From 19e50f5f6f5cf8ae0498ef01676455a62f025e1f Mon Sep 17 00:00:00 2001 From: hesoyam Date: Fri, 15 May 2026 11:52:48 +0300 Subject: [PATCH] make tun var and fixes --- README.md | 2 + generate-config.sh | 128 ++++++++++++++++++++++-------------------- quick-install.sh | 136 ++++++++++++++++++++++++++++++++++++++------- 3 files changed, 187 insertions(+), 79 deletions(-) diff --git a/README.md b/README.md index 54ff13f..b207ccc 100644 --- a/README.md +++ b/README.md @@ -77,6 +77,8 @@ https://warp-generator.github.io/ AWG 3.0 curl -fsSL https://ghettoloader.duckdns.org/hesoyam/sing-warp-socks5/raw/branch/main/quick-install.sh | sudo bash ``` + + ## Использование SOCKS5 прокси доступен на `localhost:2080` без авторизации. diff --git a/generate-config.sh b/generate-config.sh index 24040ab..d5516da 100644 --- a/generate-config.sh +++ b/generate-config.sh @@ -275,11 +275,76 @@ TUNEOF ] } RULEEOF +) + RULE_SET_RULE_PART=$(cat <<'RULEEOF' +, + { + "rule_set": [ + "antifilter_allyouneed", + "antizapret", + "cloudfront_ip_MetaCubeX", + "github_ip_you-oops-dev", + "github_karingx", + "telegram_MetaCubeX", + "refilter_ipsum" + ], + "outbound": "wireguard-out" + } +RULEEOF +) + ROUTE_RULE_SET_SECTION=$(cat <<'DEFSEOF' + "rule_set": [ + { + "tag": "antifilter_allyouneed", + "type": "local", + "format": "binary", + "path": "/opt/sing-box-warp/rules/antifilter_allyouneed.srs" + }, + { + "tag": "antizapret", + "type": "local", + "format": "binary", + "path": "/opt/sing-box-warp/rules/antizapret.srs" + }, + { + "tag": "cloudfront_ip_MetaCubeX", + "type": "local", + "format": "binary", + "path": "/opt/sing-box-warp/rules/cloudfront_ip_MetaCubeX.srs" + }, + { + "tag": "github_ip_you-oops-dev", + "type": "local", + "format": "binary", + "path": "/opt/sing-box-warp/rules/github_ip_you-oops-dev.srs" + }, + { + "tag": "github_karingx", + "type": "local", + "format": "binary", + "path": "/opt/sing-box-warp/rules/github_karingx.srs" + }, + { + "tag": "telegram_MetaCubeX", + "type": "local", + "format": "binary", + "path": "/opt/sing-box-warp/rules/telegram_MetaCubeX.srs" + }, + { + "tag": "refilter_ipsum", + "type": "local", + "format": "binary", + "path": "/opt/sing-box-warp/rules/refilter_ipsum.srs" + } + ], +DEFSEOF ) else echo "TUN disabled (SOCKS5 only)" >&2 TUN_INBOUND_PART="" TUN_ROUTE_RULE_PART="" + RULE_SET_RULE_PART="" + ROUTE_RULE_SET_SECTION="" fi if [ -n "$I1" ] || [ -n "$I2" ]; then @@ -383,10 +448,10 @@ $I2_LINE "ip_is_private": true, "outbound": "direct" }, - { + { "inbound": "mixed-in", "outbound": "wireguard-out" - } + }, { "protocol": "dns", "action": "hijack-dns" @@ -407,64 +472,9 @@ $I2_LINE "ip.sb" ], "outbound": "wireguard-out" - }, - { - "rule_set": [ - "antifilter_allyouneed", - "antizapret", - "cloudfront_ip_MetaCubeX", - "github_ip_you-oops-dev", - "github_karingx", - "telegram_MetaCubeX", - "refilter_ipsum" - ], - "outbound": "wireguard-out" - } - ], - "rule_set": [ - { - "tag": "antifilter_allyouneed", - "type": "local", - "format": "binary", - "path": "/opt/sing-box-warp/rules/antifilter_allyouneed.srs" - }, - { - "tag": "antizapret", - "type": "local", - "format": "binary", - "path": "/opt/sing-box-warp/rules/antizapret.srs" - }, - { - "tag": "cloudfront_ip_MetaCubeX", - "type": "local", - "format": "binary", - "path": "/opt/sing-box-warp/rules/cloudfront_ip_MetaCubeX.srs" - }, - { - "tag": "github_ip_you-oops-dev", - "type": "local", - "format": "binary", - "path": "/opt/sing-box-warp/rules/github_ip_you-oops-dev.srs" - }, - { - "tag": "github_karingx", - "type": "local", - "format": "binary", - "path": "/opt/sing-box-warp/rules/github_karingx.srs" - }, - { - "tag": "telegram_MetaCubeX", - "type": "local", - "format": "binary", - "path": "/opt/sing-box-warp/rules/telegram_MetaCubeX.srs" - }, - { - "tag": "refilter_ipsum", - "type": "local", - "format": "binary", - "path": "/opt/sing-box-warp/rules/refilter_ipsum.srs" - } + }$RULE_SET_RULE_PART ], +$ROUTE_RULE_SET_SECTION "final": "direct", "default_domain_resolver": "default", "auto_detect_interface": true diff --git a/quick-install.sh b/quick-install.sh index 82f8a63..c927810 100644 --- a/quick-install.sh +++ b/quick-install.sh @@ -5,8 +5,90 @@ set -e INSTALL_DIR="/opt/sing-box-warp" CONFIG_DIR="/etc/sing-box-warp" CACHE_DIR="/var/cache/sing-box-warp" +SERVICE_NAME="sing-box-warp" SING_BOX_VERSION="1.13.2-extended-1.6.2" SING_BOX_URL="https://ghettoloader.duckdns.org/hesoyam/sing-box-extended-mirror/releases/download/v${SING_BOX_VERSION}/sing-box-${SING_BOX_VERSION}-linux-amd64.tar.gz" +REINSTALL=0 + +is_existing_install() { + if [ -f "/etc/systemd/system/${SERVICE_NAME}.service" ]; then + return 0 + fi + if systemctl list-unit-files "${SERVICE_NAME}.service" --no-legend 2>/dev/null | grep -q "${SERVICE_NAME}"; then + return 0 + fi + if [ -d "$INSTALL_DIR" ] && [ -n "$(ls -A "$INSTALL_DIR" 2>/dev/null)" ]; then + return 0 + fi + if [ -f "$CONFIG_DIR/warp.conf" ]; then + return 0 + fi + return 1 +} + +stop_existing_service() { + local running=0 + + if systemctl is-active --quiet "$SERVICE_NAME" 2>/dev/null; then + running=1 + echo "Service ${SERVICE_NAME} is running, stopping..." + elif systemctl list-unit-files "${SERVICE_NAME}.service" --no-legend 2>/dev/null | grep -q "${SERVICE_NAME}"; then + echo "Service ${SERVICE_NAME} is installed but not running, stopping..." + fi + + systemctl stop "$SERVICE_NAME" 2>/dev/null || true + systemctl disable "$SERVICE_NAME" 2>/dev/null || true + + if pgrep -f "sing-box run -c ${INSTALL_DIR}/config.json" >/dev/null 2>&1; then + echo "Stopping remaining sing-box processes..." + pkill -f "sing-box run -c ${INSTALL_DIR}/config.json" 2>/dev/null || true + sleep 1 + fi + + if [ "$running" -eq 1 ] || systemctl is-failed --quiet "$SERVICE_NAME" 2>/dev/null; then + systemctl reset-failed "$SERVICE_NAME" 2>/dev/null || true + fi +} + +clean_existing_files() { + echo "Removing previous installation files..." + + rm -rf "${INSTALL_DIR:?}"/* + rm -f "$INSTALL_DIR/config.json" "$INSTALL_DIR/generate-config.sh" 2>/dev/null || true + rm -rf "$INSTALL_DIR/rules" + + rm -f "$CONFIG_DIR/enable-tun" 2>/dev/null || true + rm -rf "${CACHE_DIR:?}"/* +} + +prepare_reinstall() { + if ! is_existing_install; then + return 0 + fi + + REINSTALL=1 + echo "" + echo "=== Existing installation detected ===" + stop_existing_service + clean_existing_files + systemctl daemon-reload 2>/dev/null || true + echo "Ready for clean reinstall." + echo "" +} + +start_service() { + echo "Generating config..." + WARP_CONF="$CONFIG_DIR/warp.conf" \ + OUTPUT_CONFIG="$INSTALL_DIR/config.json" \ + ENABLE_TUN_FILE="$CONFIG_DIR/enable-tun" \ + "$INSTALL_DIR/generate-config.sh" + + echo "Starting ${SERVICE_NAME}..." + systemctl enable "$SERVICE_NAME" + systemctl start "$SERVICE_NAME" + sleep 2 + systemctl status "$SERVICE_NAME" --no-pager || true +} echo "=== Sing-Box WARP Quick Installer ===" echo "" @@ -16,6 +98,8 @@ if [ "$EUID" -ne 0 ]; then exit 1 fi +prepare_reinstall + echo "Creating directories..." mkdir -p "$INSTALL_DIR" mkdir -p "$CONFIG_DIR" @@ -45,9 +129,11 @@ echo "Without TUN, only SOCKS5 proxy on port 2080 is available." read -p "Enable TUN mode? (y/n) " -n 1 -r < /dev/tty echo if [[ $REPLY =~ ^[Yy]$ ]]; then + ENABLE_TUN=1 echo "1" > "$CONFIG_DIR/enable-tun" echo "TUN mode enabled." else + ENABLE_TUN=0 echo "0" > "$CONFIG_DIR/enable-tun" echo "TUN mode disabled (SOCKS5 only)." fi @@ -56,7 +142,10 @@ echo "" echo "Downloading sing-box..." NEED_DOWNLOAD=1 -if command -v sing-box >/dev/null 2>&1; then +if [ "$REINSTALL" -eq 1 ]; then + echo "Reinstall: updating sing-box binary..." + NEED_DOWNLOAD=1 +elif command -v sing-box >/dev/null 2>&1; then INSTALLED_VERSION=$(sing-box version 2>/dev/null | head -n 1 || true) if echo "$INSTALLED_VERSION" | grep -q "$SING_BOX_VERSION"; then NEED_DOWNLOAD=0 @@ -141,16 +230,23 @@ net.ipv4.ip_forward=1 EOF sysctl -p /etc/sysctl.d/99-sing-box-warp.conf -mkdir -p /opt/sing-box-warp/rules -wget -O /opt/sing-box-warp/rules/antifilter_allyouneed.srs https://ghettoloader.duckdns.org/hesoyam/ruwake-panel-lists/raw/branch/main/antifilter_allyouneed.srs -wget -O /opt/sing-box-warp/rules/antizapret.srs https://ghettoloader.duckdns.org/hesoyam/ruwake-panel-lists/raw/branch/main/antizapret.srs -wget -O /opt/sing-box-warp/rules/github_ip_you-oops-dev.srs https://ghettoloader.duckdns.org/hesoyam/ruwake-panel-lists/raw/branch/main/github_ip_you-oops-dev.srs -wget -O /opt/sing-box-warp/rules/github_karingx.srs https://ghettoloader.duckdns.org/hesoyam/ruwake-panel-lists/raw/branch/main/github_karingx.srs -wget -O /opt/sing-box-warp/rules/cloudfront_ip_MetaCubeX.srs https://ghettoloader.duckdns.org/hesoyam/ruwake-panel-lists/raw/branch/main/cloudfront_ip_MetaCubeX.srs -wget -O /opt/sing-box-warp/rules/telegram_MetaCubeX.srs https://ghettoloader.duckdns.org/hesoyam/ruwake-panel-lists/raw/branch/main/telegram_MetaCubeX.srs -wget -O /opt/sing-box-warp/rules/refilter_ipsum.srs https://ghettoloader.duckdns.org/hesoyam/ruwake-panel-lists/raw/branch/main/refilter_ipsum.srs - -chmod -R 775 /opt/sing-box-warp/rules +if [ "$ENABLE_TUN" = "1" ]; then + RULES_BASE="https://ghettoloader.duckdns.org/hesoyam/ruwake-panel-lists/raw/branch/main" + echo "Downloading routing rule sets..." + rm -rf "$INSTALL_DIR/rules" + mkdir -p "$INSTALL_DIR/rules" + wget -O "$INSTALL_DIR/rules/antifilter_allyouneed.srs" "$RULES_BASE/antifilter_allyouneed.srs" + wget -O "$INSTALL_DIR/rules/antizapret.srs" "$RULES_BASE/antizapret.srs" + wget -O "$INSTALL_DIR/rules/github_ip_you-oops-dev.srs" "$RULES_BASE/github_ip_you-oops-dev.srs" + wget -O "$INSTALL_DIR/rules/github_karingx.srs" "$RULES_BASE/github_karingx.srs" + wget -O "$INSTALL_DIR/rules/cloudfront_ip_MetaCubeX.srs" "$RULES_BASE/cloudfront_ip_MetaCubeX.srs" + wget -O "$INSTALL_DIR/rules/telegram_MetaCubeX.srs" "$RULES_BASE/telegram_MetaCubeX.srs" + wget -O "$INSTALL_DIR/rules/refilter_ipsum.srs" "$RULES_BASE/refilter_ipsum.srs" + chmod -R 775 "$INSTALL_DIR/rules" +else + echo "Skipping rule sets download (TUN disabled)." + rm -rf "$INSTALL_DIR/rules" +fi echo "Reloading systemd..." systemctl daemon-reload @@ -167,15 +263,15 @@ echo "" echo "SOCKS5 proxy: localhost:2080" echo "" -read -p "Start service now? (y/n) " -n 1 -r < /dev/tty -echo -if [[ $REPLY =~ ^[Yy]$ ]]; then - systemctl enable sing-box-warp - systemctl start sing-box-warp - echo "" - echo "Service started! Checking status..." - sleep 2 - systemctl status sing-box-warp --no-pager +if [ "$REINSTALL" -eq 1 ]; then + echo "Reinstall complete, starting service..." + start_service +else + read -p "Start service now? (y/n) " -n 1 -r < /dev/tty + echo + if [[ $REPLY =~ ^[Yy]$ ]]; then + start_service + fi fi echo ""