diff --git a/.editorconfig b/.editorconfig
index f5df4e8..403a682 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -8,9 +8,13 @@ charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true
-[windows.xml]
+[{windows.xml,windows-*.xml}]
end_of_line = crlf
+[windows-frpc.xml]
+charset = utf-16-le
+indent_size = 2
+
[*.{bat,cmd,ps1}]
end_of_line = crlf
diff --git a/README.en.md b/README.en.md
index 9192f47..e50f003 100644
--- a/README.en.md
+++ b/README.en.md
@@ -34,7 +34,7 @@ The system requirements for the target system are as follows:
| 
Alpine | 3.18, 3.19, 3.20, 3.21 | 256 MB | 1 GB |
| 
Debian | 9, 10, 11, 12 | 256 MB | 1 ~ 1.5 GB ^ |
| 
Kali | Rolling | 256 MB | 1 ~ 1.5 GB ^ |
-| 
Ubuntu | 16.04 LTS - 24.04 LTS, 25.04 | 512 MB \* | 2 GB |
+| 
Ubuntu | 16.04 LTS - 24.04 LTS, 25.04 | 512 MB \* | 2 GB |
| 
Anolis | 7, 8, 23 | 512 MB \* | 5 GB |
| 
RHEL 
AlmaLinux 
Rocky 
Oracle | 8, 9 | 512 MB \* | 5 GB |
| 
OpenCloudOS | 8, 9, Stream 23 | 512 MB \* | 5 GB |
@@ -42,7 +42,7 @@ The system requirements for the target system are as follows:
| 
Fedora | 41, 42 | 512 MB \* | 5 GB |
| 
openEuler | 20.03 LTS - 24.03 LTS, 25.03 | 512 MB \* | 5 GB |
| 
openSUSE | Leap 15.6, Tumbleweed (Rolling) | 512 MB \* | 5 GB |
-| 
NixOS | 24.11 | 512 MB | 5 GB |
+| 
NixOS | 24.11 | 512 MB | 5 GB |
| 
Arch | Rolling | 512 MB | 5 GB |
| 
Gentoo | Rolling | 512 MB | 5 GB |
| 
AOSC OS | Rolling | 512 MB | 5 GB |
@@ -160,6 +160,7 @@ bash reinstall.sh anolis 7|8|23
- `--ssh-key C:\path\to\public_key`
- `--ssh-port PORT` Change the SSH port (for log observation during installation and for the new system)
- `--web-port PORT` Change the Web port (for log observation during installation)
+- `--frpc-toml /path/to/frpc.toml` Add frpc for intranet tunneling
- `--hold 2` Prevent reboot after installation completes, allowing SSH login to modify system content; the system is mounted at `/os` (this feature is not supported on Debian/Kali).
> [!TIP]
@@ -212,10 +213,11 @@ bash reinstall.sh dd --img "https://example.com/xxx.xz"
#### Optional parameters
-- `--allow-ping` Allow ping responses (DD Windows only)
+- `--allow-ping` Configure Windows Firewall to Allow Ping Responses (DD Windows only)
- `--rdp-port PORT` Change RDP port (DD Windows only)
- `--ssh-port PORT` Change SSH port (for log observation during installation)
- `--web-port PORT` Change Web port (for log observation during installation)
+- `--frpc-toml /path/to/frpc.toml` Add frpc for intranet tunneling (DD Windows only)
- `--hold 2` Prevent reboot after the DD process finishes, allowing SSH login to modify system content. The Windows system will be mounted at `/os`, but Linux systems will **NOT** be automatically mounted.
> [!TIP]
@@ -245,6 +247,7 @@ bash reinstall.sh alpine --hold=1
- `--ssh-key gitlab:your_username`
- `--ssh-key /path/to/public_key`
- `--ssh-key C:\path\to\public_key`
+- `--frpc-toml /path/to/frpc.toml` Add frpc for intranet tunneling
### Feature 4: Reboot to 
netboot.xyz
@@ -384,13 +387,14 @@ bash reinstall.sh windows \
#### Optional parameters
- `--password PASSWORD` Set Password
-- `--allow-ping` Configures the Windows firewall to allow ping requests
+- `--allow-ping` Configure Windows Firewall to Allow Ping Responses
- `--rdp-port PORT` Change RDP port
- `--ssh-port PORT` Change SSH port (for log observation during installation)
- `--web-port PORT` Change Web port (for log observation during installation)
- `--add-driver INF_OR_DIR` Add additional driver, specifying .inf path, or the folder contains .inf file.
