├── .editorconfig
├── .github
└── ISSUE_TEMPLATE
│ └── bug-report-----.md
├── .gitignore
├── DNS.md
├── HOWTOUSEGO.md
├── KERNEL.md
├── KERNEL_CN.md
├── LICENSE
├── README.md
├── README2.md
├── README2_CN.md
├── READMEOLD.md
├── TOOL.md
├── TOOL_CN.md
├── acuteangle
├── autorun
├── boot1.jpg
├── boot2.jpg
├── boot3.jpg
├── date.sh
├── img1.jpg
├── img2.jpg
├── img3.jpg
├── img32.jpg
├── img33.jpg
├── img4.jpg
├── local1.jpg
├── local2.jpg
├── mosdns1.jpg
├── mosdns2.jpg
├── pve1.jpg
├── pve2.jpg
├── pve3.jpg
├── pve9.jpg
├── readme.md
├── setup1.jpg
├── setup2.jpg
├── vm1.jpg
├── vm2.jpg
├── vm3.jpg
└── zip1.png
├── bench.sh
├── docs
├── cfcheck1.png
├── cfcheck2.png
├── cfcheck3.png
├── chrome1.png
├── chrome2.png
├── chrome3.png
├── cloudflare1.jpg
├── debian.jpg
├── dns1.png
├── dns2.png
├── dns3.png
├── firefox1.png
├── firefox2.png
├── firefox3.png
├── firefoxesni1.png
├── firefoxesni2.png
├── firefoxesni3.png
├── go1.png
├── go2.png
├── gov1.png
├── gov2.png
├── gov3.png
├── gov5.png
├── gov6.png
├── grpc.png
├── https1.png
├── kernel.png
├── mosdns1.png
├── mosdns2.png
├── mosdns3.png
├── mosdns4.png
├── mosdns5.png
├── mosdns6.png
├── netflix1.png
├── pve1.png
├── pve2.png
├── readme.png
├── readme2.png
├── readme2_en.png
├── readme3.png
├── readme3_en.png
├── readme4.png
├── readme_en.png
├── ubuntu.png
├── v2board1.png
└── v2board1_en.png
├── download
├── lzma.py
├── mitm-vip-unlocker-x86_64-linux-musl.zip
├── mosdns
│ ├── cn.dat
│ ├── geoip.dat
│ ├── geosite.dat
│ ├── luci-app-mosdns_git-22.142.44511-c664869_all.ipk
│ ├── mosdns_cee9e6d-55_x86_64.ipk
│ ├── v2ray-geoip_202204210050-4_all.ipk
│ └── v2ray-geosite_20220425025949-4_all.ipk
├── trojan-mac.zip
├── trojan-qt5.zip
├── trojan-win-cli.zip
├── v2ray-android.zip
├── v2ray-mac.zip
├── v2ray-windows.zip
├── website.zip
└── website2.zip
├── dsm
├── FixSynoboot.sh
├── ch_cpuinfo
├── frpc-noarch_v0.35.0.spk
├── img2kvm
├── libsynonvme.so.1
├── mosdns.yaml
├── openwrt.sh
├── pve.sh
└── readme.md
├── install_kernel.sh
├── linux_install_software.sh
├── netflix_check.sh
└── trojan_v2ray_install.sh
/.editorconfig:
--------------------------------------------------------------------------------
1 | # EditorConfig is awesome: https://EditorConfig.org
2 |
3 | # top-most EditorConfig file
4 | root = true
5 |
6 | # Unix-style newlines with a newline ending every file
7 | [*]
8 | indent_style = space
9 | indent_size = 4
10 | end_of_line = lf
11 | charset = utf-8
12 | trim_trailing_whitespace = true
13 | insert_final_newline = true
14 |
15 | # Matches multiple files with brace expansion notation
16 | # Set default charset
17 | [*.{js,py}]
18 | charset = utf-8
19 |
20 | # 4 space indentation
21 | [*.py,*.sh]
22 | indent_style = space
23 | indent_size = 4
24 |
25 | # Tab indentation (no size specified)
26 | [Makefile]
27 | indent_style = tab
28 |
29 | # Indentation override for all JS under lib directory
30 | [lib/**.js]
31 | indent_style = space
32 | indent_size = 4
33 |
34 | # Matches the exact files either package.json or .travis.yml
35 | [{package.json,.travis.yml}]
36 | indent_style = space
37 | indent_size = 4
38 |
39 |
--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug-report-----.md:
--------------------------------------------------------------------------------
1 | ---
2 | name: Bug report 问题报告
3 | about: 用来解决BUG和新功能需求
4 | title: ''
5 | labels: ''
6 | assignees: jinwyp
7 |
8 | ---
9 |
10 | **Describe the bug** A clear and concise description of what the bug is.
11 | 在提出问题前请先自行排除服务器端问题和把客户端升级到最新版本例如v2rayN,同时也请通过搜索确认是否有人提出过相同问题。
12 |
13 |
14 | !!! 请务必提供安装的选择的第几项 !!!
15 | !!! 请务必提供什么操作系统 和用的什么终端 !!!
16 | !!! 请务必提供是否开启了Cloudflare 的 CDN !!!
17 | !!! 请用 ping.pe 或 ping.ceo 网站 输入IP:端口号 查看是否被GFW屏蔽 !!!
18 |
19 |
20 | ** Steps to reproduce the behavior: ** 请提供使用脚本安装的选择第几项:
21 |
22 | 1. 例如选择的第2项 安装trojan. 安装过程中选择了 2 原版trojan-go
23 | 2. 例如选择的第11项 安装v2ray 或 xray . 安装过程中选择了 websocket 选项 并 选择了解锁流媒体
24 |
25 | ** OS and Terminal: ** 系统环境 信息 请务必提供什么操作系统 和用的什么终端 ,还有VPS主机商
26 |
27 | - OS: [e.g. Centos]
28 | - Version [e.g. 7]
29 | - Terminal : 例如 Mac的teminal 或 linux ssh 或 zsh 或 Windows putty 或 VPS自带的在线ssh
30 | - VPS [e.g. Google Cloud]
31 |
32 |
33 | ** To Reproduce ** 复现方法
34 |
35 | Log Info 日志信息: 请提供安装时出错的信息
36 | 例如 xxx
37 |
38 | 安装完成后 通过以下命令 检查服务是否启动成功 并提供输出日志
39 |
40 | 1. 检查 trojan 是否启动成功 ``` systemctl status trojan ```
41 | 2. 检查 trojan-go 是否启动成功 ``` systemctl status trojan-go ```
42 | 3. 检查 v2ray 是否启动成功 ``` systemctl status v2ray ```
43 | 4. 检查 xray 是否启动成功 ``` systemctl status xray ```
44 | 4. 检查 shadowsocks (xray内核) 是否启动成功 ``` systemctl status shadowsocksxray ```
45 | 5. 检查 nginx 是否启动成功 ``` systemctl status nginx ```
46 |
47 |
48 | ** X-UI ** 问你
49 | 1. 请到 https://github.com/vaxilu/x-ui 询问是否有人提出过相同问题
50 | 2. 检查 nginx 是否启动成功 ``` systemctl status nginx ```
51 |
52 |
53 | 安装完成如选择了安装nginx, 请检查 nginx 是否启动成功,域名网站是否能在浏览器正常打开, 是https 还是 http. 正常安装应该是https. 如果打不开说明nginx安装有问题,请给出nginx安装时输出日志
54 |
55 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | /bbr
2 |
3 | # Prerequisites
4 | *.d
5 |
6 | # Object files
7 | *.o
8 | *.ko
9 | *.obj
10 | *.elf
11 |
12 | # Linker output
13 | *.ilk
14 | *.map
15 | *.exp
16 |
17 | # Precompiled Headers
18 | *.gch
19 | *.pch
20 |
21 | # Libraries
22 | *.lib
23 | *.a
24 | *.la
25 | *.lo
26 |
27 | # Shared objects (inc. Windows DLLs)
28 | *.dll
29 |
30 | *.dylib
31 |
32 | # Executables
33 | *.exe
34 | *.out
35 | *.app
36 | *.i*86
37 | *.x86_64
38 | *.hex
39 |
40 | # Debug files
41 | *.dSYM/
42 | *.su
43 | *.idb
44 | *.pdb
45 |
46 | # Kernel Module Compile Results
47 | *.mod*
48 | *.cmd
49 | .tmp_versions/
50 | modules.order
51 | Module.symvers
52 | Mkfile.old
53 | dkms.conf
54 |
55 |
56 |
57 |
58 |
59 |
60 | # static file for dist css html js
61 |
62 |
63 |
64 |
65 |
66 | # css sprite
67 | auto-sprite.png
68 | _auto_sprite.scss
69 | .sass-cache
70 | *auto-sprite*
71 |
72 |
73 | # upload files
74 |
75 |
76 |
77 | # Logs
78 | logs
79 | *.log
80 | npm-debug.log*
81 |
82 |
83 |
84 |
85 | # Runtime data
86 | pids
87 | *.pid
88 | *.seed
89 |
90 | # Directory for instrumented libs generated by jscoverage/JSCover
91 | lib-cov
92 |
93 | # Coverage directory used by tools like istanbul
94 | coverage
95 |
96 | # nyc test coverage
97 | .nyc_output
98 |
99 | # Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
100 | .grunt
101 |
102 | # node-waf configuration
103 | .lock-wscript
104 |
105 | # Compiled binary addons (http://nodejs.org/api/addons.html)
106 | build/Release
107 |
108 | # Dependency directories
109 | node_modules
110 | jspm_packages
111 |
112 | # Optional npm cache directory
113 | .npm
114 |
115 | # Optional REPL history
116 | .node_repl_history
117 |
118 |
119 |
120 |
121 |
122 | # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
123 | # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
124 |
125 | .idea/
126 |
127 |
128 | ## File-based project format:
129 | *.iws
130 |
131 | ## Plugin-specific files:
132 |
133 | # IntelliJ
134 | /out/
135 |
136 | # mpeltonen/sbt-idea plugin
137 | .idea_modules/
138 |
139 |
140 | # JIRA plugin
141 | atlassian-ide-plugin.xml
142 |
143 | # Crashlytics plugin (for Android Studio and IntelliJ)
144 | com_crashlytics_export_strings.xml
145 | crashlytics.properties
146 | crashlytics-build.properties
147 | fabric.properties
148 |
149 |
150 |
151 |
152 |
153 | # Ignore Mac OS desktop services store
154 | *.DS_Store
155 |
156 |
157 | # Ignore Windows desktop setting file
158 | desktop.ini
159 |
--------------------------------------------------------------------------------
/DNS.md:
--------------------------------------------------------------------------------
1 | # DNS, DOT(DNS over TLS) and DOH(DNS over HTTPS)
2 |
3 | ## 目录 Table of Contents
4 |
5 | * [DNS DOT DOH 介绍](#dns)
6 | * [Chrome 如何开启DOH 解决DNS污染](#chrome)
7 | * [Firefox 如何开启DOH](#firefox)
8 | * [Edge 如何开启DOH](#edge)
9 | * [安装 AdGuard Home 搭建 DNS 服务器](#adguardhome)
10 | * [使用 Mosdns 分流国内与国外域名DNS解析请求](#mosdns)
11 |
12 | ### DNS
13 |
14 | 1. 面试程序员经常会问的一道面试题: 当在浏览器输入一个网址回车后,后面发生了什么. 例如下图 输入了网址foobar.com后, 首先从DNS服务器查询 foobar.com对应的IP地址 156.x.x.x. 浏览器得到IP后继续访问156.x.x.x 这个服务器地址返回网页. 用户就可以正常浏览网页了.
15 | 
16 |
17 | 2. 早些年网页采用http方式传输, 网页没有加密. 后来基于TLS加密技术的https方式传送,网页就被加密无法看到传送的内容了. 如下图
18 | 
19 |
20 | 3. 网页传输 http未加密 与 https加密 对比图. 可以看到内容已被加密
21 | 
22 |
23 | 4. 通过DNS解析后得到IP后虽然网页传输是加密的https,其他人无法知道浏览的内容是什么,但第一步查询DNS时是未加密的, GFW防火墙就可以获取到域名信息并污染DNS,返回一个错误的IP地址,这样就无法正常打开网页了. 所以DNS也要加密, DOT(DNS over TLS) 与 DOH(DNS over HTTPS)就诞生了. 开启DOT或DOH后就如下图, 查询DNS后返回的IP地址信息也是加密的. GFW就无法截取信息并污染DNS了. 如何开启DOT和DOH 请看[Chrome开启方法](#chrome) 和 [Firefox开启方法](#firefox)
24 | 
25 |
26 | 5. 根据上图仔细看还会发现,第一步输入网址查询DNS的时候还是未加密的, 这样网址的名称还会被其他人获取, 为了解决这个问题又提出了ESNI(Encrypted server name indication), 这样从所有链路都加密了. 由于从第一步输入网址信息就是加密的, 那么DNS服务器如何知道输入的什么网址呢, 所以该技术需要浏览器和DNS提供商配合, 目前新版firefox和CDN服务商Cloudflare已支持开启ESNI. [如何开启Firefox的ESNI方法](#firefoxesni).
27 |
28 | 6. 更多DOH DOT ESNI 资料请看[什么是加密的 SNI](https://www.cloudflare.com/zh-cn/learning/ssl/what-is-encrypted-sni/). [使用 ESNI、DoH 和 DoT](https://www.toptal.com/web/encrypted-safe-with-esni-doh-dot). [搭建全协议DNS服务器](https://blog.dnomd343.top/dns-server/)
29 |
30 |
31 | ### Chrome
32 |
33 | 1. 需要先下载新版本Chrome 100 [下载地址1](https://pan.baidu.com/s/1PPRPggOHvBhcuZoQL7ZRQQ?pwd=9xuu). [下载地址2](https://wws.lanzout.com/ihbbt040y4oh)
34 | 2. 打开 Chrome, 在网址栏输入 chrome://settings/security 回车后, 进入"安全"设置页面. 或者点击Chrome地址栏右边菜单栏的三个点 打开菜单,然后点击 "设置" , 然后点击左边菜单的 "隐私设置和安全性", 然后在右边找到的 "安全"点击进入"安全"设置页面
35 |
36 | 
37 | 
38 |
39 | 3. 在打开的 "安全" 设置页面中, 选中 "使用安全 DNS" 后面的滑块, 再选择下拉框中的Cloudflare 1.1.1.1 或 Google Public DNS,也可以选择下拉框里选择自定义, 然后在下面文本框中输入自己找到的 DoH 服务器. [DNS服务器列表](https://dns.icoa.cn/) [如何验证是否开启DOT和ESNI](#测试是否开启DOT和ESNI ).
40 |
41 | 
42 |
43 | 4. 有时候选择Cloudflare 1.1.1.1 或 Google Public DNS 会出现打不开网站的情况, 这是因为GFW防火墙除了会污染DNS, 还会直接屏蔽掉IP, 导致Cloudflare 1.1.1.1 或 Google Public DNS 8.8.8.8 无法访问, 也就无法解析DNS域名. 解决办法就是自己找到其他海外支持DOT或DOH的DNS服务器, 或者自己在海外架设DNS服务器. 可以使用[
44 | AdGuardHome](https://github.com/AdguardTeam/AdGuardHome). 具体方法请看[搭建自己的DNS服务器](#搭建自己的DNS服务器).
45 |
46 | 5. 使用了国外的DOT或DOH后, 也会发现访问国内网站慢, 或者访问国内网站变成海外版本的问题. 这就需要区分国内和国外网站走不同的DNS进行分流, [具体请看DNS分流](#分流国内和国外的DNS服务解析)
47 |
48 | ### Firefox
49 |
50 | 1. 需要下载新版本的Firefox. [下载地址1](https://pan.baidu.com/s/19u-Ayy-rKvgYDmg_TNDIzA?pwd=827m). [下载地址2](https://wws.lanzout.com/ipGdD040ylbg)
51 |
52 | 2. 点击右边的菜单栏, 然后在下拉菜单点击 "设置". 然后选择左边菜单点击"常规", 然后在右边最下面"网络设置" 点击"设置"
53 | 
54 | 
55 |
56 | 3. 在打开的对话框中,在最下面, 选中 "启用基于 HTTPS 的 DNS", 然后在下拉框可以选择Cloudflare 默认值或自定义的DOT服务器 . [如何验证是否开启DOT和ESNI](#测试是否开启DOT和ESNI ).
57 | 
58 |
59 | 4. 其他网上教程 [在Firefox中启用 DNS-over-HTTPS(DoH)](https://zhuanlan.zhihu.com/p/75845767)
60 |
61 | ### FirefoxESNI
62 |
63 | 1. 需要下载最新版的Firefox [下载地址1](https://pan.baidu.com/s/19u-Ayy-rKvgYDmg_TNDIzA?pwd=827m). [下载地址2](https://wws.lanzout.com/ipGdD040ylbg)
64 | 2. 在地址栏输入 ``` about:config ``` , 然后点击 "接受风险并继续", 然后搜索 ``` network.security.esni.enabled ``` ,
65 | 
66 | 
67 |
68 | 3. 然后选择 "布尔" 类型, 点击右边 + 号, 然后点击右边按钮 将值设为true, 完成. [如何验证是否开启DOT和ESNI](#测试是否开启DOT和ESNI ).
69 | 
70 |
71 | 4. 开启 Encrypted Client Hello (ECH) (ESNI的进化版本). 同样在 ``` about:config ``` 搜索条目 ```network.dns.echconfig.enabled``` 和 ```network.dns.use_https_rr_as_altsvc```,将它们的值设定改为 true 即可。
72 |
73 | 5. 更多问题请查看 [在 Firefox 上设置 DoH 和 ESNI/ECH](https://blog.outv.im/2020/firefox-doh-ech-esni/)
74 |
75 |
76 | ### Edge
77 |
78 | 1. Edge 浏览器 [设置DoH加密DNS的方法] (https://www.icoa.cn/a/953.html)
79 |
80 | ### 测试是否开启DOT和ESNI
81 |
82 | 1. 使用浏览器打开 https://www.cloudflare.com/zh-cn/ssl/encrypted-sni/ 点击 "Check My Browser" 按钮. 测试之前浏览器设置DNS的服务器请选择Cloudflare的DOH的服务器.
83 |
84 | 
85 |
86 | 2. 查看结果. 目前Chrome 还不支持ESNI,估计很快就会支持.
87 | 
88 |
89 |
90 | 3. 常见问题: Cloudflare 提醒我 ESNI 未启用!可能是你的 DNS over HTTPS 并没有生效,Firefox 还在使用普通的 DNS 请求方式。这种情况下 ECH 无法工作。
91 |
92 | 你可以尝试按照 Mozilla Wiki 的指示,在 about:config 中将 network.trr.mode设置为 3,即只使用 TRR(也就是我们的 DNS over HTTPS),强制 Firefox 使用 DoH,这样就能确保使用 ESNI 了。
93 |
94 | 
95 |
96 | ### AdGuardHome
97 | ### 搭建的DNS服务器
98 |
99 | 1. 通过本脚本, ``` bash <(curl -Lso- https://git.io/oneclick) ``` 运行本脚本, 选择28 安装 AdGuard Home 架设DNS服务器, 同时还可以去广告. 建议在国外的服务器上安装
100 | 2. 安装完成后, 再次运行本脚本 选择29 申请域名证书. 这样就可以开启DOH和DOT 加密DNS解析.
101 |
102 | 3. 具体设置请参考 [AdGuardHome 官方网站](https://github.com/AdguardTeam/AdGuardHome). 本脚本已经自动添加了针对中国网站的广告屏蔽规则.
103 | 4. [AdGuard Home 的整理的DNS服务器列表](https://kb.adguard.com/en/general/dns-providers)
104 |
105 | ### Mosdns
106 | ### 分流国内和国外的DNS服务解析
107 |
108 | 1. 建议有条件的请先按照上面教程搭建AdGuardHome DNS服务器. 然后再安装mosdns 进行DNS分流. 没有条件搭建DNS服务器也不用担心, 本脚本已经内置多个DNS服务器地址
109 | 2. 通过使用mosdns 或 mosdns-cn 可以让国内的网址走国内的DNS解析, 国外的网址走国外的DNS解析. 同时也不用在浏览器里面设置DOH了 (上面教程里浏览器设置部分不需要了). 安装mosdns 分为 [Openwrt X86版本](#mosdnsopenwrt), [linux 版本](#mosdnslinux) 或 [windows 版本](#mosdnswindows). 建议有软路由的直接在软路由安装Openwrt X86版本.
110 |
111 | #### Mosdnsopenwrt
112 | #### Mosdns 在 Openwrt 上安装与使用
113 | 1. 升级带有Moddns 的路由器固件. X86的Openwrt可以很方便升级最近的固件 例如Esir的固件或 Sirpdboy 的固件
114 | 2. Esir的固件下载 https://drive.google.com/drive/folders/1uRXg_krKHPrQneI3F2GNcSVRoCgkqESr . Esir youtube 频道 https://www.youtube.com/c/eSirPlayGround
115 | 3. Sirpdboy 的固件下载 https://github.com/sirpdboy/openwrt/blob/master/README.md#%E5%9B%BA%E4%BB%B6%E4%B8%8B%E8%BD%BD
116 |
117 | 4. 如果使用x86 openwrt 软路由, 也可以直接使用 SSH登录到软路由上 使用如下脚本安装mosdns. 如果已经安装过mosdns 可以在OpenWRT中先删除mosdns. 在openwrt管理菜单 系统 -> 软件包 -> 过滤器 里面 搜索 mosdns 有两个结果 一个是mosdns 一个是 luci-app-mosdns 2个都点击移除 然后再用下面脚本重新安装就可以了
118 | ```bash
119 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/dsm/openwrt.sh && chmod +x ./openwrt.sh && ./openwrt.sh
120 | ```
121 |
122 | 5. 在软路由安装 luci-app-mosdns 完毕后, 请进入OpenWRT管理菜单: 服务-> MosDNS, 在第一个 基本配置 选项卡页面 勾选 "DNS转发 将 Dnsmasq 域名解析请求转发到 MosDNS 服务器" 然后勾选 启用 复选框后, 点击 保存&应用 按钮 就可以启动 MosDNS. 注意:如果mosdns启动失败, 请先关闭ssr 或 passwall 或 clash 等插件, 因为这些插件内置的PDNSD也运行在5335端口导致冲突. 或者更换mosdns的启动端口.
123 |
124 | 
125 |
126 |
127 | 6. 然后在 OpenWRT管理菜单: 网络-> DHCP/DNS -> DNS 转发 填入 127.0.0.1#5335, 因为mosdns运行在软路由的5335端口, 如果mosdns不是运行在软路由 而是用下面的脚本运行在其他linux上,则填入对应IP和端口即可. 然后在第二个tab "HOSTS 和解析文件" 勾选 忽略解析文件. 最后点击右下角 保存&应用 按钮完成设置. 注意: 如果没有正确填写转发就勾选了 "忽略解析文件" 会导致无法上网, 忽略解析文件的意思就是在dnsmasq 添加 no-reslov 指令不再使用原有的上游DNS解析.
128 |
129 | 
130 | 
131 |
132 | 7. 最后在 ShadowSocksR Plus+ 或其他passwal等插件中 设置 -> DNS解析方式 -> 使用本机端口为5335的DNS服务. 注意: 默认第一个选项使用PDNSD TCP查询并缓存, 该项的PDNSD的也运行在5335端口, 所以会导致冲突, 如果mosdns启动失败, 请先关闭SSR plus 然后在Openwrt菜单 服务-> MosDNS 页面启动Mosdns. 然后回到ShadowSocksR Plus+页面 选择"使用本机端口为5335的DNS服务"后再启动ssr 即可.
133 |
134 | 
135 |
136 | #### Mosdnslinux
137 | #### Mosdns 在 linux 上安装与使用
138 | 1. 如果 linux系统 可以使用如下脚本在linux 系统上安装 mosdns 或 mosdns-cn. 安装完成后按照上面的步骤在路由器中设置DNS即可.
139 | ```bash
140 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
141 | ```
142 |
143 | #### Mosdnswindows
144 | #### Mosdns 在 windows 上安装与使用
145 |
146 | 1. 如果是 windows 系统, 推荐直接下载打包好的 [mosdns](https://pan.baidu.com/s/1EN6nvlwQLYzwotCIaDs5UA?pwd=t34w) 提取码: t34w 解压后运行 run_mosdns.bat
147 |
148 | 2. 如果是 windows 系统, 也可以直接下载打包好的 [mosdns-cn](https://wws.lanzout.com/i7pYR05e80eh) 解压后运行 run.bat 或运行命令 ``` mosdns-cn --config ./config_mosdns_cn.yaml ```
149 |
150 | 3. 如果是 windows 系统, 也可以可以从 [mosdns-cn 官方网站](https://github.com/IrineSistiana/mosdns-cn/releases/download/v1.4.0/mosdns-cn-windows-amd64.zip) 下载 mosdns-cn 压缩包直接解压后放到一个目录中. 再下载 [geosite文件](https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat) [geoip文件](https://raw.githubusercontent.com/Loyalsoldier/geoip/release/geoip.dat) [cnip文件](https://raw.githubusercontent.com/Loyalsoldier/geoip/release/cn.dat) 放到mosdns-cn解压的同一个目录中. 最后运行 ``` mosdns-cn -s :53 --blacklist-domain "geosite.dat:category-ads-all" --local-upstream https://223.5.5.5/dns-query --local-domain "geosite.dat:cn" --local-ip "geoip.dat:cn" --remote-upstream https://8.8.8.8/dns-query --remote-domain "geosite.dat:geolocation-!cn" ``` 即可.
