zeaslity/shell-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

大量更新

Browse Source
This commit is contained in:
zeaslity
2025-01-20 16:38:08 +08:00
parent ed9e0947e6
commit 7db1e0f565
46 changed files with 583 additions and 1896 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
1-代理Xray/XRay-安装脚本/Xray-linux-64-v1.6.0.zip
View File

Binary file not shown.

9
1-代理Xray/XRay-安装脚本/Xray安装脚本.txt
View File

@@ -1,2 +1,9 @@
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install --without-geodata
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install --without-geodata
sed -i "s/nobody/root/g" /etc/systemd/system/xray.service
systemctl daemon-reload
systemctl restart xray
systemctl enable xray
journalctl -u xray -n 100 -f

744
1-代理Xray/XRay-安装脚本/xray-install-另外的版本.sh
View File

@@ -1,744 +0,0 @@
#!/usr/bin/env bash
#====================================================
# System Request:Debian 9+/Ubuntu 18.04+/Centos 7+
# Author: wulabing
# Dscription: Xray onekey Management
# email: admin@wulabing.com
#====================================================
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
stty erase ^?
cd "$(
cd "$(dirname "$0")" || exit
pwd
)" || exit
# 字体颜色配置
Green="\033[32m"
Red="\033[31m"
Yellow="\033[33m"
Blue="\033[36m"
Font="\033[0m"
GreenBG="\033[42;37m"
RedBG="\033[41;37m"
OK="${Green}[OK]${Font}"
ERROR="${Red}[ERROR]${Font}"
# 变量
shell_version="1.3.7"
github_branch="main"
xray_conf_dir="/usr/local/etc/xray"
website_dir="/www/xray_web/"
xray_access_log="/var/log/xray/access.log"
xray_error_log="/var/log/xray/error.log"
cert_dir="/usr/local/etc/xray"
domain_tmp_dir="/usr/local/etc/xray"
cert_group="nobody"
random_num=$((RANDOM % 12 + 4))
VERSION=$(echo "${VERSION}" | awk -F "[()]" '{print $2}')
WS_PATH="/$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})/"
function shell_mode_check() {
if [ -f ${xray_conf_dir}/config.json ]; then
if [ "$(grep -c "wsSettings" ${xray_conf_dir}/config.json)" -ge 1 ]; then
shell_mode="ws"
else
shell_mode="tcp"
fi
else
shell_mode="None"
fi
}
function print_ok() {
echo -e "${OK} ${Blue} $1 ${Font}"
}
function print_error() {
echo -e "${ERROR} ${RedBG} $1 ${Font}"
}
function is_root() {
if [[ 0 == "$UID" ]]; then
print_ok "当前用户是 root 用户,开始安装流程"
else
print_error "当前用户不是 root 用户,请切换到 root 用户后重新执行脚本"
exit 1
fi
}
judge() {
if [[ 0 -eq $? ]]; then
print_ok "$1 完成"
sleep 1
else
print_error "$1 失败"
exit 1
fi
}
function system_check() {
source '/etc/os-release'
if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]]; then
print_ok "当前系统为 Centos ${VERSION_ID} ${VERSION}"
INS="yum install -y"
wget -N -P /etc/yum.repos.d/ https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/basic/nginx.repo
elif [[ "${ID}" == "ol" ]]; then
print_ok "当前系统为 Oracle Linux ${VERSION_ID} ${VERSION}"
INS="yum install -y"
wget -N -P /etc/yum.repos.d/ https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/basic/nginx.repo
elif [[ "${ID}" == "debian" && ${VERSION_ID} -ge 9 ]]; then
print_ok "当前系统为 Debian ${VERSION_ID} ${VERSION}"
INS="apt install -y"
# 清除可能的遗留问题
rm -f /etc/apt/sources.list.d/nginx.list
$INS lsb-release gnupg2
echo "deb http://nginx.org/packages/debian $(lsb_release -cs) nginx" >/etc/apt/sources.list.d/nginx.list
curl -fsSL https://nginx.org/keys/nginx_signing.key | apt-key add -
apt update
elif [[ "${ID}" == "ubuntu" && $(echo "${VERSION_ID}" | cut -d '.' -f1) -ge 18 ]]; then
print_ok "当前系统为 Ubuntu ${VERSION_ID} ${UBUNTU_CODENAME}"
INS="apt install -y"
# 清除可能的遗留问题
rm -f /etc/apt/sources.list.d/nginx.list
$INS lsb-release gnupg2
echo "deb http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" >/etc/apt/sources.list.d/nginx.list
curl -fsSL https://nginx.org/keys/nginx_signing.key | apt-key add -
apt update
else
print_error "当前系统为 ${ID} ${VERSION_ID} 不在支持的系统列表内"
exit 1
fi
if [[ $(grep "nogroup" /etc/group) ]]; then
cert_group="nogroup"
fi
$INS dbus
# 关闭各类防火墙
systemctl stop firewalld
systemctl disable firewalld
systemctl stop nftables
systemctl disable nftables
systemctl stop ufw
systemctl disable ufw
}
function nginx_install() {
if ! command -v nginx >/dev/null 2>&1; then
${INS} nginx
judge "Nginx 安装"
else
print_ok "Nginx 已存在"
${INS} nginx
fi
# 遗留问题处理
mkdir -p /etc/nginx/conf.d >/dev/null 2>&1
}
function dependency_install() {
${INS} wget lsof tar
judge "安装 wget lsof tar"
if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
${INS} crontabs
else
${INS} cron
fi
judge "安装 crontab"
if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
touch /var/spool/cron/root && chmod 600 /var/spool/cron/root
systemctl start crond && systemctl enable crond
else
touch /var/spool/cron/crontabs/root && chmod 600 /var/spool/cron/crontabs/root
systemctl start cron && systemctl enable cron
fi
judge "crontab 自启动配置 "
${INS} unzip
judge "安装 unzip"
${INS} curl
judge "安装 curl"
# upgrade systemd
${INS} systemd
judge "安装/升级 systemd"
# Nginx 后置 无需编译 不再需要
# if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
# yum -y groupinstall "Development tools"
# else
# ${INS} build-essential
# fi
# judge "编译工具包 安装"
if [[ "${ID}" == "centos" ]]; then
${INS} pcre pcre-devel zlib-devel epel-release openssl openssl-devel
elif [[ "${ID}" == "ol" ]]; then
${INS} pcre pcre-devel zlib-devel openssl openssl-devel
# Oracle Linux 不同日期版本的 VERSION_ID 比较乱 直接暴力处理
yum-config-manager --enable ol7_developer_EPEL >/dev/null 2>&1
yum-config-manager --enable ol8_developer_EPEL >/dev/null 2>&1
else
${INS} libpcre3 libpcre3-dev zlib1g-dev openssl libssl-dev
fi
${INS} jq
if ! command -v jq; then
wget -P /usr/bin https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/binary/jq && chmod +x /usr/bin/jq
judge "安装 jq"
fi
# 防止部分系统xray的默认bin目录缺失
mkdir /usr/local/bin >/dev/null 2>&1
}
function basic_optimization() {
# 最大文件打开数
sed -i '/^\*\ *soft\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf
sed -i '/^\*\ *hard\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf
echo '* soft nofile 65536' >>/etc/security/limits.conf
echo '* hard nofile 65536' >>/etc/security/limits.conf
# 关闭 Selinux
if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
setenforce 0
fi
}
function domain_check() {
read -rp "请输入你的域名信息(eg: www.wulabing.com):" domain
domain_ip=$(ping "${domain}" -c 1 | sed '1{s/[^(]*(//;s/).*//;q}')
print_ok "正在获取 IP 地址信息,请耐心等待"
local_ip=$(curl -4L api64.ipify.org)
echo -e "域名通过 DNS 解析的 IP 地址:${domain_ip}"
echo -e "本机公网 IP 地址: ${local_ip}"
sleep 2
if [[ ${domain_ip} == "${local_ip}" ]]; then
print_ok "域名通过 DNS 解析的 IP 地址与 本机 IP 地址匹配"
sleep 2
else
print_error "请确保域名添加了正确的 A 记录,否则将无法正常使用 xray"
print_error "域名通过 DNS 解析的 IP 地址与 本机 IP 地址不匹配是否继续安装y/n" && read -r install
case $install in
[yY][eE][sS] | [yY])
print_ok "继续安装"
sleep 2
;;
*)
print_error "安装终止"
exit 2
;;
esac
fi
}
function port_exist_check() {
if [[ 0 -eq $(lsof -i:"$1" | grep -i -c "listen") ]]; then
print_ok "$1 端口未被占用"
sleep 1
else
print_error "检测到 $1 端口被占用,以下为 $1 端口占用信息"
lsof -i:"$1"
print_error "5s 后将尝试自动 kill 占用进程"
sleep 5
lsof -i:"$1" | awk '{print $2}' | grep -v "PID" | xargs kill -9
print_ok "kill 完成"
sleep 1
fi
}
function update_sh() {
ol_version=$(curl -L -s https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/install.sh | grep "shell_version=" | head -1 | awk -F '=|"' '{print $3}')
if [[ "$shell_version" != "$(echo -e "$shell_version\n$ol_version" | sort -rV | head -1)" ]]; then
print_ok "存在新版本,是否更新 [Y/N]?"
