diff --git a/install.sh b/install.sh index 8db0be2..7173922 100644 --- a/install.sh +++ b/install.sh @@ -32,7 +32,7 @@ OK="${Green}[OK]${Font}" Error="${Red}[错误]${Font}" Warning="${Red}[警告]${Font}" -shell_version="1.7.3.2" +shell_version="1.8.0.1" shell_mode="未安装" tls_mode="None" ws_grpc_mode="None" @@ -67,6 +67,7 @@ myemali="my@example.com" nginx_version="1.20.1" openssl_version="1.1.1k" jemalloc_version="5.2.1" +bt_nginx="None" read_config_status=1 xtls_add_more="off" old_config_status="off" @@ -82,15 +83,15 @@ check_system() { if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]]; then echo -e "${OK} ${GreenBG} 当前系统为 Centos ${VERSION_ID} ${VERSION} ${Font}" INS="yum" - [[ ! -f $xray_qr_config_file ]] && $INS update + [[ ! -f ${xray_qr_config_file} ]] && $INS update elif [[ "${ID}" == "debian" && ${VERSION_ID} -ge 8 ]]; then echo -e "${OK} ${GreenBG} 当前系统为 Debian ${VERSION_ID} ${VERSION} ${Font}" INS="apt" - [[ ! -f $xray_qr_config_file ]] && $INS update + [[ ! -f ${xray_qr_config_file} ]] && $INS update elif [[ "${ID}" == "ubuntu" && $(echo "${VERSION_ID}" | cut -d '.' -f1) -ge 16 ]]; then echo -e "${OK} ${GreenBG} 当前系统为 Ubuntu ${VERSION_ID} ${UBUNTU_CODENAME} ${Font}" INS="apt" - if [[ ! -f $xray_qr_config_file ]]; then + if [[ ! -f ${xray_qr_config_file} ]]; then rm /var/lib/dpkg/lock dpkg --configure -a rm /var/lib/apt/lists/lock @@ -330,6 +331,15 @@ grpc_inbound_port_set() { } firewall_set() { + if [[ ${bt_nginx} == "Yes" ]]; then + echo -e "${Warning} ${YellowBG} 建议使用宝塔面板开放端口, 是否继续 [Y/N]? ${Font}" + read -r btfirewall_fq + case $btfirewall_fq in + [nN][oO]|[nN]) + return 0 + ;; + esac + fi iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT if [[ ${tls_mode} != "None" ]] && [[ "$xtls_add_more" == "off" ]]; then @@ -443,13 +453,14 @@ nginx_upstream_server_set() { if [[ ${upstream_choose} == 2 ]]; then timeout "即将重置 Nginx 负载均衡配置" wait - if [[ -f $xray_qr_config_file ]]; then + if [[ -f ${xray_qr_config_file} ]]; then xport=$(info_extraction '\"ws_port\"') gport=$(info_extraction '\"grpc_port\"') rm -rf ${nginx_upstream_conf} nginx_conf_servers_add wait - systemctl restart nginx + [[ -f ${nginx_systemd_file} ]] && systemctl restart nginx + [[ bt_nginx == "Yes" ]] && /etc/init.d/nginx restart else echo -e "${Error} ${RedBG} 未检测到配置文件! ${Font}" fi @@ -483,8 +494,8 @@ nginx_upstream_server_set() { echo -e "${OK} ${GreenBG} 防火墙 重启 完成 ${Font}" fi wait - systemctl restart nginx - judge "追加 Nginx 负载均衡" + [[ -f ${nginx_systemd_file} ]] && systemctl restart nginx && judge "追加 Nginx 负载均衡" + [[ bt_nginx == "Yes" ]] && /etc/init.d/nginx restart && judge "追加 Nginx 负载均衡" fi ;; *) ;; @@ -526,14 +537,18 @@ modify_inbound_port() { modify_nginx_port() { sed -i "s/^\( *\).