Analysis updated 2026-06-24
Run a single private VLESS relay on Koyeb's free Nano instance with a Cloudflare tunnel.
Keep a free container awake using the Cloudflare tunnel heartbeat instead of cron pings.
Read the VLESS connection link directly from Koyeb runtime logs after first boot.
Study a small two-process container managed by supervisord as a distributed-architecture exercise.
| zzzhhh1/mg-koyeb | hypnguyen1209/offensive-claude | duggasco/bc250-40cu-unlock | |
|---|---|---|---|
| Stars | 105 | 106 | 74 |
| Language | Shell | Shell | Shell |
| Setup difficulty | moderate | easy | hard |
| Complexity | 2/5 | 3/5 | 5/5 |
| Audience | developer | developer | ops devops |
Figures from each repo's GitHub metadata at analysis time.
Needs a Cloudflare account with Zero Trust enabled and a Koyeb free-tier service, the four env vars must be set before deploy.
This project, written mostly in Chinese, is a step-by-step recipe for running a single private network relay on the free tier of a hosting service called Koyeb, with traffic routed through a Cloudflare tunnel. It uses the VLESS protocol, which is a way of forwarding network traffic, and packages everything inside a small Docker container so a beginner can copy the config files and follow along without writing code. The author frames it as a learning project for distributed container architecture, and says it is not for commercial use. The author claims three main improvements over older guides. First, the secret key, called a UUID, is never written into the public repository. Instead, the container reads it from a Koyeb environment variable at startup, so the repo can stay public without exposing anything sensitive. Second, two processes run inside one Alpine Linux container, managed by supervisord: the proxy server, sing-box, and the Cloudflare tunnel client, cloudflared. Because the tunnel sends regular heartbeat packets, the free container stays awake instead of sleeping after idle time. Third, on first boot the container reads the environment variables and prints a ready-to-import VLESS link directly into the Koyeb runtime logs, so the user can copy it in one click. The README walks through four parts. Part one is creating a public GitHub repository with four files, a config.json, an entrypoint.sh, a Dockerfile, and a supervisord.conf, and letting GitHub Actions build the container image. Part two is setting up a Cloudflare Zero Trust tunnel with a chosen subdomain, the path /blog, the HTTP service type, and the local target 127.0.0.1 on port 8080, then saving the tunnel token. Part three is creating a Koyeb service from the built Docker image, opening port 8080, choosing the free Nano instance size, and supplying four environment variables: UUID, SUBDOMAIN, TUNNEL_TOKEN, and PORT. Part four is opening the Runtime Logs after deploy, copying the printed vless:// link, and pasting it into a client app like v2rayN or Shadowrocket to test the connection. The project is shared under the MIT license, with a strong notice forbidding commercial resale.
Step-by-step recipe to run a single VLESS proxy in a Docker container on Koyeb's free tier, fronted by a Cloudflare tunnel so the free instance stays awake.
Mainly Shell. The stack also includes Docker, Alpine, sing-box.
MIT license, very permissive, but the README forbids commercial resale.
Setup difficulty is rated moderate, with roughly 30min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.