├── .github
└── workflows
│ ├── build.yml
│ └── mirror.yml
├── Dockerfile
├── README.md
├── config.conf
├── docker_init.sh
├── force_version
└── sing-box.sh
/.github/workflows/build.yml:
--------------------------------------------------------------------------------
1 | name: "Build and push images"
2 |
3 | on:
4 | workflow_dispatch:
5 |
6 | jobs:
7 | Build:
8 | runs-on: ubuntu-latest
9 | name: "Build Sing-box image"
10 | env:
11 | DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
12 | DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
13 | DOCKERHUB_REPOSITORY: ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest
14 |
15 | steps:
16 | - name: Checkout code
17 | uses: actions/checkout@v4.1.1
18 | with:
19 | fetch-depth: 0
20 |
21 | - name: Set up QEMU
22 | uses: docker/setup-qemu-action@v3.0.0
23 |
24 | - name: Set up Docker Buildx
25 | uses: docker/setup-buildx-action@v3.0.0
26 |
27 | - name: Login to DockerHub
28 | uses: docker/login-action@v3.0.0
29 | with:
30 | username: ${{ env.DOCKER_USERNAME }}
31 | password: ${{ env.DOCKER_PASSWORD }}
32 |
33 | - name: Push images to Docker hub
34 | uses: docker/build-push-action@v5.1.0
35 | with:
36 | push: true
37 | platforms: linux/amd64, linux/arm64, linux/arm/v7
38 | tags: ${{ env.DOCKERHUB_REPOSITORY }}
--------------------------------------------------------------------------------
/.github/workflows/mirror.yml:
--------------------------------------------------------------------------------
1 | name: GitHub Actions Mirror
2 |
3 | on:
4 | workflow_dispatch:
5 | schedule:
6 | - cron: '15 20 * * *'
7 |
8 | jobs:
9 | mirror_to_gitlab:
10 | runs-on: ubuntu-latest
11 | steps:
12 | - name: 'Checkout'
13 | uses: actions/checkout@v4.2.2
14 | with:
15 | fetch-depth: 0
16 | - name: 'Mirror to gitlab'
17 | uses: fscarmen/repository-mirroring-action@v1.0.0
18 | with:
19 | target_repo_url:
20 | git@gitlab.com:${{ github.repository }}.git
21 | ssh_private_key:
22 | ${{ secrets.PRIVATE_KEY }}
23 |
24 | mirror_to_bitbucket:
25 | runs-on: ubuntu-latest
26 | steps:
27 | - name: 'Checkout'
28 | uses: actions/checkout@v4.2.2
29 | with:
30 | fetch-depth: 0
31 | - name: 'Mirror to bitbucket'
32 | uses: fscarmen/repository-mirroring-action@v1.0.0
33 | with:
34 | target_repo_url:
35 | git@bitbucket.org:${{ github.repository }}.git
36 | ssh_private_key:
37 | ${{ secrets.PRIVATE_KEY }}
38 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | # 第一个阶段:使用 OpenSSL 生成证书文件
2 | FROM alpine/openssl:latest AS openssl
3 |
4 | # 生成私钥和证书
5 | RUN openssl ecparam -genkey -name prime256v1 -out /private.key && \
6 | openssl req -new -x509 -days 36500 -key /private.key -out /cert.pem -subj "/CN=mozilla.org"
7 |
8 | # 第二个阶段:使用 Alpine 镜像并复制证书文件
9 | FROM alpine:latest
10 | ARG TARGETARCH
11 | ENV ARCH=$TARGETARCH
12 |
13 | # 设置工作目录
14 | WORKDIR /sing-box
15 |
16 | # 从第一个阶段的 OpenSSL 镜像中复制证书文件到当前镜像
17 | COPY --from=openssl /private.key /sing-box/cert/private.key
18 | COPY --from=openssl /cert.pem /sing-box/cert/cert.pem
19 | COPY docker_init.sh /sing-box/init.sh
20 |
21 | RUN set -ex &&\
22 | apk add --no-cache supervisor wget nginx bash &&\
23 | mkdir -p /sing-box/conf /sing-box/subscribe /sing-box/logs &&\
24 | chmod +x /sing-box/init.sh &&\
25 | rm -rf /var/cache/apk/*
26 |
27 | CMD [ "./init.sh" ]
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # 【Sing-box 全家桶】
2 |
3 | * * *
4 |
5 | # 目录
6 |
7 | - [1.更新信息](README.md#1更新信息)
8 | - [2.项目特点](README.md#2项目特点)
9 | - [3.Sing-box for VPS 运行脚本](README.md#3sing-box-for-vps-运行脚本)
10 | - [4.无交互极速安装](README.md#4无交互极速安装)
11 | - [5.Token Argo Tunnel 方案设置任意端口回源以使用 cdn](README.md#5token-argo-tunnel-方案设置任意端口回源以使用-cdn)
12 | - [6.Vmess / Vless 方案设置任意端口回源以使用 cdn](README.md#6vmess--vless-方案设置任意端口回源以使用-cdn)
13 | - [7.Docker 和 Docker compose 安装](README.md#7docker-和-docker-compose-安装)
14 | - [8.Nekobox 设置 shadowTLS 方法](README.md#8nekobox-设置-shadowtls-方法)
15 | - [9.主体目录文件及说明](README.md#9主体目录文件及说明)
16 | - [10.鸣谢下列作者的文章和项目](README.md#10鸣谢下列作者的文章和项目)
17 | - [11.免责声明](README.md#11免责声明)
18 |
19 |
20 | * * *
21 | ## 1.更新信息
22 | 2025.04.25 v1.2.17 1. Added the ability to change CDNs online using [sb -d]; 2. Change GitHub proxy; 3. Optimize code; 1. 新增使用 [sb -d] 在线更换 CDN 功能; 2. 更改 GitHub 代理; 3. 优化代码
23 |
24 | 2025.04.06 v1.2.16 Use OpenRC on Alpine to replace systemctl (Python3-compatible version); 在 Alpine 系统中使用 OpenRC 取代兼容 Python3 的 systemctl 实现
25 |
26 | 2025.04.05 v1.2.15 Supports output for clients such as Shadowrocket, Clash Mihomo, and Sing-box; 支持小火箭、Clash Mihomo、Sing-box 客户端输出
27 |
28 | 2025.03.23 v1.2.14 Added support for the AnyTLS protocol. Thanks to [Betterdoitnow] for providing the configuration; 新增对 AnyTLS 协议的支持,感谢 [Betterdoitnow] 提供的配置
29 |
30 |
31 | 历史更新 history(点击即可展开或收起)
32 |
33 |
34 | >2025.03.18 v1.2.13 Compatible with Sing-box 1.12.0-alpha.18+; 适配 Sing-box 1.12.0-alpha.18+
35 | >
36 | >2025.01.31 v1.2.12 In order to prevent sing-box from upgrading to a certain version which may cause errors, add a mandatory version file; 以防止sing-box某个版本升级导致运行报错,增加强制指定版本号文件
37 | >
38 | >2025.01.28 v1.2.11 1. Add server-side time synchronization configuration; 2. Replace some CDNs; 3. Fix the bug of getting the latest version error when upgrading; 1. 添加服务端时间同步配置; 2. 替换某些 CDN; 3. 修复升级时获取最新版本错误的 bu
39 | >
40 | >2024.12.31 v1.2.10 Adapted v1.11.0-beta.17 to add port hopping for hysteria2 in sing-box client output; 适配 v1.11.0-beta.17,在 sing-box 客户端输出中添加 hysteria2 的端口跳跃
41 | >
42 | >2024.12.29 v1.2.9 Refactored the chatGPT detection method based on lmc999's detection and unlocking script; 根据 lmc999 的检测解锁脚本,重构了检测 chatGPT 方法
43 | >
44 | >2024.12.10 v1.2.8 Thank you to the veteran player Fan Glider Fangliding for the technical guidance on Warp's routing! 感谢资深玩家 风扇滑翔翼 Fangliding 关于 Warp 的分流的技术指导
45 | >
46 | >2024.12.10 v1.2.7 Compatible with Sing-box 1.11.0-beta.8+. Thanks to the PR from brother Maxrxf. I've already given up myself; 适配 Sing-box 1.11.0-beta.8+,感谢 Maxrxf 兄弟的 PR,我自己已经投降的了
47 | >
48 | >2024.10.28 v1.2.6 1. Fixed the bug that clash subscription failed when [-n] re-fetches the subscription; 2. vmess + ws encryption changed from none to auto; 3. Replaced a CDN; 1. 修复 [-n] 重新获取订阅时,clash 订阅失效的bug; 2. vmess + ws 加密方式从none改为auto; 3. 更换了一个 CDN
49 | >
50 | >2024.08.06 v1.2.5 Add detection of TCP brutal. Sing-box will not use this module if not installed. 增加 TCP brutal 的检测,如果没有安装,Sing-box 将不使用该模块
51 | >
52 | >2024.05.09 v1.2.4 Add hysteria2 port hopping. Supported Clients: ShadowRocket / NekoBox / Clash; 添加 hysteria2 的跳跃端口,支持客户端: ShadowRocket / NekoBox / Clash
53 | >
54 | >2024.05.06 v1.2.3 Automatically detects native IPv4 and IPv6 for warp-installed machines to minimize interference with warp ip; 对于已安装 warp 机器,自动识别原生的 IPv4 和 IPv6,以减少受 warp ip 的干扰
55 | >
56 | >2024.05.03 v1.2.2 Complete 8 non-interactive installation modes, direct output results. Suitable for mass installation scenarios. You can put the commands in the favorites of the ssh software. Please refer to the README.md description for details. 完善8种无交互安装模式,直接输出结果,适合大量装机的情景,可以把命令放在 ssh 软件的收藏夹,详细请参考README.md 说明
57 | >
58 | >2024.04.16 v1.2.1 1. Fix the bug of dynamically adding and removing protocols; 2. CentOS 7 add EPEL to install nginx; 1. 修复动态增加和删除协议的 bug; 2. CentOS 7 增加 EPEL 软件仓库,以便安装 Nginx
59 | >
60 | >2024.04.12 v1.2.0 1. Add Cloudflare Argo Tunnel, so that 10 protocols, including the transport mode of ws, no longer need to bring our own domain; 2. Cloudflare Argo Tunnel supports try, Json and Token methods. Use of [sb -t] online switching; 3. Cloudflare Argo Tunnel switch is [sb -a], and the Sing-box switch is changed from [sb -o] to [sb -s]; 4. If Json or Token Argo is used, the subscription address is the domain name; 5. For details: https://github.com/fscarmen/sing-box; 1. 增加 Cloudflare Argo Tunnel,让包括传输方式为ws在内的10个协议均不再需要自带域名; 2. Cloudflare Argo Tunnel 支持临时、Json 和 Token 方式,支持使用 [sb -t] 在线切换; 3. Cloudflare Argo Tunnel 开关为 [sb -a],Sing-box 开关从 [sb -o] 更换为 [sb -s]; 4. 若使用 Json 或者 Token 固定域名 Argo,则订阅地址则使用该域名; 5. 详细参考: https://github.com/fscarmen/sing-box
61 | >
62 | >2024.04.01 sing-box + argo container version is newly launched, for details: https://github.com/fscarmen/sing-box; sing-box 全家桶 + argo 容器版本全新上线,详细参考: https://github.com/fscarmen/sing-box
63 | >
64 | >2024.03.27 v1.1.11 Add two non-interactive installation modes: 1. pass parameter; 2.kv file, for details: https://github.com/fscarmen/sing-box; 增加两个的无交互安装模式: 1. 传参;2.kv 文件,详细参考: https://github.com/fscarmen/sing-box
65 | >
66 | >2024.03.26 v1.1.10 Thanks to UUb for the official change of the compilation, dependencies jq, qrencode from apt installation to download the binary file, reduce the installation time of about 15 seconds, the implementation of the project's positioning of lightweight, as far as possible to install the least system dependencies; 感谢 UUb 兄弟的官改编译,依赖 jq, qrencode 从 apt 安装改为下载二进制文件,缩减安装时间约15秒,贯彻项目轻量化的定位,尽最大可能安装最少的系统依赖
67 | >
68 | >2024.03.22 v1.1.9 1. In the Sing-box client, add the brutal field in the TCP protocol to make it effective; 2. Compatible with CentOS 7,8,9; 3. Remove default Github CDN; 1. 在 Sing-box 客户端,TCP 协议协议里加上 brutal 字段以生效; 2. 适配 CentOS 7,8,9; 3. 去掉默认的 Github 加速网
69 | >
70 | >2024.3.18 v1.1.8 Move nginx for subscription services to the systemd daemon, following sing-box startup and shutdown; 把用于订阅服务的 nginx 移到 systemd daemon,跟随 sing-box 启停
71 | >
72 | >2024.3.13 v1.1.7 Subscription made optional, no nginx and qrcode installed if not needed; 在线订阅改为可选项,如不需要,不安装 nginx 和 qrcode
73 | >
74 | >2024.3.11 v1.1.6 1. Subscription api too many problems not working properly, instead put template-2 on Github; 2. Use native IP if it supports unlocking chatGPT, otherwise use warp chained proxy unlocking; 1. 在线转订阅 api 太多问题不能正常使用,改为把模板2放Github; 2. 如自身支持解锁 chatGPT,则使用原生 IP,否则使用 warp 链式代理解锁
75 | >
76 | >2024.3.10 v1.1.5 1. To protect node data security, use fake information to fetch subscribe api; 2. Adaptive the above clients. http://\:\/\//; 1. 为保护节点数据安全,在 api 转订阅时,使用虚假信息; 2. 自适应以上的客户端,http://\:\/\/
77 | >
78 | >2024.3.4 v1.1.4 1. Support V2rayN / Nekobox / Clash / sing-box / Shadowrocket subscribe. http://\:\/\/\. Index of all subscribes: http://\:\/\/ . Reinstall is required; 2. Adaptive the above clients. http://\:\/\/auto ; 1. 增加 V2rayN / Nekobox / Clash / sing-box / Shadowrocket 订阅,http://\:\/\/\, 所有订阅的索引: http://\:\/\/,需要重新安装; 2. 自适应以上的客户端,http://\:\/\/auto
79 | >
