OSDN Git Service

Merge Official Source
[immortalwrt/luci.git] / applications / luci-app-unblockneteasemusic / root / etc / init.d / unblockneteasemusic
1 #!/bin/sh /etc/rc.common
2 # SPDX-License-Identifier: GPL-3.0-only
3 #
4 # Copyright (C) 2019-2022 Tianling Shen <cnsztl@immortalwrt.org>
5
6 USE_PROCD=1
7
8 START=99
9 STOP=10
10
11 NAME="unblockneteasemusic"
12 UPGRADE_CONF="/lib/upgrade/keep.d/$NAME"
13
14 RULES_UC="/usr/share/$NAME/rules/default.uc"
15 RULES_NFT="/etc/nftables.d/90-$NAME-rules.nft"
16
17 is_enabled() {
18         local enabled
19         config_get_bool enabled "$1" "$2" "${3:-0}"
20         if [ "$enabled" -eq "1" ]; then
21                 return 0
22         else
23                 return 1
24         fi
25 }
26
27 append_param() {
28         procd_append_param command "$1" $2
29 }
30
31 append_param_arg() {
32         local value
33         config_get value "$1" "$2" $4
34         [ -n "$value" ] && append_param "$3" "$value"
35 }
36
37 append_param_env() {
38         local value
39         config_get value "$1" "$2" $4
40         [ -n "$value" ] && procd_append_param env "$3"="$value"
41 }
42
43 append_filter_client() {
44         local cfg="$1"
45
46         is_enabled "$cfg" "enable" || return 1
47
48         local ip_addr filter_mode
49         config_get ip_addr "$cfg" "ip_addr"
50         config_get filter_mode "$cfg" "filter_mode"
51         [ -n "$ip_addr" -a -n "$filter_mode" ] || return 1
52
53         case "${filter_mode}" in
54         "disable_http")
55                 acl_http_addr="${acl_http_addr:+$acl_http_addr\n}${ip_addr}"
56                 ;;
57         "disable_https")
58                 acl_https_addr="${acl_https_addr:+$acl_https_addr\n}${ip_addr}"
59                 ;;
60         "disable_all")
61                 acl_http_addr="${acl_http_addr:+$acl_http_addr\n}${ip_addr}"
62                 acl_https_addr="${acl_https_addr:+$acl_https_addr\n}${ip_addr}"
63                 ;;
64         esac
65 }
66
67 start_service() {
68         config_load "$NAME"
69         is_enabled "config" "enable" || return 1
70
71         local update_time
72         config_get update_time "config" "update_time" "3"
73         sed -i "/$NAME/d" /etc/crontabs/root
74         is_enabled "config" "auto_update" && echo "0 ${update_time} * * * /usr/share/$NAME/update.sh update_core" >> "/etc/crontabs/root"
75         echo "*/5 * * * * /usr/share/$NAME/log_check.sh" >> "/etc/crontabs/root"
76         /etc/init.d/cron restart
77
78         [ ! -s "/usr/share/$NAME/core/app.js" ] && { rm -f "/usr/share/$NAME/local_ver"; sh "/usr/share/$NAME/update.sh" "update_core_non_restart"; }
79         [ ! -s "/usr/share/$NAME/core/app.js" ] && { echo "Core Not Found, please download it before starting." >> "/tmp/$NAME.log"; exit 1; }
80
81         procd_open_instance "$NAME"
82         procd_set_param command node "/usr/share/$NAME/core/app.js"
83         append_param "-a" "0.0.0.0"
84
85         local http_port https_port hijack_ways
86         config_get http_port "config" "http_port" "5200"
87         config_get https_port "config" "https_port" "5201"
88         config_get hijack_ways "config" "hijack_ways" "use_ipset"
89         [ "${hijack_ways}" = "use_hosts" ] && { http_port="80"; https_port="443"; }
90         append_param "-p" "${http_port}":"${https_port}"
91
92         json_init
93         if is_enabled "config" "pub_access"; then
94                 json_add_int o_pub_access "1"
95         else
96                 json_add_int o_pub_access "0"
97         fi
98         json_add_int o_http_port "${http_port}"
99         json_add_int o_https_port "${https_port}"
100         json_add_string o_hijack_ways "${hijack_ways}"
