-
Notifications
You must be signed in to change notification settings - Fork 87
/
trojan-caddy-tls-b.sh
338 lines (338 loc) · 10.9 KB
/
trojan-caddy-tls-b.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
#! /bin/bash
# Author: Jeannie
#######color code########
RED="\033[0;31m"
NO_COLOR="\033[0m"
GREEN="\033[32m\033[01m"
BLUE="\033[0;36m"
FUCHSIA="\033[0;35m"
green() {
echo -e "\033[32m\033[01m$1\033[0m"
}
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
sleep 2
echo "export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin:$PATH" >>~/.bashrc
source ~/.bashrc
echo "先睡一会儿……"
sleep 3
mkdir /etc/caddy /etc/ssl/caddy
isRoot() {
if [[ "$EUID" -ne 0 ]]; then
echo "false"
else
echo "true"
fi
}
init_release() {
if [[ -f /etc/redhat-release ]]; then
release="centos"
elif cat /etc/issue | grep -q -E -i "debian"; then
release="debian"
elif cat /etc/issue | grep -q -E -i "ubuntu"; then
release="ubuntu"
elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then
release="centos"
elif cat /proc/version | grep -q -E -i "debian"; then
release="debian"
elif cat /proc/version | grep -q -E -i "ubuntu"; then
release="ubuntu"
elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then
release="centos"
fi
if [[ $release == "ubuntu" || $release == "debian" ]]; then
PM='apt'
elif [[ $release == "centos" ]]; then
PM='yum'
else
exit 1
fi
# PM='apt'
}
tools_install() {
init_release
if [ $PM = 'apt' ]; then
apt-get update -y
sleep 2
apt-get install -y dnsutils wget unzip zip curl tar git qrencode
elif [ $PM = 'yum' ]; then
yum update -y
sleep 2
yum -y install bind-utils wget unzip zip curl tar git libpng libpng-devel qrencode
fi
}
caddy_install() {
green "=========================================="
green " 开始安装caddy并自动下载证书"
green "=========================================="
curl https://getcaddy.com | bash -s personal hook.service
}
caddy_conf() {
read -p "输入您的域名(注意:如果你的域名是使用 Cloudflare 解析的,请在Status 那里点一下那图标,让它变灰):" domainname
real_addr=$(ping ${domainname} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}')
local_addr=$(curl -4 ip.sb)
while [ "$real_addr" != "$local_addr" ]; do
read -p "本机ip和绑定域名的IP不一致,请检查域名是否解析成功,并重新输入域名:" domainname
real_addr=$(ping ${domainname} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}')
local_addr=$(curl -4 ip.sb)
if [ "$real_addr" != "$local_addr" ]; then
local_addr=$(curl ipv4.icanhazip.com)
fi
if [ "$real_addr" != "$local_addr" ]; then
local_addr=$(curl -4 ifconfig.me)
fi
done
echo "$domainname" 2>&1 | tee /etc/domainname
read -p "请输入您的邮箱:" emailname
read -p "您输入的邮箱正确吗? [y/n]?" answer
while [ "$answer" != "y" ]; do
read -p "请重新输入您的邮箱:" emailname
read -p "您输入的邮箱正确吗? [y/n]?" answer
done
echo "http://${domainname}:80 {
redir https://${domainname}:443{url}
}
https://${domainname}:443 {
gzip
timeouts none
tls ${emailname}
root /var/www
}" >/etc/caddy/Caddyfile
}
web_get() {
mkdir /var/www
echo -e "下面提供了15个不同的伪装网站模板,按对应的数字进行安装,安装之前可以查看网站demo:
${GREEN}1. https://templated.co/intensify
${GREEN}2. https://templated.co/binary
${GREEN}3. https://templated.co/retrospect
${GREEN}4. https://templated.co/spatial
${GREEN}5. https://templated.co/monochromed
${GREEN}6. https://templated.co/transit
${GREEN}7. https://templated.co/interphase
