├── README.md
├── LICENSE
└── xray.sh
/README.md:
--------------------------------------------------------------------------------
1 | # Xray-script
2 |
3 | Xray一键安装脚本,支持节点自动生成伪装站,支持和宝塔面板共存
4 |
5 | ## 使用方法
6 |
7 | ```shell
8 | wget https://cdn.jsdelivr.net/gh/Misaka-blog/Xray-script@master/xray.sh && bash xray.sh
9 | ```
10 |
11 | ## 鸣谢
12 |
13 | 感谢网络跳越提供的源码及开放许可
14 |
15 | ## 交流
16 |
17 | [Telegram 群组](https://t.me/misakanetcn)
18 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | GNU GENERAL PUBLIC LICENSE
2 | Version 3, 29 June 2007
3 |
4 | Copyright (C) 2007 Free Software Foundation, Inc.
5 | Everyone is permitted to copy and distribute verbatim copies
6 | of this license document, but changing it is not allowed.
7 |
8 | Preamble
9 |
10 | The GNU General Public License is a free, copyleft license for
11 | software and other kinds of works.
12 |
13 | The licenses for most software and other practical works are designed
14 | to take away your freedom to share and change the works. By contrast,
15 | the GNU General Public License is intended to guarantee your freedom to
16 | share and change all versions of a program--to make sure it remains free
17 | software for all its users. We, the Free Software Foundation, use the
18 | GNU General Public License for most of our software; it applies also to
19 | any other work released this way by its authors. You can apply it to
20 | your programs, too.
21 |
22 | When we speak of free software, we are referring to freedom, not
23 | price. Our General Public Licenses are designed to make sure that you
24 | have the freedom to distribute copies of free software (and charge for
25 | them if you wish), that you receive source code or can get it if you
26 | want it, that you can change the software or use pieces of it in new
27 | free programs, and that you know you can do these things.
28 |
29 | To protect your rights, we need to prevent others from denying you
30 | these rights or asking you to surrender the rights. Therefore, you have
31 | certain responsibilities if you distribute copies of the software, or if
32 | you modify it: responsibilities to respect the freedom of others.
33 |
34 | For example, if you distribute copies of such a program, whether
35 | gratis or for a fee, you must pass on to the recipients the same
36 | freedoms that you received. You must make sure that they, too, receive
37 | or can get the source code. And you must show them these terms so they
38 | know their rights.
39 |
40 | Developers that use the GNU GPL protect your rights with two steps:
41 | (1) assert copyright on the software, and (2) offer you this License
42 | giving you legal permission to copy, distribute and/or modify it.
43 |
44 | For the developers' and authors' protection, the GPL clearly explains
45 | that there is no warranty for this free software. For both users' and
46 | authors' sake, the GPL requires that modified versions be marked as
47 | changed, so that their problems will not be attributed erroneously to
48 | authors of previous versions.
49 |
50 | Some devices are designed to deny users access to install or run
51 | modified versions of the software inside them, although the manufacturer
52 | can do so. This is fundamentally incompatible with the aim of
53 | protecting users' freedom to change the software. The systematic
54 | pattern of such abuse occurs in the area of products for individuals to
55 | use, which is precisely where it is most unacceptable. Therefore, we
56 | have designed this version of the GPL to prohibit the practice for those
57 | products. If such problems arise substantially in other domains, we
58 | stand ready to extend this provision to those domains in future versions
59 | of the GPL, as needed to protect the freedom of users.
60 |
61 | Finally, every program is threatened constantly by software patents.
62 | States should not allow patents to restrict development and use of
63 | software on general-purpose computers, but in those that do, we wish to
64 | avoid the special danger that patents applied to a free program could
65 | make it effectively proprietary. To prevent this, the GPL assures that
66 | patents cannot be used to render the program non-free.
67 |
68 | The precise terms and conditions for copying, distribution and
69 | modification follow.
70 |
71 | TERMS AND CONDITIONS
72 |
73 | 0. Definitions.
74 |
75 | "This License" refers to version 3 of the GNU General Public License.
76 |
77 | "Copyright" also means copyright-like laws that apply to other kinds of
78 | works, such as semiconductor masks.
79 |
80 | "The Program" refers to any copyrightable work licensed under this
81 | License. Each licensee is addressed as "you". "Licensees" and
82 | "recipients" may be individuals or organizations.
83 |
84 | To "modify" a work means to copy from or adapt all or part of the work
85 | in a fashion requiring copyright permission, other than the making of an
86 | exact copy. The resulting work is called a "modified version" of the
87 | earlier work or a work "based on" the earlier work.
88 |
89 | A "covered work" means either the unmodified Program or a work based
90 | on the Program.
91 |
92 | To "propagate" a work means to do anything with it that, without
93 | permission, would make you directly or secondarily liable for
94 | infringement under applicable copyright law, except executing it on a
95 | computer or modifying a private copy. Propagation includes copying,
96 | distribution (with or without modification), making available to the
97 | public, and in some countries other activities as well.
98 |
99 | To "convey" a work means any kind of propagation that enables other
100 | parties to make or receive copies. Mere interaction with a user through
101 | a computer network, with no transfer of a copy, is not conveying.
102 |
103 | An interactive user interface displays "Appropriate Legal Notices"
104 | to the extent that it includes a convenient and prominently visible
105 | feature that (1) displays an appropriate copyright notice, and (2)
106 | tells the user that there is no warranty for the work (except to the
107 | extent that warranties are provided), that licensees may convey the
108 | work under this License, and how to view a copy of this License. If
109 | the interface presents a list of user commands or options, such as a
110 | menu, a prominent item in the list meets this criterion.
111 |
112 | 1. Source Code.
113 |
114 | The "source code" for a work means the preferred form of the work
115 | for making modifications to it. "Object code" means any non-source
116 | form of a work.
117 |
118 | A "Standard Interface" means an interface that either is an official
119 | standard defined by a recognized standards body, or, in the case of
120 | interfaces specified for a particular programming language, one that
121 | is widely used among developers working in that language.
122 |
123 | The "System Libraries" of an executable work include anything, other
124 | than the work as a whole, that (a) is included in the normal form of
125 | packaging a Major Component, but which is not part of that Major
126 | Component, and (b) serves only to enable use of the work with that
127 | Major Component, or to implement a Standard Interface for which an
128 | implementation is available to the public in source code form. A
129 | "Major Component", in this context, means a major essential component
130 | (kernel, window system, and so on) of the specific operating system
131 | (if any) on which the executable work runs, or a compiler used to
132 | produce the work, or an object code interpreter used to run it.
133 |
134 | The "Corresponding Source" for a work in object code form means all
135 | the source code needed to generate, install, and (for an executable
136 | work) run the object code and to modify the work, including scripts to
137 | control those activities. However, it does not include the work's
138 | System Libraries, or general-purpose tools or generally available free
139 | programs which are used unmodified in performing those activities but
140 | which are not part of the work. For example, Corresponding Source
141 | includes interface definition files associated with source files for
142 | the work, and the source code for shared libraries and dynamically
143 | linked subprograms that the work is specifically designed to require,
144 | such as by intimate data communication or control flow between those
145 | subprograms and other parts of the work.
146 |
147 | The Corresponding Source need not include anything that users
148 | can regenerate automatically from other parts of the Corresponding
149 | Source.
150 |
151 | The Corresponding Source for a work in source code form is that
152 | same work.
153 |
154 | 2. Basic Permissions.
155 |
156 | All rights granted under this License are granted for the term of
157 | copyright on the Program, and are irrevocable provided the stated
158 | conditions are met. This License explicitly affirms your unlimited
159 | permission to run the unmodified Program. The output from running a
160 | covered work is covered by this License only if the output, given its
161 | content, constitutes a covered work. This License acknowledges your
162 | rights of fair use or other equivalent, as provided by copyright law.
163 |
164 | You may make, run and propagate covered works that you do not
165 | convey, without conditions so long as your license otherwise remains
166 | in force. You may convey covered works to others for the sole purpose
167 | of having them make modifications exclusively for you, or provide you
168 | with facilities for running those works, provided that you comply with
169 | the terms of this License in conveying all material for which you do
170 | not control copyright. Those thus making or running the covered works
171 | for you must do so exclusively on your behalf, under your direction
172 | and control, on terms that prohibit them from making any copies of
173 | your copyrighted material outside their relationship with you.
174 |
175 | Conveying under any other circumstances is permitted solely under
176 | the conditions stated below. Sublicensing is not allowed; section 10
177 | makes it unnecessary.
178 |
179 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
180 |
181 | No covered work shall be deemed part of an effective technological
182 | measure under any applicable law fulfilling obligations under article
183 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or
184 | similar laws prohibiting or restricting circumvention of such
185 | measures.
186 |
187 | When you convey a covered work, you waive any legal power to forbid
188 | circumvention of technological measures to the extent such circumvention
189 | is effected by exercising rights under this License with respect to
190 | the covered work, and you disclaim any intention to limit operation or
191 | modification of the work as a means of enforcing, against the work's
192 | users, your or third parties' legal rights to forbid circumvention of
193 | technological measures.
194 |
195 | 4. Conveying Verbatim Copies.
196 |
197 | You may convey verbatim copies of the Program's source code as you
198 | receive it, in any medium, provided that you conspicuously and
199 | appropriately publish on each copy an appropriate copyright notice;
200 | keep intact all notices stating that this License and any
201 | non-permissive terms added in accord with section 7 apply to the code;
202 | keep intact all notices of the absence of any warranty; and give all
203 | recipients a copy of this License along with the Program.
204 |
205 | You may charge any price or no price for each copy that you convey,
206 | and you may offer support or warranty protection for a fee.
207 |
208 | 5. Conveying Modified Source Versions.
209 |
210 | You may convey a work based on the Program, or the modifications to
211 | produce it from the Program, in the form of source code under the
212 | terms of section 4, provided that you also meet all of these conditions:
213 |
214 | a) The work must carry prominent notices stating that you modified
215 | it, and giving a relevant date.
216 |
217 | b) The work must carry prominent notices stating that it is
218 | released under this License and any conditions added under section
219 | 7. This requirement modifies the requirement in section 4 to
220 | "keep intact all notices".
221 |
222 | c) You must license the entire work, as a whole, under this
223 | License to anyone who comes into possession of a copy. This
224 | License will therefore apply, along with any applicable section 7
225 | additional terms, to the whole of the work, and all its parts,
226 | regardless of how they are packaged. This License gives no
227 | permission to license the work in any other way, but it does not
228 | invalidate such permission if you have separately received it.
229 |
230 | d) If the work has interactive user interfaces, each must display
231 | Appropriate Legal Notices; however, if the Program has interactive
232 | interfaces that do not display Appropriate Legal Notices, your
233 | work need not make them do so.
234 |
235 | A compilation of a covered work with other separate and independent
236 | works, which are not by their nature extensions of the covered work,
237 | and which are not combined with it such as to form a larger program,
238 | in or on a volume of a storage or distribution medium, is called an
239 | "aggregate" if the compilation and its resulting copyright are not
240 | used to limit the access or legal rights of the compilation's users
241 | beyond what the individual works permit. Inclusion of a covered work
242 | in an aggregate does not cause this License to apply to the other
243 | parts of the aggregate.
244 |
245 | 6. Conveying Non-Source Forms.
246 |
247 | You may convey a covered work in object code form under the terms
248 | of sections 4 and 5, provided that you also convey the
249 | machine-readable Corresponding Source under the terms of this License,
250 | in one of these ways:
251 |
252 | a) Convey the object code in, or embodied in, a physical product
253 | (including a physical distribution medium), accompanied by the
254 | Corresponding Source fixed on a durable physical medium
255 | customarily used for software interchange.
256 |
257 | b) Convey the object code in, or embodied in, a physical product
258 | (including a physical distribution medium), accompanied by a
259 | written offer, valid for at least three years and valid for as
260 | long as you offer spare parts or customer support for that product
261 | model, to give anyone who possesses the object code either (1) a
262 | copy of the Corresponding Source for all the software in the
263 | product that is covered by this License, on a durable physical
264 | medium customarily used for software interchange, for a price no
265 | more than your reasonable cost of physically performing this
266 | conveying of source, or (2) access to copy the
267 | Corresponding Source from a network server at no charge.
268 |
269 | c) Convey individual copies of the object code with a copy of the
270 | written offer to provide the Corresponding Source. This
271 | alternative is allowed only occasionally and noncommercially, and
272 | only if you received the object code with such an offer, in accord
273 | with subsection 6b.