151 |
152 |
153 | 4. 如果是OpenWRT路由器则不用在每个终端设备上设置, 只需要在路由器上设置即可,请看下面OpenWRT的设置. 如果是非OpenWRT路由器, 需要在你的每个终端设备上设置DNS服务器为Mosdns的IP. 例如windows 需要在网络设置设置中指定DNS服务器为Mosdns的IP.
154 | 
155 |
156 | 5. 在OpenWRT中可以在DHCP给客户端分配IP时, 直接给客户端赋予与路由器IP不同的DNS服务器, 这样无论通过上面方法架设好mosdns后, 把运行mosdns 的机器的IP填入下图.客户端就不用手动设置DNS了. OpenWRT管理菜单: 网络 -> 接口 -> LAN 点击"修改" 按钮 进入页面下部 "DHCP 服务器" 部分, 点击第二个tab "高级设置" -> DHCP 选项 填入6,192.168.1.5, 其中192.168.1.5改为mosdns的机器IP就可以了. 这样所有客户端会默认使用mosdns作为DNS服务器, 同时也不需要上面的设置 DHCP/DNS -> DNS 转发 的修改方法了. 客户端需要重新连接一下WIFI或网络重新获取IP地址才能生效.
157 | 
158 |
159 |
160 | 6. 具体参数可以参考官方网站 https://github.com/IrineSistiana/mosdns-cn 和 https://github.com/IrineSistiana/mosdns
161 | 7. Mosdns 相关整理好的配置文件 https://github.com/pmkol/easymosdns 和 https://github.com/Journalist-HK/mosdns-config
162 |
163 | ### DNS服务器列表大全
164 |
165 | 1. [AdGuard 官方DNS服务器列表1](https://adguard-dns.io/kb/general/dns-providers/)
166 |
167 | 2. [DNS服务器列表2](https://dns.icoa.cn/), [https://dns.icoa.cn/](https://dns.icoa.cn/)
168 |
169 | 3. [全国DNS列表](https://github.com/easonjim/dns-server-list)
170 |
171 |
--------------------------------------------------------------------------------
/HOWTOUSEGO.md:
--------------------------------------------------------------------------------
1 | # How to use software by go language
2 |
3 |
4 |
5 | ## 如何使用go语言开发的软件
6 |
7 | ### 区分服务器端还是客户端使用的软件, 区分命令行客户端软件不同操作系统平台
8 |
9 |
10 | 1. 很多软件首先要区分是用在服务器端还是客户端. 服务器端(即运行在linux操作系统下服务器端软件,而且是命令行软件,没有图形界面). 客户端(即平常使用的 windows/Mac/iOS/Android 系统)
11 |
12 | #### 例子1 例如内网穿透软件FRP
13 |
14 | 1. 例子1 例如内网穿透软件FRP https://github.com/fatedier/frp
15 | 打开github官方网页后首先找到右边 Releases 处, 可以看到当前最新版本是0.39.0
16 | 
17 |
18 |
19 | 2. 点击 Releases 进入已编译打包好的程序下载页面 https://github.com/fatedier/frp/releases
20 |
21 | 
22 |
23 | 3. 这里就要下载服务器端还是客户端软件. 如果要下载服务器端, 正常情况一般linux服务器都是x86架构的64位CPU, 需要下载 frp_0.39.0_linux_amd64.tar.gz. 就是要下载"amd64"字样的服务器端程序. 如果服务器是很老的32位CPU 需要下载 frp_0.39.0_linux_386.tar.gz. 就是要下载"386"字样的服务器端. 如果服务器是使用ARM的CPU,同样需要区分是64位的ARM还是32位的ARM CPU. 64位的ARM对应下载frp_0.39.0_linux_arm64.tar.gz, 32位的ARM CPU 对应下载frp_0.39.0_linux_arm.tar.gz.
24 |
25 | 4. 下载完成后解压出来 frps是用于服务器端, frpc是用于客户端.
26 |
27 | 5. 一般用户用的都是客户端 并且都是 windows/Mac/iOS/Android 系统. 就要下载 windows 客户端 frp_0.39.0_windows_amd64.zip. 或下载 Mac 客户端 frp_0.39.0_darwin_amd64.tar.gz. Mac就是要下载"darwin"字样的程序. 而新出的M1芯片的Mac由于是ARM架构, 就需要下载frp_0.39.0_darwin_arm64.tar.gz. 下载完成后解压出来 frpc是用于客户端. 通常需要先修改配置文件然后运行frpc就可以了.
28 |
29 | #### 例子2 V2ray
30 |
31 | 1. 例子2 V2ray https://github.com/v2fly/v2ray-core
32 | 打开github官方网页后首先找到右边 Releases 处, 可以看到当前最新版本是4.44.0
33 | 
34 |
35 |
36 | 2. 点击 Releases 进入已编译打包好的程序下载页面 https://github.com/v2fly/v2ray-core/releases 由于目前v2ray 5.0版本是开发者预览版本还不稳定, 把页面向下翻找到4.44.0版本
37 |
38 | 
39 |
40 | 
41 |
42 |
43 | 3. 这里就要下载服务器端还是客户端软件. 如果要下载服务器端, 正常情况一般linux服务器都是x86架构的64位CPU, 需要下载 v2ray-linux-64.zip. 就是要下载"64"字样的服务器端程序. 如果服务器是很老的32位CPU 需要下载 v2ray-linux-32.zip. 就是要下载"32"字样的服务器端. 如果服务器是使用ARM的CPU,同样需要区分是64位的ARM还是32位的ARM CPU. 64位的ARM对应下载v2ray-linux-arm64-v8a.zip, 32位的ARM CPU 对应下载v2ray-linux-arm32-v7a.zip 或 v2ray-linux-arm32-v6.zip.
44 |
45 | 4. 下载完成后解压出来 与frp不同, v2ray服务器端与客户端是同一个文件, 都是v2ray, 是通过v2ray 配置文件来区分启动的是服务器端还是客户端
46 |
47 | 5. 一般用户用的都是客户端 并且都是 windows/Mac/iOS/Android 系统. 就要下载 windows 客户端 v2ray-windows-64.zip. 或下载 Mac 客户端 v2ray-macos-64.zip. 而新出的M1芯片的Mac由于是ARM架构, 就需要下载v2ray-macos-arm64-v8a.zip. Android 客户端就下载v2ray-android-arm64-v8a.zip 下载完成后解压出来, 通常需要先修改配置文件然后运行v2ray就可以了.
48 |
49 |
50 |
51 |
52 | ### 区分是命令行程序还是带有UI的GUI界面软件
53 |
54 | 1. 上面是命令行方式运行的程序核心文件. 对于普通用户来说命令行方式需要手动修改配置文件很不方便. 所以对普通用户来说肯定需要找对应的UI带界面的程序,这样使用起来才方便. UI带界面的程序与原来的命令行程序都是不同项目不同人开发的. 所以有的界面集成了核心命令程序, 有的没有集成核心命令行程序只是一个界面需要自己手动下载命令行与UI界面程序放到一起.
55 |
56 | 2. 同样用v2ray举例, 不同平台的v2ray UI界面程序五花八门, 名字叫什么的都有, 所以要区分仅仅是v2ray的界面程序还是 根本就不是v2ray的UI界面程序而是可以支持v2ray的协议的程序例如Clash
57 |
58 | 3. 这里先说仅仅是v2ray的UI界面程序. 例如 windows平台 v2rayN 根据上面介绍进入v2rayN项目的下载Releases 页面 https://github.com/2dust/v2rayN/releases 当前版本4.29
59 |
60 | 
61 |
62 | 4. 由于 v2rayN只针对 windows 平台 所以不需要区分平台版本, 下载 v2rayN-Core.zip 带v2ray命令行核心文件. 或下载 v2rayN.zip 只有界面程序需要手动下载 [v2ray命令行程序](https://github.com/v2fly/v2ray-core/releases)
63 |
64 | 5. 这种界面程序与核心程序分开的好处就是 如果核心命令行有新功能升级了, 可以单独升级命令行核心程序. 在v2rayN可以点击 检查更新 升级v2ray-core或xray-core. 这里简单说明一下 v2ray-core和xray-core的区别. xray-core基本与v2ray-core相同, 但xray-core 多支持一种XTLS加密方式, XTLS速度快,但需要服务器端开启. 具体详细请看[xray官方文档](https://xtls.github.io/). 如果需要使用XTLS加密, 需要在v2rayN中参数设置-> v2rayN 设置 -> Core类型设置 使用xray-core.
65 |
66 |
67 | 
68 |
69 | 6. windows 平台下的v2ray的UI界面程序 还有WinXray [官方地址](https://github.com/TheMRLL/WinXray/releases)
70 |
71 | 7. [Qv2ray](https://github.com/Qv2ray/Qv2ray/releases)也是一个v2ray的UI界面程序, 而且支持windows和Mac, 还可以通过插件支持trojan等其他协议.
72 |
73 | 8. 不同平台下都有不同的UI界面程序, 有的集成了核心命令行程序有的没有集成, 所以要学会到官方github网站上下载最新版程序. Windows 平台: v2rayN / Qv2ray / WinXray. Android 平台: v2rayNG / Kitsunebi. iOS 平台(只能通过apple store 购买获得): Shadowrocket / Quantumult / Quantumult X. OpenWrt 路由器平台: PassWall / Hello World / ShadowSocksR Plus+
74 |
75 | ### 本身不是某个软件的UI界面程序 例如 Clash 与 Quantumult X
76 |
77 | 1. [Clash](https://github.com/Dreamacro/clash) 本身并不是v2ray的UI界面程序. Clash本身自己是个独立的代理平台软件,主要用来提供SOCKS5/HTTP代理. 而随后支持V2ray的Vmess协议, 同时还支持 Shadowsocks, Snell, Trojan等其他协议.
78 |
79 | 2. 同样 Clash也是go语言开发的命令行软件, 用户要方便使用还需要找对应平台的UI客户端. 例如 windows 平台下UI界面客户端 [clash_for_windows](https://github.com/Fndroid/clash_for_windows_pkg/releases) 注意 clash_for_windows 没有开源, 安全性未知. Mac平台下Clash的UI界面客户端 [clashX](https://github.com/yichengchen/clashX). Android平台下Clash的UI界面客户端 [ClashForAndroid](https://github.com/Kr328/ClashForAndroid).
80 |
81 |
82 |
83 | ### 关于 TLS 加密与各种协议的介绍和具体使用方法 敬请期待
84 |
85 |
--------------------------------------------------------------------------------
/KERNEL.md:
--------------------------------------------------------------------------------
1 | # Easy install latest or LTS linux kernel and enable BBR or BBR plus
2 |
3 | ### [中文文档](/KERNEL_CN.md)
4 | ### [xray v2ray trojan 一键安装脚本](/README2.md)
5 |
6 | ## Sponsors
7 | Thanks for support this project. Check on [patreon](https://www.patreon.com/linuxkernel)
8 |
9 |
10 | ## Table of Contents
11 |
12 | * [Easy install v2ray (xray) and trojan (trojan-go) script (ultimate script for all condition)](/README2.md)
13 | * [Install linux latest and LTS kernel. Install BBR Plus kernel](#kernel)
14 | * [Enable BBR or BBR plus or BBR2 congestion control algorithm with FQ or CAKE](#kernel)
15 | * [Install wireguard and Cloudflare WARP. Unlock Netflix ip geo-restriction. Avoid Google reCAPTCHA human verification](#Wireguard)
16 |
17 |
18 | ## Features
19 | 1. Easily switch Linux kernel for all versions, including latest kernel, 5.16, 5.10 LTS, 5.4 LTS, 4.19 LTS, 4.14 LTS
20 | 2. Easily enable BBR or BBR plus congestion control algorithm with FQ / FQ-Codel / FQ-PIE / CAKE.
21 | 3. Support Debian9+, Ubuntu 16+ and CentOS 7+ operation systems
22 | 4. Install wireguard and Cloudflare WARP client to avoid Google reCAPTCHA and unlock Netflix ip geo-restriction
23 |
24 |
25 |
26 |
27 | ## Installation
28 |
29 | #### via bash
30 | ```bash
31 | bash <(curl -Lso- https://git.io/kernel.sh)
32 | ```
33 | #### via curl to install script
34 |
35 | ```bash
36 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh
37 | ```
38 |
39 |
40 | #### via wget to install script
41 |
42 | ```bash
43 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh
44 | ```
45 |
46 |
47 |
48 | 
49 |
50 |
51 |
52 |
53 | ## Usage
54 |
55 | ### kernel
56 | ### Install latest or LTS linux kernel and enable BBR or BBR Plus
57 |
58 | 1. On CentOS / AlmaLinux / Rocky Linux, run script then choose 31 to install latest 5.16 kernel or choose 35 to install LTS 5.10 kernel (recommended). It will reboot twice duiring the whole installation.
59 | 2. On Debian run script then choose 41 to install LTS 5.10 kernel, on Ubuntu please choose 45 to install LTS 5.10 kernel. It will reboot twice duiring the whole installation.
60 | 3. After finished new kernel installation, rerun the script and choose 2 to enable BBR congestion control algorithm with Cake(recommended) or FQ.
61 | 4. To enable BBR Plus. run script then choose 61 to install BBR Plus 4.14.129 kernel , or choose 66 to install BBR Plus 5.10 LTS kernel. It will reboot twice duiring the whole installation. After finished new kernel installation, rerun the script then choose 3 to enable BBR Plus.
62 | 5. Duiring the the whole installation when show the big warning screen(see below pics), please choose "NO" to continue installation. Do not abort kernel removal.
63 |
64 | 
65 | 
66 | 
67 |
68 | 6. To install XanMod kernel and enable BBR2 on Debian or Ubuntu. Run script then choose 51 to install XanMod LTS 5.10 kernel, after reboot and finish kernel installation, rerun the script then choose 2 to enable BBR2 congestion control algorithm.
69 |
70 |
71 | ### Wireguard
72 | ### Unlock Netflix(Youtube/Hulu/HBO Now/Disney+) region restriction and avoid Google reCAPTCHA human verification
73 |
74 | 1. Unlock with Cloudflare WARP sock5 proxy. Run script then choose 11 to install Cloudflare WARP linux client sock5 proxy, After finish installation, rerun script then choose 21 to test whether Netflix is unlock or not through the WARP sock5 proxy.
75 | 2. Unlock with Cloudflare WARP IPv6. Run script then choose 12 to install Wireguard and Cloudflare WARP. After finish installation, The VPS will enable IPv6. As default the VPS is to use IPv4 to access the network. Rerun script then choose 21 to test whether Netflix is unlock or not through the IPv6.
76 | 3. To unlock Netflix and other stream website. Using the [script](/README.md) in the same repo to install v2ray. During the v2ray installation follow the instruction and select different v2ray routing rules (IPv6 or WARP sock5 or DNS or other unlocked v2ray server) to unlock netflix.
77 | 4. To avoid Google reCAPTCHA human verification. Using the [script](/README.md) in the same repo to install v2ray. During the v2ray installation follow the instruction and select different v2ray routing rules (IPv6 or WARP sock5 or other unlocked v2ray server) to avoid Google reCAPTCHA. Recommended to use IPv6 to avoid Google reCAPTCHA.
78 |
79 |
80 |
81 |
82 | ## Netflix-Check
83 | ### Netflix non-self produced drama test script for regions. Support test with IPv6 and Cloudflare WARP Sock5 proxy
84 |
85 | #### via wget to install script
86 |
87 | ```bash
88 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
89 | ```
90 |
91 |
92 | #### via curl to install script
93 |
94 | ```bash
95 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
96 | ```
97 |
98 |
99 |
100 | ## FAQ
101 |
102 | 1. Netflix non-self produced drama test script can't test through v2ray routing rule. The VPS is already unlocked but the result of the test could not show the right unlocked answer. You can use the test script on the V2ray client computer which connected the unlocked netflix V2ray server to get the right unlocked result. The Netflix non-self produced drama test shell script can be running on Mac and linux. On Windows you can use Ubuntu (windows linux sub-system) to run the test script.
103 |
104 |
105 |
106 |
--------------------------------------------------------------------------------
/KERNEL_CN.md:
--------------------------------------------------------------------------------
1 | # Easy install latest or LTS linux kernel and enable BBR or BBR plus
2 |
3 | ### [xray v2ray trojan 一键安装脚本](/README2.md)
4 |
5 | ## 目录 Table of Contents
6 |
7 | * [Trojan 或 Trojan-go 和 V2ray 或 xray 一键安装脚本](/README2_CN.md)
8 | * [安装 Linux 最新版内核或 LTS 内核, 安装支持 BBR Plus 内核](#kernel)
9 | * [开启BBR 或 BBR plus 网络加速](#kernel)
10 | * [安装 wireguard 和 Cloudflare WARP, 解锁 Netflix 区域限制 和 避免弹出Google人机验证](#Wireguard)
11 | * [Netflix 非自制剧检测脚本 支持IPv6和 WARP Sock5 代理检测](#netflix-check)
12 |
13 | ## 功能说明 Features
14 | 1. 安装各个版本的 Linux 内核 包括最新的5.16内核 和 所有LTS内核. 例如 5.10 LTS, 5.4 LTS, 4.19 LTS, 4.14 LTS
15 | 2. 开启 BBR / BBR Plus / BBR2 网络加速, 切换 FQ / FQ-Codel / FQ-PIE / CAKE 队列调度算法.
16 | 3. 支持 Debian9+, Ubuntu 16+, CentOS 7+ (AlmaLinux / Rocky Linux)
17 | 4. 安装 wireguard 和 Cloudflare WARP sock5 client 用于解锁 Netflix 和避免弹出Google人机验证
18 |
19 |
20 | ## Installation 安装方法
21 |
22 | #### Usage 脚本使用方法
23 | ```bash
24 | bash <(curl -Lso- https://git.io/kernel.sh)
25 | ```
26 | #### 通过 curl 命令安装 via curl to install script
27 |
28 | ```bash
29 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh
30 | ```
31 |
32 |
33 | #### 通过 wget 命令安装 Linux 内核 和 Wireguard via wget to install script
34 |
35 | ```bash
36 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh
37 | ```
38 |
39 |
40 |
41 | 
42 |
43 |
44 |
45 |
46 | ## 使用说明 Usage
47 |
48 | ### kernel
49 | ### 安装 linux 新版内核 开启BBR 或 BBR Plus 加速
50 |
51 |
52 | 1. CentOS / AlmaLinux / Rocky Linux 系统安装新版 linux 内核. 运行脚本后 请选择31 安装官方源最新版5.16内核 或选择35 安装 LTS 5.10 内核 推荐安装 LTS 5.10. 根据提示需要重启2次 完成内核安装。
53 | 2. Debian / Ubuntu 系统安装新版 linux 内核. 运行脚本后 Debian 请选择41 安装 LTS 5.10 内核, Ubuntu 请选择45 安装 LTS 5.10 内核. 根据提示需要重启2次 完成内核安装。
54 | 3. 开启 BBR 网络加速. 完成上面更换新内核后, 重新运行脚本后 选择2 然后根据提示选择 BBR 加速, 推荐使用BBR + Cake 组合算法.
55 | 4. 安装BBR Plus 内核并开启 BBR Plus. 运行脚本后 选择61 安装原版4.14.129版本 BBR Plus 内核, 或选择66 安装5.10 LTS BBR Plus内核. 安装完成重启2次后, 重新运行脚本后 选择3 根据提示开始 BBR Plus.
56 | 5. 注意安装过程中 如果弹出大框的英文提示(下面有示例图) "安装linux内核有风险是否终止", 要选择" NO" 不终止. 安装完毕会重启VPS.
57 |
58 | 
59 | 
60 | 
61 |
62 | 6. 安装 XanMod 内核并开启 BBR2. Debian / Ubuntu 系统 运行脚本后 请选择51 安装 XanMod 内核, 安装完成重启后, 重新运行脚本后 选择2 然后根据提示选择 BBR2 加速.
63 |
64 |
65 | ### Wireguard
66 | ### 解锁 Netflix 等流媒体网站的区域限制 和 避免弹出 Google reCAPTCHA 人机验证
67 |
68 | 1. 使用Cloudflare WARP sock5 方式解锁. 运行脚本后 选择11 安装 Cloudflare WARP 官方 linux client sock5 代理, 安装完成后系统已经启动 WARP的sock5 代理. 重新运行脚本 选择21 测试一下 WARP sock5 是否已经解锁Netflix.
69 | 2. 使用Cloudflare WARP IPv6 方式解锁. 运行脚本后 选择12 安装 Wireguard 和 Cloudflare WARP. 安装成功后系统会启用IPv6, 但默认还是优先使用IPv4 访问网络. 重新运行脚本 选择21 测试一下 IPv6 是否已经解锁Netflix.
70 | 3. 解锁 Netflix 等流媒体网站. 通过本项目内的[另一脚本](/README_CN.md) 安装V2ray, 安装过成功中根据提示设置域名分流规则, 让流媒体网站使用IPv6 或 WARP sock5解锁即可.
71 | 4. 解锁 Google reCAPTCHA 人机验证. 通过本项目内的[另一脚本](/README_CN.md) 安装V2ray, 安装过成功中根据提示设置域名分流规则, 让Google网站使用IPv6 或 WARP sock5解锁即可. 推荐使用 IPv6 来避免 Google reCAPTCHA 人机验证.
72 |
73 |
74 |
75 |
76 | ## Netflix-Check
77 | ### Netflix 非自制剧解锁 检测脚本 支持IPv6 和 Cloudflare WARP Sock5 代理检测
78 |
79 | #### 通过 wget 命令安装 via wget to install script
80 |
81 | ```bash
82 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
83 | ```
84 |
85 |
86 | #### 通过 curl 命令安装 via curl to install script
87 |
88 | ```bash
89 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
90 | ```
91 |
92 |
93 |
94 | ## 注意事项与常见问题 FAQ
95 |
96 | 1. Netflix 检测解锁脚本无法测试 使用V2ray路由规则的解锁. 就是说使用本脚本安装过v2ray已经解锁了Netflix, 但用检测解锁脚本检测的结果还是会显示没有解锁, 就是无法测出已解锁Netflix. 可以把检测脚本运行在 V2ray客户端机器上, 则能检测成功解锁. Netflix 检测解锁脚本只能运行在Mac或linux 平台. Windows平台可以使用linux ubuntu 子系统来运行 Netflix 检测解锁脚本.
97 |
98 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2020 JinWYP WangYupeng
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Easy install latest or LTS linux kernel and enable BBR or BBR plus
2 |
3 | ### [中文文档](/KERNEL_CN.md)
4 | ### [xray v2ray trojan shadowsocks install script](/README2.md)
5 | ### [xray v2ray trojan shadowsocks 一键安装脚本 中文](/README2_CN.md)
6 | ### [install script for docker, Nodejs, Joplin, Jitsi Meet, Focalboard, FreeGPT and more ](TOOL.md)
7 | ### [Docker Nodejs Joplin笔记 视频会议 Alist网盘 免费GPT 一键安装脚本 中文 ](TOOL_CN.md)
8 |
9 | ## Sponsors
10 | Thanks for support this project. Check on [patreon](https://www.patreon.com/linuxkernel)
11 |
12 |
13 | ## Table of Contents
14 |
15 | * [Easy install v2ray (xray) and trojan (trojan-go) script (ultimate script for all condition)](/README2.md)
16 | * [Install linux latest and LTS kernel. Install BBR Plus kernel](#kernel)
17 | * [Enable BBR or BBR plus or BBR2 congestion control algorithm with FQ or CAKE](#kernel)
18 | * [Install wireguard and Cloudflare WARP. Unlock Netflix ip geo-restriction. Avoid Google reCAPTCHA human verification](#Wireguard)
19 |
20 |
21 | ## Features
22 | 1. Easily switch Linux kernel for all versions, including latest kernel, 5.16, 5.10 LTS, 5.4 LTS, 4.19 LTS, 4.14 LTS
23 | 2. Easily enable BBR or BBR plus congestion control algorithm with FQ / FQ-Codel / FQ-PIE / CAKE.
24 | 3. Support Debian9+, Ubuntu 16+ and CentOS 7+ operation systems
25 | 4. Install wireguard and Cloudflare WARP client to avoid Google reCAPTCHA and unlock Netflix ip geo-restriction
26 |
27 |
28 |
29 |
30 | ## Installation
31 |
32 | #### via bash
33 | ```bash
34 | bash <(curl -Lso- https://git.io/kernel.sh)
35 | ```
36 | #### via curl to install script
37 |
38 | ```bash
39 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh
40 | ```
41 |
42 |
43 | #### via wget to install script
44 |
45 | ```bash
46 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh
47 | ```
48 |
49 |
50 |
51 | 
52 |
53 |
54 |
55 |
56 | ## Usage
57 |
58 | ### kernel
59 | ### Install latest or LTS linux kernel and enable BBR or BBR Plus
60 |
61 | 1. On CentOS / AlmaLinux / Rocky Linux, run script then choose 31 to install latest 5.16 kernel or choose 35 to install LTS 5.10 kernel (recommended). It will reboot twice duiring the whole installation.
62 | 2. On Debian run script then choose 41 to install LTS 5.10 kernel, on Ubuntu please choose 45 to install LTS 5.10 kernel. It will reboot twice duiring the whole installation.
