zeaslity/shell-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

大量更新

Browse Source
This commit is contained in:
zeaslity
2025-01-20 16:38:08 +08:00
parent ed9e0947e6
commit 7db1e0f565
46 changed files with 583 additions and 1896 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
0-部署应用/Oracle-Cloud/所有集群的IP网段.txt
View File

@@ -1,17 +1,31 @@
# seoul arm # seoul tokyo amd64
140.238.0.0/16
# seoul arm-01
132.145.87.10/32
# seoul arm-02
146.56.0.0/16 146.56.0.0/16
# tokyo arm # tokyo arm
150.230.0.0/16 150.230.0.0/16
# tokyo seoul
140.238.0.0/16
# phonix send to boge # phonix send to boge
#144.24.0.0/16 #144.24.0.0/16
# phonix amd # phonix amd
129.146.0.0/16 129.146.0.0/16
# osaka amd64 # osaka amd64
140.83.0.0/16 140.83.0.0/16
# frankfurt amd64
158.180.0.0/16
# tencent-shanghai # tencent-shanghai
42.192.52.227/32 42.192.52.227/32
# tencent-hongkong # tencent-hongkong
43.154.83.213/32 43.154.83.213/32
# Rare.io-amd64-deussdolf
144.24.164.121/32

16
0-部署应用/minio-docker.sh
View File

@@ -1,16 +0,0 @@
#!/bin/bash
export MIOIO_DATA_PATH=/var/lib/docker/minio-pv
mkdir -p ${MIOIO_DATA_PATH}
chown -R 1001:1001 ${MIOIO_DATA_PATH}
docker run -d \
--env MINIO_ACCESS_KEY="cmii" \
--env MINIO_SECRET_KEY="boge14@Level5" \
--volume ${MIOIO_DATA_PATH}:/data \
--network host \
--name minio-server \
bitnami/minio:2021.11.24-debian-10-r0

14
0-部署应用/nacos-docker.sh
View File

@@ -1,14 +0,0 @@
#!/bin/bash
docker run -d \
-e MODE=standalone \
-e MYSQL_SERVICE_HOST=localhost \
-e MYSQL_SERVICE_PORT=33306 \
-e MYSQL_SERVICE_DB_NAME=nacos_config \
-e MYSQL_SERVICE_USER=root \
-e MYSQL_SERVICE_PASSWORD=boge14@Level5 \
--name nacos-server \
--network host \
nacos/nacos-server:2.0.2

6
1-代理Xray/0-主机网络优化/内核转发优化.txt
View File

@@ -69,7 +69,7 @@ sudo sysctl -p /etc/sysctl.d/proxy-wdd.conf
sysctl net.ipv4.tcp_congestion_control sysctl net.ipv4.tcp_congestion_control
sudo ethtool -K enp0s3 gro on sudo ethtool -K eth0 gro on
sudo ethtool -K enp0s3 gso on sudo ethtool -K eth0 gso on
sudo ethtool -K enp0s3 tso on sudo ethtool -K eth0 tso on

0
1-代理Xray/路由转发内核优化.sh → 1-代理Xray/0-主机网络优化/路由转发内核优化.sh
View File

4
1-代理Xray/0-香港节点/0-分层代理回落.json
View File

@@ -9,7 +9,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "b4bdf874-8c03-5bd8-8fd7-5e409dfd82c0", "id": "8c1b580b-c59d-4b89-b020-980fa947539f",
"flow": "xtls-rprx-vision", "flow": "xtls-rprx-vision",
"email": "cc@vless.com", "email": "cc@vless.com",
"level": 0 "level": 0
@@ -72,7 +72,7 @@
"clients": [ "clients": [
{ {
"email": "ice@qq.com", "email": "ice@qq.com",
"password": "Vad3.123a)asd1234-asdasd.asdazzS.123", "password": "VaC3.123a-asd1234-asdasd.aAsDazzS.123",
"level": 0 "level": 0
} }
] ]

126
1-代理Xray/0-香港节点/分层代理回落.json
View File

@@ -1,126 +0,0 @@
{
"log": {
"loglevel": "debug"
},
"inbounds": [
{
"port": 443,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "b4bdf874-8c03-5bd8-8fd7-5e409dfd82c0",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none",
"fallbacks": [
{
"name": "xx.tc.hk.go.107421.xyz",
"path": "/status",
"dest": 5000,
"xver": 1
},
{
"name": "book.107421.xyz",
"dest": 5003,
"xver": 1
},
{
"name": "book.107421.xyz",
"alpn": "h2",
"dest": 5004,
"xver": 1
},
{
"dest": 5001,
"xver": 1
},
{
"alpn": "h2",
"dest": 5002,
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"alpn": ["h2", "http/1.1"],
"certificates": [
{
"certificateFile": "/root/.acme.sh/book.107421.xyz_ecc/fullchain.cer",
"keyFile": "/root/.acme.sh/book.107421.xyz_ecc/book.107421.xyz.key"
}
]
}
}
},
{
"port": 5000,
"listen": "127.0.0.1",
"protocol": "vless",
"settings": {
"clients": [
{
"id": "481d1403-de9a-5ae1-b921-18c04a4a9da0",
"level": 0,
"email": "dd@qq.com"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "tls",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/status"
},
"tlsSettings": {
"alpn": ["h2", "http/1.1"],
"certificates": [
{
"certificateFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/fullchain.cer",
"keyFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/xx.tc.hk.go.107421.xyz.key"
}
]
}
}
},
{
"listen": "0.0.0.0",
"port": 29999,
"protocol": "trojan",
"settings": {
"clients": [
{
"password": "V2ryStr0ngP0ss"
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"alpn": [
"h2",
"http/1.1"
],
"certificates": [
{
"certificateFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/fullchain.cer",
"keyFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/xx.tc.hk.go.107421.xyz.key"
}
]
}
}
}
],
"outbounds": [
{
"protocol": "freedom"
}
]
}

12
1-代理Xray/1-韩国中转/0-Vless回落中转-Seoul-ARM-01.json → 1-代理Xray/1-韩国中转/0-Seoul-ARM-01-Vless回落中转-.json
View File

@@ -20,6 +20,13 @@
{ {
"name": "pan.107421.xyz", "name": "pan.107421.xyz",
"dest": 5003, "dest": 5003,
"alpn": "h2",
"xver": 2
},
{
"name": "push.107421.xyz",
"dest": 5004,
"alpn": "h2",
"xver": 2 "xver": 2
}, },
{ {
@@ -62,6 +69,11 @@
"ocspStapling": 3600, "ocspStapling": 3600,
"certificateFile": "/root/.acme.sh/pan.107421.xyz_ecc/fullchain.cer", "certificateFile": "/root/.acme.sh/pan.107421.xyz_ecc/fullchain.cer",
"keyFile": "/root/.acme.sh/pan.107421.xyz_ecc/pan.107421.xyz.key" "keyFile": "/root/.acme.sh/pan.107421.xyz_ecc/pan.107421.xyz.key"
},
{
"ocspStapling": 3600,
"certificateFile": "/root/.acme.sh/push.107421.xyz_ecc/fullchain.cer",
"keyFile": "/root/.acme.sh/push.107421.xyz_ecc/push.107421.xyz.key"
} }
], ],
"minVersion": "1.2", "minVersion": "1.2",

4
1-代理Xray/1-韩国中转/0-Seoul4-Vless回落中转.json
View File

@@ -9,7 +9,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "1dde748d-32ee-4ed7-b70b-f2376d34e7e5", "id": "1089cc14-557e-47ac-ac85-c07957b3cce3",
"flow": "xtls-rprx-vision", "flow": "xtls-rprx-vision",
"email": "cc@vless.com", "email": "cc@vless.com",
"level": 0 "level": 0
@@ -82,7 +82,7 @@
"clients": [ "clients": [
{ {
"email": "general@trojan-h2-tokyo2", "email": "general@trojan-h2-tokyo2",
"password": "ADasfsaad12.21312@113.adsaddasds.112321", "password": "ADaSfsaad12.21312-.1Ac13.adsCCddasds.112321",
"level": 0 "level": 0
} }
] ]

69
1-代理Xray/2-上海中转/0-Shanghai.json
View File

@@ -25,6 +25,31 @@
"allowTransparent": false "allowTransparent": false
} }
}, },
{
"tag": "proxy-germany",
"port": 22889,
"listen": "0.0.0.0",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
],
"routeOnly": false
},
"settings": {
"auth": "password",
"accounts": [
{
"user": "zeaslity",
"pass": "lovemm.23"
}
],
"udp": true,
"allowTransparent": false
}
},
{ {
"tag": "direct", "tag": "direct",
"port": 22887, "port": 22887,
@@ -89,6 +114,43 @@
"concurrency": -1 "concurrency": -1
} }
}, },
{
"tag": "proxy-germany",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "45.134.50.233",
"port": 443,
"users": [
{
"id": "8a681ef0-cb4b-4768-9553-49acb7b9a1ad",
"email": "t@t.tt",
"security": "auto",
"encryption": "none",
"flow": "xtls-rprx-vision"
}
]
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"allowInsecure": false,
"serverName": "bingo.107421.xyz",
"alpn": [
"h2"
],
"fingerprint": "firefox"
}
},
"mux": {
"enabled": false,
"concurrency": -1
}
},
{ {
"tag": "direct", "tag": "direct",
"protocol": "freedom", "protocol": "freedom",
@@ -123,6 +185,13 @@
"proxy-socks" "proxy-socks"
] ]
}, },
{
"type": "field",
"outboundTag": "proxy-germany",
"inboundTag": [
"proxy-germany"
]
},
{ {
"type": "field", "type": "field",
"outboundTag": "direct", "outboundTag": "direct",

4
1-代理Xray/3-搬瓦工节点/0-分层代理.json
View File

@@ -9,7 +9,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "717c40e7-efeb-45bc-8f5e-4e6e7d9eea18", "id": "0c5741d0-76a9-4945-9c1d-14647afcce24",
"flow": "xtls-rprx-vision", "flow": "xtls-rprx-vision",
"email": "cc@gg.com", "email": "cc@gg.com",
"level": 0 "level": 0
@@ -72,7 +72,7 @@
"clients": [ "clients": [
{ {
"email": "ice@qq.com", "email": "ice@qq.com",
"password": "Vad3.123a)asd@1234-as.dasd.asdazzS.123", "password": "Vad3.123acasd-1234-as.dAsd.asdazzS.123",
"level": 0 "level": 0
} }
] ]

2
1-代理Xray/4-凤凰城arm02节点/0-分层代理回落.json
View File

@@ -9,7 +9,7 @@
"settings": { "settings": {
"clients": [ "clients": [
{ {
"id": "12491d80-745c-4e26-a58b-edf584afb208", "id": "f1335f03-8c67-43c4-ac47-88697e917cc0",
"flow": "xtls-rprx-vision", "flow": "xtls-rprx-vision",
"email": "cc@Phoenix-arm02.com", "email": "cc@Phoenix-arm02.com",
"level": 0 "level": 0

28
1-代理Xray/5-临时Vmess方案/德国-vulter.json Normal file
View File

@@ -0,0 +1,28 @@
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"listen": "0.0.0.0",
"port": 31234,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "7d390fdf-0a48-4a3e-b18c-b18db36c6f23"
}
]
},
"streamSettings": {
"network": "tcp"
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct"
}
]
}

64
1-代理Xray/6-德国-Care节点/0-分层代理回落.json Normal file
View File

@@ -0,0 +1,64 @@
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"port": 443,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "b1417d92-998d-410b-a5f3-cf144b6f043e",
"flow": "xtls-rprx-vision",
"email": "cc@vless.com",
"level": 0
}
],
"decryption": "none",
"fallbacks": [
{
"dest": "/dev/shm/h2c.sock",
"xver": 2,
"alpn": "h2"
},
{
"dest": "/dev/shm/h1.sock",
"xver": 2
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"certificates": [
{
"ocspStapling": 3600,
"certificateFile": "/root/.acme.sh/bingo.107421.xyz_ecc/fullchain.cer",
"keyFile": "/root/.acme.sh/bingo.107421.xyz_ecc/bingo.107421.xyz.key"
}
],
"minVersion": "1.2",
"cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"alpn": [
"h2",
"http/1.1"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
],
"outbounds": [
{
"protocol": "freedom"
}
]
}

1
1-代理Xray/6-德国-Care节点/节点IP.txt Normal file
View File

@@ -0,0 +1 @@
当前 IP45.134.50.233 来自于:罗马尼亚 蒂米什县 蒂米什瓦拉 bunea.eu

BIN
1-代理Xray/9-伪装网站/dist.zip Normal file
View File

Binary file not shown.