80 | >2024.2.16 v1.1.3 1. Support v2rayN V6.33 Tuic and Hysteria2 protocol URLs; 2. Add DNS module to adapt Sing-box V1.9.0-alpha.8; 3. Reconstruct the installation protocol, add delete protocols and protocol export module, each parameter is more refined. ( Reinstall is required ); 4. Remove obfs obfuscation from Hysteria2; 1. 支持 v2rayN V6.33 Tuic 和 Hysteria2 协议 URL; 2. 增加 DNS 模块以适配 Sing-box V1.9.0-alpha.8; 3. 重构安装协议,增加删除协议及协议输出模块,各参数更精细 (需要重新安装); 4. 去掉 Hysteria2 的 obfs 混淆
81 | >
82 | >2023.12.25 v1.1.2 1. support Sing-box 1.8.0 latest Rule Set and Experimental; 2. api.openai.com routes to WARP IPv4, other openai websites routes to WARP IPv6; 3. Start port changes to 100; 1. 支持 Sing-box 1.8.0 最新的 Rule Set 和 Experimental; 2. api.openai.com 分流到 WARP IPv4, 其他 openai 网站分流到 WARP IPv6; 3. 开始端口改为 100
83 | >
84 | >2023.11.21 v1.1.1 1. XTLS + REALITY remove flow: xtls-reality-vision to support multiplexing and TCP brutal (requires reinstallation); 2. Clash meta add multiplexing parameter. 1. XTLS + REALITY 去掉 xtls-reality-vision 流控以支持多路复用和 TCP brutal (需要重新安装); 2. Clash meta 增加多路复用参数
85 | >
86 | >2023.11.17 v1.1.0 1. Add [ H2 + Reality ] and [ gRPC + Reality ]. Reinstall is required; 2. Use beta verion instead of alpha; 3. Support TCP brutal and add the official install script; 1. 增加 [ H2 + Reality ] 和 [ gRPC + Reality ],需要重新安装; 2. 由于 Sing-box 更新极快,将使用 beta 版本替代 alpha 3. 支持 TCP brutal,并提供官方安装脚本
87 | >
88 | >2023.11.15 v1.0.1 1. Support TCP brutal. Reinstall is required; 2. Use alpha verion instead of latest; 3. Change the default CDN to [ cn.azhz.eu.org ]; 1. 支持 TCP brutal,需要重新安装; 2. 由于 Sing-box 更新极快,将使用 alpha 版本替代 latest; 3. 默认优选改为 [ cn.azhz.eu.org ]
89 | >
90 | >2023.10.29 v1.0 正式版 1. Sing-box Family bucket v1.0; 2. After installing, add [sb] shortcut; 3. Output the configuration for Sing-box Client; 1. Sing-box 全家桶 v1.0; 2. 安装后,增加 [sb] 的快捷运行方式; 3. 输出 Sing-box Client 配置
91 | >
92 | >2023.10.18 beta7 1. You can add and remove protocols at any time, need to reinstall script; 2. Adjusted the order of some protocols; 1. 可以随时添加和删除协议,需要重新安装脚本; 2. 调整了部分协议的先后顺序
93 | >
94 | >2023.10.16 beta6 1. Support Alpine; 2. Add Sing-box PID, runtime, and memory usage to the menu; 3. Remove the option of using warp on returning to China; 支持 Alpine; 2. 菜单中增加 sing-box 内存占用显示; 3. 去掉使用 warp 回国的选项
95 | >
96 | >2023.10.10 beta5 1. Add the option of blocking on returning to China; 2. Add a number of quality cdn's that are collected online; 1. 增加禁止归国选项; 2. 增加线上收录的若干优质 cdn
97 | >
98 | >2023.10.9 beta4 1. Add v2rayN client, ShadowTLS and Tuic based on sing-box kernel configuration file output; 2. Shadowsocks encryption from aes-256-gcm to aes-128-gcm; 3. Optimize the routing and dns of sing-box on the server side; 1. 补充 v2rayN 客户端中,ShadowTLS 和 Tuic 基于 sing-box 内核的配置文件输出; 2. Shadowsocks 加密从 aes-256-gcm 改为 aes-128-gcm; 3. 优化服务端 sing-box 的 路由和 dns
99 | >
100 | >2023.10.6 beta3 1. Add vmess + ws / vless + ws + tls protocols; 2. Hysteria2 add obfuscated verification of obfs; 1. 增加 vmess + ws / vless + ws + tls 协议; 2. Hysteria2 增加 obfs 混淆验证
101 | >
102 | >2023.10.3 beta2 1. Single-select, multi-select or select all the required protocols; 2. Support according to the order of selection, the definition of the corresponding protocol listen port number; 1. 可以单选、多选或全选需要的协议; 2. 支持根据选择的先后次序,定义相应协议监听端口号
103 | >
104 | >2023.9.30 beta1 Sing-box 全家桶一键脚本 for vps
105 |
106 |
107 |
108 | ## 2.项目特点:
109 |
110 | * 一键部署多协议,可以单选、多选或全选 ShadowTLS v3 / XTLS Reality / Hysteria2 / Tuic V5 / ShadowSocks / Trojan / Vmess + ws / Vless + ws + tls / H2 Reality / gRPC Reality / AnyTLS, 总有一款适合你
111 | * 所有协议均不需要域名,可选 Cloudflare Argo Tunnel 内网穿透以支持传统方式为 websocket 的协议
112 | * 节点信息输出到 V2rayN / Clash Verge / 小火箭 / Nekobox / Sing-box (SFI, SFA, SFM),订阅自动适配客户端,一个订阅 url 走天下
113 | * 自定义端口,适合有限开放端口的 nat 小鸡
114 | * 内置 warp 链式代理解锁 chatGPT
115 | * 智能判断操作系统: Ubuntu 、Debian 、CentOS 、Alpine 和 Arch Linux,请务必选择 LTS 系统
116 | * 支持硬件结构类型: AMD 和 ARM,支持 IPv4 和 IPv6
117 | * 无交互极速安排模式: 一个回车完成 11 个协议的安装
118 |
119 |
120 | ## 3.Sing-box for VPS 运行脚本:
121 |
122 | * 首次运行
123 | ```
124 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh)
125 | ```
126 |
127 | * 再次运行
128 | ```
129 | sb
130 | ```
131 |
132 | | Option 参数 | Remark 备注 |
133 | | --------------- | ------ |
134 | | -c | Chinese 中文 |
135 | | -e | English 英文 |
136 | | -u | Uninstall 卸载 |
137 | | -n | Export Nodes list 显示节点信息 |
138 | | -p | Change the nodes start port 更改节点的起始端口 |
139 | | -d | Change CDN 更换 CDN |
140 | | -s | Stop / Start the Sing-box service 停止/开启 Sing-box 服务 |
141 | | -a | Stop / Start the Argo Tunnel service 停止/开启 Argo Tunnel 服务 |
142 | | -v | Sync Argo Xray to the newest 同步 Argo Xray 到最新版本 |
143 | | -b | Upgrade kernel, turn on BBR, change Linux system 升级内核、安装BBR、DD脚本 |
144 | | -r | Add and remove protocols 添加和删除协议 |
145 |
146 |
147 | ## 4.无交互极速安装:
148 | ### 方式1. KV 配置文件,内容参照本库里的 config
149 | ```
150 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) -f config.conf
151 | ```
152 |
153 | ### 方式2. KV 传参,举例
154 |
155 |
156 | 使用 Origin Rule + 订阅(点击即可展开或收起)
157 |
158 |
159 | ```
160 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) \
161 | --LANGUAGE c \
162 | --CHOOSE_PROTOCOLS a \
163 | --START_PORT 8881 \
164 | --PORT_NGINX 60000 \
165 | --SERVER_IP 123.123.123.123 \
166 | --CDN skk.moe\
167 | --VMESS_HOST_DOMAIN vmess.test.com \
168 | --VLESS_HOST_DOMAIN vless.test.com \
169 | --UUID_CONFIRM 20f7fca4-86e5-4ddf-9eed-24142073d197 \
170 | --SUBSCRIBE=true \
171 | --PORT_HOPPING_RANGE 50000:51000 \
172 | --NODE_NAME_CONFIRM bucket
173 | ```
174 |
175 |
176 |
177 |
178 | 使用 Origin Rule ,不要订阅(点击即可展开或收起)
179 |
180 |
181 | ```
182 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) \
183 | --LANGUAGE c \
184 | --CHOOSE_PROTOCOLS a \
185 | --START_PORT 8881 \
186 | --PORT_NGINX 60000 \
187 | --SERVER_IP 123.123.123.123 \
188 | --CDN skk.moe\
189 | --VMESS_HOST_DOMAIN vmess.test.com \
190 | --VLESS_HOST_DOMAIN vless.test.com \
191 | --UUID_CONFIRM 20f7fca4-86e5-4ddf-9eed-24142073d197 \
192 | --PORT_HOPPING_RANGE 50000:51000 \
193 | --NODE_NAME_CONFIRM bucket
194 | ```
195 |
196 |
197 |
198 | 使用 Argo 临时隧道 + 订阅(点击即可展开或收起)
199 |
200 |
201 | ```
202 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) \
203 | --LANGUAGE c \
204 | --CHOOSE_PROTOCOLS a \
205 | --START_PORT 8881 \
206 | --PORT_NGINX 60000 \
207 | --SERVER_IP 123.123.123.123 \
208 | --CDN skk.moe\
209 | --UUID_CONFIRM 20f7fca4-86e5-4ddf-9eed-24142073d197 \
210 | --SUBSCRIBE=true \
211 | --ARGO=true \
212 | --PORT_HOPPING_RANGE 50000:51000 \
213 | --NODE_NAME_CONFIRM bucket
214 | ```
215 |
216 |
217 |
218 | 使用 Argo 临时隧道,不要订阅(点击即可展开或收起)
219 |
220 |
221 | ```
222 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) \
223 | --LANGUAGE c \
224 | --CHOOSE_PROTOCOLS a \
225 | --START_PORT 8881 \
226 | --PORT_NGINX 60000 \
227 | --SERVER_IP 123.123.123.123 \
228 | --CDN skk.moe\
229 | --UUID_CONFIRM 20f7fca4-86e5-4ddf-9eed-24142073d197 \
230 | --ARGO=true \
231 | --PORT_HOPPING_RANGE 50000:51000 \
232 | --NODE_NAME_CONFIRM bucket
233 | ```
234 |
235 |
236 |
237 | 使用 Argo Json 隧道 + 订阅(点击即可展开或收起)
238 |
239 |
240 | ```
241 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) \
242 | --LANGUAGE c \
243 | --CHOOSE_PROTOCOLS a \
244 | --START_PORT 8881 \
245 | --PORT_NGINX 60000 \
246 | --SERVER_IP 123.123.123.123 \
247 | --CDN skk.moe\
248 | --UUID_CONFIRM 20f7fca4-86e5-4ddf-9eed-24142073d197 \
249 | --SUBSCRIBE=true \
250 | --ARGO=true \
251 | --ARGO_DOMAIN=sb.argo.com \
252 | --ARGO_AUTH='{"AccountTag":"9cc9e3e4d8f29d2a02e297f14f20513a","TunnelSecret":"6AYfKBOoNlPiTAuWg64ZwujsNuERpWLm6pPJ2qpN8PM=","TunnelID":"1ac55430-f4dc-47d5-a850-bdce824c4101"}' \
253 | --PORT_HOPPING_RANGE 50000:51000 \
254 | --NODE_NAME_CONFIRM bucket
255 | ```
256 |
257 |
258 |
259 | 使用 Argo Json 隧道,不要订阅(点击即可展开或收起)
260 |
261 |
262 | ```
263 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) \
264 | --LANGUAGE c \
265 | --CHOOSE_PROTOCOLS a \
266 | --START_PORT 8881 \
267 | --PORT_NGINX 60000 \
268 | --SERVER_IP 123.123.123.123 \
269 | --CDN skk.moe\
270 | --UUID_CONFIRM 20f7fca4-86e5-4ddf-9eed-24142073d197 \
271 | --ARGO=true \
272 | --ARGO_DOMAIN=sb.argo.com \
273 | --ARGO_AUTH='{"AccountTag":"9cc9e3e4d8f29d2a02e297f14f20513a","TunnelSecret":"6AYfKBOoNlPiTAuWg64ZwujsNuERpWLm6pPJ2qpN8PM=","TunnelID":"1ac55430-f4dc-47d5-a850-bdce824c4101"}' \
274 | --PORT_HOPPING_RANGE 50000:51000 \
275 | --NODE_NAME_CONFIRM bucket
276 | ```
277 |
278 |
279 |
280 | 使用 Argo Token 隧道 + 订阅(点击即可展开或收起)
281 |
282 |
283 | ```
284 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) \
285 | --LANGUAGE c \
286 | --CHOOSE_PROTOCOLS a \
287 | --START_PORT 8881 \
288 | --PORT_NGINX 60000 \
289 | --SERVER_IP 123.123.123.123 \
290 | --CDN skk.moe\
291 | --UUID_CONFIRM 20f7fca4-86e5-4ddf-9eed-24142073d197 \
292 | --SUBSCRIBE=true \
293 | --ARGO=true \
294 | --ARGO_DOMAIN=sb.argo.com \
295 | --ARGO_AUTH='sudo cloudflared service install eyJhIjoiOWNjOWUzZTRkOGYyOWQyYTAyZTI5N2YxNGYyMDUxM2EiLCJ0IjoiOGNiZDA4ZjItNGM0MC00OGY1LTlmZDYtZjlmMWQ0YTcxMjUyIiwicyI6IllXWTFORGN4TW1ZdE5HTXdZUzAwT0RaakxUbGxNMkl0Wm1VMk5URTFOR0l4TkdKayJ9' \
296 | --PORT_HOPPING_RANGE 50000:51000 \
297 | --NODE_NAME_CONFIRM bucket
298 | ```
299 |
300 |
301 |
302 | 使用 Argo Token 隧道,不要订阅(点击即可展开或收起)
303 |
304 |
305 | ```
306 | bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) \
307 | --LANGUAGE c \
308 | --CHOOSE_PROTOCOLS a \
309 | --START_PORT 8881 \
310 | --PORT_NGINX 60000 \
311 | --SERVER_IP 123.123.123.123 \
312 | --CDN skk.moe\
313 | --UUID_CONFIRM 20f7fca4-86e5-4ddf-9eed-24142073d197 \
314 | --ARGO=true \
315 | --ARGO_DOMAIN=sb.argo.com \
316 | --ARGO_AUTH='sudo cloudflared service install eyJhIjoiOWNjOWUzZTRkOGYyOWQyYTAyZTI5N2YxNGYyMDUxM2EiLCJ0IjoiOGNiZDA4ZjItNGM0MC00OGY1LTlmZDYtZjlmMWQ0YTcxMjUyIiwicyI6IllXWTFORGN4TW1ZdE5HTXdZUzAwT0RaakxUbGxNMkl0Wm1VMk5URTFOR0l4TkdKayJ9' \
317 | --PORT_HOPPING_RANGE 50000:51000 \
318 | --NODE_NAME_CONFIRM bucket
319 | ```
320 |
321 |
322 |
323 | ### 参数说明
324 | | Key 大小写不敏感(Case Insensitive)| Value |
325 | | --------------- | ----------- |
326 | | --LANGUAGE | c=中文; e=英文 |
327 | | --CHOOSE_PROTOCOLS | 可多选,如 bcdfk
a=全部
b=XTLS + reality
c=hysteria2
d=tuic
e=ShadowTLS
f=shadowsocks
g=trojan
h=vmess + ws
i=vless + ws + tls
j=H2 + reality
k=gRPC + reality
l=AnyTLS |
328 | | --START_PORT | 100 - 65520 |
329 | | --PORT_NGINX | n=不需要订阅,或者 100 - 65520 |
330 | | --SERVER_IP | IPv4 或 IPv6 地址,不需要中括号 |
331 | | --CDN | 优选 IP 或者域名,如 --CHOOSE_PROTOCOLS 是 [a,h,i] 时需要 |
332 | | --VMESS_HOST_DOMAIN | vmess sni 域名,如 --CHOOSE_PROTOCOLS 是 [a,h] 时需要 |
333 | | --VLESS_HOST_DOMAIN | vless sni 域名,如 --CHOOSE_PROTOCOLS 是 [a,i] 时需要 |
334 | | --UUID_CONFIRM | 协议的 uuid 或者 password |
335 | | --ARGO | 是否使用 Argo Tunnel,如果是填 true,如果使用 Origin rules,则可以忽略本 Key |
336 | | --ARGO_DOMAIN | 固定 Argo 域名,即是 Json 或者 Token 隧道的域名 |
