refactor: optimize init script

Dockerfile

@@ -1,6 +1,6 @@
 FROM alpine as asset
 COPY ./asset.sh /
-RUN apk --update add --no-cache curl wget jq && \
+RUN apk add curl wget jq && \
     sh /asset.sh
 
 FROM alpine

load.sh

@@ -4,20 +4,20 @@ ASSET_DIR="$XRAY_DIR/expose/asset"
 CONFIG_DIR="$XRAY_DIR/expose/config"
 NETWORK_DIR="$XRAY_DIR/expose/network"
 
-load_xray_log(){
-log_level=$(cat $LOG_DIR/level)
-legal=false
-[ "$log_level" == "debug" ] && legal=true
-[ "$log_level" == "info" ] && legal=true
-[ "$log_level" == "warning" ] && legal=true
-[ "$log_level" == "error" ] && legal=true
-[ "$log_level" == "none" ] && legal=true
-[ "$legal" == false ] && log_level="warning"
-if [ "$log_level" != "none" ]; then
-  [ ! -f "$LOG_DIR/access.log" ] && touch $LOG_DIR/access.log
-  [ ! -f "$LOG_DIR/error.log" ] && touch $LOG_DIR/error.log
-fi
-cat>$XRAY_DIR/config/log.json<<EOF
+load_xray_log() {
+  log_level=$(cat $LOG_DIR/level)
+  legal=false
+  [ "$log_level" == "debug" ] && legal=true
+  [ "$log_level" == "info" ] && legal=true
+  [ "$log_level" == "warning" ] && legal=true
+  [ "$log_level" == "error" ] && legal=true
+  [ "$log_level" == "none" ] && legal=true
+  [ "$legal" == false ] && log_level="warning"
+  if [ "$log_level" != "none" ]; then
+    [ ! -f "$LOG_DIR/access.log" ] && touch $LOG_DIR/access.log
+    [ ! -f "$LOG_DIR/error.log" ] && touch $LOG_DIR/error.log
+  fi
+  cat > $XRAY_DIR/config/log.json << EOF
 {
   "log": {
     "loglevel": "$log_level",
@@ -28,8 +28,8 @@ cat>$XRAY_DIR/config/log.json<<EOF
 EOF
 }
 
-load_xray_inbounds(){
-cat>$XRAY_DIR/config/inbounds.json<<EOF
+load_xray_inbounds() {
+  cat > $XRAY_DIR/config/inbounds.json << EOF
 {
   "inbounds": [
     {
@@ -109,8 +109,8 @@ cat>$XRAY_DIR/config/inbounds.json<<EOF
 EOF
 }
 
-load_xray_dns(){
-cat>$CONFIG_DIR/dns.json<<EOF
+load_xray_dns() {
+  cat > $CONFIG_DIR/dns.json << EOF
 {
   "dns": {
     "servers": [
@@ -121,8 +121,8 @@ cat>$CONFIG_DIR/dns.json<<EOF
 EOF
 }
 
-load_xray_outbounds(){
-cat>$CONFIG_DIR/outbounds.json<<EOF
+load_xray_outbounds() {
+  cat > $CONFIG_DIR/outbounds.json << EOF
 {
   "outbounds": [
     {
@@ -135,8 +135,8 @@ cat>$CONFIG_DIR/outbounds.json<<EOF
 EOF
 }
 
-load_xray_routing(){
-cat>$CONFIG_DIR/routing.json<<EOF
+load_xray_routing() {
+  cat > $CONFIG_DIR/routing.json << EOF
 {
   "routing": {
     "domainStrategy": "AsIs",
@@ -152,8 +152,8 @@ cat>$CONFIG_DIR/routing.json<<EOF
 EOF
 }
 
