chirophy/sing-box
1
0
Fork 0
mirror of https://github.com/233boy/sing-box.git synced 2026-05-03 14:24:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: chirophy:v1.11
Branches Tags
chirophy:main
chirophy:v1.16 chirophy:v1.15 chirophy:v1.14 chirophy:v1.13 chirophy:v1.12 chirophy:v1.11 chirophy:v1.10 chirophy:v1.09 chirophy:v1.08 chirophy:v1.07 chirophy:v1.06 chirophy:v1.05 chirophy:v1.04 chirophy:v1.03 chirophy:v1.02 chirophy:v1.01 chirophy:v1.0
..
compare: chirophy:v1.16
Branches Tags
chirophy:main
chirophy:v1.16 chirophy:v1.15 chirophy:v1.14 chirophy:v1.13 chirophy:v1.12 chirophy:v1.11 chirophy:v1.10 chirophy:v1.09 chirophy:v1.08 chirophy:v1.07 chirophy:v1.06 chirophy:v1.05 chirophy:v1.04 chirophy:v1.03 chirophy:v1.02 chirophy:v1.01 chirophy:v1.0

22 Commits
v1.11 ... v1.16

Author SHA1 Message Date
233boy
3cc47489a2 Merge pull request #121 from fr0der1c/anytls 
feat: add AnyTLS protocol support
 2026-04-14 22:26:49 +08:00
frederic
b1c634a0cc feat: add AnyTLS protocol support 
- Add AnyTLS to protocol list and README
- Support self-signed TLS (default) and ACME auto-cert with domain
- Auto-detect sing-box version: use certificate_provider (>= 1.14.0)
  or tls.acme (older versions)
- Usage: sing-box add anytls [port] [password] [domain]
- Generate anytls:// share links
- Handle config read-back for change/info operations

Co-Authored-By: Oz <oz-agent@warp.dev>
 2026-04-14 21:57:43 +08:00
233boy
2b970915ee Merge pull request #119 from rowanchen-com/main 
fix: force full package install on Alpine and wait for service start
 2026-03-21 21:08:07 +08:00
rowanchen-com
2199ef62ce fix: force install full wget on Alpine to replace BusyBox version 2026-03-21 18:21:39 +08:00
rowanchen-com
4b18389b35 fix: wait for background tasks before exit to prevent output overlap 2026-03-21 18:14:18 +08:00
233boy
7effde1e08 Merge pull request #118 from rowanchen-com/main 
fix: avoid apk lock conflict on Alpine
 2026-03-21 18:08:54 +08:00
rowanchen-com
9d35760dbf fix: avoid apk lock conflict by running install_pkg synchronously on Alpine 2026-03-21 18:02:17 +08:00
233boy
c3512eb1a0 Merge pull request #117 from rowanchen-com/main 
feat: add Alpine Linux (OpenRC) support
 2026-03-17 14:18:49 +08:00
rowanchen-com
64528c4f3e fix: correct Alpine package install error message 2026-03-17 13:10:36 +08:00
rowanchen-com
735e738413 fix: use supervise-daemon for OpenRC to prevent blocking 2026-03-17 01:57:55 +08:00
rowanchen-com
f2cf8f02bf fix: add gcompat for Alpine glibc binary compatibility 2026-03-17 01:51:48 +08:00
rowanchen-com
0d160f112d feat: add Alpine Linux (OpenRC) support 2026-03-17 01:40:32 +08:00
233boy
91f04192ea Merge pull request #114 from Cherrling/main 
change `arch` to `uname -m` for better use
 2026-03-11 12:17:26 +08:00
白日梦主义
f9826e0efd change arch to uname -m for better use 2026-03-11 01:18:19 +08:00
233boy
03e905e79d fix sb dns 2026-03-02 10:37:38 +08:00
233boy
2d94cc34f9 Merge pull request #102 from Araputa/main 
add zypper support for SUSE
 2026-01-17 21:34:46 +08:00
Araputa
e97302b57a add zypper support for SUSE 2026-01-17 00:20:02 +08:00
233boy
3750157987 fix del alias 2026-01-15 08:49:54 +08:00
233boy
7c9622df74 fix install pkg tips 2025-10-13 16:28:06 +08:00
233boy
4ebcb332bc fix log display in UI 
Merge pull request #80 from Roddy-D/main
 2025-10-12 10:21:14 +08:00
dhd2333
62c5871ddc fix log display in UI 2025-10-11 13:32:23 -04:00
233boy
93d550ace3 fix sb dns 2025-08-05 13:07:15 +08:00
7 changed files with 280 additions and 52 deletions
Expand all files Collapse all files

