~脚本进行大量拆分和优化

2026-03-10 23:41:22 +00:00 · 2025-12-25 15:50:58 +08:00
parent e62f485df4
commit 647b52e016
49 changed files with 1948 additions and 2449 deletions
--- a/scripts/starts/singbox_modify.sh
+++ b/scripts/starts/singbox_modify.sh
@@ -0,0 +1,387 @@
+#!/bin/sh
+# Copyright (C) Juewuy
+
+#默认dns
+[ -z "$dns_nameserver" ] && dns_nameserver='223.5.5.5'
+[ -z "$dns_fallback" ] && dns_fallback="1.1.1.1"
+[ -z "$dns_resolver" ] && dns_resolver="223.5.5.5"
+ #修饰singbox配置文件
+parse_singbox_dns() { #dns转换
+    first_dns=$(echo "$1" | cut -d',' -f1 | cut -d' ' -f1)
+    type=""
+    server=""
+    port=""
+    case "$first_dns" in
+        *://*)
+            type="${first_dns%%://*}"
+            tmp="${first_dns#*://}"
+            ;;
+        *)
+            type="udp"
+            tmp="$first_dns"
+            ;;
+    esac
+    case "$tmp" in
+        \[*\]*)
+            server="${tmp%%]*}"
+            server="${server#[}"
+            port="${tmp#*\]}"
+            port="${port#:}"
+            ;;
+        *)
+            server="${tmp%%[:/]*}"
+            port="${tmp#*:}"
+            [ "$port" = "$tmp" ] && port=""
+            ;;
+    esac
+    if [ -z "$port" ]; then
+        case "$type" in
+            udp|tcp) port=53 ;;
+            doh|https) port=443 ;;
+            dot|tls) port=853 ;;
+            *) port=53 ;;
+        esac
+    fi
+    # 输出
+	echo '"type": "'"$type"'", "server": "'"$server"'", "server_port": '"$port"','
+}
+modify_json() {
+    #提取配置文件以获得outbounds.json,providers.json及route.json
+    "$TMPDIR"/CrashCore format -c $core_config >"$TMPDIR"/format.json
+    echo '{' >"$TMPDIR"/jsons/outbounds.json
+    echo '{' >"$TMPDIR"/jsons/route.json
+    cat "$TMPDIR"/format.json | sed -n '/"outbounds":/,/^  "[a-z]/p' | sed '$d' >>"$TMPDIR"/jsons/outbounds.json
+    [ "$crashcore" = "singboxr" ] && {
+        echo '{' >"$TMPDIR"/jsons/providers.json
+        cat "$TMPDIR"/format.json | sed -n '/^  "providers":/,/^  "[a-z]/p' | sed '$d' >>"$TMPDIR"/jsons/providers.json
+    }
+    cat "$TMPDIR"/format.json | sed -n '/"route":/,/^\(  "[a-z]\|}\)/p' | sed '$d' >>"$TMPDIR"/jsons/route.json
+    #生成endpoints.json
+	[ "$ts_service" = ON ] || [ "$wg_service" = ON ] && {
+		. "$CRASHDIR"/configs/gateway.cfg
+		. "$CRASHDIR"/libs/sb_endpoints.sh
+	}
+	#生成log.json
+    cat >"$TMPDIR"/jsons/log.json <<EOF
+{ "log": { "level": "info", "timestamp": true } }
+EOF
+    #生成add_hosts.json
+    if [ "$hosts_opt" != "未启用" ]; then #本机hosts
+        sys_hosts=/etc/hosts
+        [ -s /data/etc/custom_hosts ] && sys_hosts=/data/etc/custom_hosts
+        #NTP劫持
+        cat >"$TMPDIR"/jsons/add_hosts.json <<EOF
+{
+  "dns": {
+    "servers": [
+      {
+        "type": "hosts",
+        "tag": "hosts",
+        "path": [
+          "$sys_hosts",
+          "$HOME/.hosts"
+        ],
+        "predefined": {
+          "localhost": [
