From 7b750f378360cb317a7131f8988c0585dbb692d6 Mon Sep 17 00:00:00 2001 From: paniy Date: Thu, 29 Apr 2021 17:42:31 +0800 Subject: [PATCH] Fix bugs --- README.md | 6 +- install.sh | 284 ++++++++++++++++++++++++++++------------------------- 2 files changed, 152 insertions(+), 138 deletions(-) diff --git a/README.md b/README.md index 7865c7c..5207b17 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -## Xray 基于 Nginx 的 VLESS WebSocket+TLS / XTLS 一键安装脚本 +## Xray+Nginx 包含 VLESS WebSocket/gPRC+TLS / XTLS+TCP 协议的一键安装脚本 [![GitHub stars](https://img.shields.io/github/stars/paniy/Xray_bash_onekey?color=%230885ce)](https://github.com/paniy/Xray_bash_onekey/stargazers) [![GitHub forks](https://img.shields.io/github/forks/paniy/Xray_bash_onekey?color=%230885ce)](https://github.com/paniy/Xray_bash_onekey/network) [![GitHub issues](https://img.shields.io/github/issues/paniy/Xray_bash_onekey)](https://github.com/paniy/Xray_bash_onekey/issues) > 感谢 JetBrains 提供的非商业开源软件开发授权。 @@ -7,19 +7,19 @@ ### 使用说明 * 可以直接输入命令:`idleleo` 管理脚本。 -* 减少直接访问,隐藏代理域名。 * 访问域名 302 跳转至 https://www.idleleo.com/helloworld (了解配置过程可自行修改)。 * 阻止 HTTP 直接访问服务器 IP 。 * 使用来自 [@DuckSoft](https://github.com/DuckSoft) 的分享链接[提案](https://github.com/XTLS/Xray-core/issues/91) (beta),支持 Qv2ray、V2rayN、V2rayNG。 * 使用来自 [XTLS](https://github.com/XTLS/Xray-core/issues/158) 项目的提案,遵循 [UUIDv5](https://tools.ietf.org/html/rfc4122#section-4.3) 标准,可以将自定义字符串映射至 VLESS UUID 。 * 添加负载均衡配置,教程:[XRay进阶玩法 – 搭建后端服务器负载均衡](https://www.idleleo.com/04/5136.html)。 +* 添加 gRPC 协议的支持,具体可见:[Xray进阶玩法 – 使用gRPC协议](https://www.idleleo.com/05/5225.html)。 ### Telegram 群组 * Telegram 交流群:https://t.me/idleleo_chat 。 ### 准备工作 * 准备一个域名,并将A记录添加好。 -* [Xray官方说明](https://xtls.github.io),大概了解 TLS WebSocket XTLS 及 Xray 相关信息。 +* [Xray官方说明](https://xtls.github.io),大概了解 TLS WebSocket gRPC XTLS 及 Xray 相关信息。 * **安装好 wget**,Centos用户运行:`yum install -y wget`;Debian/Ubuntu用户运行:`apt install -y wget`。 ### 安装/更新方式(此为Xray版) diff --git a/install.sh b/install.sh index 8db93ab..8181a06 100644 --- a/install.sh +++ b/install.sh @@ -32,7 +32,7 @@ OK="${Green}[OK]${Font}" Error="${Red}[错误]${Font}" Warning="${Red}[警告]${Font}" -shell_version="1.7.0.1" +shell_version="1.7.1.1" shell_mode="未安装" tls_mode="None" ws_grpc_mode="None" @@ -69,7 +69,7 @@ jemalloc_version="5.2.1" read_config_status=1 xtls_add_more="off" old_config_status="off" -old_shell_mode="None" +old_tls_mode="NULL" random_num=$((RANDOM % 12 + 4)) THREAD=$(($(grep 'processor' /proc/cpuinfo | sort -u | wc -l) + 1)) @@ -81,6 +81,7 @@ check_system() { if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]]; then echo -e "${OK} ${GreenBG} 当前系统为 Centos ${VERSION_ID} ${VERSION} ${Font}" INS="yum" + [[ ! -f $xray_qr_config_file ]] && $INS update elif [[ "${ID}" == "debian" && ${VERSION_ID} -ge 8 ]]; then echo -e "${OK} ${GreenBG} 当前系统为 Debian ${VERSION_ID} ${VERSION} ${Font}" INS="apt" @@ -122,7 +123,7 @@ is_root() { judge() { if [[ 0 -eq $? ]]; then echo -e "${OK} ${GreenBG} $1 完成 ${Font}" - sleep 1 + sleep 0.5 wait else echo -e "${Error} ${RedBG} $1 失败 ${Font}" @@ -155,7 +156,7 @@ pkg_install() { judge "安装 ${1//,/ }" else echo -e "${OK} ${GreenBG} 已安装 ${1//,/ } ${Font}" - sleep 1 + sleep 0.5 fi else if [[ -z $(pkg_install_judge "$1") ]]; then @@ -163,7 +164,7 @@ pkg_install() { judge "安装 $1" else echo -e "${OK} ${GreenBG} 已安装 $1 ${Font}" - sleep 1 + sleep 0.5 fi fi } @@ -262,7 +263,7 @@ port_set() { } ws_grpc_choose() { - echo -e "${GreenBG} 请选择 安装协议 ws/gRPC ${Font}" + echo -e "\n${GreenBG} 请选择 安装协议 ws/gRPC ${Font}" echo "1: ws" echo "2: gRPC" echo "3: ws+gRPC (默认)" @@ -286,11 +287,11 @@ ws_grpc_choose() { ws_inbound_port_set() { if [[ "on" != ${old_config_status} ]]; then if [[ ${ws_grpc_mode} == "onlyws" ]] || [[ ${ws_grpc_mode} == "all" ]]; then - echo -e "${GreenBG} 是否需要自定义 ws inbound_port [Y/N]? ${Font}" + echo -e "\n${GreenBG} 是否需要自定义 ws inbound_port [Y/N]? ${Font}" read -r inbound_port_modify_fq case $inbound_port_modify_fq in [yY][eE][sS] | [yY]) - read -rp "请输入自定义 ws inbound_port (请勿与连接端口相同!):" xport + read -rp "请输入自定义 ws inbound_port (请勿与其他端口相同!):" xport if [[ ${xport} -le 0 ]] || [[ ${xport} -gt 65535 ]]; then echo -e "${Error} ${RedBG} 请输入 0-65535 之间的值! ${Font}" ws_inbound_port_set @@ -311,11 +312,11 @@ ws_inbound_port_set() { grpc_inbound_port_set() { if [[ "on" != ${old_config_status} ]]; then if [[ ${ws_grpc_mode} == "onlygRPC" ]] || [[ ${ws_grpc_mode} == "all" ]]; then - echo -e "${GreenBG} 是否需要自定义 gRPC inbound_port [Y/N]? ${Font}" + echo -e "\n${GreenBG} 是否需要自定义 gRPC inbound_port [Y/N]? ${Font}" read -r inbound_port_modify_fq case $inbound_port_modify_fq in [yY][eE][sS] | [yY]) - read -rp "请输入自定义 gRPC inbound_port (请勿与连接端口相同!):" xport + read -rp "请输入自定义 gRPC inbound_port (请勿与其他端口相同!):" gport if [[ ${gport} -le 0 ]] || [[ ${gport} -gt 65535 ]]; then echo -e "${Error} ${RedBG} 请输入 0-65535 之间的值! ${Font}" grpc_inbound_port_set @@ -370,20 +371,20 @@ firewall_set() { ws_path_set() { if [[ "on" != ${old_config_status} ]]; then if [[ ${ws_grpc_mode} == "onlyws" ]] || [[ ${ws_grpc_mode} == "all" ]]; then - echo -e "${GreenBG} 是否需要自定义 ws 伪装路径 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 是否需要自定义 ws 伪装路径 [Y/N]? ${Font}" read -r path_modify_fq case $path_modify_fq in [yY][eE][sS] | [yY]) - read -rp "请输入自定义 ws 伪装路径 (不需要“/”):" camouflage - echo -e "${OK} ${GreenBG} ws 伪装路径: ${camouflage} ${Font}" + read -rp "请输入自定义 ws 伪装路径 (不需要“/”):" path + echo -e "${OK} ${GreenBG} ws 伪装路径: ${path} ${Font}" ;; *) - camouflage="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" - echo -e "${OK} ${GreenBG} ws 伪装路径: ${camouflage} ${Font}" + path="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" + echo -e "${OK} ${GreenBG} ws 伪装路径: ${path} ${Font}" ;; esac else - camouflage="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" + path="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" fi fi } @@ -391,7 +392,7 @@ ws_path_set() { grpc_path_set() { if [[ "on" != ${old_config_status} ]]; then if [[ ${ws_grpc_mode} == "onlygRPC" ]] || [[ ${ws_grpc_mode} == "all" ]]; then - echo -e "${GreenBG} 是否需要自定义 gRPC 伪装路径 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 是否需要自定义 