274 |
275 | d) Convey the object code by offering access from a designated
276 | place (gratis or for a charge), and offer equivalent access to the
277 | Corresponding Source in the same way through the same place at no
278 | further charge. You need not require recipients to copy the
279 | Corresponding Source along with the object code. If the place to
280 | copy the object code is a network server, the Corresponding Source
281 | may be on a different server (operated by you or a third party)
282 | that supports equivalent copying facilities, provided you maintain
283 | clear directions next to the object code saying where to find the
284 | Corresponding Source. Regardless of what server hosts the
285 | Corresponding Source, you remain obligated to ensure that it is
286 | available for as long as needed to satisfy these requirements.
287 |
288 | e) Convey the object code using peer-to-peer transmission, provided
289 | you inform other peers where the object code and Corresponding
290 | Source of the work are being offered to the general public at no
291 | charge under subsection 6d.
292 |
293 | A separable portion of the object code, whose source code is excluded
294 | from the Corresponding Source as a System Library, need not be
295 | included in conveying the object code work.
296 |
297 | A "User Product" is either (1) a "consumer product", which means any
298 | tangible personal property which is normally used for personal, family,
299 | or household purposes, or (2) anything designed or sold for incorporation
300 | into a dwelling. In determining whether a product is a consumer product,
301 | doubtful cases shall be resolved in favor of coverage. For a particular
302 | product received by a particular user, "normally used" refers to a
303 | typical or common use of that class of product, regardless of the status
304 | of the particular user or of the way in which the particular user
305 | actually uses, or expects or is expected to use, the product. A product
306 | is a consumer product regardless of whether the product has substantial
307 | commercial, industrial or non-consumer uses, unless such uses represent
308 | the only significant mode of use of the product.
309 |
310 | "Installation Information" for a User Product means any methods,
311 | procedures, authorization keys, or other information required to install
312 | and execute modified versions of a covered work in that User Product from
313 | a modified version of its Corresponding Source. The information must
314 | suffice to ensure that the continued functioning of the modified object
315 | code is in no case prevented or interfered with solely because
316 | modification has been made.
317 |
318 | If you convey an object code work under this section in, or with, or
319 | specifically for use in, a User Product, and the conveying occurs as
320 | part of a transaction in which the right of possession and use of the
321 | User Product is transferred to the recipient in perpetuity or for a
322 | fixed term (regardless of how the transaction is characterized), the
323 | Corresponding Source conveyed under this section must be accompanied
324 | by the Installation Information. But this requirement does not apply
325 | if neither you nor any third party retains the ability to install
326 | modified object code on the User Product (for example, the work has
327 | been installed in ROM).
328 |
329 | The requirement to provide Installation Information does not include a
330 | requirement to continue to provide support service, warranty, or updates
331 | for a work that has been modified or installed by the recipient, or for
332 | the User Product in which it has been modified or installed. Access to a
333 | network may be denied when the modification itself materially and
334 | adversely affects the operation of the network or violates the rules and
335 | protocols for communication across the network.
336 |
337 | Corresponding Source conveyed, and Installation Information provided,
338 | in accord with this section must be in a format that is publicly
339 | documented (and with an implementation available to the public in
340 | source code form), and must require no special password or key for
341 | unpacking, reading or copying.
342 |
343 | 7. Additional Terms.
344 |
345 | "Additional permissions" are terms that supplement the terms of this
346 | License by making exceptions from one or more of its conditions.
347 | Additional permissions that are applicable to the entire Program shall
348 | be treated as though they were included in this License, to the extent
349 | that they are valid under applicable law. If additional permissions
350 | apply only to part of the Program, that part may be used separately
351 | under those permissions, but the entire Program remains governed by
352 | this License without regard to the additional permissions.
353 |
354 | When you convey a copy of a covered work, you may at your option
355 | remove any additional permissions from that copy, or from any part of
356 | it. (Additional permissions may be written to require their own
357 | removal in certain cases when you modify the work.) You may place
358 | additional permissions on material, added by you to a covered work,
359 | for which you have or can give appropriate copyright permission.
360 |
361 | Notwithstanding any other provision of this License, for material you
362 | add to a covered work, you may (if authorized by the copyright holders of
363 | that material) supplement the terms of this License with terms:
364 |
365 | a) Disclaiming warranty or limiting liability differently from the
366 | terms of sections 15 and 16 of this License; or
367 |
368 | b) Requiring preservation of specified reasonable legal notices or
369 | author attributions in that material or in the Appropriate Legal
370 | Notices displayed by works containing it; or
371 |
372 | c) Prohibiting misrepresentation of the origin of that material, or
373 | requiring that modified versions of such material be marked in
374 | reasonable ways as different from the original version; or
375 |
376 | d) Limiting the use for publicity purposes of names of licensors or
377 | authors of the material; or
378 |
379 | e) Declining to grant rights under trademark law for use of some
380 | trade names, trademarks, or service marks; or
381 |
382 | f) Requiring indemnification of licensors and authors of that
383 | material by anyone who conveys the material (or modified versions of
384 | it) with contractual assumptions of liability to the recipient, for
385 | any liability that these contractual assumptions directly impose on
386 | those licensors and authors.
387 |
388 | All other non-permissive additional terms are considered "further
389 | restrictions" within the meaning of section 10. If the Program as you
390 | received it, or any part of it, contains a notice stating that it is
391 | governed by this License along with a term that is a further
392 | restriction, you may remove that term. If a license document contains
393 | a further restriction but permits relicensing or conveying under this
394 | License, you may add to a covered work material governed by the terms
395 | of that license document, provided that the further restriction does
396 | not survive such relicensing or conveying.
397 |
398 | If you add terms to a covered work in accord with this section, you
399 | must place, in the relevant source files, a statement of the
400 | additional terms that apply to those files, or a notice indicating
401 | where to find the applicable terms.
402 |
403 | Additional terms, permissive or non-permissive, may be stated in the
404 | form of a separately written license, or stated as exceptions;
405 | the above requirements apply either way.
406 |
407 | 8. Termination.
408 |
409 | You may not propagate or modify a covered work except as expressly
410 | provided under this License. Any attempt otherwise to propagate or
411 | modify it is void, and will automatically terminate your rights under
412 | this License (including any patent licenses granted under the third
413 | paragraph of section 11).
414 |
415 | However, if you cease all violation of this License, then your
416 | license from a particular copyright holder is reinstated (a)
417 | provisionally, unless and until the copyright holder explicitly and
418 | finally terminates your license, and (b) permanently, if the copyright
419 | holder fails to notify you of the violation by some reasonable means
420 | prior to 60 days after the cessation.
421 |
422 | Moreover, your license from a particular copyright holder is
423 | reinstated permanently if the copyright holder notifies you of the
424 | violation by some reasonable means, this is the first time you have
425 | received notice of violation of this License (for any work) from that
426 | copyright holder, and you cure the violation prior to 30 days after
427 | your receipt of the notice.
428 |
429 | Termination of your rights under this section does not terminate the
430 | licenses of parties who have received copies or rights from you under
431 | this License. If your rights have been terminated and not permanently
432 | reinstated, you do not qualify to receive new licenses for the same
433 | material under section 10.
434 |
435 | 9. Acceptance Not Required for Having Copies.
436 |
437 | You are not required to accept this License in order to receive or
438 | run a copy of the Program. Ancillary propagation of a covered work
439 | occurring solely as a consequence of using peer-to-peer transmission
440 | to receive a copy likewise does not require acceptance. However,
441 | nothing other than this License grants you permission to propagate or
442 | modify any covered work. These actions infringe copyright if you do
443 | not accept this License. Therefore, by modifying or propagating a
444 | covered work, you indicate your acceptance of this License to do so.
445 |
446 | 10. Automatic Licensing of Downstream Recipients.
447 |
448 | Each time you convey a covered work, the recipient automatically
449 | receives a license from the original licensors, to run, modify and
450 | propagate that work, subject to this License. You are not responsible
451 | for enforcing compliance by third parties with this License.
452 |
453 | An "entity transaction" is a transaction transferring control of an
454 | organization, or substantially all assets of one, or subdividing an
455 | organization, or merging organizations. If propagation of a covered
456 | work results from an entity transaction, each party to that
457 | transaction who receives a copy of the work also receives whatever
458 | licenses to the work the party's predecessor in interest had or could
459 | give under the previous paragraph, plus a right to possession of the
460 | Corresponding Source of the work from the predecessor in interest, if
461 | the predecessor has it or can get it with reasonable efforts.
462 |
463 | You may not impose any further restrictions on the exercise of the
464 | rights granted or affirmed under this License. For example, you may
465 | not impose a license fee, royalty, or other charge for exercise of
466 | rights granted under this License, and you may not initiate litigation
467 | (including a cross-claim or counterclaim in a lawsuit) alleging that
468 | any patent claim is infringed by making, using, selling, offering for
469 | sale, or importing the Program or any portion of it.
470 |
471 | 11. Patents.
472 |
473 | A "contributor" is a copyright holder who authorizes use under this
474 | License of the Program or a work on which the Program is based. The
475 | work thus licensed is called the contributor's "contributor version".
476 |
477 | A contributor's "essential patent claims" are all patent claims
478 | owned or controlled by the contributor, whether already acquired or
479 | hereafter acquired, that would be infringed by some manner, permitted
480 | by this License, of making, using, or selling its contributor version,
481 | but do not include claims that would be infringed only as a
482 | consequence of further modification of the contributor version. For
483 | purposes of this definition, "control" includes the right to grant
484 | patent sublicenses in a manner consistent with the requirements of
485 | this License.
486 |
487 | Each contributor grants you a non-exclusive, worldwide, royalty-free
488 | patent license under the contributor's essential patent claims, to
489 | make, use, sell, offer for sale, import and otherwise run, modify and
490 | propagate the contents of its contributor version.
491 |
492 | In the following three paragraphs, a "patent license" is any express
493 | agreement or commitment, however denominated, not to enforce a patent
494 | (such as an express permission to practice a patent or covenant not to
495 | sue for patent infringement). To "grant" such a patent license to a
496 | party means to make such an agreement or commitment not to enforce a
497 | patent against the party.
498 |
499 | If you convey a covered work, knowingly relying on a patent license,
500 | and the Corresponding Source of the work is not available for anyone
501 | to copy, free of charge and under the terms of this License, through a
502 | publicly available network server or other readily accessible means,
503 | then you must either (1) cause the Corresponding Source to be so
504 | available, or (2) arrange to deprive yourself of the benefit of the
505 | patent license for this particular work, or (3) arrange, in a manner
506 | consistent with the requirements of this License, to extend the patent
507 | license to downstream recipients. "Knowingly relying" means you have
508 | actual knowledge that, but for the patent license, your conveying the
509 | covered work in a country, or your recipient's use of the covered work
510 | in a country, would infringe one or more identifiable patents in that
511 | country that you have reason to believe are valid.
512 |
513 | If, pursuant to or in connection with a single transaction or
514 | arrangement, you convey, or propagate by procuring conveyance of, a
515 | covered work, and grant a patent license to some of the parties
516 | receiving the covered work authorizing them to use, propagate, modify
517 | or convey a specific copy of the covered work, then the patent license
518 | you grant is automatically extended to all recipients of the covered
519 | work and works based on it.
520 |
521 | A patent license is "discriminatory" if it does not include within
522 | the scope of its coverage, prohibits the exercise of, or is
523 | conditioned on the non-exercise of one or more of the rights that are
524 | specifically granted under this License. You may not convey a covered
525 | work if you are a party to an arrangement with a third party that is
526 | in the business of distributing software, under which you make payment
527 | to the third party based on the extent of your activity of conveying
528 | the work, and under which the third party grants, to any of the
529 | parties who would receive the covered work from you, a discriminatory
530 | patent license (a) in connection with copies of the covered work
531 | conveyed by you (or copies made from those copies), or (b) primarily
532 | for and in connection with specific products or compilations that
533 | contain the covered work, unless you entered into that arrangement,
534 | or that patent license was granted, prior to 28 March 2007.
535 |
536 | Nothing in this License shall be construed as excluding or limiting
537 | any implied license or other defenses to infringement that may
538 | otherwise be available to you under applicable patent law.
539 |
540 | 12. No Surrender of Others' Freedom.