- The driver must be downloaded locally first.
- This parameter can be set multiple times to add different driver.
+- `--frpc-toml /path/to/frpc.toml` Add frpc for intranet tunneling
- `--hold 2` Allow SSH connections for modifying the disk content before rebooting into the official Windows installation program, with the disk mounted at `/os`.
#### The following drivers will automatic download and install as needed, without the need for manual addition
diff --git a/README.md b/README.md
index d34f4d1..af7c6c5 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@
| Alpine | 3.18, 3.19, 3.20, 3.21 | 256 MB | 1 GB |
| Debian | 9, 10, 11, 12 | 256 MB | 1 ~ 1.5 GB ^ |
| Kali | 滚动 | 256 MB | 1 ~ 1.5 GB ^ |
-| Ubuntu | 16.04 LTS - 24.04 LTS, 25.04 | 512 MB \* | 2 GB |
+| Ubuntu | 16.04 LTS - 24.04 LTS, 25.04 | 512 MB \* | 2 GB |
| Anolis | 7, 8, 23 | 512 MB \* | 5 GB |
| RHEL AlmaLinux Rocky Oracle | 8, 9 | 512 MB \* | 5 GB |
| OpenCloudOS | 8, 9, Stream 23 | 512 MB \* | 5 GB |
@@ -42,7 +42,7 @@
| Fedora | 41, 42 | 512 MB \* | 5 GB |
| openEuler | 20.03 LTS - 24.03 LTS, 25.03 | 512 MB \* | 5 GB |
| openSUSE | Leap 15.6, Tumbleweed (滚动) | 512 MB \* | 5 GB |
-| NixOS | 24.11 | 512 MB | 5 GB |
+| NixOS | 24.11 | 512 MB | 5 GB |
| Arch | 滚动 | 512 MB | 5 GB |
| Gentoo | 滚动 | 512 MB | 5 GB |
| 安同 OS | 滚动 | 512 MB | 5 GB |
@@ -160,6 +160,7 @@ bash reinstall.sh anolis 7|8|23
- `--ssh-key C:\path\to\public_key`
- `--ssh-port PORT` 修改 SSH 端口(安装期间观察日志用,也作用于新系统)
- `--web-port PORT` 修改 Web 端口(安装期间观察日志用)
+- `--frpc-toml /path/to/frpc.toml` 添加 frpc 内网穿透
- `--hold 2` 安装结束后不重启,此时可以 SSH 登录修改系统内容,系统挂载在 `/os` (此功能不支持 Debian/Kali)
> [!TIP]
@@ -212,10 +213,11 @@ bash reinstall.sh dd --img "https://example.com/xxx.xz"
#### 可选参数
-- `--allow-ping` 允许被 Ping (仅限 DD Windows)
+- `--allow-ping` 设置 Windows 防火墙允许被 Ping (仅限 DD Windows)
- `--rdp-port PORT` 修改 RDP 端口 (仅限 DD Windows)
- `--ssh-port PORT` 修改 SSH 端口(安装期间观察日志用)
- `--web-port PORT` 修改 Web 端口(安装期间观察日志用)
+- `--frpc-toml /path/to/frpc.toml` 添加 frpc 内网穿透(仅限 DD Windows)
- `--hold 2` DD 结束后不重启,此时可以 SSH 登录修改系统内容,Windows 系统会挂载在 `/os`,Linux 系统**不会**自动挂载
> [!TIP]
@@ -245,6 +247,7 @@ bash reinstall.sh alpine --hold=1
- `--ssh-key gitlab:your_username`
- `--ssh-key /path/to/public_key`
- `--ssh-key C:\path\to\public_key`
+- `--frpc-toml /path/to/frpc.toml` 添加 frpc 内网穿透
### 功能 4: 重启到 netboot.xyz
@@ -391,6 +394,7 @@ bash reinstall.sh windows \
- `--add-driver INF_OR_DIR` 添加额外驱动,填写 .inf 路径,或者 .inf 所在的文件夹
- 需先下载驱动到本地
- 可多次设置该参数以添加不同的驱动
+- `--frpc-toml /path/to/frpc.toml` 添加 frpc 内网穿透
- `--hold 2` 在进入 Windows 官方安装程序之前,可以 SSH 登录修改硬盘内容,硬盘挂载在 `/os`
#### 以下驱动会自动按需下载安装,无需手动添加
diff --git a/debian.cfg b/debian.cfg
index e30e4d9..80047ba 100644
--- a/debian.cfg
+++ b/debian.cfg
@@ -164,6 +164,7 @@ d-i partman/early_command string true; \
# kali ssh 默认关闭
# 另一种方法处理 cloudcone
# if [ "$link_grub_dir" = 1 ]; then mkdir /target/boot/grub2; echo 'chainloader (hd0)+1' >/target/boot/grub2/grub.cfg; fi; \
+# debian 9 tar 不支持 --strip-components