337 | | --ARGO_AUTH | Json 或者 Token 隧道的内容 |
338 | | --PORT_HOPPING_RANGE | hysteria2 跳跃端口范围,如 50000:51000 |
339 | | --NODE_NAME_CONFIRM | 节点名 |
340 |
341 |
342 | ## 5.Token Argo Tunnel 方案设置任意端口回源以使用 cdn
343 | 详细教程: [群晖套件:Cloudflare Tunnel 内网穿透中文教程 支持DSM6、7](https://imnks.com/5984.html)
344 |
345 | 
346 |
347 | 
348 |
349 |
350 | ## 6.Vmess / Vless 方案设置任意端口回源以使用 cdn
351 | 举例子 IPv6: vmess [2a01:4f8:272:3ae6:100b:ee7a:ad2f:1]:10006
352 | 
353 |
354 | 1. 解析域名
355 | 
356 |
357 | 2. 设置 Origin rule
358 | 
359 |
360 |
361 | ## 7.Docker 和 Docker compose 安装
362 |
363 | ### 说明:
364 | * 支持三种 Argo 类型隧道: 临时 (不需要域名) / Json / Token
365 | * 需要20个连续可用的端口,以 `START_PORT` 开始第一个
366 |
367 |
368 | Docker 部署(点击即可展开或收起)
369 |
370 |
371 | ```
372 | docker run -dit \
373 | --pull always \
374 | --name sing-box \
375 | -p 8800-8820:8800-8820/tcp \
376 | -p 8800-8820:8800-8820/udp \
377 | -e START_PORT=8800 \
378 | -e SERVER_IP=123.123.123.123 \
379 | -e XTLS_REALITY=true \
380 | -e HYSTERIA2=true \
381 | -e TUIC=true \
382 | -e SHADOWTLS=true \
383 | -e SHADOWSOCKS=true \
384 | -e TROJAN=true \
385 | -e VMESS_WS=true \
386 | -e VLESS_WS=true \
387 | -e H2_REALITY=true \
388 | -e GRPC_REALITY=true \
389 | -e ANYTLS=true \
390 | -e UUID=20f7fca4-86e5-4ddf-9eed-24142073d197 \
391 | -e CDN=www.csgo.com \
392 | -e NODE_NAME=sing-box \
393 | -e ARGO_DOMAIN=sb.argo.com \
394 | -e ARGO_AUTH='{"AccountTag":"9cc9e3e4d8f29d2a02e297f14f20513a","TunnelSecret":"6AYfKBOoNlPiTAuWg64ZwujsNuERpWLm6pPJ2qpN8PM=","TunnelID":"1ac55430-f4dc-47d5-a850-bdce824c4101"}' \
395 | fscarmen/sb
396 | ```
397 |
398 |
399 |
400 | Docker Compose 部署(点击即可展开或收起)
401 |
402 |
403 | ```
404 | version: '3.8'
405 | networks:
406 | sing-box:
407 | name: sing-box
408 | services:
409 | sing-box:
410 | image: fscarmen/sb
411 | pull_policy: always
412 | container_name: sing-box
413 | restart: always
414 | networks:
415 | - sing-box
416 | ports:
417 | - "8800-8820:8800-8820/tcp"
418 | - "8800-8820:8800-8820/udp"
419 | environment:
420 | - START_PORT=8800
421 | - SERVER_IP=123.123.123.123
422 | - XTLS_REALITY=true
423 | - HYSTERIA2=true
424 | - TUIC=true
425 | - SHADOWTLS=true
426 | - SHADOWSOCKS=true
427 | - TROJAN=true
428 | - VMESS_WS=true
429 | - VLESS_WS=true
430 | - H2_REALITY=true
431 | - GRPC_REALITY=true
432 | - ANYTLS=true
433 | - UUID=20f7fca4-86e5-4ddf-9eed-24142073d197
434 | - CDN=www.csgo.com
435 | - NODE_NAME=sing-box
436 | - ARGO_DOMAIN=sb.argo.com
437 | - ARGO_AUTH=eyJhIjoiOWNjOWUzZTRkOGYyOWQyYTAyZTI5N2YxNGYyMDUxM2EiLCJ0IjoiOGNiZDA4ZjItNGM0MC00OGY1LTlmZDYtZjlmMWQ0YTcxMjUyIiwicyI6IllXWTFORGN4TW1ZdE5HTXdZUzAwT0RaakxUbGxNMkl0Wm1VMk5URTFOR0l4TkdKayJ9
438 | ```
439 |
440 |
441 |
442 | ### 常用指令
443 | | 功能 | 指令 |
444 | | ---- | ---- |
445 | | 查看节点信息 | `docker exec -it sing-box cat list` |
446 | | 查看容器日志 | `docker logs -f sing-box` |
447 | | 更新 Sing-box 版本 | `docker exec -it sing-box bash init.sh -v` |
448 | | 查看容器内存,CPU,网络等资源使用情况 | `docker stats sing-box` |
449 | | 暂停容器 | docker: `docker stop sing-box` compose: `docker-compose stop` |
450 | | 停止并删除容器 | docker: `docker rm -f sing-box` compose: `docker-compose down` |
451 | | 删除镜像 | `docker rmi -f fscarmen/sb:latest` |
452 |
453 |
454 | ### 用户可以通过 Cloudflare Json 生成网轻松获取: https://fscarmen.cloudflare.now.cc
455 |
456 | 
457 |
458 | 如想手动,可以参考,以 Debian 为例,需要用到的命令,[Deron Cheng - CloudFlare Argo Tunnel 试用](https://zhengweidong.com/try-cloudflare-argo-tunnel)
459 |
460 |
461 | ### Argo Token 的获取
462 |
463 | 详细教程: [群晖套件:Cloudflare Tunnel 内网穿透中文教程 支持DSM6、7](https://imnks.com/5984.html)
464 |
465 |
466 |
467 | 
468 |
469 |
470 | ### 参数说明
471 | | 参数 | 是否必须 | 说明 |
472 | | --- | ------- | --- |
473 | | -p /tcp | 是 | 宿主机端口范围:容器 sing-box 及 nginx 等 tcp 监听端口 |
474 | | -p /udp | 是 | 宿主机端口范围:容器 sing-box 及 nginx 等 udp 监听端口 |
475 | | -e START_PORT | 是 | 起始端口 ,一定要与端口映射的起始端口一致 |
476 | | -e SERVER_IP | 是 | 服务器公网 IP |
477 | | -e XTLS_REALITY | 是 | true 为启用 XTLS + reality,不需要的话删除本参数或填 false |
478 | | -e HYSTERIA2 | 是 | true 为启用 Hysteria v2 协议,不需要的话删除本参数或填 false |
479 | | -e TUIC | 是 | true 为启用 TUIC 协议,不需要的话删除本参数或填 false |
480 | | -e SHADOWTLS | 是 | true 为启用 ShadowTLS 协议,不需要的话删除本参数或填 false |
481 | | -e SHADOWSOCKS | 是 | true 为启用 ShadowSocks 协议,不需要的话删除本参数或填 false |
482 | | -e TROJAN | 是 | true 为启用 Trojan 协议,不需要的话删除本参数或填 false |
483 | | -e VMESS_WS | 是 | true 为启用 VMess over WebSocket 协议,不需要的话删除本参数或填 false |
484 | | -e VLESS_WS | 是 | true 为启用 VLess over WebSocket 协议,不需要的话删除本参数或填 false |
485 | | -e H2_REALITY | 是 | true 为启用 H2 over reality 协议,不需要的话删除本参数或填 false |
486 | | -e GRPC_REALITY | 是 | true 为启用 gRPC over reality 协议,不需要的话删除本参数或填 false |
487 | | -e ANYTLS | 是 | true 为启用 AnyTLS 协议,不需要的话删除本参数或填 false |
488 | | -e UUID | 否 | 不指定的话 UUID 将默认随机生成 |
489 | | -e CDN | 否 | 优选域名,不指定的话将使用 www.csgo.com |
490 | | -e NODE_NAME | 否 | 节点名称,不指定的话将使用 sing-box |
491 | | -e ARGO_DOMAIN | 否 | Argo 固定隧道域名 , 与 ARGO_DOMAIN 一并使用才能生效 |
492 | | -e ARGO_AUTH | 否 | Argo 认证信息,可以是 Json 也可以是 Token,与 ARGO_DOMAIN 一并使用才能生效,不指定的话将使用临时隧道 |
493 |
494 |
495 | ## 8.Nekobox 设置 shadowTLS 方法
496 | 1. 复制脚本输出的两个 Neko links 进去
497 | 
498 |
499 | 2. 设置链式代理,并启用
500 | 右键 -> 手动输入配置 -> 类型选择为 "链式代理"。
501 |
502 | 点击 "选择配置" 后,给节点起个名字,先后选 1-tls-not-use 和 2-ss-not-use,按 enter 或 双击 使用这个服务器。一定要注意顺序不能反了,逻辑为 ShadowTLS -> ShadowSocks。
503 |
504 | 
505 |
506 |
507 | ## 9.主体目录文件及说明
508 |
509 | ```
510 | /etc/sing-box/ # 项目主体目录
511 | |-- cert # 存放证书文件目录
512 | | |-- cert.pem # SSL/TLS 安全证书文件
513 | | `-- private.key # SSL/TLS 证书的私钥信息
514 | |-- conf # sing-box server 配置文件目录
515 | | |-- 00_log.json # 日志配置文件
516 | | |-- 01_outbounds.json # 服务端出站配置文件
517 | | |-- 02_endpoints.json # 配置 endpoints,添加 warp 账户信息配置文件
518 | | |-- 03_route.json # 路由配置文件,chatGPT 使用 warp ipv6 链式代理出站
519 | | |-- 04_experimental.json # 缓存配置文件
520 | | |-- 05_dns.json # DNS 规则文件
521 | | |-- 06_ntp.json # 服务端时间同步配置文件
522 | | |-- 11_xtls-reality_inbounds.json # Reality vision 协议配置文件
523 | | |-- 12_hysteria2_inbounds.json # Hysteria2 协议配置文件
524 | | |-- 13_tuic_inbounds.json # Tuic V5 协议配置文件 # Hysteria2 协议配置文件
525 | | |-- 14_ShadowTLS_inbounds.json # ShadowTLS 协议配置文件 # Tuic V5 协议配置文件
526 | | |-- 15_shadowsocks_inbounds.json # Shadowsocks 协议配置文件
527 | | |-- 16_trojan_inbounds.json # Trojan 协议配置文件
528 | | |-- 17_vmess-ws_inbounds.json # vmess + ws 协议配置文件
529 | | |-- 18_vless-ws-tls_inbounds.json # vless + ws + tls 协议配置文件
530 | | |-- 19_h2-reality_inbounds.json # Reality http2 协议配置文件
531 | | |-- 20_grpc-reality_inbounds.json # Reality gRPC 协议配置文件
532 | | `-- 21_anytls_inbounds.json # AnyTLS 协议配置文件
533 | |-- logs
534 | | `-- box.log # sing-box 运行日志文件
535 | |-- subscribe # sing-box server 配置文件目录
536 | | |-- qr # Nekoray / V2rayN / Shadowrock 订阅二维码
537 | | |-- shadowrocket # Shadowrock 订阅文件
538 | | |-- proxies # Clash proxy provider 订阅文件
539 | | |-- clash # Clash 订阅文件1
540 | | |-- clash2 # Clash 订阅文件2
541 | | |-- sing-box-pc # SFM 订阅文件1
542 | | |-- sing-box-phone # SFI / SFA 订阅文件1
543 | | |-- sing-box2 # SFI / SFA / SFM 订阅文件2
544 | | |-- v2rayn # V2rayN 订阅文件
545 | | `-- neko # Nekoray 订阅文件
546 | |-- cache.db # sing-box 缓存文件
547 | |-- nginx.conf # 用于订阅服务的 nginx 配置文件
548 | |-- language # 存放脚本语言文件,E 为英文,C 为中文
549 | |-- list # 节点信息列表
550 | |-- sing-box # sing-box 主程序
551 | |-- cloudflared # Argo tunnel 主程序
552 | |-- tunnel.json # Argo tunnel Json 信息文件
553 | |-- tunnel.yml # Argo tunnel 配置文件
554 | |-- sb.sh # 快捷方式脚本文件
555 | |-- jq # 命令行 json 处理器二进制文件
556 | `-- qrencode # QR 码编码二进制文件
557 | ```
558 |
559 |
560 | ## 10.鸣谢下列作者的文章和项目:
561 | 千歌 sing-box 模板: https://github.com/chika0801/sing-box-examples
562 |
563 |
564 | ## 11.免责声明:
565 | * 本程序仅供学习了解, 非盈利目的,请于下载后 24 小时内删除, 不得用作任何商业用途, 文字、数据及图片均有所属版权, 如转载须注明来源。
566 | * 使用本程序必循遵守部署免责声明。使用本程序必循遵守部署服务器所在地、所在国家和用户所在国家的法律法规, 程序作者不对使用者任何不当行为负责。
--------------------------------------------------------------------------------
/config.conf:
--------------------------------------------------------------------------------
1 | # 使用说明 / Usage:
2 | # 1. 复制此文件并重命名为 config.conf / Copy this file and rename it to config.conf
3 | # 2. 根据需要修改配置参数 / Modify the configuration parameters as needed
4 | # 3. 执行安装命令 / Run the installation command:
5 | # bash <(wget -qO- https://raw.githubusercontent.com/fscarmen/sing-box/main/sing-box.sh) -f config.conf
6 |
7 | # 配置文件说明 / Configuration Description:
8 |
9 | # 语言选项 / Language option:
10 | # c 为中文 / c for Chinese
11 | # e 为英文 / e for English
12 | LANGUAGE=''
13 |
14 | # 协议选择 / Protocol selection:
15 | # a 为全部协议,也可以选择 b-k 的任意组合
16 | # a for all protocols, or choose any combination from b-k
17 | # b: VLESS + Reality
18 | # c: Hysteria2
19 | # d: Tuic V5
20 | # e: ShadowTLS
21 | # f: Shadowsocks
22 | # g: Trojan
23 | # h: VMESS + WebSocket
24 | # i: VLESS + WebSocket + TLS
25 | # j: VLESS + H2 + Reality
26 | # k: VLESS + gRPC + Reality
27 | # l: AnyTLS
28 | CHOOSE_PROTOCOLS=''
29 |
30 | # 起始端口号,其他协议会依次递增 / Starting port number, other protocols will increment sequentially
31 | START_PORT=''
32 |
33 | # Nginx 端口号,用于 WebSocket 协议 / Nginx port number for WebSocket protocol
34 | PORT_NGINX=''
35 |
36 | # 服务器 IP 地址,支持 IPv4 或 IPv6 / Server IP address, supports IPv4 or IPv6
37 | SERVER_IP=''
38 |
39 | # CDN 域名,用于优化线路 / CDN domain name for line optimization
40 | CDN=''
41 |
42 | # UUID,用于节点识别和认证 / UUID for node identification and authentication
43 | UUID_CONFIRM=''
44 |
45 | # 是否启用订阅功能 / Enable subscription function: true or false
46 | SUBSCRIBE=''
47 |
48 | # 是否启用 Argo 隧道 / Enable Argo Tunnel: true or false
49 | # 如果为 true,则使用 Argo Tunnel 回源,固定域名需要填写 ARGO_DOMAIN 与 ARGO_AUTH,临时隧道无需填写
50 | # If true, use Argo Tunnel for origin connection. For fixed domain, fill in ARGO_DOMAIN and ARGO_AUTH. For temporary tunnel, leave them empty
51 | # 如果为 false,则需要填写 VMESS_HOST_DOMAIN 和 VLESS_HOST_DOMAIN
52 | # If false, fill in VMESS_HOST_DOMAIN and VLESS_HOST_DOMAIN
53 | ARGO=''
54 |
55 | # VMESS + WebSocket 域名配置,当 ARGO='false' 时必填
56 | # VMESS + WebSocket domain configuration, required when ARGO='false'
57 | VMESS_HOST_DOMAIN=''
58 |
59 | # VLESS + WebSocket + TLS 域名配置,当 ARGO='false' 时必填
60 | # VLESS + WebSocket + TLS domain configuration, required when ARGO='false'
61 | VLESS_HOST_DOMAIN=''
62 |
63 | # Argo 域名设置,当 ARGO='true' 时必填,如果使用临时隧道,则无需填写
64 | # Argo domain settings, required when ARGO='true'. Leave empty if using temporary tunnel
65 | ARGO_DOMAIN=''
66 |
67 | # Argo 认证信息,包含账户标签、隧道密钥和隧道ID,当 ARGO='true' 时必填,如果使用临时隧道,则无需填写
68 | # Argo authentication info, including AccountTag, TunnelSecret and TunnelID. Required when ARGO='true'. Leave empty if using temporary tunnel
69 | ARGO_AUTH=''
70 |
71 | # 端口跳跃范围,用于 Hysteria2 协议,格式为 起始端口:结束端口
72 | # Port hopping range for Hysteria2 protocol, format: start_port:end_port