1
README.md
View File

@@ -16,6 +16,7 @@
- 一键添加 TUIC - 一键添加 TUIC
- 一键添加 Trojan - 一键添加 Trojan
- 一键添加 Hysteria2 - 一键添加 Hysteria2
- 一键添加 AnyTLS
- 一键添加 Shadowsocks 2022 - 一键添加 Shadowsocks 2022
- 一键添加 VMess-(TCP/HTTP/QUIC) - 一键添加 VMess-(TCP/HTTP/QUIC)
- 一键添加 VMess-(WS/H2/HTTPUpgrade)-TLS - 一键添加 VMess-(WS/H2/HTTPUpgrade)-TLS

68
install.sh
View File

@@ -34,13 +34,15 @@ warn() {
# root # root
[[ $EUID != 0 ]] && err "当前非 ${yellow}ROOT用户.${none}" [[ $EUID != 0 ]] && err "当前非 ${yellow}ROOT用户.${none}"
# yum or apt-get, ubuntu/debian/centos # apt-get, yum, zypper or apk
cmd=$(type -P apt-get || type -P yum) cmd=$(type -P apt-get || type -P yum || type -P zypper || type -P apk)
[[ ! $cmd ]] && err "此脚本仅支持 ${yellow}(Ubuntu or Debian or CentOS)${none}." [[ ! $cmd ]] && err "此脚本仅支持 ${yellow}(Ubuntu or Debian or CentOS or SUSE or Alpine)${none}."
# systemd # systemd or openrc
[[ ! $(type -P systemctl) ]] && { is_systemd=$(type -P systemctl)
err "此系统缺少 ${yellow}(systemctl)${none}, 请尝试执行:${yellow} ${cmd} update -y;${cmd} install systemd -y ${none}来修复此错误." is_openrc=$(type -P rc-service)
[[ ! $is_systemd && ! $is_openrc ]] && {
err "此系统缺少 ${yellow}(systemctl 或 rc-service)${none}, 请安装 systemd 或确认 OpenRC 已启用."
} }
# wget installed or none # wget installed or none
@@ -69,7 +71,9 @@ is_log_dir=/var/log/$is_core
is_sh_bin=/usr/local/bin/$is_core is_sh_bin=/usr/local/bin/$is_core
is_sh_dir=$is_core_dir/sh is_sh_dir=$is_core_dir/sh
is_sh_repo=$author/$is_core is_sh_repo=$author/$is_core
is_pkg="wget tar" is_pkg="wget tar bash"
# Alpine: gcompat provides glibc compatibility for prebuilt binaries
[[ $cmd =~ apk ]] && is_pkg="$is_pkg gcompat jq"
is_config_json=$is_core_dir/config.json is_config_json=$is_core_dir/config.json
tmp_var_lists=( tmp_var_lists=(
tmpcore tmpcore
@@ -141,15 +145,22 @@ install_pkg() {
if [[ $cmd_not_found ]]; then if [[ $cmd_not_found ]]; then
pkg=$(echo $cmd_not_found | sed 's/,/ /g') pkg=$(echo $cmd_not_found | sed 's/,/ /g')
msg warn "安装依赖包 >${pkg}" msg warn "安装依赖包 >${pkg}"
$cmd install -y $pkg &>/dev/null if [[ $cmd =~ apk ]]; then
if [[ $? != 0 ]]; then apk update &>/dev/null
[[ $cmd =~ yum ]] && yum install epel-release -y &>/dev/null apk add $pkg &>/dev/null
$cmd update -y &>/dev/null
$cmd install -y $pkg &>/dev/null
[[ $? == 0 ]] && >$is_pkg_ok
else else
>$is_pkg_ok $cmd install -y $pkg &>/dev/null
if [[ $? != 0 ]]; then
[[ $cmd =~ yum ]] && yum install epel-release -y &>/dev/null
if [[ $cmd =~ zypper ]]; then
$cmd --non-interactive refresh &>/dev/null
else
$cmd update -y &>/dev/null
fi
$cmd install -y $pkg &>/dev/null
fi
fi fi
[[ $? == 0 ]] && >$is_pkg_ok
else else
>$is_pkg_ok >$is_pkg_ok
fi fi
@@ -198,7 +209,11 @@ check_status() {
# dependent pkg install fail # dependent pkg install fail
[[ ! -f $is_pkg_ok ]] && { [[ ! -f $is_pkg_ok ]] && {
msg err "安装依赖包失败" msg err "安装依赖包失败"
msg err "请尝试手动安装依赖包: $cmd update -y; $cmd install -y $pkg" if [[ $cmd =~ apk ]]; then
msg err "请尝试手动安装依赖包: apk update; apk add $is_pkg"
else
msg err "请尝试手动安装依赖包: $cmd update -y; $cmd install -y $is_pkg"
fi
is_fail=1 is_fail=1
} }
@@ -329,13 +344,22 @@ main() {
msg warn "${yellow}本地获取安装脚本 > $PWD ${none}" msg warn "${yellow}本地获取安装脚本 > $PWD ${none}"
} }
timedatectl set-ntp true &>/dev/null if [[ $is_systemd ]]; then
[[ $? != 0 ]] && { timedatectl set-ntp true &>/dev/null
is_ntp_on=1 [[ $? != 0 ]] && {
} is_ntp_on=1
}
fi
# install dependent pkg # install dependent pkg
install_pkg $is_pkg & if [[ $cmd =~ apk ]]; then
# Alpine: force install full versions to replace BusyBox applets
apk update &>/dev/null
apk add $is_pkg &>/dev/null
[[ $? == 0 ]] && >$is_pkg_ok
else
install_pkg $is_pkg &
fi
# jq # jq
if [[ $(type -P jq) ]]; then if [[ $(type -P jq) ]]; then
@@ -416,7 +440,7 @@ main() {
# show a tips msg # show a tips msg
msg ok "生成配置文件..." msg ok "生成配置文件..."
# create systemd service # create service
load systemd.sh load systemd.sh
is_new_install=1 is_new_install=1
install_service $is_core &>/dev/null install_service $is_core &>/dev/null
@@ -427,6 +451,8 @@ main() {
load core.sh load core.sh
# create a reality config # create a reality config
add reality add reality
# wait for background tasks (e.g., OpenRC service start)
wait
# remove tmp dir and exit. # remove tmp dir and exit.
exit_and_del_tmpdir ok exit_and_del_tmpdir ok
} }