d-i preseed/late_command string true; \
for str in $(grep -wo "extra_[^ ]*" /proc/cmdline | sed 's/^extra_//'); do eval "$str"; done; \
@@ -186,6 +187,22 @@ d-i preseed/late_command string true; \
echo "Port $ssh_port" >>/target/etc/ssh/sshd_config; \
fi; \
+ if [ -s /configs/frpc.toml ]; then \
+ url=$(sh /get-frpc-url.sh linux); \
+ basename=$(echo "$url" | sed 's,.*/,,' | sed 's,\.tar\.gz,,'); \
+ mkdir -p /target/usr/local/bin; \
+ mkdir -p /target/usr/local/etc/frpc; \
+ for i in {1..5}; do \
+ wget -O /target/frpc.tar.gz "$url" && break; \
+ done; \
+ tar xzf /target/frpc.tar.gz "$basename/frpc" -O >/target/usr/local/bin/frpc; \
+ rm -f /target/frpc.tar.gzx; \
+ chmod a+x /target/usr/local/bin/frpc; \
+ cp /configs/frpc.toml /target/usr/local/etc/frpc/; \
+ cp /frpc.service /target/etc/systemd/system/; \
+ in-target systemctl enable frpc; \
+ fi; \
+
cp /fix-eth-name.sh /target/; \
cp /fix-eth-name.service /target/etc/systemd/system/; \
in-target systemctl enable fix-eth-name
diff --git a/frpc-example.toml b/frpc-example.toml
new file mode 100644
index 0000000..f549500
--- /dev/null
+++ b/frpc-example.toml
@@ -0,0 +1,24 @@
+serverAddr = "YOUR_FRP_SERVER_IP"
+serverPort = 7000
+auth.token = "YOUR_FRP_TOKEN"
+
+[[proxies]]
+name = "ssh"
+type = "tcp"
+localIP = "127.0.0.1"
+localPort = 22
+remotePort = 2222
+
+[[proxies]]
+name = "rdp_tcp"
+type = "tcp"
+localIP = "127.0.0.1"
+localPort = 3389
+remotePort = 33890
+
+[[proxies]]
+name = "rdp_udp"
+type = "udp"
+localIP = "127.0.0.1"
+localPort = 3389
+remotePort = 33890
diff --git a/frpc.service b/frpc.service
new file mode 100644
index 0000000..ba56d04
--- /dev/null
+++ b/frpc.service
@@ -0,0 +1,17 @@
+# https://github.com/archlinuxcn/repo/blob/master/archlinuxcn/frp/frpc.service
+
+[Unit]
+Description=Frp Client Service
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=nobody
+Restart=on-failure
+RestartSec=5s
+ExecStart=/usr/local/bin/frpc -c /usr/local/etc/frpc/frpc.toml
+ExecReload=/usr/local/bin/frpc reload -c /usr/local/etc/frpc/frpc.toml
+
+[Install]
+WantedBy=multi-user.target
diff --git a/get-frpc-url.sh b/get-frpc-url.sh
new file mode 100644
index 0000000..edc4ce0
--- /dev/null
+++ b/get-frpc-url.sh
@@ -0,0 +1,96 @@
+#!/bin/ash
+# shellcheck shell=dash
+# trans.sh/debian.cfg 共用此脚本
+
+# debian 9 不支持 set -E
+set -e
+
+is_in_china() {
+ grep -q 1 /dev/netconf/*/is_in_china
+}
+
+is_ipv6_only() {
+ ! grep -q 1 /dev/netconf/eth*/ipv4_has_internet
+}
+
+get_frpc_url() {
+ # 传入 windows 或者 linux
+ local os_type=$1
+ local nt_ver=$2
+
+ is_need_old_version() {
+ [ "$nt_ver" = "6.0" ] || [ "$nt_ver" = "6.1" ]
+ }
+
+ version=$(
+ if is_need_old_version; then
+ echo 0.54.0
+ else
+ # debian 11 initrd 没有 xargs awk
+ # debian 12 initrd 没有 xargs
+ # github 不支持 ipv6
+ if is_in_china || is_ipv6_only; then
+ wget -O- https://mirrors.nju.edu.cn/github-release/fatedier/frp/LatestRelease/frp_sha256_checksums.txt |
