mirror of
https://github.com/wnlen/clash-for-linux.git
synced 2026-02-04 10:11:28 +08:00
Merge pull request #96 from wnlen/codex/identify-project-shortcomings
Harden startup defaults, safe download behavior, and graceful shutdown
This commit is contained in:
@ -16,6 +16,8 @@
|
||||
- 本项目是基于 [clash](https://github.com/Dreamacro/clash) 、[yacd](https://github.com/haishanh/yacd) 进行的配置整合,关于clash、yacd的详细配置请去原项目查看。
|
||||
- 此项目不提供任何订阅信息,请自行准备Clash订阅地址。
|
||||
- 运行前请手动更改`.env`文件中的`CLASH_URL`变量值,否则无法正常运行。
|
||||
- 默认将管理面板仅绑定到本机(`127.0.0.1:9090`),如需对外访问请在`.env`中自行配置并确保`CLASH_SECRET`足够复杂。
|
||||
- 默认开启 TLS 证书校验,若确需跳过校验请在`.env`中设置`ALLOW_INSECURE_TLS=true`(不推荐)。
|
||||
- 当前在RHEL系列和Debian系列Linux系统中测试过,其他系列可能需要适当修改脚本。
|
||||
- 支持 x86_64/aarch64 平台
|
||||
|
||||
@ -71,7 +73,7 @@ Clash订阅地址可访问! [ OK ]
|
||||
Clash Dashboard 访问地址:http://<ip>:9090/ui
|
||||
Secret:xxxxxxxxxxxxx
|
||||
|
||||
请执行以下命令加载环境变量: source /etc/profile.d/clash.sh
|
||||
请执行以下命令加载环境变量: source /etc/profile.d/clash-for-linux.sh
|
||||
|
||||
请执行以下命令开启系统代理: proxy_on
|
||||
|
||||
@ -80,7 +82,7 @@ Secret:xxxxxxxxxxxxx
|
||||
```
|
||||
|
||||
```bash
|
||||
$ source /etc/profile.d/clash.sh
|
||||
$ source /etc/profile.d/clash-for-linux.sh
|
||||
$ proxy_on
|
||||
```
|
||||
|
||||
|
||||
20
restart.sh
20
restart.sh
@ -45,12 +45,21 @@ Log_Dir="$Server_Dir/logs"
|
||||
Text1="服务关闭成功!"
|
||||
Text2="服务关闭失败!"
|
||||
# 查询并关闭程序进程
|
||||
PID_NUM=`ps -ef | grep [c]lash-linux-a | wc -l`
|
||||
PID=`ps -ef | grep [c]lash-linux-a | awk '{print $2}'`
|
||||
if [ $PID_NUM -ne 0 ]; then
|
||||
kill -9 $PID
|
||||
PIDS=$(pgrep -f "clash-linux-")
|
||||
if [ -n "$PIDS" ]; then
|
||||
kill $PIDS
|
||||
ReturnStatus=$?
