├── README.md └── install.sh /README.md: -------------------------------------------------------------------------------- 1 | ### 用v2ray原生安装,适用于普通ss v2ray-plugin以及ss ws [Quantumult X(IOS)/Kitsunebi(Andriod)] 2 | 安装v2ray, 同时适配普通 shadowsocks v2ray-plugin 和shadowsocks ws [Quantumult X/Kitsunebi(即 mux=0 )]的方案 3 | 4 | ### 目前支持Debian 9+ / Ubuntu 18.04+ / Centos7+ 5 | 6 | ## V2ray core 更新方式 7 | 执行: 8 | `bash <(curl -L -s https://install.direct/go.sh)` 9 | 10 | ( 来源参考 :[V2ray官方说明](https://www.v2ray.com/chapter_00/install.html)) 11 | * 如果为最新版本,会输出提示并停止安装。否则会自动更新 12 | * 未来会将相关内容集成到本脚本中并进行交互式操作更新 13 | 14 | ## 注意事项 15 | * 该程序依赖 Nginx 实现相关功能,请使用 [LNMP](https://lnmp.org) 或其他类似携带 Nginx 脚本安装过 Nginx 的用户特别留意,使用本脚本可能会导致无法预知的错误(未测试,若存在,后续版本可能会处理本问题)。 16 | * V2Ray 的部分功能依赖于系统时间,请确保您使用V2RAY程序的系统 UTC 时间误差在三分钟之内,时区无关。 17 | * 本 bash 依赖于 [V2ray 官方安装脚本](https://install.direct/go.sh) 及 [acme.sh](https://github.com/Neilpang/acme.sh) 工作。 18 | * Centos 系统用户请预先在防火墙中放行程序相关端口(默认:80,443) 19 | ## 准备工作 20 | * 一个VPS,如[Vultr](https://www.vultr.com/?ref=6906410)或[V.PS](https://vps.hosting/?affid=658) ; 21 | * 准备一个域名,并将A记录添加好; 22 | * 一些需要的软件 23 | ``` 24 | sudo apt update && sudo apt upgrade 25 | sudo apt install vim curl wget 26 | ``` 27 | * Quantumult X端口不可为443、80、10010、10011 28 | ## 安装方式 29 | ss_v2ray-plugin_ws-tls 30 | ``` 31 | bash <(curl -L -s https://raw.githubusercontent.com/MurrddoL/ss-v2ray-plugin_ss-ws/master/install.sh) | tee v2ray_ins.log 32 | ``` 33 | ### 启动方式 34 | 35 | 启动 ss(V2ray):`systemctl start v2ray` 36 | 37 | 停止 ss(V2ray):`systemctl stop v2ray` 38 | 39 | 重启 ss(V2ray):`sudo service v2ray restart` 40 | 41 | 状态查询 ss(V2ray):`sudo service v2ray status` 42 | 43 | 启动 Nginx:`systemctl start nginx` 44 | 45 | 停止 Nginx:`systemctl stop nginx` 46 | 47 | 重启 Nginx:`sudo service Nginx restart` 48 | 49 | 状态查询 Nginx:`sudo service Nginx status` 50 | 51 | ### 如安装失败,可一键重装为纯净系统后再安装:下例为ubuntu16.04,重装大概需20分钟以上,切勿在vps页面重启/停止等操作,以免失联 52 | ``` 53 | bash <(wget --no-check-certificate -qO- 'https://moeclub.org/attachment/LinuxShell/InstallNET.sh') -u 16.04 -v 64 -a -firmware 54 | ``` 55 | 默认root密码是:MoeClub.org 56 | 其他系统可见https://moeclub.org/2018/04/03/603/ 57 | 58 | 59 | 60 | ### 相关目录 61 | 62 | Web 目录:`/home/wwwroot/levis` 63 | 64 | V2ray 服务端配置:`/etc/v2ray/config.json` 65 | 66 | V2ray 客户端配置: `执行安装时所在目录下的 v2ray_info.txt` 67 | 68 | Nginx 配置目录: `/etc/nginx/conf/conf.d/v2ray.conf` 69 | 70 | 证书目录: `/data/v2ray.key 和 /data/v2ray.crt` 71 | 72 | ### 查看客户端配置 73 | `cat v2ray_info.txt` 74 | 75 | ### 可选,安装BBR加速 76 | 77 | ``` 78 | wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh 79 | chmod +x bbr.sh 80 | ./bbr.sh 81 | ``` 82 | 83 | ### 更新说明 84 | 85 | ... 86 | 87 | V1.0 88 | * 1.