read -r update_confirm
case $update_confirm in
[yY][eE][sS] | [yY])
wget -N --no-check-certificate https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/install.sh
print_ok "更新完成"
print_ok "您可以通过 bash $0 执行本程序"
exit 0
;;
*) ;;
esac
else
print_ok "当前版本为最新版本"
print_ok "您可以通过 bash $0 执行本程序"
fi
}
function xray_tmp_config_file_check_and_use() {
if [[ -s ${xray_conf_dir}/config_tmp.json ]]; then
mv -f ${xray_conf_dir}/config_tmp.json ${xray_conf_dir}/config.json
else
print_error "xray 配置文件修改异常"
fi
}
function modify_UUID() {
[ -z "$UUID" ] && UUID=$(cat /proc/sys/kernel/random/uuid)
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",0,"settings","clients",0,"id"];"'${UUID}'")' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray TCP UUID 修改"
}
function modify_UUID_ws() {
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",1,"settings","clients",0,"id"];"'${UUID}'")' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray ws UUID 修改"
}
function modify_fallback_ws() {
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",0,"settings","fallbacks",2,"path"];"'${WS_PATH}'")' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray fallback_ws 修改"
}
function modify_ws() {
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",1,"streamSettings","wsSettings","path"];"'${WS_PATH}'")' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray ws 修改"
}
function configure_nginx() {
nginx_conf="/etc/nginx/conf.d/${domain}.conf"
cd /etc/nginx/conf.d/ && rm -f ${domain}.conf && wget -O ${domain}.conf https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/config/web.conf
sed -i "s/xxx/${domain}/g" ${nginx_conf}
judge "Nginx config modify"
systemctl restart nginx
}
function modify_port() {
read -rp "请输入端口号(默认443)" PORT
[ -z "$PORT" ] && PORT="443"
if [[ $PORT -le 0 ]] || [[ $PORT -gt 65535 ]]; then
print_error "请输入 0-65535 之间的值"
exit 1
fi
port_exist_check $PORT
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",0,"port"];'${PORT}')' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray 端口 修改"
}
function configure_xray() {
cd /usr/local/etc/xray && rm -f config.json && wget -O config.json https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/config/xray_xtls-rprx-direct.json
modify_UUID
modify_port
}
function configure_xray_ws() {
cd /usr/local/etc/xray && rm -f config.json && wget -O config.json https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/config/xray_tls_ws_mix-rprx-direct.json
modify_UUID
modify_UUID_ws
modify_port
modify_fallback_ws
modify_ws
}
function xray_install() {
print_ok "安装 Xray"
curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh | bash -s -- install
judge "Xray 安装"
# 用于生成 Xray 的导入链接
echo $domain >$domain_tmp_dir/domain
judge "域名记录"
}
function ssl_install() {
# 使用 Nginx 配合签发 无需安装相关依赖
# if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
# ${INS} socat nc
# else
# ${INS} socat netcat
# fi
# judge "安装 SSL 证书生成脚本依赖"
curl -L get.acme.sh | bash
judge "安装 SSL 证书生成脚本"
}
function acme() {
"$HOME"/.acme.sh/acme.sh --set-default-ca --server letsencrypt
sed -i "6s/^/#/" "$nginx_conf"
sed -i "6a\\\troot $website_dir;" "$nginx_conf"
systemctl restart nginx
if "$HOME"/.acme.sh/acme.sh --issue -d "${domain}" --webroot "$website_dir" -k ec-256 --force; then
print_ok "SSL 证书生成成功"
sleep 2
if "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath /ssl/xray.crt --keypath /ssl/xray.key --reloadcmd "systemctl restart xray" --ecc --force; then
print_ok "SSL 证书配置成功"
sleep 2
fi
else
print_error "SSL 证书生成失败"
rm -rf "$HOME/.acme.sh/${domain}_ecc"
exit 1
fi
sed -i "7d" "$nginx_conf"
sed -i "6s/#//" "$nginx_conf"
}
function ssl_judge_and_install() {
mkdir -p /ssl >/dev/null 2>&1
if [[ -f "/ssl/xray.key" || -f "/ssl/xray.crt" ]]; then
print_ok "/ssl 目录下证书文件已存在"
print_ok "是否删除 /ssl 目录下的证书文件 [Y/N]?"
