Proxy-Tools/Sing-box
1
0
Fork 0
mirror of https://github.com/schroinerxy/Sing-box.git synced 2026-06-21 20:35:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

VPS一键四合一脚本(reality+vmess-argo+hysteria2+tuic5)

Browse Source
This commit is contained in:
eooce
2024-09-02 07:54:14 +08:00
committed by GitHub
parent d92912e306
commit 5c7f29d7d2
1 changed files with 82 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
sing-box.sh
+82 -35
View File
@@ -177,15 +177,10 @@ install_singbox() {
private_key=$(echo "${output}" | awk '/PrivateKey:/ {print $2}')
public_key=$(echo "${output}" | awk '/PublicKey:/ {print $2}')
iptables -A INPUT -p tcp --dport 8001 -j ACCEPT > /dev/null 2>&1
iptables -A INPUT -p tcp --dport $vless_port -j ACCEPT > /dev/null 2>&1
iptables -A INPUT -p tcp --dport $nginx_port -j ACCEPT > /dev/null 2>&1
iptables -A INPUT -p udp --dport $tuic_port -j ACCEPT > /dev/null 2>&1
iptables -A INPUT -p udp --dport $hy2_port -j ACCEPT > /dev/null 2>&1
iptables -P FORWARD ACCEPT > /dev/null 2>&1
iptables -P OUTPUT ACCEPT > /dev/null 2>&1
iptables -F > /dev/null 2>&1
manage_packages uninstall ufw firewalld iptables-persistent iptables-services > /dev/null 2>&1
iptables -F > /dev/null 2>&1 && iptables -P INPUT ACCEPT > /dev/null 2>&1 && iptables -P FORWARD ACCEPT > /dev/null 2>&1 && iptables -P OUTPUT ACCEPT > /dev/null 2>&1
command -v ip6tables &> /dev/null && ip6tables -F > /dev/null 2>&1 && ip6tables -P INPUT ACCEPT > /dev/null 2>&1 && ip6tables -P FORWARD ACCEPT > /dev/null 2>&1 && ip6tables -P OUTPUT ACCEPT > /dev/null 2>&1
manage_packages uninstall ufw firewalld > /dev/null 2>&1
# 生成自签名证书
openssl ecparam -genkey -name prime256v1 -out "${work_dir}/private.key"
@@ -257,8 +252,6 @@ cat > "${config_dir}" << EOF
{
"tag": "hysteria2",
"type": "hysteria2",
"sniff":true,
"sniff_override_destination":true,
"listen": "::",
"listen_port": $hy2_port,
"users": [
@@ -542,6 +535,7 @@ get_info() {
if [ -f "${work_dir}/argo.log" ]; then
for i in {1..5}; do
purple "$i 次尝试获取ArgoDoamin中..."
argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' "${work_dir}/argo.log")
[ -n "$argodomain" ] && break
sleep 2
@@ -554,8 +548,6 @@ get_info() {
green "\nArgoDomain${purple}$argodomain${re}\n"
yellow "\n温馨提醒:如节点不通,请打开V2rayN里的 “跳过证书验证”,或将节点的跳过证书验证设置为“true”\n"
VMESS="{ \"v\": \"2\", \"ps\": \"${isp}\", \"add\": \"${CFIP}\", \"port\": \"${CFPORT}\", \"id\": \"${uuid}\", \"aid\": \"0\", \"scy\": \"none\", \"net\": \"ws\", \"type\": \"none\", \"host\": \"${argodomain}\", \"path\": \"/vmess?ed=2048\", \"tls\": \"tls\", \"sni\": \"${argodomain}\", \"alpn\": \"\", \"fp\": \"randomized\", \"allowlnsecure\": \"flase\"}"
cat > ${work_dir}/url.txt <<EOF
@@ -570,9 +562,10 @@ EOF
echo ""
while IFS= read -r line; do echo -e "${purple}$line"; done < ${work_dir}/url.txt
base64 -w0 ${work_dir}/url.txt > ${work_dir}/sub.txt
echo ""
green "节点订阅链接:http://${server_ip}/${password}\n\n订阅链接适用于V2rayN,Nekbox,Sterisand,Loon,小火箭,圈X等\n"
$work_dir/qrencode "http://${server_ip}/${password}"
yellow "\n温馨提醒:需打开V2rayN或其他软件里的 “跳过证书验证”,或将节点的Insecure或TLS里设置为“true”\n"