2
sing-box.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
args=$@ args=$@
is_sh_ver=v1.11 is_sh_ver=v1.16
. /etc/sing-box/sh/src/init.sh . /etc/sing-box/sh/src/init.sh

132
src/core.sh
View File

@@ -20,6 +20,7 @@ protocol_list=(
Trojan-HTTPUpgrade-TLS Trojan-HTTPUpgrade-TLS
VLESS-REALITY VLESS-REALITY
VLESS-HTTP2-REALITY VLESS-HTTP2-REALITY
AnyTLS
# Direct # Direct
Socks Socks
) )
@@ -92,6 +93,20 @@ servername_list=(
aws.amazon.com aws.amazon.com
) )
# shuf fallback for systems without shuf (e.g., Alpine BusyBox)
if ! type -P shuf &>/dev/null; then
shuf() {
local min max n
while [[ $# -gt 0 ]]; do
case $1 in
-i) IFS=- read min max <<<"$2"; shift 2 ;;
-n) n=$2; shift 2 ;;
esac
done
echo $(( RANDOM % (max - min + 1) + min ))
}
fi
is_random_ss_method=${ss_method_list[$(shuf -i 4-6 -n1)]} # random only use ss2022 is_random_ss_method=${ss_method_list[$(shuf -i 4-6 -n1)]} # random only use ss2022
is_random_servername=${servername_list[$(shuf -i 0-${#servername_list[@]} -n1) - 1]} is_random_servername=${servername_list[$(shuf -i 0-${#servername_list[@]} -n1) - 1]}
@@ -213,7 +228,7 @@ ask() {
[[ $is_no_auto_tls ]] && { [[ $is_no_auto_tls ]] && {
unset is_tmp_list unset is_tmp_list
for v in ${protocol_list[@]}; do for v in ${protocol_list[@]}; do
[[ $(grep -i tls$ <<<$v) ]] && is_tmp_list=(${is_tmp_list[@]} $v) [[ $(grep -i "\-tls$" <<<$v) ]] && is_tmp_list=(${is_tmp_list[@]} $v)
done done
} }
is_opt_msg="\n请选择协议:\n" is_opt_msg="\n请选择协议:\n"
@@ -309,6 +324,8 @@ create() {
if [[ $host ]]; then if [[ $host ]]; then
is_config_name=$2-${host}.json is_config_name=$2-${host}.json
is_listen='listen: "127.0.0.1"' is_listen='listen: "127.0.0.1"'
elif [[ $is_anytls_domain ]]; then
is_config_name=$2-${is_anytls_domain}.json
else else
is_config_name=$2-${port}.json is_config_name=$2-${port}.json
fi fi
@@ -679,13 +696,22 @@ uninstall() {
fi fi
manage stop &>/dev/null manage stop &>/dev/null
manage disable &>/dev/null manage disable &>/dev/null
rm -rf $is_core_dir $is_log_dir $is_sh_bin ${is_sh_bin/$is_core/sb} /lib/systemd/system/$is_core.service rm -rf $is_core_dir $is_log_dir $is_sh_bin ${is_sh_bin/$is_core/sb}
sed -i "/alias $is_core=/d" /root/.bashrc if [[ $is_systemd ]]; then
rm -f /lib/systemd/system/$is_core.service
elif [[ $is_openrc ]]; then
rm -f /etc/init.d/$is_core
fi
sed -i "/$is_core/d" /root/.bashrc
# uninstall caddy; 2 is ask result # uninstall caddy; 2 is ask result
if [[ $REPLY == '2' ]]; then if [[ $REPLY == '2' ]]; then
manage stop caddy &>/dev/null manage stop caddy &>/dev/null
manage disable caddy &>/dev/null manage disable caddy &>/dev/null
rm -rf $is_caddy_dir $is_caddy_bin /lib/systemd/system/caddy.service if [[ $is_systemd ]]; then
rm -rf $is_caddy_dir $is_caddy_bin /lib/systemd/system/caddy.service
elif [[ $is_openrc ]]; then
rm -rf $is_caddy_dir $is_caddy_bin /etc/init.d/caddy
fi
fi fi
[[ $is_install_sh ]] && return # reinstall [[ $is_install_sh ]] && return # reinstall
_green "\n卸载完成!" _green "\n卸载完成!"
@@ -728,10 +754,24 @@ manage() {
is_do_name_msg=$is_core_name is_do_name_msg=$is_core_name
;; ;;
esac esac
systemctl $is_do $is_do_name if [[ $is_systemd ]]; then
systemctl $is_do $is_do_name 2>/dev/null