541 |
542 | If conditions are imposed on you (whether by court order, agreement or
543 | otherwise) that contradict the conditions of this License, they do not
544 | excuse you from the conditions of this License. If you cannot convey a
545 | covered work so as to satisfy simultaneously your obligations under this
546 | License and any other pertinent obligations, then as a consequence you may
547 | not convey it at all. For example, if you agree to terms that obligate you
548 | to collect a royalty for further conveying from those to whom you convey
549 | the Program, the only way you could satisfy both those terms and this
550 | License would be to refrain entirely from conveying the Program.
551 |
552 | 13. Use with the GNU Affero General Public License.
553 |
554 | Notwithstanding any other provision of this License, you have
555 | permission to link or combine any covered work with a work licensed
556 | under version 3 of the GNU Affero General Public License into a single
557 | combined work, and to convey the resulting work. The terms of this
558 | License will continue to apply to the part which is the covered work,
559 | but the special requirements of the GNU Affero General Public License,
560 | section 13, concerning interaction through a network will apply to the
561 | combination as such.
562 |
563 | 14. Revised Versions of this License.
564 |
565 | The Free Software Foundation may publish revised and/or new versions of
566 | the GNU General Public License from time to time. Such new versions will
567 | be similar in spirit to the present version, but may differ in detail to
568 | address new problems or concerns.
569 |
570 | Each version is given a distinguishing version number. If the
571 | Program specifies that a certain numbered version of the GNU General
572 | Public License "or any later version" applies to it, you have the
573 | option of following the terms and conditions either of that numbered
574 | version or of any later version published by the Free Software
575 | Foundation. If the Program does not specify a version number of the
576 | GNU General Public License, you may choose any version ever published
577 | by the Free Software Foundation.
578 |
579 | If the Program specifies that a proxy can decide which future
580 | versions of the GNU General Public License can be used, that proxy's
581 | public statement of acceptance of a version permanently authorizes you
582 | to choose that version for the Program.
583 |
584 | Later license versions may give you additional or different
585 | permissions. However, no additional obligations are imposed on any
586 | author or copyright holder as a result of your choosing to follow a
587 | later version.
588 |
589 | 15. Disclaimer of Warranty.
590 |
591 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
592 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
593 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
594 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
595 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
596 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
597 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
598 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
599 |
600 | 16. Limitation of Liability.
601 |
602 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
603 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
604 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
605 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
606 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
607 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
608 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
609 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
610 | SUCH DAMAGES.
611 |
612 | 17. Interpretation of Sections 15 and 16.
613 |
614 | If the disclaimer of warranty and limitation of liability provided
615 | above cannot be given local legal effect according to their terms,
616 | reviewing courts shall apply local law that most closely approximates
617 | an absolute waiver of all civil liability in connection with the
618 | Program, unless a warranty or assumption of liability accompanies a
619 | copy of the Program in return for a fee.
620 |
621 | END OF TERMS AND CONDITIONS
622 |
623 | How to Apply These Terms to Your New Programs
624 |
625 | If you develop a new program, and you want it to be of the greatest
626 | possible use to the public, the best way to achieve this is to make it
627 | free software which everyone can redistribute and change under these terms.
628 |
629 | To do so, attach the following notices to the program. It is safest
630 | to attach them to the start of each source file to most effectively
631 | state the exclusion of warranty; and each file should have at least
632 | the "copyright" line and a pointer to where the full notice is found.
633 |
634 |
635 | Copyright (C)
636 |
637 | This program is free software: you can redistribute it and/or modify
638 | it under the terms of the GNU General Public License as published by
639 | the Free Software Foundation, either version 3 of the License, or
640 | (at your option) any later version.
641 |
642 | This program is distributed in the hope that it will be useful,
643 | but WITHOUT ANY WARRANTY; without even the implied warranty of
644 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
645 | GNU General Public License for more details.
646 |
647 | You should have received a copy of the GNU General Public License
648 | along with this program. If not, see .
649 |
650 | Also add information on how to contact you by electronic and paper mail.
651 |
652 | If the program does terminal interaction, make it output a short
653 | notice like this when it starts in an interactive mode:
654 |
655 | Copyright (C)
656 | This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
657 | This is free software, and you are welcome to redistribute it
658 | under certain conditions; type `show c' for details.
659 |
660 | The hypothetical commands `show w' and `show c' should show the appropriate
661 | parts of the General Public License. Of course, your program's commands
662 | might be different; for a GUI interface, you would use an "about box".
663 |
664 | You should also get your employer (if you work as a programmer) or school,
665 | if any, to sign a "copyright disclaimer" for the program, if necessary.
666 | For more information on this, and how to apply and follow the GNU GPL, see
667 | .
668 |
669 | The GNU General Public License does not permit incorporating your program
670 | into proprietary programs. If your program is a subroutine library, you
671 | may consider it more useful to permit linking proprietary applications with
672 | the library. If this is what you want to do, use the GNU Lesser General
673 | Public License instead of this License. But first, please read
674 | .
675 |
--------------------------------------------------------------------------------
/xray.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | RED="\033[31m" # Error message
4 | GREEN="\033[32m" # Success message
5 | YELLOW="\033[33m" # Warning message
6 | BLUE="\033[36m" # Info message
7 | PLAIN='\033[0m'
8 |
9 | # 以下网站是随机从Google上找到的无广告小说网站,不喜欢请改成其他网址,以http或https开头
10 | # 搭建好后无法打开伪装域名,可能是反代小说网站挂了,请在网站留言,或者Github发issue,以便替换新的网站
11 | SITES=(
12 | http://www.zhuizishu.com/
13 | http://xs.56dyc.com/
14 | http://www.ddxsku.com/
15 | http://www.biqu6.com/
16 | https://www.wenshulou.cc/
17 | http://www.55shuba.com/
18 | http://www.39shubao.com/
19 | https://www.23xsw.cc/
20 | https://www.jueshitangmen.info/
21 | https://www.zhetian.org/
22 | http://www.bequgexs.com/
23 | http://www.tjwl.com/
24 | )
25 |
26 | CONFIG_FILE="/usr/local/etc/xray/config.json"
27 | OS=$(hostnamectl | grep -i system | cut -d: -f2)
28 |
29 | V6_PROXY=""
30 | IP=$(curl -sL -4 ip.gs)
31 | [[ "$?" != "0" ]] && IP=$(curl -sL -6 ip.gs) && V6_PROXY="https://gh-proxy-misakano7545.koyeb.app/"
32 |
33 | BT="false"
34 | NGINX_CONF_PATH="/etc/nginx/conf.d/"
35 | res=$(which bt 2>/dev/null)
36 | [[ "$res" != "" ]] && BT="true" && NGINX_CONF_PATH="/www/server/panel/vhost/nginx/"
37 |
38 | VLESS="false"
39 | TROJAN="false"
40 | TLS="false"
41 | WS="false"
42 | XTLS="false"
43 | KCP="false"
44 |
45 | checkSystem() {
46 | result=$(id | awk '{print $1}')
47 | [[ $result != "uid=0(root)" ]] && colorEcho $RED " 请以root身份执行该脚本" &&exit 1
48 |
49 | res=$(which yum 2>/dev/null)
50 | if [[ "$?" != "0" ]]; then
51 | res=$(which apt 2>/dev/null)
52 | if [[ "$?" != "0" ]]; then
53 | colorEcho $RED " 不受支持的Linux系统"
54 | exit 1
55 | fi
56 | PMT="apt"
57 | CMD_INSTALL="apt install -y "
58 | CMD_REMOVE="apt remove -y "
59 | CMD_UPGRADE="apt update; apt upgrade -y; apt autoremove -y"
60 | else
61 | PMT="yum"
62 | CMD_INSTALL="yum install -y "
63 | CMD_REMOVE="yum remove -y "
64 | CMD_UPGRADE="yum update -y"
65 | fi
66 | res=$(which systemctl 2>/dev/null)
67 | if [[ "$?" != "0" ]]; then
68 | colorEcho $RED " 系统版本过低,请升级到最新版本"
69 | exit 1
70 | fi
71 | }
72 |
73 | colorEcho() {
74 | echo -e "${1}${@:2}${PLAIN}"
75 | }
76 |
77 | configNeedNginx() {
78 | local ws=$(grep wsSettings $CONFIG_FILE)
79 | [[ -z "$ws" ]] && echo no && return
80 | echo yes
81 | }
82 |
83 | needNginx() {
84 | [[ "$WS" == "false" ]] && echo no && return
85 | echo yes
86 | }
87 |
88 | status() {
89 | [[ ! -f /usr/local/bin/xray ]] && echo 0 && return
90 | [[ ! -f $CONFIG_FILE ]] && echo 1 && return
91 | port=$(grep port $CONFIG_FILE | head -n 1 | cut -d: -f2 | tr -d \",' ')
92 | res=$(ss -nutlp | grep ${port} | grep -i xray)
93 | [[ -z "$res" ]] && echo 2 && return
94 |
95 | if [[ $(configNeedNginx) != "yes" ]]; then
96 | echo 3
97 | else
98 | res=$(ss -nutlp | grep -i nginx)
99 | if [[ -z "$res" ]]; then
100 | echo 4
101 | else
102 | echo 5
103 | fi
104 | fi
105 | }
106 |
107 | statusText() {
108 | res=$(status)
109 | case $res in
110 | 2) echo -e ${GREEN}已安装${PLAIN} ${RED}未运行${PLAIN} ;;
111 | 3) echo -e ${GREEN}已安装${PLAIN} ${GREEN}Xray正在运行${PLAIN} ;;
112 | 4) echo -e ${GREEN}已安装${PLAIN} ${GREEN}Xray正在运行${PLAIN}, ${RED}Nginx未运行${PLAIN} ;;
113 | 5) echo -e ${GREEN}已安装${PLAIN} ${GREEN}Xray正在运行, Nginx正在运行${PLAIN} ;;
114 | *) echo -e ${RED}未安装${PLAIN} ;;
115 | esac
116 | }
117 |
118 | normalizeVersion() {
119 | if [ -n "$1" ]; then
120 | case "$1" in
121 | v*) echo "$1" ;;
122 | http*) echo "v1.4.2" ;;
123 | *) echo "v$1" ;;
124 | esac
125 | else
126 | echo ""
127 | fi
128 | }
129 |
130 | # 1: new Xray. 0: no. 1: yes. 2: not installed. 3: check failed.
131 | getVersion() {
132 | VER=$(/usr/local/bin/xray version | head -n1 | awk '{print $2}')
133 | RETVAL=$?
134 | CUR_VER="$(normalizeVersion "$(echo "$VER" | head -n 1 | cut -d " " -f2)")"
135 | TAG_URL="${V6_PROXY}https://api.github.com/repos/XTLS/Xray-core/releases/latest"
136 | NEW_VER="$(normalizeVersion "$(curl -s "${TAG_URL}" --connect-timeout 10 | grep 'tag_name' | cut -d\" -f4)")"
137 |
138 | if [[ $? -ne 0 ]] || [[ $NEW_VER == "" ]]; then
139 | colorEcho $RED " 检查Xray版本信息失败,请检查网络"
140 | return 3
141 | elif [[ $RETVAL -ne 0 ]]; then
142 | return 2
143 | elif [[ $NEW_VER != $CUR_VER ]]; then
144 | return 1
145 | fi
146 | return 0
147 | }
148 |
149 | archAffix() {
150 | case "$(uname -m)" in
151 | i686 | i386) echo '32' ;;
152 | x86_64 | amd64) echo '64' ;;
153 | armv5tel) echo 'arm32-v5' ;;
154 | armv6l) echo 'arm32-v6' ;;
155 | armv7 | armv7l) echo 'arm32-v7a' ;;
156 | armv8 | aarch64) echo 'arm64-v8a' ;;
157 | mips64le) echo 'mips64le' ;;
158 | mips64) echo 'mips64' ;;
159 | mipsle) echo 'mips32le' ;;
160 | mips) echo 'mips32' ;;
161 | ppc64le) echo 'ppc64le' ;;
162 | ppc64) echo 'ppc64' ;;
163 | ppc64le) echo 'ppc64le' ;;
164 | riscv64) echo 'riscv64' ;;
165 | s390x) echo 's390x' ;;
166 | *) colorEcho $RED " 不支持的CPU架构!" && exit 1;;
167 | esac
168 |
169 | return 0
170 | }
171 |
172 | getData() {
173 | if [[ "$TLS" == "true" || "$XTLS" == "true" ]]; then
174 | echo ""
175 | echo " Xray一键脚本,运行之前请确认如下条件已经具备:"
176 | colorEcho ${YELLOW} " 1. 一个伪装域名"
177 | colorEcho ${YELLOW} " 2. 伪装域名DNS解析指向当前服务器ip(${IP})"
178 | colorEcho ${BLUE} " 3. 如果/root目录下有 xray.pem 和 xray.key 证书密钥文件,无需理会条件2"
179 | echo " "
180 | read -p " 确认满足按y,按其他退出脚本:" answer
181 | [[ "${answer,,}" != "y" ]] && exit 1
182 |
183 | echo ""
184 | while true; do
185 | read -p " 请输入伪装域名:" DOMAIN
186 | if [[ -z "${DOMAIN}" ]]; then
187 | colorEcho ${RED} " 域名输入错误,请重新输入!"
