diff --git a/acme.sh b/acme.sh deleted file mode 100644 index d1b74b7c..00000000 --- a/acme.sh +++ /dev/null @@ -1,314 +0,0 @@ -#!/bin/bash -red='\033[0;31m' -bblue='\033[0;34m' -plain='\033[0m' -red(){ echo -e "\033[31m\033[01m$1\033[0m";} -green(){ echo -e "\033[32m\033[01m$1\033[0m";} -yellow(){ echo -e "\033[33m\033[01m$1\033[0m";} -white(){ echo -e "\033[37m\033[01m$1\033[0m";} -readp(){ read -p "$(yellow "$1")" $2;} -[[ $EUID -ne 0 ]] && yellow "请以root模式运行脚本" && rm -rf acme.sh && exit -if [[ -f /etc/redhat-release ]]; then -release="Centos" -elif cat /etc/issue | grep -q -E -i "debian"; then -release="Debian" -elif cat /etc/issue | grep -q -E -i "ubuntu"; then -release="Ubuntu" -elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then -release="Centos" -elif cat /proc/version | grep -q -E -i "debian"; then -release="Debian" -elif cat /proc/version | grep -q -E -i "ubuntu"; then -release="Ubuntu" -elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then -release="Centos" -else -red "不支持你当前系统,请选择使用Ubuntu,Debian,Centos系统" && rm -rf acme.sh && exit -fi - -v4v6(){ -v6=$(curl -s6m5 https://ip.gs -k) -v4=$(curl -s4m5 https://ip.gs -k) -} - - -acme1(){ -[[ $(type -P yum) ]] && yumapt='yum -y' || yumapt='apt -y' -[[ $(type -P curl) ]] || (yellow "检测到curl未安装,升级安装中" && $yumapt update;$yumapt install curl) -[[ $(type -P lsof) ]] || (yellow "检测到lsof未安装,升级安装中" && $yumapt update;$yumapt install lsof) -[[ $(type -P socat) ]] || $yumapt install socat -v4v6 -if [[ -z $v4 ]]; then -yellow "检测到VPS为纯IPV6 Only,添加dns64" -echo -e nameserver 2a01:4f8:c2c:123f::1 > /etc/resolv.conf -green "dns64添加完毕" -sleep 2 -fi -} -acme2(){ -yellow "关闭防火墙,开放所有端口规则" -systemctl stop firewalld.service >/dev/null 2>&1 -systemctl disable firewalld.service >/dev/null 2>&1 -setenforce 0 >/dev/null 2>&1 -ufw disable >/dev/null 2>&1 -iptables -P INPUT ACCEPT >/dev/null 2>&1 -iptables -P FORWARD ACCEPT >/dev/null 2>&1 -iptables -P OUTPUT ACCEPT >/dev/null 2>&1 -iptables -t nat -F >/dev/null 2>&1 -iptables -t mangle -F >/dev/null 2>&1 -iptables -F >/dev/null 2>&1 -iptables -X >/dev/null 2>&1 -netfilter-persistent save >/dev/null 2>&1 -if [[ -n $(apachectl -v 2>/dev/null) ]]; then -systemctl stop httpd.service >/dev/null 2>&1 -systemctl disable httpd.service >/dev/null 2>&1 -service apache2 stop >/dev/null 2>&1 -systemctl disable apache2 >/dev/null 2>&1 -fi -green "所有端口已开放" -sleep 2 -if [[ -n $(lsof -i :80|grep -v "PID") ]]; then -yellow "检测到80端口被占用,现执行80端口全释放" -sleep 2 -lsof -i :80|grep -v "PID"|awk '{print "kill -9",$2}'|sh >/dev/null 2>&1 -green "80端口全释放完毕!" -sleep 2 -fi -} -acme3(){ -readp "请输入注册所需的邮箱(回车跳过则自动生成虚拟gmail邮箱):" Aemail -if [ -z $Aemail ]; then -auto=`date +%s%N |md5sum | cut -c 1-6` -Aemail=$auto@gmail.com -fi -yellow "当前注册的邮箱名称:$Aemail" -green "开始安装acme.sh申请证书脚本" -wget -N https://github.com/Neilpang/acme.sh/archive/master.tar.gz >/dev/null 2>&1 -tar -zxvf master.tar.gz >/dev/null 2>&1 -cd acme.sh-master >/dev/null 2>&1 -./acme.sh --install >/dev/null 2>&1 -cd -curl https://get.acme.sh | sh -s email=$Aemail -[[ -n $(/root/.acme.sh/acme.sh -v 2>/dev/null) ]] && green "安装acme.sh证书申请程序成功" || red "安装acme.sh证书申请程序失败" -bash /root/.acme.sh/acme.sh --upgrade --use-wget --auto-upgrade -} - -checktls(){ -fail(){ -red "遗憾,域名证书申请失败" -yellow "建议一:更换下二级域名名称再尝试执行脚本(重要)" -green "例:原二级域名 x.ygkkk.eu.org 或 x.ygkkk.cf ,在cloudflare中重命名其中的x名称,确定并生效" -echo -yellow "建议二:更换下当前本地网络IP环境,再尝试执行脚本" -rm -rf acme.sh && exit -} -if [[ -f /root/cert.crt && -f /root/private.key ]] && [[ -s /root/cert.crt && -s /root/private.key ]]; then -if [[ -f '/etc/hysteria/config.json' ]]; then -echo ${ym} > /etc/hysteria/ca.log -fi -sed -i '/--cron/d' /etc/crontab -echo "0 0 * * * root bash /root/.acme.sh/acme.sh --cron -f >/dev/null 2>&1" >> /etc/crontab -green "root目录下的域名证书申请成功或已存在!