58
1-代理Xray/9-伪装网站/nginx-高版本.conf Normal file
View File

@@ -0,0 +1,58 @@
# Restrict access to the website by IP or wrong domain name) and return 400
server {
listen unix:/dev/shm/h2c.sock proxy_protocol default_server;
# listen 5000;
http2 on;
set_real_ip_from unix:;
real_ip_header proxy_protocol;
server_name _;
return 400 "not allowed";
}
server {
# listen 5001;
listen unix:/dev/shm/h1.sock proxy_protocol default_server;
set_real_ip_from unix:;
real_ip_header proxy_protocol;
server_name _;
return 400 "not allowed";
}
# HTTP1 UDS listener
server {
listen unix:/dev/shm/h1.sock proxy_protocol;
# listen 5001;
server_name bingo.107421.xyz;
set_real_ip_from unix:;
real_ip_header proxy_protocol;
location / {
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
root /var/www/html/;
index index.html index.htm;
}
}
# HTTP2 UDS listener
server {
listen unix:/dev/shm/h2c.sock proxy_protocol;
http2 on;
set_real_ip_from unix:;
real_ip_header proxy_protocol;
server_name bingo.107421.xyz;
# grpc settings
# grpc_read_timeout 1h;
# grpc_send_timeout 1h;
# grpc_set_header X-Real-IP $remote_addr;
# Decoy website
location / {
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
root /var/www/html;
index index.html index.htm;
}
}

57
1-代理Xray/9-伪装网站/nginx.conf Normal file
View File

@@ -0,0 +1,57 @@
# Restrict access to the website by IP or wrong domain name) and return 400
server {
listen unix:/dev/shm/h2c.sock http2 proxy_protocol default_server;
# listen 5000;
# http2 on;
set_real_ip_from unix:;
real_ip_header proxy_protocol;
server_name _;
return 400 "not allowed";
}
server {
# listen 5001;
listen unix:/dev/shm/h1.sock proxy_protocol default_server;
set_real_ip_from unix:;
real_ip_header proxy_protocol;
server_name _;
return 400 "not allowed";
}
# HTTP1 UDS listener
server {
listen unix:/dev/shm/h1.sock proxy_protocol;
# listen 5001;
server_name bingo.107421.xyz;
set_real_ip_from unix:;
real_ip_header proxy_protocol;
location / {
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
root /var/www/html/;
index index.html index.htm;
}
}
# HTTP2 UDS listener
server {
listen unix:/dev/shm/h2c.sock http2 proxy_protocol;
set_real_ip_from unix:;
real_ip_header proxy_protocol;
server_name bingo.107421.xyz;
# grpc settings
# grpc_read_timeout 1h;
# grpc_send_timeout 1h;
# grpc_set_header X-Real-IP $remote_addr;
# Decoy website
location / {
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
root /var/www/html;
index index.html index.htm;
}
}

20
1-代理Xray/0-香港节点/在线安装nginx.sh → 1-代理Xray/9-伪装网站/在线安装nginx.sh
View File

@@ -16,4 +16,22 @@ echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority:
| sudo tee /etc/apt/preferences.d/99nginx | sudo tee /etc/apt/preferences.d/99nginx
sudo apt update sudo apt update
sudo apt install -y nginx sudo apt install -y nginx
mkdir -p /var/www/html/
mv dist.zip /var/www/html/
cd /var/www/html/
unzip dist.zip
chown -R www-data:www-data /var/www/html/
chmod -R 755 /var/www/html/
systemctl restart nginx
systemctl enable nginx
systemctl restart xray
systemctl enable xray
journalctl -u nginx -n 100 -f
journalctl -u xray -n 100 -f

27
1-代理Xray/98-subscribe-clash.yaml
View File

@@ -57,13 +57,15 @@ proxies:
- {"type":"socks5","name":"onetools-35-71","server":"192.168.35.71","port":22888,"username":"zeaslity","password":"password","udp":true} - {"type":"socks5","name":"onetools-35-71","server":"192.168.35.71","port":22888,"username":"zeaslity","password":"password","udp":true}
- {"type":"socks5","name":"TC-SH","server":"42.192.52.227","port":22887,"username":"zeaslity","password":"lovemm.23","udp":true} - {"type":"socks5","name":"TC-SH","server":"42.192.52.227","port":22887,"username":"zeaslity","password":"lovemm.23","udp":true}
- {"type":"socks5","name":"TC-SH-LosA-BanH","server":"42.192.52.227","port":22888,"username":"zeaslity","password":"lovemm.23","udp":true} - {"type":"socks5","name":"TC-SH-LosA-BanH","server":"42.192.52.227","port":22888,"username":"zeaslity","password":"lovemm.23","udp":true}
- {"type":"trojan","name":"TC-HK-Trojan","server":"43.154.83.213","port":443,"password":"Vad3.123a)asd1234-asdasd.asdazzS.123","udp":true,"skip-cert-verify":false,"sni":"xx.tc.hk.go.107421.xyz","network":"http","ws-opts":{"path":"status"}} - {"type":"socks5","name":"TC-SH-Germany","server":"42.192.52.227","port":22889,"username":"zeaslity","password":"lovemm.23","udp":true}
- {"type":"vless","name":"TC-HK-Vless","server":"43.154.83.213","port":443,"uuid":"b4bdf874-8c03-5bd8-8fd7-5e409dfd82c0","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"book.107421.xyz","tls":true,"udp":true} - {"type":"trojan","name":"TC-HK-Trojan","server":"43.154.83.213","port":443,"password":"VaC3.123a-asd1234-asdasd.aAsDazzS.123","udp":true,"skip-cert-verify":false,"sni":"xx.tc.hk.go.107421.xyz","network":"http","ws-opts":{"path":"status"}}
- {"type":"vless","name":"Oracle-Seoul-ARM01-Vless","server":"132.145.87.10","port":443,"uuid":"1dde748d-32ee-4ed7-b70b-f2376d34e7e5","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"xx.s0.yy.ac.107421.xyz","tls":true,"udp":true} - {"type":"vless","name":"TC-HK-Vless","server":"43.154.83.213","port":443,"uuid":"8c1b580b-c59d-4b89-b020-980fa947539f","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"book.107421.xyz","tls":true,"udp":true}
- {"type":"vless","name":"Oracle-Seoul-Vless","server":"140.238.14.103","port":443,"uuid":"1dde748d-32ee-4ed7-b70b-f2376d34e7e5","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"xx.s4.cc.hh.107421.xyz","tls":true,"udp":true} - {"type":"vless","name":"Care-Germany-Vless","server":"45.134.50.233","port":443,"uuid":"b1417d92-998d-410b-a5f3-cf144b6f043e","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"bingo.107421.xyz","tls":true,"udp":true}
- {"type":"vless","name":"BanH-LosA-Vless","server":"89.208.251.209","port":443,"uuid":"717c40e7-efeb-45bc-8f5e-4e6e7d9eea18","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"octopus.107421.xyz","tls":true,"udp":true} - {"type":"vless","name":"Oracle-Seoul-ARM01-Vless","server":"132.145.87.10","port":443,"uuid":"1089cc14-557e-47ac-ac85-c07957b3cce3","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"xx.s0.yy.ac.107421.xyz","tls":true,"udp":true}
- {"type":"trojan","name":"BanH-LosA-Trojan","server":"89.208.251.209","port":443,"password":"Vad3.123a)asd@1234-as.dasd.asdazzS.123","udp":true,"skip-cert-verify":false,"sni":"xx.l4.cc.nn.107421.xyz","network":"http","ws-opts":{"path":"status","headers":{"host":"xx.l4.cc.nn.107421.xyz"}}} - {"type":"vless","name":"Oracle-Seoul-Vless","server":"140.238.14.103","port":443,"uuid":"1089cc14-557e-47ac-ac85-c07957b3cce3","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"xx.s4.cc.hh.107421.xyz","tls":true,"udp":true}
- {"type":"trojan","name":"Oracle-Tokyo-Trojan","server":"140.238.14.103","port":443,"password":"ADasfsaad12.21312@113.adsaddasds.112321","udp":true,"skip-cert-verify":false,"sni":"xx.t2.ll.c0.107421.xyz","network":"http","ws-opts":{"path":"vlh2tokyo2","headers":{"host":"xx.t2.ll.c0.107421.xyz"}}} - {"type":"vless","name":"BanH-LosA-Vless","server":"89.208.251.209","port":443,"uuid":"0c5741d0-76a9-4945-9c1d-14647afcce24","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"octopus.107421.xyz","tls":true,"udp":true}
- {"type":"trojan","name":"BanH-LosA-Trojan","server":"89.208.251.209","port":443,"password":"Vad3.123acasd-1234-as.dAsd.asdazzS.123","udp":true,"skip-cert-verify":false,"sni":"xx.l4.cc.nn.107421.xyz","network":"http","ws-opts":{"path":"status","headers":{"host":"xx.l4.cc.nn.107421.xyz"}}}
- {"type":"trojan","name":"Oracle-Tokyo-Trojan","server":"140.238.14.103","port":443,"password":"ADaSfsaad12.21312-.1Ac13.adsCCddasds.112321","udp":true,"skip-cert-verify":false,"sni":"xx.t2.ll.c0.107421.xyz","network":"http","ws-opts":{"path":"vlh2tokyo2","headers":{"host":"xx.t2.ll.c0.107421.xyz"}}}
- {"type":"vless","name":"Oracle-Pheonix-ARM02-Vless","server":"129.146.57.94","port":443,"uuid":"12491d80-745c-4e26-a58b-edf584afb208","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"zc.p4.cc.xx.107421.xyz","tls":true,"udp":true} - {"type":"vless","name":"Oracle-Pheonix-ARM02-Vless","server":"129.146.57.94","port":443,"uuid":"12491d80-745c-4e26-a58b-edf584afb208","skip-cert-verify":false,"network":"tcp","flow":"xtls-rprx-vision","servername":"zc.p4.cc.xx.107421.xyz","tls":true,"udp":true}
proxy-groups: proxy-groups:
- name: 🚀 节点选择 - name: 🚀 节点选择
@@ -75,12 +77,14 @@ proxy-groups:
- us-central-free - us-central-free
- Oracle-Seoul-Vless - Oracle-Seoul-Vless
- Oracle-Seoul-ARM01-Vless - Oracle-Seoul-ARM01-Vless
- Care-Germany-Vless
- TC-SH - TC-SH
- TC-SH-LosA-BanH
- TC-SH-Germany
- TC-HK-Trojan - TC-HK-Trojan
- Oracle-Tokyo-Trojan - Oracle-Tokyo-Trojan
- Oracle-Pheonix-ARM02-Vless - Oracle-Pheonix-ARM02-Vless
- onetools-35-71 - onetools-35-71
- TC-SH-LosA-BanH
- ♻️ 自动选择 - ♻️ 自动选择
- DIRECT - DIRECT
- name: ♻️ 自动选择 - name: ♻️ 自动选择
@@ -94,6 +98,7 @@ proxy-groups:
- us-central-free - us-central-free
- Oracle-Seoul-Vless - Oracle-Seoul-Vless
- Oracle-Seoul-ARM01-Vless - Oracle-Seoul-ARM01-Vless
- Care-Germany-Vless
- Oracle-Tokyo-Trojan - Oracle-Tokyo-Trojan
- Oracle-Pheonix-ARM02-Vless - Oracle-Pheonix-ARM02-Vless
- BanH-LosA-Vless - BanH-LosA-Vless
@@ -109,6 +114,7 @@ proxy-groups:
- us-central-free - us-central-free
- Oracle-Seoul-Vless - Oracle-Seoul-Vless
- Oracle-Seoul-ARM01-Vless - Oracle-Seoul-ARM01-Vless
- Care-Germany-Vless
- BanH-LosA-Vless - BanH-LosA-Vless
- TC-HK-Trojan - TC-HK-Trojan
- TC-HK-Vless - TC-HK-Vless
@@ -154,8 +160,8 @@ proxy-groups:
- name: 💩 工作代理 - name: 💩 工作代理
type: select type: select
proxies: proxies:
- onetools-35-71
- DIRECT - DIRECT
- onetools-35-71
- name: 🎯 全球直连 - name: 🎯 全球直连
type: select type: select
proxies: proxies:
@@ -191,7 +197,7 @@ rules:
- DOMAIN-SUFFIX,wdd.io,💩 工作直连 - DOMAIN-SUFFIX,wdd.io,💩 工作直连
- DOMAIN-SUFFIX,harbor.cdcyy.com.cn,💩 工作代理 - DOMAIN-SUFFIX,harbor.cdcyy.com.cn,💩 工作代理
- DOMAIN-SUFFIX,ecs.io,💩 工作代理 - DOMAIN-SUFFIX,ecs.io,💩 工作代理
- DOMAIN-SUFFIX,ops.uavcmlc.com,💩 工作代理 - DOMAIN-SUFFIX,uavcmlc.com,💩 工作代理
- DOMAIN-SUFFIX,acl4.ssr,🎯 全球直连 - DOMAIN-SUFFIX,acl4.ssr,🎯 全球直连
- DOMAIN-SUFFIX,ip6-localhost,🎯 全球直连 - DOMAIN-SUFFIX,ip6-localhost,🎯 全球直连
- DOMAIN-SUFFIX,ip6-loopback,🎯 全球直连 - DOMAIN-SUFFIX,ip6-loopback,🎯 全球直连
@@ -2321,6 +2327,7 @@ rules:
- IP-CIDR6,2001:b28:f23d::/48,📲 电报信息,no-resolve - IP-CIDR6,2001:b28:f23d::/48,📲 电报信息,no-resolve
- IP-CIDR6,2001:b28:f23f::/48,📲 电报信息,no-resolve - IP-CIDR6,2001:b28:f23f::/48,📲 电报信息,no-resolve
- DOMAIN-SUFFIX,hetushu.com,🚀 节点选择 - DOMAIN-SUFFIX,hetushu.com,🚀 节点选择
- DOMAIN-SUFFIX,gitea.107421.xyz,🚀 节点选择
- DOMAIN-SUFFIX,1password.com,🚀 节点选择 - DOMAIN-SUFFIX,1password.com,🚀 节点选择
- DOMAIN-SUFFIX,v2rayse.com,🚀 节点选择 - DOMAIN-SUFFIX,v2rayse.com,🚀 节点选择
- DOMAIN-SUFFIX,vpnse.org,🚀 节点选择 - DOMAIN-SUFFIX,vpnse.org,🚀 节点选择

