Added openwrt 24.10

Add confdir for snapshot

README.md

@@ -12,9 +12,16 @@ Shell скрипт и [роль для Ansible](https://galaxy.ansible.com/ui/st
 sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/domain-routing-openwrt/master/getdomains-install.sh)
 ```
 
+# Скрипт для удаления
+```
+sh <(wget -O - https://raw.githubusercontent.com/itdoginfo/domain-routing-openwrt/refs/heads/master/getdomains-uninstall.sh)
+```
+
 ## AmneziaWG
 Через этот скрипт можно установить Amnezia wireguard. Скрипт проверяет наличие пакетов под вашу платформу в [стороннем репозитории](https://github.com/Slava-Shchipunov/awg-openwrt/releases), так как в официальном репозитории OpenWRT они отсутствуют, и автоматически их устанавливает.
 
+Если вам нужно установить только AWG, воспользуйтесь скриптом в репозитории: https://github.com/Slava-Shchipunov/awg-openwrt
+
 Если подходящих пакетов нет, перед настройкой необходимо будет самостоятельно [собрать бинарники AmneziaWG](https://github.com/itdoginfo/domain-routing-openwrt/wiki/Amnezia-WG-Build) для своего устройства и установить их.
 
 ## Скрипт для проверки конфигурации

getdomains-install.sh

@@ -28,6 +28,8 @@ sleep 10
 ip route add table vpn default dev tun0
 EOF
     fi
+
+    cp /etc/hotplug.d/iface/30-vpnroute /etc/hotplug.d/net/30-vpnroute
 }
 
 add_mark() {
@@ -321,7 +323,19 @@ dnsmasqfull() {
         opkg remove dnsmasq && opkg install dnsmasq-full --cache /tmp/
 
         [ -f /etc/config/dhcp-opkg ] && cp /etc/config/dhcp /etc/config/dhcp-old && mv /etc/config/dhcp-opkg /etc/config/dhcp
-fi
+    fi
+}
+s
+dnsmasqconfdir() {
+    if [ $VERSION_ID -ge 24 ]; then
+        if uci get dhcp.@dnsmasq[0].confdir | grep -q /tmp/dnsmasq.d; then
+            printf "\033[32;1mconfdir already set\033[0m\n"
+        else
+            printf "\033[32;1mSetting confdir\033[0m\n"
+            uci set dhcp.@dnsmasq[0].confdir='/tmp/dnsmasq.d'
+            uci commit dhcp
+        fi
+    fi
 }
 
 remove_forwarding() {
@@ -562,19 +576,21 @@ add_dns_resolver() {
 }
 
 add_packages() {
-    if opkg list-installed | grep -q "curl -"; then
-        printf "\033[32;1mCurl already installed\033[0m\n"
-    else
-        printf "\033[32;1mInstall curl\033[0m\n"
-        opkg install curl
-    fi
-
-    if opkg list-installed | grep -q nano; then
-        printf "\033[32;1mNano already installed\033[0m\n"
-    else
-        printf "\033[32;1mInstall nano\033[0m\n"
-        opkg install nano
-    fi
+    for package in curl nano; do
+        if opkg list-installed | grep -q "^$package "; then
+            printf "\033[32;1m$package already installed\033[0m\n"
+        else
+            printf "\033[32;1mInstalling $package...\033[0m\n"
+            opkg install "$package"
+            
+            if "$package" --version >/dev/null 2>&1; then
+                printf "\033[32;1m$package was successfully installed and available\033[0m\n"
+            else
+                printf "\033[31;1mError: failed to install $package\033[0m\n"
+                exit 1
+            fi
+        fi
+    done
 }
 
 add_getdomains() {
@@ -956,8 +972,8 @@ printf "\033[34;1mVersion: $OPENWRT_RELEASE\033[0m\n"
 
 VERSION_ID=$(echo $VERSION | awk -F. '{print $1}')
 
-if [ "$VERSION_ID" -ne 23 ]; then
-    printf "\033[31;1mScript only support OpenWrt 23.05\033[0m\n"
+if [ "$VERSION_ID" -ne 23 ] && [ "$VERSION_ID" -ne 24 ]; then
+    printf "\033[31;1mScript only support OpenWrt 23.05 and 24.10\033[0m\n"
     echo "For OpenWrt 21.02 and 22.03 you can:"
     echo "1) Use ansible https://github.com/itdoginfo/domain-routing-openwrt"
     echo "2) Configure manually. Old manual: https://itdog.info/tochechnaya-marshrutizaciya-na-routere-s-openwrt-wireguard-i-dnscrypt/"
@@ -982,6 +998,8 @@ add_set
 
 dnsmasqfull
 
+dnsmasqconfdir
+
 add_dns_resolver
 
 add_getdomains

getdomains-uninstall.sh

@@ -0,0 +1,78 @@