gRPC 伪装路径 [Y/N]? ${Font}" read -r path_modify_fq case $path_modify_fq in [yY][eE][sS] | [yY]) @@ -412,7 +413,7 @@ grpc_path_set() { UUID_set() { if [[ "on" != ${old_config_status} ]]; then - echo -e "${GreenBG} 是否需要自定义字符串映射为 UUIDv5 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 是否需要自定义字符串映射为 UUIDv5 [Y/N]? ${Font}" read -r need_UUID5 case $need_UUID5 in [yY][eE][sS] | [yY]) @@ -435,22 +436,22 @@ UUID_set() { nginx_upstream_server_set() { if [[ ${tls_mode} == "TLS" ]]; then - echo -e "${GreenBG} 是否追加 Nginx 负载均衡 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 是否追加 Nginx 负载均衡 [Y/N]? ${Font}" echo -e "${Warning} ${YellowBG} 如不清楚具体用途, 请勿继续! ${Font}" read -r nginx_upstream_server_fq case $nginx_upstream_server_fq in [yY][eE][sS] | [yY]) - echo -e "${GreenBG} 请选择 追加的协议为 ws 或 gRPC ${Font}" + echo -e "\n${GreenBG} 请选择 追加的协议为 ws 或 gRPC ${Font}" echo "1: ws" echo "2: gRPC" read -rp "请输入: " upstream_net read -rp "请输入负载均衡 主机 (host):" upstream_host read -rp "请输入负载均衡 端口 (port):" upstream_port - read -rp "请输入负载均衡 权重 (0~100, 初始值为50):" upstream_weight - if [[ ${upstream_net} == 1 ]]; then - sed -i "/xray-ws-server/a \\\t\\t\\t\\tserver ${upstream_host}:${upstream_port} weight=${upstream_weight} max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} - elif [[ ${upstream_net} == 2 ]]; then - sed -i "/xray-grpc-server/a \\\t\\t\\t\\tserver ${upstream_host}:${upstream_port} weight=${upstream_weight} max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + read -rp "请输入负载均衡 权重 (0~100, 初始值为50):" upstream_weight + if [[ ${upstream_net} == 2 ]]; then + sed -i "/xray-grpc-server/a \\\t\\t\\tserver ${upstream_host}:${upstream_port} weight=${upstream_weight} max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + else + sed -i "/xray-ws-server/a \\\t\\t\\tserver ${upstream_host}:${upstream_port} weight=${upstream_weight} max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} fi iptables -I INPUT -p tcp --dport ${upstream_port} -j ACCEPT iptables -I INPUT -p udp --dport ${upstream_port} -j ACCEPT @@ -503,7 +504,7 @@ modify_inbound_port() { elif [[ ${tls_mode} == "XTLS" ]]; then # sed -i "/\"port\"/c \ \"port\":${port}," ${xray_conf} sed -i "8s/^\( *\)\"port\".*/\1\"port\": ${port},/" ${xray_conf} - sed -i "3s/^\( *\)\"port\".*/\1\"port\": ${xport},/" ${xray_conf} + sed -i "38s/^\( *\)\"port\".*/\1\"port\": ${xport},/" ${xray_conf} sed -i "59s/^\( *\)\"port\".*/\1\"port\": ${gport},/" ${xray_conf} fi judge "Xray inbound port 修改" @@ -519,27 +520,29 @@ modify_nginx_port() { modify_nginx_other() { sed -i '$i include /etc/idleleo/conf/nginx/*.conf;' ${nginx_dir}/conf/nginx.conf - sed -i "s/^\( *\)server_name.*/\1server_name ${domain};/" ${nginx_conf} + sed -i "s/^\( *\)server_name\( *\).