188 | else
189 | break
190 | fi
191 | done
192 | DOMAIN=${DOMAIN,,}
193 | colorEcho ${BLUE} " 伪装域名(host):$DOMAIN"
194 |
195 | echo ""
196 | if [[ -f ~/xray.pem && -f ~/xray.key ]]; then
197 | colorEcho ${BLUE} " 检测到自有证书,将使用其部署"
198 | CERT_FILE="/usr/local/etc/xray/${DOMAIN}.pem"
199 | KEY_FILE="/usr/local/etc/xray/${DOMAIN}.key"
200 | else
201 | resolve=$(curl -sL ipget.net/?ip=${DOMAIN})
202 | res=$(echo -n ${resolve} | grep ${IP})
203 | if [[ -z "${res}" ]]; then
204 | colorEcho ${BLUE} "${DOMAIN} 解析结果:${resolve}"
205 | colorEcho ${RED} " 域名未解析到当前服务器IP(${IP})!"
206 | exit 1
207 | fi
208 | fi
209 | fi
210 |
211 | echo ""
212 | if [[ "$(needNginx)" == "no" ]]; then
213 | if [[ "$TLS" == "true" ]]; then
214 | read -p " 请输入xray监听端口[强烈建议443,默认443]:" PORT
215 | [[ -z "${PORT}" ]] && PORT=443
216 | else
217 | read -p " 请输入xray监听端口[100-65535的一个数字]:" PORT
218 | [[ -z "${PORT}" ]] && PORT=$(shuf -i200-65000 -n1)
219 | if [[ "${PORT:0:1}" == "0" ]]; then
220 | colorEcho ${RED} " 端口不能以0开头"
221 | exit 1
222 | fi
223 | fi
224 | colorEcho ${BLUE} " xray端口:$PORT"
225 | else
226 | read -p " 请输入Nginx监听端口[100-65535的一个数字,默认443]:" PORT
227 | [[ -z "${PORT}" ]] && PORT=443
228 | [ "${PORT:0:1}" = "0" ] && colorEcho ${BLUE} " 端口不能以0开头" && exit 1
229 | colorEcho ${BLUE} " Nginx端口:$PORT"
230 | XPORT=$(shuf -i10000-65000 -n1)
231 | fi
232 |
233 | if [[ "$KCP" == "true" ]]; then
234 | echo ""
235 | colorEcho $BLUE " 请选择伪装类型:"
236 | echo " 1) 无"
237 | echo " 2) BT下载"
238 | echo " 3) 视频通话"
239 | echo " 4) 微信视频通话"
240 | echo " 5) dtls"
241 | echo " 6) wiregard"
242 | read -p " 请选择伪装类型[默认:无]:" answer
243 | case $answer in
244 | 2) HEADER_TYPE="utp" ;;
245 | 3) HEADER_TYPE="srtp" ;;
246 | 4) HEADER_TYPE="wechat-video" ;;
247 | 5) HEADER_TYPE="dtls" ;;
248 | 6) HEADER_TYPE="wireguard" ;;
249 | *) HEADER_TYPE="none" ;;
250 | esac
251 | colorEcho $BLUE " 伪装类型:$HEADER_TYPE"
252 | SEED=$(cat /proc/sys/kernel/random/uuid)
253 | fi
254 |
255 | if [[ "$TROJAN" == "true" ]]; then
256 | echo ""
257 | read -p " 请设置trojan密码(不输则随机生成):" PASSWORD
258 | [[ -z "$PASSWORD" ]] && PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)
259 | colorEcho $BLUE " trojan密码:$PASSWORD"
260 | fi
261 |
262 | if [[ "$XTLS" == "true" ]]; then
263 | echo ""
264 | colorEcho $BLUE " 请选择流控模式:"
265 | echo -e " 1) xtls-rprx-direct [$RED推荐$PLAIN]"
266 | echo " 2) xtls-rprx-origin"
267 | read -p " 请选择流控模式[默认:direct]" answer
268 | [[ -z "$answer" ]] && answer=1
269 | case $answer in
270 | 1) FLOW="xtls-rprx-direct" ;;
271 | 2) FLOW="xtls-rprx-origin" ;;
272 | *) colorEcho $RED " 无效选项,使用默认的xtls-rprx-direct" && FLOW="xtls-rprx-direct" ;;
273 | esac
274 | colorEcho $BLUE " 流控模式:$FLOW"
275 | fi
276 |
277 | if [[ "${WS}" == "true" ]]; then
278 | echo ""
279 | while true; do
280 | read -p " 请输入伪装路径,以/开头(不懂请直接回车):" WSPATH
281 | if [[ -z "${WSPATH}" ]]; then
282 | len=$(shuf -i5-12 -n1)
283 | ws=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w $len | head -n 1)
284 | WSPATH="/$ws"
285 | break
286 | elif [[ "${WSPATH:0:1}" != "/" ]]; then
287 | colorEcho ${RED} " 伪装路径必须以/开头!"
288 | elif [[ "${WSPATH}" == "/" ]]; then
289 | colorEcho ${RED} " 不能使用根路径!"
290 | else
291 | break
292 | fi
293 | done
294 | colorEcho ${BLUE} " ws路径:$WSPATH"
295 | fi
296 |
297 | if [[ "$TLS" == "true" || "$XTLS" == "true" ]]; then
298 | echo ""
299 | colorEcho $BLUE " 请选择伪装站类型:"
300 | echo " 1) 静态网站(位于/usr/share/nginx/html)"
301 | echo " 2) 小说站(随机选择)"
302 | echo " 3) 美女站(https://imeizi.me)"
303 | echo " 4) 高清壁纸站(https://bing.imeizi.me)"
304 | echo " 5) 自定义反代站点(需以http或者https开头)"
305 | read -p " 请选择伪装网站类型[默认:高清壁纸站]" answer
306 | if [[ -z "$answer" ]]; then
307 | PROXY_URL="https://bing.imeizi.me"
308 | else
309 | case $answer in
310 | 1) PROXY_URL="" ;;
311 | 2)
312 | len=${#SITES[@]}
313 | ((len--))
314 | while true; do
315 | index=$(shuf -i0-${len} -n1)
316 | PROXY_URL=${SITES[$index]}
317 | host=$(echo ${PROXY_URL} | cut -d/ -f3)
318 | ip=$(curl -sL https://hijk.art/hostip.php?d=${host})
319 | res=$(echo -n ${ip} | grep ${host})
320 | if [[ "${res}" == "" ]]; then
321 | echo "$ip $host" >>/etc/hosts
322 | break
323 | fi
324 | done
325 | ;;
326 | 3) PROXY_URL="https://imeizi.me" ;;
327 | 4) PROXY_URL="https://bing.imeizi.me" ;;
328 | 5)
329 | read -p " 请输入反代站点(以http或者https开头):" PROXY_URL
330 | if [[ -z "$PROXY_URL" ]]; then
331 | colorEcho $RED " 请输入反代网站!"
332 | exit 1
333 | elif [[ "${PROXY_URL:0:4}" != "http" ]]; then
334 | colorEcho $RED " 反代网站必须以http或https开头!"
335 | exit 1
336 | fi
337 | ;;
338 | *)
339 | colorEcho $RED " 请输入正确的选项!"
340 | exit 1
341 | ;;
342 | esac
343 | fi
344 | REMOTE_HOST=$(echo ${PROXY_URL} | cut -d/ -f3)
345 | colorEcho $BLUE " 伪装网站:$PROXY_URL"
346 |
347 | echo ""
348 | colorEcho $BLUE " 是否允许搜索引擎爬取网站?[默认:不允许]"
349 | echo " y)允许,会有更多ip请求网站,但会消耗一些流量,vps流量充足情况下推荐使用"
350 | echo " n)不允许,爬虫不会访问网站,访问ip比较单一,但能节省vps流量"
351 | read -p " 请选择:[y/n]" answer
352 | if [[ -z "$answer" ]]; then
353 | ALLOW_SPIDER="n"
354 | elif [[ "${answer,,}" == "y" ]]; then
355 | ALLOW_SPIDER="y"
356 | else
357 | ALLOW_SPIDER="n"
358 | fi
359 | colorEcho $BLUE " 允许搜索引擎:$ALLOW_SPIDER"
360 | fi
361 |
362 | echo ""
363 | read -p " 是否安装BBR(默认安装)?[y/n]:" NEED_BBR
364 | [[ -z "$NEED_BBR" ]] && NEED_BBR=y
365 | [[ "$NEED_BBR" == "Y" ]] && NEED_BBR=y
366 | colorEcho $BLUE " 安装BBR:$NEED_BBR"
367 | }
368 |
369 | installNginx() {
370 | echo ""
371 | colorEcho $BLUE " 安装nginx..."
372 | if [[ "$BT" == "false" ]]; then
373 | if [[ "$PMT" == "yum" ]]; then
374 | $CMD_INSTALL epel-release
375 | if [[ "$?" != "0" ]]; then
376 | echo '[nginx-stable]
377 | name=nginx stable repo
378 | baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
379 | gpgcheck=1
380 | enabled=1
381 | gpgkey=https://nginx.org/keys/nginx_signing.key
382 | module_hotfixes=true' >/etc/yum.repos.d/nginx.repo
383 | fi
384 | fi
385 | $CMD_INSTALL nginx
386 | if [[ "$?" != "0" ]]; then
387 | colorEcho $RED " Nginx安装失败,请到 https://hijk.art 反馈"
388 | exit 1
389 | fi
390 | systemctl enable nginx
391 | else
392 | res=$(which nginx 2>/dev/null)
393 | if [[ "$?" != "0" ]]; then
394 | colorEcho $RED " 您安装了宝塔,请在宝塔后台安装nginx后再运行本脚本"
395 | exit 1
396 | fi
397 | fi
398 | }
399 |
400 | startNginx() {
401 | if [[ "$BT" == "false" ]]; then
402 | systemctl start nginx
403 | else
404 | nginx -c /www/server/nginx/conf/nginx.conf
405 | fi
406 | }
407 |
408 | stopNginx() {
409 | if [[ "$BT" == "false" ]]; then
410 | systemctl stop nginx
411 | else
412 | res=$(ps aux | grep -i nginx)
413 | if [[ "$res" != "" ]]; then
414 | nginx -s stop
415 | fi
416 | fi
417 | }
418 |
419 | getCert() {
420 | mkdir -p /usr/local/etc/xray
421 | if [[ -z ${CERT_FILE+x} ]]; then
422 | stopNginx
423 | systemctl stop xray
424 | res=$(netstat -ntlp | grep -E ':80 |:443 ')
425 | if [[ "${res}" != "" ]]; then
426 | colorEcho ${RED} " 其他进程占用了80或443端口,请先关闭再运行一键脚本"
427 | echo " 端口占用信息如下:"
428 | echo ${res}
429 | exit 1
430 | fi
431 |
432 | $CMD_INSTALL socat openssl
433 | if [[ "$PMT" == "yum" ]]; then
434 | $CMD_INSTALL cronie
435 | systemctl start crond
436 | systemctl enable crond
437 | else
438 | $CMD_INSTALL cron
439 | systemctl start cron
440 | systemctl enable cron
441 | fi
442 | curl -sL https://get.acme.sh | sh -s email=hijk.pw@protonmail.sh
443 | source ~/.bashrc
444 | ~/.acme.sh/acme.sh --upgrade --auto-upgrade
445 | ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
446 | if [[ "$BT" == "false" ]]; then
447 | ~/.acme.sh/acme.sh --issue -d $DOMAIN --keylength ec-256 --pre-hook "systemctl stop nginx" --post-hook "systemctl restart nginx" --standalone
448 | else
449 | ~/.acme.sh/acme.sh --issue -d $DOMAIN --keylength ec-256 --pre-hook "nginx -s stop || { echo -n ''; }" --post-hook "nginx -c /www/server/nginx/conf/nginx.conf || { echo -n ''; }" --standalone
450 | fi
451 | [[ -f ~/.acme.sh/${DOMAIN}_ecc/ca.cer ]] || {
452 | colorEcho $RED " 获取证书失败,请复制上面的红色文字到 https://hijk.art 反馈"
453 | exit 1
454 | }
455 | CERT_FILE="/usr/local/etc/xray/${DOMAIN}.pem"
456 | KEY_FILE="/usr/local/etc/xray/${DOMAIN}.key"
457 | ~/.acme.sh/acme.sh --install-cert -d $DOMAIN --ecc \
458 | --key-file $KEY_FILE \
459 | --fullchain-file $CERT_FILE \
460 | --reloadcmd "service nginx force-reload"
461 | [[ -f $CERT_FILE && -f $KEY_FILE ]] || {
462 | colorEcho $RED " 获取证书失败,请到 https://hijk.art 反馈"
463 | exit 1
464 | }
465 | else
466 | cp ~/xray.pem /usr/local/etc/xray/${DOMAIN}.pem
467 | cp ~/xray.key /usr/local/etc/xray/${DOMAIN}.key
468 | fi
469 | }
470 |
471 | configNginx() {
472 | mkdir -p /usr/share/nginx/html
473 | if [[ "$ALLOW_SPIDER" == "n" ]]; then
474 | echo 'User-Agent: *' >/usr/share/nginx/html/robots.txt
475 | echo 'Disallow: /' >>/usr/share/nginx/html/robots.txt
476 | ROBOT_CONFIG=" location = /robots.txt {}"
477 | else
478 | ROBOT_CONFIG=""
479 | fi
480 |
481 | if [[ "$BT" == "false" ]]; then
482 | if [[ ! -f /etc/nginx/nginx.conf.bak ]]; then
483 | mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
484 | fi
485 | res=$(id nginx 2>/dev/null)
486 | if [[ "$?" != "0" ]]; then
487 | user="www-data"
488 | else
489 | user="nginx"
490 | fi
491 | cat >/etc/nginx/nginx.conf <<-EOF
492 | user $user;
493 | worker_processes auto;
494 | error_log /var/log/nginx/error.log;
495 | pid /run/nginx.pid;
496 |
497 | # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
498 | include /usr/share/nginx/modules/*.conf;
499 |
500 | events {
501 | worker_connections 1024;
502 | }
503 |
504 | http {
505 | log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
506 | '\$status \$body_bytes_sent "\$http_referer" '
507 | '"\$http_user_agent" "\$http_x_forwarded_for"';
508 |
509 | access_log /var/log/nginx/access.log main;
510 | server_tokens off;
511 |
512 | sendfile on;
513 | tcp_nopush on;
514 | tcp_nodelay on;
515 | keepalive_timeout 65;
516 | types_hash_max_size 2048;
517 | gzip on;
518 |
519 | include /etc/nginx/mime.types;
520 | default_type application/octet-stream;
521 |
522 | # Load modular configuration files from the /etc/nginx/conf.d directory.