63 | 3. After finished new kernel installation, rerun the script and choose 2 to enable BBR congestion control algorithm with Cake(recommended) or FQ.
64 | 4. To enable BBR Plus. run script then choose 61 to install BBR Plus 4.14.129 kernel , or choose 66 to install BBR Plus 5.10 LTS kernel. It will reboot twice duiring the whole installation. After finished new kernel installation, rerun the script then choose 3 to enable BBR Plus.
65 | 5. Duiring the the whole installation when show the big warning screen(see below pics), please choose "NO" to continue installation. Do not abort kernel removal.
66 |
67 | 
68 | 
69 | 
70 |
71 | 6. To install XanMod kernel and enable BBR2 on Debian or Ubuntu. Run script then choose 51 to install XanMod LTS 5.10 kernel, after reboot and finish kernel installation, rerun the script then choose 2 to enable BBR2 congestion control algorithm.
72 |
73 |
74 | ### Wireguard
75 | ### Unlock Netflix(Youtube/Hulu/HBO Now/Disney+) region restriction and avoid Google reCAPTCHA human verification
76 |
77 | 1. Unlock with Cloudflare WARP sock5 proxy. Run script then choose 11 to install Cloudflare WARP linux client sock5 proxy, After finish installation, rerun script then choose 21 to test whether Netflix is unlock or not through the WARP sock5 proxy.
78 | 2. Unlock with Cloudflare WARP IPv6. Run script then choose 12 to install Wireguard and Cloudflare WARP. After finish installation, The VPS will enable IPv6. As default the VPS is to use IPv4 to access the network. Rerun script then choose 21 to test whether Netflix is unlock or not through the IPv6.
79 | 3. To unlock Netflix and other stream website. Using the [script](/README.md) in the same repo to install v2ray. During the v2ray installation follow the instruction and select different v2ray routing rules (IPv6 or WARP sock5 or DNS or other unlocked v2ray server) to unlock netflix.
80 | 4. To avoid Google reCAPTCHA human verification. Using the [script](/README.md) in the same repo to install v2ray. During the v2ray installation follow the instruction and select different v2ray routing rules (IPv6 or WARP sock5 or other unlocked v2ray server) to avoid Google reCAPTCHA. Recommended to use IPv6 to avoid Google reCAPTCHA.
81 |
82 |
83 |
84 |
85 | ## Netflix-Check
86 | ### Netflix non-self produced drama test script for regions. Support test with IPv6 and Cloudflare WARP Sock5 proxy
87 |
88 | #### via wget to install script
89 |
90 | ```bash
91 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
92 | ```
93 |
94 |
95 | #### via curl to install script
96 |
97 | ```bash
98 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
99 | ```
100 |
101 |
102 |
103 | ## FAQ
104 |
105 | 1. Netflix non-self produced drama test script can't test through v2ray routing rule. The VPS is already unlocked but the result of the test could not show the right unlocked answer. You can use the test script on the V2ray client computer which connected the unlocked netflix V2ray server to get the right unlocked result. The Netflix non-self produced drama test shell script can be running on Mac and linux. On Windows you can use Ubuntu (windows linux sub-system) to run the test script.
106 |
107 |
108 |
109 |
--------------------------------------------------------------------------------
/README2.md:
--------------------------------------------------------------------------------
1 | # Easy install v2ray (xray) and trojan (trojan-go) script (ultimate script for all condition)
2 |
3 | ### [中文文档](/README2_CN.md)
4 |
5 | [](https://hits.seeyoufarm.com)
6 |
7 | ## Sponsors
8 | Thanks for support this project. Check on [patreon](https://www.patreon.com/linuxkernel)
9 |
10 | ## Table of Contents
11 |
12 | * [Install Trojan/Trojan-go and V2ray/Xray shell script](#installation)
13 | * [Easy get SSL certificate for domains](#acme)
14 | * [Linux Kernel switcher, including all LTS kernel and latest kernel, enable BBR or BBR Plus to speed up network](/KERNEL.md)
15 | * [Install wireguard and Cloudflare WARP, unlock Netflix restriction and avoid Google reCAPTCHA](/KERNEL.md)
16 | * [Netflix available region testing shell script, support for testing through IPv6 and WARP Sock5 proxy](#netflix-check)
17 | * [PVE Proxmox VE and Synology DiskStation Manager NAS Toolkit](/dsm/readme.md)
18 | * [Install FRP shell script (expose local server behind a NAT or firewall to the Internet tool)](/dsm/readme.md)
19 | * [How to enable DOH for DNS](/DNS.md)
20 | * [Install DNS server AdGuard Home and Mosdns to divert domestic and foreign dns traffic](/DNS.md)
21 |
22 |
23 |
24 | ## Features
25 |
26 | 1. Install and upgrade trojan/trojan-go/v2ray/xray and fully remove.
27 | 2. Support to running trojan-go and v2ray at the same server.
28 | 3. Support various mode, using trojan or v2ray or nginx to serve 443 port
29 | 4. Support multi https domains with Nginx SNI on one VPS server.
30 | 5. Support install trojan or v2ray only in order to work with exist website on one VPS.
31 | 6. Customize trojan or v2ray working port, password and Websocket path.
32 | 7. Support v2ray or xray vless protocol. Support Xray XTLS.
33 | 8. Script create 10 password as default, can set prefix for these passwords.
34 | 9. Install trojan and v2ray UI panel to easily manage users.
35 | 10. Easily set v2ray route rules with wireguard IPv6 and Cloudflare WARP to unlock Netflix restriction and Google reCAPTCHA.
36 | 11. Using bootstarp official template for default website content serve by nginx
37 | 12. All working port are random generated to ensure high security.
38 |
39 |
40 |
41 | ## Installation
42 |
43 | #### via bash
44 | ```bash
45 | bash <(curl -Lso- https://git.io/oneclick)
46 | ```
47 |
48 |
49 | #### via curl to install script
50 |
51 | ```bash
52 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
53 | ```
54 |
55 | #### via wget to install script
56 |
57 | ```bash
58 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
59 | ```
60 |
61 |
62 |
63 | 
64 |
65 | 
66 |
67 | 
68 |
69 |
70 |
71 |
72 | ## Netflix-Check
73 | ### Netflix non-self-produced drama and region testing shell script
74 |
75 | #### via wget to install script
76 |
77 | ```bash
78 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
79 | ```
80 |
81 |
82 | ## acme
83 | ### Get SSL certificate for domain
84 |
85 | 1. Run script then choose 26 to request SSL certificate for any domains. It's better to disable CDN of your domain duiring the SSL certificate application process. Make sure the domain is resolved to the real VPS ip.
86 | 2. Duiring the SSL certificate application process, if you can't disable CDN or the VPS only have IPv6, you can skip the IP check process to continue your following SSL certificate request.
87 | 3. The script is using acme.sh to get SSL certificate. There are 4 providers: Let's Encrypt, BuyPass.com, ZeroSSL.com, Google. When you request too many times in one day and reach the limit of Let's Encrypt, you can switch other providers such as BuyPass.com.
88 | 4. Normally SSL certificate need renew in three month,The script will autorenew the certificate with Cronjob by acme.sh .
89 |
90 | 
91 |
92 |
93 | ##### [The Rate Limits rule of Let's Encrypt](https://letsencrypt.org/docs/rate-limits/)
94 |
95 | 1. The main limit is Certificates per Registered Domain (50 per week)
96 | 2. You can create a maximum of 300 New Orders per account per 3 hours
97 | 3. You can create a maximum of 10 Accounts per IP Address per 3 hours. You can create a maximum of 500 Accounts per IP Range within an IPv6 /48 per 3 hours
98 | 4. You can combine multiple hostnames into a single certificate, up to a limit of 100 Names per Certificate
99 | 5. You can have a maximum of 300 Pending Authorizations on your account
100 |
101 |
102 |
103 | ## How to use
104 |
105 |
106 | ### Preparatory work for setting up a new VPS
107 |
108 | 1. There are several work to do to secure your VPS when you set up a new VPS. It's optional but recommended.
109 | 2. Configuring an SSH login without password. Run script then choose 26. Input your public key and save the authorized_keys file
110 | 3. Change the SSH Default Port. Run script then choose 33. Customize your SSH login port. The default SSH port is 22, Modify the port number you want.
111 | 5. Enable root accout login. Some VPS can't login with root as default. Run script then choose 32 to enable root accout login.
112 | 6. Run script then choose 31 to install sofrware including Oh-my-zsh, zsh-autosuggestions, Micro editors. After finish installation, exit VPS and relogin SSH to use ZSH.
113 |
114 | ### Install latest or LTS Linux kernel and enable BBR or BBR plus
115 | 1. To install latest or LTS Linux kernel. Run script then choose 1. And enter the sub menu to install Linux kernel and enable BBR+Cake. Check out more details for [LTS Linux kernel switcher script](/KERNEL.md)
116 |
117 |
118 |
119 | ### Install command line trojan or trojan-go
120 |
121 | 1. Firstly, prefer run this script with root user. Because linux kernel installation need root privileges. And to get SSL with acme.sh also need root privileges. [acme.sh instruction](https://github.com/acmesh-official/acme.sh/wiki/sudo).
122 |
123 | 2. How to install trojan. Run script ```./trojan_v2ray_install.sh ```. Choose 2 to install trojan or trojan-go with websocket support CDN.
124 |
125 |
126 |
127 | ### Install command line xray or v2ray
128 |
129 | 1. Firstly, prefer run this script with root user. Because linux kernel installation need root privileges. And to get SSL with acme.sh also need root privileges. [acme.sh instruction](https://github.com/acmesh-official/acme.sh/wiki/sudo).
130 |
131 | 2. How to install V2ray or Xray. Run script ```./trojan_v2ray_install.sh ```. Choose 11 to install V2ray or Xray with Nginx. Nginx listen 443 port and serve TLS service. During the installation, you can choose websocket or gRPC to support CDN. Choose TCP or HTTP2 or QUIC protocal will not supprot CDN.
132 |
133 | 3. How to install V2ray or Xray using Vless. Run script ```./trojan_v2ray_install.sh ```. Choose 13-16 to install V2ray or Xray. Vless listen 443 port and serve TLS service. Nginx is optional during the installation for fake website service. Also you can choose XTLS instead of TLS to improve network speed.
134 |
135 | 4. Run script ```./trojan_v2ray_install.sh ```. Choose 21 to install both V2ray and trojan on same VPS. Vless listen 443 port and serve TLS service.
136 |
137 | 5. Run script ```./trojan_v2ray_install.sh ```. Choose 22 to install both V2ray and trojan/trojan-go on same VPS. trojan/trojan-go listen 443 port and serve TLS service.
138 |
139 | 6. Run script ```./trojan_v2ray_install.sh ```. Choose 23 to install both V2ray and trojan/trojan-go on same VPS. Nginx SNI listen 443 port. You need at least 2 domain for trojan and v2ray. Nginx SNI distinguishes v2ray or trojan traffic by different domain name.
140 |
141 | ### Install command line xray vision or Reality
142 |
143 | 1. How to install Xray using XTLS Vision. Run script ```./trojan_v2ray_install.sh ```. Choose 17 to install Xray XTLS Vision protocol. Use Vless protocol to provide tls service on port 443. Fallback to nginx on port 80 to provide web camouflage. During installation, please select Xray version 1.7.5 or above, as older versions prior to 1.6 do not support XTLS Vision protocol. This protocol does not support CDN relay. To use XTLS Vision on the client side, please use latest V2rayN and choose Xray version 1.7.5 or higher.
144 |
145 | 2. How to install Xray using Reality protocol. Run script ```./trojan_v2ray_install.sh ```. Choose 18 to install Xray Reality protocol. Domain name is not required for this installation, making the process more convenient. Vless Reality protocol provides forwarding service on port 443, and fallbacks to a specific foreign enterprise website that was filled by you during installation. During the installation, please choose Xray version 1.8.0 or above, as older versions of Xray prior to 1.7 do not support Reality protocol. This protocol does not support CDN relay. To use Xray Reality on the client side, it is necessary to use latest V2rayN 6.xx and choose Xray version 1.8.0 or above.
146 |
147 |
148 |
149 |
150 | ### Advanced Tutorials - Work with existing website or web server
151 |
152 | 1. If you already have a website or other web server, you can choose 12 to install V2ray or Xray only running at non 80 and 443 port with no TLS. You need modify nginx config manually to serve TLS and redirect v2ray traffic by url or path for V2ray websocket.
153 |
154 | 2. If you already have a website or other web server, you can choose 13-17 to install V2ray or Xray. Duiring the installation, you can choose not to install nginx. Vless serve 443 port with TLS. You need modify nginx config manually to serve the website at 80 port. V2ray or Xray will fallback non V2ray traffic to 80 port.
155 |
156 | 3. If you already have a website or other web server, you can choose 4 to install trojan or trojan-go only running at non 443 port with TLS. You need modify nginx config manually to serve the website at 80 port. trojan or trojan-go will fallback non trojan traffic to 80 port. Pay attention that if you choose to install trojan-go, nginx must already serve at 80 port which is trojan-go fallback port. Otherwise trojan-go will stop and not running if 80 port is not served by web HTTP server. [trojan-go document](https://p4gefau1t.github.io/trojan-go/basic/config/)
157 |
158 |
159 |
160 |
161 | ### Install Web UI admin panel for trojan and v2ray
162 |
163 | 1. On a new VPS without v2ray or trojan installed. Run script ```./trojan_v2ray_install.sh ```. Choose 30 to enter sub menu. Then choose 1 to install trojan UI admin panel.
164 |
165 | 2. On a new VPS without v2ray or trojan installed. Run script ```./trojan_v2ray_install.sh ```. Choose 30 to enter sub menu. Then choose 6 or 9 to install V2ray or Xray UI admin panel. After sinish the installation. Run script and choose 26 to request SSL certificate. Then input the certificate file path on the UI admin panel config.
166 |
167 |
168 |
169 | ### Unlock Region restriction for Netflix or Disney+ or other video streaming site
170 | ### Avoid showing Google CAPTCHA Human verification
171 |
172 | 1. Run script ```./trojan_v2ray_install.sh ```. Choose 1 to enter sub menu to install linux kernel. Prefer to install linux kernel 5.10 LTS. [More Details](/KERNEL.md)
173 | 2. Run script ```./trojan_v2ray_install.sh ```. Choose 1 to enter sub menu. Then choose 2 to enable BBR and Cake. This will import VPS network speed.
174 | 3. After reboot, rerun script ```./trojan_v2ray_install.sh ```. Choose 1 to enter sub menu. Then choose 11 or 12 to Wireguard or cloudflare WARP linux client sock5 proxy.
175 | 4. After finish Wireguard installation, rerun script ```./trojan_v2ray_install.sh ```. Choose 11-17 to v2ray or xray。 During the installation, you can follow the instruction to unlock netflix region restriction and avoid showing Google CAPTCHA Human verification.
176 |
177 |
178 |
179 |
180 | ## FAQ
181 |
182 | 1. You can use [freenom](https://www.freenom.com/zh/index.html?lang=zh) for free domain name.
183 |
184 | 2. Please disable your CDN acceleration duiring the installation. Such as cloudflare.com. After finish v2ray or trojan-go installation. you can enable CDN acceleration. trojan not support CDN acceleration.
185 |
186 | 
187 |
188 | 3. Using v2ray or xray gRPC protocal for CDN acceleration, you need do some settings at cloudflare.com. Click the "Network" on the leftside menu. Then enable gRPC on the right page. "Network => gRPC"
189 |
190 | 
191 |
192 | 4. The Cloudflare CDN worker script, Please replace the domain name with your own domain name.
193 | ```
194 | addEventListener(
195 | "fetch", event => {
196 | let url = new URL(event.request.url);
197 | url.hostname = "yourdomain.xxx.xx";
198 | url.protocol = "https";
199 | let request = new Request(url, event.request);
200 | event.respondWith(
201 | fetch(request)
202 | )
203 | }
204 | )
205 | ```
206 |
207 | ## Special Thanks
208 |
209 | 1. https://github.com/sprov065/v2-ui
210 | 2. https://github.com/Jrohy/trojan
211 | 3. https://github.com/v2fly/v2ray-core
212 | 4. https://github.com/XTLS/Xray-core
213 | 5. https://github.com/trojan-gfw/trojan
214 | 6. https://github.com/p4gefau1t/trojan-go
215 | 7. https://github.com/ylx2016/Linux-NetSpeed
216 |
217 |
218 |
219 |
220 | ## Stargazers over time
221 | [](https://starchart.cc/jinwyp/one_click_script)
222 |
223 |
224 |
225 | [better-cloudflare-ip]: https://github.com/badafans/better-cloudflare-ip/releases
226 | [CFIP]: https://github.com/BlueSkyXN/CFIP/releases
227 | [CloudflareScanner]: https://github.com/Spedoske/CloudflareScanner/releases/tag/1.1.2
228 | [CloudflareSpeedTest]: https://github.com/XIU2/CloudflareSpeedTest/releases/tag/v1.4.9
229 |
--------------------------------------------------------------------------------
/README2_CN.md:
--------------------------------------------------------------------------------
1 | # Easy install v2ray (xray) and trojan (trojan-go) script (ultimate script for all protocol)
2 |
3 |
4 | ## 目录 Table of Contents
5 |
6 | * [Trojan 或 Trojan-go 和 V2ray 或 xray 一键安装脚本](#installation-安装方法)
7 | * [单独给网站申请SSL证书](#acme)
8 | * [Linux LTS 内核更换脚本, BBR 和 BBR Plus 内核更换 一键安装脚本](/KERNEL_CN.md)
9 | * [安装 wireguard 和 Cloudflare WARP, 解锁 Netflix 区域限制 和 避免弹出Google人机验证](/KERNEL_CN.md)
10 | * [Netflix 非自制剧检测脚本 支持IPv6和 WARP Sock5 代理检测](#netflix-check)
11 | * [PVE Proxmox VE虚拟机 群晖NAS 安装工具脚本](/dsm/readme.md)
12 | * [FRP 内网穿透工具 一键安装脚本](/dsm/readme.md)
13 | * [锐角云 自动安装PVE 工具脚本](/acuteangle/readme.md)
14 | * [如何使用GO语言开发的软件](/HOWTOUSEGO.md)
15 | * [如何开启DOH 解决DNS污染](/DNS.md)
16 | * [安装 AdGuard Home DNS 服务器 并使用 Mosdns 分流国内与国外域名DNS解析请求](/DNS.md)
17 |
18 |
19 | ## 功能说明 Features
20 |
21 | 1. 支持 trojan,trojan-go 和 v2ray, xray 的安装 升级 卸载. 卸载后不留任何痕迹, 方便重复安装.
22 | 2. 支持 trojan 或 trojan-go 与 v2ray 共存, nginx全面支持TLS1.3 保证安全性,
23 | 3. 支持 trojan 或 v2ray 或 nginx 前置服务于443 端口, 包括目前所有的组合模式.
24 | 4. 支持 Nginx SNI 分流, 多个Https网站和trojan或v2ray 共存使用.
25 | 5. 可以仅安装 trojan 或 v2ray, 不安装nginx. 方便与宝塔面板或现有网站共存.
26 | 6. 支持 v2ray 和 xray 自定义端口, 自定义密码和WS的Path, 支持监听额外端口 方便中转机中转.
27 | 7. 支持 v2ray 和 xray 新的vless协议, 支持Xray的XTLS加密, 支持vless作为前端 监听443端口.
28 | 8. 默认会创建10个以上用户账号, 还能创建指定前缀的密码, 方便用户使用.
29 | 9. trojan 和 v2ray 可视化管理面板安装.
30 | 10. 一键安装 wireguard 和 Cloudflare WARP, 解决避免弹出Google人机验证和 Netflix Youtube 等流媒体网站限制问题, 同时支持v2ray相应的路由分流配置.
31 | 11. 本脚本没有偷跑服务器流量的网页或其他屏蔽bt流量的等限制. 默认网站的网页仅为bootstarp最简单的模板
32 | 12. 本脚本所使用端口除443和80外都是随机生成, 保证安全性, 而其他脚本写死固定端口容易被检测
33 |
34 |
35 |
36 | ## Installation 安装方法
37 |
38 | #### Usage 脚本使用方法
39 | ```bash
40 | bash <(curl -Lso- https://git.io/oneclick)
41 | ```
42 |
43 |
44 | #### 通过 curl 命令安装 via curl to install script
45 |
46 | ```bash
47 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
48 | ```
49 |
50 | #### 通过 wget 命令安装 via wget to install script
51 |
52 | ```bash
53 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
54 | ```
55 |
56 |
57 |
58 | 
59 |
60 | 
61 |
62 | 
63 |
64 | 
65 |
66 |
67 |
68 | ## Netflix-Check
69 | ### Netflix 非自制剧解锁 检测脚本 支持IPv6 和 Cloudflare WARP Sock5 代理检测
70 |
71 | #### 通过 wget 命令安装 via wget to install script
72 |
73 | ```bash
74 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
75 | ```
76 |
77 |
78 | ## acme
79 | ### 单独给网站申请SSL证书
80 |
81 | 1. 本脚本可以用来单独给网站申请免费的SSL证书, 选择26 即可. 申请SSL证书过程中请关闭域名的CDN功能, 保证域名已经成功解析到VPS真实IP.
82 | 2. 申请SSL证书过程中如果不方便关闭CDN, 或者纯IPv6主机 可以选择不检测IP解析是否正确, 从而跳过检测IP继续申请证书.
83 | 3. 本脚本使用的 acme.sh 来申请的免费证书. 可以选择 Let's Encrypt, BuyPass.com, ZeroSSL.com, Google 提供商. Let's Encrypt 申请证书有一些限制, 如果频繁申请证书出现无法申请的情况请选择其他证书提供商如 BuyPass.com
84 | 4. 三个月之后需要续期,本脚本通过cron任务自动完成续期,无需用户操作.
85 |
86 |
87 | 
88 |
89 | ##### Let's Encrypt 申请证书有一些限制, 具体限制如下:
90 |
91 | 1. 同一个主域名一周之内只能申请50个证书
92 | 2. 每个账号下每个域名每小时申请验证失败的次数为5次
93 | 3. 每周只能创建5个重复的证书,即使是通过不同的账号进行创建
94 | 4. 每个账号同一个IP地址每3小时最多可以创建10个证书
95 | 5. 每个多域名(SAN) SSL证书(不是通配符域名证书)最多只能包含100个子域
96 | 6. 更新证书没有次数的限制,但是更新证书会受到上述重复证书的限制
97 | 7. 如果提示证书申请失败,可以尝试更换域名再试(添加或换不同的二级域名,也算是新域名)
98 | 8. 同一IP地址,在短时间内过于频繁的申请证书,也会被限制,此时更换域名也无法申请成功,只能等待一段时间,或者在安装过程中选择使用 BuyPass.com 来申请.
99 |
100 |
101 |
102 |
103 | ## 使用说明 How to use
104 |
105 |
106 | ### 准备工作
107 |
108 | 1. 一台新的VPS开通后,建议做以下事情(非必须)
109 | 2. 运行脚本后 选择45 填入你自己的公钥, 这样就可以不需要每次输入SSH密码登录VPS, 提高安全性. 还可以继续手动修改配置文件 /etc/ssh/sshd_config 关闭SSH使用密码登录,使其只能使用密钥登录VPS
110 | 3. 运行脚本后 选择43 修改SSH端口号, 一般默认SSH端口号是22, 强烈建议改成其他的端口号, 提高安全性. 默认22端口极易被扫描和攻击.
111 | 4. 运行脚本后 选择44 修改时区为北京时间, 因为V2ray的Vmess的协议需要对服务器和客户端时间一致, 建议把VPS服务器改成北京时间.
112 | 5. 有一些VPS例如Google Cloud 默认没有开启root账号登录, 运行脚本后 选择42 可以开启root账号登录. 建议使用root用户运行该脚本.
113 | 6. 运行脚本后 选择41 安装 Oh-my-zsh 和Micro 编辑器 等软件, 这些软件会简化你的后续操作, 并带有提示. 安装完成后请退出VPS, 命令为```exit```. 重新登录VPS后继续后续操作.
114 |
115 | ### 安装新版Linux 内核 和 BBR 内核
116 | 1. 运行脚本后 选择1 安装 Linux 内核和开启BBR+Cake, 具体请参考[Linux 内核一键安装脚本](/KERNEL_CN.md)
117 |
118 |
119 |
120 | ### 安装 trojan or trojan-go
121 |
122 | 1. 安装 trojan-go 重新运行脚本 命令为 ```./trojan_v2ray_install.sh ``` 选2 安装trojan-go 如果开启 Websocket 来支持CDN, 需要注意 很多原版trojan客户端不支持websocket, 使用原版trojan客户端只能连接 trojan-go的原版tcp协议, 无法支持websocket 使用CDN. 需要使用支持 trojan-go的客户端才可以支持websocket 支持CDN.
123 |
124 |
125 | ### 安装 v2ray 或 xray
126 |
127 | 1. 重新运行脚本 选择11 安装 v2ray或xray 和 nginx. Nginx前置提供443端口的tls服务, 推荐使用本模式 安全性最高. 然后安装v2ray协议时可以选择websocket或gRPC 等协议 通过设置 path来区分v2ray流量, 并且支持CDN. 如果选择TCP或HTTP2或QUIC 协议则无法使用CDN中转流量. Cloudflare 虽然支持HTTP2或QUIC协议, 但却无法使用其CDN中转, [具体信息可以看](https://github.com/v2ray/v2ray-core/issues/1769). QUIC(HTTP3)协议由于使用了UDP, 在某些运营商会被禁止或被限制端口或QoS降速, 所以使用QUIC可能无法达到提速的预期目的. 选择KCP协议降低延迟,如果打游戏可以尝试该协议.
