#!/bin/sh

if [ -z "$(uci -q get xray.main)" ]; then
	touch /etc/config/xray
	uci batch <<-EOF
		set xray.main=xray
		set xray.main.xray_file='/usr/bin/xray'
		set xray.main.mem_percentage='0'
		set xray.main.loglevel='error'
		set xray.main.access_log='/dev/null'
		set xray.main.error_log='/dev/null'
		set xray.main.enabled='0'
		set xray.main.outbounds='omrout'
		set xray.main.inbounds='omr'
		add_list xray.main.inbounds='omrtest'
		set xray.main_dns=dns
		set xray.main_dns.hosts='example.com|127.0.0.1'
		set xray.main_dns.enabled='0'
		set xray.main_policy=policy
		set xray.main_policy.enabled='1'
		set xray.main_policy.levels='policy_level_0'
		set xray.policy_level_0=policy_level
		set xray.policy_level_0.level='0'
		set xray.policy_level_0.handshake='4'
		set xray.policy_level_0.conn_idle='1200'
		set xray.policy_level_0.uplink_only='0'
		set xray.policy_level_0.downlink_only='0'
		set xray.policy_level_0.buffer_size='512'
		set xray.main_transparent_proxy=transparent_proxy
		set xray.main_transparent_proxy.proxy_mode='default'
		set xray.main_transparent_proxy.apnic_delegated_mirror='apnic'
		set xray.main_transparent_proxy.gfwlist_mirror='github'
		set xray.main_transparent_proxy.redirect_udp='0'
		set xray.main_transparent_proxy.redirect_port='1897'
		set xray.omrout=outbound
		set xray.omrout.tag='omrout_tunnel'
		set xray.omrout.protocol='vless'
		set xray.omrout.s_vmess_address=''
		set xray.omrout.s_vmess_port='65250'
		set xray.omrout.s_vmess_user_id=''
		set xray.omrout.s_vmess_user_security='none'
		set xray.omrout.s_vmess_user_alter_id='0'
		set xray.omrout.s_vless_address=''
		set xray.omrout.s_vless_port='65248'
		set xray.omrout.s_vless_user_id=''
		set xray.omrout.s_vless_user_security='none'
		set xray.omrout.s_vless_user_encryption='none'
		set xray.omrout.s_vless_user_alter_id='0'
		set xray.omrout.s_trojan_address=''
		set xray.omrout.s_trojan_port='65249'
		set xray.omrout.s_trojan_user_id=''
		set xray.omrout.s_trojan_user_security='none'
		set xray.omrout.s_trojan_user_encryption='none'
		set xray.omrout.s_trojan_user_alter_id='0'
		set xray.omrout.s_socks_address=''
		set xray.omrout.s_socks_port='65251'
		set xray.omrout.s_socks_user_id=''
		set xray.omrout.s_socks_user_security='none'
		set xray.omrout.s_socks_user_encryption='none'
		set xray.omrout.s_socks_user_alter_id='0'
		set xray.omrout.ss_network='tcp'
		set xray.omrout.ss_security='tls'
		set xray.omrout.ss_tls_allow_insecure='1'
		set xray.omrout.ss_tls_disable_system_root='1'
		set xray.omrout.ss_tls_cert_usage='verify'
		set xray.omrout.ss_tls_cert_file='/etc/luci-uploads/client.crt'
		set xray.omrout.ss_tls_key_file='/etc/luci-uploads/client.key'
		set xray.omrout.s_shadowsocks_port='65252'
		set xray.omrout.mux_concurrency='8'
		set xray.omrout.ss_sockopt_mptcp='1'
		set xray.omr=inbound
		set xray.omr.tag='omrtunnel'
		set xray.omr.listen='0.0.0.0'
		set xray.omr.port='1897'
		set xray.omr.protocol='dokodemo-door'
		set xray.omr.s_dokodemo_door_network='tcp'
		add_list xray.omr.s_dokodemo_door_network='udp'
		set xray.omr.ss_sockopt_tproxy='redirect'
		set xray.omr.ss_sockopt_tcp_fast_open='1'
		set xray.omr.ss_sockopt_mptcp='1'
		set xray.omr.s_dokodemo_door_follow_redirect='1'
		set xray.omr6=inbound
		set xray.omr6.tag='omrtunnel6'
		set xray.omr6.listen='::'
		set xray.omr6.port='1898'
		set xray.omr6.protocol='dokodemo-door'
		set xray.omr6.s_dokodemo_door_network='tcp'
		add_list xray.omr6.s_dokodemo_door_network='udp'
		set xray.omr6.ss_sockopt_tproxy='tproxy'
		set xray.omr6.ss_sockopt_tcp_fast_open='1'
		set xray.omr6.s_dokodemo_door_follow_redirect='1'
		set xray.omrtest=inbound
		set xray.omrtest.port='1111'
		set xray.omrtest.protocol='socks'
		set xray.omrtest.listen='127.0.0.1'
		set xray.omrtest.s_socks_auth='noauth'
		set xray.omrtest.s_socks_udp='1'
		set xray.omrtest.s_socks_ip='127.0.0.1'
		set xray.omrtest.s_socks_userlevel='0'
		commit xray
	EOF
fi
uci -q batch <<-EOF >/dev/null
	set xray.omr.listen='0.0.0.0'
	commit xray
EOF