+ grep -m1 frp_ | cut -d_ -f2
+ else
+ # https://api.github.com/repos/fatedier/frp/releases/latest 有请求次数限制
+
+ # root@localhost:~# wget --spider -S https://github.com/fatedier/frp/releases/latest 2>&1 | grep Location:
+ # Location: https://github.com/fatedier/frp/releases/tag/v0.62.0
+ # Location: https://github.com/fatedier/frp/releases/tag/v0.62.0 [following] # 原版 wget 多了这行
+
+ wget --spider -S https://github.com/fatedier/frp/releases/latest 2>&1 |
+ grep -m1 '^ Location:' | sed 's,.*/tag/v,,'
+ fi
+ fi
+ )
+
+ if [ -z "$version" ]; then
+ echo 'cannot find version'
+ return 1
+ fi
+
+ suffix=$(
+ case "$os_type" in
+ linux) echo tar.gz ;;
+ windows) echo zip ;;
+ esac
+ )
+
+ mirror=$(
+ # nju 没有 win7 用的旧版
+ # github 不支持 ipv6
+ # jsdelivr 不支持 github releases 文件
+ if is_ipv6_only; then
+ if is_need_old_version; then
+ echo 'NOT_SUPPORT'
+ return 1
+ else
+ echo https://mirrors.nju.edu.cn/github-release/fatedier/frp
+ fi
+ else
+ if is_in_china; then
+ if is_need_old_version; then
+ echo https://github.com/fatedier/frp/releases/download
+ else
+ echo https://mirrors.nju.edu.cn/github-release/fatedier/frp
+ fi
+ else
+ echo https://github.com/fatedier/frp/releases/download
+ fi
+ fi
+ )
+
+ arch=$(
+ case "$(uname -m)" in
+ x86_64) echo amd64 ;;
+ aarch64) echo arm64 ;;
+ esac
+ )
+
+ filename=frp_${version}_${os_type}_${arch}.$suffix
+
+ echo "${mirror}/v${version}/${filename}"
+}
+
+get_frpc_url "$@"
diff --git a/initrd-network.sh b/initrd-network.sh
index cce3e91..a5918c7 100644
--- a/initrd-network.sh
+++ b/initrd-network.sh
@@ -1,6 +1,6 @@
#!/bin/ash
# shellcheck shell=dash
-# alpine / debian initrd 共用此脚本
+# alpine/debian initrd 共用此脚本
# accept_ra 接收 RA + 自动配置网关
# autoconf 自动配置地址,依赖 accept_ra
@@ -288,6 +288,9 @@ fi
echo "Configuring $ethx ($mac_addr)..."
+# 不开启 lo 则 frp 无法连接 127.0.0.1 22
+ip link set dev lo up
+
# 开启 ethx
ip link set dev "$ethx" up
sleep 1
diff --git a/reinstall.sh b/reinstall.sh
index 86aae8e..f74c2d6 100644
--- a/reinstall.sh
+++ b/reinstall.sh
@@ -69,12 +69,17 @@ Usage: $reinstall_____ anolis 7|8|23
windows --image-name="windows xxx yyy" --iso="http://xxx.com/xxx.iso"
netboot.xyz
- Options: [--password PASSWORD]
- [--ssh-key KEY]
- [--ssh-port PORT]
- [--rdp-port PORT]
- [--web-port PORT]
+ Options: For Linux/Windows:
+ [--password PASSWORD]
+ [--ssh-key KEY]
+ [--ssh-port PORT]
+ [--web-port PORT]
+ [--frpc-toml TOML]
+
+ For Windows Only:
[--allow-ping]
+ [--rdp-port PORT]
+ [--add-driver INF_OR_DIR]
Manual: https://github.com/bin456789/reinstall
@@ -3148,11 +3153,15 @@ EOF
curl -LO "$confhome/fix-eth-name.sh"
curl -LO "$confhome/fix-eth-name.service"
- # 最近 kali initrd 删除了原版 wget
+ # 有段时间 kali initrd 删除了原版 wget
# 但 initrd 的 busybox wget 又不支持 https
# 因此改成在这里下载
curl -LO "$confhome/get-xda.sh"
curl -LO "$confhome/ttys.sh"
+ if [ -n "$frpc_config" ]; then
+ curl -LO "$confhome/get-frpc-url.sh"
+ curl -LO "$confhome/frpc.service"