128 |
129 |
130 | 2. 重新运行脚本 选择13-16 安装 v2ray或xray 使用Vless协议提供443端口的tls服务, 同时 fallback 到80端口的nginx提供web伪装网站服务. 安装过程中如果选XTLS代替TLS加密 将会明显提高速度. 安装完毕后会提供多种协议可以同时使用. 使用WS-TLS 或 gRPC+TLS协议可以使用CDN中转加速. 使用TCP-XTLS则为直连速度最快协议(选择15或16安装). 安装V2ray或Xray, 都可以自定义端口, 密码和websocket 的path 路径, 默认为随机密码和随机路径. 同时还可以增加一个额外的监听端口与主端口同时使用, 方便用于不支持443端口的中转机中转给目标主机.
131 |
132 | 3. 同时安装 trojan-go 和 v2ray 选择21 使用Vless提供443端口的tls服务, 而trojan或trojan-go运行在非443的其他端口上.
133 |
134 | 4. 同时安装 trojan-go 和 v2ray 选择22 使用trojan-go 提供443端口的tls服务, trojan把非trojan流量转发到nginx, nginx在通过path路径转发流量到v2ray.
135 |
136 | 5. 同时安装 trojan-go 和 v2ray 选择23 通过nginx SNI 提供443端口服务, 最少需要提供2个域名分别给trojan, v2ray单独使用, 并且可以与现有网站共存(需要再提供第3个域名给网站使用), 通过不同域名区分不同的HTTPS加密流量.
137 |
138 |
139 | 6. 建议: 如果VPS线路速度可以保证,不需要CDN,建议17 安装xray + XTLS 速度最快, 或选2 安装 trojan-go. 如果需要CDN 可以选11 安装V2ray和Nginx. 不建议使用本脚本或其他脚本同时安装多个协议, 协议安装的越多安全性越低, 而且也不会提高速度, 适合自己的协议装一种最好.
140 |
141 | 7. 以上安装都可以选择是否申请证书, 如果已有证书可以不在安装过程中申请, 或多次安装本脚本也可以不需要再次申请。证书位置在 /root/website/cert/fullchain.cer 和 /root/website/cert/private.key, 可以手动放置.
142 |
143 | 8. 安装的Nginx的伪装网站路径为 /nginxweb/html, 可自行替换网页内容. Nginx 配置路径为 /etc/nginx/conf.d. 同时安装过程中可以选择不使用静态网页 而是直接反代某个网站 例如反代 baidu.com
144 |
145 | ### 安装 xray 的 vision 和 Reality 协议
146 |
147 | 1. 重新运行脚本 选择17 安装 xray 的 XTLS Vision协议. 使用Vless协议提供443端口的tls服务, 同时 fallback 到80端口的nginx提供web伪装网站服务. 安装过程中请选择 xray 1.7.5版本以上, 1.6以前的老版本不支持 XTLS Vision协议. 该协议不支持CDN中转. 客户端使用时也需要匹配最新版本的xray 1.7.5或以上版本内核 才能支持XTLS Vision.
148 |
149 | 2. 重新运行脚本 选择18 安装 xray 的 Reality 协议. 该项安装时可以不需要域名, 这样就方便了很多. Vless Reality 协议提供443端口的转发服务. 同时 fallback 到安装时填写的某国外大企业网站. 安装过程中请选择 xray 1.8.0版本以上, 1.7以前的老版本不支持 Reality协议. 该协议不支持CDN中转. 客户端使用时也需要匹配最新版本的xray 1.8.0或以上版本内核 才能支持Reality.
150 |
151 | ### 高级用法 Advanced Usage 与现有网站或宝塔面板共存
152 |
153 | 1. 如果机器上已经有nginx或已有其他Web网站服务, 或是与宝塔面板共同使用, 可以运行脚本后 选择12 只安装V2ray或Xray, 运行在非80和443端口(端口可自定义), 注意: 选择12 安装V2ray或Xray 此时没有加密, 需要在宝塔面板或nginx自行修改配置, 让nginx服务于443 https端口, 根据指定的url路径path 转发到V2ray 端口, 起到tls加密作用.
154 |
155 | 2. 运行脚本 选择13-17 安装V2ray或Xray, 过程中可以选择不安装nginx, 这样让V2ray或Xray的 Vless协议服务于443 https端口(端口可自定义), 可与现有的nginx或网站共存, nginx需要修改配置只监听80端口即可。Https的TLS加密由V2ray或Xray的 Vless协议提供.
156 |
157 | 3. 如果机器上已经有nginx或已有其他Web网站服务, 或是与宝塔面板共同使用, 可以运行脚本后 选择3 只安装trojan-go, 这样让trojan或trojan-go服务于443 https端口, 与现有的nginx或网站共存, nginx需要修改配置只监听80端口即可。Https的TLS加密由 trojan-go提供服务.
158 |
159 | 4. 注意 运行脚本后选择3 并选择安装trojan-go. 必须保证本机80端口有监听, 否则trojan-go无法启动. 这是trojan-go的一个fallback功能, 非trojan协议的流量会转发到remote_addr和remote_port指定这个HTTP服务器的地址. Trojan-Go将会测试这个HTTP服务器是否工作正常,如果不正常,Trojan-Go会拒绝启动. [参考trojan-go官方文档](https://p4gefau1t.github.io/trojan-go/basic/config/)
160 |
161 |
162 |
163 |
164 |
165 | ### 安装管理面板 Install Web UI Panel for Trojan and V2ray
166 |
167 | 1. 在没有安装任何 trojan 和 v2ray 的新机器上(如使用本脚本安装过可执行卸载操作), 选择30 进入子菜单安装 trojan 或 v2ray 可视化管理面板。(如果之前通过其他脚本安装过,再安装可视化管理面板则极易产生问题, 请先卸载其他脚本程序在安装)
168 |
169 | 2. 选择30后 然后再选择1 安装trojan-web可视化管理面板 和 nginx. 根据提示输入域名后, 继续根据提示再选择1.Let's Encrypt 证书, 申请证书成功后. 继续根据提示再选择1.安装docker版mysql(mariadb). ariadb启动成功后,继续根据提示输入第一个trojan用户的账号密码,回车后出现"欢迎使用trojan管理程序" 需要不输入数字直接按回车,这样继续安装nginx直到完成. nginx安装成功会显示可视化管理面板网址,请保存下来. 如果没有显示管理面板网址则表明安装失败.
170 |
171 | 3. 选择30后 然后再选择6或9 安装v2ray-ui可视化管理面板. 安装成功后可以再次运行本脚本, 选择26申请域名SSL证书. 然后再可视化管理面板新建添加vless账号或trojan账号, 填入证书文件路径 即可同时支持trojan和v2ray.
172 |
173 |
174 | ### Netflix Unlock 解锁Netflix 等其他流媒体网站的区域限制 和 避免弹出Google人机验证
175 |
176 | 1. 运行脚本后选择1 进入Linux 内核安装菜单, 根据提示安装 linux 内核 5.10或5.16, 具体请参考[Linux 内核一键安装脚本](/KERNEL_CN.md).
177 | 2. 更换内核重启后, 选择1 进入linux 内核安装菜单, 选择2 使用BBR加速 和 Cake算法 优化VPS参数后 重启
178 | 3. 重启后, 选择1, 再选择11或12 安装 Wireguard 和 Cloudflare WARP. 具体请参考[Linux 内核一键安装脚本](/KERNEL_CN.md)
179 | 4. 确认 Wireguard 和 Cloudflare WARP 启动成功后, 运行脚本后 安装v2ray或xray, 安装过程中根据提示 选择 Netflix 和 Google 人机验证 解锁即可, 也可以选择解锁更多的视频网站.
180 | 5. 本脚本集合了所有解锁 Netflix 网站的方法, 目前有 1 使用DNS解锁, 2 使用IPv6解锁, 3 使用WARP sock5 代理解锁, 4 使用转发到可解锁的V2ray或Xray服务器解锁.
181 | 6. 目前网上搭建解锁反代服务器是使用 sniproxy + dns的方式, 本脚本稍后推出 nginx stream + dns, nginx + xray, nginx + v2ray, nginx + sock5, 非常灵活的各种方式搭建解锁反代服务器, 以便达到一台VPS可以同时做网站+提供解锁+v2ray+trojan的目的
182 | 7. Netflix 检测解锁脚本无法测试 使用V2ray路由规则的解锁. 就是说使用本脚本安装过v2ray已经解锁了Netflix, 但用检测解锁脚本检测的结果还是会显示没有解锁, 就是无法测出已解锁Netflix. 可以把检测脚本运行在 V2ray客户端机器上, 则能检测成功解锁. Netflix 检测解锁脚本只能运行在Mac或linux 平台. Windows平台可以使用linux ubuntu 子系统来运行 Netflix 检测解锁脚本.
183 |
184 |
185 |
186 |
187 | ## 注意事项与常见问题 FAQ
188 |
189 | 1. 建议使用root用户运行该脚本. 因为安装bbr 内核 需要root权限, 默认认为使用root执行本脚本, 非root用户请手动添加sudo执行 ```sudo ./trojan_v2ray_install.sh ``` 脚本. 注意 证书申请也需要用root用户而不建议用sudo运行 [acme.sh文档说明](https://github.com/acmesh-official/acme.sh/wiki/sudo).
190 |
191 | 2. 自2022年 1月 1日起,V2ray 服务器端将默认禁用对于 MD5 认证信息 的兼容。任何使用 MD5 认证信息的客户端将无法连接到禁用 VMess MD5 认证信息的服务器端, [V2ray官方文档说明](https://www.v2fly.org/config/protocols/vmess.html#inboundconfigurationobject). 解决方法为客户端升级到最新版, 客户端配置文件AID=0(alterId 为 0). [其他解决方法1](https://www.blueskyxn.com/202201/5696.html). [其他解决方法2](https://dasmz.com/?p=1051).
192 |
193 |
194 | 3. 免费域名可以使用 [freenom](https://www.freenom.com/zh/index.html?lang=zh). 注册freenom时需要使用美国IP,否则无法通过注册邮件验证. 请自行搜索教程.
195 |
196 | 4. 使用脚本安装时请先关闭CDN, cloudflare.com 中DNS设置页面, 二级域名设置为DNS only 为关闭CDN(即关闭黄色云朵). 安装v2ray或trojan-go完毕后 可以开启CDN 设置为Proxied 即可. trojan目前不支持CDN, trojan-go 支持CDN,可以在安装过程中选择支持CDN.
197 |
198 | 
199 |
200 | 5. 如果使用v2ray 或 xray的 gRPC 通过cloudflare 转发, 需要在cloudflare 域名 "设置"中 => "网络" 菜单里面 允许gRPC,cloudflare Network => gRPC
201 |
202 | 
203 |
204 | 6. 以下是Cloudflare CDN 的worker 加速脚本, 请把域名替换成自己的vps的域名. 然后在Cloudflare新建worker 添加即可. 可以通过下面3个工具任选其一, [CFIP][better-cloudflare-ip], [CloudflareScanner], [CloudflareSpeedTest], 在你自己的客户端机器上运行, 找出距离你最快的 cloudflare 的CDN IP, 在v2ray或trojan-go支持CDN的配置中填入该IP即可.
205 | ```
206 | addEventListener(
207 | "fetch", event => {
208 | let url = new URL(event.request.url);
209 | url.hostname = "yourdomain.xxx.xx";
210 | url.protocol = "https";
211 | let request = new Request(url, event.request);
212 | event.respondWith(
213 | fetch(request)
214 | )
215 | }
216 | )
217 | ```
218 |
219 |
220 | ## 特别感谢 Special Thanks
221 |
222 | 1. 脚本感谢 https://github.com/sprov065/v2-ui
223 | 2. 脚本感谢 https://github.com/Jrohy/trojan
224 | 3. 脚本感谢 https://github.com/v2fly/v2ray-core
225 | 4. 脚本感谢 https://github.com/XTLS/Xray-core
226 | 5. 脚本感谢 https://github.com/trojan-gfw/trojan
227 | 6. 脚本感谢 https://github.com/p4gefau1t/trojan-go
228 | 7. 脚本感谢 https://github.com/ylx2016/Linux-NetSpeed
229 |
230 |
231 |
232 | ## Stargazers over time
233 | [](https://starchart.cc/jinwyp/one_click_script)
234 |
235 |
236 |
237 | [better-cloudflare-ip]: https://github.com/badafans/better-cloudflare-ip/releases
238 | [CFIP]: https://github.com/BlueSkyXN/CFIP/releases
239 | [CloudflareScanner]: https://github.com/Spedoske/CloudflareScanner/releases/tag/1.1.2
240 | [CloudflareSpeedTest]: https://github.com/XIU2/CloudflareSpeedTest/releases/tag/v1.4.9
241 |
242 |
243 |
--------------------------------------------------------------------------------
/READMEOLD.md:
--------------------------------------------------------------------------------
1 | # Easy install v2ray (xray) and trojan (trojan-go) script (ultimate script for all condition)
2 |
3 |
4 | ## 目录 Table of Contents
5 |
6 | * [Trojan 和 V2ray xray 一键安装脚本](#installation-安装方法)
7 | * [安装 最新版和LTS Linux 内核, BBR 和 BBR Plus 内核](#installation-linux-kernel-wireguard)
8 | * [安装 wireguard 和 Cloudflare WARP, 解锁 Netflix 区域限制 和 避免弹出Google人机验证](#installation-linux-kernel-wireguard)
9 | * [Netflix 非自制剧检测脚本 支持IPv6和 WARP Sock5 代理检测](#netflix-check)
10 | * [PVE Proxmox VE虚拟机 群晖NAS 安装工具脚本](/dsm/readme.md)
11 | * [FRP 内网穿透工具 一键安装脚本](/dsm/readme.md)
12 | * [锐角云 自动安装PVE 工具脚本](/acuteangle/readme.md)
13 |
14 |
15 | ## 功能说明 Features
16 |
17 | 1. 支持 trojan,trojan-go 和 v2ray, xray 的安装 升级 卸载. 卸载后不留任何痕迹, 方便重复安装.
18 | 2. 支持 trojan 或 trojan-go 与 v2ray 共存, nginx全面支持TLS1.3 保证安全性, 支持SNI分流
19 | 3. 可以仅安装 trojan 或 v2ray, 可以不安装nginx. 方便与宝塔面板或现有网站共存.
20 | 4. 支持 v2ray 和 xray 自定义端口, 密码和WS的Path, 支持监听额外端口 方便中转机中转.
21 | 5. 支持 v2ray 和 xray 新的vless协议, 支持v2ray作为前端 监听443端口 同时转发trojan 和 websocket.
22 | 6. 支持 trojan-go websocket 模式, 可以选择是否支持CDN (websocket)
23 | 7. 默认会创建10个以上用户账号, 还能创建指定前缀的密码, 方便用户使用.
24 | 8. trojan 和 v2ray 可视化管理面板安装.
25 | 9. 一键安装wireguard, 解决避免弹出Google人机验证和 Netflix Youtube 等流媒体网站限制问题, 同时v2ray支持相应的配置
26 | 10. 一键安装wireguard, 解决避免弹出Google人机验证和 Netflix Youtube 等流媒体网站限制问题, 同时v2ray支持相应的配置
27 | 11. 支持 一键安装 v2board 面板的服务器端 V2Ray-Poseidon, Soga, XrayR, Air-Universe
28 | 12. 本脚本没有偷跑服务器流量的网页或其他屏蔽bt流量的等限制. 默认网页仅为bootstarp最简单的模板
29 | 13. 本脚本所使用端口除443和80外都是随机生成, 保证安全性, 而其他脚本写死固定端口容易被检测
30 | 14. 本脚本不推荐安装多种v2ray的多种协议共存, 协议越多安全性越低, 而且也不会提高速度, 强烈不建议使用其他脚本同时安装多个协议
31 |
32 | ## Features English
33 | 1. Install V2Ray or Xray using VLESS or VMess, support all condition: VLESS+TCP+TLS / VLESS+Websocket+TLS(CDN) / VMess+TCP+TLS / VMess+Websocket+TLS(CDN)
34 | 2. Using Trojan or Nginx or v2ray-core / Xray-core as frontend listening port 443
35 | 3. Install trojan or trojan-go and V2Ray or Xray on the same server to support all protocol.
36 | 4. Support Debian9+, Ubuntu 16+ and CentOS 7+ operation systems
37 | 5. install wireguard and wgcf to avoid Google reCAPTCHA and unlock Netflix ip geo-restriction
38 | 6. Easily switch Linux kernel version, 5.11, 5.10 LTS, 5.4 LTS, 4.19 LTS, 4.14 LTS
39 |
40 | ## Installation 安装方法
41 |
42 | #### Usage 脚本使用方法
43 | ```bash
44 | bash <(curl -Lso- https://git.io/oneclick)
45 | ```
46 |
47 |
48 | #### 通过 curl 命令安装 via curl to install script
49 |
50 | ```bash
51 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
52 | ```
53 |
54 | #### 通过 wget 命令安装 via wget to install script
55 |
56 | ```bash
57 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
58 | ```
59 |
60 |
61 |
62 | 
63 |
64 | 
65 |
66 | 
67 |
68 |
69 |
70 | ## Installation Linux kernel Wireguard
71 |
72 | #### Usage 脚本使用方法
73 | ```bash
74 | bash <(curl -Lso- https://git.io/kernel.sh)
75 | ```
76 |
77 | #### 通过 wget 命令安装 Linux 内核 和 Wireguard via wget to install script
78 |
79 | ```bash
80 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh
81 | ```
82 |
83 |
84 | ## Netflix-Check
85 | #### Netflix 非自制剧解锁 检测脚本 全网最准确检测脚本 支持IPv6 和 Cloudflare WARP Sock5 代理检测
86 |
87 | #### 通过 wget 命令安装 via wget to install script
88 |
89 | ```bash
90 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
91 | ```
92 |
93 |
94 | ## 使用说明 Usage
95 |
96 | ### 安装命令行方式 启动 trojan 或 v2ray
97 |
98 | 1. 该步骤可省略. 如果是使用google cloud 谷歌云服务器,默认无法使用root账号登陆, 可以选择32 开启root用户登录. 建议使用root用户运行该脚本. 安装bbr plus 需要root权限, 默认认为使用root执行, 非root用户请手动添加sudo执行 ```sudo ./tcp.sh ```和 ```sudo ./trojan_v2ray_install.sh ``` 脚本. (注意 证书申请也需要用root用户而不建议用sudo [acme.sh文档说明](https://github.com/acmesh-official/acme.sh/wiki/sudo) ).
99 | 2. 安装 BBR plus (或 BBR) 网络加速. 运行脚本 ```./trojan_v2ray_install.sh ``` 选择1 然后 再选择36 安装5.10内核 或 选择61或其他 安装原版 BBRplus 4.14,129 版内核 , 注意安装过程中会弹出大框的英文提示(下面有示例图)"安装linux内核有风险是否终止", 要选择" NO" 不终止. 安装完毕会重启VPS
100 | 3. 使用 BBR 或 BBRplus版 网络加速. 重新登录VPS后, 重新运行脚本 ```./trojan_v2ray_install.sh ``` 选择1 然后 选择2 使用BBR 或选择2 使用BBRplus 加速.
101 | 4. 该步骤可省略. 选择31, 安装 oh-my-zsh. 这样以后登录有命令提示, 方便新手操作. 安装完成后请退出VPS, 命令为```exit```. 重新登录VPS后继续下面操作.
102 | 5. 安装 trojan 或 v2ray. 根据提示 重新运行脚本 ```./trojan_v2ray_install.sh ``` 选2 安装trojan, 或选5 安装trojan-go, 或选11或14 安装v2ray, 或选21 同时安装trojan和v2ray, 或选24 同时安装trojan-go和v2ray. 强烈建议:如果VPS线路速度可以保证,不需要CDN,强烈建议选11或14 只安装xray 或只安装5 trojan-go (trojan-go速度已经很快了). 需要CDN可以选11只安装V2ray. 协议安装的越多安全性越低,而且也不会提高速度,适合自己的软件装一种最好. 完全没有必要使用多合一的脚本同时安装多个协议
103 |
104 | 6. 第一步安装 BBR plus 时出现的提示 "是否终止删除内核" 请选择 "NO". 就是要卸载掉目前的内核.
105 | 
106 | 
107 | 
108 |
109 |
110 | ### 安装管理面板 Install web admin panel
111 |
112 | 1. 在没有安装任何 trojan 和 v2ray 的新机器上(即没有执行过第5步, 执行过可以选择卸载), 选择29 进入子菜单安装 trojan 或 v2ray 可视化管理面板。(如果之前通过其他脚本安装过,再安装可视化管理面板则极易产生问题)
113 | 2. 选择29后 然后再选择1 安装trojan-web可视化管理面板(建议使用centos7系统).根据提示输入域名后, 继续根据提示再选择1.Let's Encrypt 证书, 申请证书成功后. 继续根据提示再选择1.安装docker版mysql(mariadb). ariadb启动成功后,继续根据提示输入第一个trojan用户的账号密码,回车后出现"欢迎使用trojan管理程序" 需要不输入数字直接按回车,这样继续安装nginx直到完成. nginx安装成功会显示可视化管理面板网址,请保存下来. 如果没有显示管理面板网址则表明安装失败.
114 | 3. 选择29后 然后再选择6 安装v2ray-ui可视化管理面板. 安装成功后可以再次运行本脚本选择29后在选择11申请域名SSL证书. 然后再可视化管理面板新建添加vless账号或trojan账号, 填入证书文件路径 即可同时支持trojan和v2ray.
115 |
116 | ### 高级用法 Advanced Usage 与现有网站共存
117 |
118 | 1. 如果机器上已经有nginx或已有网站服务, 或是与宝塔面板共同使用, 可以运行脚本后选择30, 然后单独安装不带有nginx的版本。 选择30后再选15, 则V2ray运行在非80和443端口(端口可自定义), 同时没有加密, 然后在宝塔面板或nginx自行修改配置, 让nginx服务于443 https端口, 根据指定的url路径转发到V2ray 端口, 起到加密作用。
119 | 2. 选择30后 再选择12-14 安装trojan或trojan-go, 这样让trojan或trojan-go服务于443 https端口, 与现有的nginx或网站共存, nginx需要修改配置只监听80端口即可。https ssl加密由trojan或trojan-go提供。
120 | 3. 选择30后, 再选择13或14后仅安装trojan-go. 必须保证本机80端口有监听, 否则trojan-go无法启动. 这是trojan-go的一个fallback功能, 非trojan协议的流量会转发到remote_addr和remote_port指定这个HTTP服务器的地址. Trojan-Go将会测试这个HTTP服务器是否工作正常,如果不正常,Trojan-Go会拒绝启动. [参考trojan-go官方文档](https://p4gefau1t.github.io/trojan-go/basic/config/)
121 | 4. 选择30后 再选择16-24 安装V2ray或Xray, 这样让V2ray或Xray 的 Vless协议服务于443 https端口(端口可自定义), 与现有的nginx或网站共存, nginx需要修改配置只监听80端口即可。https ssl加密由V2ray或Xray 的 Vless协议提供。 推荐选择20的 Xray的Xtls-direct 模式速度最快
122 | 5. 选择30后 再选择15-24 安装V2ray或Xray,都可以自定义端口, 密码和websocket 的path 路径, 默认为随机密码和随机路径. 同时还可以增加一个额外的监听端口与主端口同时使用, 方便不支持443端口的中转机中转给目标主机.
123 | 6. 以上安装都可以选择是否申请证书, 如果已有证书可以不在安装过程中申请, 或多次安装本脚本也可以不需要再次申请。证书位置在 /root/website/cert/fullchain.cer 和 /root/website/cert/private.key, 可以手动放置
124 |
125 |
126 | ### Netflix Unlock 解锁Netflix 等其他流媒体网站的区域限制 和 避免弹出Google人机验证
127 |
128 | 1. 运行脚本后选择1 进入linux 内核安装菜单, 根据提示安装 linux 内核 5.10或5.14 都可以.
129 | 2. 更换内核重启后, 选择1 进入linux 内核安装菜单, 选择2 使用BBR加速 和 Cake算法 优化VPS参数后 重启
130 | 3. 重启后, 选择1, 再选择6 安装 Wireguard 和 cloudflare WARP.
131 | 4. 确认Wireguard启动成功后, 运行脚本后选择14 或 11 或其他选项 安装v2ray或xray, 安装过程中根据提示 选择netflix 和 google 人机验证 解锁即可, 也可以选择解锁更多的视频网站.
132 | 5. 本脚本集合了所有解锁 Netflix 网站的方法, 目前有 1 使用DNS解锁, 2 使用IPv6解锁, 3 使用WARP sock5 代理解锁, 4 使用转发到可解锁的V2ray或Xray服务器解锁
133 | 6. 目前网上搭建解锁反代服务器是使用 sniproxy + dns的方式, 本脚本稍后推出 nginx stream + dns, nginx + xray, nginx + v2ray, nginx + sock5, 非常灵活的各种方式搭建解锁反代服务器, 以便达到一台VPS可以同时做网站+提供解锁+v2ray+trojan的目的
134 |
135 |
136 |
137 | ## 注意事项与常见问题 FAQ
138 |
139 | 1. 免费域名可以使用 [freenom](https://www.freenom.com/zh/index.html?lang=zh). 注册freenom时需要使用美国IP,否则无法通过注册邮件验证. 请自行搜索教程.
