my-singbox-example/singbox.sh

#!/usr/bin/env bash
# install_singbox.sh
# 一键安装 Sing-box 并配置为 systemd 服务，自动生成 VLESS Reality 所需字段，用户自定义 name 字段，并输出完整链接

set -euo pipefail

### —— 0. 用户输入 —— ###
read -rp "请输入用户名称 (name 字段，例如 AK-JP-100G)：" NAME
if [[ -z "$NAME" ]]; then
  echo "名称不能为空，退出。" >&2
  exit 1
fi

echo "将使用的 name 字段：${NAME}"

### —— 1. 安装 Sing-box —— ###
# 使用官方一键脚本安装内核
if command -v apt-get &>/dev/null; then
  echo "检测到 Debian/Ubuntu，使用官方 deb 安装脚本..."
  bash <(curl -fsSL https://sing-box.app/deb-install.sh)
elif command -v dnf &>/dev/null || command -v yum &>/dev/null; then
  echo "检测到 RHEL/CentOS，使用官方 rpm 安装脚本..."
  bash <(curl -fsSL https://sing-box.app/rpm-install.sh)
elif command -v pacman &>/dev/null; then
  echo "检测到 Arch Linux，使用官方 arch 安装脚本..."
  bash <(curl -fsSL https://sing-box.app/arch-install.sh)
else
  echo "不支持的发行版，请手动安装 Sing-box 内核" >&2
  exit 1
fi

echo "Sing-box 安装完成：$(sing-box version)"

### —— 2. 生成配置及字段 —— ###
# UUID
UUID=$(sing-box generate uuid)
# Reality 密钥对
KEY_OUTPUT=$(sing-box generate reality-keypair)
PRIVATE_KEY=$(echo "$KEY_OUTPUT" | awk -F": " '/PrivateKey/ {print $2}')
PUB_KEY=$(echo "$KEY_OUTPUT" | awk -F": " '/PublicKey/ {print $2}')
# Short ID
SHORT_ID=$(openssl rand -hex 8)
# uTLS 浏览器指纹，可自定义
FP="chrome"

# 配置目录
CONFIG_DIR=/etc/singbox
echo "创建配置目录：${CONFIG_DIR}"
mkdir -p "$CONFIG_DIR"

# 写入配置文件
cat > "$CONFIG_DIR/config.json" << EOF
{
  "log": { "level": "info" },
  "dns": { "servers": [{ "address": "tls://8.8.8.8" }] },
  "inbounds": [
    {
      "type": "vless",
      "tag": "VLESSReality",
      "listen": "::",
      "listen_port": 443,
      "users": [ { "name": "${NAME}", "uuid": "${UUID}", "flow": "xtls-rprx-vision" } ],
      "tls": { "enabled": true, "server_name": "s0.awsstatic.com",
        "reality": {
          "enabled": true,
          "handshake": { "server": "s0.awsstatic.com", "server_port": 443 },
          "private_key": "${PRIVATE_KEY}",
          "short_id": ["${SHORT_ID}"]
        }
      }
    }
  ],
  "outbounds": [ { "type": "direct" }, { "type": "dns", "tag": "dns-out" } ],
  "route": { "rules": [ { "protocol": "dns", "outbound": "dns-out" } ] }
}
EOF

echo "配置文件已写入：${CONFIG_DIR}/config.json"

### —— 3. 创建并启动 systemd 服务 —— ###
SERVICE_FILE=/etc/systemd/system/singbox.service
cat > "$SERVICE_FILE" << 'EOF'
[Unit]
Description=sing-box service
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/sing-box run -c /etc/singbox/config.json
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
if ! systemctl is-enabled singbox.service &>/dev/null; then
  systemctl enable singbox.service
fi
systemctl restart singbox.service

echo "服务已启动："
systemctl status singbox.service --no-pager

### —— 4. 输出 VLESS Reality 链接 —— ###
SERVER_IP=$(curl -s https://ifconfig.me)
PORT=443
SNI="s0.awsstatic.com"
SPX="/"
LINK="vless://${UUID}@${SERVER_IP}:${PORT}?security=reality&sni=${SNI}&fp=${FP}&pbk=${PUB_KEY}&sid=${SHORT_ID}&spx=${SPX}&type=tcp&flow=xtls-rprx-vision&encryption=none#${NAME}"

echo
echo "====== 您的 VLESS Reality 链接 ======"
echo "$LINK"