From 3dcbb4b7d6e50322eac76968195ba3e2f8edbd75 Mon Sep 17 00:00:00 2001 From: paniy <33997505+paniy@users.noreply.github.com> Date: Tue, 25 May 2021 18:01:23 +0800 Subject: [PATCH] ADD reset nginx server --- README.md | 6 +- install.sh | 162 ++++++++++++++++++++++++++++++----------------------- 2 files changed, 94 insertions(+), 74 deletions(-) diff --git a/README.md b/README.md index 5207b17..6ab4fa5 100644 --- a/README.md +++ b/README.md @@ -19,13 +19,13 @@ ### 准备工作 * 准备一个域名,并将A记录添加好。 -* [Xray官方说明](https://xtls.github.io),大概了解 TLS WebSocket gRPC XTLS 及 Xray 相关信息。 +* 阅读[Xray官方说明](https://xtls.github.io),大概了解 TLS WebSocket gRPC XTLS 及 Xray 相关信息。 * **安装好 wget**,Centos用户运行:`yum install -y wget`;Debian/Ubuntu用户运行:`apt install -y wget`。 -### 安装/更新方式(此为Xray版) +### 安装/更新方式 VLESS+Nginx+WebSocket/gRPC+TLS 或 VLESS+XTLS+Nginx+ws+gRPC 或 ws/gRPC ONLY 三选一: ``` -wget -N --no-check-certificate -q -O install.sh "https://raw.githubusercontent.com/paniy/Xray_bash_onekey/main/install.sh" && chmod +x install.sh && bash install.sh +bash <(curl -Ss https://www.idleleo.com/install.sh) ``` ### 注意事项 diff --git a/install.sh b/install.sh index 00e2eae..d8f165e 100644 --- a/install.sh +++ b/install.sh @@ -32,7 +32,7 @@ OK="${Green}[OK]${Font}" Error="${Red}[错误]${Font}" Warning="${Red}[警告]${Font}" -shell_version="1.7.1.2" +shell_version="1.7.1.6" shell_mode="未安装" tls_mode="None" ws_grpc_mode="None" @@ -63,7 +63,7 @@ xray_error_log="/var/log/xray/error.log" amce_sh_file="/root/.acme.sh/acme.sh" ssl_update_file="${idleleo_dir}/ssl_update.sh" cert_group="nobody" -nginx_version="1.20.0" +nginx_version="1.20.1" openssl_version="1.1.1k" jemalloc_version="5.2.1" read_config_status=1 @@ -225,6 +225,15 @@ dependency_install() { fi } +read_optimize() { + read -rp "$1" $2 + [[ -z $(eval echo \$$2) ]] && eval $(echo "$2")="$3" + if [[ $(eval echo \$$2) -le $4 ]] || [[ $(eval echo \$$2) -gt $5 ]]; then + echo -e "${Error} ${RedBG} $6 ${Font}" + read_optimize "$1" "$2" $3 $4 $5 "$6" + fi +} + basic_optimization() { # 最大文件打开数 sed -i '/^\*\ *soft\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf @@ -253,12 +262,7 @@ create_directory() { port_set() { if [[ "on" != ${old_config_status} ]]; then echo -e "${GreenBG} 确定 连接端口 ${Font}" - read -rp "请输入连接端口 (default:443):" port - [[ -z ${port} ]] && port="443" - if [[ ${port} -le 0 ]] || [[ ${port} -gt 65535 ]]; then - echo -e "${Error} ${RedBG} 请输入 0-65535 之间的值! ${Font}" - port_set - fi + read_optimize "请输入连接端口 (default:443):" "port" 443 0 65535 "请输入 0-65535 之间的值!" fi } @@ -436,42 +440,61 @@ UUID_set() { nginx_upstream_server_set() { if [[ ${tls_mode} == "TLS" ]]; then - echo -e "\n${GreenBG} 是否追加 Nginx 负载均衡 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 是否变更 Nginx 负载均衡 [Y/N]? ${Font}" echo -e "${Warning} ${YellowBG} 如不清楚具体用途, 请勿继续! ${Font}" read -r nginx_upstream_server_fq case $nginx_upstream_server_fq in [yY][eE][sS] | [yY]) echo -e "\n${GreenBG} 请选择 追加的协议为 ws 或 gRPC ${Font}" - echo "1: ws" - echo "2: gRPC" - read -rp "请输入: " upstream_net - read -rp "请输入负载均衡 主机 (host):" upstream_host - read -rp "请输入负载均衡 端口 (port):" upstream_port - read -rp "请输入负载均衡 权重 (0~100, 初始值为50):" upstream_weight - if [[ ${upstream_net} == 2 ]]; then - sed -i "/xray-grpc-server/a \\\t\\t\\tserver ${upstream_host}:${upstream_port} weight=${upstream_weight} max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} - else - sed -i "/xray-ws-server/a \\\t\\t\\tserver ${upstream_host}:${upstream_port} weight=${upstream_weight} max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} - fi - iptables -I INPUT -p tcp --dport ${upstream_port} -j ACCEPT - iptables -I INPUT -p udp --dport ${upstream_port} -j ACCEPT - iptables -I OUTPUT -p tcp --sport ${upstream_port} -j ACCEPT - iptables -I OUTPUT -p udp --sport ${upstream_port} -j ACCEPT - echo -e "${OK} ${GreenBG} 防火墙 追加 完成 ${Font}" - if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]]; then - service iptables save + echo "1: 追加配置" + echo "2: 重置配置" + read -rp "请输入: " upstream_choose + if [[ ${upstream_choose} == 2 ]]; then + timeout "即将重置 Nginx 负载均衡配置" wait - service iptables restart - echo -e "${OK} ${GreenBG} 防火墙 重启 完成 ${Font}" + if [[ -f $xray_qr_config_file ]]; then + xport=$(info_extraction '\"ws_port\"') + gport=$(info_extraction '\"grpc_port\"') + rm -rf ${nginx_upstream_conf} + nginx_conf_servers_add + wait + systemctl restart nginx + else + echo -e "${Error} ${RedBG} 未检测到配置文件! ${Font}" + fi else - netfilter-persistent save + echo -e "\n${GreenBG} 请选择 追加的协议为 ws 或 gRPC ${Font}" + echo "1: ws" + echo "2: gRPC" + read -rp "请输入: " upstream_net + read -rp "请输入负载均衡 主机 (host):" upstream_host + read -rp "请输入负载均衡 端口 (port):" upstream_port + read -rp "请输入负载均衡 权重 (0~100, 初始值为50):" upstream_weight + if [[ ${upstream_net} == 2 ]]; then + sed -i "/xray-grpc-server/a \\\t\\t\\tserver ${upstream_host}:${upstream_port} weight=${upstream_weight} max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + else + sed -i "/xray-ws-server/a \\\t\\t\\tserver ${upstream_host}:${upstream_port} weight=${upstream_weight} max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + fi + iptables -I INPUT -p tcp --dport ${upstream_port} -j ACCEPT + iptables -I INPUT -p udp --dport ${upstream_port} -j ACCEPT + iptables -I OUTPUT -p tcp --sport ${upstream_port} -j ACCEPT + iptables -I OUTPUT -p udp --sport ${upstream_port} -j ACCEPT + echo -e "${OK} ${GreenBG} 防火墙 追加 完成 ${Font}" + if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]]; then + service iptables save + wait + service iptables restart + echo -e "${OK} ${GreenBG} 防火墙 重启 完成 ${Font}" + else + netfilter-persistent save + wait + systemctl restart iptables + echo -e "${OK} ${GreenBG} 防火墙 重启 完成 ${Font}" + fi wait - systemctl restart iptables - echo -e "${OK} ${GreenBG} 防火墙 重启 完成 ${Font}" + systemctl restart nginx + judge "追加 Nginx 负载均衡" fi - wait - systemctl restart nginx - judge "追加 Nginx 负载均衡" ;; *) ;; esac @@ -521,11 +544,9 @@ modify_nginx_port() { modify_nginx_other() { sed -i '$i include /etc/idleleo/conf/nginx/*.conf;' ${nginx_dir}/conf/nginx.conf sed -i "s/^\( *\)server_name\( *\).