*/\1server_name\2${domain};/g" ${nginx_conf} if [[ ${tls_mode} != "XTLS" ]]; then - sed -i "s/^\( *\)location ws$/\1location \/${camouflage}/" ${nginx_conf} + sed -i "s/^\( *\)location ws$/\1location \/${path}/" ${nginx_conf} sed -i "s/^\( *\)location grpc$/\1location \/${servicename}/" ${nginx_conf} + sed -i "/#xray-ws-serverc/c \\\t\\t\\tserver 127.0.0.1:${xport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + sed -i "/#xray-grpc-serverc/c \\\t\\t\\tserver 127.0.0.1:${gport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} if [[ ${shell_mode} == "Nginx+ws+TLS" ]]; then - sed -i "/#xray-ws-serverc/c \\\t\\t\\t\\tserver 127.0.0.1:${xport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + sed -i "s/^\( *\)#proxy_pass\(.*\)/\1proxy_pass\2/" ${nginx_conf} + sed -i "s/^\( *\)#proxy_redirect default;/\1proxy_redirect default;/" ${nginx_conf} elif [[ ${shell_mode} == "Nginx+gRPC+TLS" ]]; then - sed -i "/#xray-grpc-serverc/c \\\t\\t\\t\\tserver 127.0.0.1:${gport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + sed -i "s/^\( *\)#grpc_pass\(.*\)/\1grpc_pass\2/" ${nginx_conf} elif [[ ${shell_mode} == "Nginx+ws+gRPC+TLS" ]]; then - sed -i "/#xray-ws-serverc/c \\\t\\t\\t\\tserver 127.0.0.1:${xport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} - sed -i "/#xray-grpc-serverc/c \\\t\\t\\t\\tserver 127.0.0.1:${gport} weight=50 max_fails=5 fail_timeout=2;" ${nginx_upstream_conf} + sed -i "s/^\( *\)#proxy_pass\(.*\)/\1proxy_pass\2/" ${nginx_conf} + sed -i "s/^\( *\)#proxy_redirect default;/\1proxy_redirect default;/" ${nginx_conf} + sed -i "s/^\( *\)#grpc_pass\(.*\)/\1grpc_pass\2/" ${nginx_conf} fi fi - sed -i "s/^\( *\)return$/\1return 301 https://${domain}\$request_uri;/" ${nginx_conf} - sed -i "s/^\( *\)returc$/\1return 302 https://www.idleleo.com/helloworld;/" ${nginx_conf} - sed -i "s/^\( *\)locatioc$/\1location \//" ${nginx_conf} + sed -i "s/^\( *\)return 301.*/\1return 301 https:\/\/${domain}\$request_uri;/" ${nginx_conf} sed -i "/error_page.*504/i \\\t\\tif (\$host = '${local_ip}') {\\n\\t\\t\\treturn 302 https:\/\/www.idleleo.com\/helloworld;\\n\\t\\t}" ${nginx_dir}/conf/nginx.conf } modify_path() { - sed -i "s/^\( *\)\"path\".*/\1\"path\": \"\/${camouflage}\"/" ${xray_conf} + sed -i "s/^\( *\)\"path\".*/\1\"path\": \"\/${path}\"/" ${xray_conf} sed -i "s/^\( *\)\"serviceName\".*/\1\"serviceName\": \"${servicename}\"/" ${xray_conf} if [[ ${tls_mode} != "XTLS" ]] || [[ "$xtls_add_more" == "off" ]]; then judge "Xray 伪装路径 修改" @@ -716,7 +719,7 @@ nginx_install() { # 修改基本配置 #sed -i 's/#user nobody;/user root;/' ${nginx_dir}/conf/nginx.conf - sed -i 's/worker_processes 1;/worker_processes 4;/' ${nginx_dir}/conf/nginx.conf + sed -i "s/worker_processes 1;/worker_processes 4;/" ${nginx_dir}/conf/nginx.conf sed -i "s/^\( *\)worker_connections 1024;.*/\1worker_connections 4096;/" ${nginx_dir}/conf/nginx.conf # 删除临时文件 @@ -733,17 +736,17 @@ nginx_update() { if [[ -f $xray_qr_config_file ]]; then if [[ ${ws_grpc_mode} == "onlyws" ]]; then xport=$(info_extraction '\"ws_port\"') - camouflage=$(info_extraction '\"path\"') + path=$(info_extraction '\"path\"') gport=$((RANDOM + 10000)) servicename="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" elif [[ ${ws_grpc_mode} == "onlygRPC" ]]; then gport=$(info_extraction '\"grpc_port\"') servicename=$(info_extraction '\"servicename\"') xport=$((RANDOM + 