523 | # See http://nginx.org/en/docs/ngx_core_module.html#include
524 | # for more information.
525 | include /etc/nginx/conf.d/*.conf;
526 | }
527 | EOF
528 | fi
529 |
530 | if [[ "$PROXY_URL" == "" ]]; then
531 | action=""
532 | else
533 | action="proxy_ssl_server_name on;
534 | proxy_pass $PROXY_URL;
535 | proxy_set_header Accept-Encoding '';
536 | sub_filter \"$REMOTE_HOST\" \"$DOMAIN\";
537 | sub_filter_once off;"
538 | fi
539 |
540 | if [[ "$TLS" == "true" || "$XTLS" == "true" ]]; then
541 | mkdir -p ${NGINX_CONF_PATH}
542 | # VMESS+WS+TLS
543 | # VLESS+WS+TLS
544 | if [[ "$WS" == "true" ]]; then
545 | cat >${NGINX_CONF_PATH}${DOMAIN}.conf <<-EOF
546 | server {
547 | listen 80;
548 | listen [::]:80;
549 | server_name ${DOMAIN};
550 | return 301 https://\$server_name:${PORT}\$request_uri;
551 | }
552 |
553 | server {
554 | listen ${PORT} ssl http2;
555 | listen [::]:${PORT} ssl http2;
556 | server_name ${DOMAIN};
557 | charset utf-8;
558 |
559 | # ssl配置
560 | ssl_protocols TLSv1.1 TLSv1.2;
561 | ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
562 | ssl_ecdh_curve secp384r1;
563 | ssl_prefer_server_ciphers on;
564 | ssl_session_cache shared:SSL:10m;
565 | ssl_session_timeout 10m;
566 | ssl_session_tickets off;
567 | ssl_certificate $CERT_FILE;
568 | ssl_certificate_key $KEY_FILE;
569 |
570 | root /usr/share/nginx/html;
571 | location / {
572 | $action
573 | }
574 | $ROBOT_CONFIG
575 |
576 | location ${WSPATH} {
577 | proxy_redirect off;
578 | proxy_pass http://127.0.0.1:${XPORT};
579 | proxy_http_version 1.1;
580 | proxy_set_header Upgrade \$http_upgrade;
581 | proxy_set_header Connection "upgrade";
582 | proxy_set_header Host \$host;
583 | proxy_set_header X-Real-IP \$remote_addr;
584 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
585 | }
586 | }
587 | EOF
588 | else
589 | # VLESS+TCP+TLS
590 | # VLESS+TCP+XTLS
591 | # trojan
592 | cat >${NGINX_CONF_PATH}${DOMAIN}.conf <<-EOF
593 | server {
594 | listen 80;
595 | listen [::]:80;
596 | listen 81 http2;
597 | server_name ${DOMAIN};
598 | root /usr/share/nginx/html;
599 | location / {
600 | $action
601 | }
602 | $ROBOT_CONFIG
603 | }
604 | EOF
605 | fi
606 | fi
607 | }
608 |
609 | setSelinux() {
610 | if [[ -s /etc/selinux/config ]] && grep 'SELINUX=enforcing' /etc/selinux/config; then
611 | sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config
612 | setenforce 0
613 | fi
614 | }
615 |
616 | setFirewall() {
617 | res=$(which firewall-cmd 2>/dev/null)
618 | if [[ $? -eq 0 ]]; then
619 | systemctl status firewalld >/dev/null 2>&1
620 | if [[ $? -eq 0 ]]; then
621 | firewall-cmd --permanent --add-service=http
622 | firewall-cmd --permanent --add-service=https
623 | if [[ "$PORT" != "443" ]]; then
624 | firewall-cmd --permanent --add-port=${PORT}/tcp
625 | firewall-cmd --permanent --add-port=${PORT}/udp
626 | fi
627 | firewall-cmd --reload
628 | else
629 | nl=$(iptables -nL | nl | grep FORWARD | awk '{print $1}')
630 | if [[ "$nl" != "3" ]]; then
631 | iptables -I INPUT -p tcp --dport 80 -j ACCEPT
632 | iptables -I INPUT -p tcp --dport 443 -j ACCEPT
633 | if [[ "$PORT" != "443" ]]; then
634 | iptables -I INPUT -p tcp --dport ${PORT} -j ACCEPT
635 | iptables -I INPUT -p udp --dport ${PORT} -j ACCEPT
636 | fi
637 | fi
638 | fi
639 | else
640 | res=$(which iptables 2>/dev/null)
641 | if [[ $? -eq 0 ]]; then
642 | nl=$(iptables -nL | nl | grep FORWARD | awk '{print $1}')
643 | if [[ "$nl" != "3" ]]; then
644 | iptables -I INPUT -p tcp --dport 80 -j ACCEPT
645 | iptables -I INPUT -p tcp --dport 443 -j ACCEPT
646 | if [[ "$PORT" != "443" ]]; then
647 | iptables -I INPUT -p tcp --dport ${PORT} -j ACCEPT
648 | iptables -I INPUT -p udp --dport ${PORT} -j ACCEPT
649 | fi
650 | fi
651 | else
652 | res=$(which ufw 2>/dev/null)
653 | if [[ $? -eq 0 ]]; then
654 | res=$(ufw status | grep -i inactive)
655 | if [[ "$res" == "" ]]; then
656 | ufw allow http/tcp
657 | ufw allow https/tcp
658 | if [[ "$PORT" != "443" ]]; then
659 | ufw allow ${PORT}/tcp
660 | ufw allow ${PORT}/udp
661 | fi
662 | fi
663 | fi
664 | fi
665 | fi
666 | }
667 |
668 | installBBR() {
669 | if [[ "$NEED_BBR" != "y" ]]; then
670 | INSTALL_BBR=false
671 | return
672 | fi
673 | result=$(lsmod | grep bbr)
674 | if [[ "$result" != "" ]]; then
675 | colorEcho $BLUE " BBR模块已安装"
676 | INSTALL_BBR=false
677 | return
678 | fi
679 | res=$(hostnamectl | grep -i openvz)
680 | if [[ "$res" != "" ]]; then
681 | colorEcho $BLUE " openvz机器,跳过安装"
682 | INSTALL_BBR=false
683 | return
684 | fi
685 |
686 | echo "net.core.default_qdisc=fq" >>/etc/sysctl.conf
687 | echo "net.ipv4.tcp_congestion_control=bbr" >>/etc/sysctl.conf
688 | sysctl -p
689 | result=$(lsmod | grep bbr)
690 | if [[ "$result" != "" ]]; then
691 | colorEcho $GREEN " BBR模块已启用"
692 | INSTALL_BBR=false
693 | return
694 | fi
695 |
696 | colorEcho $BLUE " 安装BBR模块..."