+            "127.0.0.1",
+            "::1"
+          ],
+          "time.android.com": "203.107.6.88",
+          "time.facebook.com": "203.107.6.88"
+        }
+      }
+	],
+    "rules": [
+      {
+        "ip_accept_any": true,
+        "server": "hosts"
+      }
+	]}
+}
+EOF
+    fi
+    #生成dns.json
+    [ "$ipv6_dns" != "未开启" ] && strategy='prefer_ipv4' || strategy='ipv4_only'
+    #获取detour出口
+    auto_detour=$(grep -E '"type": "urltest"' -A 1 "$TMPDIR"/jsons/outbounds.json | grep '"tag":' | head -n 1 | sed 's/^[[:space:]]*"tag": //;s/,$//')
+    [ -z "$auto_detour" ] && auto_detour=$(grep -E '"type": "selector"' -A 1 "$TMPDIR"/jsons/outbounds.json | grep '"tag":' | head -n 1 | sed 's/^[[:space:]]*"tag": //;s/,$//')
+    [ -z "$auto_detour" ] && auto_detour='"DIRECT"'
+    #根据dns模式生成
+    [ "$dns_mod" = "redir_host" ] && {
+        global_dns=dns_proxy
+        direct_dns='{ "inbound": [ "dns-in" ], "server": "dns_direct" }'
+    }
+    [ "$dns_mod" = "fake-ip" ] || [ "$dns_mod" = "mix" ] && {
+        global_dns=dns_fakeip
+        fake_ip_filter_domain=$(cat ${CRASHDIR}/configs/fake_ip_filter ${CRASHDIR}/configs/fake_ip_filter.list 2>/dev/null | grep -Ev '#|\*|\+|Mijia' | sed '/^\s*$/d' | awk '{printf "\"%s\", ",$1}' | sed 's/, $//')
+        fake_ip_filter_suffix=$(cat ${CRASHDIR}/configs/fake_ip_filter ${CRASHDIR}/configs/fake_ip_filter.list 2>/dev/null | grep -v '.\*' | grep -E '\*|\+' | sed 's/^[*+]\.//' | awk '{printf "\"%s\", ",$1}' | sed 's/, $//')
+        fake_ip_filter_regex=$(cat ${CRASHDIR}/configs/fake_ip_filter ${CRASHDIR}/configs/fake_ip_filter.list 2>/dev/null | grep '.\*' | sed 's/\./\\\\./g' | sed 's/\*/.\*/' | sed 's/^+/.\+/' | awk '{printf "\"%s\", ",$1}' | sed 's/, $//')
+        [ -n "$fake_ip_filter_domain" ] && fake_ip_filter_domain="{ \"domain\": [$fake_ip_filter_domain], \"server\": \"dns_direct\" },"
+        [ -n "$fake_ip_filter_suffix" ] && fake_ip_filter_suffix="{ \"domain_suffix\": [$fake_ip_filter_suffix], \"server\": \"dns_direct\" },"
+        [ -n "$fake_ip_filter_regex" ] && fake_ip_filter_regex="{ \"domain_regex\": [$fake_ip_filter_regex], \"server\": \"dns_direct\" },"
+        proxy_dns='{ "query_type": ["A", "AAAA"], "server": "dns_fakeip", "strategy": "'"$strategy"'", "rewrite_ttl": 1 }'
+        #mix模式插入fakeip过滤规则
+        [ "$dns_mod" = "mix" ] && direct_dns='{ "rule_set": ["cn"], "server": "dns_direct" },'
+    }
+    [ "$dns_mod" = "route" ] && {
+        global_dns=dns_proxy
+        direct_dns='{ "rule_set": ["cn"], "server": "dns_direct" }'
+    }
+    #防泄露设置
+    [ "$dns_protect" = "OFF" ] && sed -i 's/"server": "dns_proxy"/"server": "dns_direct"/g' "$TMPDIR"/jsons/route.json
+    #生成add_rule_set.json
+    [ "$dns_mod" = "mix" ] || [ "$dns_mod" = "route" ] &&
+        [ -z "$(cat "$CRASHDIR"/jsons/*.json | grep -Ei '"tag" *: *"cn"')" ] &&