read -r ssl_delete
case $ssl_delete in
[yY][eE][sS] | [yY])
rm -rf /ssl/*
print_ok "已删除"
;;
*) ;;
esac
fi
if [[ -f "/ssl/xray.key" || -f "/ssl/xray.crt" ]]; then
echo "证书文件已存在"
elif [[ -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]]; then
echo "证书文件已存在"
"$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath /ssl/xray.crt --keypath /ssl/xray.key --ecc
judge "证书应用"
else
mkdir /ssl
cp -a $cert_dir/self_signed_cert.pem /ssl/xray.crt
cp -a $cert_dir/self_signed_key.pem /ssl/xray.key
ssl_install
acme
fi
# Xray 默认以 nobody 用户运行,证书权限适配
chown -R nobody.$cert_group /ssl/*
}
function generate_certificate() {
signedcert=$(xray tls cert -domain="$local_ip" -name="$local_ip" -org="$local_ip" -expire=87600h)
echo $signedcert | jq '.certificate[]' | sed 's/\"//g' | tee $cert_dir/self_signed_cert.pem
echo $signedcert | jq '.key[]' | sed 's/\"//g' >$cert_dir/self_signed_key.pem
openssl x509 -in $cert_dir/self_signed_cert.pem -noout || 'print_error "生成自签名证书失败" && exit 1'
print_ok "生成自签名证书成功"
chown nobody.$cert_group $cert_dir/self_signed_cert.pem
chown nobody.$cert_group $cert_dir/self_signed_key.pem
}
function configure_web() {
rm -rf /www/xray_web
mkdir -p /www/xray_web
wget -O web.tar.gz https://raw.githubusercontent.com/wulabing/Xray_onekey/main/basic/web.tar.gz
tar xzf web.tar.gz -C /www/xray_web
judge "站点伪装"
rm -f web.tar.gz
}
function xray_uninstall() {
curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh | bash -s -- remove --purge
rm -rf $website_dir
print_ok "是否卸载nginx [Y/N]?"
read -r uninstall_nginx
case $uninstall_nginx in
[yY][eE][sS] | [yY])
if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
yum remove nginx -y
else
apt purge nginx -y
fi
;;
*) ;;
esac
print_ok "是否卸载acme.sh [Y/N]?"
read -r uninstall_acme
case $uninstall_acme in
[yY][eE][sS] | [yY])
/root/.acme.sh/acme.sh --uninstall
rm -rf /root/.acme.sh
rm -rf /ssl/
;;
*) ;;
esac
print_ok "卸载完成"
exit 0
}
function restart_all() {
systemctl restart nginx
judge "Nginx 启动"
systemctl restart xray
judge "Xray 启动"
}
function vless_xtls-rprx-direct_link() {
UUID=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].id | tr -d '"')
PORT=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].port)
FLOW=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].flow | tr -d '"')
DOMAIN=$(cat ${domain_tmp_dir}/domain)
print_ok "URL 链接VLESS + TCP + TLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?security=tls&flow=$FLOW#TLS_wulabing-$DOMAIN"
print_ok "URL 链接VLESS + TCP + XTLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?security=xtls&flow=$FLOW#XTLS_wulabing-$DOMAIN"
print_ok "-------------------------------------------------"
print_ok "URL 二维码VLESS + TCP + TLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?security=tls%26flow=$FLOW%23TLS_wulabing-$DOMAIN"
print_ok "URL 二维码VLESS + TCP + XTLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?security=xtls%26flow=$FLOW%23XTLS_wulabing-$DOMAIN"
}
function vless_xtls-rprx-direct_information() {
UUID=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].id | tr -d '"')
PORT=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].port)
FLOW=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].flow | tr -d '"')
DOMAIN=$(cat ${domain_tmp_dir}/domain)
echo -e "${Red} Xray 配置信息 ${Font}"
echo -e "${Red} 地址address:${Font} $DOMAIN"
echo -e "${Red} 端口port${Font} $PORT"
echo -e "${Red} 用户 IDUUID${Font} $UUID"
echo -e "${Red} 流控flow${Font} $FLOW"
echo -e "${Red} 加密方式security${Font} none "
echo -e "${Red} 传输协议network${Font} tcp "
echo -e "${Red} 伪装类型type${Font} none "
echo -e "${Red} 底层传输安全:${Font} xtls 或 tls"
}
function ws_information() {
UUID=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].id | tr -d '"')
PORT=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].port)
FLOW=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].flow | tr -d '"')
WS_PATH=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.fallbacks[2].path | tr -d '"')
DOMAIN=$(cat ${domain_tmp_dir}/domain)
echo -e "${Red} Xray 配置信息 ${Font}"
echo -e "${Red} 地址address:${Font} $DOMAIN"
echo -e "${Red} 端口port${Font} $PORT"
echo -e "${Red} 用户 IDUUID${Font} $UUID"
echo -e "${Red} 加密方式security${Font} none "
echo -e "${Red} 传输协议network${Font} ws "
echo -e "${Red} 伪装类型type${Font} none "
echo -e "${Red} 路径path${Font} $WS_PATH "
echo -e "${Red} 底层传输安全:${Font} tls "
}
function ws_link() {
UUID=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].id | tr -d '"')
PORT=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].port)
FLOW=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].flow | tr -d '"')
WS_PATH=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.fallbacks[2].path | tr -d '"')
WS_PATH_WITHOUT_SLASH=$(echo $WS_PATH | tr -d '/')
DOMAIN=$(cat ${domain_tmp_dir}/domain)
print_ok "URL 链接VLESS + TCP + TLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?security=tls#TLS_wulabing-$DOMAIN"
print_ok "URL 链接VLESS + TCP + XTLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?security=xtls&flow=$FLOW#XTLS_wulabing-$DOMAIN"
print_ok "URL 链接VLESS + WebSocket + TLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?type=ws&security=tls&path=%2f${WS_PATH_WITHOUT_SLASH}%2f#WS_TLS_wulabing-$DOMAIN"
print_ok "-------------------------------------------------"
print_ok "URL 二维码VLESS + TCP + TLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?security=tls%23TLS_wulabing-$DOMAIN"
print_ok "URL 二维码VLESS + TCP + XTLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?security=xtls%26flow=$FLOW%23XTLS_wulabing-$DOMAIN"
print_ok "URL 二维码VLESS + WebSocket + TLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?type=ws%26security=tls%26path=%2f${WS_PATH_WITHOUT_SLASH}%2f%23WS_TLS_wulabing-$DOMAIN"
}
function basic_information() {
print_ok "VLESS+TCP+XTLS+Nginx 安装成功"
vless_xtls-rprx-direct_information
vless_xtls-rprx-direct_link
}
function basic_ws_information() {
print_ok "VLESS+TCP+TLS+Nginx with WebSocket 混合模式 安装成功"
ws_information
print_ok "————————————————————————"
vless_xtls-rprx-direct_information
ws_link
}
function show_access_log() {
[ -f ${xray_access_log} ] && tail -f ${xray_access_log} || echo -e "${RedBG}log文件不存在${Font}"
}
function show_error_log() {
[ -f ${xray_error_log} ] && tail -f ${xray_error_log} || echo -e "${RedBG}log文件不存在${Font}"
}
function bbr_boost_sh() {
[ -f "tcp.sh" ] && rm -rf ./tcp.sh
wget -N --no-check-certificate "https://raw.githubusercontent.com/ylx2016/Linux-NetSpeed/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
}
function mtproxy_sh() {