697 | if [[ "$PMT" == "yum" ]]; then
698 | if [[ "$V6_PROXY" == "" ]]; then
699 | rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
700 | rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm
701 | $CMD_INSTALL --enablerepo=elrepo-kernel kernel-ml
702 | $CMD_REMOVE kernel-3.*
703 | grub2-set-default 0
704 | echo "tcp_bbr" >>/etc/modules-load.d/modules.conf
705 | INSTALL_BBR=true
706 | fi
707 | else
708 | $CMD_INSTALL --install-recommends linux-generic-hwe-16.04
709 | grub-set-default 0
710 | echo "tcp_bbr" >>/etc/modules-load.d/modules.conf
711 | INSTALL_BBR=true
712 | fi
713 | }
714 |
715 | installXray() {
716 | rm -rf /tmp/xray
717 | mkdir -p /tmp/xray
718 | DOWNLOAD_LINK="${V6_PROXY}https://github.com/XTLS/Xray-core/releases/download/${NEW_VER}/Xray-linux-$(archAffix).zip"
719 | colorEcho $BLUE " 下载Xray: ${DOWNLOAD_LINK}"
720 | curl -L -H "Cache-Control: no-cache" -o /tmp/xray/xray.zip ${DOWNLOAD_LINK}
721 | if [ $? != 0 ]; then
722 | colorEcho $RED " 下载Xray文件失败,请检查服务器网络设置"
723 | exit 1
724 | fi
725 | systemctl stop xray
726 | mkdir -p /usr/local/etc/xray /usr/local/share/xray && \
727 | unzip /tmp/xray/xray.zip -d /tmp/xray
728 | cp /tmp/xray/xray /usr/local/bin
729 | cp /tmp/xray/geo* /usr/local/share/xray
730 | chmod +x /usr/local/bin/xray || {
731 | colorEcho $RED " Xray安装失败"
732 | exit 1
733 | }
734 |
735 | cat >/etc/systemd/system/xray.service <<-EOF
736 | [Unit]
737 | Description=Xray Service
738 | Documentation=https://github.com/xtls https://hijk.art
739 | After=network.target nss-lookup.target
740 |
741 | [Service]
742 | User=root
743 | #User=nobody
744 | #CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
745 | #AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
746 | NoNewPrivileges=true
747 | ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/config.json
748 | Restart=on-failure
749 | RestartPreventExitStatus=23
750 |
751 | [Install]
752 | WantedBy=multi-user.target
753 | EOF
754 | systemctl daemon-reload
755 | systemctl enable xray.service
756 | }
757 |
758 | trojanConfig() {
759 | cat >$CONFIG_FILE <<-EOF
760 | {
761 | "inbounds": [{
762 | "port": $PORT,
763 | "protocol": "trojan",
764 | "settings": {
765 | "clients": [
766 | {
767 | "password": "$PASSWORD"
768 | }
769 | ],
770 | "fallbacks": [
771 | {
772 | "alpn": "http/1.1",
773 | "dest": 80
774 | },
775 | {
776 | "alpn": "h2",
777 | "dest": 81
778 | }
779 | ]
780 | },
781 | "streamSettings": {
782 | "network": "tcp",
783 | "security": "tls",
784 | "tlsSettings": {
785 | "serverName": "$DOMAIN",
786 | "alpn": ["http/1.1", "h2"],
787 | "certificates": [
788 | {
789 | "certificateFile": "$CERT_FILE",
790 | "keyFile": "$KEY_FILE"
791 | }
792 | ]
793 | }
794 | }
795 | }],
796 | "outbounds": [{
797 | "protocol": "freedom",
798 | "settings": {}
799 | },{
800 | "protocol": "blackhole",
801 | "settings": {},
802 | "tag": "blocked"
803 | }]
804 | }
805 | EOF
806 | }
807 |
808 | trojanXTLSConfig() {
809 | cat >$CONFIG_FILE <<-EOF
810 | {
811 | "inbounds": [{
812 | "port": $PORT,
813 | "protocol": "trojan",
814 | "settings": {
815 | "clients": [
816 | {
817 | "password": "$PASSWORD",
818 | "flow": "$FLOW"
819 | }
820 | ],
821 | "fallbacks": [
822 | {
823 | "alpn": "http/1.1",
824 | "dest": 80
825 | },
826 | {
827 | "alpn": "h2",
828 | "dest": 81
829 | }
830 | ]
831 | },
832 | "streamSettings": {
833 | "network": "tcp",
834 | "security": "xtls",
835 | "xtlsSettings": {
836 | "serverName": "$DOMAIN",
837 | "alpn": ["http/1.1", "h2"],
838 | "certificates": [
839 | {
840 | "certificateFile": "$CERT_FILE",
841 | "keyFile": "$KEY_FILE"
842 | }
843 | ]
844 | }
845 | }
846 | }],
847 | "outbounds": [{
848 | "protocol": "freedom",
849 | "settings": {}
850 | },{
851 | "protocol": "blackhole",
852 | "settings": {},
853 | "tag": "blocked"
854 | }]
855 | }
856 | EOF
857 | }
858 |
859 | vmessConfig() {
860 | local uuid="$(cat '/proc/sys/kernel/random/uuid')"
861 | local alterid=$(shuf -i50-80 -n1)
862 | cat >$CONFIG_FILE <<-EOF
863 | {
864 | "inbounds": [{
865 | "port": $PORT,
866 | "protocol": "vmess",
867 | "settings": {
868 | "clients": [
869 | {
870 | "id": "$uuid",
871 | "level": 1,
872 | "alterId": $alterid
873 | }
874 | ]
875 | }
876 | }],
877 | "outbounds": [{
878 | "protocol": "freedom",
879 | "settings": {}
880 | },{
881 | "protocol": "blackhole",
882 | "settings": {},
883 | "tag": "blocked"
884 | }]
885 | }
886 | EOF
887 | }
888 |
889 | vmessKCPConfig() {
890 | local uuid="$(cat '/proc/sys/kernel/random/uuid')"
891 | local alterid=$(shuf -i50-80 -n1)
892 | cat >$CONFIG_FILE <<-EOF
893 | {
894 | "inbounds": [{
895 | "port": $PORT,
896 | "protocol": "vmess",
897 | "settings": {
898 | "clients": [
899 | {
900 | "id": "$uuid",
901 | "level": 1,
902 | "alterId": $alterid
903 | }
904 | ]
905 | },
906 | "streamSettings": {
907 | "network": "mkcp",
908 | "kcpSettings": {
909 | "uplinkCapacity": 100,
910 | "downlinkCapacity": 100,
911 | "congestion": true,
912 | "header": {
913 | "type": "$HEADER_TYPE"
914 | },
915 | "seed": "$SEED"
916 | }
917 | }
918 | }],
919 | "outbounds": [{
920 | "protocol": "freedom",
921 | "settings": {}
922 | },{
923 | "protocol": "blackhole",
924 | "settings": {},
925 | "tag": "blocked"
926 | }]
927 | }
928 | EOF
929 | }
930 |
931 | vmessTLSConfig() {
932 | local uuid="$(cat '/proc/sys/kernel/random/uuid')"
933 | cat >$CONFIG_FILE <<-EOF
934 | {
935 | "inbounds": [{
936 | "port": $PORT,
937 | "protocol": "vmess",
938 | "settings": {
939 | "clients": [
940 | {
941 | "id": "$uuid",
942 | "level": 1,
943 | "alterId": 0
944 | }
945 | ],
946 | "disableInsecureEncryption": false
947 | },
948 | "streamSettings": {
949 | "network": "tcp",
950 | "security": "tls",
951 | "tlsSettings": {
952 | "serverName": "$DOMAIN",
953 | "alpn": ["http/1.1", "h2"],
954 | "certificates": [
955 | {
956 | "certificateFile": "$CERT_FILE",
957 | "keyFile": "$KEY_FILE"
958 | }
959 | ]
960 | }
961 | }
962 | }],
963 | "outbounds": [{
964 | "protocol": "freedom",
965 | "settings": {}
966 | },{
967 | "protocol": "blackhole",
968 | "settings": {},
969 | "tag": "blocked"
970 | }]
971 | }
972 | EOF
973 | }
974 |
975 | vmessWSConfig() {
976 | local uuid="$(cat '/proc/sys/kernel/random/uuid')"
977 | cat >$CONFIG_FILE <<-EOF
978 | {
979 | "inbounds": [{
980 | "port": $XPORT,
981 | "listen": "127.0.0.1",
982 | "protocol": "vmess",
983 | "settings": {
984 | "clients": [
985 | {
986 | "id": "$uuid",
987 | "level": 1,
988 | "alterId": 0
989 | }
990 | ],
991 | "disableInsecureEncryption": false
992 | },
993 | "streamSettings": {
994 | "network": "ws",
995 | "wsSettings": {
996 | "path": "$WSPATH",
997 | "headers": {
998 | "Host": "$DOMAIN"
999 | }
1000 | }
1001 | }
1002 | }],
1003 | "outbounds": [{
1004 | "protocol": "freedom",
1005 | "settings": {}
1006 | },{
1007 | "protocol": "blackhole",
1008 | "settings": {},
1009 | "tag": "blocked"
1010 | }]
1011 | }
1012 | EOF
1013 | }
1014 |
1015 | vlessTLSConfig() {
1016 | local uuid="$(cat '/proc/sys/kernel/random/uuid')"
1017 | cat >$CONFIG_FILE <<-EOF
1018 | {
1019 | "inbounds": [{
1020 | "port": $PORT,
1021 | "protocol": "vless",
1022 | "settings": {
1023 | "clients": [
1024 | {
1025 | "id": "$uuid",
1026 | "level": 0
1027 | }
1028 | ],
1029 | "decryption": "none",
1030 | "fallbacks": [
1031 | {
1032 | "alpn": "http/1.1",
1033 | "dest": 80
1034 | },
1035 | {
1036 | "alpn": "h2",
1037 | "dest": 81
1038 | }
1039 | ]
1040 | },
1041 | "streamSettings": {
1042 | "network": "tcp",
1043 | "security": "tls",
1044 | "tlsSettings": {
1045 | "serverName": "$DOMAIN",
1046 | "alpn": ["http/1.1", "h2"],
1047 | "certificates": [
1048 | {
1049 | "certificateFile": "$CERT_FILE",
1050 | "keyFile": "$KEY_FILE"
1051 | }
1052 | ]
1053 | }
1054 | }
1055 | }],
1056 | "outbounds": [{
1057 | "protocol": "freedom",
1058 | "settings": {}
1059 | },{
1060 | "protocol": "blackhole",
1061 | "settings": {},
1062 | "tag": "blocked"
1063 | }]
1064 | }
1065 | EOF
1066 | }
1067 |
1068 | vlessXTLSConfig() {
1069 | local uuid="$(cat '/proc/sys/kernel/random/uuid')"
1070 | cat >$CONFIG_FILE <<-EOF
1071 | {
1072 | "inbounds": [{
1073 | "port": $PORT,
1074 | "protocol": "vless",
1075 | "settings": {
1076 | "clients": [
1077 | {
1078 | "id": "$uuid",
1079 | "flow": "$FLOW",
1080 | "level": 0
1081 | }
1082 | ],
1083 | "decryption": "none",
1084 | "fallbacks": [
1085 | {
1086 | "alpn": "http/1.1",
1087 | "dest": 80
1088 | },
1089 | {
1090 | "alpn": "h2",
1091 | "dest": 81
1092 | }
1093 | ]
1094 | },
1095 | "streamSettings": {
1096 | "network": "tcp",
1097 | "security": "xtls",
1098 | "xtlsSettings": {
1099 | "serverName": "$DOMAIN",
1100 | "alpn": ["http/1.1", "h2"],
1101 | "certificates": [
1102 | {
1103 | "certificateFile": "$CERT_FILE",
1104 | "keyFile": "$KEY_FILE"
1105 | }
1106 | ]
1107 | }
1108 | }
1109 | }],
1110 | "outbounds": [{
1111 | "protocol": "freedom",
1112 | "settings": {}
1113 | },{
1114 | "protocol": "blackhole",
1115 | "settings": {},
1116 | "tag": "blocked"
1117 | }]
1118 | }
1119 | EOF
1120 | }
1121 |
1122 | vlessWSConfig() {
1123 | local uuid="$(cat '/proc/sys/kernel/random/uuid')"
1124 | cat >$CONFIG_FILE <<-EOF
1125 | {
1126 | "inbounds": [{
1127 | "port": $XPORT,
1128 | "listen": "127.0.0.1",
1129 | "protocol": "vless",
1130 | "settings": {
1131 | "clients": [
1132 | {
1133 | "id": "$uuid",
1134 | "level": 0
1135 | }
1136 | ],
1137 | "decryption": "none"
1138 | },
1139 | "streamSettings": {
1140 | "network": "ws",
1141 | "security": "none",
1142 | "wsSettings": {
1143 | "path": "$WSPATH",
1144 | "headers": {
1145 | "Host": "$DOMAIN"
1146 | }
1147 | }
1148 | }
1149 | }],
1150 | "outbounds": [{
1151 | "protocol": "freedom",
1152 | "settings": {}
1153 | },{
1154 | "protocol": "blackhole",
1155 | "settings": {},
1156 | "tag": "blocked"
1157 | }]
1158 | }
1159 | EOF
1160 | }
1161 |
1162 | vlessKCPConfig() {
1163 | local uuid="$(cat '/proc/sys/kernel/random/uuid')"
1164 | cat >$CONFIG_FILE <<-EOF
1165 | {
1166 | "inbounds": [{
1167 | "port": $PORT,
1168 | "protocol": "vless",
1169 | "settings": {
1170 | "clients": [
1171 | {
1172 | "id": "$uuid",
1173 | "level": 0
1174 | }
1175 | ],
1176 | "decryption": "none"
1177 | },
1178 | "streamSettings": {
1179 | "streamSettings": {
1180 | "network": "mkcp",
1181 | "kcpSettings": {
1182 | "uplinkCapacity": 100,
1183 | "downlinkCapacity": 100,
1184 | "congestion": true,
1185 | "header": {
1186 | "type": "$HEADER_TYPE"
1187 | },
1188 | "seed": "$SEED"
1189 | }
1190 | }
1191 | }
1192 | }],
1193 | "outbounds": [{
1194 | "protocol": "freedom",
1195 | "settings": {}
1196 | },{
1197 | "protocol": "blackhole",
1198 | "settings": {},
1199 | "tag": "blocked"
1200 | }]
1201 | }
1202 | EOF
1203 | }
1204 |
1205 | configXray() {
1206 | mkdir -p /usr/local/xray
1207 | if [[ "$TROJAN" == "true" ]]; then
1208 | if [[ "$XTLS" == "true" ]]; then
1209 | trojanXTLSConfig
1210 | else
1211 | trojanConfig
1212 | fi
1213 | return 0
1214 | fi
1215 | if [[ "$VLESS" == "false" ]]; then
1216 | # VMESS + kcp
1217 | if [[ "$KCP" == "true" ]]; then
1218 | vmessKCPConfig
1219 | return 0
1220 | fi
1221 | # VMESS
1222 | if [[ "$TLS" == "false" ]]; then
1223 | vmessConfig
1224 | elif [[ "$WS" == "false" ]]; then
1225 | # VMESS+TCP+TLS
1226 | vmessTLSConfig
1227 | # VMESS+WS+TLS
1228 | else
1229 | vmessWSConfig
1230 | fi
1231 | #VLESS
1232 | else
1233 | if [[ "$KCP" == "true" ]]; then
1234 | vlessKCPConfig
1235 | return 0
1236 | fi
1237 | # VLESS+TCP
1238 | if [[ "$WS" == "false" ]]; then
1239 | # VLESS+TCP+TLS
1240 | if [[ "$XTLS" == "false" ]]; then
1241 | vlessTLSConfig
1242 | # VLESS+TCP+XTLS
1243 | else
1244 | vlessXTLSConfig
1245 | fi
1246 | # VLESS+WS+TLS
1247 | else
1248 | vlessWSConfig
1249 | fi
1250 | fi
1251 | }
1252 |
1253 | install() {
1254 | getData
1255 |
1256 | $PMT clean all
1257 | [[ "$PMT" == "apt" ]] && $PMT update
1258 | #echo $CMD_UPGRADE | bash
1259 | $CMD_INSTALL wget vim unzip tar gcc openssl
1260 | $CMD_INSTALL net-tools
1261 | if [[ "$PMT" == "apt" ]]; then
1262 | $CMD_INSTALL libssl-dev g++
1263 | fi
1264 | res=$(which unzip 2>/dev/null)
1265 | if [[ $? -ne 0 ]]; then
1266 | colorEcho $RED " unzip安装失败,请检查网络"
1267 | exit 1
1268 | fi
1269 |
1270 | installNginx
1271 | setFirewall
1272 | if [[ "$TLS" == "true" || "$XTLS" == "true" ]]; then
1273 | getCert
1274 | fi
1275 | configNginx
1276 |
1277 | colorEcho $BLUE " 安装Xray..."
