forked from oneforallofall/oneforall
-
Notifications
You must be signed in to change notification settings - Fork 0
/
x
245 lines (229 loc) · 8.44 KB
/
x
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
getData() {
IPV4=$(dig @1.1.1.1 +short txt ch whoami.cloudflare |tr -d \")
IPV6=$(dig +short @2606:4700:4700::1111 -6 ch txt whoami.cloudflare|tr -d \")
resolve4="$(dig A +short ${DOMAIN} @1.1.1.1)"
resolve6="$(dig AAAA +short ${DOMAIN} @1.1.1.1)"
res4=`echo -n ${resolve4} | grep $IPV4`
res6=`echo -n ${resolve6} | grep $IPV6`
res_judge=`echo $res4$res6`
echo $res_judge
IP=`echo $res4$res6`
if [[ "$TLS" = "true" || "$XTLS" = "true" ]]; then
echo ""
echo " Xray一键脚本,运行之前请确认如下条件已经具备:"
colorEcho ${YELLOW} " 1. 一个伪装域名"
colorEcho ${YELLOW} " 2. 伪装域名DNS解析指向当前服务器ip $IPV4,$IPV6"
colorEcho ${BLUE} " 3. 如果/root目录下有 xray.pem 和 xray.key 证书密钥文件,无需理会条件2"
echo " "
read -p " 确认满足按y,按其他退出脚本:" answer
if [[ "${answer,,}" != "y" ]]; then
exit 0
fi
echo ""
while true
do
read -p "请输入伪装域名:" DOMAIN
if [[ -z "${DOMAIN}" ]]; then
colorEcho ${RED} " 域名输入错误,请重新输入!"
else
break
fi
done
DOMAIN=${DOMAIN,,}
colorEcho ${BLUE} "伪装域名(host):$DOMAIN"
echo ""
if [[ -f ~/xray.pem && -f ~/xray.key ]]; then
colorEcho ${BLUE} " 检测到自有证书,将使用其部署"
CERT_FILE="/usr/local/etc/xray/${DOMAIN}.pem"
KEY_FILE="/usr/local/etc/xray/${DOMAIN}.key"
else
resolve=`curl -sL http://ip-api.com/json/${DOMAIN}`
res=`echo -n ${resolve} | grep ${IP}`
echo "${DOMAIN} points to: ${res_judge}"
if [[ -z "${res_judge}" ]]; then
colorEcho ${BLUE} "${DOMAIN} 解析结果:${res_judge}"
colorEcho ${RED} " 域名未解析到当前服务器IP:$IPV4,$IPV6 !"
exit 1
fi
fi
fi
echo ""
if [[ "$(needNginx)" = "no" ]]; then
if [[ "$TLS" = "true" ]]; then
read -p " 请输入xray监听端口[强烈建议443,默认443]:" PORT
[[ -z "${PORT}" ]] && PORT=443
else
read -p " 请输入xray监听端口[100-65535的一个数字]:" PORT
[[ -z "${PORT}" ]] && PORT=`shuf -i200-65000 -n1`
if [[ "${PORT:0:1}" = "0" ]]; then
colorEcho ${RED} " 端口不能以0开头"
exit 1
fi
fi
colorEcho ${BLUE} " xray端口:$PORT"
else
read -p " 请输入Nginx监听端口[100-65535的一个数字,默认443]:" PORT
[[ -z "${PORT}" ]] && PORT=443
if [ "${PORT:0:1}" = "0" ]; then
colorEcho ${BLUE} " 端口不能以0开头"
exit 1
fi
colorEcho ${BLUE} " Nginx端口:$PORT"
XPORT=`shuf -i10000-65000 -n1`
fi
if [[ "$KCP" = "true" ]]; then
echo ""
colorEcho $BLUE " 请选择伪装类型:"
echo " 1) 无"
echo " 2) BT下载"
echo " 3) 视频通话"
echo " 4) 微信视频通话"
echo " 5) dtls"
echo " 6) wiregard"
read -p " 请选择伪装类型[默认:无]:" answer
case $answer in
2)
HEADER_TYPE="utp"
;;
3)
HEADER_TYPE="srtp"
;;
4)
HEADER_TYPE="wechat-video"
;;
5)
HEADER_TYPE="dtls"
;;
6)
HEADER_TYPE="wireguard"
;;
*)
HEADER_TYPE="none"
;;
esac
colorEcho $BLUE " 伪装类型:$HEADER_TYPE"
SEED=`cat /proc/sys/kernel/random/uuid`
fi