wget -N --no-check-certificate "https://github.com/wulabing/mtp/raw/master/mtproxy.sh" && chmod +x mtproxy.sh && bash mtproxy.sh
}
function install_xray() {
is_root
system_check
dependency_install
basic_optimization
domain_check
port_exist_check 80
xray_install
configure_xray
nginx_install
configure_nginx
configure_web
generate_certificate
ssl_judge_and_install
restart_all
basic_information
}
function install_xray_ws() {
is_root
system_check
dependency_install
basic_optimization
domain_check
port_exist_check 80
xray_install
configure_xray_ws
nginx_install
configure_nginx
configure_web
generate_certificate
ssl_judge_and_install
restart_all
basic_ws_information
}
menu() {
#update_sh
shell_mode_check
echo -e "\t Xray 安装管理脚本 ${Red}[${shell_version}]${Font}"
echo -e "\t---authored by wulabing---"
echo -e "\thttps://github.com/wulabing\n"
echo -e "当前已安装版本:${shell_mode}"
echo -e "—————————————— 安装向导 ——————————————"""
echo -e "${Green}0.${Font} 升级 脚本"
echo -e "${Green}1.${Font} 安装 Xray (VLESS + TCP + XTLS / TLS + Nginx)"
echo -e "${Green}2.${Font} 安装 Xray (VLESS + TCP + XTLS / TLS + Nginx 及 VLESS + TCP + TLS + Nginx + WebSocket 回落并存模式)"
echo -e "—————————————— 配置变更 ——————————————"
echo -e "${Green}11.${Font} 变更 UUID"
echo -e "${Green}13.${Font} 变更 连接端口"
echo -e "${Green}14.${Font} 变更 WebSocket PATH"
echo -e "—————————————— 查看信息 ——————————————"
echo -e "${Green}21.${Font} 查看 实时访问日志"
echo -e "${Green}22.${Font} 查看 实时错误日志"
echo -e "${Green}23.${Font} 查看 Xray 配置链接"
# echo -e "${Green}23.${Font} 查看 V2Ray 配置信息"
echo -e "—————————————— 其他选项 ——————————————"
echo -e "${Green}31.${Font} 安装 4 合 1 BBR、锐速安装脚本"
echo -e "${Yellow}32.${Font} 安装 MTproxy(不推荐使用,请相关用户关闭或卸载)"
echo -e "${Green}33.${Font} 卸载 Xray"
echo -e "${Green}34.${Font} 更新 Xray-core"
echo -e "${Green}35.${Font} 安装 Xray-core 测试版(Pre)"
echo -e "${Green}36.${Font} 手动更新SSL证书"
echo -e "${Green}40.${Font} 退出"
read -rp "请输入数字:" menu_num
case $menu_num in
0)
update_sh
;;
1)
install_xray
;;
2)
install_xray_ws
;;
11)
read -rp "请输入UUID:" UUID
if [[ ${shell_mode} == "tcp" ]]; then
modify_UUID
elif [[ ${shell_mode} == "ws" ]]; then
modify_UUID
modify_UUID_ws
fi
restart_all
;;
13)
modify_port
restart_all
;;
14)
if [[ ${shell_mode} == "ws" ]]; then
read -rp "请输入路径(示例:/wulabing/ 要求两侧都包含/):" WS_PATH
modify_fallback_ws
modify_ws
restart_all
else
print_error "当前模式不是Websocket模式"
fi
;;
21)
tail -f $xray_access_log
;;
22)
tail -f $xray_error_log
;;
23)
if [[ -f $xray_conf_dir/config.json ]]; then
if [[ ${shell_mode} == "tcp" ]]; then
basic_information
elif [[ ${shell_mode} == "ws" ]]; then
basic_ws_information
fi
else
print_error "xray 配置文件不存在"
fi
;;
31)
bbr_boost_sh
;;
32)
mtproxy_sh
;;
33)
source '/etc/os-release'
xray_uninstall
;;
34)
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" - install
restart_all
;;
35)
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" - install --beta
restart_all
;;
36)
"/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh"
restart_all
;;
40)
exit 0
;;
*)
print_error "请输入正确的数字"
;;
esac
}
menu "$@"

911
1-代理Xray/XRay-安装脚本/官方Xray安装脚本-2022-10-21.sh
View File

@@ -1,911 +0,0 @@
#!/usr/bin/env bash
# The files installed by the script conform to the Filesystem Hierarchy Standard:
# https://wiki.linuxfoundation.org/lsb/fhs
# The URL of the script project is:
# https://github.com/XTLS/Xray-install
# The URL of the scraaaaaipt is:
# https://raw.githubusercontent.com/XTLS/Xray-install/main/install-release.sh
# If the script executes incorrectly, go to:
# https://github.com/XTLS/Xray-install/issues
# You can set this variable whatever you want in shell session right before running this script by issuing:
# export DAT_PATH='/usr/local/share/xray'
DAT_PATH=${DAT_PATH:-/usr/local/share/xray}
# You can set this variable whatever you want in shell session right before running this script by issuing:
# export JSON_PATH='/usr/local/etc/xray'
JSON_PATH=${JSON_PATH:-/usr/local/etc/xray}
# Set this variable only if you are starting xray with multiple configuration files:
# export JSONS_PATH='/usr/local/etc/xray'
# Set this variable only if you want this script to check all the systemd unit file:
# export check_all_service_files='yes'
# Gobal verbals
if [[ -f '/etc/systemd/system/xray.service' ]] && [[ -f '/usr/local/bin/xray' ]]; then
XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT=1
else
XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT=0
fi
# Xray current version
CURRENT_VERSION=''
# Xray latest release version
RELEASE_LATEST=''
# Xray latest prerelease/release version
PRE_RELEASE_LATEST=''
# Xray version will be installed
INSTALL_VERSION=''
# install
INSTALL='0'
# install-geodata
INSTALL_GEODATA='0'
# remove
REMOVE='0'
# help
HELP='0'
# check
CHECK='0'
# --force
FORCE='0'
# --beta
BETA='0'
# --install-user ?
INSTALL_USER=''
# --without-geodata
NO_GEODATA='0'
# --without-logfiles
NO_LOGFILES='0'
# --no-update-service
N_UP_SERVICE='0'
# --reinstall
REINSTALL='0'
# --version ?
SPECIFIED_VERSION=''
# --local ?
LOCAL_FILE=''
# --proxy ?
PROXY=''
# --purge
PURGE='0'
curl() {
$(type -P curl) -L -q --retry 5 --retry-delay 10 --retry-max-time 60 "$@"
}
systemd_cat_config() {
if systemd-analyze --help | grep -qw 'cat-config'; then
systemd-analyze --no-pager cat-config "$@"
echo
else
echo "${aoi}~~~~~~~~~~~~~~~~"
cat "$@" "$1".d/*
echo "${aoi}~~~~~~~~~~~~~~~~"
echo "${red}warning: ${green}The systemd version on the current operating system is too low."
echo "${red}warning: ${green}Please consider to upgrade the systemd or the operating system.${reset}"
echo
fi
}
check_if_running_as_root() {
# If you want to run as another user, please modify $EUID to be owned by this user
if [[ "$EUID" -ne '0' ]]; then
echo "error: You must run this script as root!"
exit 1
fi
}
identify_the_operating_system_and_architecture() {
if [[ "$(uname)" == 'Linux' ]]; then
case "$(uname -m)" in
'i386' | 'i686')
MACHINE='32'
;;
'amd64' | 'x86_64')
MACHINE='64'
;;
'armv5tel')
MACHINE='arm32-v5'
;;
'armv6l')
MACHINE='arm32-v6'
grep Features /proc/cpuinfo | grep -qw 'vfp' || MACHINE='arm32-v5'
;;
'armv7' | 'armv7l')
MACHINE='arm32-v7a'
grep Features /proc/cpuinfo | grep -qw 'vfp' || MACHINE='arm32-v5'
;;
'armv8' | 'aarch64')
MACHINE='arm64-v8a'
;;
'mips')
MACHINE='mips32'
;;
'mipsle')
MACHINE='mips32le'
;;
'mips64')
MACHINE='mips64'
lscpu | grep -q "Little Endian" && MACHINE='mips64le'
;;
'mips64le')
MACHINE='mips64le'
;;
'ppc64')
MACHINE='ppc64'
;;
'ppc64le')
MACHINE='ppc64le'
;;
'riscv64')
MACHINE='riscv64'
;;
's390x')
MACHINE='s390x'
;;
*)
echo "error: The architecture is not supported."
