feat: add Trojan proxy support (#172)

2026-01-30 22:32:49 +03:00 · 2025-10-03 15:40:16 +05:00
parent 1295e0dcb2
commit a8db33dd28
1 changed files with 78 additions and 51 deletions
--- a/podkop/files/usr/lib/sing_box_config_facade.sh
+++ b/podkop/files/usr/lib/sing_box_config_facade.sh
@@ -76,57 +76,8 @@ sing_box_cf_add_proxy_outbound() {
        packet_encoding=$(url_get_query_param "$url" "packetEncoding")

        config=$(sing_box_cm_add_vless_outbound "$config" "$tag" "$host" "$port" "$uuid" "$flow" "" "$packet_encoding")
-
-        local transport
-        transport=$(url_get_query_param "$url" "type")
-        case "$transport" in
-        tcp | raw) ;;
-        ws)
-            local ws_path ws_host ws_early_data
-            ws_path=$(url_get_query_param "$url" "path")
-            ws_host=$(url_get_query_param "$url" "host")
-            ws_early_data=$(url_get_query_param "$url" "ed")
-
-            config=$(sing_box_cm_set_ws_transport_for_outbound "$config" "$tag" "$ws_path" "$ws_host" "$ws_early_data")
-            ;;
-        grpc)
-            # TODO(ampetelin): Add handling of optional gRPC parameters; example links are needed.
-            config=$(sing_box_cm_set_grpc_transport_for_outbound "$config" "$tag")
-            ;;
-        *)
-            log "Unknown transport '$transport' detected." "error"
-            ;;
-        esac
-
-        local security
-        security=$(url_get_query_param "$url" "security")
-        case "$security" in
-        tls | reality)
-            local sni insecure alpn fingerprint public_key short_id
-            sni=$(url_get_query_param "$url" "sni")
-            insecure=$(url_get_query_param "$url" "allowInsecure")
-            alpn=$(comma_string_to_json_array "$(url_get_query_param "$url" "alpn")")
-            fingerprint=$(url_get_query_param "$url" "fp")
-            public_key=$(url_get_query_param "$url" "pbk")
-            short_id=$(url_get_query_param "$url" "sid")
-
-            config=$(
-                sing_box_cm_set_tls_for_outbound \
-                    "$config" \
-                    "$tag" \
-                    "$sni" \
-                    "$([ "$insecure" == "1" ] && echo true)" \
-                    "$([ "$alpn" == "[]" ] && echo null || echo "$alpn")" \
-                    "$fingerprint" \
-                    "$public_key" \
-                    "$short_id"
-            )
-            ;;
-        none) ;;
-        *)
-            log "Unknown security '$security' detected." "error"
-            ;;
-        esac
+        config=$(_add_outbound_security "$config" "$url")
+        config=$(_add_outbound_transport "$config" "$url")
        ;;
    ss)
        local userinfo tag host port method password udp_over_tcp
@@ -158,6 +109,17 @@ sing_box_cf_add_proxy_outbound() {
                "$([ "$udp_over_tcp" == "1" ] && echo 2)" # if udp_over_tcp is enabled, enable version 2
        )
        ;;
+    trojan)
+        local tag host port password
+        tag=$(get_outbound_tag_by_section "$section")
+        host=$(url_get_host "$url")
+        port=$(url_get_port "$url")
+        password=$(url_get_userinfo "$url")
+
+        config=$(sing_box_cm_add_trojan_outbound "$config" "$tag" "$host" "$port" "$password")
+        config=$(_add_outbound_security "$config" "$url")
+        config=$(_add_outbound_transport "$config" "$url")
+        ;;
    *)
        log "Unsupported proxy $scheme type"
        exit 1
@@ -167,6 +129,71 @@ sing_box_cf_add_proxy_outbound() {
    echo "$config"
 }

+_add_outbound_security() {
+    local config="$1"
+    local url="$2"
+
+    local security
+    security=$(url_get_query_param "$url" "security")
+    case "$security" in
+    tls | reality)
+        local sni insecure alpn fingerprint public_key short_id
+        sni=$(url_get_query_param "$url" "sni")
+        insecure=$(url_get_query_param "$url" "allowInsecure")
+        alpn=$(comma_string_to_json_array "$(url_get_query_param "$url" "alpn")")
+        fingerprint=$(url_get_query_param "$url" "fp")
+        public_key=$(url_get_query_param "$url" "pbk")
+        short_id=$(url_get_query_param "$url" "sid")
+
+        config=$(
+            sing_box_cm_set_tls_for_outbound \
+                "$config" \
+                "$tag" \
+                "$sni" \
+                "$([ "$insecure" == "1" ] && echo true)" \
+                "$([ "$alpn" == "[]" ] && echo null || echo "$alpn")" \
+                "$fingerprint" \
+                "$public_key" \
+                "$short_id"
+        )
+        ;;
+    none) ;;
+    *)
+        log "Unknown security '$security' detected." "error"
+        ;;
+    esac
+
+    echo "$config"
+}
+
+_add_outbound_transport() {
+    local config="$1"
+    local url="$2"
+
+    local transport
+    transport=$(url_get_query_param "$url" "type")
+    case "$transport" in
+    tcp | raw) ;;
+    ws)
+        local ws_path ws_host ws_early_data
+        ws_path=$(url_get_query_param "$url" "path")
+        ws_host=$(url_get_query_param "$url" "host")
+        ws_early_data=$(url_get_query_param "$url" "ed")
+
+        config=$(sing_box_cm_set_ws_transport_for_outbound "$config" "$tag" "$ws_path" "$ws_host" "$ws_early_data")
+        ;;
+    grpc)
+        # TODO(ampetelin): Add handling of optional gRPC parameters; example links are needed.
+        config=$(sing_box_cm_set_grpc_transport_for_outbound "$config" "$tag")
+        ;;
+    *)
+        log "Unknown transport '$transport' detected." "error"
+        ;;
+    esac
+
+    echo "$config"
+}
+
 sing_box_cf_add_json_outbound() {
    local config="$1"
    local section="$2"