140 | 2. 使用脚本安装时请先关闭CDN, cloudflare.com 中DNS设置页面, 二级域名设置为DNS only 为关闭CDN. 安装v2ray或trojan-go完毕后 可以开启CDN 设置为Proxied 即可. trojan目前不支持CDN, trojan-go 默认安装设置为不支持CDN,可以在安装过程中选择支持CDN.
141 |
142 | 
143 |
144 | 3. 如果使用v2ray 或 xray的 gRPC 通过cloudflare 转发, 需要在cloudflare 域名 "设置"中 => "网络" 菜单里面 允许gRPC,cloudflare Network => gRPC
145 |
146 | 
147 |
148 | 4. 以下是Cloudflare CDN 的worker 加速脚本, 请把域名替换成自己的vps的域名. 然后在Cloudflare新建worker 添加即可. 可以通过下面3个工具任选其一, [CFIP][better-cloudflare-ip], [CloudflareScanner], [CloudflareSpeedTest], 在你自己的客户端机器上运行, 找出距离你最快的 cloudflare 的CDN IP, 在v2ray或trojan-go支持CDN的配置中填入该IP即可.
149 | ```
150 | addEventListener(
151 | "fetch", event => {
152 | let url = new URL(event.request.url);
153 | url.hostname = "yourdomain.xxx.xx";
154 | url.protocol = "https";
155 | let request = new Request(url, event.request);
156 | event.respondWith(
157 | fetch(request)
158 | )
159 | }
160 | )
161 | ```
162 |
163 | ## 关于Let's Encrypt证书
164 | 本脚本使用的acme.sh来申请的Let's Encrypt免费证书。三个月需要续期,本脚本通过cron自动完成续期的,无需用户操作。但Let's Encrypt 申请证书有一些限制,如下:
165 |
166 | Let's Encrypt证书申请频率的限制
167 |
168 | 1. 同一个主域名一周之内只能申请50个证书
169 | 2. 每个账号下每个域名每小时申请验证失败的次数为5次
170 | 3. 每周只能创建5个重复的证书,即使是通过不同的账号进行创建
171 | 4. 每个账号同一个IP地址每3小时最多可以创建10个证书
172 | 5. 每个多域名(SAN) SSL证书(不是通配符域名证书)最多只能包含100个子域
173 | 6. 更新证书没有次数的限制,但是更新证书会受到上述重复证书的限制
174 | 7. 如果提示证书申请失败,可以尝试更换域名再试(添加或换不同的二级域名,也算是新域名)
175 | 8. 同一IP地址,在短时间内过于频繁的申请证书,也会被限制,此时更换域名也无法申请成功,只能等待一段时间,或者在安装过程中选择使用 BuyPass.com 来申请.
176 |
177 |
178 | ## 特别感谢 Special Thanks
179 |
180 | 1. 脚本感谢 https://github.com/sprov065/v2-ui
181 | 2. 脚本感谢 https://github.com/Jrohy/trojan
182 | 3. 脚本感谢 https://github.com/v2fly/v2ray-core
183 | 4. 脚本感谢 https://github.com/XTLS/Xray-core
184 | 5. 脚本感谢 https://github.com/trojan-gfw/trojan
185 | 6. 脚本感谢 https://github.com/p4gefau1t/trojan-go
186 | 7. 脚本感谢 https://github.com/ylx2016/Linux-NetSpeed
187 | 8. 脚本感谢 秋水逸冰、Atrandys、V2ray官方 和 波仔分享 等
188 | 9. 脚本感谢 JCNF的博客 https://ybfl.xyz/111.html
189 |
190 |
191 |
192 | ## Installation Xrayr
193 | ## 安装其他 Linux 软件 和 V2board 服务器端 V2Ray-Poseidon, Soga, XrayR, Air-Universe 一键脚本
194 |
195 | #### via curl 安装命令
196 |
197 | ```bash
198 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/linux_install_software.sh && chmod +x ./linux_install_software.sh && ./linux_install_software.sh
199 |
200 | ```
201 |
202 | #### via wget 安装命令
203 |
204 | ```bash
205 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/linux_install_software.sh && chmod +x ./linux_install_software.sh && ./linux_install_software.sh
206 |
207 | ```
208 |
209 | 
210 |
211 |
212 |
213 | ## Stargazers over time
214 | [](https://starchart.cc/jinwyp/one_click_script)
215 |
216 |
217 |
218 | [better-cloudflare-ip]: https://github.com/badafans/better-cloudflare-ip/releases
219 | [CFIP]: https://github.com/BlueSkyXN/CFIP/releases
220 | [CloudflareScanner]: https://github.com/Spedoske/CloudflareScanner/releases/tag/1.1.2
221 | [CloudflareSpeedTest]: https://github.com/XIU2/CloudflareSpeedTest/releases/tag/v1.4.9
222 |
223 |
224 |
225 |
226 |
--------------------------------------------------------------------------------
/TOOL.md:
--------------------------------------------------------------------------------
1 | # Linux toolkit Easily install docker and Nodejs shell script
2 |
3 |
4 | ## [中文文档](/TOOL_CN.md)
5 |
6 | ## Features
7 |
8 | 1. Configuring an SSH login without password. Change the SSH Default Port. Secure your VPS.
9 | 2. Install linux sofrware including Oh-my-zsh, zsh-autosuggestions, Micro editors.
10 | 3. Install Nodejs and PM2.
11 | 4. Install Docker and Docker Compose.
12 | 5. Install Portainer.
13 |
14 |
15 |
16 | ## Installation
17 |
18 | #### via curl to install script
19 |
20 | ```bash
21 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/linux_install_software.sh && chmod +x ./linux_install_software.sh && ./linux_install_software.sh
22 |
23 | ```
24 |
25 | #### via wget to install script
26 |
27 | ```bash
28 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/linux_install_software.sh && chmod +x ./linux_install_software.sh && ./linux_install_software.sh
29 |
30 | ```
31 |
32 | 
33 |
34 |
35 |
36 |
37 |
--------------------------------------------------------------------------------
/TOOL_CN.md:
--------------------------------------------------------------------------------
1 | # Linux toolkit Easily install docker and Nodejs shell script
2 |
3 | ## 安装 Linux 软件 和 服务器端 一键脚本
4 |
5 | ## 目录 Table of Contents
6 |
7 | * [V2board 服务器端 一键安装脚本](#installation)
8 |
9 | ## 功能介绍
10 |
11 | 1. 开启SSH 无密码登录.修改SSH默认端口, 增加VPS安全性.
12 | 2. 安装 Oh-my-zsh, zsh-autosuggestions, Micro 编辑器.
13 | 3. 安装 Nodejs 和 PM2.
14 | 4. 安装 Docker 和 Docker Compose.
15 | 5. 安装 Portainer.
16 |
17 |
18 | ## Installation
19 |
20 | #### via curl 安装命令
21 |
22 | ```bash
23 | curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/linux_install_software.sh && chmod +x ./linux_install_software.sh && ./linux_install_software.sh
24 |
25 | ```
26 |
27 | #### via wget 安装命令
28 |
29 | ```bash
30 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/linux_install_software.sh && chmod +x ./linux_install_software.sh && ./linux_install_software.sh
31 |
32 | ```
33 |
34 | 
35 |
36 |
37 |
38 |
39 |
--------------------------------------------------------------------------------
/acuteangle/autorun:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 |
4 | # source https://gist.github.com/saltlakeryan/e12aafd09528ff77c346
5 |
6 | # set -e
7 | # set -o pipefail
8 |
9 | export LC_ALL=C
10 | export LANG=C
11 | export LANGUAGE=en_US.UTF-8
12 |
13 |
14 | # fonts color
15 | red(){
16 | echo -e "\033[31m\033[01m$1\033[0m"
17 | }
18 | green(){
19 | echo -e "\033[32m\033[01m$1\033[0m"
20 | }
21 | yellow(){
22 | echo -e "\033[33m\033[01m$1\033[0m"
23 | }
24 | blue(){
25 | echo -e "\033[34m\033[01m$1\033[0m"
26 | }
27 | bold(){
28 | echo -e "\033[1m\033[01m$1\033[0m"
29 | }
30 |
31 |
32 | function main() {
33 |
34 | setup_env
35 | print_welcome
36 | mount_usb
37 | }
38 |
39 |
40 |
41 | function setup_env() {
42 | PASSWORD="mypass"
43 | USERNAME="autoback"
44 | DIRECTORY_BASE="/fab/office/imaging/other/autoback"
45 | SERVER="storage.nanofab.utah.edu"
46 | DATE=$(date +%Y-%m-%d_%H_%M_%S)
47 | MACADDR=$(ls /sys/class/net/*/address | grep -v lo | sort | head -1 | xargs cat | perl -pe 's/:/-/g')
48 | BACKUPDIR="/mnt/backup/$MACADDR/$DATE"
49 |
50 | HDDP1="/dev/mmcblk1p1"
51 | HDDP2="/dev/mmcblk1p2"
52 | HDDP3="/dev/mmcblk1p3"
53 | HDDP4="/dev/mmcblk1p4"
54 |
55 | MountDisk1="/mnt/disk1"
56 | MountDisk2="/mnt/disk2"
57 | MountDisk3="/mnt/disk3"
58 | MountDisk4="/mnt/disk4"
59 |
60 | MountDIR1="/mnt/usb1"
61 | MountDIR2="/mnt/usb2"
62 |
63 | PVEIMGFilenamePath1="/mnt/usb1/proxmox.img.gz"
64 | PVEIMGFilenamePath2="/mnt/usb2/proxmox.img.gz"
65 | PVEIMGFilenamePath3="/mnt/usb1/proxmox-ve.iso"
66 | PVEIMGFilenamePath4="/mnt/usb2/proxmox-ve.iso"
67 | PVEIMGFilenameReal="proxmox.img.gz"
68 | PVEIMGFilenameRealISO="proxmox-ve.iso"
69 |
70 |
71 | HARDDISK=$(ls ${HDDP1} 2> /dev/null || true)
72 | if [ "$HARDDISK" == "" ]
73 | then
74 | echo "No disk found"
75 | exit 1
76 | fi
77 | HARDDISKSIZE=$(blockdev --getsize64 ${HDDP1})
78 | }
79 |
80 |
81 | function print_welcome() {
82 | green "================================================== "
83 | echo " STARTING AUTOMATIC Install PVE ! $DATE"
84 | echo " This machine is identified by its mac address: $MACADDR"
85 | echo " Size of Hard Disk in bytes: $HARDDISKSIZE"
86 | green "================================================== "
87 | echo
88 | }
89 |
90 |
91 | function print_metadata() {
92 | echo "Size of Hard Disk in bytes: $HARDDISKSIZE"
93 | IPADDR=$(ip addr show | grep 'inet ' | grep -v 'lo#39; | awk '{print $2}' | perl -pe 's!/.*!!')
94 | echo "IP: $IPADDR"
95 | IPHOST=`getent hosts $IPADDR || true`
96 | echo "HOST by IP: $IPHOST"
97 | }
98 |
99 |
100 |
101 |
102 | function mount_usb() {
103 | green "============================================================ "
104 | echo " Run Command : lsblk"
105 | lsblk
106 | echo
107 | green "============================================================ "
108 | echo " Run Command : blkid"
109 | blkid
110 | echo
111 | green "============================================================ "
112 | echo " Starting mount usb drive to ${MountDIR1} and ${MountDIR2} "
113 |
114 |
115 | # if [ -b "$HDDP1" ]; then
116 | # green "$HDDP1 is a block device. Mount to ${MountDisk1}"
117 | # mkdir -p $MountDisk1
118 | # mount -o rw $HDDP1 $MountDisk1
119 | # fi
120 |
121 | # if [ -b "$HDDP2" ]; then
122 | # green "$HDDP2 is a block device. Mount to ${MountDisk2}"
123 | # mkdir -p $MountDisk2
124 | # mount -o rw $HDDP2 $MountDisk2
125 | # fi
126 |
127 | # if [ -b "$HDDP3" ]; then
128 | # green "$HDDP3 is a block device. Mount to ${MountDisk3}"
129 | # mkdir -p $MountDisk3
130 | # mount -o rw $HDDP3 $MountDisk3
131 | # fi
132 |
133 | # if [ -b "$HDDP4" ]; then
134 | # green "$HDDP4 is a block device. Mount to ${MountDisk4}"
135 | # mkdir -p $MountDisk4
136 | # mount -o rw $HDDP4 $MountDisk4
137 | # fi
138 |
139 | deviceUSB1="/dev/sda1"
140 | deviceUSB2="/dev/sdb1"
141 |
142 | if [ -b "$deviceUSB1" ]; then
143 | green "$deviceUSB1 is a block device. Mount to ${MountDIR1}"
144 | mkdir -p $MountDIR1
145 | mount -o rw $deviceUSB1 $MountDIR1
146 | fi
147 |
148 | if [ -b "$deviceUSB2" ]; then
149 | echo "$deviceUSB2 is a block device. . Mount to ${MountDIR2}"
150 | mkdir -p $MountDIR2
151 | mount -o rw $deviceUSB2 $MountDIR2
152 | fi
153 |
154 |
155 | if [ -f "$PVEIMGFilenamePath1" ]; then
156 | PVEIMGFilenameReal=$PVEIMGFilenamePath1
157 | installpve $PVEIMGFilenameReal "gz"
158 | elif [ -f "$PVEIMGFilenamePath2" ]; then
159 | echo "$PVEIMGFilenamePath1 does not exist !"
160 | PVEIMGFilenameReal=$PVEIMGFilenamePath2
161 | installpve $PVEIMGFilenameReal "gz"
162 | elif [ -f "$PVEIMGFilenamePath3" ]; then
163 | echo "$PVEIMGFilenamePath2 does not exist !"
164 | PVEIMGFilenameReal=$PVEIMGFilenamePath3
165 | installpve $PVEIMGFilenameReal "iso"
166 | elif [ -f "$PVEIMGFilenamePath4" ]; then
167 | echo "$PVEIMGFilenamePath3 does not exist !"
168 | PVEIMGFilenameReal=$PVEIMGFilenamePath4
169 | installpve $PVEIMGFilenameReal "iso"
170 | else
171 | echo "$PVEIMGFilenamePath4 does not exist !"
172 | fi
173 |
174 | }
175 |
176 |
177 |
178 | function installpve(){
179 | green "============================================================ "
180 | echo " Starting Install PVE !"
181 |
182 | read -p "Comfirm to install PVE? Please input [Y/n]?" isInstallPVEInput
183 | isInstallPVEInput=${isInstallPVEInput:-Y}
184 |
185 | if [[ $isInstallPVEInput == [Yy] ]]; then
186 |
187 | if [ "$2" == "gz" ]; then
188 | echo "Running Command: $1 | gunzip | dd of=/dev/mmcblk1 && reboot"
189 | red "Do Not Turn off the Power! Wait for a long time please. "
190 | green "It will reboot after finish !"
191 | cat $1 | gunzip | dd of=/dev/mmcblk1 && reboot
192 | else
193 | echo "Running Command: dd if=$1 of=/dev/mmcblk1 && reboot"
194 | red "Do Not Turn off the Power! Wait for a long time please. "
195 | green "It will reboot after finish !"
196 | dd if=$1 of=/dev/mmcblk1
197 | reboot
198 | fi
199 |
200 | else
201 | red "============================================================ "
202 | red " Exit PVE Installation !"
203 | red "============================================================ "
204 | exit 1
205 | fi
206 |
207 | }
208 |
209 |
210 |
211 |
212 |
213 | main $1
--------------------------------------------------------------------------------
/acuteangle/boot1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/boot1.jpg
--------------------------------------------------------------------------------
/acuteangle/boot2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/boot2.jpg
--------------------------------------------------------------------------------
/acuteangle/boot3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/boot3.jpg
--------------------------------------------------------------------------------
/acuteangle/date.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 |
4 | # source https://gist.github.com/saltlakeryan/e12aafd09528ff77c346
5 |
6 | # set -e
7 | # set -o pipefail
8 |
9 | export LC_ALL=C
10 | export LANG=C
11 | export LANGUAGE=en_US.UTF-8
12 |
13 |
14 | # fonts color
15 | red(){
16 | echo -e "\033[31m\033[01m$1\033[0m"
17 | }
18 | green(){
19 | echo -e "\033[32m\033[01m$1\033[0m"
20 | }
21 | yellow(){
22 | echo -e "\033[33m\033[01m$1\033[0m"
23 | }
24 | blue(){
25 | echo -e "\033[34m\033[01m$1\033[0m"
26 | }
27 | bold(){
28 | echo -e "\033[1m\033[01m$1\033[0m"
29 | }
30 |
31 |
32 |
33 | function main() {
34 | echo $1
35 | if [[ -n $1 ]]; then
36 | saveDateToFile
37 |
38 | if [[ $1 == "reset" ]]; then
39 | reset
40 | apt-get install ifupdown2 -y
41 | chmod +x /root/date.sh
42 | setCrontab
43 | setIP
44 |
45 | fi
46 |
47 | if [[ $1 == "firstrun" ]]; then
48 | apt-get install ifupdown2 -y
49 | chmod +x /root/date.sh
50 | setCrontab
51 | setIP
52 | fi
53 |
54 | if [[ $1 == "deljob" ]]; then
55 | removeCrontab
56 | fi
57 |
58 | else
59 | setDateFromFile
60 | fi
61 | }
62 |
63 |
64 |
65 | dateFilePath="/root/date.log"
66 | function saveDateToFile(){
67 | green " ================================================== "
68 | echo "Save system date to file $dateFilePath "
69 | date +'%Y-%m-%d %H:%M:%S' > $dateFilePath
70 | cat $dateFilePath
71 | }
72 |
73 | function setDateFromFile(){
74 | green " ================================================== "
75 | echo "Set system date from file $dateFilePath "
76 | currentDate=$(cat $dateFilePath)
77 | echo "$currentDate"
78 | date -s "$currentDate"
79 |
80 | hwclock --set --date "$currentDate"
81 | hwclock --hctosys
82 | }
83 |
84 |
85 | function setCrontab(){
86 | # 设置 cron 定时任务
87 | # https://stackoverflow.com/questions/610839/how-can-i-programmatically-create-a-new-cron-job
88 |
89 | # (crontab -l 2>/dev/null | grep -v '^[a-zA-Z]'; echo "15 4 * * 0,1,2,3,4,5,6 systemctl restart trojan.service") | sort - | uniq - | crontab -
90 | (crontab -l ; echo "@reboot /root/date.sh") | sort - | uniq - | crontab -
91 | (crontab -l ; echo "10 4 * * 0,1,2,3,4,5,6 /root/date.sh savedate") | sort - | uniq - | crontab -
92 | }
93 |
94 |
95 | function removeCrontab(){
96 | # 清楚 cron 定时任务
97 | crontab -r
98 | }
99 |
100 | function setIP(){
101 | # https://pve.proxmox.com/pve-docs/chapter-sysadmin.html#sysadmin_network_configuration
102 |
103 |
104 | green " ================================================== "
105 |
106 | read -r -p "Choose IP Mode: DHCP(y) or Static(n) ? (default: static ip) Pls Input [y/N]?" IPModeInput
107 | IPModeInput=${IPModeInput:-n}
108 | read -r -p "Please input IP address of your n3450 computer (default:192.168.7.200) ?" IPInput
109 |
110 | if [[ $IPModeInput == [Yy] ]]; then
111 | cat > /etc/network/interfaces <<-EOF
112 |
113 | # This file describes the network interfaces available on your system
114 | # and how to activate them. For more information, see interfaces(5).
115 |
116 | source /etc/network/interfaces.d/*
117 |
118 | # The loopback network interface
119 | auto lo
120 | iface lo inet loopback
121 |
122 |
123 | # The primary network interface
124 | iface enp1s0 inet manual
125 |
126 | auto vmbr0
127 | iface vmbr0 inet dhcp
128 | bridge_ports enp1s0
129 | bridge_stp off
130 | bridge_fd 0
131 |
132 |
133 | # allow-hotplug wlp2s0
134 | # iface wlp2s0 inet dhcp
135 | # pre-up ip link set wlan0 up
136 | # pre-up iwconfig wlan0 essid ssid
137 | # wpa-ssid ssid
138 | # wpa-psk password
139 |
140 | EOF
141 | green " ================================================== "
142 | red "$IPInput is not the real ip. It only shows on the welcome message !"
143 | red "Please run command 'ifconfig' to show the real IP or check the real ip on the router !"
144 |
145 | green " ================================================== "
146 | else
147 |
148 | read -r -p "Please input IP netmask (default:255.255.255.0) ?" netmaskInput
149 | read -r -p "Please input IP gateway (default:192.168.7.1) ?" gatewayInput
150 |
151 | IPInput=${IPInput:-192.168.7.200}
152 | netmaskInput=${netmaskInput:-255.255.255.0}
153 | gatewayInput=${gatewayInput:-192.168.7.1}
154 |
155 |
156 | cat > /etc/network/interfaces <<-EOF
157 |
158 | # This file describes the network interfaces available on your system
159 | # and how to activate them. For more information, see interfaces(5).
160 |
161 | source /etc/network/interfaces.d/*
162 |
163 | # The loopback network interface
164 | auto lo
165 | iface lo inet loopback
166 |
167 | # The primary network interface
168 | iface enp1s0 inet manual
169 |
170 | auto vmbr0
171 | iface vmbr0 inet static
172 | address ${IPInput}
173 | netmask ${netmaskInput}
174 | gateway ${gatewayInput}
175 | bridge_ports enp1s0
176 | bridge_stp off
177 | bridge_fd 0
178 |
179 |
180 | EOF
181 |
182 | fi
183 |
184 | sed -i -e "s/[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}/${IPInput}/g" /etc/issue
185 | sed -i "s/10\.100\.99\.1/${IPInput}/g" /etc/hosts
186 |
187 | sed -i "s/# alias/alias/g" /root/.bashrc
188 |
189 | green " ================================================== "
190 | green " Change IP to ${IPInput} success !"
191 | echo "Please Check file /etc/hosts and make sure the IP of your hostname is correct"
192 | green " ================================================== "
193 | }
194 |
195 |
196 |
197 |
198 |
199 | function mount_usb() {
200 | green " ================================================== "
201 | echo "Run Command : lsblk"
202 | lsblk
203 | echo
204 | green " ================================================== "
205 | echo "Run Command : blkid"
206 | blkid
207 | echo
208 | green " ================================================== "
209 | echo " Starting mount usb drive "
210 |
211 | deviceUSB1="/dev/sda1"
212 | deviceUSB2="/dev/sdb1"
213 |
214 | MountDIR1="/mnt/usb1"
215 | MountDIR2="/mnt/usb2"
216 |
217 | if [ -b "$deviceUSB1" ]; then
218 | green "$deviceUSB1 is a block device. Mount to ${MountDIR1}"
219 | mkdir -p $MountDIR1
220 | mount -o rw $deviceUSB1 $MountDIR1
221 | fi
222 |
223 | if [ -b "$deviceUSB2" ]; then
224 | echo "$deviceUSB2 is a block device. . Mount to ${MountDIR2}"
225 | mkdir -p $MountDIR2
226 | mount -o rw $deviceUSB2 $MountDIR2
227 | fi
228 |
229 | }
230 |
231 |
232 | function addMoreDisk(){
233 | DISK="/dev/mmcblk1"
234 | echo -e "d\n\nn\n\n\n\nw" | fdisk $DISK
235 | xfs_growfs /
236 | }
237 |
238 | function reset(){
239 | addMoreDisk
240 |
241 | rm /etc/ssh/ssh_host_*
242 | test -f /etc/ssh/ssh_host_dsa_key || dpkg-reconfigure openssh-server
243 |
244 | pvecm updatecerts -f
245 | systemctl disable reset
246 | rm /etc/systemd/system/reset.service
247 | systemctl daemon-reload
248 | systemctl reset-failed
249 | rm /reset.sh
250 |
251 | }
252 |
253 | main $1
--------------------------------------------------------------------------------
/acuteangle/img1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/img1.jpg
--------------------------------------------------------------------------------
/acuteangle/img2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/img2.jpg
--------------------------------------------------------------------------------
/acuteangle/img3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/img3.jpg
--------------------------------------------------------------------------------
/acuteangle/img32.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/img32.jpg
--------------------------------------------------------------------------------
/acuteangle/img33.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/img33.jpg
--------------------------------------------------------------------------------
/acuteangle/img4.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/img4.jpg
--------------------------------------------------------------------------------
/acuteangle/local1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/local1.jpg
--------------------------------------------------------------------------------
/acuteangle/local2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/local2.jpg
--------------------------------------------------------------------------------
/acuteangle/mosdns1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/mosdns1.jpg
--------------------------------------------------------------------------------
/acuteangle/mosdns2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/mosdns2.jpg
--------------------------------------------------------------------------------
/acuteangle/pve1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/pve1.jpg
--------------------------------------------------------------------------------
/acuteangle/pve2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/pve2.jpg
--------------------------------------------------------------------------------
/acuteangle/pve3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/pve3.jpg
--------------------------------------------------------------------------------
/acuteangle/pve9.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/pve9.jpg
--------------------------------------------------------------------------------
/acuteangle/readme.md:
--------------------------------------------------------------------------------
1 | # 锐角云安装PVE 最简单教程
2 |
3 | ## Table of Contents
4 |
5 | * [方法1 自动DD方法)](#autodd)
6 | * [方法2 修改代码方法 让PVE 安装到EMMC 硬盘上](#pveemmc)
7 | * [在 PVE中 安装Openwrt](#openwrt)
8 | * [Openwrt的DHCP和DNS 设置 ](#openwrtsetting)
9 |
10 |
11 | ## AutoDD
12 | ## 方法1 自动DD方法
13 | ### 准备工作
14 | 1. 下载 PVE 6.2 镜像 proxmox.img.gz(该镜像已经被修改 可以支持emmc并且删除了无用lvm分区) 地址 https://n3450.cloud/proxmox.img.gz
15 | 2. 下载 SystemRescue Linux 启动盘 地址 https://nchc.dl.sourceforge.net/project/systemrescuecd/sysresccd-x86/9.04/systemrescue-9.04-amd64.iso
16 | 3. 下载 autorun 脚本 https://raw.githubusercontent.com/jinwyp/one_click_script/master/acuteangle/autorun , 页面打开后另存为autorun. 注意不要有扩展名 (autorun.txt 这种是错误的)
17 | 4. 下载初始化脚本 https://raw.githubusercontent.com/jinwyp/one_click_script/master/acuteangle/date.sh, 页面打开后另存为date.sh 扩展名是.sh
18 |
19 |
20 |
21 | ### 开始制作启动盘和安装PVE
22 |
23 | 1. 用 rufus 或 balenaEtcher(推荐 https://www.balena.io/) U盘写入工具 将 systemrescue-9.04-amd64.iso 写入U盘
24 | 2. U盘写入完成后, 复制 autorun 脚本 和 proxmox.img.gz 到U盘根目录
25 | 3. 插入U盘到 锐角云 HDMI口旁边的USB, 开机按F7选择U盘引导后 (一般U盘为第二项 UEFI:你的U盘名称 例如 SanDisk, Partition 1)。
26 | 4. 进入SystemRescue 菜单后 选择第二项 Boot SystemRescue and Copy system to Ram (Copytoram) 进入, 然后会自动运行autorun脚本, 根据提示选择Y 安装PVE或n 退出。 随后耐心等待直至屏幕变化,设备会自动重启。此时可以插入网线连接好路由器.