测试可用 89 | 90 | # 参考与借鉴 91 | 92 | https://github.com/wulabing/V2Ray_ws-tls_bash_onekey 93 | 94 | http://www.xuxiaobo.com/?p=5950 95 | 96 | https://github.com/v2ray/discussion/issues/173 97 | 98 | https://github.com/crossutility/Quantumult-X/blob/master/v2ray-ss-ws-tls.json 99 | 100 | https://moeclub.org/2018/04/03/603/ 101 | 102 | https://teddysun.com/489.html 103 | 104 | 105 | 106 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | #==================================================== 4 | # System Request:Debian 9+/Ubuntu 18.04+/Centos 7+ 5 | # Author: MurrddoL 6 | # Dscription: V2ray ws+tls onekey 7 | # Version: 5.1 8 | # email:murrddo@hotmail.com 9 | # Official document: www.v2ray.com 10 | #==================================================== 11 | 12 | #fonts color 13 | Green="\033[32m" 14 | Red="\033[31m" 15 | Yellow="\033[33m" 16 | GreenBG="\033[42;37m" 17 | RedBG="\033[41;37m" 18 | Font="\033[0m" 19 | 20 | #notification information 21 | Info="${Green}[信息]${Font}" 22 | OK="${Green}[OK]${Font}" 23 | Error="${Red}[错误]${Font}" 24 | 25 | v2ray_conf_dir="/etc/v2ray" 26 | nginx_conf_dir="/etc/nginx/conf/conf.d" 27 | v2ray_conf="${v2ray_conf_dir}/config.json" 28 | nginx_conf="${nginx_conf_dir}/v2ray.conf" 29 | nginx_dir="/etc/nginx" 30 | nginx_openssl_src="/usr/local/src" 31 | nginx_version="1.16.1" 32 | openssl_version="1.1.1d" 33 | #生成伪装路径 34 | camouflage=`cat /dev/urandom | head -n 10 | md5sum | head -c 8` 35 | 36 | source /etc/os-release 37 | 38 | #从VERSION中提取发行版系统的英文名称,为了在debian/ubuntu下添加相对应的Nginx apt源 39 | VERSION=`echo ${VERSION} | awk -F "[()]" '{print $2}'` 40 | 41 | check_system(){ 42 | if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]];then 43 | echo -e "${OK} ${GreenBG} 当前系统为 Centos ${VERSION_ID} ${VERSION} ${Font}" 44 | INS="yum" 45 | elif [[ "${ID}" == "debian" && ${VERSION_ID} -ge 8 ]];then 46 | echo -e "${OK} ${GreenBG} 当前系统为 Debian ${VERSION_ID} ${VERSION} ${Font}" 47 | INS="apt" 48 | $INS update 49 | ## 添加 Nginx apt源 50 | elif [[ "${ID}" == "ubuntu" && `echo "${VERSION_ID}" | cut -d '.' -f1` -ge 16 ]];then 51 | echo -e "${OK} ${GreenBG} 当前系统为 Ubuntu ${VERSION_ID} ${UBUNTU_CODENAME} ${Font}" 52 | INS="apt" 53 | $INS update 54 | else 55 | echo -e "${Error} ${RedBG} 当前系统为 ${ID} ${VERSION_ID} 不在支持的系统列表内,安装中断 ${Font}" 56 | exit 1 57 | fi 58 | 59 | systemctl stop firewalld && systemctl disable firewalld 60 | echo -e "${OK} ${GreenBG} firewalld 已关闭 ${Font}" 61 | } 62 | 63 | is_root(){ 64 | if [ `id -u` == 0 ] 65 | then echo -e "${OK} ${GreenBG} 当前用户是root用户,进入安装流程 ${Font}" 66 | sleep 3 67 | else 68 | echo -e "${Error} ${RedBG} 当前用户不是root用户,请切换到root用户后重新执行脚本 ${Font}" 69 | exit 1 70 | fi 71 | } 72 | judge(){ 73 | if [[ $? -eq 0 ]];then 74 | echo -e "${OK} ${GreenBG} $1 完成 ${Font}" 75 | sleep 1 76 | else 77 | echo -e "${Error} ${RedBG} $1 失败${Font}" 78 | exit 1 79 | fi 80 | } 81 | chrony_install(){ 82 | ${INS} -y install chrony 83 | judge "安装 chrony 时间同步服务 " 84 | 85 | timedatectl set-ntp true 86 | 87 | if [[ "${ID}" == "centos" ]];then 88 | systemctl enable chronyd && systemctl restart chronyd 89 | else 90 | systemctl enable chrony && systemctl restart chrony 91 | fi 92 | 93 | judge "chronyd 启动 " 94 | 95 | timedatectl set-timezone Asia/Shanghai 96 | 97 | echo -e "${OK} ${GreenBG} 等待时间同步 ${Font}" 98 | sleep 10 99 | 100 | chronyc sourcestats -v 101 | chronyc tracking -v 102 | date 103 | read -p "请确认时间是否准确,误差范围±3分钟(Y/N): " chrony_install 104 | [[ -z ${chrony_install} ]] && chrony_install="Y" 105 | case $chrony_install in 106 | [yY][eE][sS]|[yY]) 107 | echo -e "${GreenBG} 继续安装 ${Font}" 108 | sleep 2 109 | ;; 110 | *) 111 | echo -e "${RedBG} 安装终止 ${Font}" 112 | exit 2 113 | ;; 114 | esac 115 | } 116 | 117 | dependency_install(){ 118 | ${INS} install wget git lsof -y 119 | 120 | if [[ "${ID}" == "centos" ]];then 121 | ${INS} -y install crontabs 122 | else 123 | ${INS} -y install cron 124 | fi 125 | judge "安装 crontab" 126 | 127 | if [[ "${ID}" == "centos" ]];then 128 | touch /var/spool/cron/root && chmod 600 /var/spool/cron/root 129 | systemctl start crond && systemctl enable crond 130 | else 131 | touch /var/spool/cron/crontabs/root && chmod 600 /var/spool/cron/crontabs/root 132 | systemctl start cron && systemctl enable cron 133 | 134 | fi 135 | judge "crontab 自启动配置 " 136 | 137 | 138 | 139 | ${INS} -y install bc 140 | judge "安装 bc" 141 | 142 | ${INS} -y install unzip 143 | judge "安装 unzip" 144 | 145 | ${INS} -y install qrencode 146 | judge "安装 qrencode" 147 | 148 | if [[ "${ID}" == "centos" ]];then 149 | ${INS} -y groupinstall "Development tools" 150 | else 151 | ${INS} -y install build-essential 152 | fi 153 | judge "编译工具包 安装" 154 | 155 | if [[ "${ID}" == "centos" ]];then 156 | ${INS} -y install pcre pcre-devel zlib-devel 157 | else 158 | ${INS} -y install libpcre3 libpcre3-dev zlib1g-dev 159 | fi 160 | 161 | 162 | judge "nginx 编译依赖安装" 163 | 164 | } 165 | basic_optimization(){ 166 | # 最大文件打开数 167 | sed -i '/^\*\ *soft\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf 168 | sed -i '/^\*\ *hard\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf 169 | echo '* soft nofile 65536' >> /etc/security/limits.conf 170 | echo '* hard nofile 65536' >> /etc/security/limits.conf 171 | 172 | # 关闭 Selinux 173 | if [[ "${ID}" == "centos" ]];then 174 | sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config 175 | setenforce 0 176 | fi 177 | 178 | } 179 | 180 | read -p "请输入Quantumult x端口Port(default:10020,不可为10010、10011、80、443):" SSx_port 181 | if [[ -z ${SSx_port} ]]; then 182 | SSx_port="10020" 183 | fi 184 | echo ${SSx_port} 185 | 186 | read -p "请输入Quantumult x路径path(default:/x):" SSx_path 187 | if [[ -z ${SSx_path} ]]; then 188 | SSx_path="/x" 189 | fi 190 | echo ${SSx_path} 191 | 192 | read -p "请输入Quantumult x密码password(default:pwd123):" SSx_pwd 193 | if [[ -z ${SSx_pwd} ]]; then 194 | SSx_pwd="pwd123" 195 | fi 196 | echo ${SSx_pwd} 