101
102         local music_source
103         config_get music_source "config" "music_source" "default"
104         [ "${music_source}" != "default" ] && append_param -o "${music_source}"
105
106         append_param_arg "config" "cnrelay" "-c"
107         append_param_arg "config" "endpoint_url" "-e" "https://music.163.com"
108         append_param_arg "config" "netease_server_ip" "-f"
109         append_param_arg "config" "proxy_server_ip" "-u"
110         is_enabled "config" "strict_mode" && append_param "-s"
111
112         local log_level
113         config_get log_level "config" "log_level" "info"
114         procd_set_param env LOG_FILE="/tmp/$NAME.log"
115         procd_append_param env LOG_LEVEL="$log_level"
116
117         append_param_env "config" "joox_cookie" "JOOX_COOKIE"
118         append_param_env "config" "qq_cookie" "QQ_COOKIE"
119         append_param_env "config" "youtube_key" "YOUTUBE_KEY"
120         append_param_env "config" "self_issue_cert_crt" "SIGN_CERT" "/usr/share/$NAME/core/server.crt"
121         append_param_env "config" "self_issue_cert_key" "SIGN_KEY" "/usr/share/$NAME/core/server.key"
122
123         is_enabled "config" "follow_source_order" && procd_append_param env FOLLOW_SOURCE_ORDER="true"
124         is_enabled "config" "enable_flac" && procd_append_param env ENABLE_FLAC="true"
125         is_enabled "config" "local_vip" && procd_append_param env ENABLE_LOCAL_VIP="true"
126         is_enabled "config" "disable_upgrade_check" && procd_append_param env DISABLE_UPGRADE_CHECK="true"
127         case "$(config_get "config" "replace_music_source")" in
128                 "lower_than_192kbps") procd_append_param env MIN_BR="192000" ;;
129                 "lower_than_320kbps") procd_append_param env MIN_BR="320000" ;;
130                 "lower_than_999kbps") procd_append_param env MIN_BR="600000" ;;
131                 "replace_all") procd_append_param env MIN_BR="9999999" ;;
132         esac
133
134         procd_set_param stdout 1
135         procd_set_param stderr 1
136         procd_set_param respawn
137
138         local lan_addr="$(uci -q get network.lan.ipaddr)"
139         local tmp="/tmp/$NAME"
140         if [ "${hijack_ways}" = "use_ipset" ]; then
141                 mkdir -p "/tmp/dnsmasq.d"
142                 rm -f "/tmp/dnsmasq.d/dnsmasq-$NAME.conf"
143                 cat <<-EOF > "/tmp/dnsmasq.d/dnsmasq-$NAME.conf"
144                         dhcp-option=252,http://${lan_addr}:${http_port}/proxy.pac
145                         nftset=/.music.163.com/inet#fw4#neteasemusic
146                         nftset=/interface.music.163.com/inet#fw4#neteasemusic
147                         nftset=/interface3.music.163.com/inet#fw4#neteasemusic
148                         nftset=/apm.music.163.com/inet#fw4#neteasemusic
149                         nftset=/apm3.music.163.com/inet#fw4#neteasemusic
150                         nftset=/clientlog.music.163.com/inet#fw4#neteasemusic
151                         nftset=/clientlog3.music.163.com/inet#fw4#neteasemusic
152                 EOF
153                 /etc/init.d/dnsmasq reload
154
155                 config_foreach append_filter_client "acl_rule"
156
157                 local netease_music_ips="$(uclient-fetch -qO- "http://httpdns.n.netease.com/httpdns/v2/d?domain=music.163.com,interface.music.163.com,interface3.music.163.com,apm.music.163.com,apm3.music.163.com,clientlog.music.163.com,clientlog3.music.163.com" |jsonfilter -e '@.data.*.ip.*')"
158                 local netease_music_ips2="$(uclient-fetch -qO- "https://music.httpdns.c.163.com/d" --post-data="music.163.com,interface.music.163.com,interface3.music.163.com,apm.music.163.com,apm3.music.163.com,clientlog.music.163.com,clientlog3.music.163.com" |jsonfilter -e '@.dns.*["ips"].*')"