27 |
28 | 5. 插入网线会通过dhcp获取ip的。进入PVE的命令行环境后,使用用户名和密码为"root/password"进行登陆。 首次进入要执行下面初始化脚本, 需要已经正常联网. 然后根据提示可以选择DHCP获取IP或手动指定IP地址。
29 | ```bash
30 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/acuteangle/date.sh && chmod +x ./date.sh && ./date.sh reset
31 | ```
32 |
33 | 如果没有联网,可以执行 bash /reset.sh 来初始化系统, 但会导致重启后获取不到IP连不上网, 请慎重使用。 所以没有联网推荐插入网线重启后运行上一条命令。
34 |
35 |
36 | 6. 如果第5步没有联网,重启后获取不到IP连不上网 解决方法. 下载脚本date.sh, 放到U盘, 插入到 HDMI口旁边的USB, 输入下面的命令. 加载U盘运行脚本,根据提示可以选择DHCP获取IP或手动指定IP地址。
37 | ```bash
38 | mkdir -p /mnt/usb1/
39 | mount /dev/sda1 /mnt/usb1
40 | chmod +x ./mnt/usb1/date.sh && /mnt/usb1/date.sh firstrun
41 | ```
42 | 7. 一切完成后访问 http://IP:8006 进入后台
43 |
44 | ### date.sh 脚本 说明
45 | 1. date.sh 脚本会保存到/root/下,还修复了bios没有电池导致时间丢失问题 脚本每天会保存当前时间到文件, 断电重启后会通过crontab重启脚本读取文件设置系统时间,
46 | ```bash
47 | wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/acuteangle/date.sh && chmod +x ./date.sh && ./date.sh firstrun
48 | ```
49 |
50 | 2. 以后使用其他电脑在浏览器就可以管理PVE,登陆方式:https://你设置的IP:8006,用户名/密码分别是"root/password"进行登陆。
51 |
52 | 3. 如果已经给机器加上了bios电池, 不需要再修复系统时间问题, 运行 ```crontab -r ``` 清除自动运行修复时间的脚本, 注意 ```crontab -r ``` 会清除所有定时任务, 如果还有其他定时任务 请运行```crontab -e ```手动修改 删除或注释掉 包含 date.sh 的两行脚本即可
53 |
54 |
55 |
56 |
57 |
58 | ## pveemmc
59 | ## 方法2 修改代码方法让PVE 安装到EMMC 硬盘上
60 |
61 | ### 准备工作
62 | 1. 下载 PVE 7.1 https://n3450.cloud/proxmox-ve_7.1-2-emmc.iso (已经修改好可以从EMMC安装PVE的镜像, 后面不再需要修改代码)
63 | 2. 或从 官方下载 [PVE 7.2-1](https://www.proxmox.com/en/downloads?task=callelement&format=raw&item_id=654&element=f85c494b-2b32-4109-b8c1-083cca2b7db6&method=download&args[0]=71d0b7259765b2c03267418eb4d7889e)
64 |
65 | ### 开始制作启动盘和安装PVE
66 | 1. 用 balenaEtcher(推荐) U盘写入工具 将 proxmox-ve_7.1-2-emmc.iso 或 官方PVE的 proxmox-ve_7.2-1.iso 写入U盘
67 | 2. 插入U盘到 锐角云 HDMI口旁边的USB, 开机按F7选择U盘引导后 (一般U盘为第二项 UEFI:你的U盘名称 例如 SanDisk, Partition 1)。
68 | 3. 启动 PVE 安装程序后 进入安装初始界面后 先选 Advanced Options, 然后点击 Install Proxmox VE (Debug mode), 在第一次提示你可以输入命令的时候输入 Ctrl-D ,
69 | 
70 |
71 |
72 | 4. 继续安装过程, 在第二次提示你可以输入命令的时候输入命令 vi /usr/bin/proxinstall. 编辑文件(或者使用其他文字编辑器如 nano).
73 | 
74 |
75 | 5. 输入 /unable to get device 回车后 定位到对应位置, 输入i进入编辑模式 , 找到如下代码: (这里对VIM编辑器不熟悉的建议去学一下VIM的基本操作. VIM默认有两种模式 打开文件后默认是普通模式 可以控制光标移动,搜索但不能编辑, 输入i 进入编辑模式 可以编辑文件但无法保存, 按ESC键返回到普通模式. 普通模式输入/是搜索, 输入:wq是保存退出)
76 | ```
77 |
78 | } elsif ($dev =~ m|^/dev/[^/]+/hd[a-z]$|) {
79 | return "${dev}$partnum";
80 | } elsif ($dev =~ m|^/dev/nvme\d+n\d+$|) {
81 | return "${dev}p$partnum";
82 | } else {
83 | die "unable to get device for partition $partnum on device $dev\n";
84 | }
85 |
86 | ```
87 |
88 | 修改为下面代码 (增加 elsif ($dev =~ m|^/dev/mmcblk\d+$|) 部分代码 )
89 |
90 | ```
91 | } elsif ($dev =~ m|^/dev/[^/]+/hd[a-z]$|) {
92 | return "${dev}$partnum";
93 | } elsif ($dev =~ m|^/dev/nvme\d+n\d+$|) {
94 | return "${dev}p$partnum";
95 |
96 | } elsif ($dev =~ m|^/dev/mmcblk\d+$|) {
97 | return "${dev}p$partnum";
98 |
99 | } else {
100 | die "unable to get device for partition $partnum on device $dev\n";
101 | }
102 |
103 | ```
104 |
105 | 具体操作如下: 在普通模式移动到/dev/nvme那行输入2yy 就是复制2行的意思, 然后移动光标到else行 键入p 就是粘贴, 然后输入i 进入编辑模式 编辑成/dev/mmcblk\d+$, 然后按ESC返回到普通模式, 输入:wq, 保存退出后. 然后输入 Ctrl-D ,继续安装过程. 此时应该进入了正常的安装程序,
106 |
107 | 
108 |
109 |
110 |
111 | 6. 硬盘选择的时候选择 /dev/mmcblk1 (没有 bootX 后缀). 点击下图 options (建议关闭 swap, swapsize设置为0, 延长EMMC寿命. maxvz 也推荐设置为0, 毕竟只有64G, 不需要分太多卷). 最后安装完成后输入 Ctrl-D ,重启系统. 完成后访问 http://IP:8006 进入后台
112 | 
113 |
114 | 7. 后续操作 运行以下脚本, 更新软件源, 删除逻辑卷 /pve/data 合并磁盘等操作 (安装完/dev/pve/root 只有14G).
115 |
116 | ```bash
117 | wget --no-check-certificate -P /root https://raw.githubusercontent.com/jinwyp/one_click_script/master/dsm/pve.sh && chmod 700 /root/pve.sh && /root/pve.sh
118 |
119 | ```
120 |
121 | #### 注意 解决 Proxmox VE 无法安装到 eMMC 上的问题
122 |
123 | 1. 如果使用PVE官方6.4的iso安装 默认无法安装到EMMC存储上 需要 修改代码 可以参考这篇文章 https://lookas2001.com/%E8%A7%A3%E5%86%B3-proxmox-ve-%E6%97%A0%E6%B3%95%E5%AE%89%E8%A3%85%E5%88%B0-emmc-%E4%B8%8A%E7%9A%84%E9%97%AE%E9%A2%98/
124 |
125 |
126 |
127 | ## 其他工作
128 |
129 | 1. 如果不能联网, 因为PVE是基于 Debian系统的, 对linux 熟悉的可以直接 修改 /etc/network/interfaces 文件. 同时也要想要修改/etc/issue 和 /etc/hosts. 不熟悉linux的可以用上面的date.sh 脚本修改.
130 |
131 | 2. PVE的硬盘盘符. 因为锐角云只有一个64G的EMMC硬盘 物理设备为 /dev/mmcblk1. 安装完PVE后会建立3个物理分区 /dev/mmcblk1p1 /dev/mmcblk1p2 /dev/mmcblk1p3, 其中前2个为系统引导分区 不要修改, PVE的主要文件都在 /dev/mmcblk1p3 分区上. 可以运行命令 lsblk 或 blkid 查看
132 | 
133 |
134 | 3. PVE的LVM LVM逻辑卷. 首先科普一下 [linix的 LVM 磁盘管理](https://www.yisu.com/zixun/3865.html) [LVM 科普文章2](https://zhuanlan.zhihu.com/p/62597195). 简单来讲就是物理卷PV(就是/dev/mmcblk1p3分区), 逻辑卷组VG 和 逻辑卷LV. PVE正常通过官方ISO安装 就是用上面的第二种方法安装, 默认会有3个LV: /dev/pve/root /dev/pve/data /dev/pve/swap . 如果安装过成功中swap设置为0 就不没有第三个 /dev/pve/swap 了. 通过运行 命令 lvdisplay 可以查看这3个LV的信息. 在PVE的概念里面 通过 数据中心-> 存储 里面可以看到有local (对应 /dev/pve/root) 和 local-lvm (对应 /dev/pve/data) 两个储存盘.
135 |
136 | 
137 |
138 |
139 | 由于锐角云只有64G, 建议合并成只有一个LV 都是/dev/pve/root. 运行下面脚本选择3 合并逻辑卷. 合并完成后就只有一个 local (对应 /dev/pve/root) 储存盘了 如上图
140 |
141 |
142 | ```bash
143 | wget --no-check-certificate -P /root https://raw.githubusercontent.com/jinwyp/one_click_script/master/dsm/pve.sh && chmod 700 /root/pve.sh && /root/pve.sh
144 |
145 | ```
146 |
147 | 4. 通过再次运行上面脚本 选择1 更新软件源
148 |
149 |
150 | ## Openwrt
151 | ## 在 PVE中 安装Openwrt
152 |
153 | ### 准备工作
154 | 1. 下载 openwrt X86的 镜像 可以使用esir的版本 Stable v21.02.3 0818 [官方下载地址](https://drive.google.com/drive/folders/1amWhdhq0XhQR4tNyFcouB49-Uf4VsUrL). 这里选择的是 sirpdboy 编译的版本,比esir速度快不少[sirpdboy官方下载地址](https://www.123pan.com/s/dS5A-Hoxqd?pwd=MwhD#MwhD)
155 |
156 | 2. 一般 openwrt X86 镜像有2种 uefi 引导和 传统的legacy引导. 如果不使用PVE直接把openwrt安装到锐角云上必须使用UEFI版本, 由于锐角云只支持UEFI引导, 使用legacy版本直接安装会导致锐角云变砖. 而这里如果用PVE创建虚拟机安装openwrt, 虚拟机的bios是支持legacy的, 所以2种引导都可以,这里选择legacy版本. esir版本的固件下载文件 openwrt-21.02.3-x86-64-generic-squashfs-legacy.img.gz . sirpdboy版本的固件下载文件为 20220919-Ipv6-Super-5.15-x86-64-generic-squashfs-rootfs.img.gz
157 |
158 | 3. 开始创建虚拟机. 点击右上角 "创建虚拟机" 按钮 输入名称 例如OpenWRTX86. 点击勾选 下面的高级选项, 勾选开机自启动. 点击 下一步. 选择不使用任何介质, 因为.img.gz的格式PVE无法直接使用需要转换. 客户机操作系统不用改动,点击下一步. 然后系统菜单直接点击下一步. 然后磁盘菜单 删除已有的磁盘 不需要任何磁盘. 因为稍后会导入img.gz镜像. 点击下一步进入CPU菜单
159 |
160 | 
161 |
162 | 
163 |
164 | 4. CPU菜单 可以选择2核, 也可以根据情况添加更多的核. 锐角云是4核8G内存. 如果需要在openwrt里面安装docker 可以增加CPU核数或内容, 但不建议, 如果要使用docker建议在创建另外的linux虚拟机. 类别选host. 点击勾选 下面的高级选项, 开启 aes. 点击下一步 内存设置为1024 除非要在openwrt里面跑docker, 否则1024(1G) 已经够用了. 点击下一步进入网络, 一切都默认后继续点击直到完成.
165 |
166 | 
167 |
168 | 5. 把之前下载的 20220919-Ipv6-Super-5.15-x86-64-generic-squashfs-rootfs.img.gz 解压出来并改名为 openwrt.img (原文件名太长了,改名后方便以后打字输入). 点击 PVE 节点 -> local (PVE) 储存盘 -> ISO镜像 点击上传按钮 在弹出选择文件框 选择 openwrt.img文件上传. 上传成功后会弹出信息提示 记住上传的文件路径 例如 target file: /var/lib/vz/template/iso/openwrt.img
169 |
170 | 
171 |
172 | 
173 |
174 | 6. 把镜像转成虚拟磁盘并导入到虚拟机. 选择“pve”节点 > shell > 输入以下命令并回车:qm importdisk 100 /var/lib/vz/template/iso/openwrt.img local-lvm
175 | 这里注意 100 是相应的虚拟机的ID 需要修改成对应的ID. local-lvm 是PVE储存盘, 也有可能是local. 如果弄不明白命令, 直接用我下面的脚本 选择14 使用 qm importdisk 命令导入. 运行下面的脚本选择14后 根据提示输入文件名 openwrt.img 和 虚拟机ID 100 然后回车 完成导入。
176 |
177 | ```bash
178 | wget --no-check-certificate -O /root/pve.sh https://raw.githubusercontent.com/jinwyp/one_click_script/master/dsm/pve.sh && chmod 700 /root/pve.sh && /root/pve.sh
179 |
180 | ```
181 |
182 | 7. 导入成功后在 Openwrt 虚拟机的“硬件”选项卡就能看到一个“未使用的磁盘0”,选中它 双击弹出配置窗口,总线/设备类型选“sata”,最后点击添加。然后继续给磁盘扩容. 由于openwrt制作的镜像可能体积较小,导致以后虚拟机磁盘空间不足, 需要进行一下扩容 一般增加1G空间足够给openwrt用了
183 |
184 | 
185 |
186 | 
187 |
188 | 
189 |
190 | 8. 切换到虚拟机的“选项”选项卡,双击“引导顺序”,第一引导项拖拽选‘sata0’ 勾选 已启用 点击 OK
191 | 
192 |
193 |
194 | 9. 启动虚拟机, 点击 openwrt 虚拟机 “控制台”查看启动状态. 按一下回车 显示 Openwrt 的图标表明启动正常. esir固件默认后台地址:192.168.5.1 密码:空 . sirpdboy 固件默认后台地址:192.168.8.1 密码无
195 | 
196 |
197 | 10. 不知道openwrt IP地址的也可以 输入命令 ip addr 查看.
198 | 
199 |
200 |
201 | 11. 下一步就是改电脑的IP为192.168.5.2,让电脑和openwrt 在同一个网段. 或者觉得改电脑IP麻烦可以修改openwrt的IP. 在虚拟机的 “控制台” 输入命令 vi /etc/config/network 找到 config interface 'lan' 下面的IP. 编辑openwrt的IP 192.168.5.1 或 192.168.8.1 那行, 改为你想要的IP. 如果作为旁路由同时需要修改网关为原路由器的IP. 输入:wq 保存后 重启openwrt虚拟机. 输入 reboot 命令即可重启.
202 | 
203 |
204 | 12. 重启后就可以在电脑浏览器上打开你设定的 ip 例如 http://192.168.1.6/ 密码:空 进入管理openwrt了.
205 |
206 | 13. 后续操作 Openwrt 中的 DHCP 和 DNS 等设置 请继续看下面
207 |
208 | ## Openwrtsetting
209 | ## Openwrt 中的 DHCP 和 DNS 等设置
210 |
211 | 14. 由于锐角云只有一个网卡, 可以在 网络 -> 接口 里面可以直接删除WAN. 或者把WAN设置为"不配置协议". sirpdboy 固件里面还可以通过向导模式设置旁路由. 具体单臂网关服务器如何设置可以参考 [DNS设置方法](https://github.com/jinwyp/one_click_script/blob/master/DNS.md#mosdns).
212 |
213 | 15. 开启MosDNS服务器, 进入MosDNS服务器设置页面, 先点击 "更新数据库"Tab, 然后点击按钮 "检查并更新" 更新IP数据库. 然后回到"基本设置"Tab 启动MosDNS即可.
214 | 
215 | 
216 |
217 | 16. 建议使用锐角云做DHCP服务器 (锐角云的DHCP优先级高, 在DHCP勾选 强制), 并保留原路由器的DHCP功能. 使主路由的DHCP和锐角云的DHCP同时工作, 这样即使锐角云挂了也可以正常上网. 在 DHCP 选项 中填写 6,192.168.xxx.xxx , 192.168.xxx.xxx 为本openwrt的IP,这样设备获取到的IP同时,DNS会设置为本openwrt的IP, 如果开启了MosDNS,就是由本Openwrt上的MosDNS服务器提供域名解析服务.
218 | 
219 | 
220 |
221 |
--------------------------------------------------------------------------------
/acuteangle/setup1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/setup1.jpg
--------------------------------------------------------------------------------
/acuteangle/setup2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/setup2.jpg
--------------------------------------------------------------------------------
/acuteangle/vm1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/vm1.jpg
--------------------------------------------------------------------------------
/acuteangle/vm2.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/vm2.jpg
--------------------------------------------------------------------------------
/acuteangle/vm3.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/vm3.jpg
--------------------------------------------------------------------------------
/acuteangle/zip1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/acuteangle/zip1.png
--------------------------------------------------------------------------------
/bench.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | #
3 | # Description: Auto test download & I/O speed script
4 | #
5 | # Copyright (C) 2015 - 2022 Teddysun <i@teddysun.com>
6 | # Thanks: LookBack <admin@dwhd.org>
7 | # URL: https://teddysun.com/444.html
8 | # https://github.com/teddysun/across/blob/master/bench.sh
9 | #
10 | trap _exit INT QUIT TERM
11 |
12 | _red() {
13 | printf '\033[0;31;31m%b\033[0m' "$1"
14 | }
15 |
16 | _green() {
17 | printf '\033[0;31;32m%b\033[0m' "$1"
18 | }
19 |
20 | _yellow() {
21 | printf '\033[0;31;33m%b\033[0m' "$1"
22 | }
23 |
24 | _blue() {
25 | printf '\033[0;31;36m%b\033[0m' "$1"
26 | }
27 |
28 | _exists() {
29 | local cmd="$1"
30 | if eval type type > /dev/null 2>&1; then
31 | eval type "$cmd" > /dev/null 2>&1
32 | elif command > /dev/null 2>&1; then
33 | command -v "$cmd" > /dev/null 2>&1
34 | else
35 | which "$cmd" > /dev/null 2>&1
36 | fi
37 | local rt=$?