-load_update_script(){
-cat>$ASSET_DIR/update.sh<<"EOF"
+load_update_script() {
+  cat > $ASSET_DIR/update.sh << "EOF"
 VERSION=$(curl -sL "https://api.github.com/repos/Loyalsoldier/v2ray-rules-dat/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
 mkdir temp/ && cd temp/
 wget "https://github.com/Loyalsoldier/v2ray-rules-dat/releases/download/$VERSION/geoip.dat"
@@ -162,11 +162,11 @@ wget "https://github.com/Loyalsoldier/v2ray-rules-dat/releases/download/$VERSION
 [ -s "geosite.dat" ] && mv -f geosite.dat ../
 cd ../ && rm -rf temp/
 EOF
-chmod +x $ASSET_DIR/update.sh
+  chmod +x $ASSET_DIR/update.sh
 }
 
-load_radvd_conf(){
-cat>$NETWORK_DIR/radvd/config<<EOF
+load_radvd_conf() {
+  cat > $NETWORK_DIR/radvd/config << EOF
 AdvSendAdvert=on
 AdvManagedFlag=off
 AdvOtherConfigFlag=off
@@ -183,134 +183,134 @@ AdvPreferredLifetime=100
 EOF
 }
 
-load_bypass_ipv4(){
-cat>"$NETWORK_DIR/bypass/ipv4"<<EOF
+load_bypass_ipv4() {
+  cat > $NETWORK_DIR/bypass/ipv4 << EOF
 169.254.0.0/16
 224.0.0.0/3
 EOF
 }
 
-load_bypass_ipv6(){
-cat>"$NETWORK_DIR/bypass/ipv6"<<EOF
+load_bypass_ipv6() {
+  cat > $NETWORK_DIR/bypass/ipv6 << EOF
 fc00::/7
 fe80::/10
 ff00::/8
 EOF
 }
 
-load_network_ipv4(){
-cat>"$NETWORK_DIR/interface/ipv4"<<EOF
+load_network_ipv4() {
+  cat > $NETWORK_DIR/interface/ipv4 << EOF
 ADDRESS=
 GATEWAY=
 FORWARD=true
 EOF
 }
 
-load_network_ipv6(){
-cat>"$NETWORK_DIR/interface/ipv6"<<EOF
+load_network_ipv6() {
+  cat > $NETWORK_DIR/interface/ipv6 << EOF
 ADDRESS=
 GATEWAY=
 FORWARD=true
 EOF
 }
 
-init_dns(){
-cat /dev/null > /etc/resolv.conf
-while read -r row
-do
-  echo "nameserver $row" >> /etc/resolv.conf
-done < $NETWORK_DIR/dns
+init_dns() {
+  cat /dev/null > /etc/resolv.conf
+  while read -r row
+  do
+    echo "nameserver $row" >> /etc/resolv.conf
+  done < $NETWORK_DIR/dns
 }
 