elif [[ $is_openrc ]]; then
case $is_do in
enable)
rc-update add $is_do_name default 2>/dev/null
;;
disable)
rc-update del $is_do_name default 2>/dev/null
;;
*)
rc-service $is_do_name $is_do 2>/dev/null
;;
esac
fi
[[ $is_test_run && ! $is_new_install ]] && { [[ $is_test_run && ! $is_new_install ]] && {
sleep 2 sleep 2
if [[ ! $(pgrep -f $is_run_bin) ]]; then if [[ ! $(pgrep -f $is_run_bin 2>/dev/null || grep -l "$is_run_bin" /proc/*/cmdline 2>/dev/null) ]]; then
is_run_fail=${is_do_name_msg,,} is_run_fail=${is_do_name_msg,,}
[[ ! $is_no_manage_msg ]] && { [[ ! $is_no_manage_msg ]] && {
msg msg
@@ -776,6 +816,9 @@ add() {
trojan) trojan)
is_new_protocol=Trojan is_new_protocol=Trojan
;; ;;
anytls)
is_new_protocol=AnyTLS
;;
socks) socks)
is_new_protocol=Socks is_new_protocol=Socks
;; ;;
@@ -792,6 +835,14 @@ add() {
# no prefer protocol # no prefer protocol
[[ ! $is_new_protocol ]] && ask set_protocol [[ ! $is_new_protocol ]] && ask set_protocol
if [[ ${is_new_protocol,,} == 'anytls' ]]; then
is_core_major=$(echo "$is_core_ver" | cut -d. -f1)
is_core_minor=$(echo "$is_core_ver" | cut -d. -f2)
if [[ ${is_core_major:-0} -lt 1 || ${is_core_major:-0} -eq 1 && ${is_core_minor:-0} -lt 12 ]]; then
err "当前 sing-box 版本 ($is_core_ver) 不支持 AnyTLS请先升级 sing-box core 到 1.12.0 或更高版本。"
fi
fi
case ${is_new_protocol,,} in case ${is_new_protocol,,} in
*-tls) *-tls)
is_use_tls=1 is_use_tls=1
@@ -829,6 +880,12 @@ add() {
is_use_door_port=$4 is_use_door_port=$4
is_add_opts="[port] [remote_addr] [remote_port]" is_add_opts="[port] [remote_addr] [remote_port]"
;; ;;
anytls*)
is_use_port=$2
is_use_pass=$3
[[ $4 ]] && is_anytls_domain=$4
is_add_opts="[port] [password] [domain]"
;;
socks) socks)
is_socks=1 is_socks=1
is_use_port=$2 is_use_port=$2
@@ -926,6 +983,14 @@ add() {
[[ $is_use_socks_pass ]] && is_socks_pass=$is_use_socks_pass [[ $is_use_socks_pass ]] && is_socks_pass=$is_use_socks_pass
fi fi
# anytls with domain (ACME TLS)
if [[ $is_anytls_domain && ! $is_change && ! $is_gen ]]; then
get_ip
host=$is_anytls_domain
get host-test
host=
fi
if [[ $is_use_tls ]]; then if [[ $is_use_tls ]]; then
if [[ ! $is_no_auto_tls && ! $is_caddy && ! $is_gen && ! $is_dont_test_host ]]; then if [[ ! $is_no_auto_tls && ! $is_caddy && ! $is_gen && ! $is_dont_test_host ]]; then
# test auto tls # test auto tls
@@ -1068,6 +1133,11 @@ get() {
is_socks_user=$username is_socks_user=$username
is_socks_pass=$password is_socks_pass=$password
# extract anytls ACME domain
[[ $is_protocol == 'anytls' ]] && {
is_anytls_domain=$(jq -r '(.inbounds[0].tls.certificate_provider.domain[0] // .inbounds[0].tls.acme.domain[0]) // empty' <<<$is_json_str 2>/dev/null)
}
is_config_name=$is_config_file is_config_name=$is_config_file
if [[ $is_caddy && $host && -f $is_caddy_conf/$host.conf ]]; then if [[ $is_caddy && $host && -f $is_caddy_conf/$host.conf ]]; then
@@ -1132,6 +1202,24 @@ get() {
is_protocol=$net is_protocol=$net
json_str="override_port:$door_port,override_address:\"$door_addr\"" json_str="override_port:$door_port,override_address:\"$door_addr\""
;; ;;
anytls*)
net=anytls
is_protocol=$net
[[ ! $password ]] && password=$uuid
