diff --git a/install.sh b/install.sh index bba883f..52fc4b8 100755 --- a/install.sh +++ b/install.sh @@ -7,6 +7,8 @@ DOWNLOAD_DIR="/tmp/podkop" mkdir -p "$DOWNLOAD_DIR" main() { + check_system + wget -qO- "$REPO" | grep -o 'https://[^"]*\.ipk' | while read -r url; do filename=$(basename "$url") echo "Download $filename..." @@ -384,4 +386,24 @@ wg_awg_setup() { handler_network_restart } +check_system() { + # Get router model + MODEL=$(cat /tmp/sysinfo/model) + echo "Router model: $MODEL" + + # Check available space + AVAILABLE_SPACE=$(df /tmp | awk 'NR==2 {print $4}') + REQUIRED_SPACE=20480 # 20MB in KB + + echo "Available space: $((AVAILABLE_SPACE/1024))MB" + echo "Required space: $((REQUIRED_SPACE/1024))MB" + + if [ "$AVAILABLE_SPACE" -lt "$REQUIRED_SPACE" ]; then + echo "Error: Insufficient space in /tmp" + echo "Available: $((AVAILABLE_SPACE/1024))MB" + echo "Required: $((REQUIRED_SPACE/1024))MB" + exit 1 + fi +} + main \ No newline at end of file diff --git a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js index 49c52cb..c7ff872 100644 --- a/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js +++ b/luci-app-podkop/htdocs/luci-static/resources/view/podkop/podkop.js @@ -765,6 +765,25 @@ return view.extend({ }); }; + o = s.taboption('diagnostics', form.Button, '_list_update'); + o.title = _('Update lists'); + o.description = _('Update all lists in config'); + o.inputtitle = _('Update lists'); + o.inputstyle = 'apply'; + o.onclick = function () { + fs.exec('/etc/init.d/podkop', ['list_update']); + + ui.showModal(_('List Update'), [ + E('p', {}, _('Lists will be updated in background. You can check the progress in system logs.')), + E('div', { class: 'right' }, [ + E('button', { + 'class': 'btn', + 'click': ui.hideModal + }, _('Close')) + ]) + ]); + }; + return m.render(); } }); \ No newline at end of file diff --git a/podkop/files/etc/init.d/podkop b/podkop/files/etc/init.d/podkop index b624fd7..18c5e78 100755 --- a/podkop/files/etc/init.d/podkop +++ b/podkop/files/etc/init.d/podkop @@ -20,6 +20,16 @@ EXTRA_HELP=" list_update Updating domain and subnet lists [ ! -L /usr/sbin/podkop ] && ln -s /etc/init.d/podkop /usr/sbin/podkop +GITHUB_RAW_URL="https://raw.githubusercontent.com/itdoginfo/allow-domains/main" +DOMAINS_RU_INSIDE="${GITHUB_RAW_URL}/Russia/inside-dnsmasq-nfset.lst" +DOMAINS_RU_OUTSIDE="${GITHUB_RAW_URL}/Russia/outside-dnsmasq-nfset.lst" +DOMAINS_UA="${GITHUB_RAW_URL}/Ukraine/inside-dnsmasq-nfset.lst" +DOMAINS_YOUTUBE="${GITHUB_RAW_URL}/Services/youtube.lst" +SUBNETS_TWITTER="${GITHUB_RAW_URL}/Subnets/IPv4/Twitter.lst" +SUBNETS_META="${GITHUB_RAW_URL}/Subnets/IPv4/Meta.lst" +SUBNETS_DISCORD="${GITHUB_RAW_URL}/Subnets/IPv4/Discord.lst" +SING_BOX_CONFIG="/etc/sing-box/config.json" + config_get update_interval "main" "update_interval" "0 4 * * *" cron_job="${update_interval} /etc/init.d/podkop list_update" @@ -116,10 +126,10 @@ start_service() { config_get proxy_string main "proxy_string" if [[ "$proxy_string" =~ ^ss:// ]]; then sing_box_config_shadowsocks "$proxy_string" "1602" - jq '.outbounds[0] + {tag: "main"} | {outbounds: [.]}' /etc/sing-box/config.json > "$outbound_main" + jq '.outbounds[0] + {tag: "main"} | {outbounds: [.]}' $SING_BOX_CONFIG > "$outbound_main" elif [[ "$proxy_string" =~ ^vless:// ]]; then sing_box_config_vless "$proxy_string" "1602" - jq '.outbounds[0] + {tag: "main"} | {outbounds: [.]}' /etc/sing-box/config.json > "$outbound_main" + jq '.outbounds[0] + {tag: "main"} | {outbounds: [.]}' $SING_BOX_CONFIG > "$outbound_main" else log "Unsupported proxy type or missing configuration for main" rm -f "$outbound_main" "$outbound_second" @@ -144,10 +154,10 @@ start_service() { config_get proxy_string "second" "second_proxy_string" if [[ "$proxy_string" =~ ^ss:// ]]; then sing_box_config_shadowsocks "$proxy_string" "1603" - jq '.outbounds[0] + {tag: "second"} | {outbounds: [.]}' /etc/sing-box/config.json > "$outbound_second" + jq '.outbounds[0] + {tag: "second"} | {outbounds: [.]}' $SING_BOX_CONFIG > "$outbound_second" elif [[ "$proxy_string" =~ ^vless:// ]]; then sing_box_config_vless "$proxy_string" "1603" - jq '.outbounds[0] + {tag: "second"} | {outbounds: [.]