73 | PORT_HOPPING_RANGE=''
74 |
75 | # 节点名称,支持 emoji 表情 / Node name, emoji supported
76 | NODE_NAME_CONFIRM=''
--------------------------------------------------------------------------------
/docker_init.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | # 脚本更新日期 2025.05.19
4 | WORK_DIR=/sing-box
5 | PORT=$START_PORT
6 | SUBSCRIBE_TEMPLATE="https://raw.githubusercontent.com/fscarmen/client_template/main"
7 |
8 | # 自定义字体彩色,read 函数
9 | warning() { echo -e "\033[31m\033[01m$*\033[0m"; } # 红色
10 | info() { echo -e "\033[32m\033[01m$*\033[0m"; } # 绿色
11 | hint() { echo -e "\033[33m\033[01m$*\033[0m"; } # 黄色
12 |
13 | # 判断系统架构,以下载相应的应用
14 | case "$ARCH" in
15 | arm64 )
16 | SING_BOX_ARCH=arm64; JQ_ARCH=arm64; QRENCODE_ARCH=arm64; ARGO_ARCH=arm64
17 | ;;
18 | amd64 )
19 | SING_BOX_ARCH=amd64
20 | JQ_ARCH=amd64; QRENCODE_ARCH=amd64; ARGO_ARCH=amd64
21 | ;;
22 | armv7 )
23 | SING_BOX_ARCH=armv7; JQ_ARCH=armhf; QRENCODE_ARCH=arm; ARGO_ARCH=arm
24 | ;;
25 | esac
26 |
27 | # 检查 sing-box 最新版本
28 | check_latest_sing-box() {
29 | # 检查是否强制指定版本
30 | local FORCE_VERSION=$(wget --no-check-certificate --tries=2 --timeout=3 -qO- https://raw.githubusercontent.com/fscarmen/sing-box/refs/heads/main/force_version | sed 's/^[vV]//g')
31 |
32 | # 没有强制指定版本时,获取最新版本
33 | grep -q '.' <<< "$FORCE_VERSION" || local FORCE_VERSION=$(wget --no-check-certificate --tries=2 --timeout=3 -qO- https://api.github.com/repos/SagerNet/sing-box/releases | awk -F '["v-]' '/tag_name/{print $5}' | sort -Vr | sed -n '1p')
34 |
35 | # 获取最终版本号
36 | local VERSION=$(wget --no-check-certificate --tries=2 --timeout=3 -qO- https://api.github.com/repos/SagerNet/sing-box/releases | awk -F '["v]' -v var="tag_name.*$FORCE_VERSION" '$0 ~ var {print $5; exit}')
37 | VERSION=${VERSION:-'v1.12.0-beta.15'}
38 |
39 | echo "$VERSION"
40 | }
41 |
42 | # 安装 sing-box 容器
43 | install() {
44 | # 下载 sing-box
45 | echo "正在下载 sing-box ..."
46 | local ONLINE=$(check_latest_sing-box)
47 | wget https://github.com/SagerNet/sing-box/releases/download/v$ONLINE/sing-box-$ONLINE-linux-$SING_BOX_ARCH.tar.gz -O- | tar xz -C ${WORK_DIR} sing-box-$ONLINE-linux-$SING_BOX_ARCH/sing-box && mv ${WORK_DIR}/sing-box-$ONLINE-linux-$SING_BOX_ARCH/sing-box ${WORK_DIR}/sing-box && rm -rf ${WORK_DIR}/sing-box-$ONLINE-linux-$SING_BOX_ARCH
48 |
49 | # 下载 jq
50 | echo "正在下载 jq ..."
51 | wget -O ${WORK_DIR}/jq https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux-$JQ_ARCH && chmod +x ${WORK_DIR}/jq
52 |
53 | # 下载 qrencode
54 | echo "正在下载 qrencode ..."
55 | wget -O ${WORK_DIR}/qrencode https://github.com/fscarmen/client_template/raw/main/qrencode-go/qrencode-go-linux-$QRENCODE_ARCH && chmod +x ${WORK_DIR}/qrencode
56 |
57 | # 下载 cloudflared
58 | echo "正在下载 cloudflared ..."
59 | wget -O ${WORK_DIR}/cloudflared https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-$ARGO_ARCH && chmod +x ${WORK_DIR}/cloudflared
60 |
61 | # 检查系统是否已经安装 tcp-brutal
62 | IS_BRUTAL=false && [ -x "$(type -p lsmod)" ] && lsmod | grep -q brutal && IS_BRUTAL=true
63 | [ "$IS_BRUTAL" = 'false' ] && [ -x "$(type -p modprobe)" ] && modprobe brutal 2>/dev/null && IS_BRUTAL=true
64 |
65 | # 生成 sing-box 配置文件
66 | if [[ "$SERVER_IP" =~ : ]]; then
67 | local STRATEGY=prefer_ipv6
68 | else
69 | local STRATEGY=ipv4_only
70 | fi
71 |
72 | local REALITY_KEYPAIR=$(${WORK_DIR}/sing-box generate reality-keypair) && REALITY_PRIVATE=$(awk '/PrivateKey/{print $NF}' <<< "$REALITY_KEYPAIR") && REALITY_PUBLIC=$(awk '/PublicKey/{print $NF}' <<< "$REALITY_KEYPAIR")
73 | local SHADOWTLS_PASSWORD=$(${WORK_DIR}/sing-box generate rand --base64 16)
74 | local UUID=${UUID:-"$(${WORK_DIR}/sing-box generate uuid)"}
75 | local NODE_NAME=${NODE_NAME:-"sing-box"}
76 | local CDN=${CDN:-"skk.moe"}
77 |
78 | # 检测是否解锁 chatGPT,首先检查API访问
79 | local CHECK_RESULT1=$(wget --timeout=2 --tries=2 --retry-connrefused --waitretry=5 -qO- --content-on-error --header='authority: api.openai.com' --header='accept: */*' --header='accept-language: en-US,en;q=0.9' --header='authorization: Bearer null' --header='content-type: application/json' --header='origin: https://platform.openai.com' --header='referer: https://platform.openai.com/' --header='sec-ch-ua: "Google Chrome";v="125", "Chromium";v="125", "Not.A/Brand";v="24"' --header='sec-ch-ua-mobile: ?0' --header='sec-ch-ua-platform: "Windows"' --header='sec-fetch-dest: empty' --header='sec-fetch-mode: cors' --header='sec-fetch-site: same-site' --user-agent='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36' 'https://api.openai.com/compliance/cookie_requirements')
80 |
81 | # 如果API检测失败或者检测到unsupported_country,直接返回ban
82 | if [ -z "$CHECK_RESULT1" ] || grep -qi 'unsupported_country' <<< "$CHECK_RESULT1"; then
83 | CHATGPT_OUT=warp-ep
84 | fi
85 |
86 | # API检测通过后,继续检查网页访问
87 | local CHECK_RESULT2=$(wget --timeout=2 --tries=2 --retry-connrefused --waitretry=5 -qO- --content-on-error --header='authority: ios.chat.openai.com' --header='accept: */*;q=0.8,application/signed-exchange;v=b3;q=0.7' --header='accept-language: en-US,en;q=0.9' --header='sec-ch-ua: "Google Chrome";v="125", "Chromium";v="125", "Not.A/Brand";v="24"' --header='sec-ch-ua-mobile: ?0' --header='sec-ch-ua-platform: "Windows"' --header='sec-fetch-dest: document' --header='sec-fetch-mode: navigate' --header='sec-fetch-site: none' --header='sec-fetch-user: ?1' --header='upgrade-insecure-requests: 1' --user-agent='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36' https://ios.chat.openai.com/)
88 |
89 | # 检查第二个结果
90 | if [ -z "$CHECK_RESULT2" ] || grep -qi 'VPN' <<< "$CHECK_RESULT2"; then
91 | CHATGPT_OUT=warp-ep
92 | else
93 | CHATGPT_OUT=direct
94 | fi
95 |
96 | # 生成 log 配置
97 | cat > ${WORK_DIR}/conf/00_log.json << EOF
98 |
99 | {
100 | "log":{
101 | "disabled":false,
102 | "level":"error",
103 | "output":"${WORK_DIR}/logs/box.log",
104 | "timestamp":true
105 | }
106 | }
107 | EOF
108 |
109 | # 生成 outbound 配置
110 | cat > ${WORK_DIR}/conf/01_outbounds.json << EOF
111 | {
112 | "outbounds":[
113 | {
114 | "type":"direct",
115 | "tag":"direct"
116 | }
117 | ]
118 | }
119 | EOF
120 |
121 | # 生成 endpoint 配置
122 | cat > ${WORK_DIR}/conf/02_endpoints.json << EOF
123 | {
124 | "endpoints":[
125 | {
126 | "type":"wireguard",
127 | "tag":"warp-ep",
128 | "mtu":1280,
129 | "address":[
130 | "172.16.0.2/32",
131 | "2606:4700:110:8a36:df92:102a:9602:fa18/128"
132 | ],
133 | "private_key":"YFYOAdbw1bKTHlNNi+aEjBM3BO7unuFC5rOkMRAz9XY=",
134 | "peers": [
135 | {
136 | "address": "engage.cloudflareclient.com",
137 | "port":2408,
138 | "public_key":"bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=",
139 | "allowed_ips": [
140 | "0.0.0.0/0",
141 | "::/0"
142 | ],
143 | "reserved":[
144 | 78,
145 | 135,
146 | 76
147 | ]
148 | }
149 | ]
150 | }
151 | ]
152 | }
153 | EOF
154 |
155 | # 生成 route 配置
156 | cat > ${WORK_DIR}/conf/03_route.json << EOF
157 | {
158 | "route":{
159 | "rule_set":[
160 | {
161 | "tag":"geosite-openai",
162 | "type":"remote",
163 | "format":"binary",
164 | "url":"https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-openai.srs"
165 | }
166 | ],
167 | "rules":[
168 | {
169 | "action": "sniff"
170 | },
171 | {
172 | "action": "resolve",
173 | "domain":[
174 | "api.openai.com"
175 | ],
176 | "strategy": "prefer_ipv4"
177 | },
178 | {
179 | "action": "resolve",
180 | "rule_set":[
181 | "geosite-openai"
182 | ],
183 | "strategy": "prefer_ipv6"
184 | },
185 | {
186 | "domain":[
187 | "api.openai.com"
188 | ],
189 | "rule_set":[
190 | "geosite-openai"
191 | ],
192 | "outbound":"${CHATGPT_OUT}"
193 | }
194 | ]
195 | }
196 | }
197 | EOF
198 |
199 | # 生成缓存文件
200 | cat > ${WORK_DIR}/conf/04_experimental.json << EOF
201 | {
202 | "experimental": {
203 | "cache_file": {
204 | "enabled": true,
205 | "path": "${WORK_DIR}/cache.db"
206 | }
207 | }
208 | }
209 | EOF
210 |
211 | # 生成 dns 配置文件
212 | cat > ${WORK_DIR}/conf/05_dns.json << EOF
213 | {
214 | "dns":{
215 | "servers":[
216 | {
217 | "type":"local"
218 | }
219 | ],
220 | "strategy": "${STRATEGY}"
221 | }
222 | }
223 | EOF
224 |
225 | # 内建的 NTP 客户端服务配置文件,这对于无法进行时间同步的环境很有用
226 | cat > ${WORK_DIR}/conf/06_ntp.json << EOF
227 | {
228 | "ntp": {
229 | "enabled": true,
230 | "server": "time.apple.com",
231 | "server_port": 123,
232 | "interval": "60m"
233 | }
234 | }
235 | EOF
236 |
237 | # 生成 XTLS + Reality 配置
238 | [ "${XTLS_REALITY}" = 'true' ] && ((PORT++)) && PORT_XTLS_REALITY=$PORT && cat > ${WORK_DIR}/conf/11_xtls-reality_inbounds.json << EOF
239 | // "public_key":"${REALITY_PUBLIC}"
240 | {
241 | "inbounds":[
242 | {
243 | "type":"vless",
244 | "tag":"${NODE_NAME} xtls-reality",
245 | "listen":"::",
246 | "listen_port":${PORT_XTLS_REALITY},
247 | "users":[
248 | {
249 | "uuid":"${UUID}",
250 | "flow":""
251 | }
252 | ],
253 | "tls":{
254 | "enabled":true,
255 | "server_name":"addons.mozilla.org",
256 | "reality":{
257 | "enabled":true,
258 | "handshake":{
259 | "server":"addons.mozilla.org",
260 | "server_port":443
261 | },
262 | "private_key":"${REALITY_PRIVATE}",
263 | "short_id":[
264 | ""
265 | ]
266 | }
267 | },
268 | "multiplex":{
269 | "enabled":true,
270 | "padding":true,
271 | "brutal":{
272 | "enabled":${IS_BRUTAL},
273 | "up_mbps":1000,
274 | "down_mbps":1000
275 | }
276 | }
277 | }
278 | ]
279 | }
280 | EOF
281 |
282 | # 生成 Hysteria2 配置
283 | [ "${HYSTERIA2}" = 'true' ] && ((PORT++)) && PORT_HYSTERIA2=$PORT && cat > ${WORK_DIR}/conf/12_hysteria2_inbounds.json << EOF
284 | {
285 | "inbounds":[
286 | {
287 | "type":"hysteria2",
288 | "tag":"${NODE_NAME} hysteria2",
289 | "listen":"::",
290 | "listen_port":${PORT_HYSTERIA2},
291 | "users":[
292 | {
293 | "password":"${UUID}"
294 | }
295 | ],
296 | "ignore_client_bandwidth":false,
297 | "tls":{
298 | "enabled":true,
299 | "server_name":"",
300 | "alpn":[
301 | "h3"
302 | ],
303 | "min_version":"1.3",
304 | "max_version":"1.3",
305 | "certificate_path":"${WORK_DIR}/cert/cert.pem",
306 | "key_path":"${WORK_DIR}/cert/private.key"
307 | }
308 | }
309 | ]
310 | }
311 | EOF
312 |
313 | # 生成 Tuic V5 配置
314 | [ "${TUIC}" = 'true' ] && ((PORT++)) && PORT_TUIC=$PORT && cat > ${WORK_DIR}/conf/13_tuic_inbounds.json << EOF
315 | {
316 | "inbounds":[
317 | {
318 | "type":"tuic",
319 | "tag":"${NODE_NAME} tuic",
320 | "listen":"::",
321 | "listen_port":${PORT_TUIC},
322 | "users":[
323 | {
324 | "uuid":"${UUID}",
325 | "password":"${UUID}"
326 | }
327 | ],
328 | "congestion_control": "bbr",
329 | "zero_rtt_handshake": false,
330 | "tls":{
331 | "enabled":true,
332 | "alpn":[
333 | "h3"
334 | ],
335 | "certificate_path":"${WORK_DIR}/cert/cert.pem",
336 | "key_path":"${WORK_DIR}/cert/private.key"
337 | }
338 | }