159                 local neteasemusic_addr="$(echo -e "${netease_music_ips}\n${netease_music_ips2}" | sort -u | awk '{print $1}')"
160
161                 json_add_string o_acl_http_addr "$(echo -e "${acl_http_addr}" | sort -u | awk '{print $1}')"
162                 json_add_string o_acl_https_addr "$(echo -e "${acl_https_addr}" | sort -u | awk '{print $1}')"
163                 json_add_string o_neteasemusic_addr "$neteasemusic_addr"
164         elif [ "${hijack_ways}" = "use_hosts" ]; then
165                 mkdir -p "/tmp/dnsmasq.d"
166                 rm -f "/tmp/dnsmasq.d/dnsmasq-$NAME.conf"
167                 cat <<-EOF > "/tmp/dnsmasq.d/dnsmasq-$NAME.conf"
168                         dhcp-option=252,http://${lan_addr}:${http_port}/proxy.pac
169                         address=/music.163.com/${lan_addr}
170                         address=/interface.music.163.com/${lan_addr}
171                         address=/interface3.music.163.com/${lan_addr}
172                         address=/apm.music.163.com/${lan_addr}
173                         address=/apm3.music.163.com/${lan_addr}
174                         address=/clientlog.music.163.com/${lan_addr}
175                         address=/clientlog3.music.163.com/${lan_addr}
176                         address=/music.httpdns.c.163.com/0.0.0.0
177                 EOF
178                 /etc/init.d/dnsmasq reload
179
180                 ip route add "223.252.199.10" dev lo
181         fi
182
183         json_dump -i >"$tmp.json"
184         if utpl -F "$tmp.json" -S "$RULES_UC" > "$tmp.nft" && ! cmp -s "$tmp.nft" "$RULES_NFT"; then
185                 echo "table inet chk {include \"$tmp.nft\";}" > "$tmp.nft.chk"
186                 ! nft -f "$tmp.nft.chk" -c || { mv -f "$tmp.nft" "$RULES_NFT"; fw4 reload; }
187         fi
188         rm -f "$tmp.json" "$tmp.nft" "$tmp.nft.chk"
189
190         procd_close_instance
191 } >"/dev/null" 2>&1
192
193 stop_service() {
194         config_load "$NAME"
195
196         sed -i "/$NAME/d" "/etc/crontabs/root"
197         /etc/init.d/cron restart
198
199         rm -f "${UPGRADE_CONF}"
200         is_enabled "config" "keep_core_when_upgrade" && {
201                 echo "/usr/share/$NAME/core/" >> "${UPGRADE_CONF}"
202                 echo "/usr/share/$NAME/local_ver" >> "${UPGRADE_CONF}"
203         }
204
205         local self_issue_cert_crt self_issue_cert_key
206         config_get "self_issue_cert_crt" "config" "self_issue_cert_crt"
207         config_get "self_issue_cert_key" "config" "self_issue_cert_key"
208         { [ -f "${self_issue_cert_crt}" ] && [ -f "${self_issue_cert_key}" ]; } && {
209                 echo "${self_issue_cert_crt}" >> "${UPGRADE_CONF}"
210                 echo "${self_issue_cert_key}" >> "${UPGRADE_CONF}"
211         }
212
213         local chain settable
214         for chain in "netease_cloud_music_redir" "netease_cloud_music"; do
215                 nft flush chain inet fw4 "$chain"
216         done
217         for settable in "acl_neteasemusic_http" "acl_neteasemusic_https" "local_addr" "neteasemusic"; do
218                 nft flush set inet fw4 "$set"
219         done
220
221         rm -f "$RULES_NFT"
222         fw4 reload
223
224         rm -f "/tmp/dnsmasq.d/dnsmasq-$NAME.conf"
225         /etc/init.d/dnsmasq reload
226
227         ip route del "223.252.199.10"
228
229         rm -f "/tmp/$NAME.log"
230 } >"/dev/null" 2>&1
231
232 reload_service() {
233         stop
234         start
235 }
236
237 service_triggers() {
238         procd_add_reload_trigger "$NAME"
239 }