~添加ss和vmess入站支持

2026-03-10 23:41:22 +00:00 · 2025-12-20 12:54:42 +08:00
parent 8d20c90900
commit 51f5795731
6 changed files with 207 additions and 26 deletions
--- a/scripts/libs/meta_listeners.sh
+++ b/scripts/libs/meta_listeners.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+#meta内核vmess入站生成
+[ "$vms_service" = ON ] && {
+	cat >>"$TMPDIR"/yamls/listeners.yaml <<EOF
+- name: "vmess-in"
+  type: vmess
+  port: $vms_port
+  listen: 0.0.0.0
+  uuid: $vms_uuid
+  ws-path: $vms_ws_path
+EOF
+}
+#meta内核ss入站生成
+[ "$sss_service" = ON ] && {
+	cat >>"$TMPDIR"/yamls/listeners.yaml <<EOF
+- name: "ss-in"
+  port: $sss_port
+  listen: 0.0.0.0
+  cipher: $sss_cipher
+  password: $sss_pwd
+  udp: true
+EOF
+}
--- a/scripts/libs/meta_proxies.sh
+++ b/scripts/libs/meta_proxies.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+[ "$wg_service" = ON ] && {
+	cat >>"$TMPDIR"/yamls/proxies.yaml <<EOF
+- name: "wg"
+  type: wireguard
+  private-key: $wg_private_key
+  server: $wg_server
+  port: $wg_port
+  ip: $wg_ipv4
+  ipv6: $wg_ipv6
+  public-key: $wg_public_key
+  allowed-ips: ['0.0.0.0/0', '::/0']
+  pre-shared-key: $wg_pre_shared_key
+  mtu: 1420
+  udp: true
+EOF
+}
--- a/scripts/libs/sb_endpoints.sh
+++ b/scripts/libs/sb_endpoints.sh
@@ -23,7 +23,6 @@ EOF
 }

 [ "$wg_service" = ON ] && {
-	echo "$crashcore" | grep -q 'singbox' && {
 	[ -n "$wg_ipv6" ] && wg_ipv6_add=", \"$wg_ipv6\""
 	cat >"$TMPDIR"/jsons/wireguard.json <<EOF
 {
@@ -48,22 +47,4 @@ EOF
  ]
 }
 EOF
-	}
-	#meta内核wg生成
-	echo "$crashcore" | grep -q 'meta' && {
-		cat >"$TMPDIR"/yamls/wireguard.yaml <<EOF
- name: "wg"
-  type: wireguard
-  private-key: $wg_private_key
-  server: $wg_server
-  port: $wg_port
-  ip: $wg_ipv4
-  ipv6: $wg_ipv6
-  public-key: $wg_public_key
-  allowed-ips: ['0.0.0.0/0', '::/0']
-  pre-shared-key: $wg_pre_shared_key
-  mtu: 1420
-  udp: true
-EOF
-	}
 }
--- a/scripts/libs/sb_inbounds.sh
+++ b/scripts/libs/sb_inbounds.sh
@@ -0,0 +1,38 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+[ "$vms_service" = ON ] && {
+	[ -n "$vms_ws_path" ] && transport=', "transport": { "type": "ws", "path": '"$vms_ws_path"' }'
+	cat >"$TMPDIR"/jsons/vmess-in.json <<EOF
+{
+  "inbounds": [
+    {
+      "type": "vmess",
+      "tag": "vmess-in",
+      "listen": "::",
+      "listen_port": $vms_port,
+	  "users": [
+        {
+          "uuid": "$vms_uuid"
+        }
+      ]$transport
+    }
+  ]
+}
+EOF
+}
+
+[ "$sss_service" = ON ] && {
+	cat >"$TMPDIR"/jsons/ss-in.json <<EOF
+{
+  "inbounds": [
+	{
+	  "type": "shadowsocks",
+	  "tag": "ss-in",
+	  "method": "$sss_cipher",
+	  "password": "$sss_pwd",
+	}
+  ]
+}
+EOF
+}
--- a/scripts/menus/gateway.sh
+++ b/scripts/menus/gateway.sh