+ fi
# 可以节省一点内存?
echo 'export DEBCONF_DROP_TRANSLATIONS=1' |
@@ -3522,6 +3531,9 @@ This script is outdated, please download reinstall.sh again.
else
save_password $initrd_dir/configs
fi
+ if [ -n "$frpc_config" ]; then
+ cat "$frpc_config" >$initrd_dir/configs/frpc.toml
+ fi
if is_distro_like_debian $nextos_distro; then
mod_initrd_debian_kali
@@ -3690,6 +3702,7 @@ for o in ci installer debug minimal allow-ping force-cn help \
web-port: http-port: \
allow-ping: \
commit: \
+ frpc-conf: frpc-config: frpc-toml: \
force: \
force-old-windows-setup:; do
[ -n "$long_opts" ] && long_opts+=,
@@ -3744,6 +3757,25 @@ while true; do
error_and_exit "Invalid $1 value: $2"
fi
hold=$2
+ shift 2
+ ;;
+ --frpc-conf | --frpc-config | --frpc-toml)
+ [ -n "$2" ] || error_and_exit "Need value for $1"
+
+ # windows 路径转换
+ frpc_config=$(get_unix_path "$2")
+
+ # alpine busybox 不支持 readlink -m
+ # readlink -m /asfsafasfsaf/fasf
+ # 因此需要先判断路径是否存在
+
+ if ! [ -f "$frpc_config" ]; then
+ error_and_exit "Not a toml file: $2"
+ fi
+
+ # 转为绝对路径
+ frpc_config=$(readlink -f "$frpc_config")
+
shift 2
;;
--force)
diff --git a/trans.sh b/trans.sh
index e46d524..c22e2b5 100644
--- a/trans.sh
+++ b/trans.sh
@@ -331,7 +331,7 @@ get_ttys() {
find_xda() {
# 出错后再运行脚本,硬盘可能已经格式化,之前记录的分区表 id 无效
- # 因此找到 xda 后要保存 xda 到 /config/xda
+ # 因此找到 xda 后要保存 xda 到 /configs/xda
# 先读取之前保存的
if xda=$(get_config xda 2>/dev/null) && [ -n "$xda" ]; then
@@ -1401,6 +1401,15 @@ install_alpine() {
chmod +x /os/etc/init.d/fix-eth-name
chroot /os rc-update add fix-eth-name boot
+ # 安装 frpc
+ if [ -s /configs/frpc.toml ]; then
+ chroot /os apk add frp
+ # chroot rc-update add 默认添加到 sysinit
+ # 但不加 chroot 默认添加到 default
+ chroot /os rc-update add frpc boot
+ cp /configs/frpc.toml /os/etc/frp/frpc.toml
+ fi
+
# 安装固件微码会触发 grub-probe
# 如果没挂载会报错
# Executing grub-2.12-r5.trigger
@@ -1480,7 +1489,8 @@ install_nixos() {
show_nixos_config() {
echo
- cat -n /os/etc/nixos/configuration.nix
+ # 过滤 frp auth.token
+ cat -n /os/etc/nixos/configuration.nix | grep -Fv 'auth.token'
echo
cat -n /os/etc/nixos/hardware-configuration.nix
echo
@@ -1549,7 +1559,7 @@ install_nixos() {
sh=https://nixos.org/nix/install
fi
apk add xz
- wget -O- "$sh" | sh -s -- --no-channel-add
+ wget -O- "$sh" | sh -s -- --no-daemon --no-channel-add
apk del xz
# shellcheck source=/dev/null
. /root/.nix-profile/etc/profile.d/nix.sh
@@ -1605,6 +1615,22 @@ $(del_comment_lines "$os_dir/usr/lib/systemd/system-preset/01-fix-eth-name.preset"
+ echo "enable $service_name.service" >"$os_dir/usr/lib/systemd/system-preset/01-$service_name.preset"
else
- echo 'enable fix-eth-name.service' >"$os_dir/lib/systemd/system-preset/01-fix-eth-name.preset"
