb's free tier, fronted by a Cloudflare tunnel so the free instance stays awake.

Mindmap

mindmap
  root((mg-Koyeb))
    Inputs
      UUID
      Tunnel token
      Subdomain
    Outputs
      Docker image
      VLESS link
      Runtime logs
    Use Cases
      Personal relay
      Learn containers
      Free hosting
    Tech Stack
      Docker
      Alpine
      sing-box
      cloudflared
      supervisord
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Run a single private VLESS relay on Koyeb's free Nano instance with a Cloudflare tunnel.

USE CASE 2

Keep a free container awake using the Cloudflare tunnel heartbeat instead of cron pings.

USE CASE 3

Read the VLESS connection link directly from Koyeb runtime logs after first boot.

USE CASE 4

Study a small two-process container managed by supervisord as a distributed-architecture exercise.

What is it built with?

DockerAlpinesing-boxcloudflaredsupervisord

How does it compare?

zzzhhh1/mg-koyebhypnguyen1209/offensive-claudeduggasco/bc250-40cu-unlock
Stars10510674
LanguageShellShellShell
Setup difficultymoderateeasyhard
Complexity2/53/55/5
Audiencedeveloperdeveloperops devops

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

Needs a Cloudflare account with Zero Trust enabled and a Koyeb free-tier service, the four env vars must be set before deploy.

MIT license, very permissive, but the README forbids commercial resale.

In plain English

This project, written mostly in Chinese, is a step-by-step recipe for running a single private network relay on the free tier of a hosting service called Koyeb, with traffic routed through a Cloudflare tunnel. It uses the VLESS protocol, which is a way of forwarding network traffic, and packages everything inside a small Docker container so a beginner can copy the config files and follow along without writing code. The author frames it as a learning project for distributed container architecture, and says it is not for commercial use. The author claims three main improvements over older guides. First, the secret key, called a UUID, is never written into the public repository. Instead, the container reads it from a Koyeb environment variable at startup, so the repo can stay public without exposing anything sensitive. Second, two processes run inside one Alpine Linux container, managed by supervisord: the proxy server, sing-box, and the Cloudflare tunnel client, cloudflared. Because the tunnel sends regular heartbeat packets, the free container stays awake instead of sleeping after idle time. Third, on first boot the container reads the environment variables and prints a ready-to-import VLESS link directly into the Koyeb runtime logs, so the user can copy it in one click. The README walks through four parts. Part one is creating a public GitHub repository with four files, a config.json, an entrypoint.sh, a Dockerfile, and a supervisord.conf, and letting GitHub Actions build the container image. Part two is setting up a Cloudflare Zero Trust tunnel with a chosen subdomain, the path /blog, the HTTP service type, and the local target 127.0.0.1 on port 8080, then saving the tunnel token. Part three is creating a Koyeb service from the built Docker image, opening port 8080, choosing the free Nano instance size, and supplying four environment variables: UUID, SUBDOMAIN, TUNNEL_TOKEN, and PORT. Part four is opening the Runtime Logs after deploy, copying the printed vless:// link, and pasting it into a client app like v2rayN or Shadowrocket to test the connection. The project is shared under the MIT license, with a strong notice forbidding commercial resale.

Copy-paste prompts

Prompt 1
Walk me through mg-Koyeb part one: which files go in the GitHub repo and how GitHub Actions builds the Docker image.
Prompt 2
Set up a Cloudflare Zero Trust tunnel with the path /blog pointing to 127.0.0.1:8080 and save the tunnel token. Step-by-step.
Prompt 3
Explain how supervisord runs sing-box and cloudflared in one Alpine container, and why the UUID is read from env at startup.
Prompt 4
Modify entrypoint.sh to also print a Shadowrocket-compatible vmess link beside the vless link in the runtime logs.
Prompt 5
Compare mg-Koyeb's free Nano deployment to a $5/mo Hetzner VPS for the same VLESS relay. List the trade-offs.

Frequently asked questions

What is mg-koyeb?

Step-by-step recipe to run a single VLESS proxy in a Docker container on Koyeb's free tier, fronted by a Cloudflare tunnel so the free instance stays awake.

What language is mg-koyeb written in?

Mainly Shell. The stack also includes Docker, Alpine, sing-box.

What license does mg-koyeb use?

MIT license, very permissive, but the README forbids commercial resale.

How hard is mg-koyeb to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is mg-koyeb for?

Mainly developer.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.