*ssl http2;$/\1listen ${port} ssl http2;/" ${nginx_conf} - sed -i "6s/^\( *\).*ssl http2;$/\1listen [::]:${port} ssl http2;/" ${nginx_conf} + sed -i "5s/^\( *\).*ssl http2;$/\1listen [::]:${port} ssl http2;/" ${nginx_conf} judge "Xray port 修改" [[ -f ${xray_qr_config_file} ]] && sed -i "s/^\( *\)\"port\".*/\1\"port\": \"${port}\",/" ${xray_qr_config_file} echo -e "${OK} ${GreenBG} 端口号: ${port} ${Font}" } modify_nginx_other() { - sed -i '$i include /etc/idleleo/conf/nginx/*.conf;' ${nginx_dir}/conf/nginx.conf + if [[ -f ${nginx_dir}/conf/nginx.conf ]] && [[ $(grep -c "server_tokens off;" ${nginx_dir}/conf/nginx.conf) -eq '0' ]] && [[ ${bt_nginx} != "Yes" ]]; then + sed -i '$i include /etc/idleleo/conf/nginx/*.conf;' ${nginx_dir}/conf/nginx.conf + sed -i "/http\( *\){/a \\\tserver_tokens off;" ${nginx_dir}/conf/nginx.conf + sed -i "/error_page.*504/i \\\t\\tif (\$host = '${local_ip}') {\\n\\t\\t\\treturn 302 https:\/\/www.idleleo.com\/helloworld;\\n\\t\\t}" ${nginx_dir}/conf/nginx.conf + fi sed -i "s/^\( *\)server_name\( *\).*/\1server_name\2${domain};/g" ${nginx_conf} if [[ ${tls_mode} == "TLS" ]]; then sed -i "s/^\( *\)location ws$/\1location \/${path}/" ${nginx_conf} @@ -550,7 +565,6 @@ modify_nginx_other() { fi fi sed -i "s/^\( *\)return 301.*/\1return 301 https:\/\/${domain}\$request_uri;/" ${nginx_conf} - sed -i "/error_page.*504/i \\\t\\tif (\$host = '${local_ip}') {\\n\\t\\t\\treturn 302 https:\/\/www.idleleo.com\/helloworld;\\n\\t\\t}" ${nginx_dir}/conf/nginx.conf } modify_nginx_servers() { @@ -665,6 +679,24 @@ nginx_exist_check() { elif [[ -d "/usr/local/nginx/" ]]; then echo -e "${Error} ${RedBG} 检测到其他套件安装的 Nginx, 继续安装会造成冲突, 请处理后安装! ${Font}" exit 1 + elif [[ -d "/www/server/panel/BTPanel" ]]; then + echo -e "${GreenBG} 检测到存在宝塔面板 ${Font}" + if [[ -f "/www/server/nginx/sbin/nginx" ]] && [[ -d "/www/server/panel/vhost/nginx" ]]; then + echo -e "${GreenBG} 检测到宝塔面板已安装 Nginx ${Font}" + bt_nginx="Yes" + wait + else + echo -e "${Warning} ${YellowBG} 检测到宝塔面板未安装 Nginx, 继续安装可能会导致冲突, 是否继续 [Y/N]? ${Font}" + read -r have_btnginx_fq + case $have_btnginx_fq in + [nN][oO]|[nN]) + exit 1 + ;; + *) + nginx_install + ;; + esac + fi else nginx_install fi @@ -736,7 +768,7 @@ nginx_install() { # 修改基本配置 #sed -i 's/#user nobody;/user root;/' ${nginx_dir}/conf/nginx.conf - sed -i "s/worker_processes 1;/worker_processes 4;/" ${nginx_dir}/conf/nginx.conf + sed -i "s/worker_processes 1;/worker_processes auto;/" ${nginx_dir}/conf/nginx.conf sed -i "s/^\( *\)worker_connections 1024;.