if [[ "$TROJAN" = "true" ]]; then
echo ""
read -p " 请设置trojan密码(不输则随机生成):" PASSWORD
[[ -z "$PASSWORD" ]] && PASSWORD=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1`
colorEcho $BLUE " trojan密码:$PASSWORD"
fi
if [[ "$XTLS" = "true" ]]; then
echo ""
colorEcho $BLUE " 请选择流控模式:"
echo -e " 1) xtls-rprx-direct [$RED推荐$PLAIN]"
echo " 2) xtls-rprx-origin"
read -p " 请选择流控模式[默认:direct]" answer
[[ -z "$answer" ]] && answer=1
case $answer in
1)
FLOW="xtls-rprx-direct"
;;
2)
FLOW="xtls-rprx-origin"
;;
*)
colorEcho $RED " 无效选项,使用默认的xtls-rprx-direct"
FLOW="xtls-rprx-direct"
;;
esac
colorEcho $BLUE " 流控模式:$FLOW"
fi
if [[ "${WS}" = "true" ]]; then
echo ""
while true
do
read -p " 请输入伪装路径,以/开头(不懂请直接回车):" WSPATH
if [[ -z "${WSPATH}" ]]; then
len=`shuf -i5-12 -n1`
ws=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w $len | head -n 1`
WSPATH="/$ws"
break
elif [[ "${WSPATH:0:1}" != "/" ]]; then
colorEcho ${RED} " 伪装路径必须以/开头!"
elif [[ "${WSPATH}" = "/" ]]; then
colorEcho ${RED} " 不能使用根路径!"
else
break
fi
done
colorEcho ${BLUE} " ws路径:$WSPATH"
fi
if [[ "$TLS" = "true" || "$XTLS" = "true" ]]; then
echo ""
colorEcho $BLUE " 请选择伪装站类型:"
echo " 1) 静态网站(位于/usr/share/nginx/html)"
echo " 2) 小说站(随机选择)"
echo " 3) 美女站(https://imeizi.me)"
echo " 4) 高清壁纸站(https://bing.imeizi.me)"
echo " 5) 自定义反代站点(需以http或者https开头)"
read -p " 请选择伪装网站类型[默认:高清壁纸站]" answer
if [[ -z "$answer" ]]; then
PROXY_URL="https://bing.imeizi.me"
else
case $answer in
1)
PROXY_URL=""
;;
2)
len=${#SITES[@]}
((len--))
while true
do
index=`shuf -i0-${len} -n1`
PROXY_URL=${SITES[$index]}
host=`echo ${PROXY_URL} | cut -d/ -f3`
ip=`curl -sL http://ip-api.com/json/${host}`
res=`echo -n ${ip} | grep ${host}`
if [[ "${res}" = "" ]]; then
echo "$ip $host" >> /etc/hosts
break
fi
done
;;
3)
PROXY_URL="https://imeizi.me"
;;
4)
PROXY_URL="https://bing.imeizi.me"
;;
5)
read -p " 请输入反代站点(以http或者https开头):" PROXY_URL
if [[ -z "$PROXY_URL" ]]; then
colorEcho $RED " 请输入反代网站!"
exit 1
elif [[ "${PROXY_URL:0:4}" != "http" ]]; then
colorEcho $RED " 反代网站必须以http或https开头!"
exit 1
fi
;;
*)
colorEcho $RED " 请输入正确的选项!"
exit 1
esac
fi
REMOTE_HOST=`echo ${PROXY_URL} | cut -d/ -f3`
colorEcho $BLUE " 伪装网站:$PROXY_URL"
echo ""
colorEcho $BLUE " 是否允许搜索引擎爬取网站?[默认:不允许]"
echo " y)允许,会有更多ip请求网站,但会消耗一些流量,vps流量充足情况下推荐使用"
echo " n)不允许,爬虫不会访问网站,访问ip比较单一,但能节省vps流量"
read -p " 请选择:[y/n]" answer
if [[ -z "$answer" ]]; then
ALLOW_SPIDER="n"
elif [[ "${answer,,}" = "y" ]]; then
ALLOW_SPIDER="y"
else
ALLOW_SPIDER="n"
fi
colorEcho $BLUE " 允许搜索引擎:$ALLOW_SPIDER"
fi
echo ""
read -p " 是否安装BBR(默认安装)?[y/n]:" NEED_BBR
[[ -z "$NEED_BBR" ]] && NEED_BBR=y
[[ "$NEED_BBR" = "Y" ]] && NEED_BBR=y
colorEcho $BLUE " 安装BBR:$NEED_BBR"
}
getData