12
1-代理Xray/99-subscribe-octopus-latest.txt
View File

@@ -1,11 +1,11 @@
vmess://eyJ2IjoiMiIsInBzIjoidXMtY2VudGUtZnJlZSIsImFkZCI6Im5vcnRoZmxhbmsuMTA3NDIxLnh5eiIsInBvcnQiOjQ0MywiaWQiOiJkZTA0YWRkOS01YzY4LThiYWItOTUwYy0wOGNkNTMyMGRmMTgiLCJhaWQiOjAsInNjeSI6ImF1dG8iLCJuZXQiOiJ3cyIsInBhdGgiOiIvdm1lc3MiLCJ0bHMiOiJ0bHMifQ== vmess://eyJ2IjoiMiIsInBzIjoidXMtY2VudGUtZnJlZSIsImFkZCI6Im5vcnRoZmxhbmsuMTA3NDIxLnh5eiIsInBvcnQiOjQ0MywiaWQiOiJkZTA0YWRkOS01YzY4LThiYWItOTUwYy0wOGNkNTMyMGRmMTgiLCJhaWQiOjAsInNjeSI6ImF1dG8iLCJuZXQiOiJ3cyIsInBhdGgiOiIvdm1lc3MiLCJ0bHMiOiJ0bHMifQ==
trojan://Vad3.123a%29asd1234-asdasd.asdazzS.123@43.154.83.213:443?flow=xtls-rprx-vision&security=tls&sni=xx.tc.hk.go.107421.xyz&alpn=h2&fp=firefox&type=http&path=trh2#TC-HK-Trojan trojan://VaC3.123a-asd1234-asdasd.aAsDazzS.123@43.154.83.213:443?flow=xtls-rprx-vision&security=tls&sni=xx.tc.hk.go.107421.xyz&alpn=h2&fp=firefox&type=http&path=status#TC-HK-Trojan
vless://b4bdf874-8c03-5bd8-8fd7-5e409dfd82c0@43.154.83.213:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=book.107421.xyz&alpn=h2%2Chttp%2F1.1&fp=firefox&type=tcp&headerType=none#TC-HK-Vless vless://b4bdf874-8c03-5bd8-8fd7-5e409dfd82c0@43.154.83.213:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=book.107421.xyz&alpn=h2%2Chttp%2F1.1&fp=firefox&type=tcp&headerType=none#TC-HK-Vless
vless://1dde748d-32ee-4ed7-b70b-f2376d34e7e5@132.145.87.10:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=xx.s0.yy.ac.107421.xyz&alpn=h2&fp=firefox&type=tcp&headerType=none&host=xx.s0.yy.ac.107421.xyz#Oracle-Seoul-ARM01-Vless vless://b1417d92-998d-410b-a5f3-cf144b6f043e@45.134.50.233:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=bingo.107421.xyz&alpn=h2%2Chttp%2F1.1&fp=firefox&type=tcp&headerType=none#Care-Germany-Vless
vless://1dde748d-32ee-4ed7-b70b-f2376d34e7e5@140.238.14.103:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=xx.s4.cc.hh.107421.xyz&alpn=h2&fp=firefox&type=tcp&headerType=none&host=xx.s4.cc.hh.107421.xyz#Oracle-Seoul-Vless vless://1089cc14-557e-47ac-ac85-c07957b3cce3@140.238.14.103:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=xx.s4.cc.hh.107421.xyz&alpn=h2&fp=firefox&type=tcp&headerType=none&host=xx.s4.cc.hh.107421.xyz#Oracle-Seoul-Vless
socks://emVhc2xpdHk6bG92ZW1tLjIz@42.192.52.227:22888#TC-SH-LosA-BanH socks://emVhc2xpdHk6bG92ZW1tLjIz@42.192.52.227:22888#TC-SH-LosA-BanH
vless://717c40e7-efeb-45bc-8f5e-4e6e7d9eea18@89.208.251.209:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=octopus.107421.xyz&alpn=h2&fp=firefox&type=tcp&headerType=none#BanH-LosA-Vless vless://0c5741d0-76a9-4945-9c1d-14647afcce24@89.208.251.209:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=octopus.107421.xyz&alpn=h2&fp=firefox&type=tcp&headerType=none#BanH-LosA-Vless
trojan://Vad3.123a%29asd%401234-as.dasd.asdazzS.123@89.208.251.209:443?flow=xtls-rprx-vision&security=tls&sni=xx.l4.cc.nn.107421.xyz&alpn=h2&fp=firefox&type=http&host=xx.l4.cc.nn.107421.xyz&path=status#BanH-LosA-Trojan trojan://Vad3.123acasd-1234-as.dAsd.asdazzS.123@89.208.251.209:443?flow=xtls-rprx-vision&security=tls&sni=xx.l4.cc.nn.107421.xyz&alpn=h2&fp=firefox&type=http&host=xx.l4.cc.nn.107421.xyz&path=status#BanH-LosA-Trojan
trojan://ADasfsaad12.21312%40113.adsaddasds.112321@140.238.14.103:443?flow=xtls-rprx-vision&security=tls&sni=xx.t2.ll.c0.107421.xyz&alpn=h2&fp=firefox&type=http&host=xx.t2.ll.c0.107421.xyz&path=vlh2tokyo2#Oracle-Tokyo-Trojan trojan://ADaSfsaad12.21312-.1Ac13.adsCCddasds.112321@140.238.14.103:443?flow=xtls-rprx-vision&security=tls&sni=xx.t2.ll.c0.107421.xyz&alpn=h2&fp=firefox&type=http&host=xx.t2.ll.c0.107421.xyz&path=vlh2tokyo2#Oracle-Tokyo-Trojan
vless://12491d80-745c-4e26-a58b-edf584afb208@129.146.57.94:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=zc.p4.cc.xx.107421.xyz&alpn=h2&fp=firefox&type=tcp&headerType=none#Oracle-Pheonix-ARM02-Vless vless://12491d80-745c-4e26-a58b-edf584afb208@129.146.57.94:443?encryption=none&flow=xtls-rprx-vision&security=tls&sni=zc.p4.cc.xx.107421.xyz&alpn=h2&fp=firefox&type=tcp&headerType=none#Oracle-Pheonix-ARM02-Vless

BIN
1-代理Xray/XRay-安装脚本/Xray-linux-64-v1.6.0.zip
View File

Binary file not shown.

9
1-代理Xray/XRay-安装脚本/Xray安装脚本.txt
View File

@@ -1,2 +1,9 @@
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install --without-geodata bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install --without-geodata
sed -i "s/nobody/root/g" /etc/systemd/system/xray.service
systemctl daemon-reload
systemctl restart xray
systemctl enable xray
journalctl -u xray -n 100 -f