-init_network(){
-ifconfig eth0 down
-ip -4 addr flush dev eth0
-ip -6 addr flush dev eth0
-ifconfig eth0 up
-while read -r row
-do
-  temp=${row#ADDRESS=}
-  [ "$row" != "$temp" ] && ipv4_address=$temp
-  temp=${row#GATEWAY=}
-  [ "$row" != "$temp" ] && ipv4_gateway=$temp
-  temp=${row#FORWARD=}
-  [ "$row" != "$temp" ] && ipv4_forward=$temp
-done < $NETWORK_DIR/interface/ipv4
-[ -n "$ipv4_address" ] && eval "ip -4 addr add $ipv4_address dev eth0"
-[ -n "$ipv4_gateway" ] && eval "ip -4 route add default via $ipv4_gateway"
-if [ -n "$ipv4_forward" ]; then
-  if [ "$ipv4_forward" = "true" ]; then
-    eval "sysctl -w net.ipv4.ip_forward=1"
-  else
-    eval "sysctl -w net.ipv4.ip_forward=0"
+init_network() {
+  ifconfig eth0 down
+  ip -4 addr flush dev eth0
+  ip -6 addr flush dev eth0
+  ifconfig eth0 up
+  while read -r row
+  do
+    temp=${row#ADDRESS=}
+    [ "$row" != "$temp" ] && ipv4_address=$temp
+    temp=${row#GATEWAY=}
+    [ "$row" != "$temp" ] && ipv4_gateway=$temp
+    temp=${row#FORWARD=}
+    [ "$row" != "$temp" ] && ipv4_forward=$temp
+  done < $NETWORK_DIR/interface/ipv4
+  [ -n "$ipv4_address" ] && eval "ip -4 addr add $ipv4_address dev eth0"
+  [ -n "$ipv4_gateway" ] && eval "ip -4 route add default via $ipv4_gateway"
+  if [ -n "$ipv4_forward" ]; then
+    if [ "$ipv4_forward" = "true" ]; then
+      eval "sysctl -w net.ipv4.ip_forward=1"
+    else
+      eval "sysctl -w net.ipv4.ip_forward=0"
+    fi
   fi
-fi
-while read -r row
-do
-  temp=${row#ADDRESS=}
-  [ "$row" != "$temp" ] && ipv6_address=$temp
-  temp=${row#GATEWAY=}
-  [ "$row" != "$temp" ] && ipv6_gateway=$temp
-  temp=${row#FORWARD=}
-  [ "$row" != "$temp" ] && ipv6_forward=$temp
-done < $NETWORK_DIR/interface/ipv6
-[ -n "$ipv6_address" ] && eval "ip -6 addr add $ipv6_address dev eth0"
-[ -n "$ipv6_gateway" ] && eval "ip -6 route add default via $ipv6_gateway"
-if [ -n "$ipv6_forward" ]; then
-  if [ "$ipv6_forward" = "true" ]; then
-    eval "sysctl -w net.ipv6.conf.all.forwarding=1"
-  else
-    eval "sysctl -w net.ipv6.conf.all.forwarding=0"
+  while read -r row
+  do
+    temp=${row#ADDRESS=}
+    [ "$row" != "$temp" ] && ipv6_address=$temp
+    temp=${row#GATEWAY=}
+    [ "$row" != "$temp" ] && ipv6_gateway=$temp
+    temp=${row#FORWARD=}
+    [ "$row" != "$temp" ] && ipv6_forward=$temp
+  done < $NETWORK_DIR/interface/ipv6
+  [ -n "$ipv6_address" ] && eval "ip -6 addr add $ipv6_address dev eth0"
+  [ -n "$ipv6_gateway" ] && eval "ip -6 route add default via $ipv6_gateway"
+  if [ -n "$ipv6_forward" ]; then
+    if [ "$ipv6_forward" = "true" ]; then
+      eval "sysctl -w net.ipv6.conf.all.forwarding=1"
+    else
+      eval "sysctl -w net.ipv6.conf.all.forwarding=0"
+    fi
   fi
-fi
 }
 