${GREEN}8. https://templated.co/ion
${GREEN}9. https://templated.co/solarize
${GREEN}10. https://templated.co/phaseshift
${GREEN}11. https://templated.co/horizons
${GREEN}12. https://templated.co/grassygrass
${GREEN}13. https://templated.co/breadth
${GREEN}14. https://templated.co/undeviating
${GREEN}15. https://templated.co/lorikeet${NO_COLOR}
"
read -p "您输入你要安装的网站的数字:" aNum
case $aNum in
1)
wget -O web.zip --no-check-certificate https://templated.co/intensify/download
;;
2)
wget -O web.zip --no-check-certificate https://templated.co/binary/download
;;
3)
wget -O web.zip --no-check-certificate https://templated.co/retrospect/download
;;
4)
wget -O web.zip --no-check-certificate https://templated.co/spatial/download
;;
5)
wget -O web.zip --no-check-certificate https://templated.co/monochromed/download
;;
6)
wget -O web.zip --no-check-certificate https://templated.co/transit/download
;;
7)
wget -O web.zip --no-check-certificate https://templated.co/interphase/download
;;
8)
wget -O web.zip --no-check-certificate https://templated.co/ion/download
;;
9)
wget -O web.zip --no-check-certificate https://templated.co/solarize/download
;;
10)
wget -O web.zip --no-check-certificate https://templated.co/phaseshift/download
;;
11)
wget -O web.zip --no-check-certificate https://templated.co/horizons/download
;;
12)
wget -O web.zip --no-check-certificate https://templated.co/grassygrass/download
;;
13)
wget -O web.zip --no-check-certificate https://templated.co/breadth/download
;;
14)
wget -O web.zip --no-check-certificate https://templated.co/undeviating/download
;;
15)
wget -O web.zip --no-check-certificate https://templated.co/lorikeet/download
;;
*)
wget -O web.zip --no-check-certificate https://templated.co/intensify/download
;;
esac
unzip -o -d /var/www web.zip
}
trojan_install() {
green "=========================================="
green " 开始安装Trojan"
green "=========================================="
bash -c "$(curl -fsSL https://raw.githubusercontent.com/trojan-gfw/trojan-quickstart/master/trojan-quickstart.sh)"
}
trojan_conf() {
read -p "请输入您的trojan密码:" password
fl="no"
while [[ $fl = "no" ]]; do
read -p "密码只能是字母和数字的组合:" password
for ((i=0;$i<${#password};i++));
do
str=${password:$i:1};
case "$str" in
[a-z]|[A-Z]|[0-9])fl="yes"
;;
*)echo "密码中含非法字符"
fl="no"
break
;;
esac
done
done
while [ "${password}" = "" ]; do
read -p "密码不能为空,请重新输入:" password
done
sed -i "8c \"$password\"," /usr/local/etc/trojan/config.json
if [ -d "/root/.caddy/acme/acme-v02.api.letsencrypt.org/sites/$domainname" ]; then
cd /root/.caddy/acme/acme-v02.api.letsencrypt.org/sites/$domainname
elif [ -d "/.caddy/acme/acme-v02.api.letsencrypt.org/sites/$domainname" ]; then
cd /.caddy/acme/acme-v02.api.letsencrypt.org/sites/$domainname
fi
\cp $domainname.crt /usr/local/etc/trojan 2>&1 | tee /usr/local/etc/log
\cp $domainname.key /usr/local/etc/trojan 2>&1 | tee /usr/local/etc/log
sed -i "13c \"cert\":\"/usr/local/etc/trojan/$domainname.crt\"," /usr/local/etc/trojan/config.json
sed -i "14c \"key\": \"/usr/local/etc/trojan/$domainname.key\"," /usr/local/etc/trojan/config.json
}
left_second() {
seconds_left=15
while [ $seconds_left -gt 0 ]; do
echo -n $seconds_left
sleep 1
seconds_left=$(($seconds_left - 1))