+ echo "enable $service_name.service" >"$os_dir/lib/systemd/system-preset/01-$service_name.preset"
+ fi
+}
+
+add_fix_eth_name_systemd_service() {
+ local os_dir=$1
+
+ # 无需执行 systemctl daemon-reload
+ # 因为 chroot 下执行会提示 Running in chroot, ignoring command 'daemon-reload'
+ download "$confhome/fix-eth-name.sh" "$os_dir/fix-eth-name.sh"
+ add_systemd_service "$os_dir" fix-eth-name
+}
+
+get_frpc_url() {
+ wget "$confhome/get-frpc-url.sh" -O- | sh -s "$@"
+}
+
+add_frpc_systemd_service_if_need() {
+ local os_dir=$1
+
+ if [ -s /configs/frpc.toml ]; then
+ mkdir -p "$os_dir/usr/local/bin"
+ mkdir -p "$os_dir/usr/local/etc/frpc"
+
+ # 下载 frpc
+ # 注意下载的 frpc owner 不是 root:root
+ frpc_url=$(get_frpc_url linux)
+ basename=$(echo "$frpc_url" | awk -F/ '{print $NF}' | sed 's/\.tar\.gz//')
+ download "$frpc_url" "$os_dir/frpc.tar.gz"
+ tar xzf "$os_dir/frpc.tar.gz" "$basename/frpc" -O >"$os_dir/usr/local/bin/frpc"
+ rm -f "$os_dir/frpc.tar.gz"
+ chmod a+x "$os_dir/usr/local/bin/frpc"
+
+ # frpc conf
+ cp /configs/frpc.toml "$os_dir/usr/local/etc/frpc/frpc.toml"
+
+ # 添加服务
+ add_systemd_service "$os_dir" frpc
fi
}
@@ -1775,6 +1837,9 @@ basic_init() {
# 即使开了 net.ifnames=0 也需要
# 因为 alpine live 和目标系统的网卡顺序可能不同
add_fix_eth_name_systemd_service $os_dir
+
+ # frpc
+ add_frpc_systemd_service_if_need $os_dir
}
install_arch_gentoo_aosc() {
@@ -2841,6 +2906,28 @@ modify_windows() {
bats="$bats windows-set-netconf-$ethx.bat"
done
+ # 5 frp
+ if [ -s /configs/frpc.toml ]; then
+ # 好像 win7 无法运行 frpc,暂时不管
+ windows_arch=$(get_windows_arch_from_windows_drive "$os_dir" | to_lower)
+ if [ "$windows_arch" = amd64 ] || [ "$windows_arch" = arm64 ]; then
+ mkdir -p "$os_dir/frpc/"
+ url=$(get_frpc_url windows "$nt_ver")
+ download "$url" $os_dir/frpc/frpc.zip
+ # -j 去除文件夹
+ # -C 筛选文件时不区分大小写,但 busybox zip 不支持
+ unzip -o -j "$os_dir/frpc/frpc.zip" '*/frpc.exe' -d "$os_dir/frpc/"
+ rm -f "$os_dir/frpc/frpc.zip"
+ cp -f /configs/frpc.toml "$os_dir/frpc/frpc.toml"
+ download "$confhome/windows-frpc.xml" "$os_dir/frpc/frpc.xml"
+ download "$confhome/windows-frpc.bat" "$os_dir/frpc/frpc.bat"
+ download "$confhome/windows-frpc-workaround.bat" "$os_dir/frpc/frpc-workaround.bat"
+ bats="$bats frpc\frpc.bat"
+ else
+ warn "$windows_arch Not Support frpc"
+ fi
+ fi
+
if $use_gpo; then
# 使用组策略
scripts_ini=$(get_path_in_correct_case $os_dir/Windows/System32/GroupPolicy/Machine/Scripts/scripts.ini)
@@ -2911,6 +2998,9 @@ EOF
# cat 可以保留权限
cat $setup_complete_mod >$setup_complete
+
+ # 查看最终内容
+ cat -n $setup_complete
fi
}
@@ -5268,6 +5358,16 @@ get_installation_type_from_windows_drive() {
apk del hivex
}
+get_windows_arch_from_windows_drive() {
+ local os_dir=$1
+
+ apk add hivex
+ hive=$(find_file_ignore_case $os_dir/Windows/System32/config/SYSTEM)