339 | ]
340 | }
341 | EOF
342 |
343 | # 生成 ShadowTLS V5 配置
344 | [ "${SHADOWTLS}" = 'true' ] && ((PORT++)) && PORT_SHADOWTLS=$PORT && cat > ${WORK_DIR}/conf/14_ShadowTLS_inbounds.json << EOF
345 | {
346 | "inbounds":[
347 | {
348 | "type":"shadowtls",
349 | "tag":"${NODE_NAME} ShadowTLS",
350 | "listen":"::",
351 | "listen_port":${PORT_SHADOWTLS},
352 | "detour":"shadowtls-in",
353 | "version":3,
354 | "users":[
355 | {
356 | "password":"${UUID}"
357 | }
358 | ],
359 | "handshake":{
360 | "server":"addons.mozilla.org",
361 | "server_port":443
362 | },
363 | "strict_mode":true
364 | },
365 | {
366 | "type":"shadowsocks",
367 | "tag":"shadowtls-in",
368 | "listen":"127.0.0.1",
369 | "network":"tcp",
370 | "method":"2022-blake3-aes-128-gcm",
371 | "password":"${SHADOWTLS_PASSWORD}",
372 | "multiplex":{
373 | "enabled":true,
374 | "padding":true,
375 | "brutal":{
376 | "enabled":${IS_BRUTAL},
377 | "up_mbps":1000,
378 | "down_mbps":1000
379 | }
380 | }
381 | }
382 | ]
383 | }
384 | EOF
385 |
386 | # 生成 Shadowsocks 配置
387 | [ "${SHADOWSOCKS}" = 'true' ] && ((PORT++)) && PORT_SHADOWSOCKS=$PORT && cat > ${WORK_DIR}/conf/15_shadowsocks_inbounds.json << EOF
388 | {
389 | "inbounds":[
390 | {
391 | "type":"shadowsocks",
392 | "tag":"${NODE_NAME} shadowsocks",
393 | "listen":"::",
394 | "listen_port":${PORT_SHADOWSOCKS},
395 | "method":"aes-128-gcm",
396 | "password":"${UUID}",
397 | "multiplex":{
398 | "enabled":true,
399 | "padding":true,
400 | "brutal":{
401 | "enabled":${IS_BRUTAL},
402 | "up_mbps":1000,
403 | "down_mbps":1000
404 | }
405 | }
406 | }
407 | ]
408 | }
409 | EOF
410 |
411 | # 生成 Trojan 配置
412 | [ "${TROJAN}" = 'true' ] && ((PORT++)) && PORT_TROJAN=$PORT && cat > ${WORK_DIR}/conf/16_trojan_inbounds.json << EOF
413 | {
414 | "inbounds":[
415 | {
416 | "type":"trojan",
417 | "tag":"${NODE_NAME} trojan",
418 | "listen":"::",
419 | "listen_port":${PORT_TROJAN},
420 | "users":[
421 | {
422 | "password":"${UUID}"
423 | }
424 | ],
425 | "tls":{
426 | "enabled":true,
427 | "certificate_path":"${WORK_DIR}/cert/cert.pem",
428 | "key_path":"${WORK_DIR}/cert/private.key"
429 | },
430 | "multiplex":{
431 | "enabled":true,
432 | "padding":true,
433 | "brutal":{
434 | "enabled":${IS_BRUTAL},
435 | "up_mbps":1000,
436 | "down_mbps":1000
437 | }
438 | }
439 | }
440 | ]
441 | }
442 | EOF
443 |
444 | # 生成 vmess + ws 配置
445 | [ "${VMESS_WS}" = 'true' ] && ((PORT++)) && PORT_VMESS_WS=$PORT && cat > ${WORK_DIR}/conf/17_vmess-ws_inbounds.json << EOF
446 | // "CDN": "${CDN}"
447 | {
448 | "inbounds":[
449 | {
450 | "type":"vmess",
451 | "tag":"${NODE_NAME} vmess-ws",
452 | "listen":"127.0.0.1",
453 | "listen_port":${PORT_VMESS_WS},
454 | "tcp_fast_open":false,
455 | "proxy_protocol":false,
456 | "users":[
457 | {
458 | "uuid":"${UUID}",
459 | "alterId":0
460 | }
461 | ],
462 | "transport":{
463 | "type":"ws",
464 | "path":"/${UUID}-vmess",
465 | "max_early_data":2048,
466 | "early_data_header_name":"Sec-WebSocket-Protocol"
467 | },
468 | "multiplex":{
469 | "enabled":true,
470 | "padding":true,
471 | "brutal":{
472 | "enabled":${IS_BRUTAL},
473 | "up_mbps":1000,
474 | "down_mbps":1000
475 | }
476 | }
477 | }
478 | ]
479 | }
480 | EOF
481 |
482 | # 生成 vless + ws + tls 配置
483 | [ "${VLESS_WS}" = 'true' ] && ((PORT++)) && PORT_VLESS_WS=$PORT && cat > ${WORK_DIR}/conf/18_vless-ws-tls_inbounds.json << EOF
484 | // "CDN": "${CDN}"
485 | {
486 | "inbounds":[
487 | {
488 | "type":"vless",
489 | "tag":"${NODE_NAME} vless-ws-tls",
490 | "listen":"::",
491 | "listen_port":${PORT_VLESS_WS},
492 | "tcp_fast_open":false,
493 | "proxy_protocol":false,
494 | "users":[
495 | {
496 | "name":"sing-box",
497 | "uuid":"${UUID}"
498 | }
499 | ],
500 | "transport":{
501 | "type":"ws",
502 | "path":"/${UUID}-vless",
503 | "max_early_data":2048,
504 | "early_data_header_name":"Sec-WebSocket-Protocol"
505 | },
506 | "multiplex":{
507 | "enabled":true,
508 | "padding":true,
509 | "brutal":{
510 | "enabled":${IS_BRUTAL},
511 | "up_mbps":1000,
512 | "down_mbps":1000
513 | }
514 | }
515 | }
516 | ]
517 | }
518 | EOF
519 |
520 | # 生成 H2 + Reality 配置
521 | [ "${H2_REALITY}" = 'true' ] && ((PORT++)) && PORT_H2_REALITY=$PORT && cat > ${WORK_DIR}/conf/19_h2-reality_inbounds.json << EOF
522 | // "public_key":"${REALITY_PUBLIC}"
523 | {
524 | "inbounds":[
525 | {
526 | "type":"vless",
527 | "tag":"${NODE_NAME} h2-reality",
528 | "listen":"::",
529 | "listen_port":${PORT_H2_REALITY},
530 | "users":[
531 | {
532 | "uuid":"${UUID}"
533 | }
534 | ],
535 | "tls":{
536 | "enabled":true,
537 | "server_name":"addons.mozilla.org",
538 | "reality":{
539 | "enabled":true,
540 | "handshake":{
541 | "server":"addons.mozilla.org",
542 | "server_port":443
543 | },
544 | "private_key":"${REALITY_PRIVATE}",
545 | "short_id":[
546 | ""
547 | ]
548 | }
549 | },
550 | "transport": {
551 | "type": "http"
552 | },
553 | "multiplex":{
554 | "enabled":true,
555 | "padding":true,
556 | "brutal":{
557 | "enabled":${IS_BRUTAL},
558 | "up_mbps":1000,
559 | "down_mbps":1000
560 | }
561 | }
562 | }
563 | ]
564 | }
565 | EOF
566 |
567 | # 生成 gRPC + Reality 配置
568 | [ "${GRPC_REALITY}" = 'true' ] && ((PORT++)) && PORT_GRPC_REALITY=$PORT && cat > ${WORK_DIR}/conf/20_grpc-reality_inbounds.json << EOF
569 | // "public_key":"${REALITY_PUBLIC}"
570 | {
571 | "inbounds":[
572 | {
573 | "type":"vless",
574 | "sniff":true,
575 | "sniff_override_destination":true,
576 | "tag":"${NODE_NAME} grpc-reality",
577 | "listen":"::",
578 | "listen_port":${PORT_GRPC_REALITY},
579 | "users":[
580 | {
581 | "uuid":"${UUID}"
582 | }
583 | ],
584 | "tls":{
585 | "enabled":true,
586 | "server_name":"addons.mozilla.org",
587 | "reality":{
588 | "enabled":true,
589 | "handshake":{
590 | "server":"addons.mozilla.org",
591 | "server_port":443
592 | },
593 | "private_key":"${REALITY_PRIVATE}",
594 | "short_id":[
595 | ""
596 | ]
597 | }
598 | },
599 | "transport": {
600 | "type": "grpc",
601 | "service_name": "grpc"
602 | },
603 | "multiplex":{
604 | "enabled":true,
605 | "padding":true,
606 | "brutal":{
607 | "enabled":${IS_BRUTAL},
608 | "up_mbps":1000,
609 | "down_mbps":1000
610 | }
611 | }
612 | }
613 | ]
614 | }
615 | EOF
616 |
617 | # 生成 AnyTLS 配置
618 | [ "${ANYTLS}" = 'true' ] && ((PORT++)) && PORT_ANYTLS=$PORT && cat > ${WORK_DIR}/conf/21_anytls_inbounds.json << EOF
619 | {
620 | "inbounds":[
621 | {
622 | "type":"anytls",
623 | "tag":"${NODE_NAME} anytls",
624 | "listen":"::",
625 | "listen_port":$PORT_ANYTLS,
626 | "users":[
627 | {
628 | "password":"${UUID}"
629 | }
630 | ],
631 | "padding_scheme":[],
632 | "tls":{
633 | "enabled":true,
634 | "certificate_path":"${WORK_DIR}/cert/cert.pem",
635 | "key_path":"${WORK_DIR}/cert/private.key"
636 | }
637 | }
638 | ]
639 | }
640 | EOF
641 |
642 | # 判断 argo 隧道类型
643 | if [[ -n "$ARGO_DOMAIN" && -n "$ARGO_AUTH" ]]; then
644 | if [[ "$ARGO_AUTH" =~ TunnelSecret ]]; then
645 | ARGO_JSON=${ARGO_AUTH//[ ]/}
646 | ARGO_RUNS="cloudflared tunnel --edge-ip-version auto --config ${WORK_DIR}/tunnel.yml run"
647 | echo $ARGO_JSON > ${WORK_DIR}/tunnel.json
648 | cat > ${WORK_DIR}/tunnel.yml << EOF
649 | tunnel: $(cut -d\" -f12 <<< $ARGO_JSON)
650 | credentials-file: ${WORK_DIR}/tunnel.json
651 |
652 | ingress:
653 | - hostname: ${ARGO_DOMAIN}
654 | service: https://localhost:${START_PORT}
655 | originRequest:
656 | noTLSVerify: true
657 | - service: http_status:404
658 | EOF
659 |
660 | elif [[ "${ARGO_AUTH}" =~ [a-z0-9A-Z=]{120,250} ]]; then
661 | [[ "{$ARGO_AUTH}" =~ cloudflared.*service ]] && ARGO_TOKEN=$(awk -F ' ' '{print $NF}' <<< "$ARGO_AUTH") || ARGO_TOKEN=$ARGO_AUTH
662 | ARGO_RUNS="cloudflared tunnel --edge-ip-version auto run --token ${ARGO_TOKEN}"
663 | fi
664 | else
665 | ((PORT++))
666 | METRICS_PORT=$PORT
667 | ARGO_RUNS="cloudflared tunnel --edge-ip-version auto --no-autoupdate --no-tls-verify --metrics 0.0.0.0:$METRICS_PORT --url https://localhost:$START_PORT"
668 | fi
669 |
670 | # 生成 supervisord 配置文件
671 | mkdir -p /etc/supervisor.d
672 | SUPERVISORD_CONF="[supervisord]
673 | user=root
674 | nodaemon=true
675 | logfile=/dev/null
676 | pidfile=/run/supervisord.pid
677 |
678 | [program:nginx]
679 | command=/usr/sbin/nginx -g 'daemon off;'
680 | autostart=true
681 | autorestart=true
682 | stderr_logfile=/dev/null
683 | stdout_logfile=/dev/null
684 |
685 | [program:sing-box]
686 | command=${WORK_DIR}/sing-box run -C ${WORK_DIR}/conf/
687 | autostart=true
688 | autorestart=true
689 | stderr_logfile=/dev/null
690 | stdout_logfile=/dev/null"
691 |
692 | [ -z "$METRICS_PORT" ] && SUPERVISORD_CONF+="
693 |
694 | [program:argo]
695 | command=${WORK_DIR}/$ARGO_RUNS
696 | autostart=true
697 | autorestart=true
698 | stderr_logfile=/dev/null
699 | stdout_logfile=/dev/null
700 | "
701 |
702 | echo "$SUPERVISORD_CONF" > /etc/supervisor.d/daemon.ini
703 |
704 | # 如使用临时隧道,先运行 cloudflared 以获取临时隧道域名
705 | if [ -n "$METRICS_PORT" ]; then
706 | ${WORK_DIR}/$ARGO_RUNS >/dev/null 2>&1 &
707 | sleep 15
708 | local ARGO_DOMAIN=$(wget -qO- http://localhost:$METRICS_PORT/quicktunnel | awk -F '"' '{print $4}')
709 | fi
710 |
711 | # 生成 nginx 配置文件
712 | local NGINX_CONF="user root;
713 |
714 | worker_processes auto;
715 |
716 | error_log /dev/null;
717 | pid /var/run/nginx.pid;
718 |
719 | events {
720 | worker_connections 1024;
721 | }
722 |
723 | http {
724 | map \$http_user_agent \$path {
725 | default /; # 默认路径
726 | ~*v2rayN|Neko /base64; # 匹配 V2rayN / NekoBox 客户端
727 | ~*clash /clash; # 匹配 Clash 客户端
728 | ~*ShadowRocket /shadowrocket; # 匹配 ShadowRocket 客户端
729 | ~*SFM /sing-box-pc; # 匹配 Sing-box pc 客户端
730 | ~*SFI|SFA /sing-box-phone; # 匹配 Sing-box phone 客户端
731 | # ~*Chrome|Firefox|Mozilla /; # 添加更多的分流规则
732 | }
733 |
734 | include /etc/nginx/mime.types;
735 | default_type application/octet-stream;
736 |
737 | log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
738 | '\$status \$body_bytes_sent "\$http_referer" '
739 | '"\$http_user_agent" "\$http_x_forwarded_for"';
740 |
741 | access_log /dev/null;
742 |
743 | sendfile on;
744 | #tcp_nopush on;
745 |
746 | keepalive_timeout 65;
747 |
748 | #gzip on;
749 |
750 | #include /etc/nginx/conf.d/*.conf;
751 |
752 | server {
753 | listen 127.0.0.1:$START_PORT ssl ; # sing-box backend
754 | http2 on;
755 | server_name addons.mozilla.org;
756 |
757 | ssl_certificate ${WORK_DIR}/cert/cert.pem;
758 | ssl_certificate_key ${WORK_DIR}/cert/private.key;
759 | ssl_protocols TLSv1.3;
760 | ssl_session_tickets on;
761 | ssl_stapling off;
762 | ssl_stapling_verify off;"
763 |
764 | [ "${VLESS_WS}" = 'true' ] && NGINX_CONF+="
765 | # 反代 sing-box vless websocket
766 | location /${UUID}-vless {