green "节点订阅链接:http://${server_ip}:${nginx_port}/${password}\n\n订阅链接适用于V2rayN,Nekbox,Sterisand,Loon,小火箭,圈X等\n"
green "订阅二维码"
$work_dir/qrencode "http://${server_ip}:${nginx_port}/${password}"
echo ""
}
@@ -601,8 +594,8 @@ events {
http {
server {
listen 80;
listen [::]:80;
listen $nginx_port;
listen [::]:$nginx_port;
location /$password {
alias /etc/sing-box/sub.txt;
@@ -612,12 +605,12 @@ http {
}
EOF
nginx -t
nginx -t > /dev/null
if [ $? -eq 0 ]; then
if [ -f /etc/alpine-release ]; then
touch /run/nginx.pid
pkill -f '[n]ginx'
touch /run/nginx.pid
nginx -s reload
rc-service nginx restart
else
@@ -861,15 +854,15 @@ uninstall_singbox() {
y|Y)
manage_packages uninstall nginx
;;
*)
yellow "取消卸载Nginx\n"
*)
yellow "取消卸载Nginx\n\n"
;;
esac
green "\nsing-box 卸载成功\n"
green "\nsing-box 卸载成功\n\n" && exit 0
;;
*)
purple "已取消卸载操作\n"
purple "已取消卸载操作\n\n"
;;
esac
}
@@ -910,7 +903,9 @@ if [ ${check_singbox} -eq 0 ]; then
skyblue "------------"
green "4. 添加hysteria2端口跳跃"
skyblue "------------"
purple "${purple}5. 返回主菜单"
green "5. 删除hysteria2端口跳跃"
skyblue "------------"
purple "${purple}6. 返回主菜单"
skyblue "------------"
reading "请输入选择: " choice
case "${choice}" in
@@ -1013,17 +1008,45 @@ if [ ${check_singbox} -eq 0 ]; then
;;
4)
purple "端口跳跃需确保跳跃区间的端口没有被占用,nat鸡请注意可用端口范围,否则可能造成节点不通\n"
reading "请输入起始端口 (回车跳过将使用随机端口): " min_port
reading "请输入跳跃起始端口 (回车跳过将使用随机端口): " min_port
[ -z "$min_port" ] && min_port=$(shuf -i 50000-65000 -n 1)
yellow "你的起始端口为:$min_port"
reading "\n请输入结束端口 (需大于起始端口): " max_port
reading "\n请输入跳跃结束端口 (需大于起始端口): " max_port
[ -z "$max_port" ] && max_port=$(($min_port + 100))
yellow "你的结束端口为:$max_port\n"
manage_packages install iptables6 > /dev/null 2>&1
purple "正在安装依赖,并设置端口跳跃规则中,请稍等...\n"
listen_port=$(sed -n '/"tag": "hysteria2"/,/}/s/.*"listen_port": \([0-9]*\).*/\1/p' $config_dir)
iptables -A FORWARD -p udp --dport $min_port:$max_port -j ACCEPT > /dev/null 2>&1
iptables -t nat -A PREROUTING -p udp --dport $min_port:$max_port -j REDIRECT --to-port $listen_port > /dev/null 2>&1
command -v ip6tables &> /dev/null && ip6tables -A FORWARD -p udp --dport $min_port:$max_port -j ACCEPT > /dev/null 2>&1 && ip6tables -t nat -A PREROUTING -p tcp --dport $min_port:$max_port -j REDIRECT --to-port $listen_port > /dev/null 2>&1
iptables -t nat -A PREROUTING -p udp --dport $min_port:$max_port -j DNAT --to-destination :$listen_port > /dev/null
command -v ip6tables &> /dev/null && ip6tables -t nat -A PREROUTING -p udp --dport $min_port:$max_port -j DNAT --to-destination :$listen_port > /dev/null
if [ -f /etc/alpine-release ]; then
iptables-save > /etc/iptables/rules.v4
command -v ip6tables &> /dev/null && ip6tables-save > /etc/iptables/rules.v6
cat << 'EOF' > /etc/init.d/iptables
#!/sbin/openrc-run
depend() {
need net
}
start() {
[ -f /etc/iptables/rules.v4 ] && iptables-restore < /etc/iptables/rules.v4
command -v ip6tables &> /dev/null && [ -f /etc/iptables/rules.v6 ] && ip6tables-restore < /etc/iptables/rules.v6
}
EOF
chmod +x /etc/init.d/iptables && rc-update add iptables default && /etc/init.d/iptables start
elif [ -f /etc/debian_version ]; then