+        cat >"$TMPDIR"/jsons/add_rule_set.json <<EOF
+{
+  "route": {
+    "rule_set": [
+      {
+        "tag": "cn",
+        "type": "local",
+        "path": "./ruleset/cn.srs"
+      }
+    ]
+  }
+}
+EOF
+    cat >"$TMPDIR"/jsons/dns.json <<EOF
+{
+  "dns": {
+    "servers": [
+      {
+        "tag": "dns_proxy",
+        $(parse_singbox_dns "$dns_fallback")
+		"routing_mark": $routing_mark,
+		"detour": $auto_detour,
+        "domain_resolver": "dns_resolver"
+      },
+      {
+        "tag": "dns_direct",
+        $(parse_singbox_dns "$dns_nameserver")
+		"routing_mark": $routing_mark,
+        "domain_resolver": "dns_resolver"
+      },
+      {
+        "tag": "dns_fakeip",
+        "type": "fakeip",
+        "inet4_range": "28.0.0.0/8",
+        "inet6_range": "fc00::/16"
+      },
+      {
+        "tag": "dns_resolver",
+        $(parse_singbox_dns "$dns_resolver")
+		"routing_mark": $routing_mark
+      }
+    ],
+    "rules": [
+      { "clash_mode": "Direct", "server": "dns_direct", "strategy": "$strategy" },
+      { "domain_suffix": ["services.googleapis.cn"], "server": "dns_fakeip", "strategy": "$strategy", "rewrite_ttl": 1 },
+      $fake_ip_filter_domain
+      $fake_ip_filter_suffix
+      $fake_ip_filter_regex
+	  { "clash_mode": "Global", "query_type": ["A", "AAAA"], "server": "$global_dns", "strategy": "$strategy", "rewrite_ttl": 1 },
+      $direct_dns
+	  $proxy_dns
+    ],
+    "final": "dns_proxy",
+	"strategy": "$strategy",
+    "independent_cache": true,
+    "reverse_mapping": true
+  }
+}
+EOF
+    #生成add_route.json
+    #域名嗅探配置
+    [ "$sniffer" = "已启用" ] && sniffer_set='{ "inbound": [ "redirect-in", "tproxy-in", "tun-in" ], "action": "sniff", "timeout": "500ms" },'
+	[ "advertise_exit_node" = true ] && tailscale_set='{ "inbound": [ "ts-ep" ], "port": 53, "action": "hijack-dns" },'
+    cat >"$TMPDIR"/jsons/add_route.json <<EOF
+{
+  "route": {
+	"default_domain_resolver": "dns_resolver",
+    "default_mark": $routing_mark,
+	"rules": [
+	  { "inbound": [ "dns-in" ], "action": "hijack-dns" },
+	  $tailscale_set
+	  $sniffer_set
+      { "clash_mode": "Direct" , "outbound": "DIRECT" },
+      { "clash_mode": "Global" , "outbound": "GLOBAL" }
+	]
+  }
+}
+EOF
+    #生成certificate.json
+    cat >"$TMPDIR"/jsons/certificate.json <<EOF
+{
+  "certificate": {
+    "store": "mozilla"
+  }
+}
+EOF
+    #生成inbounds.json
+    [ -n "$authentication" ] && {
+        username=$(echo $authentication | awk -F ':' '{print $1}') #混合端口账号密码
+        password=$(echo $authentication | awk -F ':' '{print $2}')
+        userpass='"users": [{ "username": "'$username'", "password": "'$password'" }], '
+    }
+    cat >"$TMPDIR"/jsons/inbounds.json <<EOF
+{
+  "inbounds": [
+    {
+      "type": "mixed",
+      "tag": "mixed-in",
+      "listen": "::",
+      $userpass
+      "listen_port": $mix_port
+    },
+    {
+      "type": "direct",