38 | return ${rt}
39 | }
40 |
41 | _exit() {
42 | _red "\nThe script has been terminated.\n"
43 | # clean up
44 | rm -fr speedtest.tgz speedtest-cli benchtest_*
45 | exit 1
46 | }
47 |
48 | get_opsy() {
49 | [ -f /etc/redhat-release ] && awk '{print $0}' /etc/redhat-release && return
50 | [ -f /etc/os-release ] && awk -F'[= "]' '/PRETTY_NAME/{print $3,$4,$5}' /etc/os-release && return
51 | [ -f /etc/lsb-release ] && awk -F'[="]+' '/DESCRIPTION/{print $2}' /etc/lsb-release && return
52 | }
53 |
54 | next() {
55 | printf "%-70s\n" "-" | sed 's/\s/-/g'
56 | }
57 |
58 | speed_test() {
59 | local nodeName="$2"
60 | [ -z "$1" ] && ./speedtest-cli/speedtest --progress=no --accept-license --accept-gdpr > ./speedtest-cli/speedtest.log 2>&1 || \
61 | ./speedtest-cli/speedtest --progress=no --server-id=$1 --accept-license --accept-gdpr > ./speedtest-cli/speedtest.log 2>&1
62 | if [ $? -eq 0 ]; then
63 | local dl_speed=$(awk '/Download/{print $3" "$4}' ./speedtest-cli/speedtest.log)
64 | local up_speed=$(awk '/Upload/{print $3" "$4}' ./speedtest-cli/speedtest.log)
65 | local latency=$(awk '/Latency/{print $2" "$3}' ./speedtest-cli/speedtest.log)
66 | if [[ -n "${dl_speed}" && -n "${up_speed}" && -n "${latency}" ]]; then
67 | printf "\033[0;33m%-18s\033[0;32m%-18s\033[0;31m%-20s\033[0;36m%-12s\033[0m\n" " ${nodeName}" "${up_speed}" "${dl_speed}" "${latency}"
68 | fi
69 | fi
70 | }
71 |
72 | speed() {
73 | speed_test '' 'Speedtest.net'
74 | speed_test '14939' 'SanJose, Mimosa'
75 | speed_test '17846' 'SJ, Sonic'
76 | speed_test '21541' 'Los Angeles, i3D'
77 | speed_test '7190' 'LA, Sharktech'
78 | speed_test '17614' 'Phoenix, AZ'
79 | speed_test '24215' 'Paris, FR'
80 | speed_test '28922' 'Amsterdam, NL'
81 | speed_test '37235' 'Shenyang, CU'
82 | speed_test '43752' 'BeiJing, CU'
83 | speed_test '25858' 'BeiJing, CM'
84 | speed_test '24447' 'Shanghai, CN'
85 | speed_test '24447' 'ShangHai, CU 5G'
86 | speed_test '26352' 'NanJing, CT 5G'
87 | speed_test '59386' 'HangZhou, CT'
88 | speed_test '5396' 'SuZhou, CT 5G'
89 | speed_test '45170' 'WuXi, CU'
90 | speed_test '59387' 'NingBo, CT'
91 | speed_test '36646' 'ZhengZhou, CU 5G'
92 | speed_test '5317' 'Yangzhou, CT 5G'
93 | speed_test '56354' 'FuZhou, CU'
94 | speed_test '60572' 'Guangzhou, CN'
95 | speed_test '58591' 'Shenzhen, CM'
96 | speed_test '32155' 'Hongkong, CN'
97 | speed_test '6527' 'Seoul, KR'
98 | speed_test '13623' 'Singapore, SG'
99 | speed_test '21569' 'Tokyo, JP'
100 |
101 |
102 | }
103 |
104 | io_test() {
105 | (LANG=C dd if=/dev/zero of=benchtest_$ bs=512k count=$1 conv=fdatasync && rm -f benchtest_$ ) 2>&1 | awk -F, '{io=$NF} END { print io}' | sed 's/^[ \t]*//;s/[ \t]*$//'
106 | }
107 |
108 | calc_size() {
109 | local raw=$1
110 | local total_size=0
111 | local num=1
112 | local unit="KB"
113 | if ! [[ ${raw} =~ ^[0-9]+$ ]] ; then
114 | echo ""
115 | return
116 | fi
117 | if [ "${raw}" -ge 1073741824 ]; then
118 | num=1073741824
119 | unit="TB"
120 | elif [ "${raw}" -ge 1048576 ]; then
121 | num=1048576
122 | unit="GB"
123 | elif [ "${raw}" -ge 1024 ]; then
124 | num=1024
125 | unit="MB"
126 | elif [ "${raw}" -eq 0 ]; then
127 | echo "${total_size}"
128 | return
129 | fi
130 | total_size=$( awk 'BEGIN{printf "%.1f", '$raw' / '$num'}' )
131 | echo "${total_size} ${unit}"
132 | }
133 |
134 | check_virt(){
135 | _exists "dmesg" && virtualx="$(dmesg 2>/dev/null)"
136 | if _exists "dmidecode"; then
137 | sys_manu="$(dmidecode -s system-manufacturer 2>/dev/null)"
138 | sys_product="$(dmidecode -s system-product-name 2>/dev/null)"
139 | sys_ver="$(dmidecode -s system-version 2>/dev/null)"
140 | else
141 | sys_manu=""
142 | sys_product=""
143 | sys_ver=""
144 | fi
145 | if grep -qa docker /proc/1/cgroup; then
146 | virt="Docker"
147 | elif grep -qa lxc /proc/1/cgroup; then
148 | virt="LXC"
149 | elif grep -qa container=lxc /proc/1/environ; then
150 | virt="LXC"
151 | elif [[ -f /proc/user_beancounters ]]; then
152 | virt="OpenVZ"
153 | elif [[ "${virtualx}" == *kvm-clock* ]]; then
154 | virt="KVM"
155 | elif [[ "${sys_product}" == *KVM* ]]; then
156 | virt="KVM"
157 | elif [[ "${cname}" == *KVM* ]]; then
158 | virt="KVM"
159 | elif [[ "${cname}" == *QEMU* ]]; then
160 | virt="KVM"
161 | elif [[ "${virtualx}" == *"VMware Virtual Platform"* ]]; then
162 | virt="VMware"
163 | elif [[ "${virtualx}" == *"Parallels Software International"* ]]; then
164 | virt="Parallels"
165 | elif [[ "${virtualx}" == *VirtualBox* ]]; then
166 | virt="VirtualBox"
167 | elif [[ -e /proc/xen ]]; then
168 | if grep -q "control_d" "/proc/xen/capabilities" 2>/dev/null; then
169 | virt="Xen-Dom0"
170 | else
171 | virt="Xen-DomU"
172 | fi
173 | elif [ -f "/sys/hypervisor/type" ] && grep -q "xen" "/sys/hypervisor/type"; then
174 | virt="Xen"
175 | elif [[ "${sys_manu}" == *"Microsoft Corporation"* ]]; then
176 | if [[ "${sys_product}" == *"Virtual Machine"* ]]; then
177 | if [[ "${sys_ver}" == *"7.0"* || "${sys_ver}" == *"Hyper-V" ]]; then
178 | virt="Hyper-V"
179 | else
180 | virt="Microsoft Virtual Machine"
181 | fi
182 | fi
183 | else
184 | virt="Dedicated"
185 | fi
186 | }
187 |
188 | ipv4_info() {
189 | local org="$(wget -q -T10 -O- ipinfo.io/org)"
190 | local city="$(wget -q -T10 -O- ipinfo.io/city)"
191 | local country="$(wget -q -T10 -O- ipinfo.io/country)"
192 | local region="$(wget -q -T10 -O- ipinfo.io/region)"
193 | if [[ -n "$org" ]]; then
194 | echo " Organization : $(_blue "$org")"
195 | fi
196 | if [[ -n "$city" && -n "country" ]]; then
197 | echo " Location : $(_blue "$city / $country")"
198 | fi
199 | if [[ -n "$region" ]]; then
200 | echo " Region : $(_yellow "$region")"
201 | fi
202 | if [[ -z "$org" ]]; then
203 | echo " Region : $(_red "No ISP detected")"
204 | fi
205 | }
206 |
207 | install_speedtest() {
208 | if [ ! -e "./speedtest-cli/speedtest" ]; then
209 | sys_bit=""
210 | local sysarch="$(uname -m)"
211 | if [ "${sysarch}" = "unknown" ] || [ "${sysarch}" = "" ]; then
212 | local sysarch="$(arch)"
213 | fi
214 | if [ "${sysarch}" = "x86_64" ]; then
215 | sys_bit="x86_64"
216 | fi
217 | if [ "${sysarch}" = "i386" ] || [ "${sysarch}" = "i686" ]; then
218 | sys_bit="i386"
219 | fi
220 | if [ "${sysarch}" = "armv8" ] || [ "${sysarch}" = "armv8l" ] || [ "${sysarch}" = "aarch64" ] || [ "${sysarch}" = "arm64" ]; then
221 | sys_bit="aarch64"
222 | fi
223 | if [ "${sysarch}" = "armv7" ] || [ "${sysarch}" = "armv7l" ]; then
224 | sys_bit="armhf"
225 | fi
226 | if [ "${sysarch}" = "armv6" ]; then
227 | sys_bit="armel"
228 | fi
229 | [ -z "${sys_bit}" ] && _red "Error: Unsupported system architecture (${sysarch}).\n" && exit 1
230 | url1="https://install.speedtest.net/app/cli/ookla-speedtest-1.1.1-linux-${sys_bit}.tgz"
231 | url2="https://dl.lamp.sh/files/ookla-speedtest-1.1.1-linux-${sys_bit}.tgz"
232 | wget --no-check-certificate -q -T10 -O speedtest.tgz ${url1}
233 | if [ $? -ne 0 ]; then
234 | wget --no-check-certificate -q -T10 -O speedtest.tgz ${url2}
235 | [ $? -ne 0 ] && _red "Error: Failed to download speedtest-cli.\n" && exit 1
236 | fi
237 | mkdir -p speedtest-cli && tar zxf speedtest.tgz -C ./speedtest-cli && chmod +x ./speedtest-cli/speedtest
238 | rm -f speedtest.tgz
239 | fi
240 | }
241 |
242 | print_intro() {
243 | echo "-------------------- A Bench.sh Script By Teddysun -------------------"
244 | echo " Version : $(_green v2022-02-22)"
245 | echo " Usage : $(_red "wget -qO- bench.sh | bash")"
246 | }
247 |
248 | # Get System information
249 | get_system_info() {
250 | cname=$( awk -F: '/model name/ {name=$2} END {print name}' /proc/cpuinfo | sed 's/^[ \t]*//;s/[ \t]*$//' )
251 | cores=$( awk -F: '/processor/ {core++} END {print core}' /proc/cpuinfo )
252 | freq=$( awk -F'[ :]' '/cpu MHz/ {print $4;exit}' /proc/cpuinfo )
253 | ccache=$( awk -F: '/cache size/ {cache=$2} END {print cache}' /proc/cpuinfo | sed 's/^[ \t]*//;s/[ \t]*$//' )
254 | cpu_aes=$( grep -i 'aes' /proc/cpuinfo )
255 | cpu_virt=$( grep -Ei 'vmx|svm' /proc/cpuinfo )
256 | tram=$( LANG=C; free | awk '/Mem/ {print $2}' )
257 | tram=$( calc_size $tram )
258 | uram=$( LANG=C; free | awk '/Mem/ {print $3}' )
259 | uram=$( calc_size $uram )
260 | swap=$( LANG=C; free | awk '/Swap/ {print $2}' )
261 | swap=$( calc_size $swap )
262 | uswap=$( LANG=C; free | awk '/Swap/ {print $3}' )
263 | uswap=$( calc_size $uswap )
264 | up=$( awk '{a=$1/86400;b=($1%86400)/3600;c=($1%3600)/60} {printf("%d days, %d hour %d min\n",a,b,c)}' /proc/uptime )
265 | if _exists "w"; then
266 | load=$( LANG=C; w | head -1 | awk -F'load average:' '{print $2}' | sed 's/^[ \t]*//;s/[ \t]*$//' )
267 | elif _exists "uptime"; then
268 | load=$( LANG=C; uptime | head -1 | awk -F'load average:' '{print $2}' | sed 's/^[ \t]*//;s/[ \t]*$//' )
269 | fi
270 | opsy=$( get_opsy )
271 | arch=$( uname -m )
272 | if _exists "getconf"; then
273 | lbit=$( getconf LONG_BIT )
274 | else
275 | echo ${arch} | grep -q "64" && lbit="64" || lbit="32"
276 | fi
277 | kern=$( uname -r )
278 | disk_total_size=$( LANG=C; df -t simfs -t ext2 -t ext3 -t ext4 -t btrfs -t xfs -t vfat -t ntfs -t swap --total 2>/dev/null | grep total | awk '{ print $2 }' )
279 | disk_total_size=$( calc_size $disk_total_size )
280 | disk_used_size=$( LANG=C; df -t simfs -t ext2 -t ext3 -t ext4 -t btrfs -t xfs -t vfat -t ntfs -t swap --total 2>/dev/null | grep total | awk '{ print $3 }' )
281 | disk_used_size=$( calc_size $disk_used_size )
282 | tcpctrl=$( sysctl net.ipv4.tcp_congestion_control | awk -F ' ' '{print $3}' )
283 | }
284 | # Print System information
285 | print_system_info() {
286 | if [ -n "$cname" ]; then
287 | echo " CPU Model : $(_blue "$cname")"
288 | else
289 | echo " CPU Model : $(_blue "CPU model not detected")"
290 | fi
291 | if [ -n "$freq" ]; then
292 | echo " CPU Cores : $(_blue "$cores @ $freq MHz")"
293 | else
294 | echo " CPU Cores : $(_blue "$cores")"
295 | fi
296 | if [ -n "$ccache" ]; then
297 | echo " CPU Cache : $(_blue "$ccache")"
298 | fi
299 | if [ -n "$cpu_aes" ]; then
300 | echo " AES-NI : $(_green "Enabled")"
301 | else
302 | echo " AES-NI : $(_red "Disabled")"
303 | fi
304 | if [ -n "$cpu_virt" ]; then
305 | echo " VM-x/AMD-V : $(_green "Enabled")"
306 | else
307 | echo " VM-x/AMD-V : $(_red "Disabled")"
308 | fi
309 | echo " Total Disk : $(_yellow "$disk_total_size") $(_blue "($disk_used_size Used)")"
310 | echo " Total Mem : $(_yellow "$tram") $(_blue "($uram Used)")"
311 | if [ "$swap" != "0" ]; then
312 | echo " Total Swap : $(_blue "$swap ($uswap Used)")"
313 | fi
314 | echo " System uptime : $(_blue "$up")"
315 | echo " Load average : $(_blue "$load")"
316 | echo " OS : $(_blue "$opsy")"
317 | echo " Arch : $(_blue "$arch ($lbit Bit)")"
318 | echo " Kernel : $(_blue "$kern")"
319 | echo " TCP CC : $(_yellow "$tcpctrl")"
320 | echo " Virtualization : $(_blue "$virt")"
321 | }
322 |
323 | print_io_test() {
324 | freespace=$( df -m . | awk 'NR==2 {print $4}' )
325 | if [ -z "${freespace}" ]; then
326 | freespace=$( df -m . | awk 'NR==3 {print $3}' )
327 | fi
328 | if [ ${freespace} -gt 1024 ]; then
329 | writemb=2048
330 | io1=$( io_test ${writemb} )
331 | echo " I/O Speed(1st run) : $(_yellow "$io1")"
332 | io2=$( io_test ${writemb} )
333 | echo " I/O Speed(2nd run) : $(_yellow "$io2")"
334 | io3=$( io_test ${writemb} )
335 | echo " I/O Speed(3rd run) : $(_yellow "$io3")"
336 | ioraw1=$( echo $io1 | awk 'NR==1 {print $1}' )
337 | [ "`echo $io1 | awk 'NR==1 {print $2}'`" == "GB/s" ] && ioraw1=$( awk 'BEGIN{print '$ioraw1' * 1024}' )
338 | ioraw2=$( echo $io2 | awk 'NR==1 {print $1}' )
339 | [ "`echo $io2 | awk 'NR==1 {print $2}'`" == "GB/s" ] && ioraw2=$( awk 'BEGIN{print '$ioraw2' * 1024}' )
340 | ioraw3=$( echo $io3 | awk 'NR==1 {print $1}' )
341 | [ "`echo $io3 | awk 'NR==1 {print $2}'`" == "GB/s" ] && ioraw3=$( awk 'BEGIN{print '$ioraw3' * 1024}' )
342 | ioall=$( awk 'BEGIN{print '$ioraw1' + '$ioraw2' + '$ioraw3'}' )
343 | ioavg=$( awk 'BEGIN{printf "%.1f", '$ioall' / 3}' )
344 | echo " I/O Speed(average) : $(_yellow "$ioavg MB/s")"
345 | else
346 | echo " $(_red "Not enough space for I/O Speed test!")"
347 | fi
348 | }
349 |
350 | print_end_time() {
351 | end_time=$(date +%s)
352 | time=$(( ${end_time} - ${start_time} ))
353 | if [ ${time} -gt 60 ]; then
354 | min=$(expr $time / 60)
355 | sec=$(expr $time % 60)
356 | echo " Finished in : ${min} min ${sec} sec"
357 | else
358 | echo " Finished in : ${time} sec"
359 | fi
360 | date_time=$(date '+%Y-%m-%d %H:%M:%S %Z')
361 | echo " Timestamp : $date_time"
362 | }
363 |
364 | ! _exists "wget" && _red "Error: wget command not found.\n" && exit 1
365 | ! _exists "free" && _red "Error: free command not found.\n" && exit 1
366 | start_time=$(date +%s)
367 | get_system_info
368 | check_virt
369 | clear
370 | print_intro
371 | next
372 | print_system_info
373 | ipv4_info
374 | next
375 | print_io_test
376 | next
377 | install_speedtest && printf "%-18s%-18s%-20s%-12s\n" " Node Name" "Upload Speed" "Download Speed" "Latency"
378 | speed && rm -fr speedtest-cli
379 | next
380 | print_end_time
381 | next
382 |
--------------------------------------------------------------------------------
/docs/cfcheck1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/cfcheck1.png
--------------------------------------------------------------------------------
/docs/cfcheck2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/cfcheck2.png
--------------------------------------------------------------------------------
/docs/cfcheck3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/cfcheck3.png
--------------------------------------------------------------------------------
/docs/chrome1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/chrome1.png
--------------------------------------------------------------------------------
/docs/chrome2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/chrome2.png
--------------------------------------------------------------------------------
/docs/chrome3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/chrome3.png
--------------------------------------------------------------------------------
/docs/cloudflare1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/cloudflare1.jpg
--------------------------------------------------------------------------------
/docs/debian.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/debian.jpg
--------------------------------------------------------------------------------
/docs/dns1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/dns1.png
--------------------------------------------------------------------------------
/docs/dns2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/dns2.png
--------------------------------------------------------------------------------
/docs/dns3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/dns3.png
--------------------------------------------------------------------------------
/docs/firefox1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/firefox1.png
--------------------------------------------------------------------------------
/docs/firefox2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/firefox2.png
--------------------------------------------------------------------------------
/docs/firefox3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/firefox3.png
--------------------------------------------------------------------------------
/docs/firefoxesni1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/firefoxesni1.png
--------------------------------------------------------------------------------
/docs/firefoxesni2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/firefoxesni2.png
--------------------------------------------------------------------------------
/docs/firefoxesni3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/firefoxesni3.png
--------------------------------------------------------------------------------
/docs/go1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/go1.png
--------------------------------------------------------------------------------
/docs/go2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/go2.png
--------------------------------------------------------------------------------
/docs/gov1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/gov1.png
--------------------------------------------------------------------------------
/docs/gov2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/gov2.png
--------------------------------------------------------------------------------
/docs/gov3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/gov3.png
--------------------------------------------------------------------------------
/docs/gov5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/gov5.png
--------------------------------------------------------------------------------
/docs/gov6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/gov6.png
--------------------------------------------------------------------------------
/docs/grpc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/grpc.png
--------------------------------------------------------------------------------
/docs/https1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/https1.png
--------------------------------------------------------------------------------
/docs/kernel.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/kernel.png
--------------------------------------------------------------------------------
/docs/mosdns1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/mosdns1.png
--------------------------------------------------------------------------------
/docs/mosdns2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/mosdns2.png
--------------------------------------------------------------------------------
/docs/mosdns3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/mosdns3.png
--------------------------------------------------------------------------------
/docs/mosdns4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/mosdns4.png
--------------------------------------------------------------------------------
/docs/mosdns5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/mosdns5.png
--------------------------------------------------------------------------------
/docs/mosdns6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/mosdns6.png
--------------------------------------------------------------------------------
/docs/netflix1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/netflix1.png
--------------------------------------------------------------------------------
/docs/pve1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/pve1.png
--------------------------------------------------------------------------------
/docs/pve2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/pve2.png
--------------------------------------------------------------------------------
/docs/readme.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/readme.png
--------------------------------------------------------------------------------
/docs/readme2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/readme2.png
--------------------------------------------------------------------------------
/docs/readme2_en.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/readme2_en.png
--------------------------------------------------------------------------------
/docs/readme3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/readme3.png
--------------------------------------------------------------------------------
/docs/readme3_en.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/readme3_en.png
--------------------------------------------------------------------------------
/docs/readme4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/readme4.png
--------------------------------------------------------------------------------
/docs/readme_en.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/readme_en.png
--------------------------------------------------------------------------------
/docs/ubuntu.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/ubuntu.png
--------------------------------------------------------------------------------
/docs/v2board1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/v2board1.png
--------------------------------------------------------------------------------
/docs/v2board1_en.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/docs/v2board1_en.png
--------------------------------------------------------------------------------
/download/lzma.py:
--------------------------------------------------------------------------------
1 | """Interface to the liblzma compression library.
2 |
3 | This module provides a class for reading and writing compressed files,
4 | classes for incremental (de)compression, and convenience functions for
5 | one-shot (de)compression.
6 |
7 | These classes and functions support both the XZ and legacy LZMA
8 | container formats, as well as raw compressed data streams.
9 | """
10 |
11 | __all__ = [
12 | "CHECK_NONE", "CHECK_CRC32", "CHECK_CRC64", "CHECK_SHA256",
13 | "CHECK_ID_MAX", "CHECK_UNKNOWN",
14 | "FILTER_LZMA1", "FILTER_LZMA2", "FILTER_DELTA", "FILTER_X86", "FILTER_IA64",
15 | "FILTER_ARM", "FILTER_ARMTHUMB", "FILTER_POWERPC", "FILTER_SPARC",
16 | "FORMAT_AUTO", "FORMAT_XZ", "FORMAT_ALONE", "FORMAT_RAW",
17 | "MF_HC3", "MF_HC4", "MF_BT2", "MF_BT3", "MF_BT4",
18 | "MODE_FAST", "MODE_NORMAL", "PRESET_DEFAULT", "PRESET_EXTREME",
19 |
20 | "LZMACompressor", "LZMADecompressor", "LZMAFile", "LZMAError",
21 | "open", "compress", "decompress", "is_check_supported",
22 | ]
23 |
24 | import builtins
25 | import io
26 | import os
27 | try:
28 | from _lzma import *
29 | from _lzma import _encode_filter_properties, _decode_filter_properties
30 | except ImportError:
31 | from backports.lzma import *
32 | from backports.lzma import _encode_filter_properties, _decode_filter_properties
33 |
34 | import _compression
35 |
36 |
37 | _MODE_CLOSED = 0
38 | _MODE_READ = 1
39 | # Value 2 no longer used
40 | _MODE_WRITE = 3
41 |
42 |
43 | class LZMAFile(_compression.BaseStream):
44 |
45 | """A file object providing transparent LZMA (de)compression.
46 |
47 | An LZMAFile can act as a wrapper for an existing file object, or
48 | refer directly to a named file on disk.
49 |
50 | Note that LZMAFile provides a *binary* file interface - data read
51 | is returned as bytes, and data to be written must be given as bytes.
52 | """
53 |
54 | def __init__(self, filename=None, mode="r", *,
55 | format=None, check=-1, preset=None, filters=None):
56 | """Open an LZMA-compressed file in binary mode.
57 |
58 | filename can be either an actual file name (given as a str,
59 | bytes, or PathLike object), in which case the named file is
60 | opened, or it can be an existing file object to read from or
61 | write to.
62 |
63 | mode can be "r" for reading (default), "w" for (over)writing,
64 | "x" for creating exclusively, or "a" for appending. These can
65 | equivalently be given as "rb", "wb", "xb" and "ab" respectively.
66 |
67 | format specifies the container format to use for the file.
68 | If mode is "r", this defaults to FORMAT_AUTO. Otherwise, the
69 | default is FORMAT_XZ.
70 |
71 | check specifies the integrity check to use. This argument can
72 | only be used when opening a file for writing. For FORMAT_XZ,
73 | the default is CHECK_CRC64. FORMAT_ALONE and FORMAT_RAW do not
74 | support integrity checks - for these formats, check must be
75 | omitted, or be CHECK_NONE.
76 |
77 | When opening a file for reading, the *preset* argument is not
78 | meaningful, and should be omitted. The *filters* argument should
79 | also be omitted, except when format is FORMAT_RAW (in which case
80 | it is required).
81 |
82 | When opening a file for writing, the settings used by the
83 | compressor can be specified either as a preset compression
84 | level (with the *preset* argument), or in detail as a custom
85 | filter chain (with the *filters* argument). For FORMAT_XZ and
86 | FORMAT_ALONE, the default is to use the PRESET_DEFAULT preset
87 | level. For FORMAT_RAW, the caller must always specify a filter
88 | chain; the raw compressor does not support preset compression
89 | levels.
90 |
91 | preset (if provided) should be an integer in the range 0-9,
92 | optionally OR-ed with the constant PRESET_EXTREME.
93 |
94 | filters (if provided) should be a sequence of dicts. Each dict
95 | should have an entry for "id" indicating ID of the filter, plus
96 | additional entries for options to the filter.
97 | """
98 | self._fp = None
99 | self._closefp = False
100 | self._mode = _MODE_CLOSED
101 |
102 | if mode in ("r", "rb"):
103 | if check != -1:
104 | raise ValueError("Cannot specify an integrity check "
105 | "when opening a file for reading")
106 | if preset is not None:
107 | raise ValueError("Cannot specify a preset compression "
108 | "level when opening a file for reading")
109 | if format is None:
110 | format = FORMAT_AUTO
111 | mode_code = _MODE_READ
112 | elif mode in ("w", "wb", "a", "ab", "x", "xb"):
113 | if format is None:
114 | format = FORMAT_XZ
115 | mode_code = _MODE_WRITE
116 | self._compressor = LZMACompressor(format=format, check=check,
117 | preset=preset, filters=filters)
118 | self._pos = 0
119 | else:
120 | raise ValueError("Invalid mode: {!r}".format(mode))
121 |
122 | if isinstance(filename, (str, bytes, os.PathLike)):
123 | if "b" not in mode:
124 | mode += "b"
125 | self._fp = builtins.open(filename, mode)
126 | self._closefp = True
127 | self._mode = mode_code
128 | elif hasattr(filename, "read") or hasattr(filename, "write"):
129 | self._fp = filename
130 | self._mode = mode_code
131 | else:
132 | raise TypeError("filename must be a str, bytes, file or PathLike object")
133 |
134 | if self._mode == _MODE_READ:
135 | raw = _compression.DecompressReader(self._fp, LZMADecompressor,
136 | trailing_error=LZMAError, format=format, filters=filters)
137 | self._buffer = io.BufferedReader(raw)
138 |
139 | def close(self):
140 | """Flush and close the file.
141 |
142 | May be called more than once without error. Once the file is
143 | closed, any other operation on it will raise a ValueError.
144 | """
145 | if self._mode == _MODE_CLOSED:
146 | return
147 | try:
148 | if self._mode == _MODE_READ:
149 | self._buffer.close()
150 | self._buffer = None
151 | elif self._mode == _MODE_WRITE:
152 | self._fp.write(self._compressor.flush())
153 | self._compressor = None
154 | finally:
155 | try:
156 | if self._closefp:
157 | self._fp.close()
158 | finally:
159 | self._fp = None
160 | self._closefp = False
161 | self._mode = _MODE_CLOSED
162 |
163 | @property
164 | def closed(self):
165 | """True if this file is closed."""
166 | return self._mode == _MODE_CLOSED
167 |
168 | def fileno(self):
169 | """Return the file descriptor for the underlying file."""
170 | self._check_not_closed()
171 | return self._fp.fileno()
172 |
173 | def seekable(self):
174 | """Return whether the file supports seeking."""
175 | return self.readable() and self._buffer.seekable()
176 |
177 | def readable(self):
178 | """Return whether the file was opened for reading."""
179 | self._check_not_closed()
180 | return self._mode == _MODE_READ
181 |
182 | def writable(self):
183 | """Return whether the file was opened for writing."""
184 | self._check_not_closed()
185 | return self._mode == _MODE_WRITE
186 |
187 | def peek(self, size=-1):
188 | """Return buffered data without advancing the file position.
189 |
190 | Always returns at least one byte of data, unless at EOF.
191 | The exact number of bytes returned is unspecified.
192 | """
193 | self._check_can_read()
194 | # Relies on the undocumented fact that BufferedReader.peek() always
195 | # returns at least one byte (except at EOF)
196 | return self._buffer.peek(size)
197 |
198 | def read(self, size=-1):
199 | """Read up to size uncompressed bytes from the file.
200 |
201 | If size is negative or omitted, read until EOF is reached.
202 | Returns b"" if the file is already at EOF.
203 | """
204 | self._check_can_read()
205 | return self._buffer.read(size)
206 |
207 | def read1(self, size=-1):
208 | """Read up to size uncompressed bytes, while trying to avoid
209 | making multiple reads from the underlying stream. Reads up to a
210 | buffer's worth of data if size is negative.
211 |
212 | Returns b"" if the file is at EOF.