197 | 198 | read -p "请输入Quantumult x加密方式method(default:chacha20-ietf):" SSx_method 199 | if [[ -z ${SSx_method} ]]; then 200 | SSx_method="chacha20-ietf" 201 | fi 202 | echo ${SSx_method} 203 | 204 | read -p "v2ray plugin路径path(default:/s):" SSs_path 205 | if [[ -z ${SSs_path} ]]; then 206 | SSs_path="/s" 207 | fi 208 | echo ${SSs_path} 209 | 210 | read -p "请输入v2ray plugin密码password(default:pwd123):" SSs_pwd 211 | if [[ -z ${SSs_pwd} ]]; then 212 | SSs_pwd="pwd123" 213 | fi 214 | echo ${SSs_pwd} 215 | 216 | read -p "请输入v2ray plugin加密方式method(default:chacha20-ietf):" SSs_method 217 | if [[ -z ${SSs_method} ]]; then 218 | SSs_method="chacha20-ietf" 219 | fi 220 | echo ${SSs_method} 221 | 222 | 223 | v2ray_install(){ 224 | if [[ -d /root/v2ray ]];then 225 | rm -rf /root/v2ray 226 | fi 227 | if [[ -d /etc/v2ray ]];then 228 | rm -rf /etc/v2ray 229 | fi 230 | mkdir -p /root/v2ray && cd /root/v2ray 231 | wget --no-check-certificate https://install.direct/go.sh 232 | 233 | ## wget http://install.direct/go.sh 234 | 235 | if [[ -f go.sh ]];then 236 | bash go.sh --force 237 | judge "安装 V2ray" 238 | else 239 | echo -e "${Error} ${RedBG} V2ray 安装文件下载失败,请检查下载地址是否可用 ${Font}" 240 | exit 4 241 | fi 242 | # 清除临时文件 243 | rm -rf /root/v2ray 244 | } 245 | nginx_install(){ 246 | if [[ -d "/etc/nginx" ]];then 247 | rm -rf /etc/nginx 248 | fi 249 | 250 | wget -nc http://nginx.org/download/nginx-${nginx_version}.tar.gz -P ${nginx_openssl_src} 251 | judge "Nginx 下载" 252 | wget -nc https://www.openssl.org/source/openssl-${openssl_version}.tar.gz -P ${nginx_openssl_src} 253 | judge "openssl 下载" 254 | 255 | cd ${nginx_openssl_src} 256 | 257 | [[ -d nginx-"$nginx_version" ]] && rm -rf nginx-"$nginx_version" 258 | tar -zxvf nginx-"$nginx_version".tar.gz 259 | 260 | [[ -d openssl-"$openssl_version" ]] && rm -rf openssl-"$openssl_version" 261 | tar -zxvf openssl-"$openssl_version".tar.gz 262 | 263 | [[ -d "$nginx_dir" ]] && rm -rf ${nginx_dir} 264 | 265 | echo -e "${OK} ${GreenBG} 即将开始编译安装 Nginx, 过程稍久,请耐心等待 ${Font}" 266 | sleep 4 267 | 268 | cd nginx-${nginx_version} 269 | ./configure --prefix="${nginx_dir}" \ 270 | --with-http_ssl_module \ 271 | --with-http_gzip_static_module \ 272 | --with-http_stub_status_module \ 273 | --with-pcre \ 274 | --with-http_realip_module \ 275 | --with-http_flv_module \ 276 | --with-http_mp4_module \ 277 | --with-http_secure_link_module \ 278 | --with-http_v2_module \ 279 | --with-openssl=../openssl-"$openssl_version" 280 | judge "编译检查" 281 | make && make install 282 | judge "Nginx 编译安装" 283 | 284 | # 修改基本配置 285 | sed -i 's/#user nobody;/user root;/' ${nginx_dir}/conf/nginx.conf 286 | sed -i 's/worker_processes 1;/worker_processes 3;/' ${nginx_dir}/conf/nginx.conf 287 | sed -i 's/ worker_connections 1024;/ worker_connections 4096;/' ${nginx_dir}/conf/nginx.conf 288 | sed -i '$i include