}' /etc/sing-box/config.json > "$outbound_second" + jq '.outbounds[0] + {tag: "second"} | {outbounds: [.]}' $SING_BOX_CONFIG > "$outbound_second" else log "Unsupported proxy type or missing configuration for second" rm -f "$outbound_main" "$outbound_second" @@ -187,7 +197,7 @@ start_service() { ], "auto_detect_interface": true } - }' "$outbound_main" "$outbound_second" > /etc/sing-box/config.json + }' "$outbound_main" "$outbound_second" > $SING_BOX_CONFIG rm -f "$outbound_main" "$outbound_second" @@ -273,7 +283,7 @@ start_service() { jq '.experimental.clash_api = { "external_ui": "ui", "external_controller": "0.0.0.0:9090" - }' /etc/sing-box/config.json >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json /etc/sing-box/config.json + }' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG /etc/init.d/sing-box restart fi @@ -285,7 +295,7 @@ start_service() { "listen": "0.0.0.0", "listen_port": 2080, "set_system_proxy": false - }]' /etc/sing-box/config.json >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json /etc/sing-box/config.json + }]' $SING_BOX_CONFIG >/tmp/sing-box-config-tmp.json && mv /tmp/sing-box-config-tmp.json $SING_BOX_CONFIG /etc/init.d/sing-box restart fi @@ -664,19 +674,15 @@ add_mark() { lists_domains_download() { local URL="$1" - RU_INSIDE_DOMAINS=https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Russia/inside-dnsmasq-nfset.lst - RU_OUTSIDE_DOMAINS=https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Russia/outside-dnsmasq-nfset.lst - UA_DOMAINS=https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Ukraine/inside-dnsmasq-nfset.lst - case "$URL" in "ru_inside") - URL=$RU_INSIDE_DOMAINS + URL=$DOMAINS_RU_INSIDE ;; "ru_outside") - URL=$RU_OUTSIDE_DOMAINS + URL=$DOMAINS_RU_OUTSIDE ;; "ua") - URL=$UA_DOMAINS + URL=$DOMAINS_UA ;; *) log "Unidentified list of domains" @@ -686,10 +692,12 @@ lists_domains_download() { count=0 while true; do - if curl -m 3 github.com; then - curl -f $URL --output /tmp/dnsmasq.d/podkop-domains.lst - sed -i 's/fw4#vpn_domains/PodkopTable#podkop_domains/g' /tmp/dnsmasq.d/podkop-domains.lst - return 0 + if ping -c 1 -W 3 github.com >/dev/null 2>&1; then + wget -q -O /tmp/dnsmasq.d/podkop-domains.lst $URL + if [ $? -eq 0 ]; then + sed -i 's/fw4#vpn_domains/PodkopTable#podkop_domains/g' /tmp/dnsmasq.d/podkop-domains.lst + return 0 + fi else log "GitHub is not available. Check the internet availability [$count sec]" count=$((count + 1)) @@ -712,11 +720,9 @@ lists_domains_download() { lists_services_download() { local URL="$1" - YOUTUBE=https://raw.githubusercontent.com/itdoginfo/allow-domains/refs/heads/main/Services/youtube.lst - case "$URL" in "youtube") - URL=$YOUTUBE + URL=$DOMAINS_YOUTUBE ;; *) log "Unidentified list of domains" @@ -726,11 +732,13 @@ lists_services_download() { count=0 while true; do - if curl -m 3 github.com; then - curl -f $URL --output /tmp/dnsmasq.d/podkop2-domains.lst - delist_downloaded_domains - sed -i 's/.*/nftset=\/&\/4#inet#PodkopTable#podkop2_domains/g' /tmp/dnsmasq.d/podkop2-domains.lst - return 0 + if ping -c 1 -W 3 github.com >/dev/null 2>&1; then + wget -q -O /tmp/dnsmasq.d/podkop2-domains.lst $URL + if [ $? -eq 0 ]; then + delist_downloaded_domains + sed -i 's/.*/nftset=\/&\/4#inet#PodkopTable#podkop2_domains/g' /tmp/dnsmasq.d/podkop2-domains.lst + return 0 + fi else log "GitHub is not available. Check the internet availability [$count sec]" count=$((count + 1)) @@ -751,33 +759,31 @@ lists_services_download() { } list_subnets_download() { - TWITTER_SUBNETS=https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Subnets/IPv4/Twitter.lst - META_SUBNETS=https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Subnets/IPv4/Meta.lst - DISCORD_SUBNETS=https://raw.githubusercontent.com/itdoginfo/allow-domains/refs/heads/main/Subnets/IPv4/Discord.lst local URL="$1" case "$URL" in "twitter") - URL=$TWITTER_SUBNETS + URL=$SUBNETS_TWITTER ;; "meta") - URL=$META_SUBNETS + URL=$SUBNETS_META ;; "discord") - URL=$DISCORD_SUBNETS + URL=$SUBNETS_DISCORD ;; *) log "Custom URL for subnet" - if curl --output /dev/null --silent --head --fail "$URL"; then + if wget -q --spider "$URL"; then log "URL is valid" else log "URL $URL is not valid" + return fi ;; esac local filename=$(basename "$URL") - curl -f "$URL" --output "/tmp/podkop/$filename" + wget -q -O "/tmp/podkop/$filename" "$URL" while IFS= read -r subnet; do nft add element inet PodkopTable podkop_subnets { $subnet } done <"/tmp/podkop/$filename" @@ -810,7 +816,7 @@ list_custom_download_domains_create() { local config="/tmp/dnsmasq.d/${name}-${filename}.lst" rm -f "$config" - curl -f "$URL" --output "/tmp/podkop/${filename}" + wget -q -O "/tmp/podkop/${filename}" "$URL" while IFS= read -r domain; do echo "nftset=/$domain/4#inet#PodkopTable#${name}_domains" >>$config done <"/tmp/podkop/$filename" @@ -915,7 +921,7 @@ sing_box_config_outbound_json() { } EOF - jq --argjson outbound "$json_config" '.outbounds += [$outbound]' /tmp/base_config.json > /etc/sing-box/config.json + jq --argjson outbound "$json_config" '.outbounds += [$outbound]' /tmp/base_config.json > $SING_BOX_CONFIG rm -f /tmp/base_config.json } @@ -990,7 +996,7 @@ sing_box_config_shadowsocks() { } EOF - mv /tmp/ss_config.json /etc/sing-box/config.json + mv /tmp/ss_config.json $SING_BOX_CONFIG } sing_box_config_vless() { @@ -1090,7 +1096,7 @@ sing_box_config_vless() { "short_id": $sid } else . end - else . end' > /etc/sing-box/config.json + else . end' > $SING_BOX_CONFIG if [ $? -eq 0 ]; then echo "Config created successfully" @@ -1101,7 +1107,7 @@ sing_box_config_vless() { } sing_box_config_check() { - if ! sing-box -c /etc/sing-box/config.json check >/dev/null 2>&1; then + if ! sing-box -c $SING_BOX_CONFIG check >/dev/null 2>&1; then log "Sing-box configuration is invalid" return fi @@ -1113,18 +1119,26 @@ check_proxy() { return 1 fi - # Проверка конфигурации - if [ ! -f /etc/sing-box/config.json ]; then + if [ ! -f $SING_BOX_CONFIG ]; then nolog "Configuration file not found" return 1 fi - # Проверка валидности конфига - if ! sing-box -c /etc/sing-box/config.json check; then + if ! sing-box -c $SING_BOX_CONFIG check; then nolog "Invalid configuration" return 1 fi + nolog "\nCurrent sing-box configuration (sensitive data masked):" + + jq ' + .outbounds[].uuid |= "MASKED-UUID" | + .outbounds[].server |= "MASKED-SERVER" | + if .outbounds[].tls.reality.public_key then + .outbounds[].tls.reality.public_key |= "MASKED-PUBLIC-KEY" + else . end + ' $SING_BOX_CONFIG + nolog "Checking sing-box proxy connection..." for attempt in `seq 1 5`; do @@ -1133,7 +1147,8 @@ check_proxy() { : else nolog "Proxy check completed successfully" - echo "$response" + masked_ip=$(echo "$response" | sed 's/\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)\.\([0-9]\+\)/XXX.\2.\3.\4/') + echo "$masked_ip" return 0 fi done @@ -1173,27 +1188,18 @@ check_nft() { check_github() { nolog "Checking GitHub connectivity..." - # Проверка базового соединения с GitHub - if ! curl -m 3 -sf https://github.com >/dev/null 2>&1; then + if ! ping -c 1 -W 3 github.com >/dev/null 2>&1; then nolog "Error: Cannot connect to GitHub" return 1 fi nolog "GitHub is accessible" - # Список URL для проверки - local urls=" - https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Russia/inside-dnsmasq-nfset.lst - https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Russia/outside-dnsmasq-nfset.lst - https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Ukraine/inside-dnsmasq-nfset.lst - https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Services/youtube.lst - https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Subnets/IPv4/Twitter.lst - https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Subnets/IPv4/Meta.lst - https://raw.githubusercontent.com/itdoginfo/allow-domains/main/Subnets/IPv4/Discord.lst" - nolog "Checking lists availability:" - for url in $urls; do + for url in "$DOMAINS_RU_INSIDE" "$DOMAINS_RU_OUTSIDE" "$DOMAINS_UA" "$DOMAINS_YOUTUBE" \ + "$SUBNETS_TWITTER" "$SUBNETS_META" "$SUBNETS_DISCORD"; do local list_name=$(basename "$url") - if curl -m 5 -sf "$url" >/dev/null 2>&1; then + wget -q -O /dev/null "$url" + if [ $? -eq 0 ]; then nolog "- $list_name: available" else nolog "- $list_name: not available"