10000)) - camouflage="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" + path="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" elif [[ ${ws_grpc_mode} == "all" ]]; then xport=$(info_extraction '\"ws_port\"') - camouflage=$(info_extraction '\"path\"') + path=$(info_extraction '\"path\"') gport=$(info_extraction '\"grpc_port\"') servicename=$(info_extraction '\"servicename\"') fi @@ -822,7 +825,7 @@ ssl_install() { domain_check() { echo -e "\n${GreenBG} 确定 域名 信息 ${Font}" read -rp "请输入你的域名信息 (eg:www.idleleo.com):" domain - echo -e "${GreenBG} 请选择 公网IP 为 IPv4 或 IPv6 ${Font}" + echo -e "\n${GreenBG} 请选择 公网IP 为 IPv4 或 IPv6 ${Font}" echo "1: IPv4 (默认)" echo "2: IPv6 (不推荐)" read -rp "请输入: " ip_version @@ -939,18 +942,21 @@ xray_conf_add() { wget --no-check-certificate https://raw.githubusercontent.com/paniy/Xray_bash_onekey/main/VLESS_xtls/config.json -O config.json xray_xtls_add_more elif [[ ${tls_mode} == "None" ]]; then + wget --no-check-certificate https://raw.githubusercontent.com/paniy/Xray_bash_onekey/main/VLESS_tls/config.json -O config.json modify_listen_address + modify_path + modify_inbound_port fi modify_alterid modify_UUID } xray_xtls_add_more() { - artcamouflage="None" + artpath="None" artxport="None" artservicename="None" artgport="None" - echo -e "${GreenBG} 是否添加简单 ws/gRPC 协议 用于负载均衡 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 是否添加简单 ws/gRPC 协议 用于负载均衡 [Y/N]? ${Font}" echo -e "${Warning} ${YellowBG} 如不清楚具体用途, 请勿选择! ${Font}" read -r xtls_add_more_fq case $xtls_add_more_fq in @@ -958,8 +964,8 @@ xray_xtls_add_more() { xtls_add_more="on" ws_grpc_choose ws_inbound_port_set - ws_path_set grpc_inbound_port_set + ws_path_set grpc_path_set port_exist_check "${xport}" port_exist_check "${gport}" @@ -969,22 +975,22 @@ xray_xtls_add_more() { judge "添加简单 ws/gRPC 协议" if [[ ${ws_grpc_mode} == "onlyws" ]]; then artxport=${xport} - artcamouflage=${camouflage} + artpath=${path} elif [[ ${ws_grpc_mode} == "onlygRPC" ]]; then - artxport=${gport} - artcamouflage=${servicename} + artgport=${gport} + artservicename=${servicename} elif [[ ${ws_grpc_mode} == "all" ]]; then artxport=${xport} - artcamouflage=${camouflage} - artxport=${gport} - artcamouflage=${servicename} + artpath=${path} + artgport=${gport} + artservicename=${servicename} fi ;; *) xtls_add_more="off" ws_inbound_port_set - ws_path_set grpc_inbound_port_set + ws_path_set grpc_path_set modify_path modify_inbound_port @@ -995,22 +1001,22 @@ xray_xtls_add_more() { old_config_exist_check() { if [[ -f $xray_qr_config_file ]]; then - if [[ ${old_shell_mode} == ${shell_mode} ]]; then - echo -e "${GreenBG} 检测到旧配置文件, 是否读取旧文件配置 [Y/N]? ${Font}" + if [[ ${old_tls_mode} == ${tls_mode} ]]; then + echo -e "\n${GreenBG} 检测到旧配置文件, 是否读取旧文件配置 [Y/N]? ${Font}" read -r old_config_fq case $old_config_fq in - [yY][eE][sS] | [yY]) + [nN][oO]|[nN]) + rm -rf $xray_qr_config_file + echo -e "${OK} ${GreenBG} 已删除旧配置 ${Font}" + ;; + *) echo -e "${OK} ${GreenBG} 已保留旧配置 ${Font}" old_config_status="on" old_config_input ;; - *) - rm -rf $xray_qr_config_file - echo -e "${OK} ${GreenBG} 已删除旧配置 ${Font}" - ;; esac else - echo -e "${GreenBG} 检测到当前安装模式与旧配置的安装模式不一致, 是否保留旧配置文件 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 检测到当前安装模式与旧配置的安装模式不一致, 是否保留旧配置文件 [Y/N]? ${Font}" read -r old_config_fq case $old_config_fq in [yY][eE][sS] | [yY]) @@ -1034,17 +1040,17 @@ old_config_input () { UUID=$(info_extraction '\id\"') if [[ ${ws_grpc_mode} == "onlyws" ]]; then xport=$(info_extraction '\"ws_port\"') - camouflage=$(info_extraction '\"path\"') + path=$(info_extraction '\"path\"') gport=$((RANDOM + 10000)) servicename="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" elif [[ ${ws_grpc_mode} == "onlygRPC" ]]; then gport=$(info_extraction '\"grpc_port\"') servicename=$(info_extraction '\"servicename\"') xport=$((RANDOM + 10000)) - camouflage="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" + path="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" elif [[ ${ws_grpc_mode} == "all" ]]; then xport=$(info_extraction '\"ws_port\"') - camouflage=$(info_extraction '\"path\"') + path=$(info_extraction '\"path\"') gport=$(info_extraction '\"grpc_port\"') servicename=$(info_extraction '\"servicename\"') fi @@ -1055,17 +1061,17 @@ old_config_input () { if [[ ${xtls_add_more} == "on" ]]; then if [[ ${ws_grpc_mode} == "onlyws" ]]; then xport=$(info_extraction '\"ws_port\"') - camouflage=$(info_extraction '\"ws_path\"') + path=$(info_extraction '\"ws_path\"') gport=$((RANDOM + 10000)) servicename="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" elif [[ ${ws_grpc_mode} == "onlygRPC" ]]; then gport=$(info_extraction '\"grpc_port\"') servicename=$(info_extraction '\"grpc_servicename\"') xport=$((RANDOM + 10000)) - camouflage="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" + path="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" elif [[ ${ws_grpc_mode} == "all" ]]; then xport=$(info_extraction '\"ws_port\"') - camouflage=$(info_extraction '\"ws_path\"') + path=$(info_extraction '\"ws_path\"') gport=$(info_extraction '\"grpc_port\"') servicename=$(info_extraction '\"grpc_servicename\"') fi @@ -1075,23 +1081,23 @@ old_config_input () { UUID=$(info_extraction '\id\"') if [[ ${ws_grpc_mode} == "onlyws" ]]; then xport=$(info_extraction '\"ws_port\"') - camouflage=$(info_extraction '\"path\"') + path=$(info_extraction '\"path\"') gport=$((RANDOM + 10000)) servicename="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" elif [[ ${ws_grpc_mode} == "onlygRPC" ]]; then gport=$(info_extraction '\"grpc_port\"') servicename=$(info_extraction '\"servicename\"') xport=$((RANDOM + 10000)) - camouflage="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" + path="$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})" elif [[ ${ws_grpc_mode} == "all" ]]; then xport=$(info_extraction '\"ws_port\"') - camouflage=$(info_extraction '\"path\"') + path=$(info_extraction '\"path\"') gport=$(info_extraction '\"grpc_port\"') servicename=$(info_extraction '\"servicename\"') fi fi if [[ 0 -eq ${read_config_status} ]]; then - echo -e "${GreenBG} 检测到旧配置文件不完整, 是否保留旧配置文件 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 