744
1-代理Xray/XRay-安装脚本/xray-install-另外的版本.sh
View File

@@ -1,744 +0,0 @@
#!/usr/bin/env bash
#====================================================
# System Request:Debian 9+/Ubuntu 18.04+/Centos 7+
# Author: wulabing
# Dscription: Xray onekey Management
# email: admin@wulabing.com
#====================================================
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
stty erase ^?
cd "$(
cd "$(dirname "$0")" || exit
pwd
)" || exit
# 字体颜色配置
Green="\033[32m"
Red="\033[31m"
Yellow="\033[33m"
Blue="\033[36m"
Font="\033[0m"
GreenBG="\033[42;37m"
RedBG="\033[41;37m"
OK="${Green}[OK]${Font}"
ERROR="${Red}[ERROR]${Font}"
# 变量
shell_version="1.3.7"
github_branch="main"
xray_conf_dir="/usr/local/etc/xray"
website_dir="/www/xray_web/"
xray_access_log="/var/log/xray/access.log"
xray_error_log="/var/log/xray/error.log"
cert_dir="/usr/local/etc/xray"
domain_tmp_dir="/usr/local/etc/xray"
cert_group="nobody"
random_num=$((RANDOM % 12 + 4))
VERSION=$(echo "${VERSION}" | awk -F "[()]" '{print $2}')
WS_PATH="/$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})/"
function shell_mode_check() {
if [ -f ${xray_conf_dir}/config.json ]; then
if [ "$(grep -c "wsSettings" ${xray_conf_dir}/config.json)" -ge 1 ]; then
shell_mode="ws"
else
shell_mode="tcp"
fi
else
shell_mode="None"
fi
}
function print_ok() {
echo -e "${OK} ${Blue} $1 ${Font}"
}
function print_error() {
echo -e "${ERROR} ${RedBG} $1 ${Font}"
}
function is_root() {
if [[ 0 == "$UID" ]]; then
print_ok "当前用户是 root 用户,开始安装流程"
else
print_error "当前用户不是 root 用户,请切换到 root 用户后重新执行脚本"
exit 1
fi
}
judge() {
if [[ 0 -eq $? ]]; then
print_ok "$1 完成"
sleep 1
else
print_error "$1 失败"
exit 1
fi
}
function system_check() {
source '/etc/os-release'
if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]]; then
print_ok "当前系统为 Centos ${VERSION_ID} ${VERSION}"
INS="yum install -y"
wget -N -P /etc/yum.repos.d/ https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/basic/nginx.repo
elif [[ "${ID}" == "ol" ]]; then
print_ok "当前系统为 Oracle Linux ${VERSION_ID} ${VERSION}"
INS="yum install -y"
wget -N -P /etc/yum.repos.d/ https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/basic/nginx.repo
elif [[ "${ID}" == "debian" && ${VERSION_ID} -ge 9 ]]; then
print_ok "当前系统为 Debian ${VERSION_ID} ${VERSION}"
INS="apt install -y"
# 清除可能的遗留问题
rm -f /etc/apt/sources.list.d/nginx.list
$INS lsb-release gnupg2
echo "deb http://nginx.org/packages/debian $(lsb_release -cs) nginx" >/etc/apt/sources.list.d/nginx.list
curl -fsSL https://nginx.org/keys/nginx_signing.key | apt-key add -
apt update
elif [[ "${ID}" == "ubuntu" && $(echo "${VERSION_ID}" | cut -d '.' -f1) -ge 18 ]]; then
print_ok "当前系统为 Ubuntu ${VERSION_ID} ${UBUNTU_CODENAME}"
INS="apt install -y"
# 清除可能的遗留问题
rm -f /etc/apt/sources.list.d/nginx.list
$INS lsb-release gnupg2
echo "deb http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" >/etc/apt/sources.list.d/nginx.list
curl -fsSL https://nginx.org/keys/nginx_signing.key | apt-key add -
apt update
else
print_error "当前系统为 ${ID} ${VERSION_ID} 不在支持的系统列表内"
exit 1
fi
if [[ $(grep "nogroup" /etc/group) ]]; then
cert_group="nogroup"
fi
$INS dbus
# 关闭各类防火墙
systemctl stop firewalld
systemctl disable firewalld
systemctl stop nftables
systemctl disable nftables
systemctl stop ufw
systemctl disable ufw
}
function nginx_install() {
if ! command -v nginx >/dev/null 2>&1; then
${INS} nginx
judge "Nginx 安装"
else
print_ok "Nginx 已存在"
${INS} nginx
fi
# 遗留问题处理
mkdir -p /etc/nginx/conf.d >/dev/null 2>&1
}
function dependency_install() {
${INS} wget lsof tar
judge "安装 wget lsof tar"
if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
${INS} crontabs
else
${INS} cron
fi
judge "安装 crontab"
if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
touch /var/spool/cron/root && chmod 600 /var/spool/cron/root
systemctl start crond && systemctl enable crond
else
touch /var/spool/cron/crontabs/root && chmod 600 /var/spool/cron/crontabs/root
systemctl start cron && systemctl enable cron
fi
judge "crontab 自启动配置 "
${INS} unzip
judge "安装 unzip"
${INS} curl
judge "安装 curl"
# upgrade systemd
${INS} systemd
judge "安装/升级 systemd"
# Nginx 后置 无需编译 不再需要
# if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
# yum -y groupinstall "Development tools"
# else
# ${INS} build-essential
# fi
# judge "编译工具包 安装"
if [[ "${ID}" == "centos" ]]; then
${INS} pcre pcre-devel zlib-devel epel-release openssl openssl-devel
elif [[ "${ID}" == "ol" ]]; then
${INS} pcre pcre-devel zlib-devel openssl openssl-devel
# Oracle Linux 不同日期版本的 VERSION_ID 比较乱 直接暴力处理
yum-config-manager --enable ol7_developer_EPEL >/dev/null 2>&1
yum-config-manager --enable ol8_developer_EPEL >/dev/null 2>&1
else
${INS} libpcre3 libpcre3-dev zlib1g-dev openssl libssl-dev
fi
${INS} jq
if ! command -v jq; then
wget -P /usr/bin https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/binary/jq && chmod +x /usr/bin/jq
judge "安装 jq"
fi
# 防止部分系统xray的默认bin目录缺失
mkdir /usr/local/bin >/dev/null 2>&1
}
function basic_optimization() {
# 最大文件打开数
sed -i '/^\*\ *soft\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf
sed -i '/^\*\ *hard\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf
echo '* soft nofile 65536' >>/etc/security/limits.conf
echo '* hard nofile 65536' >>/etc/security/limits.conf
# 关闭 Selinux
if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
setenforce 0
fi
}
function domain_check() {
read -rp "请输入你的域名信息(eg: www.wulabing.com):" domain
domain_ip=$(ping "${domain}" -c 1 | sed '1{s/[^(]*(//;s/).*//;q}')
print_ok "正在获取 IP 地址信息,请耐心等待"
local_ip=$(curl -4L api64.ipify.org)
echo -e "域名通过 DNS 解析的 IP 地址:${domain_ip}"
echo -e "本机公网 IP 地址: ${local_ip}"
sleep 2
if [[ ${domain_ip} == "${local_ip}" ]]; then
print_ok "域名通过 DNS 解析的 IP 地址与 本机 IP 地址匹配"
sleep 2
else
print_error "请确保域名添加了正确的 A 记录,否则将无法正常使用 xray"
print_error "域名通过 DNS 解析的 IP 地址与 本机 IP 地址不匹配是否继续安装y/n" && read -r install
case $install in
[yY][eE][sS] | [yY])
print_ok "继续安装"
sleep 2
;;
*)
print_error "安装终止"
exit 2
;;
esac
fi
}
function port_exist_check() {
if [[ 0 -eq $(lsof -i:"$1" | grep -i -c "listen") ]]; then
print_ok "$1 端口未被占用"
sleep 1
else
print_error "检测到 $1 端口被占用,以下为 $1 端口占用信息"
lsof -i:"$1"
print_error "5s 后将尝试自动 kill 占用进程"
sleep 5
lsof -i:"$1" | awk '{print $2}' | grep -v "PID" | xargs kill -9
print_ok "kill 完成"
sleep 1
fi
}
function update_sh() {
ol_version=$(curl -L -s https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/install.sh | grep "shell_version=" | head -1 | awk -F '=|"' '{print $3}')
if [[ "$shell_version" != "$(echo -e "$shell_version\n$ol_version" | sort -rV | head -1)" ]]; then
print_ok "存在新版本,是否更新 [Y/N]?"
read -r update_confirm
case $update_confirm in
[yY][eE][sS] | [yY])
wget -N --no-check-certificate https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/install.sh
print_ok "更新完成"
print_ok "您可以通过 bash $0 执行本程序"
exit 0
;;
*) ;;
esac
else
print_ok "当前版本为最新版本"
print_ok "您可以通过 bash $0 执行本程序"
fi
}
function xray_tmp_config_file_check_and_use() {
if [[ -s ${xray_conf_dir}/config_tmp.json ]]; then
mv -f ${xray_conf_dir}/config_tmp.json ${xray_conf_dir}/config.json
else
print_error "xray 配置文件修改异常"
fi
}
function modify_UUID() {
[ -z "$UUID" ] && UUID=$(cat /proc/sys/kernel/random/uuid)
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",0,"settings","clients",0,"id"];"'${UUID}'")' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray TCP UUID 修改"
}
function modify_UUID_ws() {
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",1,"settings","clients",0,"id"];"'${UUID}'")' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray ws UUID 修改"
}
function modify_fallback_ws() {
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",0,"settings","fallbacks",2,"path"];"'${WS_PATH}'")' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray fallback_ws 修改"
}
function modify_ws() {
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",1,"streamSettings","wsSettings","path"];"'${WS_PATH}'")' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray ws 修改"
}
function configure_nginx() {
nginx_conf="/etc/nginx/conf.d/${domain}.conf"
cd /etc/nginx/conf.d/ && rm -f ${domain}.conf && wget -O ${domain}.conf https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/config/web.conf
sed -i "s/xxx/${domain}/g" ${nginx_conf}
judge "Nginx config modify"
systemctl restart nginx
}
function modify_port() {
read -rp "请输入端口号(默认443)" PORT
[ -z "$PORT" ] && PORT="443"
if [[ $PORT -le 0 ]] || [[ $PORT -gt 65535 ]]; then
print_error "请输入 0-65535 之间的值"
exit 1
fi
port_exist_check $PORT
cat ${xray_conf_dir}/config.json | jq 'setpath(["inbounds",0,"port"];'${PORT}')' >${xray_conf_dir}/config_tmp.json
xray_tmp_config_file_check_and_use
judge "Xray 端口 修改"
}
function configure_xray() {
cd /usr/local/etc/xray && rm -f config.json && wget -O config.json https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/config/xray_xtls-rprx-direct.json
modify_UUID
modify_port
}
function configure_xray_ws() {
cd /usr/local/etc/xray && rm -f config.json && wget -O config.json https://raw.githubusercontent.com/wulabing/Xray_onekey/${github_branch}/config/xray_tls_ws_mix-rprx-direct.json
modify_UUID
modify_UUID_ws
modify_port
modify_fallback_ws
modify_ws
}
function xray_install() {
print_ok "安装 Xray"
curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh | bash -s -- install
judge "Xray 安装"
# 用于生成 Xray 的导入链接
echo $domain >$domain_tmp_dir/domain
judge "域名记录"
}
function ssl_install() {
# 使用 Nginx 配合签发 无需安装相关依赖
# if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
# ${INS} socat nc
# else
# ${INS} socat netcat
# fi
# judge "安装 SSL 证书生成脚本依赖"
curl -L get.acme.sh | bash
judge "安装 SSL 证书生成脚本"
}
function acme() {
"$HOME"/.acme.sh/acme.sh --set-default-ca --server letsencrypt
sed -i "6s/^/#/" "$nginx_conf"
sed -i "6a\\\troot $website_dir;" "$nginx_conf"
systemctl restart nginx
if "$HOME"/.acme.sh/acme.sh --issue -d "${domain}" --webroot "$website_dir" -k ec-256 --force; then
print_ok "SSL 证书生成成功"
sleep 2
if "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath /ssl/xray.crt --keypath /ssl/xray.key --reloadcmd "systemctl restart xray" --ecc --force; then