exit 1
;;
esac
if [[ ! -f '/etc/os-release' ]]; then
echo "error: Don't use outdated Linux distributions."
exit 1
fi
# Do not combine this judgment condition with the following judgment condition.
## Be aware of Linux distribution like Gentoo, which kernel supports switch between Systemd and OpenRC.
if [[ -f /.dockerenv ]] || grep -q 'docker\|lxc' /proc/1/cgroup && [[ "$(type -P systemctl)" ]]; then
true
elif [[ -d /run/systemd/system ]] || grep -q systemd <(ls -l /sbin/init); then
true
else
echo "error: Only Linux distributions using systemd are supported."
exit 1
fi
if [[ "$(type -P apt)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='apt -y --no-install-recommends install'
PACKAGE_MANAGEMENT_REMOVE='apt purge'
package_provide_tput='ncurses-bin'
elif [[ "$(type -P dnf)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='dnf -y install'
PACKAGE_MANAGEMENT_REMOVE='dnf remove'
package_provide_tput='ncurses'
elif [[ "$(type -P yum)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='yum -y install'
PACKAGE_MANAGEMENT_REMOVE='yum remove'
package_provide_tput='ncurses'
elif [[ "$(type -P zypper)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='zypper install -y --no-recommends'
PACKAGE_MANAGEMENT_REMOVE='zypper remove'
package_provide_tput='ncurses-utils'
elif [[ "$(type -P pacman)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='pacman -Syu --noconfirm'
PACKAGE_MANAGEMENT_REMOVE='pacman -Rsn'
package_provide_tput='ncurses'
elif [[ "$(type -P emerge)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='emerge -v'
PACKAGE_MANAGEMENT_REMOVE='emerge -Cv'
package_provide_tput='ncurses'
else
echo "error: The script does not support the package manager in this operating system."
exit 1
fi
else
echo "error: This operating system is not supported."
exit 1
fi
}
## Demo function for processing parameters
judgment_parameters() {
local local_install='0'
local temp_version='0'
while [[ "$#" -gt '0' ]]; do
case "$1" in
'install')
INSTALL='1'
;;
'install-geodata')
INSTALL_GEODATA='1'
;;
'remove')
REMOVE='1'
;;
'help')
HELP='1'
;;
'check')
CHECK='1'
;;
'--without-geodata')
NO_GEODATA='1'
;;
'--without-logfiles')
NO_LOGFILES='1'
;;
'--purge')
PURGE='1'
;;
'--version')
if [[ -z "$2" ]]; then
echo "error: Please specify the correct version."
exit 1
fi
temp_version='1'
SPECIFIED_VERSION="$2"
shift
;;
'-f' | '--force')
FORCE='1'
;;
'--beta')
BETA='1'
;;
'-l' | '--local')
local_install='1'
if [[ -z "$2" ]]; then
echo "error: Please specify the correct local file."
exit 1
fi
LOCAL_FILE="$2"
shift
;;
'-p' | '--proxy')
if [[ -z "$2" ]]; then
echo "error: Please specify the proxy server address."
exit 1
fi
PROXY="$2"
shift
;;
'-u' | '--install-user')
if [[ -z "$2" ]]; then
echo "error: Please specify the install user.}"
exit 1
fi
INSTALL_USER="$2"
shift
;;
'--reinstall')
REINSTALL='1'
;;
'--no-update-service')
N_UP_SERVICE='1'
;;
*)
echo "$0: unknown option -- -"
exit 1
;;
esac
shift
done
if ((INSTALL+INSTALL_GEODATA+HELP+CHECK+REMOVE==0)); then
INSTALL='1'
elif ((INSTALL+INSTALL_GEODATA+HELP+CHECK+REMOVE>1)); then
echo 'You can only choose one action.'
exit 1
fi
if [[ "$INSTALL" -eq '1' ]] && ((temp_version+local_install+REINSTALL+BETA>1)); then
echo "--version,--reinstall,--beta and --local can't be used together."
exit 1
fi
}
check_install_user() {
if [[ -z "$INSTALL_USER" ]]; then
if [[ -f '/usr/local/bin/xray' ]]; then
INSTALL_USER="$(grep '^[ '$'\t]*User[ '$'\t]*=' /etc/systemd/system/xray.service | tail -n 1 | awk -F = '{print $2}' | awk '{print $1}')"
if [[ -z "$INSTALL_USER" ]]; then
INSTALL_USER='root'
fi
else
INSTALL_USER='nobody'
fi
fi
if ! id $INSTALL_USER > /dev/null 2>&1; then
echo "the user '$INSTALL_USER' is not effective"
exit 1
fi
INSTALL_USER_UID="$(id -u $INSTALL_USER)"
INSTALL_USER_GID="$(id -g $INSTALL_USER)"
}
install_software() {
package_name="$1"
file_to_detect="$2"
type -P "$file_to_detect" > /dev/null 2>&1 && return
if ${PACKAGE_MANAGEMENT_INSTALL} "$package_name"; then
echo "info: $package_name is installed."
else
echo "error: Installation of $package_name failed, please check your network."
exit 1
fi
}
get_current_version() {
# Get the CURRENT_VERSION
if [[ -f '/usr/local/bin/xray' ]]; then
CURRENT_VERSION="$(/usr/local/bin/xray -version | awk 'NR==1 {print $2}')"
CURRENT_VERSION="v${CURRENT_VERSION#v}"
else
CURRENT_VERSION=""
fi
}
get_latest_version() {
# Get Xray latest release version number
local tmp_file
tmp_file="$(mktemp)"
if ! curl -x "${PROXY}" -sS -H "Accept: application/vnd.github.v3+json" -o "$tmp_file" 'https://api.github.com/repos/XTLS/Xray-core/releases/latest'; then
"rm" "$tmp_file"
echo 'error: Failed to get release list, please check your network.'
exit 1
fi
RELEASE_LATEST="$(sed 'y/,/\n/' "$tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}')"
if [[ -z "$RELEASE_LATEST" ]]; then
if grep -q "API rate limit exceeded" "$tmp_file"; then
echo "error: github API rate limit exceeded"
else
echo "error: Failed to get the latest release version."
echo "Welcome bug report:https://github.com/XTLS/Xray-install/issues"
fi
"rm" "$tmp_file"
exit 1
fi
"rm" "$tmp_file"
RELEASE_LATEST="v${RELEASE_LATEST#v}"
if ! curl -x "${PROXY}" -sS -H "Accept: application/vnd.github.v3+json" -o "$tmp_file" 'https://api.github.com/repos/XTLS/Xray-core/releases'; then
"rm" "$tmp_file"
echo 'error: Failed to get release list, please check your network.'
