优化配置布局

2026-04-15 16:21:17 +08:00
parent 1647cda714
commit 98f3974260
2 changed files with 111 additions and 12 deletions
--- a/install.sh
+++ b/install.sh
@@ -13,7 +13,10 @@ NC='\033[0m'

 # Configuration
 CONFIG_DIR="/etc/sing-box"
-CONFIG_FILE="$CONFIG_DIR/config.json"
+CONFIG_MERGE_DIR="$CONFIG_DIR/config.d"
+CONFIG_BASE_FILE="$CONFIG_MERGE_DIR/10-base.json"
+CONFIG_OUTBOUNDS_FILE="$CONFIG_MERGE_DIR/20-outbounds.json"
+WORK_DIR="/var/lib/sing-box"
 BINARY_PATH="/usr/local/bin/sing-box"
 SERVICE_NAME="ganclient"
 SERVICE_FILE="/etc/systemd/system/${SERVICE_NAME}.service"
@@ -38,7 +41,8 @@ esac

 # Prepare directories
 mkdir -p "$CONFIG_DIR"
-mkdir -p "/var/lib/sing-box"
+mkdir -p "$CONFIG_MERGE_DIR"
+mkdir -p "$WORK_DIR"

 # Check and Install Go
 install_go() {
@@ -241,7 +245,7 @@ SERVICE_JSON+=$'\n    }'

 # Generate Configuration
 echo -e "${YELLOW}Generating configuration...${NC}"
-cat > "$CONFIG_FILE" <<EOF
+cat > "$CONFIG_BASE_FILE" <<EOF
 {
  "log": {
    "level": "info",
@@ -250,7 +254,7 @@ cat > "$CONFIG_FILE" <<EOF
  "experimental": {
    "cache_file": {
      "enabled": true,
-      "path": "/var/lib/sing-box/cache.db"
+      "path": "$WORK_DIR/cache.db"
    }
  },
  "dns": {
@@ -267,12 +271,6 @@ cat > "$CONFIG_FILE" <<EOF
 ${SERVICE_JSON}
  ],
  "inbounds": [],
-  "outbounds": [
-    {
-      "type": "direct",
-      "tag": "direct"
-    }
-  ],
  "route": {
    "rules": [
      {
@@ -285,7 +283,20 @@ ${SERVICE_JSON}
 }
 EOF

-echo -e "${GREEN}Configuration written to $CONFIG_FILE${NC}"
+cat > "$CONFIG_OUTBOUNDS_FILE" <<EOF
+{
+  "outbounds": [
+    {
+      "type": "direct",
+      "tag": "direct"
+    }
+  ]
+}
+EOF
+
+echo -e "${GREEN}Base configuration written to $CONFIG_BASE_FILE${NC}"
+echo -e "${GREEN}Outbound configuration written to $CONFIG_OUTBOUNDS_FILE${NC}"
+echo -e "${YELLOW}Edit $CONFIG_OUTBOUNDS_FILE when adding custom sing-box outbounds.${NC}"

 if [[ "$ENABLE_PROXY_PROTOCOL_HINT" =~ ^([yY][eE][sS]|[yY]|1|true|TRUE)$ ]]; then
    echo -e "${YELLOW}Proxy Protocol deployment hint enabled.${NC}"
@@ -308,7 +319,7 @@ After=network.target nss-lookup.target
 [Service]
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
 AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
-ExecStart=$BINARY_PATH run -c $CONFIG_FILE
+ExecStart=$BINARY_PATH -D $WORK_DIR -C $CONFIG_MERGE_DIR run
 Restart=on-failure
 RestartSec=10
 LimitNOFILE=infinity
--- a/service/xboard/service.go
+++ b/service/xboard/service.go
@@ -106,6 +106,12 @@ type XNodeConfig struct {
 	ServerName     string          `json:"server_name,omitempty"`
 	ServerPortText string          `json:"server_port_text,omitempty"`
 	Network        string          `json:"network"`
+	DisableTCPKeepAlive  bool               `json:"disable_tcp_keep_alive,omitempty"`
+	DisableTCPKeepAlive_ bool               `json:"disableTcpKeepAlive,omitempty"`
+	TCPKeepAlive         badoption.Duration `json:"tcp_keep_alive,omitempty"`
+	TCPKeepAlive_        badoption.Duration `json:"tcpKeepAlive,omitempty"`
+	TCPKeepAliveInterval badoption.Duration `json:"tcp_keep_alive_interval,omitempty"`
+	TCPKeepAliveInterval_ badoption.Duration `json:"tcpKeepAliveInterval,omitempty"`
 	AcceptProxyProtocol  bool      `json:"accept_proxy_protocol,omitempty"`
 	AcceptProxyProtocol_ bool      `json:"acceptProxyProtocol,omitempty"`
 	Multiplex      *XMultiplexConfig `json:"multiplex,omitempty"`
@@ -164,6 +170,12 @@ type XInnerConfig struct {
 	Dest            string          `json:"dest,omitempty"`
 	ServerName      string          `json:"server_name,omitempty"`
 	Network         string          `json:"network"`
+	DisableTCPKeepAlive  bool               `json:"disable_tcp_keep_alive,omitempty"`
+	DisableTCPKeepAlive_ bool               `json:"disableTcpKeepAlive,omitempty"`
+	TCPKeepAlive         badoption.Duration `json:"tcp_keep_alive,omitempty"`
+	TCPKeepAlive_        badoption.Duration `json:"tcpKeepAlive,omitempty"`
+	TCPKeepAliveInterval badoption.Duration `json:"tcp_keep_alive_interval,omitempty"`
+	TCPKeepAliveInterval_ badoption.Duration `json:"tcpKeepAliveInterval,omitempty"`
 	AcceptProxyProtocol  bool       `json:"accept_proxy_protocol,omitempty"`
 	AcceptProxyProtocol_ bool       `json:"acceptProxyProtocol,omitempty"`
 	Multiplex       *XMultiplexConfig `json:"multiplex,omitempty"`
@@ -726,6 +738,66 @@ func acceptProxyProtocolEnabled(inner XInnerConfig, config *XNodeConfig) bool {
 	return false
 }