+#!/bin/ash
+
+echo "Выпиливаем скрипты"
+/etc/init.d/getdomains disable
+rm -rf /etc/init.d/getdomains
+
+rm -f /etc/hotplug.d/iface/30-vpnroute /etc/hotplug.d/net/30-vpnroute
+
+echo "Выпиливаем из crontab"
+sed -i '/getdomains start/d' /etc/crontabs/root
+
+echo "Выпиливаем домены"
+rm -f /tmp/dnsmasq.d/domains.lst
+
+echo "Чистим firewall, раз раз 🍴"
+
+ipset_id=$(uci show firewall | grep -E '@ipset.*name=.vpn_domains.' | awk -F '[][{}]' '{print $2}' | head -n 1)
+if [ ! -z "$ipset_id" ]; then
+    while uci -q delete firewall.@ipset[$ipset_id]; do :; done
+fi
+
+rule_id=$(uci show firewall | grep -E '@rule.*name=.mark_domains.' | awk -F '[][{}]' '{print $2}' | head -n 1)
+if [ ! -z "$rule_id" ]; then
+    while uci -q delete firewall.@rule[$rule_id]; do :; done
+fi
+
+ipset_id=$(uci show firewall | grep -E '@ipset.*name=.vpn_domains_internal.' | awk -F '[][{}]' '{print $2}' | head -n 1)
+if [ ! -z "$ipset_id" ]; then
+    while uci -q delete firewall.@ipset[$ipset_id]; do :; done
+fi
+
+rule_id=$(uci show firewall | grep -E '@rule.*name=.mark_domains_intenal.' | awk -F '[][{}]' '{print $2}' | head -n 1)
+if [ ! -z "$rule_id" ]; then
+    while uci -q delete firewall.@rule[$rule_id]; do :; done
+fi
+
+ipset_id=$(uci show firewall | grep -E '@ipset.*name=.vpn_subnet.' | awk -F '[][{}]' '{print $2}' | head -n 1)
+if [ ! -z "$ipset_id" ]; then
+    while uci -q delete firewall.@ipset[$ipset_id]; do :; done
+fi
+
+rule_id=$(uci show firewall | grep -E '@rule.*name=.mark_subnet.' | awk -F '[][{}]' '{print $2}' | head -n 1)
+if [ ! -z "$rule_id" ]; then
+    while uci -q delete firewall.@rule[$rule_id]; do :; done
+fi
+
+uci commit firewall
+/etc/init.d/firewall restart
+
+echo "Чистим сеть"
+sed -i '/99 vpn/d' /etc/iproute2/rt_tables
+
+rule_id=$(uci show network | grep -E '@rule.*name=.mark0x1.' | awk -F '[][{}]' '{print $2}' | head -n 1)
+if [ ! -z "$rule_id" ]; then
+    while uci -q delete network.@rule[$rule_id]; do :; done
+fi
+
+rule_id=$(uci show network | grep -E '@rule.*name=.mark0x2.' | awk -F '[][{}]' '{print $2}' | head -n 1)
+if [ ! -z "$rule_id" ]; then
+    while uci -q delete network.@rule[$rule_id]; do :; done
+fi
+
+while uci -q delete network.vpn_route_internal; do :; done
+
+uci commit network
+/etc/init.d/network restart
+
+echo "Проверяем Dnsmasq"
+if uci show dhcp | grep -q ipset; then
+    echo "В dnsmasq (/etc/config/dhcp) заданы домены. Нужные из них сохраните, остальные удалите вместе с ipset"
+fi
+
+echo "Все туннели, прокси, зоны и forwarding к ним оставляем на месте, они вам не помешают и скорее пригодятся"
+echo "Dnscrypt, stubby тоже не трогаем"
+
+echo "  ______  _____        _____   _____  ______  _     _  _____   _____"
+echo " |  ____ |     |      |_____] |     | |     \ |____/  |     | |_____]"
+echo " |_____| |_____|      |       |_____| |_____/ |    \_ |_____| |     "

tasks/main.yml

@@ -6,6 +6,15 @@
     shell: opkg list-installed | grep dnsmasq-full | awk '{print $3}'
     register: dnsmasqfull_version
 
+  - name: Check confdir option
+    shell: uci get dhcp.@dnsmasq[0].confdir
+    register: dnsmasq_confdir
+    ignore_errors: true
+
+  - name: Get openwrt major release
+    shell: cat /etc/openwrt_release | grep -Eo [0-9]{2}[.][0-9]{2}[.][0-9]* | cut -d '.' -f 1 | tail -n 1
+    register: openwrt_major_release
+
   - name: debug
     debug:
       var: ansible_distribution_major_version
@@ -63,6 +72,14 @@
     when: ansible_distribution_major_version >= "23" and list_domains and not dnsmasqfull_version.stdout
     ignore_errors: true
 
+  - name: set confdir for dnsmasq
+    uci: 
+      command: set
+      key: dhcp.@dnsmasq[0]
+      value:
+        confdir: "/tmp/dnsmasq.d"
+    when: dnsmasq_confdir.stdout != "/tmp/dnsmasq.d" and openwrt_major_release >= 24
+
 # Getdomains script configure
       
   - name: getdomains script copy