+      "tag": "dns-in",
+      "listen": "::",
+      "listen_port": $dns_port
+    },
+    {
+      "type": "redirect",
+      "tag": "redirect-in",
+      "listen": "::",
+      "listen_port": $redir_port
+    },
+    {
+      "type": "tproxy",
+      "tag": "tproxy-in",
+      "listen": "::",
+      "listen_port": $tproxy_port
+    }
+  ]
+}
+EOF
+    #inbounds.json添加自定义入站
+	[ "$vms_service" = ON ] || [ "$sss_service" = ON ] && {
+		. "$CRASHDIR"/configs/gateway.cfg
+		. "$CRASHDIR"/libs/sb_inbounds.sh
+	}
+    if [ "$redir_mod" = "混合模式" -o "$redir_mod" = "Tun模式" ]; then
+        [ "ipv6_redir" = '已开启' ] && ipv6_address='"fe80::e5c5:2469:d09b:609a/64",'
+        cat >>"$TMPDIR"/jsons/tun.json <<EOF
+{
+  "inbounds": [
+    {
+      "type": "tun",
+      "tag": "tun-in",
+      "interface_name": "utun",
+      "address": [
+        $ipv6_address
+        "28.0.0.1/30"
+      ],
+      "auto_route": false,
+      "stack": "system"
+    }
+  ]
+}
+EOF
+    fi
+    #生成add_outbounds.json
+    grep -qE '"tag": "DIRECT"' "$TMPDIR"/jsons/outbounds.json || add_direct='{ "tag": "DIRECT", "type": "direct" }'
+    grep -qE '"tag": "REJECT"' "$TMPDIR"/jsons/outbounds.json || add_reject='{ "tag": "REJECT", "type": "block" }'
+    grep -qE '"tag": "GLOBAL"' "$TMPDIR"/jsons/outbounds.json || {
+        auto_proxies=$(grep -E '"type": "(selector|urltest)"' -A 1 "$TMPDIR"/jsons/outbounds.json | grep '"tag":' | sed 's/^[[:space:]]*"tag": //;$ s/,$//')
+        [ -n "$auto_proxies" ] && add_global='{ "tag": "GLOBAL", "type": "selector", "outbounds": ['"$auto_proxies"', "DIRECT"]}'
+    }
+    [ -n "$add_direct" -a -n "$add_reject" ] && add_direct="${add_direct},"
+    [ -n "$add_reject" -a -n "$add_global" ] && add_reject="${add_reject},"
+    [ -n "$add_direct$add_reject$add_global" ] && cat >"$TMPDIR"/jsons/add_outbounds.json <<EOF
+{
+  "outbounds": [
+	$add_direct
+	$add_reject
+	$add_global
+  ]
+}
+EOF
+    #生成experimental.json
+    cat >"$TMPDIR"/jsons/experimental.json <<EOF
+{
+  "experimental": {
+    "clash_api": {
+      "external_controller": "0.0.0.0:$db_port",
+      "external_ui": "ui",
+	  "external_ui_download_url": "$external_ui_url",
+      "secret": "$secret",
+      "default_mode": "Rule"
+    }
+  }
+}
+EOF
+    #生成自定义规则文件
+    [ -n "$(grep -Ev ^# "$CRASHDIR"/yamls/rules.yaml 2>/dev/null)" ] && {
+        cat "$CRASHDIR"/yamls/rules.yaml |
+            sed '/#.*/d' |
+            sed 's/,no-resolve//g' |
+            grep -oE '\-.*,.*,.*' |
+            sed 's/- DOMAIN-SUFFIX,/{ "domain_suffix": [ "/g' |
+            sed 's/- DOMAIN-KEYWORD,/{ "domain_keyword": [ "/g' |
+            sed 's/- IP-CIDR,/{ "ip_cidr": [ "/g' |
+            sed 's/- SRC-IP-CIDR,/{ "._ip_cidr": [ "/g' |
+            sed 's/- DST-PORT,/{ "port": [ "/g' |
+            sed 's/- SRC-PORT,/{ "._port": [ "/g' |