-init_radvd(){
-while read -r row
-do
-  temp=${row#AdvSendAdvert=}
-  [ "$row" != "$temp" ] && AdvSendAdvert=$temp
-  temp=${row#AdvManagedFlag=}
-  [ "$row" != "$temp" ] && AdvManagedFlag=$temp
-  temp=${row#AdvOtherConfigFlag=}
-  [ "$row" != "$temp" ] && AdvOtherConfigFlag=$temp
-  temp=${row#MinRtrAdvInterval=}
-  [ "$row" != "$temp" ] && MinRtrAdvInterval=$temp
-  temp=${row#MaxRtrAdvInterval=}
-  [ "$row" != "$temp" ] && MaxRtrAdvInterval=$temp
-  temp=${row#MinDelayBetweenRAs=}
-  [ "$row" != "$temp" ] && MinDelayBetweenRAs=$temp
-  temp=${row#AdvOnLink=}
-  [ "$row" != "$temp" ] && AdvOnLink=$temp
-  temp=${row#AdvAutonomous=}
-  [ "$row" != "$temp" ] && AdvAutonomous=$temp
-  temp=${row#AdvRouterAddr=}
-  [ "$row" != "$temp" ] && AdvRouterAddr=$temp
-  temp=${row#AdvValidLifetime=}
-  [ "$row" != "$temp" ] && AdvValidLifetime=$temp
-  temp=${row#AdvPreferredLifetime=}
-  [ "$row" != "$temp" ] && AdvPreferredLifetime=$temp
-done < $NETWORK_DIR/radvd/config
+init_radvd() {
+  while read -r row
+  do
+    temp=${row#AdvSendAdvert=}
+    [ "$row" != "$temp" ] && AdvSendAdvert=$temp
+    temp=${row#AdvManagedFlag=}
+    [ "$row" != "$temp" ] && AdvManagedFlag=$temp
+    temp=${row#AdvOtherConfigFlag=}
+    [ "$row" != "$temp" ] && AdvOtherConfigFlag=$temp
+    temp=${row#MinRtrAdvInterval=}
+    [ "$row" != "$temp" ] && MinRtrAdvInterval=$temp
+    temp=${row#MaxRtrAdvInterval=}
+    [ "$row" != "$temp" ] && MaxRtrAdvInterval=$temp
+    temp=${row#MinDelayBetweenRAs=}
+    [ "$row" != "$temp" ] && MinDelayBetweenRAs=$temp
+    temp=${row#AdvOnLink=}
+    [ "$row" != "$temp" ] && AdvOnLink=$temp
+    temp=${row#AdvAutonomous=}
+    [ "$row" != "$temp" ] && AdvAutonomous=$temp
+    temp=${row#AdvRouterAddr=}
+    [ "$row" != "$temp" ] && AdvRouterAddr=$temp
+    temp=${row#AdvValidLifetime=}
+    [ "$row" != "$temp" ] && AdvValidLifetime=$temp
+    temp=${row#AdvPreferredLifetime=}
+    [ "$row" != "$temp" ] && AdvPreferredLifetime=$temp
+  done < $NETWORK_DIR/radvd/config
 
