From 673e0ce3e65db2961f1d8b67cbaa12563fb50bf5 Mon Sep 17 00:00:00 2001
From: hotyue <52734432+hotyue@users.noreply.github.com>
Date: Fri, 17 Apr 2026 01:19:06 +0000
Subject: [PATCH] =?UTF-8?q?feat(agent):=20[v3.6.0]=20=E9=87=8D=E6=9E=84?=
 =?UTF-8?q?=E5=AE=89=E8=A3=85=E5=90=91=E5=AF=BC=EF=BC=8C=E5=BC=95=E5=85=A5?=
 =?UTF-8?q?=E9=9D=99=E9=BB=98=20OTA=20=E5=97=85=E6=8E=A2=E6=9C=BA=E5=88=B6?=
 =?UTF-8?q?=E4=B8=8E=E5=8F=8C=E7=AB=AF=E6=8E=88=E6=9D=83=E9=98=B2=E7=BA=BF?=
 =?UTF-8?q?=EF=BC=8C=E9=BB=98=E8=AE=A4=E5=85=A8=E9=87=8F=E9=83=A8=E7=BD=B2?=
 =?UTF-8?q?=E5=85=BB=E6=8A=A4=E6=A8=A1=E5=9D=97=20(Resolves=20#17,=20Resol?=
 =?UTF-8?q?ves=20#19)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/install.sh | 63 ++++++++++++++++++++++++++++++++++---------------
 1 file changed, 44 insertions(+), 19 deletions(-)

diff --git a/core/install.sh b/core/install.sh
index d29ac3c..5a9a758 100755
--- a/core/install.sh
+++ b/core/install.sh
@@ -49,12 +49,20 @@ if [ ! -s "/tmp/map.json" ]; then
 fi
 
 echo -e "\n请选择操作:"
-echo "  1) 🚀 部署边缘节点 (进入全球节点配置)"
-echo "  2) 🗑️ 一键卸载 IP-Sentinel"
-read -p "请输入选择 [1-2] (默认1): " ACTION_CHOICE
-
-# [v3.5.2 修复] 防止用户直接回车导致变量为空，从而漏过下方的平滑升级判定
-ACTION_CHOICE=${ACTION_CHOICE:-1}
+# [v3.6.0 新增: 无人值守静默 OTA 升级拦截]
+if [ "$SILENT_OTA" == "true" ] && [ -f "$CONFIG_FILE" ]; then
+    echo -e "\n📡 [系统] 接收到远端静默 OTA 指令，直接切入平滑升级模式..."
+    ACTION_CHOICE="1"
+    # 模拟用户输入，直接跳过提示
+    UPGRADE_CHOICE="y"
+    LOG_CHOICE="y"
+else
+    echo -e "\n请选择操作:"
+    echo "  1) 🚀 部署边缘节点 (进入全球节点配置)"
+    echo "  2) 🗑️ 一键卸载 IP-Sentinel"
+    read -p "请输入选择 [1-2] (默认1): " ACTION_CHOICE
+    ACTION_CHOICE=${ACTION_CHOICE:-1}
+fi
 
 if [ "$ACTION_CHOICE" == "2" ]; then
     echo -e "\n⏳ 正在拉取卸载程序..."
@@ -206,20 +214,10 @@ if [ "$UPGRADE_MODE" == "false" ]; then
     mkdir -p "${INSTALL_DIR}/data/regions/${COUNTRY_ID}/${STATE_ID}"
     mkdir -p "${INSTALL_DIR}/logs"
 
-    # 3. 功能模块前置开关 (按需加载)
-    echo -e "\n[3/7] 请选择需要开启的养护模块 (按需开启，节省资源):"
-    echo "  1) 📍 仅开启 [Google 区域纠偏] (默认，适合流媒体解锁机位漂移)"
-    echo "  2) 🛡️ 仅开启 [IP 信用净化] (适合高风险机房 IP 降低 Scamalytics 分数)"
-    echo "  3) 🔥 双管齐下 (同时开启以上两项)"
-    read -p "请输入选择 [1-3] (默认1): " MODULE_CHOICE
-
+    # 3. 功能模块前置开关 (v3.6.0 默认全量加载，后续经由 TG 动态启停)
+    echo -e "\n[3/7] 正在初始化养护模块 (默认全量部署，支持 TG 远程启停)..."
     ENABLE_GOOGLE="true"
-    ENABLE_TRUST="false"
-    case ${MODULE_CHOICE:-1} in
-        2) ENABLE_GOOGLE="false"; ENABLE_TRUST="true" ;;
-        3) ENABLE_GOOGLE="true"; ENABLE_TRUST="true" ;;
-        *) ENABLE_GOOGLE="true"; ENABLE_TRUST="false" ;;
-    esac
+    ENABLE_TRUST="true"
 