域名证书(cert.crt)和密钥(private.key)已保存到 /root 文件夹" -yellow "公钥文件crt路径如下,可直接复制" -green "/root/cert.crt" -yellow "密钥文件key路径如下,可直接复制" -green "/root/private.key" -rm -rf acme.sh -else -fail -fi -} - -installCA(){ -bash ~/.acme.sh/acme.sh --install-cert -d ${ym} --key-file /root/private.key --fullchain-file /root/cert.crt --ecc -} - -ACMEstandaloneDNS(){ -readp "请输入解析完成的二级域名:" ym -green "已输入的二级域名:$ym" && sleep 1 -domainIP=$(curl -s ipget.net/?ip="$ym") -wro -if [[ $domainIP = $v4 ]]; then -bash /root/.acme.sh/acme.sh --issue -d ${ym} --standalone -k ec-256 --server letsencrypt --insecure -fi -if [[ $domainIP = $v6 ]]; then -bash /root/.acme.sh/acme.sh --issue -d ${ym} --standalone -k ec-256 --server letsencrypt --listen-v6 --insecure -fi -installCA -checktls -} -ACMEDNS(){ -readp "请输入解析完成的域名:" ym -green "已输入的域名:$ym" && sleep 1 -freenom=`echo $ym | awk -F '.' '{print $NF}'` -if [[ $freenom =~ tk|ga|gq|ml|cf ]]; then -red "经检测,你正在使用freenom免费域名解析,不支持当前DNS API模式,脚本退出" && rm -rf acme.sh && exit -fi -domainIP=$(curl -s ipget.net/?ip=acme.sh."$ym") -if [[ -n $(echo $domainIP | grep nginx) ]]; then -green "经检测,当前为单域名证书申请" && sleep 2 -domainIP=$(curl -s ipget.net/?ip="$ym") -else -green "经检测,当前为泛域名证书申请" && sleep 2 -fi -wro -echo -ab="请选择托管域名解析服务商:\n1.Cloudflare\n2.腾讯云DNSPod\n3.阿里云Aliyun\n 请选择:" -readp "$ab" cd -case "$cd" in -1 ) -readp "请复制Cloudflare的Global API Key:" GAK -export CF_Key="$GAK" -readp "请输入登录Cloudflare的注册邮箱地址:" CFemail -export CF_Email="$CFemail" -if [[ $domainIP = $v4 ]]; then -bash /root/.acme.sh/acme.sh --issue --dns dns_cf -d ${ym} -k ec-256 --server letsencrypt --insecure -fi -if [[ $domainIP = $v6 ]]; then -bash /root/.acme.sh/acme.sh --issue --dns dns_cf -d ${ym} -k ec-256 --server letsencrypt --listen-v6 --insecure -fi -;; -2 ) -readp "请复制腾讯云DNSPod的DP_Id:" DPID -export DP_Id="$DPID" -readp "请复制腾讯云DNSPod的DP_Key:" DPKEY -export DP_Key="$DPKEY" -if [[ $domainIP = $v4 ]]; then -bash /root/.acme.sh/acme.sh --issue --dns dns_dp -d ${ym} -k ec-256 --server letsencrypt --insecure -fi -if [[ $domainIP = $v6 ]]; then -bash /root/.acme.sh/acme.sh --issue --dns dns_dp -d ${ym} -k ec-256 --server letsencrypt --listen-v6 --insecure -fi -;; -3 ) -readp "请复制阿里云Aliyun的Ali_Key:" ALKEY -export Ali_Key="$ALKEY" -readp "请复制阿里云Aliyun的Ali_Secret:" ALSER -export Ali_Secret="$ALSER" -if [[ $domainIP = $v4 ]]; then -bash /root/.acme.sh/acme.sh --issue --dns dns_ali -d ${ym} -k ec-256 --server letsencrypt --insecure -fi -if [[ $domainIP = $v6 ]]; then -bash /root/.acme.sh/acme.sh --issue --dns dns_ali -d ${ym} -k ec-256 --server letsencrypt --listen-v6 --insecure -fi -esac -installCA -checktls -} -wro(){ -v4v6 -if [[ -n $(echo $domainIP | grep nginx) ]]; then -yellow "当前域名解析到的IP:无" -red "域名解析无效,请检查域名是否填写正确或稍等几分钟等待解析完成再执行脚本" && rm -rf acme.sh && exit -elif [[ -n $(echo $domainIP | grep ":") || -n $(echo $domainIP | grep ".") ]]; then -if [[ $domainIP != $v4 ]] && [[ $domainIP != $v6 ]]; then -yellow "当前域名解析到的IP:$domainIP" -red "当前域名解析的IP与当前VPS使用的IP不匹配" -green "建议如下:" -yellow "1、请确保CDN小黄云关闭状态(仅限DNS),其他域名解析网站设置同理" -yellow "2、请检查域名解析网站设置的IP是否正确" -rm -rf acme.sh && exit -else -green "恭喜,域名解析正确,当前域名解析到的IP:$domainIP" -fi -fi -} - -acme(){ -yellow "稍等3秒,检测IP环境中" -wgcfv6=$(curl -s6m6 https://www.cloudflare.com/cdn-cgi/trace -k | grep warp | cut -d= -f2) -wgcfv4=$(curl -s4m6 https://www.cloudflare.com/cdn-cgi/trace -k | grep warp | cut -d= -f2) -if [[ ! $wgcfv4 =~ on|plus && ! $wgcfv6 =~ on|plus ]]; then -ab="1.选择standalone独立模式申请证书(仅需域名),安装过程中将强制释放80端口,相关http应用端口可能都将失效,请自行处理。\n2.选择DNS API模式申请证书(需域名、ID、Key),目前支持Cloudflare域名解析平台、腾讯域名解析平台、阿里域名解析平台\n0.返回上一层\n 请选择:" -readp "$ab" cd -case "$cd" in -1 ) acme1 && acme3 && ACMEstandaloneDNS;; -2 ) acme1 && acme3 && ACMEDNS;; -0 ) start_menu;; -esac -else -yellow "检测到正在使用WARP接管VPS出站,现执行临时关闭" -systemctl stop wg-quick@wgcf >/dev/null 2>&1 -green "WARP已临时闭关" -ab="1.选择standalone独立模式申请证书(仅需域名),安装过程中将强制释放80端口,相关http应用端口可能都将失效,请自行处理。\n2.选择DNS API模式申请证书(需域名、ID、Key),目前支持Cloudflare域名解析平台、腾讯域名解析平台、阿里域名解析平台\n0.