conf.d/*.conf;' ${nginx_dir}/conf/nginx.conf 289 | 290 | 291 | 292 | # 删除临时文件 293 | rm -rf nginx-"${nginx_version}" 294 | rm -rf openssl-"${openssl_version}" 295 | rm -rf ../nginx-"${nginx_version}".tar.gz 296 | rm -rf ../openssl-"${openssl_version}".tar.gz 297 | 298 | # 添加配置文件夹,适配旧版脚本 299 | mkdir ${nginx_dir}/conf/conf.d 300 | } 301 | ssl_install(){ 302 | if [[ "${ID}" == "centos" ]];then 303 | ${INS} install socat nc -y 304 | else 305 | ${INS} install socat netcat -y 306 | fi 307 | judge "安装 SSL 证书生成脚本依赖" 308 | 309 | curl https://get.acme.sh | sh 310 | judge "安装 SSL 证书生成脚本" 311 | } 312 | domain_check(){ 313 | read -p "请输入你的域名信息(eg:www.bing.com):" domain 314 | domain_ip=`ping ${domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'` 315 | echo -e "${OK} ${GreenBG} 正在获取 公网ip 信息,请耐心等待 ${Font}" 316 | local_ip=`curl -4 ip.sb` 317 | echo -e "域名dns解析IP:${domain_ip}" 318 | echo -e "本机IP: ${local_ip}" 319 | sleep 2 320 | if [[ $(echo ${local_ip}|tr '.' '+'|bc) -eq $(echo ${domain_ip}|tr '.' '+'|bc) ]];then 321 | echo -e "${OK} ${GreenBG} 域名dns解析IP 与 本机IP 匹配 ${Font}" 322 | sleep 2 323 | else 324 | echo -e "${Error} ${RedBG} 请确保域名添加了正确的 A 记录,否则将无法正常使用 V2ray" 325 | echo -e "${Error} ${RedBG} 域名dns解析IP 与 本机IP 不匹配 是否继续安装?(y/n)${Font}" && read install 326 | case $install in 327 | [yY][eE][sS]|[yY]) 328 | echo -e "${GreenBG} 继续安装 ${Font}" 329 | sleep 2 330 | ;; 331 | *) 332 | echo -e "${RedBG} 安装终止 ${Font}" 333 | exit 2 334 | ;; 335 | esac 336 | fi 337 | } 338 | 339 | port_exist_check(){ 340 | if [[ 0 -eq `lsof -i:"$1" | grep -i "listen" | wc -l` ]];then 341 | echo -e "${OK} ${GreenBG} $1 端口未被占用 ${Font}" 342 | sleep 1 343 | else 344 | echo -e "${Error} ${RedBG} 检测到 $1 端口被占用,以下为 $1 端口占用信息 ${Font}" 345 | lsof -i:"$1" 346 | echo -e "${OK} ${GreenBG} 5s 后将尝试自动 kill 占用进程 ${Font}" 347 | sleep 5 348 | lsof -i:"$1" | awk '{print $2}'| grep -v "PID" | xargs kill -9 349 | echo -e "${OK} ${GreenBG} kill 完成 ${Font}" 350 | sleep 1 351 | fi 352 | } 353 | acme(){ 354 | ~/.acme.sh/acme.sh --issue -d ${domain} --standalone -k ec-256 --force 355 | if [[ $? -eq 0 ]];then 356 | echo -e "${OK} ${GreenBG} SSL 证书生成成功 ${Font}" 357 | sleep 2 358 | mkdir /data 359 | ~/.acme.sh/acme.sh --installcert -d ${domain} --fullchainpath /data/v2ray.crt --keypath /data/v2ray.key --ecc 360 | if [[ $? -eq 0 ]];then 361 | echo -e "${OK} ${GreenBG} 证书配置成功 ${Font}" 362 | sleep 2 363 | fi 364 | else 365 | echo -e "${Error} ${RedBG} SSL 证书生成失败 ${Font}" 366 | exit 1 367 | fi 368 | } 369 | v2ray_conf_add(){ 370 | touch ${v2ray_conf_dir}/config.json 371 | cat < ${v2ray_conf_dir}/config.json 372 | { 373 | "log": { 374 | "access": "/var/log/v2ray/access.log", 375 | "error": "/var/log/v2ray/error.log", 376 | "loglevel": "info" 377 | }, 378 | "inbounds": [ 379 | { 380 | "port": 10010, 381 | "protocol": "dokodemo-door", 382 | "tag": "wsdoko", 383 | "settings": { 384 | "address": "v1.mux.cool", 385 | "followRedirect": false, 386 | "network": "tcp" 387 | }, 388 | "streamSettings": { 389 | "network": "ws", 390 | "wsSettings": { 391 | "path": "${SSs_path}" 392 | } 393 | } 394 | }, 395 | { 396 | "port": 10011, 397 | "protocol": "shadowsocks", 398 | "settings": { 399 | "method": "${SSs_method}", 400 | "ota": false, 401 | "password": "${SSs_pwd}", 402 | "network": "tcp,udp" 403 | }, 404 | "streamSettings": { 405 | "network": "domainsocket" 406 | } 407 | }, 408 | { 409 | "port": ${SSx_port}, 410 | "protocol": "shadowsocks", 411 | "settings": { 412 | "method": "${SSx_method}", 413 | "ota": false, 414 | "password": "${SSx_pwd}", 415 | "network": "tcp,udp" 416 | }, 417 | "streamSettings": { 418 | "network": "ws", 419 | "wsSettings": { 420 | "path": "${SSx_path}" 421 | } 422 | } 423 | } 424 | ], 425 | "outbounds": [ 426 | { 427 | "protocol": "freedom", 428 | "settings": {}, 429 | "tag": "direct" 430 | }, 431 | { 432 | "protocol": "blackhole", 433 | "settings": {}, 434 | "tag": "blocked" 435 | }, 436 | { 437 | "protocol": "freedom", 438 | "tag": "ssmux", 439 | "streamSettings": { 440 | "network": "domainsocket" 441 | } 442 | } 443 | ], 444 | "transport": { 445 | "dsSettings": { 446 | "path": "/var/run/ss-loop.sock" 447 | } 448 | }, 449 | "routing": { 450 | "rules": [ 451 | { 452 | "type": "field", 453 | "inboundTag": [ 454 | "wsdoko" 455 | ], 456 | "outboundTag": "ssmux" 457 | }, 458 | { 459 | "type": "field", 460 | "ip": [ 461 | "geoip:private" 462 | ], 463 | "outboundTag": "blocked" 464 | } 465 | ] 466 | } 467 | } 468 | EOF 469 | 470 | judge "V2ray 配置修改" 471 | } 472 | 473 | nginx_conf_add(){ 474 | touch ${nginx_conf_dir}/v2ray.conf 475 | cat < ${nginx_conf_dir}/v2ray.conf 476 | server { 477 | listen 443 ssl; 478 | ssl_certificate /data/v2ray.crt; 479 | ssl_certificate_key /data/v2ray.key; 480 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; 481 | ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5; 482 | server_name ${domain}; 483 | index index.html index.htm; 484 | root /home/wwwroot/levis; 485 | error_page 400 = /400.html; 486 | location ${SSs_path} 487 | { 488 | proxy_redirect off; 489 | proxy_pass http://127.0.0.1:10010; 490 | proxy_http_version 1.1; 491 | proxy_set_header Upgrade \$http_upgrade; 492 | proxy_set_header Connection "upgrade"; 493 | proxy_set_header Host \$http_host; 494 | } 495 | location ${SSx_path} 496 | { 497 | proxy_redirect off; 498 | proxy_pass http://127.0.0.1:${SSx_port}; 499 | proxy_http_version 1.1; 500 | proxy_set_header Upgrade \$http_upgrade; 501 | proxy_set_header Connection "upgrade"; 502 | proxy_set_header Host \$http_host; 503 | } 504 | } 505 | server { 506 | listen 80; 507 | server_name ${domain}; 508 | return 301 https://use.shadowsocksr.win\$request_uri; 509 | } 510 | EOF 511 | 512 | judge "Nginx 配置修改" 513 | 514 | } 515 | 516 | start_process_systemd(){ 517 | ### nginx服务在安装完成后会自动启动。