+ # 没有 CurrentControlSet
+ hivexget $hive 'ControlSet001\Control\Session Manager\Environment' PROCESSOR_ARCHITECTURE
+ apk del hivex
+}
+
install_windows() {
get_wim_prop() {
wim=$1
@@ -6866,6 +6966,18 @@ else
printf '\nyes' | setup-sshd
fi
+# 设置 frpc
+# 并防止重复运行
+if [ -s /configs/frpc.toml ] && ! pidof frpc >/dev/null; then
+ info 'run frpc'
+ add_community_repo
+ apk add frp
+ while true; do
+ frpc -c /configs/frpc.toml || true
+ sleep 5
+ done &
+fi
+
# shellcheck disable=SC2154
if [ "$hold" = 1 ]; then
if is_run_from_locald; then
diff --git a/windows-frpc-workaround.bat b/windows-frpc-workaround.bat
new file mode 100644
index 0000000..d1ba31e
--- /dev/null
+++ b/windows-frpc-workaround.bat
@@ -0,0 +1,18 @@
+@echo off
+mode con cp select=437 >nul
+
+rem 如果找到 LOCAL SERVICE 运行的 frpc,则结束 SYSTEM 运行的 frpc
+rem 如果没找到 frpc,则运行 frpc(本脚本是用 SYSTEM 运行,好像无法 runas "NT AUTHORITY\LOCAL SERVICE")
+
+rem tasklist 返回值始终为 0,因此需要用 findstr
+
+:loop
+tasklist /FI "IMAGENAME eq frpc.exe" /FI "USERNAME eq NT AUTHORITY\LOCAL SERVICE" | findstr /I "frpc.exe" && goto :kill_system_frpc
+tasklist /FI "IMAGENAME eq frpc.exe" | findstr /I "frpc.exe" || start %SystemDrive%\frpc\frpc.exe -c %SystemDrive%\frpc\frpc.toml
+timeout 5
+goto :loop
+
+:kill_system_frpc
+taskkill /F /T /FI "IMAGENAME eq frpc.exe" /FI "USERNAME eq NT AUTHORITY\SYSTEM"
+
+del "%~f0"
diff --git a/windows-frpc.bat b/windows-frpc.bat
new file mode 100644
index 0000000..afb1ca2
--- /dev/null
+++ b/windows-frpc.bat
@@ -0,0 +1,39 @@
+@echo off
+mode con cp select=437 >nul
+
+rem Windows Deferder 会误报,因此要添加白名单
+powershell -ExecutionPolicy Bypass -Command "Add-MpPreference -ExclusionPath '%SystemDrive%\frpc\frpc.exe'"
+
+rem ---------- DEBUG ----------
+rem 检查服务状态
+rem sc query Schedule >%SystemDrive%\x.txt 2>&1
+
+rem 启用日志
+rem wevtutil set-log Microsoft-Windows-TaskScheduler/Operational /enabled:true
+rem ---------- DEBUG ----------
+
+rem 创建计划任务并立即运行
+schtasks /Create /TN "frpc" /XML "%SystemDrive%\frpc\frpc.xml"
+schtasks /Run /TN "frpc"
+del "%SystemDrive%\frpc\frpc.xml"
+
+rem win11 在首次登录后计划任务才生效
+rem 即使手动重启,计划任务也没有运行
+
+rem 如果 10 秒内有 frpc 进程,则代表计划任务已经生效,不需要首次登录
+rem 如果 10 秒后也没有 frpc 进程,则需要运行 frpc-workaround.bat
+for /L %%i in (1,1,10) do (
+ timeout 1
+ tasklist /FI "IMAGENAME eq frpc.exe" | find /I "frpc.exe" && (
+ del "%SystemDrive%\frpc\frpc-workaround.bat"
+ goto :end
+ )
+)
+
+rem 后台运行 frpc-workaround.bat
+rem 需要加 cmd /c,不然 frpc-workaround.bat 结束后有 cmd 窗口残留
+start cmd /c "%SystemDrive%\frpc\frpc-workaround.bat"
+
+:end
+rem 删除此脚本
+del "%~f0"
diff --git a/windows-frpc.xml b/windows-frpc.xml
new file mode 100644
index 0000000..d8bb0c0
Binary files /dev/null and b/windows-frpc.xml differ