返回上一层\n 请选择:" -readp "$ab" cd -case "$cd" in -1 ) acme1 && acme3 && ACMEstandaloneDNS;; -2 ) acme1 && acme3 && ACMEDNS;; -0 ) start_menu;; -esac -yellow "现恢复原先WARP接管VPS出站设置,现执行WARP开启" -systemctl start wg-quick@wgcf >/dev/null 2>&1 -green "WARP已恢复开启" -fi -} -Certificate(){ -[[ -z $(/root/.acme.sh/acme.sh -v 2>/dev/null) ]] && yellow "未安装acme.sh证书申请,无法执行" && rm -rf acme.sh && exit -green "Main_Domainc下显示的域名就是已申请成功的域名证书,Renew下显示对应域名证书的自动续期时间点" -bash /root/.acme.sh/acme.sh --list -echo -readp "请输入要撤销并删除的域名证书(复制Main_Domain下显示的域名,退出请按Ctrl+c):" ym -if [[ -n $(bash /root/.acme.sh/acme.sh --list | grep $ym) ]]; then -bash /root/.acme.sh/acme.sh --revoke -d ${ym} --ecc -bash /root/.acme.sh/acme.sh --remove -d ${ym} --ecc -rm -rf cert.crt private.key -green "撤销并删除${ym}域名证书成功" -else -red "未找到你输入的${ym}域名证书,请自行核实!" && exit -fi -} -acmerenew(){ -[[ -z $(/root/.acme.sh/acme.sh -v 2>/dev/null) ]] && yellow "未安装acme.sh证书申请,无法执行" && rm -rf acme.sh && exit -green "Main_Domainc下显示的域名就是已申请成功的域名证书,Renew下显示对应域名证书的自动续期时间点" -bash /root/.acme.sh/acme.sh --list -echo -ab="1.无脑一键续期所有证书(推荐)\n2.选择指定的域名证书续期\n0.返回上一层\n 请选择:" -readp "$ab" cd -case "$cd" in -1 ) -bash /root/.acme.sh/acme.sh --cron -f -checktls -;; -2 ) -readp "请输入要续期的域名证书(复制Main_Domain下显示的域名):" ym -if [[ -n $(bash /root/.acme.sh/acme.sh --list | grep $ym) ]]; then -bash /root/.acme.sh/acme.sh --renew -d ${ym} --force --ecc -checktls -else -red "未找到你输入的${ym}域名证书,请自行核实!" && exit -fi -;; -0 ) start_menu;; -esac -} -uninstall(){ -[[ -z $(/root/.acme.sh/acme.sh -v 2>/dev/null) ]] && yellow "未安装acme.sh证书申请,无法执行" && rm -rf acme.sh && exit -curl https://get.acme.sh | sh -bash /root/.acme.sh/acme.sh --uninstall -rm -rf cert.crt private.key -rm -rf ~/.acme.sh acme.sh -sed -i '/--cron/d' /etc/crontab -[[ -z $(/root/.acme.sh/acme.sh -v 2>/dev/null) ]] && green "acme.sh卸载完毕" || red "acme.sh卸载失败" -} -start_menu(){ -clear -yellow "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" -yellow " 提示:" -yellow " 一、standalone模式仅支持单域名证书申请" -yellow " 二、DNS API模式不支持freenom免费域名申请,支持单域名与泛域名证书申请" -echo -green " 1. acme.sh申请letsencrypt ECC证书(支持standalone模式与DNS API模式) " -green " 2. 查询已申请成功的域名及自动续期时间点;撤销并删除当前已申请的域名证书 " -green " 3. 手动一键续期或指定续期的域名证书 " -green " 4. 卸载一键ACME证书申请脚本 " -green " 0. 退出 " -read -p "请输入数字:" NumberInput -case "$NumberInput" in -1 ) acme;; -2 ) Certificate;; -3 ) acmerenew;; -4 ) uninstall;; -* ) rm -rf acme.sh && exit -esac -} -start_menu "first" diff --git a/config/version b/config/version index 9eadd6ba..d2c4b271 100644 --- a/config/version +++ b/config/version @@ -1 +1 @@ -1.8.6 \ No newline at end of file +1.8.7 \ No newline at end of file diff --git a/install.sh b/install.sh index 384cfed2..7b40764d 100644 --- a/install.sh +++ b/install.sh @@ -1,5 +1,5 @@ #!/bin/bash -curl -sS -H "Accept: application/vnd.github.v3+json" -o "/tmp/tmp_file" 'https://api.github.com/repos/qist/xray-ui/releases/latest' +curl -sS -H "Accept: application/vnd.github.v3+json" -o "/tmp/tmp_file" 'https://api.github.com/repos/qist/xray-ui/releases/latest' releases_version=($(sed 'y/,/\n/' "/tmp/tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}')) rm /tmp/tmp_file -f red='\033[0;31m' @@ -8,18 +8,18 @@ yellow='\033[0;33m' bblue='\033[0;34m' plain='\033[0m' -red(){ echo -e "\033[31m\033[01m$1\033[0m";} -green(){ echo -e "\033[32m\033[01m$1\033[0m";} -yellow(){ echo -e "\033[33m\033[01m$1\033[0m";} -blue(){ echo -e "\033[36m\033[01m$1\033[0m";} -white(){ echo -e "\033[37m\033[01m$1\033[0m";} -readp(){ read -p "$(yellow "$1")" $2;} +red() { echo -e "\033[31m\033[01m$1\033[0m"; } +green() { echo -e "\033[32m\033[01m$1\033[0m"; } +yellow() { echo -e "\033[33m\033[01m$1\033[0m"; } +blue() { echo -e "\033[36m\033[01m$1\033[0m"; } +white() { echo -e "\033[37m\033[01m$1\033[0m"; } +readp() { read -p "$(yellow "$1")" $2; } remoteV=${releases_version} clear -white "Github项目 :github.com/qist" +white "Github项目 :github.com/qist/xray-ui" yellow "感谢xray-ui代码贡献者们(vaxilu)" green "当前安装版本: $remoteV" -yellow "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" +yellow "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" sleep 2 cur_dir=$(pwd) @@ -51,26 +51,27 @@ fi arch=$(arch) if [[ $arch == "x86_64" || $arch == "x64" || $arch == "amd64" ]]; then - arch="amd64" + arch="amd64" elif [[ $arch == "aarch64" || $arch == "arm64" ]]; then - arch="arm64" + arch="arm64" elif [[ $arch == "s390x" ]]; then - arch="s390x" + arch="s390x" else - arch="amd64" - echo -e "${red}检测架构失败,使用默认架构: ${arch}${plain}" + arch="amd64" + echo -e "${red}检测架构失败,使用默认架构: ${arch}${plain}" fi -sys(){ -[ -f /etc/os-release ] && grep -i pretty_name /etc/os-release | cut -d \" -f2 && return -[ -f /etc/lsb-release ] && grep -i description /etc/lsb-release | cut -d \" -f2 && return -[ -f /etc/redhat-release ] && awk '{print $0}' /etc/redhat-release && return;} -op=`sys` -version=`uname -r | awk -F "-" '{print $1}'` -vi=`systemd-detect-virt` +sys() { + [ -f /etc/os-release ] && grep -i pretty_name /etc/os-release | cut -d \" -f2 && return + [ -f /etc/lsb-release ] && grep -i description /etc/lsb-release | cut -d \" -f2 && return + [ -f /etc/redhat-release ] && awk '{print $0}' /etc/redhat-release && return +} +op=$(sys) +version=$(uname -r | awk -F "-" '{print $1}') +vi=$(systemd-detect-virt) white "VPS操作系统: $(blue "$op") \c" && white " 内核版本: $(blue "$version") \c" && white " CPU架构 : $(blue "$arch") \c" && white " 虚拟化类型: $(blue "$vi")" sleep 2 -if [ $(getconf WORD_BIT) != '32' ] && [ $(getconf LONG_BIT) != '64' ] ; then +if [ $(getconf WORD_BIT) != '32' ] && [ $(getconf LONG_BIT) != '64' ]; then echo "本软件不支持 32 位系统(x86),请使用 64 位系统(x86_64),如果检测有误,请联系作者" exit -1 fi @@ -104,99 +105,52 @@ elif [[ x"${release}" == x"amazon_linux" ]]; then fi ports=$(/usr/local/xray-ui/xray-ui 2>&1 | grep tcp | awk '{print $5}' | sed "s/://g") if [[ -n $ports ]]; then -green "经检测,xray-ui已安装" -echo -acp=$(/usr/local/xray-ui/xray-ui setting -show 2>/dev/null) -green "$acp" -echo -readp "是否直接重装xray-ui,请输入Y/y键并回车。如不重装,输入非Y/y键回车退出脚本):" ins -if [[ $ins = [Yy] ]]; then -systemctl stop xray-ui -systemctl disable xray-ui -rm /etc/systemd/system/xray-ui.service -f -systemctl daemon-reload -systemctl reset-failed -rm /etc/xray-ui/ -rf -rm /usr/local/xray-ui/ -rf -rm -rf /root/rayuil.sh /root/acme.sh -sed -i '/xrayuil.sh/d' /etc/crontab -sed -i '/xray-ui restart/d' /etc/crontab -else -exit 1 -fi + green "经检测,xray-ui已安装" + echo + acp=$(/usr/local/xray-ui/xray-ui setting -show 2>/dev/null) + green "$acp" + echo + readp "是否直接重装xray-ui,请输入Y/y键并回车。如不重装,输入非Y/y键回车退出脚本):" ins + if [[ $ins = [Yy] ]]; then + systemctl stop xray-ui + systemctl disable xray-ui + rm /etc/systemd/system/xray-ui.service -f + systemctl daemon-reload + systemctl reset-failed + rm /etc/xray-ui/ -rf + rm /usr/local/xray-ui/ -rf + rm -rf /root/rayuil.sh /root/acme.sh + sed -i '/xrayuil.sh/d' /etc/crontab + sed -i '/xray-ui restart/d' /etc/crontab + else + exit 1 + fi fi install_base() { -if [[ x"${release}" == x"centos" ]]; then -if [[ ${os_version} =~ 8 ]]; then -# cd /etc/yum.repos.d/ && mkdir backup && mv *repo backup/ -# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo -# sed -i -e "s|mirrors.cloud.aliyuncs.com|mirrors.aliyun.com|g " /etc/yum.repos.d/CentOS-* -# sed -i -e "s|releasever|releasever-stream|g" /etc/yum.repos.d/CentOS-* -yum clean all && yum makecache -fi -yum install epel-release -y && yum install wget curl tar gzip lsof -y -else -apt update && apt install wget curl tar lsof gzip -y -fi -vi=`systemd-detect-virt` -if [[ $vi = openvz ]]; then -TUN=$(cat /dev/net/tun 2>&1) -if [[ ! $TUN =~ 'in bad state' ]] && [[ ! $TUN =~ '处于错误状态' ]] && [[ ! $TUN =~ 'Die Dateizugriffsnummer ist in schlechter Verfassung' ]]; then -red "检测到未开启TUN,现尝试添加TUN支持" && sleep 2 -cd /dev -mkdir net -mknod net/tun c 10 200 -chmod 0666 net/tun -TUN=$(cat /dev/net/tun 2>&1) -if [[ ! $TUN =~ 'in bad state' ]] && [[ ! $TUN =~ '处于错误状态' ]] && [[ ! $TUN =~ 'Die Dateizugriffsnummer ist in schlechter Verfassung' ]]; then -green "添加TUN支持失败,建议与VPS厂商沟通或后台设置开启" && exit 0 -else -green "恭喜,添加TUN支持成功" && sleep 2 -cat>/root/tun.sh<<-\EOF -#!