if [ "$(uci -q get firewall.xray)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set firewall.xray=include
		set firewall.xray.path=/etc/firewall.xray-rules
		set firewall.xray.reload=0
		commit firewall
	EOF
fi
if [ "$(uci -q get firewall.xray.path)" != "/etc/firewall.xray-rules" ]; then
	uci -q batch <<-EOF >/dev/null
		set firewall.xray.path=/etc/firewall.xray-rules
		commit firewall
	EOF
fi

if [ "$(uci -q get xray.main_reverse.bridges | grep omrbridge)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.main_reverse=reverse
		set xray.main_reverse.enabled=1
		set xray.main_reverse.bridges='omrbridge|omr.lan'
		commit xray
	EOF
fi
if [ "$(uci -q get xray.omrrouting)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.omrexit=outbound
		set xray.omrexit.protocol='freedom'
		set xray.omrexit.tag='out'
		add_list xray.main.outbounds=omrexit
		set xray.omrrouting=routing_rule
		set xray.omrrouting.type='field'
		set xray.omrrouting.inbound_tag='omrbridge'
		set xray.omrrouting.outbound_tag='omrout_tunnel'
		set xray.omrrouting.domain='full:omr.lan'
		set xray.omrroutingo=routing_rule
		set xray.omrroutingo.type='field'
		set xray.omrroutingo.inbound_tag='omrbridge'
		set xray.omrroutingo.outbound_tag='out'
		set xray.main_routing=routing
		set xray.main_routing.enabled=1
		set xray.main_routing.rules='omrrouting'
		add_list xray.main_routing.rules='omrroutingo'
		commit xray
	EOF
fi

if [ "$(uci -q get xray.main.error_log)" != "/dev/null" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.main.error_log='/dev/null'
		commit xray
	EOF
fi
#if [ "$(uci -q get xray.main.mem_percentage)" = "0" ]; then
#	uci -q batch <<-EOF >/dev/null
#		set xray.main.mem_percentage='80'
#		commit xray
#	EOF
#fi
if [ "$(uci -q get xray.policy_level_0.conn_idle)" = "2400" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.policy_level_0.conn_idle='1200'
		commit xray
	EOF
fi

if [ "$(uci -q get xray.omrout.s_vmess_port)" = "65230" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.omrout.s_vmess_port='65250'
		commit xray
	EOF
fi

if [ "$(uci -q get xray.omrout.s_trojan_port)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.omrout.s_trojan_address=''
		set xray.omrout.s_trojan_port='65249'
		set xray.omrout.s_trojan_user_id=''
		set xray.omrout.s_trojan_user_security='none'
		set xray.omrout.s_trojan_user_encryption='none'
		set xray.omrout.s_trojan_user_alter_id='0'
		commit xray
	EOF
fi
if [ "$(uci -q get xray.omrout.s_socks_port)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.omrout.s_socks_address=''
		set xray.omrout.s_socks_port='65251'
		set xray.omrout.s_socks_user_id=''
		set xray.omrout.s_socks_user_security='none'
		set xray.omrout.s_socks_user_encryption='none'
		set xray.omrout.s_socks_user_alter_id='0'
		commit xray
	EOF
fi
if [ "$(uci -q get xray.omrout.s_shadowsocks_port)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.omrout.s_shadowsocks_address=''
		set xray.omrout.s_shadowsocks_port='65252'
		commit xray
	EOF
fi
if [ "$(uci -q get xray.omrout.s_vless_reality_port)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.omrout.s_vless_reality_address=''
		set xray.omrout.s_vless_reality_port='443'
		set xray.omrout.s_vless_reality_flow='xtls-rprx-vision'
		set xray.omrout.s_vless_reality_user_id=''
		set xray.omrout.s_vless_reality_user_security='none'
		set xray.omrout.s_vless_reality_user_encryption='none'
		set xray.omrout.s_vless_reality_user_alter_id='0'
		commit xray
	EOF
fi

if [ "$(uci -q get xray.omrout.ss_sockopt_mptcp)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set xray.omrout.ss_sockopt_mptcp='1'
		commit xray
	EOF
fi

exit 0