*/\1server_name\2${domain};/g" ${nginx_conf} - if [[ ${tls_mode} != "XTLS" ]]; then + if [[ ${tls_mode} == "TLS" ]]; then sed -i "s/^\( *\)location ws$/\1location \/${path}/" ${nginx_conf} sed -i "s/^\( *\)location grpc$/\1location \/${servicename}/" ${nginx_conf} - sed -i "/#xray-ws-serverc/c \\\t\\t\\tserver 127.0.0.1:${xport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} - sed -i "/#xray-grpc-serverc/c \\\t\\t\\tserver 127.0.0.1:${gport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} if [[ ${shell_mode} == "Nginx+ws+TLS" ]]; then sed -i "s/^\( *\)#proxy_pass\(.*\)/\1proxy_pass\2/" ${nginx_conf} sed -i "s/^\( *\)#proxy_redirect default;/\1proxy_redirect default;/" ${nginx_conf} @@ -541,6 +562,11 @@ modify_nginx_other() { sed -i "/error_page.*504/i \\\t\\tif (\$host = '${local_ip}') {\\n\\t\\t\\treturn 302 https:\/\/www.idleleo.com\/helloworld;\\n\\t\\t}" ${nginx_dir}/conf/nginx.conf } +modify_nginx_servers() { + sed -i "/#xray-ws-serverc/c \\\t\\t\\tserver 127.0.0.1:${xport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + sed -i "/#xray-grpc-serverc/c \\\t\\t\\tserver 127.0.0.1:${gport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} +} + modify_path() { sed -i "s/^\( *\)\"path\".*/\1\"path\": \"\/${path}\"/" ${xray_conf} sed -i "s/^\( *\)\"serviceName\".*/\1\"serviceName\": \"${servicename}\"/" ${xray_conf} @@ -732,8 +758,11 @@ nginx_install() { nginx_update() { if [[ -f "/etc/nginx/sbin/nginx" ]]; then if [[ ${nginx_version} != $(info_extraction '\"nginx_version\"') ]] || [[ ${openssl_version} != $(info_extraction '\"openssl_version\"') ]] || [[ ${jemalloc_version} != $(info_extraction '\"jemalloc_version\"') ]]; then - if [[ ${tls_mode} == "TLS" ]]; then - if [[ -f $xray_qr_config_file ]]; then + ip_check + if [[ -f $xray_qr_config_file ]]; then + domain=$(info_extraction '\"host\"') + if [[ ${tls_mode} == "TLS" ]]; then + port=$(info_extraction '\"port\"') if [[ ${ws_grpc_mode} == "onlyws" ]]; then xport=$(info_extraction '\"ws_port\"') path=$(info_extraction '\"path\"') @@ -756,34 +785,19 @@ nginx_update() { clear bash idleleo fi - else - echo -e "${Error} ${RedBG} 旧配置文件不存在, 退出升级 ${Font}" - timeout "清空屏幕!" - clear - bash idleleo - fi - elif [[ ${tls_mode} == "XTLS" ]]; then - if [[ -f $xray_qr_config_file ]]; then - domain=$(info_extraction '\"host\"') - port=$(info_extraction '\"port\"') - if [[ 0 -eq ${read_config_status} ]]; then - echo -e "${Error} ${RedBG} 旧配置文件不完整, 退出升级 ${Font}" - timeout "清空屏幕!" - clear - bash idleleo - fi - else - echo -e "${Error} ${RedBG} 旧配置文件不存在, 退出升级 ${Font}" + elif [[ ${tls_mode} == "None" ]]; then + echo -e "${Error} ${RedBG} 当前安装模式不需要 Nginx ! ${Font}" timeout "清空屏幕!" clear bash idleleo fi else - echo -e "${Error} ${RedBG} 当前安装模式不需要 Nginx ! ${Font}" + echo -e "${Error} ${RedBG} 旧配置文件不存在, 退出升级 ${Font}" timeout "清空屏幕!" clear bash idleleo fi + wait service_stop timeout "删除旧版 Nginx !" rm -rf ${nginx_dir} @@ -1179,17 +1193,6 @@ nginx_conf_add() { } EOF - touch ${nginx_upstream_conf} - cat >${nginx_upstream_conf} <${nginx_upstream_conf} <