/bin/bash -cd /dev -mkdir net -mknod net/tun c 10 200 -chmod 0666 net/tun -EOF -chmod +x /root/tun.sh -grep -qE "^ *@reboot root bash /root/tun.sh >/dev/null 2>&1" /etc/crontab || echo "@reboot root bash /root/tun.sh >/dev/null 2>&1" >> /etc/crontab -fi -fi -fi -# echo -e "${green}关闭防火墙,开放所有端口规则……${plain}" -# sleep 1 -# systemctl stop firewalld.service >/dev/null 2>&1 -# systemctl disable firewalld.service >/dev/null 2>&1 - setenforce 0 >/dev/null 2>&1 -# ufw disable >/dev/null 2>&1 -# iptables -P INPUT ACCEPT >/dev/null 2>&1 -# iptables -P FORWARD ACCEPT >/dev/null 2>&1 -# iptables -P OUTPUT ACCEPT >/dev/null 2>&1 -# iptables -t nat -F >/dev/null 2>&1 -# iptables -t mangle -F >/dev/null 2>&1 -# iptables -F >/dev/null 2>&1 -# iptables -X >/dev/null 2>&1 -# netfilter-persistent save >/dev/null 2>&1 -# if [[ -n $(apachectl -v 2>/dev/null) ]]; then -# systemctl stop httpd.service >/dev/null 2>&1 -# systemctl disable httpd.service >/dev/null 2>&1 -# service apache2 stop >/dev/null 2>&1 -# systemctl disable apache2 >/dev/null 2>&1 -# fi -lsof -i :80|grep -v "PID"|awk '{print "kill -9",$2}'|sh >/dev/null 2>&1 -if [[ -z $(grep 'DiG 9' /etc/hosts) ]]; then -v4=$(curl -s4m5 https://gio.tycng.com/ipinfo -k) -if [ -z $v4 ]; then -echo -e "${green}检测到VPS为纯IPV6 Only,添加dns64${plain}\n" -echo -e nameserver 2001:4860:4860:0:0:0:0:8888 > /etc/resolv.conf -fi -fi + if [[ x"${release}" == x"centos" ]]; then + if [[ ${os_version} =~ 8 ]]; then + yum clean all && yum makecache + fi + yum install epel-release -y && yum install wget curl tar gzip lsof -y + else + apt update && apt install wget curl tar lsof gzip -y + fi + + setenforce 0 >/dev/null 2>&1 + + lsof -i :80 | grep -v "PID" | awk '{print "kill -9",$2}' | sh >/dev/null 2>&1 + if [[ -z $(grep 'DiG 9' /etc/hosts) ]]; then + v4=$(curl -s4m5 https://gio.tycng.com/ipinfo -k) + if [ -z $v4 ]; then + echo -e "${green}检测到VPS为纯IPV6 Only,添加dns64${plain}\n" + echo -e nameserver 2001:4860:4860:0:0:0:0:8888 >/etc/resolv.conf + fi + fi } install_xray-ui() { systemctl stop xray-ui cd /usr/local/ - if [ $# == 0 ] ;then + if [ $# == 0 ]; then wget -N --no-check-certificate -O /usr/local/xray-ui-linux-${arch}.tar.gz https://github.com/qist/xray-ui/releases/download/${releases_version}/xray-ui-linux-${arch}.tar.gz if [[ $? -ne 0 ]]; then echo -e "${red}下载 xray-ui 失败,请确保你的服务器能够下载 Github 的文件${plain}" @@ -230,8 +184,8 @@ install_xray-ui() { systemctl daemon-reload systemctl enable xray-ui systemctl start xray-ui -sleep 2 -cat>/root/xrayuil.sh<<-\EOF + sleep 2 + cat >/root/xrayuil.sh <<-\EOF #!/bin/bash xui=`ps -aux |grep "xray-ui" |grep -v "grep" |wc -l` xray=`ps -aux |grep "xray-linux" |grep -v "grep" |wc -l` @@ -243,76 +197,66 @@ if [ $xray = 0 ];then xray-ui restart fi EOF -chmod +x /root/xrayuil.sh -sed -i '/xrayuil.sh/d' /etc/crontab -echo "*/1 * * * * root bash /root/xrayuil.sh >/dev/null 2>&1" >> /etc/crontab -sed -i '/xray-ui restart/d' /etc/crontab -echo "0 1 1 * * xray-ui restart >/dev/null 2>&1" >> /etc/crontab -sleep 1 -echo -e "" -blue "以下设置内容建议自定义,以防止账号密码及端口泄露" -echo -e "" -readp "设置xray-ui登录用户名(回车跳过为随机6位字符):" username -if [[ -z ${username} ]]; then -uauto=`date +%s%N |md5sum | cut -c 1-6` -username=$uauto -fi -sleep 1 -green "xray-ui登录用户名:${username}" -echo -e "" -readp "设置xray-ui登录密码(回车跳过为随机6位字符):" password -if [[ -z ${password} ]]; then -pauto=`date +%s%N |md5sum | cut -c 1-6` -password=$pauto -fi -green "xray-ui登录密码:${password}" -/usr/local/xray-ui/xray-ui setting -username ${username} -password ${password} >/dev/null 2>&1 -sleep 1 -echo -e "" -readp "设置xray-ui登录端口[1-65535](回车跳过为2000-65535之间的随机端口):" port -if [[ -z $port ]]; then -port=$(shuf -i 2000-65535 -n 1) -until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] -do -[[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用,请重新输入端口" && readp "自定义xray-ui端口:" port -done -else -until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] -do -[[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用,请重新输入端口" && readp "自定义xray-ui端口:" port -done -fi -/usr/local/xray-ui/xray-ui setting -port $port >/dev/null 2>&1 -green "xray-ui登录端口:${port}" -sleep 1 -xray-ui restart -xuilogin(){ -v4=$(curl -s4m8 https://gio.tycng.com/ipinfo -k) -v6=$(curl -s6m8 https://gio.tycng.com/ipinfo -k) -if [[ -z $v4 ]]; then -int="${green}请在浏览器地址栏复制${plain} ${bblue}[$v6]:$ports${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}" -elif [[ -n $v4 && -n $v6 ]]; then -int="${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ports${plain} ${yellow}或者${plain} ${bblue}[$v6]:$ports${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}" -else -int="${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ports${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}" -fi -} -ports=$(/usr/local/xray-ui/xray-ui 2>&1 | grep tcp | awk '{print $5}' | sed "s/://g") -if [[ -n $ports ]]; then -echo -e "" -yellow "xray-ui $remoteV 安装成功,请稍等3秒,检测IP环境,输出xray-ui登录信息……" -wgcfv6=$(curl -s6m8 https://www.cloudflare.com/cdn-cgi/trace -k | grep warp | cut -d= -f2) -wgcfv4=$(curl -s4m8 https://www.cloudflare.com/cdn-cgi/trace -k | grep warp | cut -d= -f2) -if [[ ! $wgcfv4 =~ on|plus && ! $wgcfv6 =~ on|plus ]]; then -xuilogin -else -systemctl stop wg-quick@wgcf >/dev/null 2>&1 -xuilogin -systemctl start wg-quick@wgcf >/dev/null 2>&1 -fi -else -red "xray-ui安装失败,请查看日志,运行 xray-ui log" -fi + chmod +x /root/xrayuil.sh + sed -i '/xrayuil.sh/d' /etc/crontab + echo "*/1 * * * * root bash /root/xrayuil.sh >/dev/null 2>&1" >>/etc/crontab + sed -i '/xray-ui restart/d' /etc/crontab + echo "0 1 1 * * xray-ui restart >/dev/null 2>&1" >>/etc/crontab + sleep 1 + echo -e "" + blue "以下设置内容建议自定义,以防止账号密码及端口泄露" + echo -e "" + readp "设置xray-ui登录用户名(回车跳过为随机6位字符):" username + if [[ -z ${username} ]]; then + uauto=$(date +%s%N | md5sum | cut -c 1-6) + username=$uauto + fi + sleep 1 + green "xray-ui登录用户名:${username}" + echo -e "" + readp "设置xray-ui登录密码(回车跳过为随机6位字符):" password + if [[ -z ${password} ]]; then + pauto=$(date +%s%N | md5sum | cut -c 1-6) + password=$pauto + fi + green "xray-ui登录密码:${password}" + /usr/local/xray-ui/xray-ui setting -username ${username} -password ${password} >/dev/null 2>&1 + sleep 1 + echo -e "" + readp "设置xray-ui登录端口[1-65535](回车跳过为2000-65535之间的随机端口):" port + if [[ -z $port ]]; then + port=$(shuf -i 2000-65535 -n 1) + until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]]; do + [[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用,请重新输入端口" && readp "自定义xray-ui端口:" port + done + else + until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]]; do + [[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用,请重新输入端口" && readp "自定义xray-ui端口:" port + done + fi + /usr/local/xray-ui/xray-ui setting -port $port >/dev/null 2>&1 + green "xray-ui登录端口:${port}" + sleep 1 + xray-ui restart + xuilogin() { + v4=$(curl -s4m8 https://gio.tycng.com/ipinfo -k) + v6=$(curl -s6m8 https://gio.tycng.com/ipinfo -k) + if [[ -z $v4 ]]; then + int="${green}请在浏览器地址栏复制${plain} ${bblue}[$v6]:$ports${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}" + elif [[ -n $v4 && -n $v6 ]]; then + int="${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ports${plain} ${yellow}或者${plain} ${bblue}[$v6]:$ports${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}" + else + int="${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ports${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}" + fi + } + ports=$(/usr/local/xray-ui/xray-ui 2>&1 | grep tcp | awk '{print $5}' | sed "s/://g") + if [[ -n $ports ]]; then + echo -e "" + yellow "xray-ui $remoteV 安装成功,请稍等3秒,检测IP环境,输出xray-ui登录信息……" + xuilogin + else + red "xray-ui安装失败,请查看日志,运行 xray-ui log" + fi sleep 1 echo -e "" echo -e "$int" diff --git a/util/common/network.go b/util/common/network.go index 96836e0d..8064871d 100644 --- a/util/common/network.go +++ b/util/common/network.go @@ -8,7 +8,7 @@ import ( func GetMyIpAddr() string { resp, err := http.Get("https://api64.ipify.org") if err != nil { - resp, _ = http.Get("http://ip.cip.cc") + resp, _ = http.Get("https://gio.tycng.com/ipinfo") } defer resp.Body.Close() s, _ := ioutil.ReadAll(resp.Body) diff --git a/xray-ui.sh b/xray-ui.sh index b7896682..a15fc357 100644 --- a/xray-ui.sh +++ b/xray-ui.sh @@ -3,12 +3,12 @@ red='\033[0;31m' green='\033[0;32m' yellow='\033[0;33m' plain='\033[0m' -green(){ echo -e "\033[32m\033[01m$1\033[0m";} -yellow(){ echo -e "\033[33m\033[01m$1\033[0m";} +green() { echo -e "\033[32m\033[01m$1\033[0m"; } +yellow() { echo -e "\033[33m\033[01m$1\033[0m"; } # check root [[ $EUID -ne 0 ]] && echo -e "${red}错误: ${plain} 必须使用root用户运行此脚本!