1278 | getVersion
1279 | RETVAL="$?"
1280 | if [[ $RETVAL == 0 ]]; then
1281 | colorEcho $BLUE " Xray最新版 ${CUR_VER} 已经安装"
1282 | elif [[ $RETVAL == 3 ]]; then
1283 | exit 1
1284 | else
1285 | colorEcho $BLUE " 安装Xray ${NEW_VER} ,架构$(archAffix)"
1286 | installXray
1287 | fi
1288 |
1289 | configXray
1290 |
1291 | setSelinux
1292 | installBBR
1293 |
1294 | start
1295 | showInfo
1296 |
1297 | bbrReboot
1298 | }
1299 |
1300 | bbrReboot() {
1301 | if [[ "${INSTALL_BBR}" == "true" ]]; then
1302 | echo
1303 | echo " 为使BBR模块生效,系统将在30秒后重启"
1304 | echo
1305 | echo -e " 您可以按 ctrl + c 取消重启,稍后输入 ${RED}reboot${PLAIN} 重启系统"
1306 | sleep 30
1307 | reboot
1308 | fi
1309 | }
1310 |
1311 | update() {
1312 | res=$(status)
1313 | if [[ $res -lt 2 ]]; then
1314 | colorEcho $RED " Xray未安装,请先安装!"
1315 | return
1316 | fi
1317 |
1318 | getVersion
1319 | RETVAL="$?"
1320 | if [[ $RETVAL == 0 ]]; then
1321 | colorEcho $BLUE " Xray最新版 ${CUR_VER} 已经安装"
1322 | elif [[ $RETVAL == 3 ]]; then
1323 | exit 1
1324 | else
1325 | colorEcho $BLUE " 安装Xray ${NEW_VER} ,架构$(archAffix)"
1326 | installXray
1327 | stop
1328 | start
1329 |
1330 | colorEcho $GREEN " 最新版Xray安装成功!"
1331 | fi
1332 | }
1333 |
1334 | uninstall() {
1335 | res=$(status)
1336 | if [[ $res -lt 2 ]]; then
1337 | colorEcho $RED " Xray未安装,请先安装!"
1338 | return
1339 | fi
1340 |
1341 | echo ""
1342 | read -p " 确定卸载Xray?[y/n]:" answer
1343 | if [[ "${answer,,}" == "y" ]]; then
1344 | domain=$(grep Host $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1345 | if [[ "$domain" == "" ]]; then
1346 | domain=$(grep serverName $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1347 | fi
1348 |
1349 | stop
1350 | systemctl disable xray
1351 | rm -rf /etc/systemd/system/xray.service
1352 | rm -rf /usr/local/bin/xray
1353 | rm -rf /usr/local/etc/xray
1354 |
1355 | if [[ "$BT" == "false" ]]; then
1356 | systemctl disable nginx
1357 | $CMD_REMOVE nginx
1358 | if [[ "$PMT" == "apt" ]]; then
1359 | $CMD_REMOVE nginx-common
1360 | fi
1361 | rm -rf /etc/nginx/nginx.conf
1362 | if [[ -f /etc/nginx/nginx.conf.bak ]]; then
1363 | mv /etc/nginx/nginx.conf.bak /etc/nginx/nginx.conf
1364 | fi
1365 | fi
1366 | if [[ "$domain" != "" ]]; then
1367 | rm -rf ${NGINX_CONF_PATH}${domain}.conf
1368 | fi
1369 | [[ -f ~/.acme.sh/acme.sh ]] && ~/.acme.sh/acme.sh --uninstall
1370 | colorEcho $GREEN " Xray卸载成功"
1371 | fi
1372 | }
1373 |
1374 | start() {
1375 | res=$(status)
1376 | if [[ $res -lt 2 ]]; then
1377 | colorEcho $RED " Xray未安装,请先安装!"
1378 | return
1379 | fi
1380 | stopNginx
1381 | startNginx
1382 | systemctl restart xray
1383 | sleep 2
1384 |
1385 | port=$(grep port $CONFIG_FILE | head -n 1 | cut -d: -f2 | tr -d \",' ')
1386 | res=$(ss -nutlp | grep ${port} | grep -i xray)
1387 | if [[ "$res" == "" ]]; then
1388 | colorEcho $RED " Xray启动失败,请检查日志或查看端口是否被占用!"
1389 | else
1390 | colorEcho $BLUE " Xray启动成功"
1391 | fi
1392 | }
1393 |
1394 | stop() {
1395 | stopNginx
1396 | systemctl stop xray
1397 | colorEcho $BLUE " Xray停止成功"
1398 | }
1399 |
1400 | restart() {
1401 | res=$(status)
1402 | if [[ $res -lt 2 ]]; then
1403 | colorEcho $RED " Xray未安装,请先安装!"
1404 | return
1405 | fi
1406 |
1407 | stop
1408 | start
1409 | }
1410 |
1411 | getConfigFileInfo() {
1412 | vless="false"
1413 | tls="false"
1414 | ws="false"
1415 | xtls="false"
1416 | trojan="false"
1417 | protocol="VMess"
1418 | kcp="false"
1419 |
1420 | uid=$(grep id $CONFIG_FILE | head -n1 | cut -d: -f2 | tr -d \",' ')
1421 | alterid=$(grep alterId $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1422 | network=$(grep network $CONFIG_FILE | tail -n1 | cut -d: -f2 | tr -d \",' ')
1423 | [[ -z "$network" ]] && network="tcp"
1424 | domain=$(grep serverName $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1425 | if [[ "$domain" == "" ]]; then
1426 | domain=$(grep Host $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1427 | if [[ "$domain" != "" ]]; then
1428 | ws="true"
1429 | tls="true"
1430 | wspath=$(grep path $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1431 | fi
1432 | else
1433 | tls="true"
1434 | fi
1435 | if [[ "$ws" == "true" ]]; then
1436 | port=$(grep -i ssl $NGINX_CONF_PATH${domain}.conf | head -n1 | awk '{print $2}')
1437 | else
1438 | port=$(grep port $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1439 | fi
1440 | res=$(grep -i kcp $CONFIG_FILE)
1441 | if [[ "$res" != "" ]]; then
1442 | kcp="true"
1443 | type=$(grep header -A 3 $CONFIG_FILE | grep 'type' | cut -d: -f2 | tr -d \",' ')
1444 | seed=$(grep seed $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1445 | fi
1446 |
1447 | vmess=$(grep vmess $CONFIG_FILE)
1448 | if [[ "$vmess" == "" ]]; then
1449 | trojan=$(grep trojan $CONFIG_FILE)
1450 | if [[ "$trojan" == "" ]]; then
1451 | vless="true"
1452 | protocol="VLESS"
1453 | else
1454 | trojan="true"
1455 | password=$(grep password $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1456 | protocol="trojan"
1457 | fi
1458 | tls="true"
1459 | encryption="none"
1460 | xtls=$(grep xtlsSettings $CONFIG_FILE)
1461 | if [[ "$xtls" != "" ]]; then
1462 | xtls="true"
1463 | flow=$(grep flow $CONFIG_FILE | cut -d: -f2 | tr -d \",' ')
1464 | else
1465 | flow="无"
1466 | fi
1467 | fi
1468 | }
1469 |
1470 | outputVmess() {
1471 | raw="{
1472 | \"v\":\"2\",
1473 | \"ps\":\"\",
1474 | \"add\":\"$IP\",
1475 | \"port\":\"${port}\",
1476 | \"id\":\"${uid}\",
1477 | \"aid\":\"$alterid\",
1478 | \"net\":\"tcp\",
1479 | \"type\":\"none\",
1480 | \"host\":\"\",
1481 | \"path\":\"\",
1482 | \"tls\":\"\"
1483 | }"
1484 | link=$(echo -n ${raw} | base64 -w 0)
1485 | link="vmess://${link}"
1486 |
1487 | echo -e " ${BLUE}IP(address): ${PLAIN} ${RED}${IP}${PLAIN}"
1488 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1489 | echo -e " ${BLUE}id(uuid):${PLAIN}${RED}${uid}${PLAIN}"
1490 | echo -e " ${BLUE}额外id(alterid):${PLAIN} ${RED}${alterid}${PLAIN}"
1491 | echo -e " ${BLUE}加密方式(security):${PLAIN} ${RED}auto${PLAIN}"
1492 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1493 | echo -e " ${BLUE}vmess链接:${PLAIN} $RED$link$PLAIN"
1494 | }
1495 |
1496 | outputVmessKCP() {
1497 | echo -e " ${BLUE}IP(address): ${PLAIN} ${RED}${IP}${PLAIN}"
1498 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1499 | echo -e " ${BLUE}id(uuid):${PLAIN}${RED}${uid}${PLAIN}"
1500 | echo -e " ${BLUE}额外id(alterid):${PLAIN} ${RED}${alterid}${PLAIN}"
1501 | echo -e " ${BLUE}加密方式(security):${PLAIN} ${RED}auto${PLAIN}"
1502 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1503 | echo -e " ${BLUE}伪装类型(type):${PLAIN} ${RED}${type}${PLAIN}"
1504 | echo -e " ${BLUE}mkcp seed:${PLAIN} ${RED}${seed}${PLAIN}"
1505 | }
1506 |
1507 | outputTrojan() {
1508 | if [[ "$xtls" == "true" ]]; then
1509 | echo -e " ${BLUE}IP/域名(address): ${PLAIN} ${RED}${domain}${PLAIN}"
1510 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1511 | echo -e " ${BLUE}密码(password):${PLAIN}${RED}${password}${PLAIN}"
1512 | echo -e " ${BLUE}流控(flow):${PLAIN}$RED$flow${PLAIN}"
1513 | echo -e " ${BLUE}加密(encryption):${PLAIN} ${RED}none${PLAIN}"
1514 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1515 | echo -e " ${BLUE}底层安全传输(tls):${PLAIN}${RED}XTLS${PLAIN}"
1516 | else
1517 | echo -e " ${BLUE}IP/域名(address): ${PLAIN} ${RED}${domain}${PLAIN}"
1518 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1519 | echo -e " ${BLUE}密码(password):${PLAIN}${RED}${password}${PLAIN}"
1520 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1521 | echo -e " ${BLUE}底层安全传输(tls):${PLAIN}${RED}TLS${PLAIN}"
1522 | fi
1523 | }
1524 |
1525 | outputVmessTLS() {
1526 | raw="{
1527 | \"v\":\"2\",
1528 | \"ps\":\"\",
1529 | \"add\":\"$IP\",
1530 | \"port\":\"${port}\",
1531 | \"id\":\"${uid}\",
1532 | \"aid\":\"$alterid\",
1533 | \"net\":\"${network}\",
1534 | \"type\":\"none\",
1535 | \"host\":\"${domain}\",
1536 | \"path\":\"\",
1537 | \"tls\":\"tls\"
1538 | }"
1539 | link=$(echo -n ${raw} | base64 -w 0)
1540 | link="vmess://${link}"
1541 | echo -e " ${BLUE}IP(address): ${PLAIN} ${RED}${IP}${PLAIN}"
1542 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1543 | echo -e " ${BLUE}id(uuid):${PLAIN}${RED}${uid}${PLAIN}"
1544 | echo -e " ${BLUE}额外id(alterid):${PLAIN} ${RED}${alterid}${PLAIN}"
1545 | echo -e " ${BLUE}加密方式(security):${PLAIN} ${RED}none${PLAIN}"
1546 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1547 | echo -e " ${BLUE}伪装域名/主机名(host)/SNI/peer名称:${PLAIN}${RED}${domain}${PLAIN}"
1548 | echo -e " ${BLUE}底层安全传输(tls):${PLAIN}${RED}TLS${PLAIN}"
1549 | echo -e " ${BLUE}vmess链接: ${PLAIN}$RED$link$PLAIN"
1550 | }
1551 |
1552 | outputVmessWS() {
1553 | raw="{
1554 | \"v\":\"2\",
1555 | \"ps\":\"\",
1556 | \"add\":\"$IP\",
1557 | \"port\":\"${port}\",
1558 | \"id\":\"${uid}\",
1559 | \"aid\":\"$alterid\",
1560 | \"net\":\"${network}\",
1561 | \"type\":\"none\",
1562 | \"host\":\"${domain}\",
1563 | \"path\":\"${wspath}\",
1564 | \"tls\":\"tls\"
1565 | }"
1566 | link=$(echo -n ${raw} | base64 -w 0)
1567 | link="vmess://${link}"
1568 |
1569 | echo -e " ${BLUE}IP(address): ${PLAIN} ${RED}${IP}${PLAIN}"
1570 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1571 | echo -e " ${BLUE}id(uuid):${PLAIN}${RED}${uid}${PLAIN}"
1572 | echo -e " ${BLUE}额外id(alterid):${PLAIN} ${RED}${alterid}${PLAIN}"
1573 | echo -e " ${BLUE}加密方式(security):${PLAIN} ${RED}none${PLAIN}"
1574 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1575 | echo -e " ${BLUE}伪装类型(type):${PLAIN}${RED}none$PLAIN"
1576 | echo -e " ${BLUE}伪装域名/主机名(host)/SNI/peer名称:${PLAIN}${RED}${domain}${PLAIN}"
1577 | echo -e " ${BLUE}路径(path):${PLAIN}${RED}${wspath}${PLAIN}"
1578 | echo -e " ${BLUE}底层安全传输(tls):${PLAIN}${RED}TLS${PLAIN}"
1579 | echo -e " ${BLUE}vmess链接:${PLAIN} $RED$link$PLAIN"
1580 | }
1581 |
1582 | showInfo() {
1583 | res=$(status)
1584 | if [[ $res -lt 2 ]]; then
1585 | colorEcho $RED " Xray未安装,请先安装!"