exit 1
fi
local releases_list
releases_list=($(sed 'y/,/\n/' "$tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}'))
if [[ "${#releases_list[@]}" -eq '0' ]]; then
if grep -q "API rate limit exceeded" "$tmp_file"; then
echo "error: github API rate limit exceeded"
else
echo "error: Failed to get the latest release version."
echo "Welcome bug report:https://github.com/XTLS/Xray-install/issues"
fi
"rm" "$tmp_file"
exit 1
fi
local i
for i in ${!releases_list[@]}
do
releases_list[$i]="v${releases_list[$i]#v}"
grep -q "https://github.com/XTLS/Xray-core/releases/download/${releases_list[$i]}/Xray-linux-$MACHINE.zip" "$tmp_file" && break
done
"rm" "$tmp_file"
PRE_RELEASE_LATEST="${releases_list[$i]}"
}
version_gt() {
# compare two version
# 0: $1 > $2
# 1: $1 <= $2
if [[ "$1" != "$2" ]]; then
local temp_1_version_number="${1#v}"
local temp_1_major_version_number="${temp_1_version_number%%.*}"
local temp_1_minor_version_number
temp_1_minor_version_number="$(echo "$temp_1_version_number" | awk -F '.' '{print $2}')"
local temp_1_minimunm_version_number="${temp_1_version_number##*.}"
# shellcheck disable=SC2001
local temp_2_version_number="${2#v}"
local temp_2_major_version_number="${temp_2_version_number%%.*}"
local temp_2_minor_version_number
temp_2_minor_version_number="$(echo "$temp_2_version_number" | awk -F '.' '{print $2}')"
local temp_2_minimunm_version_number="${temp_2_version_number##*.}"
if [[ "$temp_1_major_version_number" -gt "$temp_2_major_version_number" ]]; then
return 0
elif [[ "$temp_1_major_version_number" -eq "$temp_2_major_version_number" ]]; then
if [[ "$temp_1_minor_version_number" -gt "$temp_2_minor_version_number" ]]; then
return 0
elif [[ "$temp_1_minor_version_number" -eq "$temp_2_minor_version_number" ]]; then
if [[ "$temp_1_minimunm_version_number" -gt "$temp_2_minimunm_version_number" ]]; then
return 0
else
return 1
fi
else
return 1
fi
else
return 1
fi
elif [[ "$1" == "$2" ]]; then
return 1
fi
}
download_xray() {
DOWNLOAD_LINK="https://github.com/XTLS/Xray-core/releases/download/$INSTALL_VERSION/Xray-linux-$MACHINE.zip"
echo "Downloading Xray archive: $DOWNLOAD_LINK"
if ! curl -x "${PROXY}" -R -H 'Cache-Control: no-cache' -o "$ZIP_FILE" "$DOWNLOAD_LINK"; then
echo 'error: Download failed! Please check your network or try again.'
return 1
fi
return 0
echo "Downloading verification file for Xray archive: $DOWNLOAD_LINK.dgst"
if ! curl -x "${PROXY}" -sSR -H 'Cache-Control: no-cache' -o "$ZIP_FILE.dgst" "$DOWNLOAD_LINK.dgst"; then
echo 'error: Download failed! Please check your network or try again.'
return 1
fi
if [[ "$(cat "$ZIP_FILE".dgst)" == 'Not Found' ]]; then
echo 'error: This version does not support verification. Please replace with another version.'
return 1
fi
# Verification of Xray archive
for LISTSUM in 'md5' 'sha1' 'sha256' 'sha512'; do
SUM="$(${LISTSUM}sum "$ZIP_FILE" | sed 's/ .*//')"
CHECKSUM="$(grep ${LISTSUM^^} "$ZIP_FILE".dgst | grep "$SUM" -o -a | uniq)"
if [[ "$SUM" != "$CHECKSUM" ]]; then
echo 'error: Check failed! Please check your network or try again.'
return 1
fi
done
}
decompression() {
if ! unzip -q "$1" -d "$TMP_DIRECTORY"; then
echo 'error: Xray decompression failed.'
"rm" -r "$TMP_DIRECTORY"
echo "removed: $TMP_DIRECTORY"
exit 1
fi
echo "info: Extract the Xray package to $TMP_DIRECTORY and prepare it for installation."
}
install_file() {
NAME="$1"
if [[ "$NAME" == 'xray' ]]; then
install -m 755 "${TMP_DIRECTORY}/$NAME" "/usr/local/bin/$NAME"
elif [[ "$NAME" == 'geoip.dat' ]] || [[ "$NAME" == 'geosite.dat' ]]; then
install -m 644 "${TMP_DIRECTORY}/$NAME" "${DAT_PATH}/$NAME"
fi
}
install_xray() {
# Install Xray binary to /usr/local/bin/ and $DAT_PATH
install_file xray
# If the file exists, geoip.dat and geosite.dat will not be installed or updated
if [[ "$NO_GEODATA" -eq '0' ]] && [[ ! -f "${DAT_PATH}/.undat" ]]; then
install -d "$DAT_PATH"
install_file geoip.dat
install_file geosite.dat
GEODATA='1'
fi
# Install Xray configuration file to $JSON_PATH
# shellcheck disable=SC2153
if [[ -z "$JSONS_PATH" ]] && [[ ! -d "$JSON_PATH" ]]; then
install -d "$JSON_PATH"
echo "{}" > "${JSON_PATH}/config.json"
CONFIG_NEW='1'
fi
# Install Xray configuration file to $JSONS_PATH
if [[ -n "$JSONS_PATH" ]] && [[ ! -d "$JSONS_PATH" ]]; then
install -d "$JSONS_PATH"
for BASE in 00_log 01_api 02_dns 03_routing 04_policy 05_inbounds 06_outbounds 07_transport 08_stats 09_reverse; do
echo '{}' > "${JSONS_PATH}/${BASE}.json"
done
CONFDIR='1'
fi
# Used to store Xray log files
if [[ "$NO_LOGFILES" -eq '0' ]]; then
if [[ ! -d '/var/log/xray/' ]]; then
install -d -m 700 -o "$INSTALL_USER_UID" -g "$INSTALL_USER_GID" /var/log/xray/
install -m 600 -o "$INSTALL_USER_UID" -g "$INSTALL_USER_GID" /dev/null /var/log/xray/access.log
install -m 600 -o "$INSTALL_USER_UID" -g "$INSTALL_USER_GID" /dev/null /var/log/xray/error.log
LOG='1'
else
chown -R "$INSTALL_USER_UID:$INSTALL_USER_GID" /var/log/xray/
fi
fi
}
install_startup_service_file() {
mkdir -p '/etc/systemd/system/xray.service.d'
mkdir -p '/etc/systemd/system/xray@.service.d/'
local temp_CapabilityBoundingSet="CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE"
local temp_AmbientCapabilities="AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE"
local temp_NoNewPrivileges="NoNewPrivileges=true"
if [[ "$INSTALL_USER_UID" -eq '0' ]]; then
temp_CapabilityBoundingSet="#${temp_CapabilityBoundingSet}"
temp_AmbientCapabilities="#${temp_AmbientCapabilities}"
temp_NoNewPrivileges="#${temp_NoNewPrivileges}"
fi
cat > /etc/systemd/system/xray.service << EOF
[Unit]
Description=Xray Service
Documentation=https://github.com/xtls
After=network.target nss-lookup.target
[Service]
User=$INSTALL_USER
${temp_CapabilityBoundingSet}
${temp_AmbientCapabilities}
${temp_NoNewPrivileges}
ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/config.json
Restart=on-failure
RestartPreventExitStatus=23
LimitNPROC=10000
LimitNOFILE=1000000
[Install]
WantedBy=multi-user.target
EOF
cat > /etc/systemd/system/xray@.service <<EOF
[Unit]
Description=Xray Service
Documentation=https://github.com/xtls
After=network.target nss-lookup.target
[Service]
User=$INSTALL_USER
${temp_CapabilityBoundingSet}
${temp_AmbientCapabilities}
${temp_NoNewPrivileges}
ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/%i.json
Restart=on-failure
RestartPreventExitStatus=23
LimitNPROC=10000
LimitNOFILE=1000000
[Install]
WantedBy=multi-user.target
EOF
chmod 644 /etc/systemd/system/xray.service /etc/systemd/system/xray@.service
if [[ -n "$JSONS_PATH" ]]; then
"rm" '/etc/systemd/system/xray.service.d/10-donot_touch_single_conf.conf' \
'/etc/systemd/system/xray@.service.d/10-donot_touch_single_conf.conf'
echo "# In case you have a good reason to do so, duplicate this file in the same directory and make your customizes there.