is_users="users:[{password:\"$password\"}]"
if [[ $is_anytls_domain ]]; then
# sing-box >= 1.14.0 uses certificate_provider; older uses acme
is_core_minor=$(echo "$is_core_ver" | cut -d. -f2)
if [[ ${is_core_minor:-0} -ge 14 ]]; then
is_anytls_tls="tls:{enabled:true,certificate_provider:{type:\"acme\",domain:[\"$is_anytls_domain\"]}}"
else
is_anytls_tls="tls:{enabled:true,acme:{domain:[\"$is_anytls_domain\"]}}"
fi
else
is_anytls_tls="${is_tls_json/alpn\:\[\"h3\"\],/}"
fi
json_str="$is_users,$is_anytls_tls"
;;
socks*) socks*)
net=socks net=socks
is_protocol=$net is_protocol=$net
@@ -1228,13 +1316,15 @@ get() {
bash <<<$is_install_sh bash <<<$is_install_sh
;; ;;
test-run) test-run)
systemctl list-units --full -all &>/dev/null if [[ $is_systemd ]]; then
[[ $? != 0 ]] && { systemctl list-units --full -all &>/dev/null
_yellow "\n无法执行测试, 请检查 systemctl 状态.\n" [[ $? != 0 ]] && {
return _yellow "\n无法执行测试, 请检查 systemctl 状态.\n"
} return
}
fi
is_no_manage_msg=1 is_no_manage_msg=1
if [[ ! $(pgrep -f $is_core_bin) ]]; then if [[ ! $(pgrep -f $is_core_bin 2>/dev/null || grep -l "$is_core_bin" /proc/*/cmdline 2>/dev/null) ]]; then
_yellow "\n测试运行 $is_core_name ..\n" _yellow "\n测试运行 $is_core_name ..\n"
manage start &>/dev/null manage start &>/dev/null
if [[ $is_run_fail == $is_core ]]; then if [[ $is_run_fail == $is_core ]]; then
@@ -1247,7 +1337,7 @@ get() {
_green "\n$is_core_name 正在运行, 跳过测试\n" _green "\n$is_core_name 正在运行, 跳过测试\n"
fi fi
if [[ $is_caddy ]]; then if [[ $is_caddy ]]; then
if [[ ! $(pgrep -f $is_caddy_bin) ]]; then if [[ ! $(pgrep -f $is_caddy_bin 2>/dev/null || grep -l "$is_caddy_bin" /proc/*/cmdline 2>/dev/null) ]]; then
_yellow "\n测试运行 Caddy ..\n" _yellow "\n测试运行 Caddy ..\n"
manage start caddy &>/dev/null manage start caddy &>/dev/null
if [[ $is_run_fail == 'caddy' ]]; then if [[ $is_run_fail == 'caddy' ]]; then
@@ -1353,6 +1443,19 @@ info() {
is_info_str=($is_protocol $is_addr $port $uuid $is_flow $is_net_type reality $is_servername chrome $is_public_key) is_info_str=($is_protocol $is_addr $port $uuid $is_flow $is_net_type reality $is_servername chrome $is_public_key)
is_url="$is_protocol://$uuid@$is_addr:$port?encryption=none&security=reality&flow=$is_flow&type=$is_net_type&sni=$is_servername&pbk=$is_public_key&fp=chrome#233boy-$net-$is_addr" is_url="$is_protocol://$uuid@$is_addr:$port?encryption=none&security=reality&flow=$is_flow&type=$is_net_type&sni=$is_servername&pbk=$is_public_key&fp=chrome#233boy-$net-$is_addr"
;; ;;
anytls)
is_can_change=(0 1 4)
if [[ $is_anytls_domain ]]; then
is_info_show=(0 1 2 10 8)
is_info_str=($is_protocol $is_anytls_domain $port $password tls)
is_url="anytls://$password@$is_anytls_domain:$port#233boy-$net-$is_anytls_domain"
else
is_insecure=1
is_info_show=(0 1 2 10 8 20)
is_info_str=($is_protocol $is_addr $port $password tls true)
is_url="anytls://$password@$is_addr:$port?allowInsecure=1#233boy-$net-$is_addr"
fi
;;
direct) direct)
is_can_change=(0 1 7 8) is_can_change=(0 1 7 8)
is_info_show=(0 1 2 13 14) is_info_show=(0 1 2 13 14)
@@ -1536,7 +1639,8 @@ is_main_menu() {
_try_enable_bbr _try_enable_bbr
;; ;;
2) 2)
get log load log.sh
log_set
;; ;;
3) 3)
get test-run get test-run