767 | if (\$http_upgrade != "websocket") {
768 | return 404;
769 | }
770 | proxy_pass http://127.0.0.1:${PORT_VLESS_WS};
771 | proxy_http_version 1.1;
772 | proxy_set_header Upgrade \$http_upgrade;
773 | proxy_set_header Connection "upgrade";
774 | proxy_set_header X-Real-IP \$remote_addr;
775 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
776 | proxy_set_header Host \$host;
777 | proxy_redirect off;
778 | }"
779 |
780 | [ "${VMESS_WS}" = 'true' ] && NGINX_CONF+="
781 | # 反代 sing-box websocket
782 | location /${UUID}-vmess {
783 | if (\$http_upgrade != "websocket") {
784 | return 404;
785 | }
786 | proxy_pass http://127.0.0.1:${PORT_VMESS_WS};
787 | proxy_http_version 1.1;
788 | proxy_set_header Upgrade \$http_upgrade;
789 | proxy_set_header Connection "upgrade";
790 | proxy_set_header X-Real-IP \$remote_addr;
791 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
792 | proxy_set_header Host \$host;
793 | proxy_redirect off;
794 | }"
795 |
796 | NGINX_CONF+="
797 | # 来自 /auto 的分流
798 | location ~ ^/${UUID}/auto {
799 | default_type 'text/plain; charset=utf-8';
800 | alias ${WORK_DIR}/subscribe/\$path;
801 | }
802 |
803 | location ~ ^/${UUID}/(.*) {
804 | autoindex on;
805 | proxy_set_header X-Real-IP \$proxy_protocol_addr;
806 | default_type 'text/plain; charset=utf-8';
807 | alias ${WORK_DIR}/subscribe/\$1;
808 | }
809 | }
810 | }"
811 |
812 | echo "$NGINX_CONF" > /etc/nginx/nginx.conf
813 |
814 | # IPv6 时的 IP 处理
815 | if [[ "$SERVER_IP" =~ : ]]; then
816 | SERVER_IP_1="[$SERVER_IP]"
817 | SERVER_IP_2="[[$SERVER_IP]]"
818 | else
819 | SERVER_IP_1="$SERVER_IP"
820 | SERVER_IP_2="$SERVER_IP"
821 | fi
822 |
823 | # 生成各订阅文件
824 | # 生成 Clash proxy providers 订阅文件
825 | local CLASH_SUBSCRIBE='proxies:'
826 |
827 | [ "${XTLS_REALITY}" = 'true' ] && local CLASH_XTLS_REALITY="- {name: \"${NODE_NAME} xtls-reality\", type: vless, server: ${SERVER_IP}, port: ${PORT_XTLS_REALITY}, uuid: ${UUID}, network: tcp, udp: true, tls: true, servername: addons.mozilla.org, client-fingerprint: chrome, reality-opts: {public-key: ${REALITY_PUBLIC}, short-id: \"\"}, smux: { enabled: true, protocol: 'h2mux', padding: true, max-connections: '8', min-streams: '16', statistic: true, only-tcp: false }, brutal-opts: { enabled: ${IS_BRUTAL}, up: '1000 Mbps', down: '1000 Mbps' } }" &&
828 | local CLASH_SUBSCRIBE+="
829 | $CLASH_XTLS_REALITY
830 | "
831 | [ "${HYSTERIA2}" = 'true' ] && local CLASH_HYSTERIA2="- {name: \"${NODE_NAME} hysteria2\", type: hysteria2, server: ${SERVER_IP}, port: ${PORT_HYSTERIA2}, up: \"200 Mbps\", down: \"1000 Mbps\", password: ${UUID}, skip-cert-verify: true}" &&
832 | local CLASH_SUBSCRIBE+="
833 | - {name: \"${NODE_NAME} hysteria2\", type: hysteria2, server: ${SERVER_IP}, port: ${PORT_HYSTERIA2}, up: \"200 Mbps\", down: \"1000 Mbps\", password: ${UUID}, skip-cert-verify: true}
834 | "
835 | [ "${TUIC}" = 'true' ] && local CLASH_TUIC="- {name: \"${NODE_NAME} tuic\", type: tuic, server: ${SERVER_IP}, port: ${PORT_TUIC}, uuid: ${UUID}, password: ${UUID}, alpn: [h3], disable-sni: true, reduce-rtt: true, request-timeout: 8000, udp-relay-mode: native, congestion-controller: bbr, skip-cert-verify: true}" &&
836 | local CLASH_SUBSCRIBE+="
837 | $CLASH_TUIC
838 | "
839 | [ "${SHADOWTLS}" = 'true' ] && local CLASH_SHADOWTLS="- {name: \"${NODE_NAME} ShadowTLS\", type: ss, server: ${SERVER_IP}, port: ${PORT_SHADOWTLS}, cipher: 2022-blake3-aes-128-gcm, password: ${SHADOWTLS_PASSWORD}, plugin: shadow-tls, client-fingerprint: chrome, plugin-opts: {host: addons.mozilla.org, password: \"${UUID}\", version: 3}, smux: { enabled: true, protocol: 'h2mux', padding: true, max-connections: '8', min-streams: '16', statistic: true, only-tcp: false }, brutal-opts: { enabled: ${IS_BRUTAL}, up: '1000 Mbps', down: '1000 Mbps' } }" &&
840 | local CLASH_SUBSCRIBE+="
841 | $CLASH_SHADOWTLS
842 | "
843 | [ "${SHADOWSOCKS}" = 'true' ] && local CLASH_SHADOWSOCKS="- {name: \"${NODE_NAME} shadowsocks\", type: ss, server: ${SERVER_IP}, port: $PORT_SHADOWSOCKS, cipher: aes-128-gcm, password: ${UUID}, smux: { enabled: true, protocol: 'h2mux', padding: true, max-connections: '8', min-streams: '16', statistic: true, only-tcp: false }, brutal-opts: { enabled: ${IS_BRUTAL}, up: '1000 Mbps', down: '1000 Mbps' } }" &&
844 | local CLASH_SUBSCRIBE+="
845 | $CLASH_SHADOWSOCKS
846 | "
847 | [ "${TROJAN}" = 'true' ] && local CLASH_TROJAN="- {name: \"${NODE_NAME} trojan\", type: trojan, server: ${SERVER_IP}, port: $PORT_TROJAN, password: ${UUID}, client-fingerprint: random, skip-cert-verify: true, smux: { enabled: true, protocol: 'h2mux', padding: true, max-connections: '8', min-streams: '16', statistic: true, only-tcp: false }, brutal-opts: { enabled: ${IS_BRUTAL}, up: '1000 Mbps', down: '1000 Mbps' } }" &&
848 | local CLASH_SUBSCRIBE+="
849 | $CLASH_TROJAN
850 | "
851 | [ "${VMESS_WS}" = 'true' ] && local CLASH_VMESS_WS="- {name: \"${NODE_NAME} vmess-ws\", type: vmess, server: ${CDN}, port: 80, uuid: ${UUID}, udp: true, tls: false, alterId: 0, cipher: auto, skip-cert-verify: true, network: ws, ws-opts: { path: \"/${UUID}-vmess\", headers: {Host: ${ARGO_DOMAIN}} }, smux: { enabled: true, protocol: 'h2mux', padding: true, max-connections: '8', min-streams: '16', statistic: true, only-tcp: false }, brutal-opts: { enabled: ${IS_BRUTAL}, up: '1000 Mbps', down: '1000 Mbps' } }" &&
852 | local CLASH_SUBSCRIBE+="
853 | $CLASH_VMESS_WS
854 | "
855 | [ "${VLESS_WS}" = 'true' ] && local CLASH_VLESS_WS="- {name: \"${NODE_NAME} vless-ws-tls\", type: vless, server: ${CDN}, port: 443, uuid: ${UUID}, udp: true, tls: true, servername: ${ARGO_DOMAIN}, network: ws, skip-cert-verify: true, ws-opts: { path: \"/${UUID}-vless\", headers: {Host: ${ARGO_DOMAIN}}, max-early-data: 2048, early-data-header-name: Sec-WebSocket-Protocol }, smux: { enabled: true, protocol: 'h2mux', padding: true, max-connections: '8', min-streams: '16', statistic: true, only-tcp: false }, brutal-opts: { enabled: ${IS_BRUTAL}, up: '1000 Mbps', down: '1000 Mbps' } }" &&
856 | local CLASH_SUBSCRIBE+="
857 | $CLASH_VLESS_WS
858 | "
859 | # Clash 的 H2 传输层未实现多路复用功能,在 Clash.Meta 中更建议使用 gRPC 协议,故不输出相关配置。 https://wiki.metacubex.one/config/proxies/vless/
860 | [ "${H2_REALITY}" = 'true' ]
861 |
862 | [ "${GRPC_REALITY}" = 'true' ] && local CLASH_GRPC_REALITY="- {name: \"${NODE_NAME} grpc-reality\", type: vless, server: ${SERVER_IP}, port: ${PORT_GRPC_REALITY}, uuid: ${UUID}, network: grpc, tls: true, udp: true, flow:, client-fingerprint: chrome, servername: addons.mozilla.org, grpc-opts: { grpc-service-name: \"grpc\" }, reality-opts: { public-key: ${REALITY_PUBLIC}, short-id: \"\" }, smux: { enabled: true, protocol: 'h2mux', padding: true, max-connections: '8', min-streams: '16', statistic: true, only-tcp: false }, brutal-opts: { enabled: ${IS_BRUTAL}, up: '1000 Mbps', down: '1000 Mbps' } }" &&
863 | local CLASH_SUBSCRIBE+="
864 | $CLASH_GRPC_REALITY
865 | "
866 | [ "${ANYTLS}" = 'true' ] && local CLASH_ANYTLS="- {name: \"${NODE_NAME} anytls\", type: anytls, server: ${SERVER_IP}, port: $PORT_ANYTLS, password: ${UUID}, client-fingerprint: chrome, udp: true, idle-session-check-interval: 30, idle-session-timeout: 30, skip-cert-verify: true }" &&
867 | local CLASH_SUBSCRIBE+="
868 | $CLASH_ANYTLS
869 | "
870 |
871 | echo -n "${CLASH_SUBSCRIBE}" | sed -E '/^[ ]*#|^--/d' | sed '/^$/d' > ${WORK_DIR}/subscribe/proxies
872 |
873 | # 生成 clash 订阅配置文件
874 | # 模板: 使用 proxy providers
875 | wget -qO- --tries=3 --timeout=2 ${SUBSCRIBE_TEMPLATE}/clash | sed "s#NODE_NAME#${NODE_NAME}#g; s#PROXY_PROVIDERS_URL#https://${ARGO_DOMAIN}/${UUID}/proxies#" > ${WORK_DIR}/subscribe/clash
876 |
877 | # 生成 ShadowRocket 订阅配置文件
878 | [ "${XTLS_REALITY}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
879 | vless://$(echo -n "auto:${UUID}@${SERVER_IP_2}:${PORT_XTLS_REALITY}" | base64 -w0)?remarks=${NODE_NAME} xtls-reality&obfs=none&tls=1&peer=addons.mozilla.org&mux=1&pbk=${REALITY_PUBLIC}
880 | "
881 | [ "${HYSTERIA2}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
882 | hysteria2://${UUID}@${SERVER_IP_1}:${PORT_HYSTERIA2}?insecure=1&obfs=none#${NODE_NAME}%20hysteria2
883 | "
884 | [ "${TUIC}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
885 | tuic://${UUID}:${UUID}@${SERVER_IP_2}:${PORT_TUIC}?congestion_control=bbr&udp_relay_mode=native&alpn=h3&allow_insecure=1#${NODE_NAME}%20tuic
886 | "
887 | [ "${SHADOWTLS}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
888 | ss://$(echo -n "2022-blake3-aes-128-gcm:${SHADOWTLS_PASSWORD}@${SERVER_IP_2}:${PORT_SHADOWTLS}" | base64 -w0)?shadow-tls=$(echo -n "{\"version\":\"3\",\"host\":\"addons.mozilla.org\",\"password\":\"${UUID}\"}" | base64 -w0)#${NODE_NAME}%20ShadowTLS
889 | "
890 | [ "${SHADOWSOCKS}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
891 | ss://$(echo -n "aes-128-gcm:${UUID}@${SERVER_IP_2}:$PORT_SHADOWSOCKS" | base64 -w0)#${NODE_NAME}%20shadowsocks
892 | "
893 | [ "${TROJAN}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
894 | trojan://${UUID}@${SERVER_IP_1}:$PORT_TROJAN?allowInsecure=1#${NODE_NAME}%20trojan
895 | "
896 | [ "${VMESS_WS}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
897 | ----------------------------
898 | vmess://$(echo -n "auto:${UUID}@${CDN}:80" | base64 -w0)?remarks=${NODE_NAME}%20vmess-ws&obfsParam=${ARGO_DOMAIN}&path=/${UUID}-vmess&obfs=websocket&alterId=0
899 | "
900 | [ "${VLESS_WS}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
901 | ----------------------------
902 | vless://$(echo -n "auto:${UUID}@${CDN}:443" | base64 -w0)?remarks=${NODE_NAME} vless-ws-tls&obfsParam=${ARGO_DOMAIN}&path=/${UUID}-vless?ed=2048&obfs=websocket&tls=1&peer=${ARGO_DOMAIN}&allowInsecure=1
903 | "
904 | [ "${H2_REALITY}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
905 | ----------------------------
906 | vless://$(echo -n auto:${UUID}@${SERVER_IP_2}:${PORT_H2_REALITY} | base64 -w0)?remarks=${NODE_NAME}%20h2-reality&path=/&obfs=h2&tls=1&peer=addons.mozilla.org&alpn=h2&mux=1&pbk=${REALITY_PUBLIC}
907 | "
908 | [ "${GRPC_REALITY}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
909 | vless://$(echo -n "auto:${UUID}@${SERVER_IP_2}:${PORT_GRPC_REALITY}" | base64 -w0)?remarks=${NODE_NAME}%20grpc-reality&path=grpc&obfs=grpc&tls=1&peer=addons.mozilla.org&pbk=${REALITY_PUBLIC}
910 | "
911 | [ "${PORT_ANYTLS}" = 'true' ] && local SHADOWROCKET_SUBSCRIBE+="
912 | anytls://${UUID]}@${SERVER_IP_1}:${PORT_ANYTLS}?insecure=1&udp=1#${NODE_NAME}%20&anytls
913 | "
914 | echo -n "$SHADOWROCKET_SUBSCRIBE" | sed -E '/^[ ]*#|^--/d' | sed '/^$/d' | base64 -w0 > ${WORK_DIR}/subscribe/shadowrocket
915 |
916 | # 生成 V2rayN 订阅文件