echo -ne "\r \r"
done
}
CA_exist() {
grep "cp: cannot stat" /usr/local/etc/log >/dev/null
if [ $? -eq 0 ]; then
FLAG="YES"
else
FLAG="NO"
fi
}
check_CA() {
CA_exist
if [ $FLAG = "NO" ]; then
end_time=$(echo | openssl s_client -servername $domainname -connect $domainname:443 2>/dev/null | openssl x509 -noout -dates | grep 'After' | awk -F '=' '{print $2}' | awk -F ' +' '{print $1,$2,$4 }')
#while [ "${end_time}" = "" ]; do
# end_time=$(echo | openssl s_client -servername $domainname -connect $domainname:443 2>/dev/null | openssl x509 -noout -dates | grep 'After' | awk -F '=' '{print $2}' | awk -F ' +' '{print $1,$2,$4 }')
#done
end_times=$(date +%s -d "$end_time")
now_time=$(date +%s -d "$(date | awk -F ' +' '{print $2,$3,$6}')")
RST=$(($((end_times - now_time)) / (60 * 60 * 24)))
fi
}
add_CA() {
init_release
CA_exist
if [ $FLAG = "NO" ]; then
curl -s -o /etc/RST.sh https://raw.githubusercontent.com/JeannieStudio/jeannie/master/RST.sh
chmod +x /etc/RST.sh
if [ $PM = 'apt' ]; then
cron_job="30 4 * * * /etc/RST.sh"
(
crontab -l | grep -v "$cron_job"
echo "$cron_job"
) | crontab -
service cron restart
elif [ $PM = 'yum' ]; then
echo "SHELL=/bin/bash
30 4 * * * /etc/RST.sh" >/var/spool/cron/root
service crond reload
service crond restart
fi
fi
}
mgr() {
if [ -f "/etc/mgr.sh" ]; then
rm -f /etc/mgr.sh
fi
while [ ! -f "/etc/mgr.sh" ]; do
curl -s -o /etc/mgr.sh https://raw.githubusercontent.com/JeannieStudio/all_install/master/mgr.sh
done
chmod +x /etc/mgr.sh
}
info() {
vps=trojan
echo "$password" >>/usr/local/etc/trojan/trojan_info
echo "$domainname" >>/usr/local/etc/trojan/trojan_info
echo "$vps" >>/usr/local/etc/trojan/trojan_info
code="trojan://${password}@${domainname}:443"
qrencode -o /var/www/${password}.png -s 8 "${code}"
wget --no-check-certificate -O /var/www/trojan_tmpl.html https://raw.githubusercontent.com/JeannieStudio/all_install/master/trojan_tmpl.html
chmod +x /var/www/trojan_tmpl.html
eval "cat <<EOF
$(</var/www/trojan_tmpl.html)
EOF
" >/var/www/${password}.html
}
main() {
isRoot=$(isRoot)
if [[ "${isRoot}" != "true" ]]; then
echo -e "${RED}error:${NO_COLOR}Please run this script as as root"
exit 1
else
tools_install
caddy_install
caddy_conf
web_get
caddy -service install -agree -email ${emailname} -conf /etc/caddy/Caddyfile
caddy -service start
echo "睡一会儿……"
left_second
caddy -service stop
sleep 2
echo "http://${domainname}:80 {
gzip
timeouts none
tls ${emailname}
root /var/www
}" >/etc/caddy/Caddyfile
caddy -service start
trojan_install
echo "睡一会儿……"
sleep 6
trojan_conf
systemctl start trojan
systemctl enable trojan
CA_exist
check_CA
add_CA
mgr
info
if [ $FLAG = "YES" ]; then
echo -e "
$RED==========================================
$RED 很遗憾,Trojan安装和配置失败
$RED==========================================
${RED}由于证书申请失败,无法科学上网,请重装或更换一个域名重新安装, 详情:https://letsencrypt.org/docs/rate-limits/
进一步验证证书申请情况,参考:https://www.ssllabs.com/ssltest/ $NO_COLOR" 2>&1 | tee info
elif [ $FLAG = "NO" ]; then
echo -e "
${GREEN} ===================================================
${GREEN} 恭喜你,Trojan安装和配置成功
${GREEN} ===================================================
详情:https://${domainname}/${password}.html
$NO_COLOR " 2>&1 | tee info
fi
touch /etc/motd
cat info >/etc/motd
fi
}
main