|
||||
# ps -ef | grep [c]lash-linux-a | awk '{print $2}' | xargs kill -9
|
||||
for i in {1..5}; do
|
||||
sleep 1
|
||||
if ! pgrep -f "clash-linux-" >/dev/null; then
|
||||
break
|
||||
fi
|
||||
done
|
||||
if pgrep -f "clash-linux-" >/dev/null; then
|
||||
kill -9 $PIDS
|
||||
fi
|
||||
else
|
||||
ReturnStatus=0
|
||||
fi
|
||||
if_success $Text1 $Text2 $ReturnStatus
|
||||
|
||||
@ -87,4 +96,3 @@ else
|
||||
echo -e "\033[31m\n[ERROR] Unsupported CPU Architecture!\033[0m"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
19
shutdown.sh
19
shutdown.sh
@ -1,14 +1,21 @@
|
||||
#!/bin/bash
|
||||
|
||||
# 关闭clash服务
|
||||
PID_NUM=`ps -ef | grep [c]lash-linux-a | wc -l`
|
||||
PID=`ps -ef | grep [c]lash-linux-a | awk '{print $2}'`
|
||||
if [ $PID_NUM -ne 0 ]; then
|
||||
kill -9 $PID
|
||||
# ps -ef | grep [c]lash-linux-a | awk '{print $2}' | xargs kill -9
|
||||
PIDS=$(pgrep -f "clash-linux-")
|
||||
if [ -n "$PIDS" ]; then
|
||||
kill $PIDS
|
||||
for i in {1..5}; do
|
||||
sleep 1
|
||||
if ! pgrep -f "clash-linux-" >/dev/null; then
|
||||
break
|
||||
fi
|
||||
done
|
||||
if pgrep -f "clash-linux-" >/dev/null; then
|
||||
kill -9 $PIDS
|
||||
fi
|
||||
fi
|
||||
|
||||
# 清除环境变量
|
||||
> /etc/profile.d/clash.sh
|
||||
> /etc/profile.d/clash-for-linux.sh
|
||||
|
||||
echo -e "\n服务关闭成功,请执行以下命令关闭系统代理:proxy_off\n"
|
||||
|
||||
50
start.sh
50
start.sh
@ -35,9 +35,10 @@ CLASH_HTTP_PORT=${CLASH_HTTP_PORT:-7890}
|
||||
CLASH_SOCKS_PORT=${CLASH_SOCKS_PORT:-7891}
|
||||
CLASH_REDIR_PORT=${CLASH_REDIR_PORT:-7892}
|
||||
CLASH_LISTEN_IP=${CLASH_LISTEN_IP:-0.0.0.0}
|
||||
CLASH_ALLOW_LAN=${CLASH_ALLOW_LAN:-true}
|
||||
CLASH_ALLOW_LAN=${CLASH_ALLOW_LAN:-false}
|
||||
EXTERNAL_CONTROLLER_ENABLED=${EXTERNAL_CONTROLLER_ENABLED:-true}
|
||||
EXTERNAL_CONTROLLER=${EXTERNAL_CONTROLLER:-0.0.0.0:9090}
|
||||
EXTERNAL_CONTROLLER=${EXTERNAL_CONTROLLER:-127.0.0.1:9090}
|
||||
ALLOW_INSECURE_TLS=${ALLOW_INSECURE_TLS:-false}
|
||||
|
||||
|
||||
|
||||
@ -110,14 +111,19 @@ Text1="Clash订阅地址可访问!"
|
||||
Text2="Clash订阅地址不可访问!"
|
||||
|
||||
# 构建检测 curl 命令,添加自定义请求头
|
||||
CHECK_CMD="curl -o /dev/null -L -k -sS --retry 5 -m 10 --connect-timeout 10 -w \"%{http_code}\""
|
||||
if [ -n "$CLASH_HEADERS" ]; then
|
||||
CHECK_CMD="$CHECK_CMD -H '$CLASH_HEADERS'"
|
||||
CHECK_CMD=(curl -o /dev/null -L -sS --retry 5 -m 10 --connect-timeout 10 -w "%{http_code}")
|
||||
if [ "$ALLOW_INSECURE_TLS" = "true" ]; then
|
||||
CHECK_CMD+=(-k)
|
||||
echo -e "\033[33m[WARN] 已启用不安全的 TLS 下载(跳过证书校验)\033[0m"
|
||||
fi
|
||||
CHECK_CMD="$CHECK_CMD $URL"
|
||||
if [ -n "$CLASH_HEADERS" ]; then
|
||||
CHECK_CMD+=(-H "$CLASH_HEADERS")
|
||||
fi
|
||||
CHECK_CMD+=("$URL")
|
||||
|
||||
# 检查订阅地址
|
||||
eval $CHECK_CMD | grep -E '^[23][0-9]{2}$' &>/dev/null
|
||||
status_code=$("${CHECK_CMD[@]}")
|
||||
echo "$status_code" | grep -E '^[23][0-9]{2}$' &>/dev/null
|
||||
ReturnStatus=$?