917 | [ "${XTLS_REALITY}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
918 | ----------------------------
919 | vless://${UUID}@${SERVER_IP_1}:${PORT_XTLS_REALITY}?encryption=none&security=reality&sni=addons.mozilla.org&fp=chrome&pbk=${REALITY_PUBLIC}&type=tcp&headerType=none#${NODE_NAME// /%20}%20xtls-reality"
920 |
921 | [ "${HYSTERIA2}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
922 | ----------------------------
923 | hysteria2://${UUID}@${SERVER_IP_1}:${PORT_HYSTERIA2}/?alpn=h3&insecure=1#${NODE_NAME// /%20}%20hysteria2"
924 |
925 | [ "${TUIC}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
926 | ----------------------------
927 | tuic://${UUID}:${UUID}@${SERVER_IP_1}:${PORT_TUIC}?alpn=h3&congestion_control=bbr#${NODE_NAME// /%20}%20tuic
928 |
929 | # $(info "请把 tls 里的 inSecure 设置为 true")"
930 |
931 | [ "${SHADOWTLS}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
932 | ----------------------------
933 | # $(info "ShadowTLS 配置文件内容,需要更新 sing_box 内核")
934 |
935 | {
936 | \"log\":{
937 | \"level\":\"warn\"
938 | },
939 | \"inbounds\":[
940 | {
941 | \"listen\":\"127.0.0.1\",
942 | \"listen_port\":${PORT_SHADOWTLS},
943 | \"sniff\":true,
944 | \"sniff_override_destination\":false,
945 | \"tag\": \"ShadowTLS\",
946 | \"type\":\"mixed\"
947 | }
948 | ],
949 | \"outbounds\":[
950 | {
951 | \"detour\":\"shadowtls-out\",
952 | \"method\":\"2022-blake3-aes-128-gcm\",
953 | \"password\":\"${SHADOWTLS_PASSWORD}\",
954 | \"type\":\"shadowsocks\",
955 | \"udp_over_tcp\": false,
956 | \"multiplex\": {
957 | \"enabled\": true,
958 | \"protocol\": \"h2mux\",
959 | \"max_connections\": 8,
960 | \"min_streams\": 16,
961 | \"padding\": true
962 | }
963 | },
964 | {
965 | \"password\":\"${UUID}\",
966 | \"server\":\"${SERVER_IP}\",
967 | \"server_port\":${PORT_SHADOWTLS},
968 | \"tag\": \"shadowtls-out\",
969 | \"tls\":{
970 | \"enabled\":true,
971 | \"server_name\":\"addons.mozilla.org\",
972 | \"utls\": {
973 | \"enabled\": true,
974 | \"fingerprint\": \"chrome\"
975 | }
976 | },
977 | \"type\":\"shadowtls\",
978 | \"version\":3
979 | }
980 | ]
981 | }"
982 | [ "${SHADOWSOCKS}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
983 | ----------------------------
984 | ss://$(echo -n "aes-128-gcm:${UUID}@${SERVER_IP_1}:$PORT_SHADOWSOCKS" | base64 -w0)#${NODE_NAME// /%20}%20shadowsocks"
985 |
986 | [ "${TROJAN}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
987 | ----------------------------
988 | trojan://${UUID}@${SERVER_IP_1}:$PORT_TROJAN?security=tls&type=tcp&headerType=none#${NODE_NAME// /%20}%20trojan
989 |
990 | # $(info "ShadowTLS 配置文件内容,需要更新 sing_box 内核")"
991 |
992 | [ "${VMESS_WS}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
993 | ----------------------------
994 | vmess://$(echo -n "{ \"v\": \"2\", \"ps\": \"${NODE_NAME} vmess-ws\", \"add\": \"${CDN}\", \"port\": \"80\", \"id\": \"${UUID}\", \"aid\": \"0\", \"scy\": \"auto\", \"net\": \"ws\", \"type\": \"none\", \"host\": \"${ARGO_DOMAIN}\", \"path\": \"/${UUID}-vmess\", \"tls\": \"\", \"sni\": \"\", \"alpn\": \"\" }" | base64 -w0)
995 | "
996 |
997 | [ "${VLESS_WS}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
998 | ----------------------------
999 | vless://${UUID}@${CDN}:443?encryption=none&security=tls&sni=${ARGO_DOMAIN}&type=ws&host=${ARGO_DOMAIN}&path=%2F${UUID}-vless%3Fed%3D2048#${NODE_NAME// /%20}%20vless-ws-tls
1000 | "
1001 |
1002 | [ "${H2_REALITY}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
1003 | ----------------------------
1004 | vless://${UUID}@${SERVER_IP_1}:${PORT_H2_REALITY}?encryption=none&security=reality&sni=addons.mozilla.org&fp=chrome&pbk=${REALITY_PUBLIC}&type=http#${NODE_NAME// /%20}%20h2-reality"
1005 |
1006 | [ "${GRPC_REALITY}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
1007 | ----------------------------
1008 | vless://${UUID}@${SERVER_IP_1}:${PORT_GRPC_REALITY}?encryption=none&security=reality&sni=addons.mozilla.org&fp=chrome&pbk=${REALITY_PUBLIC}&type=grpc&serviceName=grpc&mode=gun#${NODE_NAME// /%20}%20grpc-reality"
1009 |
1010 | [ "${ANYTLS}" = 'true' ] && local V2RAYN_SUBSCRIBE+="
1011 | ----------------------------
1012 | # $(info "AnyTLS 配置文件内容,需要更新 sing_box 内核")
1013 |
1014 | {
1015 | \"log\":{
1016 | \"level\":\"warn\"
1017 | },
1018 | \"inbounds\":[
1019 | {
1020 | \"listen\":\"127.0.0.1\",
1021 | \"listen_port\":${PORT_ANYTLS},
1022 | \"sniff\":true,
1023 | \"sniff_override_destination\":false,
1024 | \"tag\": \"AnyTLS\",
1025 | \"type\":\"mixed\"
1026 | }
1027 | ],
1028 | \"outbounds\":[
1029 | {
1030 | \"type\": \"anytls\",
1031 | \"tag\": \"${NODE_NAME} anytls\",
1032 | \"server\": \"${SERVER_IP}\",
1033 | \"server_port\": ${PORT_ANYTLS},
1034 | \"password\": \"${UUID}\",
1035 | \"idle_session_check_interval\": \"30s\",
1036 | \"idle_session_timeout\": \"30s\",
1037 | \"min_idle_session\": 5,
1038 | \"tls\": {
1039 | \"enabled\": true,
1040 | \"insecure\": true,
1041 | \"server_name\": \"\"
1042 | }
1043 | }
1044 | ]
1045 | }"
1046 |
1047 | echo -n "$V2RAYN_SUBSCRIBE" | sed -E '/^[ ]*#|^[ ]+|^--|^\{|^\}/d' | sed '/^$/d' | base64 -w0 > ${WORK_DIR}/subscribe/v2rayn
1048 |
1049 | # 生成 NekoBox 订阅文件
1050 | [ "${XTLS_REALITY}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1051 | ----------------------------
1052 | vless://${UUID}@${SERVER_IP_1}:${PORT_XTLS_REALITY}?security=reality&sni=addons.mozilla.org&fp=chrome&pbk=${REALITY_PUBLIC}&type=tcp&encryption=none#${NODE_NAME}%20xtls-reality"
1053 |
1054 | [ "${HYSTERIA2}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1055 | ----------------------------
1056 | hy2://${UUID}@${SERVER_IP_1}:${PORT_HYSTERIA2}?insecure=1#${NODE_NAME} hysteria2"
1057 |
1058 | [ "${TUIC}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1059 | ----------------------------
1060 | tuic://${UUID}:${UUID}@${SERVER_IP_1}:${PORT_TUIC}?congestion_control=bbr&alpn=h3&udp_relay_mode=native&allow_insecure=1&disable_sni=1#${NODE_NAME} tuic"
1061 |
1062 | [ "${SHADOWTLS}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1063 | ----------------------------
1064 | nekoray://custom#$(echo -n "{\"_v\":0,\"addr\":\"127.0.0.1\",\"cmd\":[\"\"],\"core\":\"internal\",\"cs\":\"{\n \\\"password\\\": \\\"${UUID}\\\",\n \\\"server\\\": \\\"${SERVER_IP_1}\\\",\n \\\"server_port\\\": ${PORT_SHADOWTLS},\n \\\"tag\\\": \\\"shadowtls-out\\\",\n \\\"tls\\\": {\n \\\"enabled\\\": true,\n \\\"server_name\\\": \\\"addons.mozilla.org\\\"\n },\n \\\"type\\\": \\\"shadowtls\\\",\n \\\"version\\\": 3\n}\n\",\"mapping_port\":0,\"name\":\"1-tls-not-use\",\"port\":1080,\"socks_port\":0}" | base64 -w0)
1065 |
1066 | nekoray://shadowsocks#$(echo -n "{\"_v\":0,\"method\":\"2022-blake3-aes-128-gcm\",\"name\":\"2-ss-not-use\",\"pass\":\"${SHADOWTLS_PASSWORD}\",\"port\":0,\"stream\":{\"ed_len\":0,\"insecure\":false,\"mux_s\":0,\"net\":\"tcp\"},\"uot\":0}" | base64 -w0)"
1067 |
1068 | [ "${SHADOWSOCKS}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1069 | ----------------------------
1070 | ss://$(echo -n "aes-128-gcm:${UUID}" | base64 -w0)@${SERVER_IP_1}:$PORT_SHADOWSOCKS#${NODE_NAME} shadowsocks"
1071 |
1072 | [ "${TROJAN}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1073 | ----------------------------
1074 | trojan://${UUID}@${SERVER_IP_1}:$PORT_TROJAN?security=tls&allowInsecure=1&fp=random&type=tcp#${NODE_NAME} trojan"
1075 |
1076 | [ "${VMESS_WS}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1077 | ----------------------------
1078 | vmess://$(echo -n "{\"add\":\"${CDN}\",\"aid\":\"0\",\"host\":\"${ARGO_DOMAIN}\",\"id\":\"${UUID}\",\"net\":\"ws\",\"path\":\"/${UUID}-vmess\",\"port\":\"80\",\"ps\":\"${NODE_NAME} vmess-ws\",\"scy\":\"auto\",\"sni\":\"\",\"tls\":\"\",\"type\":\"\",\"v\":\"2\"}" | base64 -w0)
1079 | "
1080 |
1081 | [ "${VLESS_WS}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1082 | ----------------------------
1083 | vless://${UUID}@${CDN}:443?security=tls&sni=${ARGO_DOMAIN}&type=ws&path=/${UUID}-vless?ed%3D2048&host=${ARGO_DOMAIN}#${NODE_NAME}%20vless-ws-tls
1084 | "
1085 |
1086 | [ "${H2_REALITY}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1087 | ----------------------------
1088 | vless://${UUID}@${SERVER_IP_1}:${PORT_H2_REALITY}?security=reality&sni=addons.mozilla.org&alpn=h2&fp=chrome&pbk=${REALITY_PUBLIC}&type=http&encryption=none#${NODE_NAME}%20h2-reality"
1089 |
1090 | [ "${GRPC_REALITY}" = 'true' ] && local NEKOBOX_SUBSCRIBE+="
1091 | ----------------------------
1092 | vless://${UUID}@${SERVER_IP_1}:${PORT_GRPC_REALITY}?security=reality&sni=addons.mozilla.org&fp=chrome&pbk=${REALITY_PUBLIC}&type=grpc&serviceName=grpc&encryption=none#${NODE_NAME}%20grpc-reality"
1093 |
1094 | echo -n "$NEKOBOX_SUBSCRIBE" | sed -E '/^[ ]*#|^--/d' | sed '/^$/d' | base64 -w0 > ${WORK_DIR}/subscribe/neko
1095 |
1096 | # 生成 Sing-box 订阅文件
1097 | [ "${XTLS_REALITY}" = 'true' ] &&
1098 | local INBOUND_REPLACE+=" { \"type\": \"vless\", \"tag\": \"${NODE_NAME} xtls-reality\", \"server\":\"${SERVER_IP}\", \"server_port\":${PORT_XTLS_REALITY}, \"uuid\":\"${UUID}\", \"flow\":\"\", \"packet_encoding\":\"xudp\", \"tls\":{ \"enabled\":true, \"server_name\":\"addons.mozilla.org\", \"utls\":{ \"enabled\":true, \"fingerprint\":\"chrome\" }, \"reality\":{ \"enabled\":true, \"public_key\":\"${REALITY_PUBLIC}\", \"short_id\":\"\" } }, \"multiplex\": { \"enabled\": true, \"protocol\": \"h2mux\", \"max_connections\": 8, \"min_streams\": 16, \"padding\": true, \"brutal\":{ \"enabled\":true, \"up_mbps\":1000, \"down_mbps\":1000 } } }," &&
1099 | local NODE_REPLACE+="\"${NODE_NAME} xtls-reality\","
1100 |
1101 | if [ "${HYSTERIA2}" = 'true' ]; then
1102 | local INBOUND_REPLACE+=" { \"type\": \"hysteria2\", \"tag\": \"${NODE_NAME} hysteria2\", \"server\": \"${SERVER_IP}\", \"server_port\": ${PORT_HYSTERIA2},"
1103 | [[ -n "${PORT_HOPPING_START}" && -n "${PORT_HOPPING_END}" ]] && local INBOUND_REPLACE+=" \"server_ports\": [ \"${PORT_HOPPING_START}:${PORT_HOPPING_END}\" ],"
1104 | local INBOUND_REPLACE+=" \"up_mbps\": 200, \"down_mbps\": 1000, \"password\": \"${UUID}\", \"tls\": { \"enabled\": true, \"insecure\": true, \"server_name\": \"\", \"alpn\": [ \"h3\" ] } },"
1105 | local NODE_REPLACE+="\"${NODE_NAME} hysteria2\","
1106 | fi
1107 |
1108 | [ "${TUIC}" = 'true' ] &&
1109 | local INBOUND_REPLACE+=" { \"type\": \"tuic\", \"tag\": \"${NODE_NAME} tuic\", \"server\": \"${SERVER_IP}\", \"server_port\": ${PORT_TUIC}, \"uuid\": \"${UUID}\", \"password\": \"${UUID}\", \"congestion_control\": \"bbr\", \"udp_relay_mode\": \"native\", \"zero_rtt_handshake\": false, \"heartbeat\": \"10s\", \"tls\": { \"enabled\": true, \"insecure\": true, \"server_name\": \"\", \"alpn\": [ \"h3\" ] } }," &&