+            sed 's/- GEOIP,/{ "geoip": [ "/g' |
+            sed 's/- GEOSITE,/{ "geosite": [ "/g' |
+            sed 's/- IP-CIDR6,/{ "ip_cidr": [ "/g' |
+            sed 's/- DOMAIN,/{ "domain": [ "/g' |
+            sed 's/- PROCESS-NAME,/{ "process_name": [ "/g' |
+            sed 's/,/" ], "outbound": "/g' |
+            sed 's/$/" },/g' |
+            sed '1i\{ "route": { "rules": [ ' |
+            sed '$s/,$/ ] } }/' >"$TMPDIR"/jsons/cust_add_rules.json
+        [ ! -s "$TMPDIR"/jsons/cust_add_rules.json ] && rm -rf "$TMPDIR"/jsons/cust_add_rules.json
+    }
+    #清理route.json中的process_name规则以及"auto_detect_interface"
+    sed -i '/"process_name": \[/,/],$/d' "$TMPDIR"/jsons/route.json
+    sed -i '/"process_name": "[^"]*",/d' "$TMPDIR"/jsons/route.json
+    sed -i 's/"auto_detect_interface": true/"auto_detect_interface": false/g' "$TMPDIR"/jsons/route.json
+    #跳过本地tls证书验证
+    if [ "$skip_cert" != "未开启" ]; then
+        sed -i 's/"insecure": false/"insecure": true/' "$TMPDIR"/jsons/outbounds.json "$TMPDIR"/jsons/providers.json 2>/dev/null
+    else
+        sed -i 's/"insecure": true/"insecure": false/' "$TMPDIR"/jsons/outbounds.json "$TMPDIR"/jsons/providers.json 2>/dev/null
+    fi
+    #判断可用并修饰outbounds&providers&route.json结尾
+    for file in outbounds providers route; do
+        if [ -n "$(grep ${file} "$TMPDIR"/jsons/${file}.json 2>/dev/null)" ]; then
+            sed -i 's/^  },$/  }/; s/^  ],$/  ]/' "$TMPDIR"/jsons/${file}.json
+            echo '}' >>"$TMPDIR"/jsons/${file}.json
+        else
+            rm -rf "$TMPDIR"/jsons/${file}.json
+        fi
+    done
+    #加载自定义配置文件
+    mkdir -p "$TMPDIR"/jsons_base
+    #以下为覆盖脚本的自定义文件
+    for char in log dns ntp certificate experimental; do
+        [ -s "$CRASHDIR"/jsons/${char}.json ] && {
+            ln -sf "$CRASHDIR"/jsons/${char}.json "$TMPDIR"/jsons/cust_${char}.json
+            mv -f "$TMPDIR"/jsons/${char}.json "$TMPDIR"/jsons_base #如果重复则临时备份
+        }
+    done
+    #以下为增量添加的自定义文件
+    for char in others endpoints inbounds outbounds providers route services; do
+        [ -s "$CRASHDIR"/jsons/${char}.json ] && {
+            ln -sf "$CRASHDIR"/jsons/${char}.json "$TMPDIR"/jsons/cust_${char}.json
+        }
+    done
+    #测试自定义配置文件
+    if ! error=$("$TMPDIR"/CrashCore check -D "$BINDIR" -C "$TMPDIR"/jsons 2>&1); then
+        echo $error
+        error_file=$(echo $error | grep -Eo 'cust.*\.json' | sed 's/cust_//g')
+        [ "$error_file" = 'add_rules.json' ] && error_file="$CRASHDIR"/yamls/rules.yaml自定义规则 || error_file="$CRASHDIR"/jsons/$error_file
+        logger "自定义配置文件校验失败，请检查【${error_file}】文件！" 31
+        logger "尝试使用基础配置文件启动~" 33
+        #清理自定义配置文件并还原基础配置
+        rm -rf "$TMPDIR"/jsons/cust_*
+        mv -f "$TMPDIR"/jsons_base/* "$TMPDIR"/jsons 2>/dev/null
+    fi
+    #清理缓存
+    rm -rf "$TMPDIR"/*.json
+    rm -rf "$TMPDIR"/jsons_base
+    return 0
+}