# Or all changes you made will be lost! # Refer: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
[Service]
ExecStart=
ExecStart=/usr/local/bin/xray run -confdir $JSONS_PATH" |
tee '/etc/systemd/system/xray.service.d/10-donot_touch_multi_conf.conf' > \
'/etc/systemd/system/xray@.service.d/10-donot_touch_multi_conf.conf'
else
"rm" '/etc/systemd/system/xray.service.d/10-donot_touch_multi_conf.conf' \
'/etc/systemd/system/xray@.service.d/10-donot_touch_multi_conf.conf'
echo "# In case you have a good reason to do so, duplicate this file in the same directory and make your customizes there.
# Or all changes you made will be lost! # Refer: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
[Service]
ExecStart=
ExecStart=/usr/local/bin/xray run -config ${JSON_PATH}/config.json" > \
'/etc/systemd/system/xray.service.d/10-donot_touch_single_conf.conf'
echo "# In case you have a good reason to do so, duplicate this file in the same directory and make your customizes there.
# Or all changes you made will be lost! # Refer: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
[Service]
ExecStart=
ExecStart=/usr/local/bin/xray run -config ${JSON_PATH}/%i.json" > \
'/etc/systemd/system/xray@.service.d/10-donot_touch_single_conf.conf'
fi
echo "info: Systemd service files have been installed successfully!"
echo "${red}warning: ${green}The following are the actual parameters for the xray service startup."
echo "${red}warning: ${green}Please make sure the configuration file path is correctly set.${reset}"
systemd_cat_config /etc/systemd/system/xray.service
# shellcheck disable=SC2154
if [[ x"${check_all_service_files:0:1}" = x'y' ]]; then
echo
echo
systemd_cat_config /etc/systemd/system/xray@.service
fi
systemctl daemon-reload
SYSTEMD='1'
}
start_xray() {
if [[ -f '/etc/systemd/system/xray.service' ]]; then
systemctl start "${XRAY_CUSTOMIZE:-xray}"
sleep 1s
if systemctl -q is-active "${XRAY_CUSTOMIZE:-xray}"; then
echo 'info: Start the Xray service.'
else
echo 'error: Failed to start Xray service.'
exit 1
fi
fi
}
stop_xray() {
XRAY_CUSTOMIZE="$(systemctl list-units | grep 'xray@' | awk -F ' ' '{print $1}')"
if [[ -z "$XRAY_CUSTOMIZE" ]]; then
local xray_daemon_to_stop='xray.service'
else
local xray_daemon_to_stop="$XRAY_CUSTOMIZE"
fi
if ! systemctl stop "$xray_daemon_to_stop"; then
echo 'error: Stopping the Xray service failed.'
exit 1
fi
echo 'info: Stop the Xray service.'
}
install_geodata() {
download_geodata() {
if ! curl -x "${PROXY}" -R -H 'Cache-Control: no-cache' -o "${dir_tmp}/${2}" "${1}"; then
echo 'error: Download failed! Please check your network or try again.'
exit 1
fi
if ! curl -x "${PROXY}" -R -H 'Cache-Control: no-cache' -o "${dir_tmp}/${2}.sha256sum" "${1}.sha256sum"; then
echo 'error: Download failed! Please check your network or try again.'
exit 1
fi
}
local download_link_geoip="https://github.com/v2fly/geoip/releases/latest/download/geoip.dat"
local download_link_geosite="https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat"
local file_ip='geoip.dat'
local file_dlc='dlc.dat'
local file_site='geosite.dat'
local dir_tmp
dir_tmp="$(mktemp -d)"
[[ "$XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT" -eq '0' ]] && echo "warning: Xray was not installed"
download_geodata $download_link_geoip $file_ip
download_geodata $download_link_geosite $file_dlc
cd "${dir_tmp}" || exit
for i in "${dir_tmp}"/*.sha256sum; do
if ! sha256sum -c "${i}"; then
echo 'error: Check failed! Please check your network or try again.'
exit 1
fi
done
cd - > /dev/null
install -d "$DAT_PATH"
install -m 644 "${dir_tmp}"/${file_dlc} "${DAT_PATH}"/${file_site}
install -m 644 "${dir_tmp}"/${file_ip} "${DAT_PATH}"/${file_ip}
rm -r "${dir_tmp}"
exit 0
}
check_update() {
if [[ "$XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT" -eq '1' ]]; then
get_current_version
echo "info: The current version of Xray is $CURRENT_VERSION ."
else
echo 'warning: Xray is not installed.'
fi
get_latest_version
echo "info: The latest release version of Xray is $RELEASE_LATEST ."
echo "info: The latest pre-release/release version of Xray is $PRE_RELEASE_LATEST ."
exit 0
}
remove_xray() {
if systemctl list-unit-files | grep -qw 'xray'; then
if [[ -n "$(pidof xray)" ]]; then
stop_xray
fi
local delete_files=('/usr/local/bin/xray' '/etc/systemd/system/xray.service' '/etc/systemd/system/xray@.service' '/etc/systemd/system/xray.service.d' '/etc/systemd/system/xray@.service.d')
[[ -d "$DAT_PATH" ]] && delete_files+=("$DAT_PATH")
if [[ "$PURGE" -eq '1' ]]; then
if [[ -z "$JSONS_PATH" ]]; then
delete_files+=("$JSON_PATH")
else
delete_files+=("$JSONS_PATH")
fi
[[ -d '/var/log/xray' ]] && delete_files+=('/var/log/xray')
fi
systemctl disable xray
if ! ("rm" -r "${delete_files[@]}"); then
echo 'error: Failed to remove Xray.'
exit 1
else
for i in ${!delete_files[@]}
do
echo "removed: ${delete_files[$i]}"
done
systemctl daemon-reload
echo "You may need to execute a command to remove dependent software: $PACKAGE_MANAGEMENT_REMOVE curl unzip"
echo 'info: Xray has been removed.'
if [[ "$PURGE" -eq '0' ]]; then
echo 'info: If necessary, manually delete the configuration and log files.'