32
src/dns.sh
View File

@@ -8,6 +8,9 @@ is_dns_list=(
none none
) )
dns_set() { dns_set() {
if [[ $(echo -e "1.11.99\n$is_core_ver" | sort -V | head -n1) == '1.11.99' ]]; then
is_dns_new=1
fi
if [[ $1 ]]; then if [[ $1 ]]; then
case ${1,,} in case ${1,,} in
11 | 1111) 11 | 1111)
@@ -46,11 +49,34 @@ dns_set() {
ask string is_dns_use "请输入 DNS: " ask string is_dns_use "请输入 DNS: "
fi fi
fi fi
is_dns_use_bak=$is_dns_use
if [[ $is_dns_use == "none" ]]; then if [[ $is_dns_use == "none" ]]; then
cat <<<$(jq '.dns={}' $is_config_json) >$is_config_json cat <<<$(jq '.|.dns={}|del(.route.default_domain_resolver)' $is_config_json) >$is_config_json
else else
cat <<<$(jq '.dns.servers=[{address:"'$is_dns_use'",address_resolver:"local"},{tag:"local",address:"local"}]' $is_config_json) >$is_config_json if [[ $is_dns_new ]]; then
dns_set_server $is_dns_use
cat <<<$(jq '.|.dns.servers=[{tag:"dns",type:"'$is_dns_type'",server:"'$is_dns_use'",domain_resolver:"local"},{tag:"local",type:"local"}]|.route.default_domain_resolver="dns"' $is_config_json) >$is_config_json
else
cat <<<$(jq '.dns.servers=[{address:"'$is_dns_use'",address_resolver:"local"},{tag:"local",address:"local"}]' $is_config_json) >$is_config_json
fi
fi fi
manage restart & manage restart &
msg "\n已更新 DNS 为: $(_green $is_dns_use)\n" msg "\n已更新 DNS 为: $(_green $is_dns_use_bak)\n"
}
dns_set_server() {
if [[ $(grep '://' <<<$1) ]]; then
is_tmp_dns_set=($(awk -F '://|/' '{print $1, $2}' <<<${1,,}))
case ${is_tmp_dns_set[0]} in
tcp | udp | tls | https | quic | h3)
is_dns_use=${is_tmp_dns_set[1]}
is_dns_type=${is_tmp_dns_set[0]}
;;
*)
err "无法识别 DNS 类型!"
;;
esac
else
is_dns_use=$1
is_dns_type=udp
fi
} }

33
src/init.sh
View File

@@ -58,11 +58,11 @@ _wget() {
wget --no-check-certificate "$@" wget --no-check-certificate "$@"
} }
# yum or apt-get # apt-get, yum, zypper or apk
cmd=$(type -P apt-get || type -P yum) cmd=$(type -P apt-get || type -P yum || type -P zypper || type -P apk)
# x64 # x64
case $(arch) in case $(uname -m) in
amd64 | x86_64) amd64 | x86_64)
is_arch="amd64" is_arch="amd64"
;; ;;
@@ -84,14 +84,20 @@ is_log_dir=/var/log/$is_core
is_sh_bin=/usr/local/bin/$is_core is_sh_bin=/usr/local/bin/$is_core
is_sh_dir=$is_core_dir/sh is_sh_dir=$is_core_dir/sh
is_sh_repo=$author/$is_core is_sh_repo=$author/$is_core
is_pkg="wget unzip tar qrencode" is_pkg="wget unzip tar qrencode bash"
is_config_json=$is_core_dir/config.json is_config_json=$is_core_dir/config.json
is_caddy_bin=/usr/local/bin/caddy is_caddy_bin=/usr/local/bin/caddy
is_caddy_dir=/etc/caddy is_caddy_dir=/etc/caddy