     # 4. 接入 Master 中枢配置
     echo -e "\n[4/7] 是否接入 Master 司令部？(需要配置与主控相同的 TG 机器人) (y/n)"
@@ -236,12 +234,25 @@ if [ "$UPGRADE_MODE" == "false" ]; then
         if [ -z "$USER_TOKEN" ]; then
             TG_TOKEN="OFFICIAL_GATEWAY_MODE" 
             TG_API_URL="https://omni-gateway.samanthaestime296.workers.dev" 
+            ALLOW_OTA="false"
             echo -e "\033[32m✅ 已自动连接官方安全网关 (@OmniBeacon_bot)。\033[0m"
             echo -e "\033[33m👉 请确保您已关注官方机器人并发送过 /start，否则将无法接收消息。\033[0m"
+            echo -e "\033[31m⛔ [安全协议] 为保障节点安全，接入官方网关时，远程 OTA 升级功能已被永久禁用！若需该功能请自建 Master。\033[0m"
         else
             TG_TOKEN="$USER_TOKEN"
             TG_API_URL="https://api.telegram.org/bot${TG_TOKEN}/sendMessage"
             echo -e "\033[32m✅ 已记录您的私有机器人 Token。\033[0m"
+            
+            # [v3.6.0 新增: 私有节点 OTA 授权]
+            echo -e "\n\033[36m[OTA 授权] 是否允许 Master 司令部向本节点下发 OTA 远程升级指令？\033[0m"
+            read -p "请输入选择 [y/n] (默认n, 拒绝则只能登录 SSH 手动升级): " OTA_CHOICE
+            if [[ "$OTA_CHOICE" =~ ^[Yy]$ ]]; then
+                ALLOW_OTA="true"
+                echo -e "\033[32m✅ 远程 OTA 升级接口已开启，随时听候司令部调遣。\033[0m"
+            else
+                ALLOW_OTA="false"
+                echo -e "\033[33m🛡️ 远程 OTA 升级接口已关闭，拒绝一切远端升级指令。\033[0m"
+            fi
         fi
 
         echo -e "\033[33m💡 提示：如果您不知道自己的 Chat ID，可以关注 @userinfobot 获取。\033[0m"
@@ -431,6 +442,9 @@ BIND_IP="$BIND_IP"
 # [v3.5.2新增: 双轨身份系统]
 NODE_NAME="$NODE_NAME"
 NODE_ALIAS="$NODE_ALIAS"
+
+# [v3.6.0新增: 远程控制权限]
+ALLOW_OTA="$ALLOW_OTA"
 EOF
 
     # ================== [v3.0.3 变更: 敏感配置文件权限收敛] ==================
@@ -492,6 +506,17 @@ if [ "$UPGRADE_MODE" == "true" ]; then
             echo "NODE_ALIAS=\"$NODE_ALIAS\"" >> "$CONFIG_FILE"
         fi
     fi
+
+    # [v3.6.0 升级兼容] 补齐缺失的远程控制开关，尊重原有开关状态
+    if ! grep -q "^ALLOW_OTA=" "$CONFIG_FILE"; then
+        echo 'ALLOW_OTA="false"' >> "$CONFIG_FILE"
+    fi
+    if ! grep -q "^ENABLE_GOOGLE=" "$CONFIG_FILE"; then
+        echo 'ENABLE_GOOGLE="true"' >> "$CONFIG_FILE"
+    fi
+    if ! grep -q "^ENABLE_TRUST=" "$CONFIG_FILE"; then
+        echo 'ENABLE_TRUST="true"' >> "$CONFIG_FILE"
+    fi
 fi
 # ========================================================================