\n" && exit 1 - + # check os if [[ -f /etc/redhat-release ]]; then release="centos" @@ -58,8 +58,8 @@ elif [[ x"${release}" == x"amazon_linux" ]]; then fi fi -xrayui(){ -cat>/root/xrayuil.sh<<-\EOF +xrayui() { + cat >/root/xrayuil.sh <<-\EOF #!/bin/bash xui=`ps -aux |grep "xray-ui" |grep -v "grep" |wc -l` xray=`ps -aux |grep "xray-linux" |grep -v "grep" |wc -l` @@ -71,9 +71,9 @@ if [ $xray = 0 ];then xray-ui restart fi EOF -chmod +x /root/xrayuil.sh -sed -i '/xrayuil.sh/d' /etc/crontab >/dev/null 2>&1 -echo "*/1 * * * * root bash /root/xrayuil.sh >/dev/null 2>&1" >> /etc/crontab + chmod +x /root/xrayuil.sh + sed -i '/xrayuil.sh/d' /etc/crontab >/dev/null 2>&1 + echo "*/1 * * * * root bash /root/xrayuil.sh >/dev/null 2>&1" >>/etc/crontab } confirm() { @@ -128,22 +128,22 @@ update() { fi arch=$(arch) if [[ $arch == "x86_64" || $arch == "x64" || $arch == "amd64" ]]; then - arch="amd64" + arch="amd64" elif [[ $arch == "aarch64" || $arch == "arm64" ]]; then - arch="arm64" + arch="arm64" elif [[ $arch == "s390x" ]]; then - arch="s390x" + arch="s390x" else - arch="amd64" - echo -e "${red}检测架构失败,使用默认架构: ${arch}${plain}" + arch="amd64" + echo -e "${red}检测架构失败,使用默认架构: ${arch}${plain}" fi systemctl stop xray-ui - curl -sS -H "Accept: application/vnd.github.v3+json" -o "/tmp/tmp_file" 'https://api.github.com/repos/qist/xray-ui/releases/latest' + curl -sS -H "Accept: application/vnd.github.v3+json" -o "/tmp/tmp_file" 'https://api.github.com/repos/qist/xray-ui/releases/latest' releases_version=($(sed 'y/,/\n/' "/tmp/tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}')) rm /tmp/tmp_file -f mkdir -p /tmp/xray cd /tmp/xray - if [ $# == 0 ] ;then + if [ $# == 0 ]; then wget -N --no-check-certificate -O /tmp/xray/xray-ui-linux-${arch}.tar.gz https://github.com/qist/xray-ui/releases/download/${releases_version}/xray-ui-linux-${arch}.tar.gz if [[ $? -ne 0 ]]; then echo -e "${red}下载 xray-ui 失败,请确保你的服务器能够下载 Github 的文件${plain}" @@ -213,9 +213,9 @@ reset_user() { fi return 0 fi - uauto=`date +%s%N |md5sum | cut -c 1-6` + uauto=$(date +%s%N | md5sum | cut -c 1-6) username=$uauto - pauto=`date +%s%N |md5sum | cut -c 1-6` + pauto=$(date +%s%N | md5sum | cut -c 1-6) password=$pauto /usr/local/xray-ui/xray-ui setting -username ${username} -password ${password} >/dev/null 2>&1 green "xray-ui登录用户名:${username}" @@ -251,11 +251,10 @@ set_port() { echo -e "${yellow}已取消${plain}" before_show_menu else -until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] -do -[[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用,请重新输入端口" && readp "自定义xray-ui端口:" port -done -/usr/local/xray-ui/xray-ui setting -port ${port} >/dev/null 2>&1 + until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]]; do + [[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用,请重新输入端口" && readp "自定义xray-ui端口:" port + done + /usr/local/xray-ui/xray-ui setting -port ${port} >/dev/null 2>&1 echo -e "设置端口完毕,现在请重启面板,并使用新设置的端口 ${green}${port}${plain} 访问面板" confirm_restart fi @@ -367,28 +366,16 @@ migrate_v2_ui() { before_show_menu } -acme() { - wget -N https://raw.githubusercontent.com/qist/xray-ui/main/acme.sh && chmod +x acme.sh && ./acme.sh - echo "" - before_show_menu -} - -bbr() { -bash <(curl -L -s https://raw.githubusercontent.com/teddysun/across/master/bbr.sh) - echo "" - before_show_menu -} - x25519() { arch=$(arch) if [[ $arch == "x86_64" || $arch == "x64" || $arch == "amd64" ]]; then - arch="amd64" + arch="amd64" elif [[ $arch == "aarch64" || $arch == "arm64" ]]; then - arch="arm64" + arch="arm64" elif [[ $arch == "s390x" ]]; then - arch="s390x" + arch="s390x" else - arch="amd64" + arch="amd64" fi /usr/local/xray-ui/bin/xray-linux-${arch} x25519 echo "" @@ -425,7 +412,7 @@ check_enabled() { if [[ x"${temp}" == x"enabled" ]]; then return 0 else - return 1; + return 1 fi } @@ -460,16 +447,17 @@ check_install() { show_status() { check_status case $? in - 0) - echo -e "xray-ui面板状态: ${green}已运行${plain}" - show_enable_status - ;; - 1) - echo -e "xray-ui面板状态: ${yellow}未运行${plain}" - show_enable_status - ;; - 2) - echo -e "xray-ui面板状态: ${red}未安装${plain}" + 0) + echo -e "xray-ui面板状态: ${green}已运行${plain}" + show_enable_status + ;; + 1) + echo -e "xray-ui面板状态: ${yellow}未运行${plain}" + show_enable_status + ;; + 2) + echo -e "xray-ui面板状态: ${red}未安装${plain}" + ;; esac show_xray_status } @@ -543,99 +531,121 @@ show_menu() { ${green}13.