|
||||
if_success $Text1 $Text2 $ReturnStatus
|
||||
|
||||
@ -127,26 +133,32 @@ Text3="配置文件config.yaml下载成功!"
|
||||
Text4="配置文件config.yaml下载失败,退出启动!"
|
||||
|
||||
# 构建 curl 命令,添加自定义请求头
|
||||
CURL_CMD="curl -L -k -sS --retry 5 -m 10 -o $Temp_Dir/clash.yaml"
|
||||
if [ -n "$CLASH_HEADERS" ]; then
|
||||
CURL_CMD="$CURL_CMD -H '$CLASH_HEADERS'"
|
||||
CURL_CMD=(curl -L -sS --retry 5 -m 10 -o "$Temp_Dir/clash.yaml")
|
||||
if [ "$ALLOW_INSECURE_TLS" = "true" ]; then
|
||||
CURL_CMD+=(-k)
|
||||
fi
|
||||
CURL_CMD="$CURL_CMD $URL"
|
||||
if [ -n "$CLASH_HEADERS" ]; then
|
||||
CURL_CMD+=(-H "$CLASH_HEADERS")
|
||||
fi
|
||||
CURL_CMD+=("$URL")
|
||||
|
||||
# 尝试使用curl进行下载
|
||||
eval $CURL_CMD
|
||||
"${CURL_CMD[@]}"
|
||||
ReturnStatus=$?
|
||||
if [ $ReturnStatus -ne 0 ]; then
|
||||
# 如果使用curl下载失败,尝试使用wget进行下载
|
||||
WGET_CMD="wget -q --no-check-certificate -O $Temp_Dir/clash.yaml"
|
||||
if [ -n "$CLASH_HEADERS" ]; then
|
||||
WGET_CMD="$WGET_CMD --header='$CLASH_HEADERS'"
|
||||
WGET_CMD=(wget -q -O "$Temp_Dir/clash.yaml")
|
||||
if [ "$ALLOW_INSECURE_TLS" = "true" ]; then
|
||||
WGET_CMD+=(--no-check-certificate)
|
||||
fi
|
||||
WGET_CMD="$WGET_CMD $URL"
|
||||
if [ -n "$CLASH_HEADERS" ]; then
|
||||
WGET_CMD+=(--header="$CLASH_HEADERS")
|
||||
fi
|
||||
WGET_CMD+=("$URL")
|
||||
|
||||
for i in {1..10}
|
||||
do
|
||||
eval $WGET_CMD
|
||||
"${WGET_CMD[@]}"
|
||||
ReturnStatus=$?
|
||||
if [ $ReturnStatus -eq 0 ]; then
|
||||
break
|
||||
@ -236,7 +248,7 @@ fi
|
||||
echo ''
|
||||
|
||||
# 添加环境变量(root权限) - 使用配置的端口
|
||||
cat>/etc/profile.d/clash.sh<<EOF
|
||||
cat>/etc/profile.d/clash-for-linux.sh<<EOF
|
||||
# 开启系统代理
|
||||
function proxy_on() {
|
||||
export http_proxy=http://${CLASH_LISTEN_IP}:${CLASH_HTTP_PORT}
|
||||
@ -260,6 +272,6 @@ function proxy_off(){
|
||||
}
|
||||
EOF
|
||||
|
||||
echo -e "请执行以下命令加载环境变量: source /etc/profile.d/clash.sh\n"
|
||||
echo -e "请执行以下命令加载环境变量: source /etc/profile.d/clash-for-linux.sh\n"
|
||||
echo -e "请执行以下命令开启系统代理: proxy_on\n"
|
||||
echo -e "若要临时关闭系统代理,请执行: proxy_off\n"
|
||||
Reference in New Issue
Block a user