From 3d51aa455006903345f554a2dd90034993796114 Mon Sep 17 00:00:00 2001
From: sergei <sergei@em-sysadmin.xyz>
Date: Tue, 14 Apr 2026 06:23:55 +0400
Subject: vpnem: VPN infrastructure with load-balanced multi-protocol nodes

- Multi-protocol VPS nodes (VLESS-REALITY + Hysteria2 + SOCKS5)
- Smart load balancing via recommendation API
- Windows/Linux client (Go + Wails + sing-box)
- Server API with RealIP detection and connection tracking
- Auto-deployment via vpnui control plane
- Silent Windows installer with UAC elevation
- Load-based server recommendation (no sticky sessions)
- Best Server one-click connection workflow
---
 internal/engine/engine.go | 138 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 138 insertions(+)
 create mode 100644 internal/engine/engine.go

(limited to 'internal/engine/engine.go')

diff --git a/internal/engine/engine.go b/internal/engine/engine.go
new file mode 100644
index 0000000..fa145ee
--- /dev/null
+++ b/internal/engine/engine.go
@@ -0,0 +1,138 @@
+package engine
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"log"
+	"os"
+	"path/filepath"
+	"sync"
+
+	box "github.com/sagernet/sing-box"
+	"github.com/sagernet/sing-box/include"
+	"github.com/sagernet/sing-box/option"
+
+	"vpnem/internal/config"
+	"vpnem/internal/models"
+)
+
+type Engine struct {
+	mu             sync.Mutex
+	instance       *box.Box
+	cancel         context.CancelFunc
+	running        bool
+	configPath     string
+	dataDir        string
+	localProxyPort int
+}
+
+func New(dataDir string) *Engine {
+	return &Engine{
+		dataDir:    dataDir,
+		configPath: filepath.Join(dataDir, "config.json"),
+	}
+}
+
+func (e *Engine) Start(server models.Server, mode config.Mode, ruleSets []models.RuleSet, serverIPs []string) error {
+	return e.StartFull(server, mode, ruleSets, serverIPs, nil, config.LocalProxyPort, nil)
+}
+
+func (e *Engine) StartFull(server models.Server, mode config.Mode, ruleSets []models.RuleSet, serverIPs []string, customBypass []string, localProxyPort int, policy *models.RoutingPolicy) error {
+	e.mu.Lock()
+	defer e.mu.Unlock()
+
+	if e.running {
+		return fmt.Errorf("already running")
+	}
+
+	cfg := config.BuildConfigFullWithLocalProxy(server, mode, ruleSets, serverIPs, customBypass, localProxyPort, policy)
+	data, err := json.MarshalIndent(cfg, "", "  ")
+	if err != nil {
+		return fmt.Errorf("marshal config: %w", err)
+	}
+
+	os.MkdirAll(e.dataDir, 0o755)
+	_ = os.WriteFile(e.configPath, data, 0o644)
+	log.Printf("engine: config saved (%d bytes)", len(data))
+
+	var opts option.Options
+	ctx := include.Context(context.Background())
+	if err := opts.UnmarshalJSONContext(ctx, data); err != nil {
+		log.Printf("engine: parse FAILED: %v", err)
+		return fmt.Errorf("parse config: %w", err)
+	}
+
+	boxCtx, cancel := context.WithCancel(ctx)
+	e.cancel = cancel
+
+	instance, err := box.New(box.Options{
+		Context: boxCtx,
+		Options: opts,
+	})
+	if err != nil {
+		cancel()
+		log.Printf("engine: create FAILED: %v", err)
+		return fmt.Errorf("create sing-box: %w", err)
+	}
+
+	if err := instance.Start(); err != nil {
+		instance.Close()
+		cancel()
+		log.Printf("engine: start FAILED: %v", err)
+		return fmt.Errorf("start sing-box: %w", err)
+	}
+
+	e.instance = instance
+	e.running = true
+	e.localProxyPort = localProxyPort
+	log.Println("engine: started ok")
+	return nil
+}
+
+func (e *Engine) Stop() error {
+	e.mu.Lock()
+	defer e.mu.Unlock()
+
+	if !e.running {
+		return nil
+	}
+
+	if e.instance != nil {
+		e.instance.Close()
+		e.instance = nil
+	}
+	if e.cancel != nil {
+		e.cancel()
+	}
+	e.running = false
+	e.localProxyPort = 0
+	log.Println("engine: stopped")
+	return nil
+}
+
+func (e *Engine) Restart(server models.Server, mode config.Mode, ruleSets []models.RuleSet, serverIPs []string) error {
+	e.Stop()
+	return e.Start(server, mode, ruleSets, serverIPs)
+}
+
+func (e *Engine) RestartFull(server models.Server, mode config.Mode, ruleSets []models.RuleSet, serverIPs []string, customBypass []string, localProxyPort int, policy *models.RoutingPolicy) error {
+	e.Stop()
+	return e.StartFull(server, mode, ruleSets, serverIPs, customBypass, localProxyPort, policy)
+}
+
+func (e *Engine) IsRunning() bool {
+	e.mu.Lock()
+	defer e.mu.Unlock()
+	return e.running
+}
+
+func (e *Engine) ConfigPath() string {
+	return e.configPath
+}
+
+func (e *Engine) LocalProxyPort() int {
+	e.mu.Lock()
+	defer e.mu.Unlock()
+	return e.localProxyPort
+}
-- 
cgit v1.2.3