检测到旧配置文件不完整, 是否保留旧配置文件 [Y/N]? ${Font}" read -r old_config_input_fq case $old_config_input_fq in [yY][eE][sS] | [yY]) @@ -1133,22 +1139,22 @@ nginx_conf_add() { location grpc { - grpc_pass grpc://xray-grpc-server; - grpc_read_timeout 1800s; - grpc_connect_timeout 180s; - grpc_send_timeout 180s; - grpc_set_header X-Real-IP $remote_addr; - grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + #grpc_pass grpc://xray-grpc-server; + grpc_connect_timeout 60s; + grpc_read_timeout 720m; + grpc_send_timeout 720m; + grpc_set_header X-Real-IP \$remote_addr; + grpc_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; } location ws { - proxy_pass http://xray-ws-server; - proxy_redirect default; + #proxy_pass http://xray-ws-server; + #proxy_redirect default; proxy_http_version 1.1; - proxy_connect_timeout 180s; - proxy_send_timeout 180s; - proxy_read_timeout 1800s; + proxy_connect_timeout 60s; + proxy_send_timeout 720m; + proxy_read_timeout 720m; proxy_buffering off; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; @@ -1160,9 +1166,9 @@ nginx_conf_add() { proxy_set_header Early-Data \$ssl_early_data; } - locatioc + location / { - returc + return 302 https://www.idleleo.com/helloworld; } } server { @@ -1193,22 +1199,24 @@ nginx_conf_add_xtls() { touch ${nginx_conf} cat >${nginx_conf} <"${xray_info_file}" + } > "${xray_info_file}" } show_information() { @@ -1577,7 +1591,7 @@ show_information() { ssl_judge_and_install() { if [[ -f "${ssl_chainpath}/xray.key" && -f "${ssl_chainpath}/xray.crt" ]] && [[ -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]]; then - echo -e "${GreenBG} 所有证书文件均已存在, 是否保留 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 所有证书文件均已存在, 是否保留 [Y/N]? ${Font}" read -r ssl_delete_1 case $ssl_delete_1 in [nN][oO]|[nN]) @@ -1592,7 +1606,7 @@ ssl_judge_and_install() { ;; esac elif [[ -f "${ssl_chainpath}/xray.key" || -f "${ssl_chainpath}/xray.crt" ]] && [[ ! -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && ! -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]]; then - echo -e "${GreenBG} 证书文件已存在, 是否保留 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 证书文件已存在, 是否保留 [Y/N]? ${Font}" read -r ssl_delete_2 case $ssl_delete_2 in [nN][oO]|[nN]) @@ -1606,7 +1620,7 @@ ssl_judge_and_install() { ;; esac elif [[ -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]] && [[ ! -f "${ssl_chainpath}/xray.key" || ! -f "${ssl_chainpath}/xray.crt" ]]; then - echo -e "${GreenBG} 证书签发残留文件已存在, 是否保留 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 证书签发残留文件已存在, 是否保留 [Y/N]? ${Font}" read -r ssl_delete_3 case $ssl_delete_3 in [nN][oO]|[nN]) @@ -1651,7 +1665,7 @@ EOF tls_type() { if [[ -f "/etc/nginx/sbin/nginx" ]] && [[ -f "$nginx_conf" ]] && [[ ${tls_mode} != "None" ]]; then - echo -e "${GreenBG} 请选择支持的 TLS 版本 (default:2): ${Font}" + echo -e "\n${GreenBG} 请选择支持的 TLS 版本 (default:2): ${Font}" echo "建议选择 TLS1.2 and TLS1.3 (一般模式)" echo "1: TLS1.1 TLS1.2 and TLS1.3 (兼容模式)" echo "2: TLS1.2 and TLS1.3 (一般模式)" @@ -1660,22 +1674,22 @@ tls_type() { [[ -z ${tls_version} ]] && tls_version=2 if [[ $tls_version == 3 ]]; then if [[ ${tls_mode} == "TLS" ]]; then - sed -i "s/^\( *\)ssl_protocols.