print_ok "SSL 证书配置成功"
sleep 2
fi
else
print_error "SSL 证书生成失败"
rm -rf "$HOME/.acme.sh/${domain}_ecc"
exit 1
fi
sed -i "7d" "$nginx_conf"
sed -i "6s/#//" "$nginx_conf"
}
function ssl_judge_and_install() {
mkdir -p /ssl >/dev/null 2>&1
if [[ -f "/ssl/xray.key" || -f "/ssl/xray.crt" ]]; then
print_ok "/ssl 目录下证书文件已存在"
print_ok "是否删除 /ssl 目录下的证书文件 [Y/N]?"
read -r ssl_delete
case $ssl_delete in
[yY][eE][sS] | [yY])
rm -rf /ssl/*
print_ok "已删除"
;;
*) ;;
esac
fi
if [[ -f "/ssl/xray.key" || -f "/ssl/xray.crt" ]]; then
echo "证书文件已存在"
elif [[ -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]]; then
echo "证书文件已存在"
"$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath /ssl/xray.crt --keypath /ssl/xray.key --ecc
judge "证书应用"
else
mkdir /ssl
cp -a $cert_dir/self_signed_cert.pem /ssl/xray.crt
cp -a $cert_dir/self_signed_key.pem /ssl/xray.key
ssl_install
acme
fi
# Xray 默认以 nobody 用户运行,证书权限适配
chown -R nobody.$cert_group /ssl/*
}
function generate_certificate() {
signedcert=$(xray tls cert -domain="$local_ip" -name="$local_ip" -org="$local_ip" -expire=87600h)
echo $signedcert | jq '.certificate[]' | sed 's/\"//g' | tee $cert_dir/self_signed_cert.pem
echo $signedcert | jq '.key[]' | sed 's/\"//g' >$cert_dir/self_signed_key.pem
openssl x509 -in $cert_dir/self_signed_cert.pem -noout || 'print_error "生成自签名证书失败" && exit 1'
print_ok "生成自签名证书成功"
chown nobody.$cert_group $cert_dir/self_signed_cert.pem
chown nobody.$cert_group $cert_dir/self_signed_key.pem
}
function configure_web() {
rm -rf /www/xray_web
mkdir -p /www/xray_web
wget -O web.tar.gz https://raw.githubusercontent.com/wulabing/Xray_onekey/main/basic/web.tar.gz
tar xzf web.tar.gz -C /www/xray_web
judge "站点伪装"
rm -f web.tar.gz
}
function xray_uninstall() {
curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh | bash -s -- remove --purge
rm -rf $website_dir
print_ok "是否卸载nginx [Y/N]?"
read -r uninstall_nginx
case $uninstall_nginx in
[yY][eE][sS] | [yY])
if [[ "${ID}" == "centos" || "${ID}" == "ol" ]]; then
yum remove nginx -y
else
apt purge nginx -y
fi
;;
*) ;;
esac
print_ok "是否卸载acme.sh [Y/N]?"
read -r uninstall_acme
case $uninstall_acme in
[yY][eE][sS] | [yY])
/root/.acme.sh/acme.sh --uninstall
rm -rf /root/.acme.sh
rm -rf /ssl/
;;
*) ;;
esac
print_ok "卸载完成"
exit 0
}
function restart_all() {
systemctl restart nginx
judge "Nginx 启动"
systemctl restart xray
judge "Xray 启动"
}
function vless_xtls-rprx-direct_link() {
UUID=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].id | tr -d '"')
PORT=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].port)
FLOW=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].flow | tr -d '"')
DOMAIN=$(cat ${domain_tmp_dir}/domain)
print_ok "URL 链接VLESS + TCP + TLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?security=tls&flow=$FLOW#TLS_wulabing-$DOMAIN"
print_ok "URL 链接VLESS + TCP + XTLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?security=xtls&flow=$FLOW#XTLS_wulabing-$DOMAIN"
print_ok "-------------------------------------------------"
print_ok "URL 二维码VLESS + TCP + TLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?security=tls%26flow=$FLOW%23TLS_wulabing-$DOMAIN"
print_ok "URL 二维码VLESS + TCP + XTLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?security=xtls%26flow=$FLOW%23XTLS_wulabing-$DOMAIN"
}
function vless_xtls-rprx-direct_information() {
UUID=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].id | tr -d '"')
PORT=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].port)
FLOW=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].flow | tr -d '"')
DOMAIN=$(cat ${domain_tmp_dir}/domain)
echo -e "${Red} Xray 配置信息 ${Font}"
echo -e "${Red} 地址address:${Font} $DOMAIN"
echo -e "${Red} 端口port${Font} $PORT"
echo -e "${Red} 用户 IDUUID${Font} $UUID"
echo -e "${Red} 流控flow${Font} $FLOW"
echo -e "${Red} 加密方式security${Font} none "
echo -e "${Red} 传输协议network${Font} tcp "
echo -e "${Red} 伪装类型type${Font} none "
echo -e "${Red} 底层传输安全:${Font} xtls 或 tls"
}
function ws_information() {
UUID=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].id | tr -d '"')
PORT=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].port)
FLOW=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].flow | tr -d '"')
WS_PATH=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.fallbacks[2].path | tr -d '"')
DOMAIN=$(cat ${domain_tmp_dir}/domain)
echo -e "${Red} Xray 配置信息 ${Font}"
echo -e "${Red} 地址address:${Font} $DOMAIN"
echo -e "${Red} 端口port${Font} $PORT"
echo -e "${Red} 用户 IDUUID${Font} $UUID"
echo -e "${Red} 加密方式security${Font} none "
echo -e "${Red} 传输协议network${Font} ws "
echo -e "${Red} 伪装类型type${Font} none "
echo -e "${Red} 路径path${Font} $WS_PATH "
echo -e "${Red} 底层传输安全:${Font} tls "
}
function ws_link() {
UUID=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].id | tr -d '"')
PORT=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].port)
FLOW=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.clients[0].flow | tr -d '"')
WS_PATH=$(cat ${xray_conf_dir}/config.json | jq .inbounds[0].settings.fallbacks[2].path | tr -d '"')
WS_PATH_WITHOUT_SLASH=$(echo $WS_PATH | tr -d '/')
DOMAIN=$(cat ${domain_tmp_dir}/domain)
print_ok "URL 链接VLESS + TCP + TLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?security=tls#TLS_wulabing-$DOMAIN"
print_ok "URL 链接VLESS + TCP + XTLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?security=xtls&flow=$FLOW#XTLS_wulabing-$DOMAIN"
print_ok "URL 链接VLESS + WebSocket + TLS"
print_ok "vless://$UUID@$DOMAIN:$PORT?type=ws&security=tls&path=%2f${WS_PATH_WITHOUT_SLASH}%2f#WS_TLS_wulabing-$DOMAIN"
print_ok "-------------------------------------------------"
print_ok "URL 二维码VLESS + TCP + TLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?security=tls%23TLS_wulabing-$DOMAIN"
print_ok "URL 二维码VLESS + TCP + XTLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?security=xtls%26flow=$FLOW%23XTLS_wulabing-$DOMAIN"
print_ok "URL 二维码VLESS + WebSocket + TLS请在浏览器中访问"
print_ok "https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless://$UUID@$DOMAIN:$PORT?type=ws%26security=tls%26path=%2f${WS_PATH_WITHOUT_SLASH}%2f%23WS_TLS_wulabing-$DOMAIN"
}
function basic_information() {
print_ok "VLESS+TCP+XTLS+Nginx 安装成功"
vless_xtls-rprx-direct_information
vless_xtls-rprx-direct_link
}
function basic_ws_information() {
print_ok "VLESS+TCP+TLS+Nginx with WebSocket 混合模式 安装成功"
ws_information
print_ok "————————————————————————"
vless_xtls-rprx-direct_information
ws_link
}
function show_access_log() {
[ -f ${xray_access_log} ] && tail -f ${xray_access_log} || echo -e "${RedBG}log文件不存在${Font}"
}
function show_error_log() {
[ -f ${xray_error_log} ] && tail -f ${xray_error_log} || echo -e "${RedBG}log文件不存在${Font}"
}
function bbr_boost_sh() {
[ -f "tcp.sh" ] && rm -rf ./tcp.sh
wget -N --no-check-certificate "https://raw.githubusercontent.com/ylx2016/Linux-NetSpeed/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
}
function mtproxy_sh() {
wget -N --no-check-certificate "https://github.com/wulabing/mtp/raw/master/mtproxy.sh" && chmod +x mtproxy.sh && bash mtproxy.sh
}
function install_xray() {
is_root
system_check
dependency_install
basic_optimization
domain_check
port_exist_check 80
xray_install
configure_xray
nginx_install
configure_nginx
configure_web
generate_certificate
ssl_judge_and_install
restart_all
basic_information
}
function install_xray_ws() {
is_root
system_check
dependency_install
basic_optimization
domain_check
port_exist_check 80
xray_install
configure_xray_ws
nginx_install
configure_nginx
configure_web
generate_certificate
ssl_judge_and_install
restart_all
basic_ws_information
}
menu() {
#update_sh
shell_mode_check
echo -e "\t Xray 安装管理脚本 ${Red}[${shell_version}]${Font}"
echo -e "\t---authored by wulabing---"
echo -e "\thttps://github.com/wulabing\n"
echo -e "当前已安装版本:${shell_mode}"
echo -e "—————————————— 安装向导 ——————————————"""
echo -e "${Green}0.${Font} 升级 脚本"
echo -e "${Green}1.${Font} 安装 Xray (VLESS + TCP + XTLS / TLS + Nginx)"
echo -e "${Green}2.${Font} 安装 Xray (VLESS + TCP + XTLS / TLS + Nginx 及 VLESS + TCP + TLS + Nginx + WebSocket 回落并存模式)"
echo -e "—————————————— 配置变更 ——————————————"
echo -e "${Green}11.${Font} 变更 UUID"
echo -e "${Green}13.${Font} 变更 连接端口"
echo -e "${Green}14.${Font} 变更 WebSocket PATH"
echo -e "—————————————— 查看信息 ——————————————"
echo -e "${Green}21.${Font} 查看 实时访问日志"
echo -e "${Green}22.${Font} 查看 实时错误日志"
echo -e "${Green}23.${Font} 查看 Xray 配置链接"
# echo -e "${Green}23.${Font} 查看 V2Ray 配置信息"
echo -e "—————————————— 其他选项 ——————————————"
echo -e "${Green}31.${Font} 安装 4 合 1 BBR、锐速安装脚本"
echo -e "${Yellow}32.${Font} 安装 MTproxy(不推荐使用,请相关用户关闭或卸载)"
echo -e "${Green}33.${Font} 卸载 Xray"
echo -e "${Green}34.${Font} 更新 Xray-core"
echo -e "${Green}35.${Font} 安装 Xray-core 测试版(Pre)"
echo -e "${Green}36.${Font} 手动更新SSL证书"
echo -e "${Green}40.${Font} 退出"
read -rp "请输入数字:" menu_num
case $menu_num in
0)
update_sh
;;
1)
install_xray
;;
2)
install_xray_ws
;;
11)
read -rp "请输入UUID:" UUID
if [[ ${shell_mode} == "tcp" ]]; then
modify_UUID
elif [[ ${shell_mode} == "ws" ]]; then
modify_UUID
modify_UUID_ws
fi
restart_all
;;
13)
modify_port
restart_all
;;
14)
if [[ ${shell_mode} == "ws" ]]; then
read -rp "请输入路径(示例:/wulabing/ 要求两侧都包含/):" WS_PATH
modify_fallback_ws
modify_ws
restart_all
else
print_error "当前模式不是Websocket模式"
fi
;;
21)
tail -f $xray_access_log
;;
22)
tail -f $xray_error_log
;;
23)
if [[ -f $xray_conf_dir/config.json ]]; then
if [[ ${shell_mode} == "tcp" ]]; then
basic_information
elif [[ ${shell_mode} == "ws" ]]; then
basic_ws_information
fi
else
print_error "xray 配置文件不存在"
fi
;;
31)
bbr_boost_sh
;;
32)
mtproxy_sh
;;
33)
source '/etc/os-release'
xray_uninstall
;;
34)
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" - install
restart_all
;;
35)
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" - install --beta
restart_all
;;
36)
"/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh"
restart_all
;;
40)
exit 0
;;
*)
print_error "请输入正确的数字"
;;
esac
}
menu "$@"