@@ -4,7 +4,7 @@
 CFG="$CRASHDIR"/configs/gateway.cfg
 . "$CFG"

-gateway(){
+gateway(){ #访问与控制主菜单
 	echo -----------------------------------------------
 	echo -e "\033[30;47m欢迎使用访问与控制菜单：\033[0m"
 	echo -----------------------------------------------
@@ -182,11 +182,11 @@ set_bot_tg(){
 	esac		
 }
 set_ddns(){
-	echo
+	echo 等待施工
 }
 set_vmess(){
 	echo -----------------------------------------------
-	echo -e "\033[31m注意：\033[0m启动内核服务后会自动开放相应端口公网访问，请谨慎使用！"
+	echo -e "\033[31m注意：\033[0m启动内核服务后会自动开放相应端口公网访问，请谨慎使用！\n      脚本只提供基础功能，更多需求请使用自定义配置文件功能！"
 	echo -----------------------------------------------
 	echo -e " 1 \033[32m启用/关闭\033[0mVmess入站	\033[32m$vms_service\033[0m"
 	echo -----------------------------------------------
@@ -253,6 +253,109 @@ set_vmess(){
 	*) errornum ;;
 	esac		
 }
+set_shadowsocks(){
+	[ -z "$sss_cipher" ] && sss_cipher='xchacha20-ietf-poly1305'
+	echo -----------------------------------------------
+	echo -e "\033[31m注意：\033[0m启动内核服务后会自动开放相应端口公网访问，请谨慎使用！\n      脚本只提供基础功能，更多需求请使用自定义配置文件功能！"
+	echo -----------------------------------------------
+	echo -e " 1 \033[32m启用/关闭\033[0mShadowSocks入站	\033[32m$sss_service\033[0m"
+	echo -----------------------------------------------
+	echo -e " 2 设置\033[36m监听端口\033[0m：	\033[36m$sss_port\033[0m"
+	echo -e " 3 选择\033[33m加密协议\033[0m：	\033[33m$sss_cipher\033[0m"
+	echo -e " 4 设置\033[36mpassword\033[0m：	\033[36m$sss_pwd\033[0m"
+	echo -e " 0 返回上级菜单 \033[0m"
+	echo -----------------------------------------------
+	read -p "请输入对应数字 > " num
+	case "$num" in
+	0) ;;
+	1)
+		if [ -n "$sss_port" ] && [ -n "$sss_pwd" ];then
+			[ "$sss_service" = ON ] && sss_service=OFF || sss_service=ON
+			setconfig sss_service "$sss_service"
+		else
+			echo -e "\033[31m请先完成必选设置！\033[0m"
+			sleep 1
+		fi
+		set_shadowsocks
+	;;
+	2)
+		read -p "请输入端口号(输入0删除) > " text
+		[ "$text" = 0 ] && unset sss_port
+		if sh "$CRASHDIR"/libs/check_port.sh "$text"; then
+			sss_port="$text"
+			setconfig sss_port "$text" "$CFG"
+		else
+			sleep 1
+		fi
+		set_shadowsocks
+	;;
+	3)
+		echo -----------------------------------------------
+		echo -e " 1 \033[32mxchacha20-ietf-poly1305\033[0m"
+		echo -e " 2 \033[32mchacha20-ietf-poly1305\033[0m"
+		echo -e " 3 \033[32maes-128-gcm\033[0m"
+		echo -e " 4 \033[32maes-256-gcm\033[0m"
+		ckcmd openssl && {
+			echo -----------------------------------------------
+			echo -e "\033[31m注意：\033[0m2022系列加密必须使用OpenSSL随机生成的password！"
+			echo -e " 5 \033[32m2022-blake3-chacha20-poly1305\033[0m"
+			echo -e " 6 \033[32m2022-blake3-aes-128-gcm\033[0m"
+			echo -e " 7 \033[32m2022-blake3-aes-256-gcm\033[0m"
+		}
+		echo -----------------------------------------------
+		echo -e " 0 返回上级菜单"
+		read -p "请选择要使用的加密协议 > " num