is_caddy_repo=caddyserver/caddy is_caddy_repo=caddyserver/caddy
is_caddyfile=$is_caddy_dir/Caddyfile is_caddyfile=$is_caddy_dir/Caddyfile
is_caddy_conf=$is_caddy_dir/$author is_caddy_conf=$is_caddy_dir/$author
is_caddy_service=$(systemctl list-units --full -all | grep caddy.service) is_systemd=$(type -P systemctl)
is_openrc=$(type -P rc-service)
if [[ $is_systemd ]]; then
is_caddy_service=$(systemctl list-units --full -all | grep caddy.service)
elif [[ $is_openrc ]]; then
[[ -f /etc/init.d/caddy ]] && is_caddy_service=1
fi
is_http_port=80 is_http_port=80
is_https_port=443 is_https_port=443
@@ -109,7 +115,7 @@ is_tls_key=$is_core_dir/bin/tls.key
rm $is_tls_tmp rm $is_tls_tmp
} }
if [[ $(pgrep -f $is_core_bin) ]]; then if [[ $(pgrep -f $is_core_bin 2>/dev/null || grep -l "$is_core_bin" /proc/*/cmdline 2>/dev/null) ]]; then
is_core_status=$(_green running) is_core_status=$(_green running)
else else
is_core_status=$(_red_bg stopped) is_core_status=$(_red_bg stopped)
@@ -117,18 +123,19 @@ else
fi fi
if [[ -f $is_caddy_bin && -d $is_caddy_dir && $is_caddy_service ]]; then if [[ -f $is_caddy_bin && -d $is_caddy_dir && $is_caddy_service ]]; then
is_caddy=1 is_caddy=1
# fix caddy run; ver >= 2.8.2 if [[ $is_systemd ]]; then
[[ ! $(grep '\-\-adapter caddyfile' /lib/systemd/system/caddy.service) ]] && { [[ -f /lib/systemd/system/caddy.service && ! $(grep '\-\-adapter caddyfile' /lib/systemd/system/caddy.service) ]] && {
load systemd.sh load systemd.sh
install_service caddy install_service caddy
systemctl restart caddy & systemctl restart caddy &
} }
fi
is_caddy_ver=$($is_caddy_bin version | head -n1 | cut -d " " -f1) is_caddy_ver=$($is_caddy_bin version | head -n1 | cut -d " " -f1)
is_tmp_http_port=$(grep -E '^ {2,}http_port|^http_port' $is_caddyfile | grep -E -o [0-9]+) is_tmp_http_port=$(grep -E '^ {2,}http_port|^http_port' $is_caddyfile | grep -E -o [0-9]+)
is_tmp_https_port=$(grep -E '^ {2,}https_port|^https_port' $is_caddyfile | grep -E -o [0-9]+) is_tmp_https_port=$(grep -E '^ {2,}https_port|^https_port' $is_caddyfile | grep -E -o [0-9]+)
[[ $is_tmp_http_port ]] && is_http_port=$is_tmp_http_port [[ $is_tmp_http_port ]] && is_http_port=$is_tmp_http_port
[[ $is_tmp_https_port ]] && is_https_port=$is_tmp_https_port [[ $is_tmp_https_port ]] && is_https_port=$is_tmp_https_port
if [[ $(pgrep -f $is_caddy_bin) ]]; then if [[ $(pgrep -f $is_caddy_bin 2>/dev/null || grep -l "$is_caddy_bin" /proc/*/cmdline 2>/dev/null) ]]; then
is_caddy_status=$(_green running) is_caddy_status=$(_green running)
else else
is_caddy_status=$(_red_bg stopped) is_caddy_status=$(_red_bg stopped)