${plain} 设置 xray-ui 开机自启 ${green}14.${plain} 取消 xray-ui 开机自启 ———————————————— - ${green}15.${plain} 一键ACME申请证书 - ${green}16.${plain} 一键BBR+FQ加速 - ${green}17.${plain} xray REALITY x25519 生成 + ${green}15.${plain} xray REALITY x25519 生成 " show_status echo "------------------------------------------" acp=$(/usr/local/xray-ui/xray-ui setting -show 2>/dev/null) green "$acp" echo "------------------------------------------" - uiV=`/usr/local/xray-ui/xray-ui -v` - curl -sS -H "Accept: application/vnd.github.v3+json" -o "/tmp/tmp_file" 'https://api.github.com/repos/qist/xray-ui/releases/latest' + uiV=$(/usr/local/xray-ui/xray-ui -v) + curl -sS -H "Accept: application/vnd.github.v3+json" -o "/tmp/tmp_file" 'https://api.github.com/repos/qist/xray-ui/releases/latest' remoteV=($(sed 'y/,/\n/' "/tmp/tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}')) rm /tmp/tmp_file -f localV=${uiV} if [ "${localV}" = "${remoteV}" ]; then - green "已安装最新版本:${uiV} ,如有更新,此处会自动提示" + green "已安装最新版本:${uiV} ,如有更新,此处会自动提示" else - green "当前安装的版本:${uiV}" - yellow "检测到最新版本:${remoteV} ,可选择2进行更新!" + green "当前安装的版本:${uiV}" + yellow "检测到最新版本:${remoteV} ,可选择2进行更新!" fi - - echo && read -p "请输入选择 [0-17]: " num + + echo && read -p "请输入选择 [0-15]: " num case "${num}" in - 0) exit 0 - ;; - 1) check_uninstall && install + 0) + exit 0 ;; - 2) check_install && update + 1) + check_uninstall && install ;; - 3) check_install && uninstall + 2) + check_install && update ;; - 4) check_install && reset_user + 3) + check_install && uninstall ;; - 5) check_install && reset_config + 4) + check_install && reset_user ;; - 6) check_install && set_port + 5) + check_install && reset_config ;; - 7) check_install && check_config + 6) + check_install && set_port ;; - 8) check_install && start + 7) + check_install && check_config ;; - 9) check_install && stop + 8) + check_install && start ;; - 10) check_install && restart + 9) + check_install && stop ;; - 11) check_install && status + 10) + check_install && restart ;; - 12) check_install && show_log + 11) + check_install && status ;; - 13) check_install && enable + 12) + check_install && show_log ;; - 14) check_install && disable + 13) + check_install && enable ;; - 15) acme + 14) + check_install && disable ;; - 16) bbr + 15) + x25519 ;; - 17) x25519 - ;; - *) echo -e "${red}请输入正确的数字 [0-17]${plain}" + *) + echo -e "${red}请输入正确的数字 [0-15]${plain}" ;; esac } - if [[ $# > 0 ]]; then case $1 in - "start") check_install 0 && start 0 + "start") + check_install 0 && start 0 ;; - "stop") check_install 0 && stop 0 + "stop") + check_install 0 && stop 0 ;; - "restart") check_install 0 && restart 0 + "restart") + check_install 0 && restart 0 ;; - "status") check_install 0 && status 0 + "status") + check_install 0 && status 0 ;; - "enable") check_install 0 && enable 0 + "enable") + check_install 0 && enable 0 ;; - "disable") check_install 0 && disable 0 + "disable") + check_install 0 && disable 0 ;; - "log") check_install 0 && show_log 0 + "log") + check_install 0 && show_log 0 ;; - "v2-ui") check_install 0 && migrate_v2_ui 0 + "v2-ui") + check_install 0 && migrate_v2_ui 0 ;; - "update") check_install 0 && update 0 + "update") + check_install 0 && update 0 ;; - "install") check_uninstall 0 && install 0 + "install") + check_uninstall 0 && install 0 ;; - "x25519") x25519 0 + "x25519") + x25519 0 ;; - "uninstall") check_install 0 && uninstall 0 + "uninstall") + check_install 0 && uninstall 0 ;; - *) show_usage + *) show_usage ;; esac else show_menu