if [[ -n "$JSONS_PATH" ]]; then
echo "info: e.g., $JSONS_PATH and /var/log/xray/ ..."
else
echo "info: e.g., $JSON_PATH and /var/log/xray/ ..."
fi
fi
exit 0
fi
else
echo 'error: Xray is not installed.'
exit 1
fi
}
# Explanation of parameters in the script
show_help() {
echo "usage: $0 ACTION [OPTION]..."
echo
echo 'ACTION:'
echo ' install Install/Update Xray'
echo ' install-geodata Install/Update geoip.dat and geosite.dat only'
echo ' remove Remove Xray'
echo ' help Show help'
echo ' check Check if Xray can be updated'
echo 'If no action is specified, then install will be selected'
echo
echo 'OPTION:'
echo ' install:'
echo ' --version Install the specified version of Xray, e.g., --version v1.0.0'
echo ' -f, --force Force install even though the versions are same'
echo ' --beta Install the pre-release version if it is exist'
echo ' -l, --local Install Xray from a local file'
echo ' -p, --proxy Download through a proxy server, e.g., -p http://127.0.0.1:8118 or -p socks5://127.0.0.1:1080'
echo ' -u, --install-user Install Xray in specified user, e.g, -u root'
echo ' --reinstall Reinstall current Xray version'
echo " --no-update-service Don't change service files if they are exist"
echo " --without-geodata Don't install/update geoip.dat and geosite.dat"
echo " --without-logfiles Don't install /var/log/xray"
echo ' install-geodata:'
echo ' -p, --proxy Download through a proxy server'
echo ' remove:'
echo ' --purge Remove all the Xray files, include logs, configs, etc'
echo ' check:'
echo ' -p, --proxy Check new version through a proxy server'
exit 0
}
main() {
check_if_running_as_root
identify_the_operating_system_and_architecture
judgment_parameters "$@"
install_software "$package_provide_tput" 'tput'
red=$(tput setaf 1)
green=$(tput setaf 2)
aoi=$(tput setaf 6)
reset=$(tput sgr0)
# Parameter information
[[ "$HELP" -eq '1' ]] && show_help
[[ "$CHECK" -eq '1' ]] && check_update
[[ "$REMOVE" -eq '1' ]] && remove_xray
[[ "$INSTALL_GEODATA" -eq '1' ]] && install_geodata
# Check if the user is effective
check_install_user
# Two very important variables
TMP_DIRECTORY="$(mktemp -d)"
ZIP_FILE="${TMP_DIRECTORY}/Xray-linux-$MACHINE.zip"
# Install Xray from a local file, but still need to make sure the network is available
if [[ -n "$LOCAL_FILE" ]]; then
echo 'warn: Install Xray from a local file, but still need to make sure the network is available.'
echo -n 'warn: Please make sure the file is valid because we cannot confirm it. (Press any key) ...'
read -r
install_software 'unzip' 'unzip'
decompression "$LOCAL_FILE"
else
get_current_version
if [[ "$REINSTALL" -eq '1' ]]; then
if [[ -z "$CURRENT_VERSION" ]]; then
echo "error: Xray is not installed"
exit 1
fi
INSTALL_VERSION="$CURRENT_VERSION"
echo "info: Reinstalling Xray $CURRENT_VERSION"
elif [[ -n "$SPECIFIED_VERSION" ]]; then
SPECIFIED_VERSION="v${SPECIFIED_VERSION#v}"
if [[ "$CURRENT_VERSION" == "$SPECIFIED_VERSION" ]] && [[ "$FORCE" -eq '0' ]]; then
echo "info: The current version is same as the specified version. The version is $CURRENT_VERSION ."
exit 0
fi
INSTALL_VERSION="$SPECIFIED_VERSION"
echo "info: Installing specified Xray version $INSTALL_VERSION for $(uname -m)"
else
install_software 'curl' 'curl'
get_latest_version
if [[ "$BETA" -eq '0' ]]; then
INSTALL_VERSION="$RELEASE_LATEST"
else
INSTALL_VERSION="$PRE_RELEASE_LATEST"
fi
if ! version_gt "$INSTALL_VERSION" "$CURRENT_VERSION" && [[ "$FORCE" -eq '0' ]]; then
echo "info: No new version. The current version of Xray is $CURRENT_VERSION ."
exit 0
fi
echo "info: Installing Xray $INSTALL_VERSION for $(uname -m)"
fi
install_software 'curl' 'curl'
install_software 'unzip' 'unzip'
if ! download_xray; then
"rm" -r "$TMP_DIRECTORY"
echo "removed: $TMP_DIRECTORY"
exit 1
fi
decompression "$ZIP_FILE"
fi
# Determine if Xray is running
if systemctl list-unit-files | grep -qw 'xray'; then
if [[ -n "$(pidof xray)" ]]; then
stop_xray
XRAY_RUNNING='1'
fi
fi
install_xray
([[ "$N_UP_SERVICE" -eq '1' ]] && [[ -f '/etc/systemd/system/xray.service' ]]) || install_startup_service_file
echo 'installed: /usr/local/bin/xray'
# If the file exists, the content output of installing or updating geoip.dat and geosite.dat will not be displayed
if [[ "$GEODATA" -eq '1' ]]; then
echo "installed: ${DAT_PATH}/geoip.dat"
echo "installed: ${DAT_PATH}/geosite.dat"
fi
if [[ "$CONFIG_NEW" -eq '1' ]]; then
echo "installed: ${JSON_PATH}/config.json"
fi
if [[ "$CONFDIR" -eq '1' ]]; then
echo "installed: ${JSON_PATH}/00_log.json"
echo "installed: ${JSON_PATH}/01_api.json"
echo "installed: ${JSON_PATH}/02_dns.json"
echo "installed: ${JSON_PATH}/03_routing.json"
echo "installed: ${JSON_PATH}/04_policy.json"
echo "installed: ${JSON_PATH}/05_inbounds.json"
echo "installed: ${JSON_PATH}/06_outbounds.json"
echo "installed: ${JSON_PATH}/07_transport.json"
echo "installed: ${JSON_PATH}/08_stats.json"
echo "installed: ${JSON_PATH}/09_reverse.json"
fi
if [[ "$LOG" -eq '1' ]]; then
echo 'installed: /var/log/xray/'
echo 'installed: /var/log/xray/access.log'
echo 'installed: /var/log/xray/error.log'
fi
if [[ "$SYSTEMD" -eq '1' ]]; then
echo 'installed: /etc/systemd/system/xray.service'
echo 'installed: /etc/systemd/system/xray@.service'
fi
"rm" -r "$TMP_DIRECTORY"
echo "removed: $TMP_DIRECTORY"
get_current_version
echo "info: Xray $CURRENT_VERSION is installed."
echo "You may need to execute a command to remove dependent software: $PACKAGE_MANAGEMENT_REMOVE curl unzip"
if [[ "$XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT" -eq '1' ]] && [[ "$FORCE" -eq '0' ]] && [[ "$REINSTALL" -eq '0' ]]; then
[[ "$XRAY_RUNNING" -eq '1' ]] && start_xray
else
systemctl start xray
systemctl enable xray
sleep 1s
if systemctl -q is-active xray; then
echo "info: Enable and start the Xray service"
else
echo "warning: Failed to enable and start the Xray service"
fi
fi
}
main "$@"