911
1-代理Xray/XRay-安装脚本/官方Xray安装脚本-2022-10-21.sh
View File

@@ -1,911 +0,0 @@
#!/usr/bin/env bash
# The files installed by the script conform to the Filesystem Hierarchy Standard:
# https://wiki.linuxfoundation.org/lsb/fhs
# The URL of the script project is:
# https://github.com/XTLS/Xray-install
# The URL of the scraaaaaipt is:
# https://raw.githubusercontent.com/XTLS/Xray-install/main/install-release.sh
# If the script executes incorrectly, go to:
# https://github.com/XTLS/Xray-install/issues
# You can set this variable whatever you want in shell session right before running this script by issuing:
# export DAT_PATH='/usr/local/share/xray'
DAT_PATH=${DAT_PATH:-/usr/local/share/xray}
# You can set this variable whatever you want in shell session right before running this script by issuing:
# export JSON_PATH='/usr/local/etc/xray'
JSON_PATH=${JSON_PATH:-/usr/local/etc/xray}
# Set this variable only if you are starting xray with multiple configuration files:
# export JSONS_PATH='/usr/local/etc/xray'
# Set this variable only if you want this script to check all the systemd unit file:
# export check_all_service_files='yes'
# Gobal verbals
if [[ -f '/etc/systemd/system/xray.service' ]] && [[ -f '/usr/local/bin/xray' ]]; then
XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT=1
else
XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT=0
fi
# Xray current version
CURRENT_VERSION=''
# Xray latest release version
RELEASE_LATEST=''
# Xray latest prerelease/release version
PRE_RELEASE_LATEST=''
# Xray version will be installed
INSTALL_VERSION=''
# install
INSTALL='0'
# install-geodata
INSTALL_GEODATA='0'
# remove
REMOVE='0'
# help
HELP='0'
# check
CHECK='0'
# --force
FORCE='0'
# --beta
BETA='0'
# --install-user ?
INSTALL_USER=''
# --without-geodata
NO_GEODATA='0'
# --without-logfiles
NO_LOGFILES='0'
# --no-update-service
N_UP_SERVICE='0'
# --reinstall
REINSTALL='0'
# --version ?
SPECIFIED_VERSION=''
# --local ?
LOCAL_FILE=''
# --proxy ?
PROXY=''
# --purge
PURGE='0'
curl() {
$(type -P curl) -L -q --retry 5 --retry-delay 10 --retry-max-time 60 "$@"
}
systemd_cat_config() {
if systemd-analyze --help | grep -qw 'cat-config'; then
systemd-analyze --no-pager cat-config "$@"
echo
else
echo "${aoi}~~~~~~~~~~~~~~~~"
cat "$@" "$1".d/*
echo "${aoi}~~~~~~~~~~~~~~~~"
echo "${red}warning: ${green}The systemd version on the current operating system is too low."
echo "${red}warning: ${green}Please consider to upgrade the systemd or the operating system.${reset}"
echo
fi
}
check_if_running_as_root() {
# If you want to run as another user, please modify $EUID to be owned by this user
if [[ "$EUID" -ne '0' ]]; then
echo "error: You must run this script as root!"
exit 1
fi
}
identify_the_operating_system_and_architecture() {
if [[ "$(uname)" == 'Linux' ]]; then
case "$(uname -m)" in
'i386' | 'i686')
MACHINE='32'
;;
'amd64' | 'x86_64')
MACHINE='64'
;;
'armv5tel')
MACHINE='arm32-v5'
;;
'armv6l')
MACHINE='arm32-v6'
grep Features /proc/cpuinfo | grep -qw 'vfp' || MACHINE='arm32-v5'
;;
'armv7' | 'armv7l')
MACHINE='arm32-v7a'
grep Features /proc/cpuinfo | grep -qw 'vfp' || MACHINE='arm32-v5'
;;
'armv8' | 'aarch64')
MACHINE='arm64-v8a'
;;
'mips')
MACHINE='mips32'
;;
'mipsle')
MACHINE='mips32le'
;;
'mips64')
MACHINE='mips64'
lscpu | grep -q "Little Endian" && MACHINE='mips64le'
;;
'mips64le')
MACHINE='mips64le'
;;
'ppc64')
MACHINE='ppc64'
;;
'ppc64le')
MACHINE='ppc64le'
;;
'riscv64')
MACHINE='riscv64'
;;
's390x')
MACHINE='s390x'
;;
*)
echo "error: The architecture is not supported."
exit 1
;;
esac
if [[ ! -f '/etc/os-release' ]]; then
echo "error: Don't use outdated Linux distributions."
exit 1
fi
# Do not combine this judgment condition with the following judgment condition.
## Be aware of Linux distribution like Gentoo, which kernel supports switch between Systemd and OpenRC.
if [[ -f /.dockerenv ]] || grep -q 'docker\|lxc' /proc/1/cgroup && [[ "$(type -P systemctl)" ]]; then
true
elif [[ -d /run/systemd/system ]] || grep -q systemd <(ls -l /sbin/init); then
true
else
echo "error: Only Linux distributions using systemd are supported."
exit 1
fi
if [[ "$(type -P apt)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='apt -y --no-install-recommends install'
PACKAGE_MANAGEMENT_REMOVE='apt purge'
package_provide_tput='ncurses-bin'
elif [[ "$(type -P dnf)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='dnf -y install'
PACKAGE_MANAGEMENT_REMOVE='dnf remove'
package_provide_tput='ncurses'
elif [[ "$(type -P yum)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='yum -y install'
PACKAGE_MANAGEMENT_REMOVE='yum remove'
package_provide_tput='ncurses'
elif [[ "$(type -P zypper)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='zypper install -y --no-recommends'
PACKAGE_MANAGEMENT_REMOVE='zypper remove'
package_provide_tput='ncurses-utils'
elif [[ "$(type -P pacman)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='pacman -Syu --noconfirm'
PACKAGE_MANAGEMENT_REMOVE='pacman -Rsn'
package_provide_tput='ncurses'
elif [[ "$(type -P emerge)" ]]; then
PACKAGE_MANAGEMENT_INSTALL='emerge -v'
PACKAGE_MANAGEMENT_REMOVE='emerge -Cv'
package_provide_tput='ncurses'
else
echo "error: The script does not support the package manager in this operating system."
exit 1
fi
else
echo "error: This operating system is not supported."
exit 1
fi
}
## Demo function for processing parameters
judgment_parameters() {
local local_install='0'
local temp_version='0'
while [[ "$#" -gt '0' ]]; do
case "$1" in
'install')
INSTALL='1'
;;
'install-geodata')
INSTALL_GEODATA='1'
;;
'remove')
REMOVE='1'
;;
'help')
HELP='1'
;;
'check')
CHECK='1'
;;
'--without-geodata')
NO_GEODATA='1'
;;
'--without-logfiles')
NO_LOGFILES='1'
;;
'--purge')
PURGE='1'
;;
'--version')
if [[ -z "$2" ]]; then
echo "error: Please specify the correct version."
exit 1
fi
temp_version='1'
SPECIFIED_VERSION="$2"
shift
;;
'-f' | '--force')
FORCE='1'
;;
'--beta')
BETA='1'
;;
'-l' | '--local')
local_install='1'
if [[ -z "$2" ]]; then
echo "error: Please specify the correct local file."
exit 1
fi
LOCAL_FILE="$2"
shift
;;
'-p' | '--proxy')
if [[ -z "$2" ]]; then
echo "error: Please specify the proxy server address."
exit 1
fi
PROXY="$2"
shift
;;
'-u' | '--install-user')
if [[ -z "$2" ]]; then
echo "error: Please specify the install user.}"
exit 1
fi
INSTALL_USER="$2"
shift
;;
'--reinstall')
REINSTALL='1'
;;
'--no-update-service')
N_UP_SERVICE='1'
;;
*)
echo "$0: unknown option -- -"
exit 1
;;
esac
shift
done
if ((INSTALL+INSTALL_GEODATA+HELP+CHECK+REMOVE==0)); then
INSTALL='1'
elif ((INSTALL+INSTALL_GEODATA+HELP+CHECK+REMOVE>1)); then
echo 'You can only choose one action.'
exit 1
fi
if [[ "$INSTALL" -eq '1' ]] && ((temp_version+local_install+REINSTALL+BETA>1)); then
echo "--version,--reinstall,--beta and --local can't be used together."
exit 1
fi
}
check_install_user() {
if [[ -z "$INSTALL_USER" ]]; then
if [[ -f '/usr/local/bin/xray' ]]; then
INSTALL_USER="$(grep '^[ '$'\t]*User[ '$'\t]*=' /etc/systemd/system/xray.service | tail -n 1 | awk -F = '{print $2}' | awk '{print $1}')"
if [[ -z "$INSTALL_USER" ]]; then
INSTALL_USER='root'
fi
else
INSTALL_USER='nobody'
fi
fi
if ! id $INSTALL_USER > /dev/null 2>&1; then
echo "the user '$INSTALL_USER' is not effective"
exit 1
fi
INSTALL_USER_UID="$(id -u $INSTALL_USER)"
INSTALL_USER_GID="$(id -g $INSTALL_USER)"
}
install_software() {
package_name="$1"
file_to_detect="$2"
type -P "$file_to_detect" > /dev/null 2>&1 && return
if ${PACKAGE_MANAGEMENT_INSTALL} "$package_name"; then
echo "info: $package_name is installed."
else
echo "error: Installation of $package_name failed, please check your network."
exit 1
fi
}
get_current_version() {
# Get the CURRENT_VERSION
if [[ -f '/usr/local/bin/xray' ]]; then
CURRENT_VERSION="$(/usr/local/bin/xray -version | awk 'NR==1 {print $2}')"
CURRENT_VERSION="v${CURRENT_VERSION#v}"
else
CURRENT_VERSION=""
fi
}
get_latest_version() {
# Get Xray latest release version number
local tmp_file
tmp_file="$(mktemp)"
if ! curl -x "${PROXY}" -sS -H "Accept: application/vnd.github.v3+json" -o "$tmp_file" 'https://api.github.com/repos/XTLS/Xray-core/releases/latest'; then
"rm" "$tmp_file"
echo 'error: Failed to get release list, please check your network.'
exit 1
fi
RELEASE_LATEST="$(sed 'y/,/\n/' "$tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}')"
if [[ -z "$RELEASE_LATEST" ]]; then
if grep -q "API rate limit exceeded" "$tmp_file"; then
echo "error: github API rate limit exceeded"
else
echo "error: Failed to get the latest release version."
echo "Welcome bug report:https://github.com/XTLS/Xray-install/issues"
fi
"rm" "$tmp_file"
exit 1
fi
"rm" "$tmp_file"
RELEASE_LATEST="v${RELEASE_LATEST#v}"
if ! curl -x "${PROXY}" -sS -H "Accept: application/vnd.github.v3+json" -o "$tmp_file" 'https://api.github.com/repos/XTLS/Xray-core/releases'; then
"rm" "$tmp_file"
echo 'error: Failed to get release list, please check your network.'
exit 1
fi
local releases_list
releases_list=($(sed 'y/,/\n/' "$tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}'))
if [[ "${#releases_list[@]}" -eq '0' ]]; then
if grep -q "API rate limit exceeded" "$tmp_file"; then
echo "error: github API rate limit exceeded"
else
echo "error: Failed to get the latest release version."
echo "Welcome bug report:https://github.com/XTLS/Xray-install/issues"
fi
"rm" "$tmp_file"
exit 1
fi
local i
for i in ${!releases_list[@]}
do
releases_list[$i]="v${releases_list[$i]#v}"
grep -q "https://github.com/XTLS/Xray-core/releases/download/${releases_list[$i]}/Xray-linux-$MACHINE.zip" "$tmp_file" && break
done
"rm" "$tmp_file"
PRE_RELEASE_LATEST="${releases_list[$i]}"
}
version_gt() {
# compare two version
# 0: $1 > $2
# 1: $1 <= $2
if [[ "$1" != "$2" ]]; then
local temp_1_version_number="${1#v}"
local temp_1_major_version_number="${temp_1_version_number%%.*}"
local temp_1_minor_version_number
temp_1_minor_version_number="$(echo "$temp_1_version_number" | awk -F '.' '{print $2}')"
local temp_1_minimunm_version_number="${temp_1_version_number##*.}"
# shellcheck disable=SC2001
local temp_2_version_number="${2#v}"
local temp_2_major_version_number="${temp_2_version_number%%.*}"
local temp_2_minor_version_number
temp_2_minor_version_number="$(echo "$temp_2_version_number" | awk -F '.' '{print $2}')"
local temp_2_minimunm_version_number="${temp_2_version_number##*.}"
if [[ "$temp_1_major_version_number" -gt "$temp_2_major_version_number" ]]; then
return 0
elif [[ "$temp_1_major_version_number" -eq "$temp_2_major_version_number" ]]; then
if [[ "$temp_1_minor_version_number" -gt "$temp_2_minor_version_number" ]]; then
return 0
elif [[ "$temp_1_minor_version_number" -eq "$temp_2_minor_version_number" ]]; then
if [[ "$temp_1_minimunm_version_number" -gt "$temp_2_minimunm_version_number" ]]; then
return 0
else
return 1
fi
else
return 1
fi
else
return 1
fi
elif [[ "$1" == "$2" ]]; then
return 1
fi
}
download_xray() {
DOWNLOAD_LINK="https://github.com/XTLS/Xray-core/releases/download/$INSTALL_VERSION/Xray-linux-$MACHINE.zip"
echo "Downloading Xray archive: $DOWNLOAD_LINK"
if ! curl -x "${PROXY}" -R -H 'Cache-Control: no-cache' -o "$ZIP_FILE" "$DOWNLOAD_LINK"; then
echo 'error: Download failed! Please check your network or try again.'
return 1
fi
return 0
echo "Downloading verification file for Xray archive: $DOWNLOAD_LINK.dgst"
if ! curl -x "${PROXY}" -sSR -H 'Cache-Control: no-cache' -o "$ZIP_FILE.dgst" "$DOWNLOAD_LINK.dgst"; then
echo 'error: Download failed! Please check your network or try again.'
return 1
fi
if [[ "$(cat "$ZIP_FILE".dgst)" == 'Not Found' ]]; then
echo 'error: This version does not support verification. Please replace with another version.'
return 1
fi
# Verification of Xray archive
for LISTSUM in 'md5' 'sha1' 'sha256' 'sha512'; do
SUM="$(${LISTSUM}sum "$ZIP_FILE" | sed 's/ .*//')"
CHECKSUM="$(grep ${LISTSUM^^} "$ZIP_FILE".dgst | grep "$SUM" -o -a | uniq)"
if [[ "$SUM" != "$CHECKSUM" ]]; then
echo 'error: Check failed! Please check your network or try again.'
return 1
fi
done
}
decompression() {
if ! unzip -q "$1" -d "$TMP_DIRECTORY"; then
echo 'error: Xray decompression failed.'
"rm" -r "$TMP_DIRECTORY"
echo "removed: $TMP_DIRECTORY"
exit 1
fi
echo "info: Extract the Xray package to $TMP_DIRECTORY and prepare it for installation."
}
install_file() {
NAME="$1"
if [[ "$NAME" == 'xray' ]]; then
install -m 755 "${TMP_DIRECTORY}/$NAME" "/usr/local/bin/$NAME"
elif [[ "$NAME" == 'geoip.dat' ]] || [[ "$NAME" == 'geosite.dat' ]]; then
install -m 644 "${TMP_DIRECTORY}/$NAME" "${DAT_PATH}/$NAME"
fi
}
install_xray() {
# Install Xray binary to /usr/local/bin/ and $DAT_PATH
install_file xray
# If the file exists, geoip.dat and geosite.dat will not be installed or updated
if [[ "$NO_GEODATA" -eq '0' ]] && [[ ! -f "${DAT_PATH}/.undat" ]]; then
install -d "$DAT_PATH"
install_file geoip.dat
install_file geosite.dat
GEODATA='1'
fi
# Install Xray configuration file to $JSON_PATH
# shellcheck disable=SC2153
if [[ -z "$JSONS_PATH" ]] && [[ ! -d "$JSON_PATH" ]]; then
install -d "$JSON_PATH"
echo "{}" > "${JSON_PATH}/config.json"
CONFIG_NEW='1'
fi
# Install Xray configuration file to $JSONS_PATH
if [[ -n "$JSONS_PATH" ]] && [[ ! -d "$JSONS_PATH" ]]; then
install -d "$JSONS_PATH"
for BASE in 00_log 01_api 02_dns 03_routing 04_policy 05_inbounds 06_outbounds 07_transport 08_stats 09_reverse; do
echo '{}' > "${JSONS_PATH}/${BASE}.json"