1110 | local NODE_REPLACE+="\"${NODE_NAME} tuic\","
1111 |
1112 | [ "${SHADOWTLS}" = 'true' ] &&
1113 | local INBOUND_REPLACE+=" { \"type\": \"shadowsocks\", \"tag\": \"${NODE_NAME} ShadowTLS\", \"method\": \"2022-blake3-aes-128-gcm\", \"password\": \"${SHADOWTLS_PASSWORD}\", \"detour\": \"shadowtls-out\", \"udp_over_tcp\": false, \"multiplex\": { \"enabled\": true, \"protocol\": \"h2mux\", \"max_connections\": 8, \"min_streams\": 16, \"padding\": true, \"brutal\":{ \"enabled\":true, \"up_mbps\":1000, \"down_mbps\":1000 } } }, { \"type\": \"shadowtls\", \"tag\": \"shadowtls-out\", \"server\": \"${SERVER_IP}\", \"server_port\": ${PORT_SHADOWTLS}, \"version\": 3, \"password\": \"${UUID}\", \"tls\": { \"enabled\": true, \"server_name\": \"addons.mozilla.org\", \"utls\": { \"enabled\": true, \"fingerprint\": \"chrome\" } } }," &&
1114 | local NODE_REPLACE+="\"${NODE_NAME} ShadowTLS\","
1115 |
1116 | [ "${SHADOWSOCKS}" = 'true' ] &&
1117 | local INBOUND_REPLACE+=" { \"type\": \"shadowsocks\", \"tag\": \"${NODE_NAME} shadowsocks\", \"server\": \"${SERVER_IP}\", \"server_port\": $PORT_SHADOWSOCKS, \"method\": \"aes-128-gcm\", \"password\": \"${UUID}\", \"multiplex\": { \"enabled\": true, \"protocol\": \"h2mux\", \"max_connections\": 8, \"min_streams\": 16, \"padding\": true, \"brutal\":{ \"enabled\":true, \"up_mbps\":1000, \"down_mbps\":1000 } } }," &&
1118 | local NODE_REPLACE+="\"${NODE_NAME} shadowsocks\","
1119 |
1120 | [ "${TROJAN}" = 'true' ] &&
1121 | local INBOUND_REPLACE+=" { \"type\": \"trojan\", \"tag\": \"${NODE_NAME} trojan\", \"server\": \"${SERVER_IP}\", \"server_port\": $PORT_TROJAN, \"password\": \"${UUID}\", \"tls\": { \"enabled\":true, \"insecure\": true, \"server_name\":\"\", \"utls\": { \"enabled\":true, \"fingerprint\":\"chrome\" } }, \"multiplex\": { \"enabled\":true, \"protocol\":\"h2mux\", \"max_connections\": 8, \"min_streams\": 16, \"padding\": true, \"brutal\":{ \"enabled\":true, \"up_mbps\":1000, \"down_mbps\":1000 } } }," &&
1122 | local NODE_REPLACE+="\"${NODE_NAME} trojan\","
1123 |
1124 | [ "${VMESS_WS}" = 'true' ] &&
1125 | local INBOUND_REPLACE+=" { \"type\": \"vmess\", \"tag\": \"${NODE_NAME} vmess-ws\", \"server\":\"${CDN}\", \"server_port\":80, \"uuid\": \"${UUID}\", \"security\": \"auto\", \"transport\": { \"type\":\"ws\", \"path\":\"/${UUID}-vmess\", \"headers\": { \"Host\": \"${ARGO_DOMAIN}\" } }, \"multiplex\": { \"enabled\":true, \"protocol\":\"h2mux\", \"max_streams\":16, \"padding\": true, \"brutal\":{ \"enabled\":true, \"up_mbps\":1000, \"down_mbps\":1000 } } }," && local NODE_REPLACE+="\"${NODE_NAME} vmess-ws\","
1126 |
1127 | [ "${VLESS_WS}" = 'true' ] &&
1128 | local INBOUND_REPLACE+=" { \"type\": \"vless\", \"tag\": \"${NODE_NAME} vless-ws-tls\", \"server\":\"${CDN}\", \"server_port\":443, \"uuid\": \"${UUID}\", \"tls\": { \"enabled\":true, \"server_name\":\"${ARGO_DOMAIN}\", \"utls\": { \"enabled\":true, \"fingerprint\":\"chrome\" } }, \"transport\": { \"type\":\"ws\", \"path\":\"/${UUID}-vless\", \"headers\": { \"Host\": \"${ARGO_DOMAIN}\" }, \"max_early_data\":2048, \"early_data_header_name\":\"Sec-WebSocket-Protocol\" }, \"multiplex\": { \"enabled\":true, \"protocol\":\"h2mux\", \"max_streams\":16, \"padding\": true, \"brutal\":{ \"enabled\":true, \"up_mbps\":1000, \"down_mbps\":1000 } } }," &&
1129 | local NODE_REPLACE+="\"${NODE_NAME} vless-ws-tls\","
1130 |
1131 | [ "${H2_REALITY}" = 'true' ] &&
1132 | local INBOUND_REPLACE+=" { \"type\": \"vless\", \"tag\": \"${NODE_NAME} h2-reality\", \"server\": \"${SERVER_IP}\", \"server_port\": ${PORT_H2_REALITY}, \"uuid\":\"${UUID}\", \"tls\": { \"enabled\":true, \"server_name\":\"addons.mozilla.org\", \"utls\": { \"enabled\":true, \"fingerprint\":\"chrome\" }, \"reality\":{ \"enabled\":true, \"public_key\":\"${REALITY_PUBLIC}\", \"short_id\":\"\" } }, \"packet_encoding\": \"xudp\", \"transport\": { \"type\": \"http\" } }," &&
1133 | local NODE_REPLACE+="\"${NODE_NAME} h2-reality\","
1134 |
1135 | [ "${GRPC_REALITY}" = 'true' ] &&
1136 | local INBOUND_REPLACE+=" { \"type\": \"vless\", \"tag\": \"${NODE_NAME} grpc-reality\", \"server\": \"${SERVER_IP}\", \"server_port\": ${PORT_GRPC_REALITY}, \"uuid\":\"${UUID}\", \"tls\": { \"enabled\":true, \"server_name\":\"addons.mozilla.org\", \"utls\": { \"enabled\":true, \"fingerprint\":\"chrome\" }, \"reality\":{ \"enabled\":true, \"public_key\":\"${REALITY_PUBLIC}\", \"short_id\":\"\" } }, \"packet_encoding\": \"xudp\", \"transport\": { \"type\": \"grpc\", \"service_name\": \"grpc\" } }," &&
1137 | local NODE_REPLACE+="\"${NODE_NAME} grpc-reality\","
1138 |
1139 | [ "${ANYTLS}" = 'true' ] &&
1140 | local INBOUND_REPLACE+=" { \"type\": \"anytls\", \"tag\": \"${NODE_NAME} anytls\", \"server\": \"${SERVER_IP}\", \"server_port\": ${PORT_ANYTLS}, \"password\": \"${UUID}\", \"idle_session_check_interval\": \"30s\", \"idle_session_timeout\": \"30s\", \"min_idle_session\": 5, \"tls\": { \"enabled\": true, \"insecure\": true, \"server_name\": \"\" } }," &&
1141 | local NODE_REPLACE+="\"${NODE_NAME} anytls\","
1142 |
1143 | # 模板
1144 | local SING_BOX_JSON1=$(wget -qO- --tries=3 --timeout=2 ${SUBSCRIBE_TEMPLATE}/sing-box1)
1145 |
1146 | echo $SING_BOX_JSON1 | sed 's#, {[^}]\+"tun-in"[^}]\+}##' | sed "s#\"\",#$INBOUND_REPLACE#; s#\"\"#${NODE_REPLACE%,}#g" | ${WORK_DIR}/jq > ${WORK_DIR}/subscribe/sing-box-pc
1147 |
1148 | echo $SING_BOX_JSON1 | sed 's# {[^}]\+"mixed"[^}]\+},##; s#, "auto_detect_interface": true##' | sed "s#\"\",#$INBOUND_REPLACE#; s#\"\"#${NODE_REPLACE%,}#g" | ${WORK_DIR}/jq > ${WORK_DIR}/subscribe/sing-box-phone
1149 |
1150 | # 生成二维码 url 文件
1151 | cat > ${WORK_DIR}/subscribe/qr << EOF
1152 | 自适应 Clash / V2rayN / NekoBox / ShadowRocket / SFI / SFA / SFM 客户端:
1153 | 模版:
1154 | https://${ARGO_DOMAIN}/${UUID}/auto
1155 |
1156 | 订阅 QRcode:
1157 | 模版:
1158 | https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=https://${ARGO_DOMAIN}/${UUID}/auto
1159 |
1160 | 模版:
1161 | $(${WORK_DIR}/qrencode "https://${ARGO_DOMAIN}/${UUID}/auto")
1162 | EOF
1163 |
1164 | # 生成配置文件
1165 | EXPORT_LIST_FILE="*******************************************
1166 | ┌────────────────┐
1167 | │ │
1168 | │ $(warning "V2rayN") │
1169 | │ │
1170 | └────────────────┘
1171 | $(info "${V2RAYN_SUBSCRIBE}")
1172 |
1173 | *******************************************
1174 | ┌────────────────┐
1175 | │ │
1176 | │ $(warning "ShadowRocket") │
1177 | │ │
1178 | └────────────────┘
1179 | ----------------------------
1180 | $(hint "${SHADOWROCKET_SUBSCRIBE}")
1181 |
1182 | *******************************************
1183 | ┌────────────────┐
1184 | │ │
1185 | │ $(warning "Clash Verge") │
1186 | │ │
1187 | └────────────────┘
1188 | ----------------------------
1189 |
1190 | $(info "$(sed '1d' <<< "${CLASH_SUBSCRIBE}")")
1191 |
1192 | *******************************************
1193 | ┌────────────────┐
1194 | │ │
1195 | │ $(warning "NekoBox") │
1196 | │ │
1197 | └────────────────┘
1198 | $(hint "${NEKOBOX_SUBSCRIBE}")
1199 |
1200 | *******************************************
1201 | ┌────────────────┐
1202 | │ │
1203 | │ $(warning "Sing-box") │
1204 | │ │
1205 | └────────────────┘
1206 | ----------------------------
1207 |
1208 | $(info "$(echo "{ \"outbounds\":[ ${INBOUND_REPLACE%,} ] }" | ${WORK_DIR}/jq)
1209 |
1210 | 各客户端配置文件路径: ${WORK_DIR}/subscribe/\n 完整模板可参照:\n https://github.com/chika0801/sing-box-examples/tree/main/Tun")
1211 | "
1212 |
1213 | EXPORT_LIST_FILE+="
1214 |
1215 | *******************************************
1216 |
1217 | $(hint "Index:
1218 | https://${ARGO_DOMAIN}/${UUID}/
1219 |
1220 | QR code:
1221 | https://${ARGO_DOMAIN}/${UUID}/qr
1222 |
1223 | V2rayN 订阅:
1224 | https://${ARGO_DOMAIN}/${UUID}/v2rayn")
1225 |
1226 | $(hint "NekoBox 订阅:
1227 | https://${ARGO_DOMAIN}/${UUID}/neko")
1228 |
1229 | $(hint "Clash 订阅:
1230 | https://${ARGO_DOMAIN}/${UUID}/clash
1231 |
1232 | sing-box for pc 订阅:
1233 | https://${ARGO_DOMAIN}/${UUID}/sing-box-pc
1234 |
1235 | sing-box for cellphone 订阅:
1236 | https://${ARGO_DOMAIN}/${UUID}/sing-box-phone
1237 |
1238 | ShadowRocket 订阅:
1239 | https://${ARGO_DOMAIN}/${UUID}/shadowrocket")
1240 |
1241 | *******************************************
1242 |
1243 | $(info " 自适应 Clash / V2rayN / NekoBox / ShadowRocket / SFI / SFA / SFM 客户端:
1244 | 模版:
1245 | https://${ARGO_DOMAIN}/${UUID}/auto
1246 |
1247 | 订阅 QRcode:
1248 | 模版:
1249 | https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=https://${ARGO_DOMAIN}/${UUID}/auto")
1250 |
1251 | $(hint "模版:")
1252 | $(${WORK_DIR}/qrencode https://${ARGO_DOMAIN}/${UUID}/auto)
1253 | "
1254 |
1255 | # 生成并显示节点信息
1256 | echo "$EXPORT_LIST_FILE" > ${WORK_DIR}/list
1257 | cat ${WORK_DIR}/list
1258 |
1259 | # 显示脚本使用情况数据
1260 | hint "\n*******************************************\n"
1261 | local STAT=$(wget -qO- --timeout=3 "https://stat-api.netlify.app/updateStats?script=sing-box-docker.sh")
1262 | [[ "$STAT" =~ \"todayCount\":([0-9]+),\"totalCount\":([0-9]+) ]] && local TODAY="${BASH_REMATCH[1]}" && local TOTAL="${BASH_REMATCH[2]}"
1263 | hint "\n 脚本当天运行次数: $TODAY,累计运行次数: $TOTAL \n"
1264 | }
1265 |
1266 | # Sing-box 的最新版本
1267 | update_sing-box() {
1268 | local ONLINE=$(check_latest_sing-box)
1269 | local LOCAL=$(${WORK_DIR}/sing-box version | awk '/version/{print $NF}')
1270 | if [ -n "$ONLINE" ]; then
1271 | if [[ "$ONLINE" != "$LOCAL" ]]; then
1272 | wget https://github.com/SagerNet/sing-box/releases/download/v$ONLINE/sing-box-$ONLINE-linux-$SING_BOX_ARCH.tar.gz -O- | tar xz -C ${WORK_DIR} sing-box-$ONLINE-linux-$SING_BOX_ARCH/sing-box &&
1273 | mv ${WORK_DIR}/sing-box-$ONLINE-linux-$SING_BOX_ARCH/sing-box ${WORK_DIR}/sing-box &&
1274 | rm -rf ${WORK_DIR}/sing-box-$ONLINE-linux-$SING_BOX_ARCH &&
1275 | supervisorctl restart sing-box
1276 | info " Sing-box v${ONLINE} 更新成功!"
1277 | else
1278 | info " Sing-box v${ONLINE} 已是最新版本!"
1279 | fi
1280 | else
1281 | warning " 获取不了在线版本,请稍后再试!"
1282 | fi
1283 | }
1284 |
1285 | # 传参
1286 | while getopts ":Vv" OPTNAME; do
1287 | case "${OPTNAME,,}" in
1288 | v ) ACTION=update
1289 | esac
1290 | done
1291 |
1292 | # 主流程
1293 | case "$ACTION" in
1294 | update )
1295 | update_sing-box
1296 | ;;
1297 | * )
1298 | install
1299 | # 运行 supervisor 进程守护
1300 | supervisord -c /etc/supervisord.conf
1301 | esac
--------------------------------------------------------------------------------
/force_version:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/fscarmen/sing-box/c37baf743cf00ec4606e7779d768577f7258fd7a/force_version
--------------------------------------------------------------------------------