1586 | return
1587 | fi
1588 |
1589 | echo ""
1590 | echo -n -e " ${BLUE}Xray运行状态:${PLAIN}"
1591 | statusText
1592 | echo -e " ${BLUE}Xray配置文件: ${PLAIN} ${RED}${CONFIG_FILE}${PLAIN}"
1593 | colorEcho $BLUE " Xray配置信息:"
1594 |
1595 | getConfigFileInfo
1596 |
1597 | echo -e " ${BLUE}协议: ${PLAIN} ${RED}${protocol}${PLAIN}"
1598 | if [[ "$trojan" == "true" ]]; then
1599 | outputTrojan
1600 | return 0
1601 | fi
1602 | if [[ "$vless" == "false" ]]; then
1603 | if [[ "$kcp" == "true" ]]; then
1604 | outputVmessKCP
1605 | return 0
1606 | fi
1607 | if [[ "$tls" == "false" ]]; then
1608 | outputVmess
1609 | elif [[ "$ws" == "false" ]]; then
1610 | outputVmessTLS
1611 | else
1612 | outputVmessWS
1613 | fi
1614 | else
1615 | if [[ "$kcp" == "true" ]]; then
1616 | echo -e " ${BLUE}IP(address): ${PLAIN} ${RED}${IP}${PLAIN}"
1617 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1618 | echo -e " ${BLUE}id(uuid):${PLAIN}${RED}${uid}${PLAIN}"
1619 | echo -e " ${BLUE}加密(encryption):${PLAIN} ${RED}none${PLAIN}"
1620 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1621 | echo -e " ${BLUE}伪装类型(type):${PLAIN} ${RED}${type}${PLAIN}"
1622 | echo -e " ${BLUE}mkcp seed:${PLAIN} ${RED}${seed}${PLAIN}"
1623 | return 0
1624 | fi
1625 | if [[ "$xtls" == "true" ]]; then
1626 | echo -e " ${BLUE}IP(address): ${PLAIN} ${RED}${IP}${PLAIN}"
1627 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1628 | echo -e " ${BLUE}id(uuid):${PLAIN}${RED}${uid}${PLAIN}"
1629 | echo -e " ${BLUE}流控(flow):${PLAIN}$RED$flow${PLAIN}"
1630 | echo -e " ${BLUE}加密(encryption):${PLAIN} ${RED}none${PLAIN}"
1631 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1632 | echo -e " ${BLUE}伪装类型(type):${PLAIN}${RED}none$PLAIN"
1633 | echo -e " ${BLUE}伪装域名/主机名(host)/SNI/peer名称:${PLAIN}${RED}${domain}${PLAIN}"
1634 | echo -e " ${BLUE}底层安全传输(tls):${PLAIN}${RED}XTLS${PLAIN}"
1635 | elif [[ "$ws" == "false" ]]; then
1636 | echo -e " ${BLUE}IP(address): ${PLAIN}${RED}${IP}${PLAIN}"
1637 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1638 | echo -e " ${BLUE}id(uuid):${PLAIN}${RED}${uid}${PLAIN}"
1639 | echo -e " ${BLUE}流控(flow):${PLAIN}$RED$flow${PLAIN}"
1640 | echo -e " ${BLUE}加密(encryption):${PLAIN} ${RED}none${PLAIN}"
1641 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1642 | echo -e " ${BLUE}伪装类型(type):${PLAIN}${RED}none$PLAIN"
1643 | echo -e " ${BLUE}伪装域名/主机名(host)/SNI/peer名称:${PLAIN}${RED}${domain}${PLAIN}"
1644 | echo -e " ${BLUE}底层安全传输(tls):${PLAIN}${RED}TLS${PLAIN}"
1645 | else
1646 | echo -e " ${BLUE}IP(address): ${PLAIN} ${RED}${IP}${PLAIN}"
1647 | echo -e " ${BLUE}端口(port):${PLAIN}${RED}${port}${PLAIN}"
1648 | echo -e " ${BLUE}id(uuid):${PLAIN}${RED}${uid}${PLAIN}"
1649 | echo -e " ${BLUE}流控(flow):${PLAIN}$RED$flow${PLAIN}"
1650 | echo -e " ${BLUE}加密(encryption):${PLAIN} ${RED}none${PLAIN}"
1651 | echo -e " ${BLUE}传输协议(network):${PLAIN} ${RED}${network}${PLAIN}"
1652 | echo -e " ${BLUE}伪装类型(type):${PLAIN}${RED}none$PLAIN"
1653 | echo -e " ${BLUE}伪装域名/主机名(host)/SNI/peer名称:${PLAIN}${RED}${domain}${PLAIN}"
1654 | echo -e " ${BLUE}路径(path):${PLAIN}${RED}${wspath}${PLAIN}"
1655 | echo -e " ${BLUE}底层安全传输(tls):${PLAIN}${RED}TLS${PLAIN}"
1656 | fi
1657 | fi
1658 | }
1659 |
1660 | showLog() {
1661 | res=$(status)
1662 | [[ $res -lt 2 ]] && colorEcho $RED " Xray未安装,请先安装!" && return
1663 | journalctl -xen -u xray --no-pager
1664 | }
1665 |
1666 | menu() {
1667 | clear
1668 | echo "#############################################################"
1669 | echo -e "# ${RED}Xray一键安装脚本${PLAIN} #"
1670 | echo -e "# ${GREEN}作者${PLAIN}: 网络跳越(hijk) & MisakaNo #"
1671 | echo -e "# ${GREEN}博客${PLAIN}: https://owo.misaka.rest #"
1672 | echo -e "# ${GREEN}TG群${PLAIN}: https://t.me/misakanetcn #"
1673 | echo "#############################################################"
1674 | echo -e " ${GREEN}1.${PLAIN} 安装Xray-VMESS"
1675 | echo -e " ${GREEN}2.${PLAIN} 安装Xray-${BLUE}VMESS+mKCP${PLAIN}"
1676 | echo -e " ${GREEN}3.${PLAIN} 安装Xray-VMESS+TCP+TLS"
1677 | echo -e " ${GREEN}4.${PLAIN} 安装Xray-${BLUE}VMESS+WS+TLS${PLAIN}${RED}(推荐)${PLAIN}"
1678 | echo -e " ${GREEN}5.${PLAIN} 安装Xray-${BLUE}VLESS+mKCP${PLAIN}"
1679 | echo -e " ${GREEN}6.${PLAIN} 安装Xray-VLESS+TCP+TLS"
1680 | echo -e " ${GREEN}7.${PLAIN} 安装Xray-${BLUE}VLESS+WS+TLS${PLAIN}${RED}(可过cdn)${PLAIN}"
1681 | echo -e " ${GREEN}8.${PLAIN} 安装Xray-${BLUE}VLESS+TCP+XTLS${PLAIN}${RED}(推荐)${PLAIN}"
1682 | echo -e " ${GREEN}9.${PLAIN} 安装${BLUE}trojan${PLAIN}${RED}(推荐)${PLAIN}"
1683 | echo -e " ${GREEN}10.${PLAIN} 安装${BLUE}trojan+XTLS${PLAIN}${RED}(推荐)${PLAIN}"
1684 | echo " -------------"
1685 | echo -e " ${GREEN}11.${PLAIN} 更新Xray"
1686 | echo -e " ${GREEN}12. ${RED}卸载Xray${PLAIN}"
1687 | echo " -------------"
1688 | echo -e " ${GREEN}13.${PLAIN} 启动Xray"
1689 | echo -e " ${GREEN}14.${PLAIN} 重启Xray"
1690 | echo -e " ${GREEN}15.${PLAIN} 停止Xray"
1691 | echo " -------------"
1692 | echo -e " ${GREEN}16.${PLAIN} 查看Xray配置"
1693 | echo -e " ${GREEN}17.${PLAIN} 查看Xray日志"
1694 | echo " -------------"
1695 | echo -e " ${GREEN}0.${PLAIN} 退出"
1696 | echo -n " 当前状态:"
1697 | statusText
1698 | echo
1699 |
1700 | read -p " 请选择操作[0-17]:" answer
1701 | case $answer in
1702 | 0) exit 1 ;;
1703 | 1) install ;;
1704 | 2) KCP="true" && install ;;
1705 | 3) TLS="true" && install ;;
1706 | 4) TLS="true" && WS="true" && install ;;
1707 | 5) VLESS="true" && KCP="true" && install ;;
1708 | 6) VLESS="true" && TLS="true" && install ;;
1709 | 7) VLESS="true" && TLS="true" && WS="true" && install ;;
1710 | 8) VLESS="true" && TLS="true" && XTLS="true" && install ;;
1711 | 9) TROJAN="true" && TLS="true" && install ;;
1712 | 10) TROJAN="true" && TLS="true" && XTLS="true" && install ;;
1713 | 11) update ;;
1714 | 12) uninstall ;;
1715 | 13) start ;;
1716 | 14) restart ;;
1717 | 15) stop ;;
1718 | 16) showInfo ;;
1719 | 17) showLog ;;
1720 | *) colorEcho $RED " 请选择正确的操作!" && exit 1 ;;
1721 | esac
1722 | }
1723 |
1724 | checkSystem
1725 |
1726 | action=$1
1727 | [[ -z $1 ]] && action=menu
1728 | case "$action" in
1729 | menu | update | uninstall | start | restart | stop | showInfo | showLog)
1730 | ${action}
1731 | ;;
1732 | *)
1733 | echo " 参数错误"
1734 | echo " 用法: $(basename $0) [menu|update|uninstall|start|restart|stop|showInfo|showLog]"
1735 | ;;
1736 | esac
1737 |
--------------------------------------------------------------------------------