-RADVD_CONF="/etc/radvd.conf"
-echo "interface eth0 {" > $RADVD_CONF
-[ -n "$AdvSendAdvert" ] && echo "    AdvSendAdvert $AdvSendAdvert;" >> $RADVD_CONF
-[ -n "$AdvManagedFlag" ] && echo "    AdvManagedFlag $AdvManagedFlag;" >> $RADVD_CONF
-[ -n "$AdvOtherConfigFlag" ] && echo "    AdvOtherConfigFlag $AdvOtherConfigFlag;" >> $RADVD_CONF
-[ -n "$MinRtrAdvInterval" ] && echo "    MinRtrAdvInterval $MinRtrAdvInterval;" >> $RADVD_CONF
-[ -n "$MaxRtrAdvInterval" ] && echo "    MaxRtrAdvInterval $MaxRtrAdvInterval;" >> $RADVD_CONF
-[ -n "$MinDelayBetweenRAs" ] && echo "    MinDelayBetweenRAs $MinDelayBetweenRAs;" >> $RADVD_CONF
-if [ -n "$ipv6_address" ]; then
-  echo "    prefix $ipv6_address {" >> $RADVD_CONF
-  [ -n "$AdvOnLink" ] && echo "        AdvOnLink $AdvOnLink;" >> $RADVD_CONF
-  [ -n "$AdvAutonomous" ] && echo "        AdvAutonomous $AdvAutonomous;" >> $RADVD_CONF
-  [ -n "$AdvRouterAddr" ] && echo "        AdvRouterAddr $AdvRouterAddr;" >> $RADVD_CONF
-  [ -n "$AdvValidLifetime" ] && echo "        AdvValidLifetime $AdvValidLifetime;" >> $RADVD_CONF
-  [ -n "$AdvPreferredLifetime" ] && echo "        AdvPreferredLifetime $AdvPreferredLifetime;" >> $RADVD_CONF
-  echo "    };" >> $RADVD_CONF
-fi
-echo "};" >> $RADVD_CONF
-radvd -C $RADVD_CONF
+  RADVD_CONF="/etc/radvd.conf"
+  echo "interface eth0 {" > $RADVD_CONF
+  [ -n "$AdvSendAdvert" ] && echo "    AdvSendAdvert $AdvSendAdvert;" >> $RADVD_CONF
+  [ -n "$AdvManagedFlag" ] && echo "    AdvManagedFlag $AdvManagedFlag;" >> $RADVD_CONF
+  [ -n "$AdvOtherConfigFlag" ] && echo "    AdvOtherConfigFlag $AdvOtherConfigFlag;" >> $RADVD_CONF
+  [ -n "$MinRtrAdvInterval" ] && echo "    MinRtrAdvInterval $MinRtrAdvInterval;" >> $RADVD_CONF
+  [ -n "$MaxRtrAdvInterval" ] && echo "    MaxRtrAdvInterval $MaxRtrAdvInterval;" >> $RADVD_CONF
+  [ -n "$MinDelayBetweenRAs" ] && echo "    MinDelayBetweenRAs $MinDelayBetweenRAs;" >> $RADVD_CONF
+  if [ -n "$ipv6_address" ]; then
+    echo "    prefix $ipv6_address {" >> $RADVD_CONF
+    [ -n "$AdvOnLink" ] && echo "        AdvOnLink $AdvOnLink;" >> $RADVD_CONF
+    [ -n "$AdvAutonomous" ] && echo "        AdvAutonomous $AdvAutonomous;" >> $RADVD_CONF
+    [ -n "$AdvRouterAddr" ] && echo "        AdvRouterAddr $AdvRouterAddr;" >> $RADVD_CONF
+    [ -n "$AdvValidLifetime" ] && echo "        AdvValidLifetime $AdvValidLifetime;" >> $RADVD_CONF
+    [ -n "$AdvPreferredLifetime" ] && echo "        AdvPreferredLifetime $AdvPreferredLifetime;" >> $RADVD_CONF
+    echo "    };" >> $RADVD_CONF
+  fi
+  echo "};" >> $RADVD_CONF
+  radvd -C $RADVD_CONF
 }
 
 mkdir -p $LOG_DIR

tproxy.sh

@@ -1,44 +1,75 @@
 #!/bin/sh
-trap "echo \"Get exit signal\" && exit" 2 15
-[ -f "/etc/xray/expose/custom.sh" ] && sh /etc/xray/expose/custom.sh
-
-# IPv4 tproxy settings
-ip -4 rule add fwmark 1 table 100
-ip -4 route add local 0.0.0.0/0 dev lo table 100
-iptables -t mangle -N XRAY
-
-for cidr in $(ip -4 addr | grep -w "inet" | awk '{print $2}') # bypass local ipv4 range
-do
-  eval "iptables -t mangle -A XRAY -d $cidr -j RETURN"
-done
-
-while read -r cidr # bypass custom ipv4 range
-do
-  eval "iptables -t mangle -A XRAY -d $cidr -j RETURN"
-done < /etc/xray/expose/network/bypass/ipv4
-
-iptables -t mangle -A XRAY -p tcp -j TPROXY --on-port 7288 --tproxy-mark 1
-iptables -t mangle -A XRAY -p udp -j TPROXY --on-port 7288 --tproxy-mark 1
-iptables -t mangle -A PREROUTING -j XRAY
-
-# IPv6 tproxy settings
-ip -6 rule add fwmark 1 table 106
-ip -6 route add local ::/0 dev lo table 106
-ip6tables -t mangle -N XRAY6
-
-for cidr in $(ip -6 addr | grep -w "inet6" | awk '{print $2}') # bypass local ipv6 range
-do
-  eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN"
-done
-
-while read -r cidr # bypass custom ipv6 range
-do
-  eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN"
-done < /etc/xray/expose/network/bypass/ipv6
-
-ip6tables -t mangle -A XRAY6 -p tcp -j TPROXY --on-port 7289 --tproxy-mark 1
-ip6tables -t mangle -A XRAY6 -p udp -j TPROXY --on-port 7289 --tproxy-mark 1
-ip6tables -t mangle -A PREROUTING -j XRAY6
 
