From 81ffb0e61ae01a1c32bb62190448caf4b381feab Mon Sep 17 00:00:00 2001 From: douglarek Date: Fri, 21 Jul 2023 00:48:33 +0800 Subject: [PATCH 1/2] feat: add clash api support --- .../resources/view/homeproxy/client.js | 10 ++++++++++ root/etc/config/homeproxy | 1 + root/etc/homeproxy/scripts/generate_client.uc | 18 +++++++++++++++++- root/etc/init.d/homeproxy | 6 ++++++ 4 files changed, 34 insertions(+), 1 deletion(-) diff --git a/htdocs/luci-static/resources/view/homeproxy/client.js b/htdocs/luci-static/resources/view/homeproxy/client.js index c9f6ae90..cabdd7bb 100644 --- a/htdocs/luci-static/resources/view/homeproxy/client.js +++ b/htdocs/luci-static/resources/view/homeproxy/client.js @@ -250,6 +250,16 @@ return view.extend({ o.default = 'redirect_tproxy'; o.rmempty = false; + o = s.taboption('routing', form.Value, 'clashapi_port', _('Enable clash api')); + o.value('', _('Disable')); + o.value('9090', _('9090')); + o.validate = function(section_id, value) { + if (section_id && value && !stubValidator.apply('port', value)) { + return _('Expecting: %s').format(_('valid port value')); + } + return true; + } + o = s.taboption('routing', form.Flag, 'ipv6_support', _('IPv6 support')); o.default = o.enabled; o.rmempty = false; diff --git a/root/etc/config/homeproxy b/root/etc/config/homeproxy index e0ccb069..181ea65d 100644 --- a/root/etc/config/homeproxy +++ b/root/etc/config/homeproxy @@ -23,6 +23,7 @@ config homeproxy 'config' option routing_port 'common' option proxy_mode 'redirect_tproxy' option ipv6_support '1' + option clashapi_port '' config homeproxy 'control' option lan_proxy_mode 'disabled' diff --git a/root/etc/homeproxy/scripts/generate_client.uc b/root/etc/homeproxy/scripts/generate_client.uc index d6301820..89fda93b 100755 --- a/root/etc/homeproxy/scripts/generate_client.uc +++ b/root/etc/homeproxy/scripts/generate_client.uc @@ -78,6 +78,8 @@ const proxy_mode = uci.get(uciconfig, ucimain, 'proxy_mode') || 'redirect_tproxy ipv6_support = uci.get(uciconfig, ucimain, 'ipv6_support') || '0', default_interface = uci.get(uciconfig, ucicontrol, 'bind_interface'); +const clashapi_port = uci.get(uciconfig, ucimain, 'clashapi_port') || ''; + let self_mark, redirect_port, tproxy_port, tun_name, tun_addr4, tun_addr6, tun_mtu, tcpip_stack, endpoint_independent_nat; @@ -550,5 +552,19 @@ if (!isEmpty(main_node)) { } /* Routing rules end */ -system('mkdir -p ' + RUN_DIR); +/* Experimental start */ +if (!isEmpty(clashapi_port)) { + config.experimental = { + clash_api: { + external_controller: '[::]:'+ clashapi_port, + external_ui: RUN_DIR + '/ui', + store_selected: true, + cache_file: RUN_DIR + '/cache.db' + } + } +} +/* Experimental end */ + +system('mkdir -p ' + RUN_DIR + '/ui'); +system('touch ' + RUN_DIR + '/cache.db'); writefile(RUN_DIR + '/sing-box-c.json', sprintf('%.J\n', removeBlankAttrs(config))); diff --git a/root/etc/init.d/homeproxy b/root/etc/init.d/homeproxy index 7b13b826..be173401 100755 --- a/root/etc/init.d/homeproxy +++ b/root/etc/init.d/homeproxy @@ -159,6 +159,10 @@ start_service() { procd_add_jail "sing-box-c" log procfs procd_add_jail_mount "$RUN_DIR/sing-box-c.json" procd_add_jail_mount_rw "$RUN_DIR/sing-box-c.log" + procd_add_jail_mount "$RUN_DIR/ui/" + procd_add_jail_mount_rw "$RUN_DIR/ui/" + procd_add_jail_mount "$RUN_DIR/cache.db" + procd_add_jail_mount_rw "$RUN_DIR/cache.db" procd_add_jail_mount "$HP_DIR/certs/" procd_add_jail_mount "/etc/ssl/" procd_add_jail_mount "/etc/localtime" @@ -263,6 +267,8 @@ start_service() { echo > "$RUN_DIR/sing-box-c.log" chown sing-box:sing-box "$RUN_DIR/sing-box-c.log" chown sing-box:sing-box "$RUN_DIR/sing-box-c.json" + chown -R sing-box:sing-box "$RUN_DIR/ui" + chown sing-box:sing-box "$RUN_DIR/cache.db" chmod 0644 "$HP_DIR/resources/gfw_list.txt" fi if [ "$server_enabled" = "1" ]; then From 47fd61e0b31fc7dc48518e1a4b7030f28177cac7 Mon Sep 17 00:00:00 2001 From: douglarek Date: Fri, 21 Jul 2023 11:46:02 +0800 Subject: [PATCH 2/2] Remove ujail and minor fix --- .../resources/view/homeproxy/client.js | 15 ++---- root/etc/config/homeproxy | 2 +- root/etc/homeproxy/scripts/generate_client.uc | 13 ++--- root/etc/init.d/homeproxy | 49 ------------------- 4 files changed, 11 insertions(+), 68 deletions(-) diff --git a/htdocs/luci-static/resources/view/homeproxy/client.js b/htdocs/luci-static/resources/view/homeproxy/client.js index cabdd7bb..1740e3d9 100644 --- a/htdocs/luci-static/resources/view/homeproxy/client.js +++ b/htdocs/luci-static/resources/view/homeproxy/client.js @@ -250,20 +250,15 @@ return view.extend({ o.default = 'redirect_tproxy'; o.rmempty = false; - o = s.taboption('routing', form.Value, 'clashapi_port', _('Enable clash api')); - o.value('', _('Disable')); - o.value('9090', _('9090')); - o.validate = function(section_id, value) { - if (section_id && value && !stubValidator.apply('port', value)) { - return _('Expecting: %s').format(_('valid port value')); - } - return true; - } - o = s.taboption('routing', form.Flag, 'ipv6_support', _('IPv6 support')); o.default = o.enabled; o.rmempty = false; + o = s.taboption('routing', form.Value, 'clash_api_port', _('Enable Clash API')); + o.value('', _('Disable')); + o.value('9090', _('9090')); + o.datatype = 'port'; + /* Custom routing settings start */ /* Routing settings start */ o = s.taboption('routing', form.SectionValue, '_routing', form.NamedSection, 'routing', 'homeproxy'); diff --git a/root/etc/config/homeproxy b/root/etc/config/homeproxy index 181ea65d..cf5983a1 100644 --- a/root/etc/config/homeproxy +++ b/root/etc/config/homeproxy @@ -23,7 +23,7 @@ config homeproxy 'config' option routing_port 'common' option proxy_mode 'redirect_tproxy' option ipv6_support '1' - option clashapi_port '' + option clash_api_port '' config homeproxy 'control' option lan_proxy_mode 'disabled' diff --git a/root/etc/homeproxy/scripts/generate_client.uc b/root/etc/homeproxy/scripts/generate_client.uc index 89fda93b..ce1a251d 100755 --- a/root/etc/homeproxy/scripts/generate_client.uc +++ b/root/etc/homeproxy/scripts/generate_client.uc @@ -76,10 +76,9 @@ if (routing_mode !== 'custom') { const proxy_mode = uci.get(uciconfig, ucimain, 'proxy_mode') || 'redirect_tproxy', ipv6_support = uci.get(uciconfig, ucimain, 'ipv6_support') || '0', + clash_api_port = uci.get(uciconfig, ucimain, 'clash_api_port'), default_interface = uci.get(uciconfig, ucicontrol, 'bind_interface'); -const clashapi_port = uci.get(uciconfig, ucimain, 'clashapi_port') || ''; - let self_mark, redirect_port, tproxy_port, tun_name, tun_addr4, tun_addr6, tun_mtu, tcpip_stack, endpoint_independent_nat; @@ -553,18 +552,16 @@ if (!isEmpty(main_node)) { /* Routing rules end */ /* Experimental start */ -if (!isEmpty(clashapi_port)) { +if (!isEmpty(clash_api_port)) { config.experimental = { clash_api: { - external_controller: '[::]:'+ clashapi_port, + external_controller: '[::]:'+ clash_api_port, external_ui: RUN_DIR + '/ui', - store_selected: true, - cache_file: RUN_DIR + '/cache.db' + store_selected: true } } } /* Experimental end */ -system('mkdir -p ' + RUN_DIR + '/ui'); -system('touch ' + RUN_DIR + '/cache.db'); +system('mkdir -p ' + RUN_DIR); writefile(RUN_DIR + '/sing-box-c.json', sprintf('%.J\n', removeBlankAttrs(config))); diff --git a/root/etc/init.d/homeproxy b/root/etc/init.d/homeproxy index be173401..99932cdc 100755 --- a/root/etc/init.d/homeproxy +++ b/root/etc/init.d/homeproxy @@ -155,24 +155,6 @@ start_service() { procd_set_param command "$PROG" procd_append_param command run --config "$RUN_DIR/sing-box-c.json" - if [ -x "/sbin/ujail" ] && [ "$routing_mode" != "custom" ] && ! grep -Eq '"type": "(wireguard|tun)"' "$RUN_DIR/sing-box-c.json"; then - procd_add_jail "sing-box-c" log procfs - procd_add_jail_mount "$RUN_DIR/sing-box-c.json" - procd_add_jail_mount_rw "$RUN_DIR/sing-box-c.log" - procd_add_jail_mount "$RUN_DIR/ui/" - procd_add_jail_mount_rw "$RUN_DIR/ui/" - procd_add_jail_mount "$RUN_DIR/cache.db" - procd_add_jail_mount_rw "$RUN_DIR/cache.db" - procd_add_jail_mount "$HP_DIR/certs/" - procd_add_jail_mount "/etc/ssl/" - procd_add_jail_mount "/etc/localtime" - procd_add_jail_mount "/etc/TZ" - procd_set_param capabilities "/etc/capabilities/homeproxy.json" - procd_set_param no_new_privs 1 - procd_set_param user sing-box - procd_set_param group sing-box - fi - procd_set_param limits core="unlimited" procd_set_param limits nofile="1000000 1000000" procd_set_param stderr 1 @@ -199,15 +181,6 @@ start_service() { procd_append_param command --gfwlist-file "$HP_DIR/resources/gfw_list.txt" [ "$ipv6_support" -eq "1" ] || procd_append_param command --no-ipv6=tC - if [ -x "/sbin/ujail" ]; then - procd_add_jail "chinadns-ng" log - procd_add_jail_mount "$HP_DIR/resources/gfw_list.txt" - procd_set_param capabilities "/etc/capabilities/homeproxy.json" - procd_set_param no_new_privs 1 - procd_set_param user sing-box - procd_set_param group sing-box - fi - procd_set_param limits core="unlimited" procd_set_param limits nofile="1000000 1000000" procd_set_param stderr 1 @@ -235,19 +208,6 @@ start_service() { procd_set_param command "$PROG" procd_append_param command run --config "$RUN_DIR/sing-box-s.json" - if [ -x "/sbin/ujail" ]; then - procd_add_jail "sing-box-s" log procfs - procd_add_jail_mount "$RUN_DIR/sing-box-s.json" - procd_add_jail_mount_rw "$RUN_DIR/sing-box-s.log" - procd_add_jail_mount "$HP_DIR/certs/" - procd_add_jail_mount "/etc/localtime" - procd_add_jail_mount "/etc/TZ" - procd_set_param capabilities "/etc/capabilities/homeproxy.json" - procd_set_param no_new_privs 1 - procd_set_param user sing-box - procd_set_param group sing-box - fi - procd_set_param limits core="unlimited" procd_set_param limits nofile="1000000 1000000" procd_set_param stderr 1 @@ -262,15 +222,6 @@ start_service() { procd_set_param respawn procd_close_instance - # Update permissions for ujail - if [ "$outbound_node" != "nil" ]; then - echo > "$RUN_DIR/sing-box-c.log" - chown sing-box:sing-box "$RUN_DIR/sing-box-c.log" - chown sing-box:sing-box "$RUN_DIR/sing-box-c.json" - chown -R sing-box:sing-box "$RUN_DIR/ui" - chown sing-box:sing-box "$RUN_DIR/cache.db" - chmod 0644 "$HP_DIR/resources/gfw_list.txt" - fi if [ "$server_enabled" = "1" ]; then echo > "$RUN_DIR/sing-box-s.log" chown sing-box:sing-box "$RUN_DIR/sing-box-s.log"