done
CONFDIR='1'
fi
# Used to store Xray log files
if [[ "$NO_LOGFILES" -eq '0' ]]; then
if [[ ! -d '/var/log/xray/' ]]; then
install -d -m 700 -o "$INSTALL_USER_UID" -g "$INSTALL_USER_GID" /var/log/xray/
install -m 600 -o "$INSTALL_USER_UID" -g "$INSTALL_USER_GID" /dev/null /var/log/xray/access.log
install -m 600 -o "$INSTALL_USER_UID" -g "$INSTALL_USER_GID" /dev/null /var/log/xray/error.log
LOG='1'
else
chown -R "$INSTALL_USER_UID:$INSTALL_USER_GID" /var/log/xray/
fi
fi
}
install_startup_service_file() {
mkdir -p '/etc/systemd/system/xray.service.d'
mkdir -p '/etc/systemd/system/xray@.service.d/'
local temp_CapabilityBoundingSet="CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE"
local temp_AmbientCapabilities="AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE"
local temp_NoNewPrivileges="NoNewPrivileges=true"
if [[ "$INSTALL_USER_UID" -eq '0' ]]; then
temp_CapabilityBoundingSet="#${temp_CapabilityBoundingSet}"
temp_AmbientCapabilities="#${temp_AmbientCapabilities}"
temp_NoNewPrivileges="#${temp_NoNewPrivileges}"
fi
cat > /etc/systemd/system/xray.service << EOF
[Unit]
Description=Xray Service
Documentation=https://github.com/xtls
After=network.target nss-lookup.target
[Service]
User=$INSTALL_USER
${temp_CapabilityBoundingSet}
${temp_AmbientCapabilities}
${temp_NoNewPrivileges}
ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/config.json
Restart=on-failure
RestartPreventExitStatus=23
LimitNPROC=10000
LimitNOFILE=1000000
[Install]
WantedBy=multi-user.target
EOF
cat > /etc/systemd/system/xray@.service <<EOF
[Unit]
Description=Xray Service
Documentation=https://github.com/xtls
After=network.target nss-lookup.target
[Service]
User=$INSTALL_USER
${temp_CapabilityBoundingSet}
${temp_AmbientCapabilities}
${temp_NoNewPrivileges}
ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/%i.json
Restart=on-failure
RestartPreventExitStatus=23
LimitNPROC=10000
LimitNOFILE=1000000
[Install]
WantedBy=multi-user.target
EOF
chmod 644 /etc/systemd/system/xray.service /etc/systemd/system/xray@.service
if [[ -n "$JSONS_PATH" ]]; then
"rm" '/etc/systemd/system/xray.service.d/10-donot_touch_single_conf.conf' \
'/etc/systemd/system/xray@.service.d/10-donot_touch_single_conf.conf'
echo "# In case you have a good reason to do so, duplicate this file in the same directory and make your customizes there.
# Or all changes you made will be lost! # Refer: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
[Service]
ExecStart=
ExecStart=/usr/local/bin/xray run -confdir $JSONS_PATH" |
tee '/etc/systemd/system/xray.service.d/10-donot_touch_multi_conf.conf' > \
'/etc/systemd/system/xray@.service.d/10-donot_touch_multi_conf.conf'
else
"rm" '/etc/systemd/system/xray.service.d/10-donot_touch_multi_conf.conf' \
'/etc/systemd/system/xray@.service.d/10-donot_touch_multi_conf.conf'
echo "# In case you have a good reason to do so, duplicate this file in the same directory and make your customizes there.
# Or all changes you made will be lost! # Refer: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
[Service]
ExecStart=
ExecStart=/usr/local/bin/xray run -config ${JSON_PATH}/config.json" > \
'/etc/systemd/system/xray.service.d/10-donot_touch_single_conf.conf'
echo "# In case you have a good reason to do so, duplicate this file in the same directory and make your customizes there.
# Or all changes you made will be lost! # Refer: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
[Service]
ExecStart=
ExecStart=/usr/local/bin/xray run -config ${JSON_PATH}/%i.json" > \
'/etc/systemd/system/xray@.service.d/10-donot_touch_single_conf.conf'
fi
echo "info: Systemd service files have been installed successfully!"
echo "${red}warning: ${green}The following are the actual parameters for the xray service startup."
echo "${red}warning: ${green}Please make sure the configuration file path is correctly set.${reset}"
systemd_cat_config /etc/systemd/system/xray.service
# shellcheck disable=SC2154
if [[ x"${check_all_service_files:0:1}" = x'y' ]]; then
echo
echo
systemd_cat_config /etc/systemd/system/xray@.service
fi
systemctl daemon-reload
SYSTEMD='1'
}
start_xray() {
if [[ -f '/etc/systemd/system/xray.service' ]]; then
systemctl start "${XRAY_CUSTOMIZE:-xray}"
sleep 1s
if systemctl -q is-active "${XRAY_CUSTOMIZE:-xray}"; then
echo 'info: Start the Xray service.'
else
echo 'error: Failed to start Xray service.'
exit 1
fi
fi
}
stop_xray() {
XRAY_CUSTOMIZE="$(systemctl list-units | grep 'xray@' | awk -F ' ' '{print $1}')"
if [[ -z "$XRAY_CUSTOMIZE" ]]; then
local xray_daemon_to_stop='xray.service'
else
local xray_daemon_to_stop="$XRAY_CUSTOMIZE"
fi
if ! systemctl stop "$xray_daemon_to_stop"; then
echo 'error: Stopping the Xray service failed.'
exit 1
fi
echo 'info: Stop the Xray service.'
}
install_geodata() {
download_geodata() {
if ! curl -x "${PROXY}" -R -H 'Cache-Control: no-cache' -o "${dir_tmp}/${2}" "${1}"; then
echo 'error: Download failed! Please check your network or try again.'
exit 1
fi
if ! curl -x "${PROXY}" -R -H 'Cache-Control: no-cache' -o "${dir_tmp}/${2}.sha256sum" "${1}.sha256sum"; then
echo 'error: Download failed! Please check your network or try again.'
exit 1
fi
}
local download_link_geoip="https://github.com/v2fly/geoip/releases/latest/download/geoip.dat"
local download_link_geosite="https://github.com/v2fly/domain-list-community/releases/latest/download/dlc.dat"
local file_ip='geoip.dat'
local file_dlc='dlc.dat'
local file_site='geosite.dat'
local dir_tmp
dir_tmp="$(mktemp -d)"
[[ "$XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT" -eq '0' ]] && echo "warning: Xray was not installed"
download_geodata $download_link_geoip $file_ip
download_geodata $download_link_geosite $file_dlc
cd "${dir_tmp}" || exit
for i in "${dir_tmp}"/*.sha256sum; do
if ! sha256sum -c "${i}"; then
echo 'error: Check failed! Please check your network or try again.'
exit 1
fi
done
cd - > /dev/null
install -d "$DAT_PATH"
install -m 644 "${dir_tmp}"/${file_dlc} "${DAT_PATH}"/${file_site}
install -m 644 "${dir_tmp}"/${file_ip} "${DAT_PATH}"/${file_ip}
rm -r "${dir_tmp}"
exit 0
}
check_update() {
if [[ "$XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT" -eq '1' ]]; then
get_current_version
echo "info: The current version of Xray is $CURRENT_VERSION ."
else
echo 'warning: Xray is not installed.'
fi
get_latest_version
echo "info: The latest release version of Xray is $RELEASE_LATEST ."
echo "info: The latest pre-release/release version of Xray is $PRE_RELEASE_LATEST ."
exit 0
}
remove_xray() {
if systemctl list-unit-files | grep -qw 'xray'; then
if [[ -n "$(pidof xray)" ]]; then
stop_xray
fi
local delete_files=('/usr/local/bin/xray' '/etc/systemd/system/xray.service' '/etc/systemd/system/xray@.service' '/etc/systemd/system/xray.service.d' '/etc/systemd/system/xray@.service.d')
[[ -d "$DAT_PATH" ]] && delete_files+=("$DAT_PATH")
if [[ "$PURGE" -eq '1' ]]; then
if [[ -z "$JSONS_PATH" ]]; then
delete_files+=("$JSON_PATH")
else
delete_files+=("$JSONS_PATH")
fi
[[ -d '/var/log/xray' ]] && delete_files+=('/var/log/xray')
fi
systemctl disable xray
if ! ("rm" -r "${delete_files[@]}"); then
echo 'error: Failed to remove Xray.'
exit 1
else
for i in ${!delete_files[@]}
do
echo "removed: ${delete_files[$i]}"
done
systemctl daemon-reload
echo "You may need to execute a command to remove dependent software: $PACKAGE_MANAGEMENT_REMOVE curl unzip"
echo 'info: Xray has been removed.'
if [[ "$PURGE" -eq '0' ]]; then
echo 'info: If necessary, manually delete the configuration and log files.'
if [[ -n "$JSONS_PATH" ]]; then
echo "info: e.g., $JSONS_PATH and /var/log/xray/ ..."
else
echo "info: e.g., $JSON_PATH and /var/log/xray/ ..."
fi
fi
exit 0
fi
else
echo 'error: Xray is not installed.'
exit 1
fi
}
# Explanation of parameters in the script
show_help() {
echo "usage: $0 ACTION [OPTION]..."
echo
echo 'ACTION:'
echo ' install Install/Update Xray'
echo ' install-geodata Install/Update geoip.dat and geosite.dat only'
echo ' remove Remove Xray'
echo ' help Show help'
echo ' check Check if Xray can be updated'
echo 'If no action is specified, then install will be selected'
echo
echo 'OPTION:'
echo ' install:'
echo ' --version Install the specified version of Xray, e.g., --version v1.0.0'
echo ' -f, --force Force install even though the versions are same'
echo ' --beta Install the pre-release version if it is exist'
echo ' -l, --local Install Xray from a local file'
echo ' -p, --proxy Download through a proxy server, e.g., -p http://127.0.0.1:8118 or -p socks5://127.0.0.1:1080'
echo ' -u, --install-user Install Xray in specified user, e.g, -u root'
echo ' --reinstall Reinstall current Xray version'
echo " --no-update-service Don't change service files if they are exist"
echo " --without-geodata Don't install/update geoip.dat and geosite.dat"
echo " --without-logfiles Don't install /var/log/xray"
echo ' install-geodata:'
echo ' -p, --proxy Download through a proxy server'
echo ' remove:'
echo ' --purge Remove all the Xray files, include logs, configs, etc'
echo ' check:'
echo ' -p, --proxy Check new version through a proxy server'
exit 0
}
main() {
check_if_running_as_root
identify_the_operating_system_and_architecture
judgment_parameters "$@"
install_software "$package_provide_tput" 'tput'
red=$(tput setaf 1)
green=$(tput setaf 2)
aoi=$(tput setaf 6)
reset=$(tput sgr0)
# Parameter information
[[ "$HELP" -eq '1' ]] && show_help
[[ "$CHECK" -eq '1' ]] && check_update
[[ "$REMOVE" -eq '1' ]] && remove_xray
[[ "$INSTALL_GEODATA" -eq '1' ]] && install_geodata
# Check if the user is effective
check_install_user
# Two very important variables
TMP_DIRECTORY="$(mktemp -d)"
ZIP_FILE="${TMP_DIRECTORY}/Xray-linux-$MACHINE.zip"
# Install Xray from a local file, but still need to make sure the network is available
if [[ -n "$LOCAL_FILE" ]]; then
echo 'warn: Install Xray from a local file, but still need to make sure the network is available.'
echo -n 'warn: Please make sure the file is valid because we cannot confirm it. (Press any key) ...'
read -r
install_software 'unzip' 'unzip'
decompression "$LOCAL_FILE"
else
get_current_version
if [[ "$REINSTALL" -eq '1' ]]; then
if [[ -z "$CURRENT_VERSION" ]]; then
echo "error: Xray is not installed"
exit 1
fi
INSTALL_VERSION="$CURRENT_VERSION"
echo "info: Reinstalling Xray $CURRENT_VERSION"
elif [[ -n "$SPECIFIED_VERSION" ]]; then
SPECIFIED_VERSION="v${SPECIFIED_VERSION#v}"
if [[ "$CURRENT_VERSION" == "$SPECIFIED_VERSION" ]] && [[ "$FORCE" -eq '0' ]]; then
echo "info: The current version is same as the specified version. The version is $CURRENT_VERSION ."
exit 0
fi
INSTALL_VERSION="$SPECIFIED_VERSION"
echo "info: Installing specified Xray version $INSTALL_VERSION for $(uname -m)"
else
install_software 'curl' 'curl'
get_latest_version
if [[ "$BETA" -eq '0' ]]; then
INSTALL_VERSION="$RELEASE_LATEST"
else
INSTALL_VERSION="$PRE_RELEASE_LATEST"
fi
if ! version_gt "$INSTALL_VERSION" "$CURRENT_VERSION" && [[ "$FORCE" -eq '0' ]]; then
echo "info: No new version. The current version of Xray is $CURRENT_VERSION ."
exit 0
fi
echo "info: Installing Xray $INSTALL_VERSION for $(uname -m)"
fi
install_software 'curl' 'curl'
install_software 'unzip' 'unzip'
if ! download_xray; then
"rm" -r "$TMP_DIRECTORY"
echo "removed: $TMP_DIRECTORY"
exit 1
fi
decompression "$ZIP_FILE"
fi
# Determine if Xray is running
if systemctl list-unit-files | grep -qw 'xray'; then
if [[ -n "$(pidof xray)" ]]; then
stop_xray
XRAY_RUNNING='1'
fi
fi
install_xray
([[ "$N_UP_SERVICE" -eq '1' ]] && [[ -f '/etc/systemd/system/xray.service' ]]) || install_startup_service_file
echo 'installed: /usr/local/bin/xray'
# If the file exists, the content output of installing or updating geoip.dat and geosite.dat will not be displayed
if [[ "$GEODATA" -eq '1' ]]; then
echo "installed: ${DAT_PATH}/geoip.dat"
echo "installed: ${DAT_PATH}/geosite.dat"
fi
if [[ "$CONFIG_NEW" -eq '1' ]]; then
echo "installed: ${JSON_PATH}/config.json"
fi
if [[ "$CONFDIR" -eq '1' ]]; then
echo "installed: ${JSON_PATH}/00_log.json"
echo "installed: ${JSON_PATH}/01_api.json"
echo "installed: ${JSON_PATH}/02_dns.json"
echo "installed: ${JSON_PATH}/03_routing.json"
echo "installed: ${JSON_PATH}/04_policy.json"
echo "installed: ${JSON_PATH}/05_inbounds.json"
echo "installed: ${JSON_PATH}/06_outbounds.json"
echo "installed: ${JSON_PATH}/07_transport.json"
echo "installed: ${JSON_PATH}/08_stats.json"
echo "installed: ${JSON_PATH}/09_reverse.json"
fi
if [[ "$LOG" -eq '1' ]]; then
echo 'installed: /var/log/xray/'
echo 'installed: /var/log/xray/access.log'
echo 'installed: /var/log/xray/error.log'
fi
if [[ "$SYSTEMD" -eq '1' ]]; then
echo 'installed: /etc/systemd/system/xray.service'
echo 'installed: /etc/systemd/system/xray@.service'
fi
"rm" -r "$TMP_DIRECTORY"
echo "removed: $TMP_DIRECTORY"
get_current_version
echo "info: Xray $CURRENT_VERSION is installed."
echo "You may need to execute a command to remove dependent software: $PACKAGE_MANAGEMENT_REMOVE curl unzip"
if [[ "$XRAY_IS_INSTALLED_BEFORE_RUNNING_SCRIPT" -eq '1' ]] && [[ "$FORCE" -eq '0' ]] && [[ "$REINSTALL" -eq '0' ]]; then
[[ "$XRAY_RUNNING" -eq '1' ]] && start_xray
else
systemctl start xray
systemctl enable xray
sleep 1s
if systemctl -q is-active xray; then
echo "info: Enable and start the Xray service"
else
echo "warning: Failed to enable and start the Xray service"
fi
fi
}
main "$@"