+		case "$num" in
+		1)
+			sss_cipher=xchacha20-ietf-poly1305
+			sss_pwd=$(cat /proc/sys/kernel/random/uuid)
+		;;
+		2)
+			sss_cipher=chacha20-ietf-poly1305
+			sss_pwd=$(cat /proc/sys/kernel/random/uuid)
+		;;
+		3)
+			sss_cipher=aes-128-gcm
+			sss_pwd=$(cat /proc/sys/kernel/random/uuid)
+		;;
+		4)
+			sss_cipher=aes-256-gcm
+			sss_pwd=$(cat /proc/sys/kernel/random/uuid)
+		;;
+		5)
+			sss_cipher=2022-blake3-chacha20-poly1305
+			sss_pwd=$(openssl rand --base64 32)
+		;;
+		6)
+			sss_cipher=2022-blake3-aes-128-gcm
+			sss_pwd=$(openssl rand --base64 16)
+		;;
+		7)
+			sss_cipher=2022-blake3-aes-256-gcm
+			sss_pwd=$(openssl rand --base64 32)
+		;;
+		*)
+		;;
+		esac
+		setconfig sss_cipher "$sss_cipher" "$CFG"
+		setconfig sss_pwd "$sss_pwd" "$CFG"
+		set_shadowsocks
+	;;
+	4)
+		if echo "$sss_cipher" |grep -q '2022-blake3';then
+			echo -e "\033[31m注意：\033[0m2022系列加密必须使用脚本随机生成的password！"
+			sleep 1
+		else
+			read -p "请输入秘钥(输入0删除) > " text
+			[ "$text" = 0 ] && unset sss_pwd
+			sss_pwd="$text"
+			setconfig sss_pwd "$text" "$CFG"
+		fi
+		set_shadowsocks
+	;;
+	*) errornum ;;
+	esac		
+}
 set_tailscale(){
 	[ -n "$ts_auth_key" ] && ts_auth_key_info='*********'
 	echo -----------------------------------------------
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -617,6 +617,16 @@ EOF
            IFS="$oldIFS"
        done
    }
+    #添加自定义入站
+	[ "$vms_service" = ON ] || [ "$sss_service" = ON ] && {
+		. "$CRASHDIR"/configs/gateway.cfg
+		. "$CRASHDIR"/libs/meta_listeners.sh
+	}
+    #生成自定义出站
+	[ "$wg_service" = ON ] && {
+		. "$CRASHDIR"/configs/gateway.cfg
+		. "$CRASHDIR"/libs/meta_proxies.sh
+	}
    #节点绕过功能支持
    sed -i "/#节点绕过/d" "$TMPDIR"/rules.yaml
    [ "$proxies_bypass" = "已启用" ] && {
@@ -692,10 +702,10 @@ modify_json() { #修饰singbox1.13配置文件
        cat "$TMPDIR"/format.json | sed -n '/^  "providers":/,/^  "[a-z]/p' | sed '$d' >>"$TMPDIR"/jsons/providers.json
    }
    cat "$TMPDIR"/format.json | sed -n '/"route":/,/^\(  "[a-z]\|}\)/p' | sed '$d' >>"$TMPDIR"/jsons/route.json
-    #生成log.json
+    #生成endpoints.json
 	[ "$ts_service" = ON ] || [ "$wg_service" = ON ] && {
 		. "$CRASHDIR"/configs/gateway.cfg
-		. "$CRASHDIR"/components/endpoints.sh
+		. "$CRASHDIR"/libs/sb_endpoints.sh
 	}
 	#生成log.json
    cat >"$TMPDIR"/jsons/log.json <<EOF
@@ -891,6 +901,11 @@ EOF
  ]
 }
 EOF
+    #inbounds.json添加自定义入站
+	[ "$vms_service" = ON ] || [ "$sss_service" = ON ] && {
+		. "$CRASHDIR"/configs/gateway.cfg
+		. "$CRASHDIR"/libs/sb_inbounds.sh
+	}
    if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ]; then
        [ "ipv6_redir" = '已开启' ] && ipv6_address='"fe80::e5c5:2469:d09b:609a/64",'
        cat >>"$TMPDIR"/jsons/tun.json <<EOF