+const (
+	defaultXboardTCPKeepAlive         = 30 * time.Second
+	defaultXboardTCPKeepAliveInterval = 15 * time.Second
+)
+
+func resolveTCPKeepAlive(inner XInnerConfig, config *XNodeConfig, settings json.RawMessage) (bool, badoption.Duration, badoption.Duration) {
+	disableKeepAlive := inner.DisableTCPKeepAlive || inner.DisableTCPKeepAlive_
+	if !disableKeepAlive && config != nil {
+		disableKeepAlive = config.DisableTCPKeepAlive || config.DisableTCPKeepAlive_
+	}
+	if !disableKeepAlive {
+		if networkDisable, ok := readNetworkBool(unmarshalNetworkSettings(settings), "disable_tcp_keep_alive", "disableTcpKeepAlive"); ok {
+			disableKeepAlive = networkDisable
+		}
+	}
+	if disableKeepAlive {
+		return true, 0, 0
+	}
+
+	keepAlive := inner.TCPKeepAlive
+	if keepAlive == 0 {
+		keepAlive = inner.TCPKeepAlive_
+	}
+	if keepAlive == 0 && config != nil {
+		keepAlive = config.TCPKeepAlive
+	}
+	if keepAlive == 0 && config != nil {
+		keepAlive = config.TCPKeepAlive_
+	}
+	if keepAlive == 0 {
+		if networkKeepAlive, ok := readNetworkDuration(unmarshalNetworkSettings(settings), "tcp_keep_alive", "tcpKeepAlive"); ok {
+			keepAlive = networkKeepAlive
+		}
+	}
+	if keepAlive == 0 {
+		keepAlive = badoption.Duration(defaultXboardTCPKeepAlive)
+	}
+
+	keepAliveInterval := inner.TCPKeepAliveInterval
+	if keepAliveInterval == 0 {
+		keepAliveInterval = inner.TCPKeepAliveInterval_
+	}
+	if keepAliveInterval == 0 && config != nil {
+		keepAliveInterval = config.TCPKeepAliveInterval
+	}
+	if keepAliveInterval == 0 && config != nil {
+		keepAliveInterval = config.TCPKeepAliveInterval_
+	}
+	if keepAliveInterval == 0 {
+		if networkKeepAliveInterval, ok := readNetworkDuration(unmarshalNetworkSettings(settings), "tcp_keep_alive_interval", "tcpKeepAliveInterval"); ok {
+			keepAliveInterval = networkKeepAliveInterval
+		}
+	}
+	if keepAliveInterval == 0 {
+		keepAliveInterval = badoption.Duration(defaultXboardTCPKeepAliveInterval)
+	}
+
+	return false, keepAlive, keepAliveInterval
+}
+
 func (s *Service) setupNode() error {
 	s.logger.Info("Xboard fetching node config...")
 	config, err := s.fetchConfig()
@@ -844,11 +916,27 @@ func (s *Service) setupNode() error {
 	} else {
 		listenAddr = badoption.Addr(netip.IPv4Unspecified())
 	}
+	tcpNetworkSettings := inner.NetworkSettings
+	if len(tcpNetworkSettings) == 0 {
+		tcpNetworkSettings = inner.NetworkSettings_
+	}

 	listen := option.ListenOptions{
 		Listen:     &listenAddr,
 		ListenPort: uint16(inner.Port),
 	}
+	disableTCPKeepAlive, tcpKeepAlive, tcpKeepAliveInterval := resolveTCPKeepAlive(inner, config, tcpNetworkSettings)
+	listen.DisableTCPKeepAlive = disableTCPKeepAlive
+	if !disableTCPKeepAlive {
+		listen.TCPKeepAlive = tcpKeepAlive
+		listen.TCPKeepAliveInterval = tcpKeepAliveInterval
+		s.logger.Info(
+			"Xboard TCP keepalive configured. idle=", time.Duration(tcpKeepAlive),
+			", interval=", time.Duration(tcpKeepAliveInterval),
+		)
+	} else {
+		s.logger.Warn("Xboard TCP keepalive disabled by panel config")
+	}
 	if acceptProxyProtocolEnabled(inner, config) {
 		listen.ProxyProtocol = true
 		s.logger.Info("Xboard PROXY protocol enabled for inbound on ", inner.ListenIP, ":", inner.Port)