-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathupdate.sh
More file actions
159 lines (126 loc) · 3.89 KB
/
update.sh
File metadata and controls
159 lines (126 loc) · 3.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
#!/usr/bin/env sh
# --------------------------------------------------
# PAC 更新脚本(最终版)
#
# 模式说明:
#
# 【模式 A】配置了 GFWLIST_URL
# - 使用 genpac
# - 不注入自定义规则
# - genpac 全权负责 FindProxyForURL
#
# 【模式 B】未配置 GFWLIST_URL
# - 不使用 genpac
# - 使用用户自定义规则
# - 默认走代理
# - 内网地址默认直连(RFC1918)
#
# --------------------------------------------------
set -e
WORKDIR="${WORKDIR:-/data}"
OUT_FILE="${OUT_FILE:-$WORKDIR/proxy.pac}"
PAC_PROXY="${PAC_PROXY:-SOCKS5 127.0.0.1:1080; DIRECT}"
PAC_COMPRESS="${PAC_COMPRESS:-true}"
GFWLIST_URL="${GFWLIST_URL:-}"
PAC_BLOCK_LIST="${PAC_BLOCK_LIST:-}"
PAC_DIRECT_LIST="${PAC_DIRECT_LIST:-}"
WEBHOOK_SUCCESS_URL="${WEBHOOK_SUCCESS_URL:-}"
WEBHOOK_SUCCESS_OPTIONS="${WEBHOOK_SUCCESS_OPTIONS:-}"
WEBHOOK_FAILURE_URL="${WEBHOOK_FAILURE_URL:-}"
WEBHOOK_FAILURE_OPTIONS="${WEBHOOK_FAILURE_OPTIONS:-}"
mkdir -p "$WORKDIR"
# ---------------- 工具函数 ----------------
log() {
echo "[$(date '+%F %T')] $1"
}
notify_webhook() {
local url="$1"
shift
[ -z "$url" ] && return
curl -s -X POST -H "Content-Type: application/json" -d "$*" "$url" || true
}
fail() {
log "FAILED"
notify_webhook "$WEBHOOK_FAILURE_URL" "$WEBHOOK_FAILURE_OPTIONS"
exit 1
}
trap fail ERR
# 去空格 + 拆分
normalize_list() {
echo "$1" \
| tr ',' '\n' \
| sed 's/^[[:space:]]*//;s/[[:space:]]*$//' \
| sed '/^$/d'
}
# 转成 JS 数组
to_js_array() {
normalize_list "$1" \
| sed 's/^/"/;s/$/"/' \
| paste -sd,
}
# ==================================================
# START
# ==================================================
log "START"
# ==================================================
# 模式 A:使用 genpac(有 GFWLIST_URL)
# ==================================================
if [ -n "$GFWLIST_URL" ]; then
log "检测到 GFWLIST_URL,使用 genpac 模式"
CMD="genpac --format=pac --pac-proxy=\"$PAC_PROXY\" --gfwlist-url=\"$GFWLIST_URL\""
[ "$PAC_COMPRESS" = "true" ] && CMD="$CMD --pac-compress"
sh -c "$CMD" > "$OUT_FILE"
log "SUCCESS (genpac mode)"
notify_webhook "$WEBHOOK_SUCCESS_URL" "$WEBHOOK_SUCCESS_OPTIONS"
exit 0
fi
# ==================================================
# 模式 B:纯用户规则 PAC(无 genpac)
# ==================================================
log "未配置 GFWLIST_URL,使用纯用户规则 PAC"
block_js="$(to_js_array "$PAC_BLOCK_LIST")"
direct_js="$(to_js_array "$PAC_DIRECT_LIST")"
cat > "$OUT_FILE" <<EOF
// --------------------------------------------------
// User defined PAC (no genpac)
// --------------------------------------------------
function isMatch(host, list) {
for (var i = 0; i < list.length; i++) {
var rule = list[i];
if (rule.indexOf('*') !== -1) {
if (shExpMatch(host, rule)) return true;
} else {
if (host === rule || shExpMatch(host, "*." + rule)) return true;
}
}
return false;
}
var BLOCK_LIST = [${block_js}];
var DIRECT_LIST = [${direct_js}];
var PAC_PROXY = "${PAC_PROXY}";
function FindProxyForURL(url, host) {
// 0️⃣ 本地 / 内网地址:永远直连
if (
host === "localhost" ||
host.indexOf('.') === -1 ||
isInNet(host, "127.0.0.0", "255.0.0.0") ||
isInNet(host, "10.0.0.0", "255.0.0.0") ||
isInNet(host, "172.16.0.0", "255.240.0.0") ||
isInNet(host, "192.168.0.0", "255.255.0.0")
) {
return "DIRECT";
}
// 1️⃣ 黑名单:直接丢弃
if (BLOCK_LIST.length && isMatch(host, BLOCK_LIST)) {
return "PROXY 0.0.0.0:0";
}
// 2️⃣ 强制直连
if (DIRECT_LIST.length && isMatch(host, DIRECT_LIST)) {
return "DIRECT";
}
// 3️⃣ 默认:走代理
return PAC_PROXY;
}
EOF
log "SUCCESS (user rules mode)"
notify_webhook "$WEBHOOK_SUCCESS_URL" "$WEBHOOK_SUCCESS_OPTIONS"