64
src/systemd.sh
View File

@@ -1,4 +1,16 @@
# detect init system
is_systemd=$(type -P systemctl)
is_openrc=$(type -P rc-service)
install_service() { install_service() {
if [[ $is_systemd ]]; then
install_service_systemd $1
elif [[ $is_openrc ]]; then
install_service_openrc $1
fi
}
install_service_systemd() {
case $1 in case $1 in
$is_core) $is_core)
is_doc_site=https://sing-box.sagernet.org/ is_doc_site=https://sing-box.sagernet.org/
@@ -56,3 +68,55 @@ WantedBy=multi-user.target"
systemctl enable $1 systemctl enable $1
systemctl daemon-reload systemctl daemon-reload
} }
install_service_openrc() {
case $1 in
$is_core)
cat >/etc/init.d/$is_core <<EOF
#!/sbin/openrc-run
name="$is_core_name"
description="$is_core_name Service"
command="$is_core_bin"
command_args="run -c $is_config_json -C $is_conf_dir"
command_background=true
pidfile="/run/\${RC_SVCNAME}.pid"
output_log="/var/log/$is_core/access.log"
error_log="/var/log/$is_core/error.log"
supervisor=supervise-daemon
depend() {
need net
after firewall
}
EOF
chmod +x /etc/init.d/$is_core
;;
caddy)
cat >/etc/init.d/caddy <<EOF
#!/sbin/openrc-run
name="Caddy"
description="Caddy web server"
command="$is_caddy_bin"
command_args="run --environ --config $is_caddyfile --adapter caddyfile"
command_background=true
pidfile="/run/\${RC_SVCNAME}.pid"
supervisor=supervise-daemon
depend() {
need net
after firewall
}
EOF
chmod +x /etc/init.d/caddy
;;
esac
# enable
rc-update add $1 default
}