+exit_func() { # doing before exit
+  echo "[TProxy] Get exit signal."
+  kill -15 -1 # send SIGTERM to all process
+
+  while [ "$(ps -ef | grep -cv "PID\|ps -ef\|\[")" != "2" ] # remain itself and it's fork $(...)
+  do
+    usleep 10000 # wait 10ms
+  done
+
+  echo "[TProxy] All subprocess exit."
+  exit
+}
+
+ipv4_tproxy() { # IPv4 tproxy settings
+  ip -4 rule add fwmark 1 table 100
+  ip -4 route add local 0.0.0.0/0 dev lo table 100
+  iptables -t mangle -N XRAY
+
+  for cidr in $(ip -4 addr | grep -w "inet" | awk '{print $2}') # bypass local ipv4 range
+  do
+    echo "[TProxy] IPv4 bypass $cidr"
+    eval "iptables -t mangle -A XRAY -d $cidr -j RETURN"
+  done
+
+  while read -r cidr # bypass custom ipv4 range
+  do
+    echo "[TProxy] IPv4 bypass $cidr"
+    eval "iptables -t mangle -A XRAY -d $cidr -j RETURN"
+  done < /etc/xray/expose/network/bypass/ipv4
+
+  iptables -t mangle -A XRAY -p tcp -j TPROXY --on-port 7288 --tproxy-mark 1
+  iptables -t mangle -A XRAY -p udp -j TPROXY --on-port 7288 --tproxy-mark 1
+  iptables -t mangle -A PREROUTING -j XRAY
+}
+
+ipv6_tproxy() { # IPv6 tproxy settings
+  ip -6 rule add fwmark 1 table 106
+  ip -6 route add local ::/0 dev lo table 106
+  ip6tables -t mangle -N XRAY6
+
+  for cidr in $(ip -6 addr | grep -w "inet6" | awk '{print $2}') # bypass local ipv6 range
+  do
+    echo "[TProxy] IPv6 bypass $cidr"
+    eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN"
+  done
+
+  while read -r cidr # bypass custom ipv6 range
+  do
+    echo "[TProxy] IPv6 bypass $cidr"
+    eval "ip6tables -t mangle -A XRAY6 -d $cidr -j RETURN"
+  done < /etc/xray/expose/network/bypass/ipv6
+
+  ip6tables -t mangle -A XRAY6 -p tcp -j TPROXY --on-port 7289 --tproxy-mark 1
+  ip6tables -t mangle -A XRAY6 -p udp -j TPROXY --on-port 7289 --tproxy-mark 1
+  ip6tables -t mangle -A PREROUTING -j XRAY6
+}
+
+
+trap exit_func 2 15 # SIGINT and SIGTERM signal
+
+echo "[TProxy] Server start."
+echo "[TProxy] Init network environment."
+ipv4_tproxy
+ipv6_tproxy
 sh /etc/xray/load.sh
-xray -confdir /etc/xray/config/ # start xray server
+echo "[TProxy] Init complete."
+
+echo "[TProxy] Running custom script."
+custom_script="/etc/xray/expose/custom.sh"
+[ -f "$custom_script" ] && sh $custom_script
+
+echo "[TProxy] Start xray service."
+xray -confdir /etc/xray/config/