29
1-代理Xray/sync-proxy-config.sh Normal file
View File

@@ -0,0 +1,29 @@
#!/bin/bash
ooss_dest_list=(tc-sh seoul-1)
ooss_dest_list=(seoul-1)
function set_oss_alias()
{
# /usr/local/bin/mc alias set local http://10.250.0.100:9000 cmii B#923fC7mk
# /usr/local/bin/mc alias set tc-sh http://42.192.52.227:9000 cmii B#923fC7mk
/usr/local/bin/mc alias set seoul-1 https://cnk8d6fazu16.compat.objectstorage.ap-seoul-1.oraclecloud.com aed62d24d85e2da809ce02bf272420ba4ed74820 rQdEcn69K049+JkA1IGoQmC1k8zma8zfWvZvVS0h144=
}
function do_sync(){
for dest in ${ooss_dest_list[@]};do
echo "[do_sync] - start to sync to $dest"
/usr/local/bin/mc cp /root/wddproject/shell-scripts/1-代理Xray/98-subscribe-clash.yaml ${dest}/seoul/
/usr/local/bin/mc cp /root/wddproject/shell-scripts/1-代理Xray/99-subscribe-octopus-latest.txt ${dest}/seoul/
echo "[do_sync] - end to sync to $dest"
echo ""
done
}
set_oss_alias
do_sync
echo "[sync-proxy-config] - done !"

2
2-NGINX相关/107421.xyz/21-申请证书.sh
View File

@@ -6,6 +6,8 @@ export DOMAIN_NAME=octopus.107421.xyz
export DOMAIN_NAME=xx.t2.ll.c0.107421.xyz export DOMAIN_NAME=xx.t2.ll.c0.107421.xyz
export DOMAIN_NAME=zc.p4.cc.xx.107421.xyz export DOMAIN_NAME=zc.p4.cc.xx.107421.xyz
export DOMAIN_NAME=bingo.107421.xyz
export CF_Token="oXJRP5XI8Zhipa_PtYtB_jy6qWL0I9BosrJEYE8p" export CF_Token="oXJRP5XI8Zhipa_PtYtB_jy6qWL0I9BosrJEYE8p"
export CF_Account_ID="dfaadeb83406ef5ad35da02617af9191" export CF_Account_ID="dfaadeb83406ef5ad35da02617af9191"
export CF_Zone_ID="511894a4f1357feb905e974e16241ebb" export CF_Zone_ID="511894a4f1357feb905e974e16241ebb"

31
2-NGINX相关/107421.xyz/Seoul-Arm-01/push.107421.xyz.conf Normal file
View File

@@ -0,0 +1,31 @@
server {
listen 5004 ssl http2;
server_name push.107421.xyz;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_certificate /etc/nginx/conf.d/ssl_key/push.107421.xyz.cert.pem;
ssl_certificate_key /etc/nginx/conf.d/ssl_key/push.107421.xyz.key.pem;
location / {
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 3m;
proxy_send_timeout 3m;
proxy_read_timeout 3m;
client_max_body_size 0; # Stream request body to backend
proxy_pass http://129.146.65.80:8800;
}
}

54
2-NGINX相关/107421.xyz/Seoul-Arm-01/push.107421.xyz.conf_back Normal file
View File

@@ -0,0 +1,54 @@
server {
listen 80;
server_name push.107421.xyz;
location / {
return 302 https://$http_host$request_uri$is_args$query_string;
proxy_pass http://129.146.65.80:8800;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 3m;
proxy_send_timeout 3m;
proxy_read_timeout 3m;
client_max_body_size 0; # Stream request body to backend
}
}
server {
listen 443 ssl http2;
server_name push.107421.xyz;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_certificate /etc/nginx/conf.d/ssl_key/push.107421.xyz.cert.pem;
ssl_certificate_key /etc/nginx/conf.d/ssl_key/push.107421.xyz.key.pem;
location / {
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 3m;
proxy_send_timeout 3m;
proxy_read_timeout 3m;
client_max_body_size 0; # Stream request body to backend
proxy_pass http://129.146.65.80:8800;
}
}

0
3-wdd初始化/dep/octopus-offline-nginx.conf → 3-wdd初始化-OSS/dep/octopus-offline-nginx.conf
View File

0
3-wdd初始化/dep/octopus_ssh_banner → 3-wdd初始化-OSS/dep/octopus_ssh_banner
View File

0
3-wdd初始化/dep/oh-my-zsh-plugins-list.txt → 3-wdd初始化-OSS/dep/oh-my-zsh-plugins-list.txt
View File

0
3-wdd初始化/dep/ssh_key_pub.txt → 3-wdd初始化-OSS/dep/ssh_key_pub.txt
View File

8
3-wdd初始化/dep/wdd-server-host.txt → 3-wdd初始化-OSS/dep/wdd-server-host.txt
View File

@@ -39,3 +39,11 @@
114.117.165.222 tc-cd 114.117.165.222 tc-cd
89.208.251.209 los-1 89.208.251.209 los-1
45.134.50.233 de-1
158.180.57.125 frankfurt-1 f1
158.180.27.191 frankfurt-2 f2

13
3-wdd初始化/init-script-wdd.sh → 3-wdd初始化-OSS/init-script-wdd.sh
View File

@@ -28,6 +28,7 @@ is_install_zsh=0
is_install_host=0 is_install_host=0
is_modify_ssh_login=0 is_modify_ssh_login=0
is_modify_ssh_port=0 is_modify_ssh_port=0
is_set_security=0
is_install_agent=0 is_install_agent=0
is_update_agent=0 is_update_agent=0
is_remove_agent=0 is_remove_agent=0
@@ -79,6 +80,7 @@ help() {
--time 是否配置时间同步 --time 是否配置时间同步
--ssh-login 修改ssh的登录密钥 --ssh-login 修改ssh的登录密钥
--ssh-port <port> 修改ssh的登录端口 端口 <port> --ssh-port <port> 修改ssh的登录端口 端口 <port>
--security 设置主机的安全性ssh黑名单
--agent-install 安装 Octopus-Agent --agent-install 安装 Octopus-Agent
--agent-install 更新 Octopus-Agent --agent-install 更新 Octopus-Agent
@@ -119,6 +121,9 @@ while [[ $# -gt 0 ]]; do
--docker-compose) --docker-compose)
is_install_docker_compose=1 is_install_docker_compose=1
;; ;;
--security)
is_set_security=1
;;
--zsh) --zsh)
is_install_zsh=1 is_install_zsh=1
;; ;;
@@ -489,6 +494,10 @@ install_docker_compose() {
FunctionEnd FunctionEnd
} }
set_system_security(){
}
####################################### #######################################
# description # description
# Globals: # Globals:
@@ -1332,6 +1341,10 @@ main() {
install_docker_compose install_docker_compose
fi fi
if [[ $is_set_security -eq 1 ]]; then
set_system_security
fi
if [[ $is_install_agent -eq 1 ]]; then if [[ $is_install_agent -eq 1 ]]; then
# 安装agent # 安装agent
install_octopus_agent install_octopus_agent

0
3-wdd初始化/lib/wdd-lib-clean.sh → 3-wdd初始化-OSS/lib/wdd-lib-clean.sh
View File

0
3-wdd初始化/lib/wdd-lib-env.sh → 3-wdd初始化-OSS/lib/wdd-lib-env.sh
View File

0
3-wdd初始化/lib/wdd-lib-file.sh → 3-wdd初始化-OSS/lib/wdd-lib-file.sh
View File

0
3-wdd初始化/lib/wdd-lib-log.sh → 3-wdd初始化-OSS/lib/wdd-lib-log.sh
View File

0
3-wdd初始化/lib/wdd-lib-sys.sh → 3-wdd初始化-OSS/lib/wdd-lib-sys.sh
View File

0
3-wdd初始化/mid-script.sh → 3-wdd初始化-OSS/mid-script.sh
View File

0
3-wdd初始化/sync-base-script.ps1 → 3-wdd初始化-OSS/sync-base-script.ps1
View File

7
3-wdd初始化-OSS/初始化脚本使用方法.txt Normal file
View File

@@ -0,0 +1,7 @@
# 本目录下的全部文件都会被上传到OSS中
# linux使用
bash <(curl -sSL http://oss-s1.107421.xyz/init-script-wdd.sh) --help
bash <(curl -sSL http://oss-s1.107421.xyz/init-script-wdd.sh) --tools --host --time --ssh-login --ssh-port 22333 --zsh

42
4-初始化/oracle-移除Agent.sh Normal file
View File

@@ -0,0 +1,42 @@
#!/bin/bash
function StopFirewallReleated()
{
systemctl stop netfilter-persistent.service
systemctl disable netfilter-persistent.service
systemctl stop firewalld
systemctl disable firewalld
systemctl stop ufw
systemctl disable ufw
systemctl stop systemd-resolved
systemctl disable systemd-resolved
echo "
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 4.2.2.2" > /etc/resolv.conf
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -t raw -F
ip6tables -F && ip6tables -t nat -F && ip6tables -t mangle -F && ip6tables -t raw -F
}
function RemoveOracleAgent()
{
# 完全移除 oracle-cloud-agent
snap remove oracle-cloud-agent
snap remove oracle-cloud-agent-updater
systemctl stop oracle-cloud-agent
systemctl disable oracle-cloud-agent
systemctl stop oracle-cloud-agent-updater
systemctl disable oracle-cloud-agent-updater
}

30
4-初始化/snap-完全移除.sh Normal file
View File

@@ -0,0 +1,30 @@
#!/bin/bash
# 确保以 root 用户运行
if [ "$EUID" -ne 0 ]
then echo "请以 root 用户或使用 sudo 运行此脚本"
exit
fi
# 停止 snap 服务
systemctl stop snapd.service
# 卸载所有 snap 包
for snap in $(snap list | awk '{print $1}' | tail -n +2); do
snap remove $snap --purge
done
# 移除 snapd 包
apt purge snapd -y
# 清理 snapd 的残留文件
rm -rf /var/cache/snapd/
rm -rf /var/snap/
rm -rf /var/lib/snapd/
rm -rf /snap/
rm -rf ~/.snap/
# 更新软件包列表
apt update
echo "Snap 和 snapd 已被移除。请注意,这可能会影响某些程序的功能。"

53
Untitled-1.sh
View File

@@ -1,53 +0,0 @@
#! /bin/bash
systemctl stop netclient
systemctl disable netclient
rm -rf /etc/systemd/system/netclient.service
rm -rf /etc/netclient/config
/usr/local/bin/k3s-uninstall.sh
/usr/local/bin/k3s-agent-uninstall.sh
apt remove -y wireguard wireguard-tools
rm -rf /root/k3s-install/
ifconfig wg0-oracle down
apt autoremove -y
ifconfig
systemctl stop systemd-resolved.service && systemctl disable systemd-resolved.service
systemctl stop netfilter-persistent.service && systemctl disable netfilter-persistent.service
rm /etc/resolv.conf
cat > /etc/resolv.conf<<EOF
nameserver 1.1.1.1
nameserver 1.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 223.5.5.5
nameserver 114.114.114.114
EOF
ping google.com
## Ubuntu 18.04
curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/bionic.gpg | sudo apt-key add -
curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/bionic.list | sudo tee /etc/apt/sources.list.d/tailscale.list
sudo apt-get update
sudo apt-get install tailscale
systemctl enable --now tailscaled
tailscale up --login-server=http://tailscale.107421.xyz --accept-routes=false --accept-dns=false
headscale -n wdd-net nodes register --key
systemctl status tailscaled