*/\1worker_connections 4096;/" ${nginx_dir}/conf/nginx.conf # 删除临时文件 @@ -747,10 +779,10 @@ nginx_install() { } nginx_update() { - if [[ -f "/etc/nginx/sbin/nginx" ]]; then + if [[ -f "/etc/nginx/sbin/nginx" ]] && [[ ${bt_nginx} != "Yes" ]]; then if [[ ${nginx_version} != $(info_extraction '\"nginx_version\"') ]] || [[ ${openssl_version} != $(info_extraction '\"openssl_version\"') ]] || [[ ${jemalloc_version} != $(info_extraction '\"jemalloc_version\"') ]]; then ip_check - if [[ -f $xray_qr_config_file ]]; then + if [[ -f ${xray_qr_config_file} ]]; then domain=$(info_extraction '\"host\"') if [[ ${tls_mode} == "TLS" ]]; then port=$(info_extraction '\"port\"') @@ -811,7 +843,7 @@ nginx_update() { echo -e "${OK} ${GreenBG} Nginx 已为最新版 ${Font}" fi else - echo -e "${Error} ${RedBG} Nginx 未安装, 请安装后再试! ${Font}" + echo -e "${Error} ${RedBG} Nginx 未安装或使用宝塔面板 ${Font}" fi } @@ -1002,13 +1034,13 @@ xray_xtls_add_more() { } old_config_exist_check() { - if [[ -f $xray_qr_config_file ]]; then + if [[ -f ${xray_qr_config_file} ]]; then if [[ ${old_tls_mode} == ${tls_mode} ]]; then echo -e "\n${GreenBG} 检测到旧配置文件, 是否读取旧文件配置 [Y/N]? ${Font}" read -r old_config_fq case $old_config_fq in [nN][oO]|[nN]) - rm -rf $xray_qr_config_file + rm -rf ${xray_qr_config_file} echo -e "${OK} ${GreenBG} 已删除旧配置 ${Font}" ;; *) @@ -1027,7 +1059,7 @@ old_config_exist_check() { bash idleleo ;; *) - rm -rf $xray_qr_config_file + rm -rf ${xray_qr_config_file} echo -e "${OK} ${GreenBG} 已删除旧配置 ${Font}" ;; esac @@ -1107,7 +1139,7 @@ old_config_input () { echo -e "${OK} ${GreenBG} 已保留旧配置 ${Font}" ;; *) - rm -rf $xray_qr_config_file + rm -rf ${xray_qr_config_file} old_config_status="off" echo -e "${OK} ${GreenBG} 已删除旧配置 ${Font}" ;; @@ -1118,7 +1150,6 @@ old_config_input () { nginx_conf_add() { touch ${nginx_conf} cat >${nginx_conf} <${nginx_conf} <$xray_qr_config_file <<-EOF + cat >${xray_qr_config_file} <<-EOF { "shell_mode": "${shell_mode}", "ws_grpc_mode": "${ws_grpc_mode}", @@ -1399,6 +1441,7 @@ vless_qr_config_tls_ws() { "net": "ws/gRPC", "path": "${path}", "servicename": "${servicename}", + "bt_nginx": "${bt_nginx}", "nginx_version": "${nginx_version}", "openssl_version": "${openssl_version}", "jemalloc_version": "${jemalloc_version}" @@ -1407,7 +1450,7 @@ EOF } vless_qr_config_xtls() { - cat >$xray_qr_config_file <<-EOF + cat >${xray_qr_config_file} <<-EOF { "shell_mode": "${shell_mode}", "ws_grpc_mode": "${ws_grpc_mode}", @@ -1422,6 +1465,7 @@ vless_qr_config_xtls() { "ws_path": "${artpath}", "grpc_port": "${artgport}", "grpc_servicename": "${artservicename}", + "bt_nginx": "${bt_nginx}", "nginx_version": "${nginx_version}", "openssl_version": "${openssl_version}", "jemalloc_version": "${jemalloc_version}" @@ -1430,7 +1474,7 @@ EOF } vless_qr_config_ws_only() { - cat >$xray_qr_config_file <<-EOF + cat >${xray_qr_config_file} <<-EOF { "host": "${local_ip}", "ws_grpc_mode": "${ws_grpc_mode}", @@ -1519,34 +1563,45 @@ vless_link_image_choice() { } info_extraction() { - grep "$1" $xray_qr_config_file | awk -F '"' '{print $4}' + grep "$1" ${xray_qr_config_file} | awk -F '"' '{print $4}' [[ 0 -ne $? ]] && read_config_status=0 } basic_information() { { echo -e "\n" - if [[ ${shell_mode} == "Nginx+ws+TLS" ]]; then + case ${shell_mode} in + Nginx+ws+TLS) echo -e "${OK} ${GreenBG} Xray+Nginx+ws+TLS 安装成功 ${Font}" - elif [[ ${shell_mode} == "Nginx+gRPC+TLS" ]]; then + ;; + Nginx+gRPC+TLS) echo -e "${OK} ${GreenBG} Xray+Nginx+grpc+TLS 安装成功 ${Font}" - elif [[ ${shell_mode} == "Nginx+ws+gRPC+TLS" ]]; then + ;; + Nginx+ws+gRPC+TLS) echo -e "${OK} ${GreenBG} Xray+Nginx+ws+gRPC+TLS 安装成功 ${Font}" - elif [[ ${shell_mode} == "XTLS+Nginx" ]]; then + ;; + XTLS+Nginx) echo -e "${OK} ${GreenBG} Xray+XTLS+Nginx 安装成功 ${Font}" - elif [[ ${shell_mode} == "XTLS+Nginx+ws" ]]; then + ;; + XTLS+Nginx+ws) echo -e "${OK} ${GreenBG} Xray+XTLS+Nginx+ws 安装成功 ${Font}" - elif [[ ${shell_mode} == "XTLS+Nginx+gRPC" ]]; then + ;; + XTLS+Nginx+gRPC) echo -e "${OK} ${GreenBG} Xray+XTLS+Nginx+gRPC 安装成功 ${Font}" - elif [[ ${shell_mode} == "XTLS+Nginx+ws+gRPC" ]]; then + ;; + XTLS+Nginx+ws+gRPC) echo -e "${OK} ${GreenBG} Xray+XTLS+Nginx+ws+gRPC 安装成功 ${Font}" - elif [[ ${shell_mode} == "ws ONLY" ]]; then + ;; + ws?ONLY) echo -e "${OK} ${GreenBG} ws ONLY 安装成功 ${Font}" - elif [[ ${shell_mode} == "gRPC ONLY" ]]; then + ;; + gRPC?ONLY) echo -e "${OK} ${GreenBG} gRPC ONLY 安装成功 ${Font}" - elif [[ ${shell_mode} == "ws+gRPC ONLY" ]]; then + ;; + ws+gRPC?ONLY) echo -e "${OK} ${GreenBG} ws+gRPC ONLY 安装成功 ${Font}" - fi + ;; + esac echo -e "\n${Warning} ${YellowBG} VLESS 目前分享链接规范为实验阶段, 请自行判断是否适用 ${Font}" echo -e "\n${Red} —————————————— Xray 配置信息 —————————————— ${Font}" echo -e "${Red} 主机 (host):${Font} $(info_extraction '\"host\"') " @@ -1681,7 +1736,11 @@ ssl_judge_and_install() { } nginx_systemd() { - cat >$nginx_systemd_file <${nginx_systemd_file} < /dev/null +[[ -f ${nginx_systemd_file} ]] &&systemctl stop nginx &> /dev/null +[[ bt_nginx == "Yes" ]] && /etc/init.d/nginx stop &> /dev/null wait "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" &> /dev/null "/root/.acme.sh"/acme.sh --installcert -d ${domain} --fullchainpath ${ssl_chainpath}/xray.crt --keypath ${ssl_chainpath}/xray.key --ecc @@ -19,4 +22,5 @@ chmod -f a+rw ${ssl_chainpath}/xray.crt chmod -f a+rw ${ssl_chainpath}/xray.key chown -R nobody:${cert_group} ${ssl_chainpath}/* wait -systemctl start nginx &> /dev/null +[[ -f ${nginx_systemd_file} ]] && systemctl start nginx &> /dev/null +[[ bt_nginx == "Yes" ]] && /etc/init.d/nginx start &> /dev/null