DEBIAN_FRONTEND=noninteractive apt install -y iptables-persistent > /dev/null 2>&1 && netfilter-persistent save > /dev/null 2>&1
systemctl enable netfilter-persistent > /dev/null 2>&1 && systemctl start netfilter-persistent > /dev/null 2>&1
elif [ -f /etc/redhat-release ]; then
manage_packages install iptables-services > /dev/null 2>&1 && service iptables save > /dev/null 2>&1
systemctl enable iptables > /dev/null 2>&1 && systemctl start iptables > /dev/null 2>&1
command -v ip6tables &> /dev/null && service ip6tables save > /dev/null 2>&1
systemctl enable ip6tables > /dev/null 2>&1 && systemctl start ip6tables > /dev/null 2>&1
else
red "未知系统,请自行将跳跃端口转发到主端口" && exit 1
fi
restart_singbox
ip=$(get_realip)
uuid=$(sed -n 's/.*hysteria2:\/\/\([^@]*\)@.*/\1/p' $client_dir)
@@ -1035,7 +1058,24 @@ if [ ${check_singbox} -eq 0 ]; then
while IFS= read -r line; do yellow "$line"; done < ${work_dir}/url.txt
green "\nhysteria2端口跳跃已开启,跳跃端口为:${purple}$min_port-$max_port${re} ${green}请更新订阅或手动复制以上hysteria2节点${re}\n"
;;
5) menu ;;
5)
iptables -t nat -F PREROUTING > /dev/null 2>&1
command -v ip6tables &> /dev/null && ip6tables -t nat -F PREROUTING > /dev/null 2>&1
if [ -f /etc/alpine-release ]; then
rc-update del iptables default && rm -rf /etc/init.d/iptables
elif [ -f /etc/redhat-release ]; then
netfilter-persistent save > /dev/null 2>&1
elif [ -f /etc/redhat-release ]; then
service iptables save > /dev/null 2>&1
command -v ip6tables &> /dev/null && service ip6tables save > /dev/null 2>&1
else
manage_packages uninstall iptables ip6tables iptables-persistent iptables-service > /dev/null 2>&1
fi
sed -i '/hysteria2/s/&mport=[^#&]*//g' /etc/sing-box/url.txt
base64 -w0 $client_dir > /etc/sing-box/sub.txt
green "\n端口跳跃已删除\n"
;;
6) menu ;;
*) read "无效的选项!" ;;
esac
else
@@ -1156,7 +1196,13 @@ else
case "${choice}" in
1) start_argo ;;
2) stop_argo ;;
3) restart_argo ;;
3) clear
if [ -f /etc/alpine-release ]; then
grep -Fq -- '--url http://localhost:8001' /etc/init.d/argo && get_quick_tunnel && change_argo_domain || { green "\n当前使用固定隧道,无需获取临时域名"; sleep 2; menu; }
else
grep -q 'ExecStart=.*--url http://localhost:8001' /etc/systemd/system/argo.service && get_quick_tunnel && change_argo_domain || { green "\n当前使用固定隧道,无需获取临时域名"; sleep 2; menu; }
fi
;;
4)
clear
yellow "\n固定隧道可为json或token,固定隧道端口为8001,自行在cf后台设置\n\njson在f佬维护的站点里获取,获取地址:${purple}https://fscarmen.cloudflare.now.cc${re}\n"
@@ -1247,6 +1293,7 @@ yellow "获取临时argo域名中,请稍等...\n"
sleep 3
if [ -f /etc/sing-box/argo.log ]; then
for i in {1..5}; do
purple "$i 次尝试获取ArgoDoamin中..."
get_argodomain=$(sed -n 's|.*https://\([^/]*trycloudflare\.com\).*|\1|p' /etc/sing-box/argo.log)
[ -n "$get_argodomain" ] && break
sleep 2
@@ -1336,8 +1383,8 @@ while true; do
yellow "sing-box 已经安装!"
else
fix_nginx
manage_packages install nginx jq tar iptables openssl coreutils
[ -n "$(curl -s --max-time 1 ipv6.ip.sb)" ] && manage_packages install ip6tables
manage_packages install nginx jq tar openssl iptables # coreutils
[ -n "$(curl -s --max-time 2 ipv6.ip.sb)" ] && manage_packages install ip6tables
install_singbox
if [ -x "$(command -v systemctl)" ]; then