需要通过restart或reload重新加载配置 518 | systemctl restart nginx 519 | judge "Nginx 启动" 520 | 521 | systemctl enable nginx 522 | judge "设置 Nginx 开机自启" 523 | 524 | systemctl restart v2ray 525 | judge "V2ray 启动" 526 | 527 | systemctl enable v2ray 528 | judge "设置 v2ray 开机自启" 529 | } 530 | 531 | #debian 系 9 10 适配 532 | #rc_local_initialization(){ 533 | # if [[ -f /etc/rc.local ]];then 534 | # chmod +x /etc/rc.local 535 | # else 536 | # touch /etc/rc.local && chmod +x /etc/rc.local 537 | # echo "#!/bin/bash" >> /etc/rc.local 538 | # systemctl start rc-local 539 | # fi 540 | # 541 | # judge "rc.local 配置" 542 | #} 543 | acme_cron_update(){ 544 | if [[ "${ID}" == "centos" ]];then 545 | sed -i "/acme.sh/c 0 0 * * 0 systemctl stop nginx && \"/root/.acme.sh\"/acme.sh --cron --home \"/root/.acme.sh\" \ 546 | > /dev/null && systemctl start nginx" /var/spool/cron/root 547 | else 548 | sed -i "/acme.sh/c 0 0 * * 0 systemctl stop nginx && \"/root/.acme.sh\"/acme.sh --cron --home \"/root/.acme.sh\" \ 549 | > /dev/null && systemctl start nginx" /var/spool/cron/crontabs/root 550 | fi 551 | judge "cron 计划任务更新" 552 | } 553 | 554 | 555 | show_information(){ 556 | clear 557 | cd ~ 558 | 559 | echo -e "${OK} ${Green} ss+v2ray-plugin/ ss+ws_tls 安装成功" >./v2ray_info.txt 560 | echo -e "${Red} ss+v2ray-plugin/ ss+ws_tls配置信息 ${Font}" >>./v2ray_info.txt 561 | echo -e "${Red} ss v2ray-plugin地址(address):${Font} ${domain} " >>./v2ray_info.txt 562 | echo -e "${Red} ss v2ray-plugin端口(port):${Font} 443 " >>./v2ray_info.txt 563 | echo -e "${Red} ss v2ray-plugin密码(password):${Font} ${SSs_pwd} " >>./v2ray_info.txt 564 | echo -e "${Red} ss v2ray-plugin加密方式(method):${Font} ${SSs_method} " >>./v2ray_info.txt 565 | echo -e "${Red} ss v2ray-plugin插件(plugin):${Font} v2ray " >>./v2ray_info.txt 566 | echo -e "${Red} ss v2ray-plugin插件选项(plugin+):${Font} tls;host=${domain};path=${SSs_path} " >>./v2ray_info.txt 567 | echo -e "${Red} ss v2ray-plugin插件参数(plugin++):${Font} fast-open=false " >>./v2ray_info.txt 568 | echo -e "${Red} ss+ws_tls(quantumult x)配置:${Font} shadowsocks=${domain}:${SSx_port}, method=${SSx_method}, password=${SSx_pwd}, obfs=ws, obfs-uri=${SSx_path}, fast-open=false, udp-relay=false, tag=ssx" >>./v2ray_info.txt 569 | cat ./v2ray_info.txt 570 | 571 | } 572 | ssl_judge_and_install(){ 573 | if [[ -f "/data/v2ray.key" && -f "/data/v2ray.crt" ]];then 574 | echo "证书文件已存在" 575 | elif [[ -f "~/.acme.sh/${domain}_ecc/${domain}.key" && -f "~/.acme.sh/${domain}_ecc/${domain}.cer" ]];then 576 | echo "证书文件已存在" 577 | ~/.acme.sh/acme.sh --installcert -d ${domain} --fullchainpath /data/v2ray.crt --keypath /data/v2ray.key --ecc 578 | judge "证书应用" 579 | else 580 | ssl_install 581 | acme 582 | fi 583 | } 584 | nginx_systemd(){ 585 | cat>/lib/systemd/system/nginx.service<