*/\1ssl_protocols\\t\\tTLSv1.3;/" $nginx_conf + sed -i "s/^\( *\)ssl_protocols\( *\).*/\1ssl_protocols\2TLSv1.3;/" $nginx_conf else sed -i "s/^\( *\)\"minVersion\".*/\1\"minVersion\": \"1.3\",/" ${xray_conf} fi echo -e "${OK} ${GreenBG} 已切换至 TLS1.3 only ${Font}" elif [[ $tls_version == 1 ]]; then if [[ ${tls_mode} == "TLS" ]]; then - sed -i "s/^\( *\)ssl_protocols.*/\1ssl_protocols\\t\\tTLSv1.1 TLSv1.2 TLSv1.3;/" $nginx_conf + sed -i "s/^\( *\)ssl_protocols\( *\).*/\1ssl_protocols\2TLSv1.1 TLSv1.2 TLSv1.3;/" $nginx_conf echo -e "${OK} ${GreenBG} 已切换至 TLS1.1 TLS1.2 and TLS1.3 ${Font}" else - echo -e "${Error} ${RedBG} XTLS最低版本应大于 TLS1.1, 请重新选择! ${Font}" + echo -e "${Error} ${RedBG} XTLS 最低版本应大于 TLS1.1, 请重新选择! ${Font}" tls_type fi else if [[ ${tls_mode} == "TLS" ]]; then - sed -i "s/^\( *\)ssl_protocols.*/\1ssl_protocols\\t\\tTLSv1.2 TLSv1.3;/" $nginx_conf + sed -i "s/^\( *\)ssl_protocols\( *\).*/\1ssl_protocols\2TLSv1.2 TLSv1.3;/" $nginx_conf else sed -i "s/^\( *\)\"minVersion\".*/\1\"minVersion\": \"1.2\",/" ${xray_conf} fi @@ -1805,7 +1819,7 @@ uninstall_all() { esac fi systemctl daemon-reload - echo -e "${OK} ${GreenBG} 已卸载, SSL 证书文件已保留 ${Font}" + echo -e "${OK} ${GreenBG} 已卸载, SSL 证书文件已保留\n ${Font}" } delete_tls_key_and_crt() { @@ -1847,7 +1861,7 @@ timeout() { } judge_mode() { - if [[ -f ${xray_bin_dir} ]]; then + if [[ -f ${xray_qr_config_file} ]]; then ws_grpc_mode=$(info_extraction '\"ws_grpc_mode\"') tls_mode=$(info_extraction '\"tls\"') if [[ ${tls_mode} == "TLS" ]]; then @@ -1868,7 +1882,7 @@ judge_mode() { [[ ${ws_grpc_mode} == "onlygRPC" ]] && shell_mode="gRPC ONLY" [[ ${ws_grpc_mode} == "all" ]] && shell_mode="ws+gRPC ONLY" fi - old_shell_mode=${shell_mode} + old_tls_mode=${tls_mode} fi } @@ -1879,9 +1893,9 @@ install_xray_ws_tls() { basic_optimization create_directory domain_check + ws_grpc_choose old_config_exist_check port_set - ws_grpc_choose ws_inbound_port_set grpc_inbound_port_set firewall_set @@ -1945,8 +1959,8 @@ install_xray_ws_only() { basic_optimization create_directory ip_check - old_config_exist_check ws_grpc_choose + old_config_exist_check ws_inbound_port_set grpc_inbound_port_set firewall_set @@ -1975,9 +1989,9 @@ update_sh() { version_difference=$(echo "(${shell_version:0:3}-${oldest_version:0:3})>0"|bc) if [[ ${shell_version} != ${newest_version} ]]; then if [[ ${version_difference} == 1 ]]; then - echo -e "${Warning} ${YellowBG} 存在新版本, 但版本跨度较大, 可能存在不兼容情况, 是否更新 [Y/N]? ${Font}" + echo -e "\n${Warning} ${YellowBG} 存在新版本, 但版本跨度较大, 可能存在不兼容情况, 是否更新 [Y/N]? ${Font}" else - echo -e "${GreenBG} 存在新版本, 是否更新 [Y/N]? ${Font}" + echo -e "\n${GreenBG} 存在新版本, 是否更新 [Y/N]? ${Font}" fi read -r update_confirm case $update_confirm in @@ -2173,7 +2187,7 @@ menu() { bash idleleo ;; 5) - echo -e "${Warning} ${YellowBG} 此模式推荐用于负载均衡, 一般情况不推荐使用, 是否安装 [Y/N]? ${Font}" + echo -e "\n${Warning} ${YellowBG} 此模式推荐用于负载均衡, 一般情况不推荐使用, 是否安装 [Y/N]? ${Font}" read -r wsonly_fq case $wsonly_fq in [yY][eE][sS] | [yY])