213 | """
214 | self._check_can_read()
215 | if size < 0:
216 | size = io.DEFAULT_BUFFER_SIZE
217 | return self._buffer.read1(size)
218 |
219 | def readline(self, size=-1):
220 | """Read a line of uncompressed bytes from the file.
221 |
222 | The terminating newline (if present) is retained. If size is
223 | non-negative, no more than size bytes will be read (in which
224 | case the line may be incomplete). Returns b'' if already at EOF.
225 | """
226 | self._check_can_read()
227 | return self._buffer.readline(size)
228 |
229 | def write(self, data):
230 | """Write a bytes object to the file.
231 |
232 | Returns the number of uncompressed bytes written, which is
233 | always len(data). Note that due to buffering, the file on disk
234 | may not reflect the data written until close() is called.
235 | """
236 | self._check_can_write()
237 | compressed = self._compressor.compress(data)
238 | self._fp.write(compressed)
239 | self._pos += len(data)
240 | return len(data)
241 |
242 | def seek(self, offset, whence=io.SEEK_SET):
243 | """Change the file position.
244 |
245 | The new position is specified by offset, relative to the
246 | position indicated by whence. Possible values for whence are:
247 |
248 | 0: start of stream (default): offset must not be negative
249 | 1: current stream position
250 | 2: end of stream; offset must not be positive
251 |
252 | Returns the new file position.
253 |
254 | Note that seeking is emulated, so depending on the parameters,
255 | this operation may be extremely slow.
256 | """
257 | self._check_can_seek()
258 | return self._buffer.seek(offset, whence)
259 |
260 | def tell(self):
261 | """Return the current file position."""
262 | self._check_not_closed()
263 | if self._mode == _MODE_READ:
264 | return self._buffer.tell()
265 | return self._pos
266 |
267 |
268 | def open(filename, mode="rb", *,
269 | format=None, check=-1, preset=None, filters=None,
270 | encoding=None, errors=None, newline=None):
271 | """Open an LZMA-compressed file in binary or text mode.
272 |
273 | filename can be either an actual file name (given as a str, bytes,
274 | or PathLike object), in which case the named file is opened, or it
275 | can be an existing file object to read from or write to.
276 |
277 | The mode argument can be "r", "rb" (default), "w", "wb", "x", "xb",
278 | "a", or "ab" for binary mode, or "rt", "wt", "xt", or "at" for text
279 | mode.
280 |
281 | The format, check, preset and filters arguments specify the
282 | compression settings, as for LZMACompressor, LZMADecompressor and
283 | LZMAFile.
284 |
285 | For binary mode, this function is equivalent to the LZMAFile
286 | constructor: LZMAFile(filename, mode, ...). In this case, the
287 | encoding, errors and newline arguments must not be provided.
288 |
289 | For text mode, an LZMAFile object is created, and wrapped in an
290 | io.TextIOWrapper instance with the specified encoding, error
291 | handling behavior, and line ending(s).
292 |
293 | """
294 | if "t" in mode:
295 | if "b" in mode:
296 | raise ValueError("Invalid mode: %r" % (mode,))
297 | else:
298 | if encoding is not None:
299 | raise ValueError("Argument 'encoding' not supported in binary mode")
300 | if errors is not None:
301 | raise ValueError("Argument 'errors' not supported in binary mode")
302 | if newline is not None:
303 | raise ValueError("Argument 'newline' not supported in binary mode")
304 |
305 | lz_mode = mode.replace("t", "")
306 | binary_file = LZMAFile(filename, lz_mode, format=format, check=check,
307 | preset=preset, filters=filters)
308 |
309 | if "t" in mode:
310 | return io.TextIOWrapper(binary_file, encoding, errors, newline)
311 | else:
312 | return binary_file
313 |
314 |
315 | def compress(data, format=FORMAT_XZ, check=-1, preset=None, filters=None):
316 | """Compress a block of data.
317 |
318 | Refer to LZMACompressor's docstring for a description of the
319 | optional arguments *format*, *check*, *preset* and *filters*.
320 |
321 | For incremental compression, use an LZMACompressor instead.
322 | """
323 | comp = LZMACompressor(format, check, preset, filters)
324 | return comp.compress(data) + comp.flush()
325 |
326 |
327 | def decompress(data, format=FORMAT_AUTO, memlimit=None, filters=None):
328 | """Decompress a block of data.
329 |
330 | Refer to LZMADecompressor's docstring for a description of the
331 | optional arguments *format*, *check* and *filters*.
332 |
333 | For incremental decompression, use an LZMADecompressor instead.
334 | """
335 | results = []
336 | while True:
337 | decomp = LZMADecompressor(format, memlimit, filters)
338 | try:
339 | res = decomp.decompress(data)
340 | except LZMAError:
341 | if results:
342 | break # Leftover data is not a valid LZMA/XZ stream; ignore it.
343 | else:
344 | raise # Error on the first iteration; bail out.
345 | results.append(res)
346 | if not decomp.eof:
347 | raise LZMAError("Compressed data ended before the "
348 | "end-of-stream marker was reached")
349 | data = decomp.unused_data
350 | if not data:
351 | break
352 | return b"".join(results)
353 |
--------------------------------------------------------------------------------
/download/mitm-vip-unlocker-x86_64-linux-musl.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/mitm-vip-unlocker-x86_64-linux-musl.zip
--------------------------------------------------------------------------------
/download/mosdns/cn.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/mosdns/cn.dat
--------------------------------------------------------------------------------
/download/mosdns/geoip.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/mosdns/geoip.dat
--------------------------------------------------------------------------------
/download/mosdns/geosite.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/mosdns/geosite.dat
--------------------------------------------------------------------------------
/download/mosdns/luci-app-mosdns_git-22.142.44511-c664869_all.ipk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/mosdns/luci-app-mosdns_git-22.142.44511-c664869_all.ipk
--------------------------------------------------------------------------------
/download/mosdns/mosdns_cee9e6d-55_x86_64.ipk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/mosdns/mosdns_cee9e6d-55_x86_64.ipk
--------------------------------------------------------------------------------
/download/mosdns/v2ray-geoip_202204210050-4_all.ipk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/mosdns/v2ray-geoip_202204210050-4_all.ipk
--------------------------------------------------------------------------------
/download/mosdns/v2ray-geosite_20220425025949-4_all.ipk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/mosdns/v2ray-geosite_20220425025949-4_all.ipk
--------------------------------------------------------------------------------
/download/trojan-mac.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/trojan-mac.zip
--------------------------------------------------------------------------------
/download/trojan-qt5.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/trojan-qt5.zip
--------------------------------------------------------------------------------
/download/trojan-win-cli.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/trojan-win-cli.zip
--------------------------------------------------------------------------------
/download/v2ray-android.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/v2ray-android.zip
--------------------------------------------------------------------------------
/download/v2ray-mac.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/v2ray-mac.zip
--------------------------------------------------------------------------------
/download/v2ray-windows.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/v2ray-windows.zip
--------------------------------------------------------------------------------
/download/website.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/website.zip
--------------------------------------------------------------------------------
/download/website2.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/download/website2.zip
--------------------------------------------------------------------------------
/dsm/FixSynoboot.sh:
--------------------------------------------------------------------------------
1 | #!/bin/ash
2 | # FixSynoboot() extracted from Jun 1.04b loader
3 | # added hotplug-out event to gracefully clean up esata volumes 2020-Apr-18
4 | # cleaned up share references in message log and root folder 2020-May-16
5 |
6 | FixSynoboot()
7 | {
8 | if [ ! -e /dev/synoboot ]; then
9 | tail -n+3 /proc/partitions | while read major minor sz name
10 | do
11 | if echo $name | grep -q "^sd[[:alpha:]]*quot;;then
12 | basename=$name
13 | minor0=$minor
14 | synoboot1=""
15 | synoboot2=""
16 | continue
17 | fi
18 | if [ $name = "${basename}1" -a $sz -le 512000 ]; then
19 | synoboot1="$name"
20 | minor1=$minor
21 | elif [ $name = "${basename}2" -a $sz -le 512000 ]; then
22 | synoboot2="$name"
23 | minor2=$minor
24 | else
25 | continue
26 | fi
27 | if [ -n "$synoboot1" -a -n "$synoboot2" ]; then
28 | # begin hotplug event added
29 | if [ -e /sys/class/block/$basename ]; then
30 | port=$(synodiskport -portcheck $basename)
31 | df | grep "^/dev/$basename." | while read share; do
32 | share=$(echo $share | awk '{print $1,$NF}')
33 | sharedir=$(echo $share | awk '{print $2}')
34 | sharebase=$(echo $sharedir | awk -F\/ '{print $2}')
35 | sharedir=$(echo $sharedir | awk -F\/ '{print $3}')
36 | if ( synocheckshare --vol-unmounting $port $share ); then
37 | umount $(echo $share | awk '{print $1}')
38 | grep -v "^$share" /run/synostorage/volumetab >/tmp/volumetab
39 | mv /tmp/volumetab /run/synostorage/volumetab
40 | rm "/$sharebase/@eaDir/$sharedir/SYNO@.attr"
41 | find "/$sharebase" -empty -type d -delete 2>/dev/null
42 | fi
43 | done
44 | echo "remove" >/sys/class/block/$basename/uevent
45 | fi
46 | # end
47 |
48 | rm "/dev/$basename"
49 | rm "/dev/$synoboot1"
50 | rm "/dev/$synoboot2"
51 | rm "/dev/${basename}3"
52 | mknod /dev/synoboot b $major $minor0
53 | mknod /dev/synoboot1 b $major $minor1
54 | mknod /dev/synoboot2 b $major $minor2
55 | break
56 | fi
57 | done
58 | fi
59 | }
60 |
61 | RUNAS="root"
62 |
63 | case $1 in
64 | start)
65 | FixSynoboot
66 | exit 0
67 | ;;
68 | stop)
69 | exit 0
70 | ;;
71 | status)
72 | exit 0
73 | ;;
74 | log)
75 | exit 1
76 | ;;
77 | *)
78 | exit 1
79 | ;;
80 | esac
81 |
--------------------------------------------------------------------------------
/dsm/ch_cpuinfo:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/dsm/ch_cpuinfo
--------------------------------------------------------------------------------
/dsm/frpc-noarch_v0.35.0.spk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/dsm/frpc-noarch_v0.35.0.spk
--------------------------------------------------------------------------------
/dsm/img2kvm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/dsm/img2kvm
--------------------------------------------------------------------------------
/dsm/libsynonvme.so.1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jinwyp/one_click_script/7b27cc353ac488728b032a8497b6031de7f26a4e/dsm/libsynonvme.so.1
--------------------------------------------------------------------------------
/dsm/mosdns.yaml:
--------------------------------------------------------------------------------
1 | log:
2 | level: info
3 | file: "${configMosdnsPath}/mosdns.log"
4 |
5 | # []string, 从其他配置文件载入 plugins 插件设置。
6 | # include 的插件会比本配置文件中的插件先初始化。
7 |
8 | plugins:
9 | # - tag: ecs_cn
10 | # type: ecs_handler
11 | # args:
12 | # forward: false
13 | # preset: 58.208.0.0 # 电信,请针对不同的运营商自行修改
14 | # send: false
15 | # mask4: 12
16 | # mask6: 28
17 |
18 | - tag: ecs_tw
19 | type: ecs_handler
20 | args:
21 | forward: false
22 | preset: 168.95.0.0
23 | send: false
24 | mask4: 16
25 | # mask6: 40
26 |
27 | - tag: ecs_us
28 | type: ecs_handler
29 | args:
30 | forward: false
31 | preset: 38.94.109.0
32 | send: false
33 | mask4: 24
34 | # mask6: 40
35 |
36 | # 不应处理本地 DNS 请求,防止死循环。正确顺序应该是 dnsmasq --> OpenClash(可选)--> mosdns。
37 | # - tag: "forward_lan"
38 | # type: forward
39 | # args:
40 | # concurrent: 1
41 | # upstream:
42 | # - addr: "192.168.1.1"
43 |
44 | - tag: "forward_local"
45 | type: forward
46 | args:
47 | concurrent: 2
48 | upstreams:
49 | - addr: "${chinaDNSServerIPInput}" # 江苏电信 DNS,自行修改
50 | - addr: "218.4.4.4" # 江苏电信 DNS,自行修改
51 | - addr: "210.22.70.3" # 上海联通 DNS,自行修改
52 |
53 | - tag: "forward_alidns"
54 | type: forward
55 | args:
56 | concurrent: 1
57 | upstreams:
58 | - addr: "quic://223.6.6.6:853"
59 | - addr: "https://dns.alidns.com/dns-query"
60 | dial_addr: "223.5.5.5"
61 | enable_http3: false
62 |
63 | - tag: "forward_easy"
64 | type: "forward"
65 | args:
66 | concurrent: 1
67 | upstreams:
68 | - addr: "https://doh.apad.pro/dns-query"
69 | bootstrap: "218.2.2.2"
70 | enable_http3: false
71 |
72 | - tag: "forward_remote"
73 | type: "forward"
74 | args:
75 | concurrent: 1 # 并发数。每次请求随机选取 concurrent 个 upstreams 发送请求。
76 | # 取最快返回的应答。超过 3 最多选 3 个。默认 1。
77 | upstreams:
78 | - addr: "https://162.159.36.1/dns-query"
79 | enable_http3: false
80 | # socks5: "127.0.0.1:1080" # 目前暂不支持用户名密码认证,只支持基于 TCP 的协议
81 | - addr: "https://162.159.46.1/dns-query"
82 | enable_http3: false
83 | # - addr: "https://doh.opendns.com/dns-query"
84 | # dial_addr: "146.112.41.2"
85 | # enable_http3: false
86 | # - addr: "https://public.dns.iij.jp/dns-query"
87 | # dial_addr: 103.2.57.5
88 | # enable_http3: false
89 | # - addr: "tcp://208.67.220.220:5353" # CISCO OpenDNS
90 | # enable_pipeline: true
91 |
92 | - tag: remote_sequence
93 | type: sequence
94 | args:
95 | - exec: prefer_ipv4
96 | - exec: $ecs_tw
97 | - exec: $forward_remote
98 | - exec: return
99 |
100 | - tag: "fallback"
101 | type: "fallback"
102 | args:
103 | primary: forward_easy # easy
104 | secondary: forward_remote # remote
105 | threshold: 360 # 无响应回滚阈值。单位毫秒。默认 500 。
106 | always_standby: true # 副可执行插件始终待命。
107 |
108 | - tag: fallback_sequence
109 | type: sequence
110 | args:
111 | - exec: prefer_ipv4
112 | - exec: $ecs_tw
113 | - exec: $fallback
114 | - exec: return
115 |
116 | - tag: fallback_sequence_ipv6
117 | type: sequence
118 | args:
119 | - exec: prefer_ipv6
120 | - exec: $fallback
121 | - exec: return
122 |
123 | - tag: has_resp_sequence
124 | type: sequence
125 | args:
126 | - matches:
127 | - has_resp
128 | exec: accept
129 |
130 |
131 |
132 |
133 | - tag: "hosts"
134 | type: "hosts"
135 | args:
136 | # entries:
137 | # - "google.com 108.177.122.113"
138 | files:
139 | - "/etc/mosdns/rule/hosts.txt"
140 |
141 | - tag: geosite_cn # 国内域名
142 | type: domain_set
143 | args:
144 | files:
145 | - "/etc/mosdns/rule/china_domain_list.txt" # https://raw.githubusercontent.com/pmkol/easymosdns/rules/china_domain_list.txt
146 |
147 | - tag: geoip_cn # 国内 IP
148 | type: ip_set
149 | args:
150 | files:
151 | - "/etc/mosdns/rule/china_ip_list.txt" # https://raw.githubusercontent.com/pmkol/easymosdns/rules/china_ip_list.txt
152 |
153 | - tag: privatelist # 内网域名
154 | type: domain_set
155 | args:
156 | files:
157 | - "/etc/mosdns/rule/private.txt" # https://raw.githubusercontent.com/Loyalsoldier/domain-list-custom/release/private.txt
158 |
159 | - tag: whitelist
160 | type: domain_set
161 | args:
162 | files:
163 | - "/etc/mosdns/rule/white_list.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/white_list.txt
164 |
165 | - tag: blocklist
166 | type: domain_set
167 | args:
168 | files:
169 | - "/etc/mosdns/rule/block_list.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/block_list.txt
170 |
171 | - tag: greylist # 用来存放被污染的域名。
172 | type: domain_set
173 | args:
174 | files:
175 | - "/etc/mosdns/rule/grey_list.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/grey_list.txt
176 |
177 | - tag: ipv6list # 用来存放优先走 ipv6 的域名。
178 | type: domain_set
179 | args:
180 | files:
181 | - "/etc/mosdns/rule/ipv6_domain_list.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/ipv6_domain_list.txt
182 |
183 | - tag: originallist # 用来存放优不进行 IP 优选的域名。
184 | type: domain_set
185 | args:
186 | files:
187 | - "/etc/mosdns/rule/original_domain_list.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/original_domain_list.txt
188 |
189 | - tag: akamailist
190 | type: domain_set
191 | args:
192 | files:
193 | - "/etc/mosdns/rule/akamai_domain_list.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/akamai_domain_list.txt
194 |
195 | - tag: cdnlist
196 | type: domain_set
197 | args:
198 | exps:
199 | - "cloudflare.com"
200 | - "cloudfront.net"
201 | - "ghproxy.com"
202 | - "microsoft.com"
203 | - "playstation.com"
204 | - "playstation.net"
205 | - "redhat.com"
206 | - "samsung.com"
207 | - "ubi.com"
208 | - "ubisoft.com"
209 | - "xboxlive.com"
210 | files:
211 | - "/etc/mosdns/rule/cdn_domain_list.txt" # https://raw.githubusercontent.com/pmkol/easymosdns/rules/cdn_domain_list.txt
212 |
213 | - tag: gfwlist
214 | type: domain_set
215 | args:
216 | files:
217 | - "/etc/mosdns/rule/gfw.txt" # https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/gfw.txt
218 | - "/etc/mosdns/rule/greatfire.txt" # https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/greatfire.txt
219 | - "/etc/mosdns/rule/custom_list.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/custom_list.txt
220 |
221 | - tag: banned_ip
222 | type: ip_set
223 | args:
224 | ips:
225 | - "0.0.0.0/32"
226 | - "2001::/32"
227 | files:
228 | - "/etc/mosdns/rule/gfw_ip_list.txt" # https://raw.githubusercontent.com/pmkol/easymosdns/rules/gfw_ip_list.txt
229 | - "/etc/mosdns/rule/facebook.txt" # https://raw.githubusercontent.com/Loyalsoldier/geoip/release/text/facebook.txt
230 | # - "/etc/mosdns/rule/telegram.txt" # https://raw.githubusercontent.com/Loyalsoldier/geoip/release/text/telegram.txt
231 | - "/etc/mosdns/rule/twitter.txt" # https://raw.githubusercontent.com/Loyalsoldier/geoip/release/text/twitter.txt
232 |
233 | - tag: cloudflare_ip
234 | type: ip_set
235 | args:
236 | files:
237 | - "/etc/mosdns/rule/ip.txt" # https://raw.githubusercontent.com/XIU2/CloudflareSpeedTest/master/ip.txt
238 |
239 | - tag: cloudflare_ipv6
240 | type: ip_set
241 | args:
242 | files:
243 | - "/etc/mosdns/rule/ipv6.txt" # https://raw.githubusercontent.com/XIU2/CloudflareSpeedTest/master/ipv6.txt
244 |
245 | - tag: cloudfront_ip
246 | type: ip_set
247 | args:
248 | files:
249 | - "/etc/mosdns/rule/cloudfront.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/cloudfront.txt
250 |
251 | - tag: cloudfront_ipv6
252 | type: ip_set
253 | args:
254 | files:
255 | - "/etc/mosdns/rule/cloudfront_ipv6.txt" # https://raw.githubusercontent.com/Journalist-HK/Rules/master/cloudfront_ipv6.txt
256 |
257 | - tag: fastly_ip
258 | type: ip_set
259 | args:
260 | files:
261 | - "/etc/mosdns/rule/fastly.txt" # https://raw.githubusercontent.com/Loyalsoldier/geoip/release/text/fastly.txt
262 |
263 | - tag: "cache_0"
264 | type: "cache"
265 | args:
266 | size: 8192 # 默认: 1024。
267 | # lazy_cache_ttl > 0 会启用 lazy cache。
268 | # 所有应答都会在缓存中存留 lazy_cache_ttl 秒,但自身的 TTL 仍然有效。如果命中过期的应答,
269 | # 则缓存会立即返回 TTL 为 5 的应答,然后自动在后台发送请求更新数据。
270 | lazy_cache_ttl: 259200 # 默认: 0(禁用 lazy cache)。
271 | # 建议值 86400(1天)~ 259200(3天)
272 | dump_file: /usr/share/mosdns/cache.dump
273 | # (实验性) 自动保存间隔。单位秒。默认 600。
274 | # 如果距离上次 dump 有 1024 次更新,则自动保存。
275 | dump_interval: 7200
276 |
277 |
278 |
279 |
280 |
281 |
282 |
283 | # IP 优选,需要定期修改,最好填写 2 - 4 个
284 | - tag: blackhole_akamai # 替换部分 AKAMAI 域名 IP,详见 https://github.com/IrineSistiana/mosdns/discussions/489
285 | type: sequence
286 | args:
287 | - exec: black_hole 119.149.188.15 202.142.229.59 223.44.51.33 # best_akamai_ip
288 | - exec: ttl 3600-0
289 | - exec: accept # 运行 black_hole 之后接受请求,不再进行后续判断
290 |
291 | - tag: blackhole_akamai_ipv6
292 | type: sequence
293 | args:
294 | - exec: black_hole 2600:140b:1000::1730:d5ab 2600:140b:1000::1730:d5ce # best_akamai_ipv6
295 | - exec: ttl 3600-0
296 | - exec: accept
297 |
298 | - tag: blackhole_cloudflare
299 | type: sequence
300 | args:
301 | - exec: black_hole 104.17.7.198 104.17.61.114 162.159.0.195 162.159.7.75 # best_cloudflare_ip
302 | - exec: ttl 3600-0
303 | - exec: accept
304 |
305 | - tag: blackhole_cloudflare_ipv6
306 | type: sequence
307 | args:
308 | - exec: black_hole 2a06:98c1:310f::e0c0:131c:2cb3 2a06:98c1:310f::ee3c:1d43:fc2e:6f6c # best_cloudflare_ipv6
309 | - exec: ttl 3600-0
310 | - exec: accept
311 |
312 | - tag: blackhole_cloudfront
313 | type: sequence
314 | args:
315 | - exec: black_hole 18.172.26.139 18.172.28.94 52.84.151.126 52.84.228.48 # best_cloudfront_ip
316 | - exec: ttl 3600-0
317 | - exec: accept
318 |
319 | - tag: blackhole_cloudfront_ipv6
320 | type: sequence
321 | args:
322 | - exec: black_hole 2600:9000:20e9:1edf:3560:977b:c990:1f75 2600:9000:20e9:1edf:35c0:29ed:b6ac:7b3b # best_cloudfront_ipv6
323 | - exec: ttl 3600-0
324 | - exec: accept
325 |
326 | - tag: remote_sequence_us # 使用 US ECS 请求上游
327 | type: sequence
328 | args:
329 | - exec: prefer_ipv4
330 | - exec: $ecs_us
331 | - exec: $forward_remote
332 | - exec: jump has_resp_sequence
333 |
334 | - tag: fallback_sequence_us # 使用 US ECS 请求上游
335 | type: sequence
336 | args:
337 | - exec: prefer_ipv4
338 | - exec: $ecs_us
339 | - exec: $fallback
340 | - exec: jump has_resp_sequence
341 |
342 | - tag: change_cdn_ip_akamai
343 | type: sequence
344 | args:
345 | - matches:
346 | - cname akamai.net
347 | - qtype 1
348 | - has_wanted_ans # 防止纯 IPV6 域名被替换
349 | exec: jump blackhole_akamai
350 | - matches:
351 | - cname akamai.net
352 | - qtype 28
353 | - has_wanted_ans
354 | exec: jump blackhole_akamai_ipv6 # 如果不需要对纯 IPV6 域名优选可以去掉这一段
355 | - exec: return
356 |
357 | - tag: change_cdn_ip_cf # https://github.com/XIU2/CloudflareSpeedTest/discussions/317
358 | type: sequence
359 | args:
360 | - matches:
361 | - qtype 1
362 | - has_wanted_ans
363 | - resp_ip $cloudflare_ip
364 | exec: jump blackhole_cloudflare
365 | - matches:
366 | - qtype 1
367 | - has_wanted_ans
368 | - resp_ip $cloudfront_ip
369 | exec: jump blackhole_cloudfront
370 | - matches:
371 | - qtype 28
372 | - has_wanted_ans
373 | - resp_ip $cloudflare_ipv6
374 | exec: jump blackhole_cloudflare_ipv6
375 | - matches:
376 | - qtype 28
377 | - has_wanted_ans
378 | - resp_ip $cloudfront_ipv6
379 | exec: jump blackhole_cloudfront_ipv6
380 | - exec: return
381 |
382 | - tag: reforward_fastly_remote # 使用 US ECS 再次查询优化 Fastly CDN 结果
383 | type: sequence
384 | args:
385 | - matches:
386 | - resp_ip $fastly_ip
387 | exec: jump remote_sequence_us
388 | - exec: return
389 |
390 | - tag: reforward_fastly_fallback # 使用 US ECS 再次查询优化 Fastly CDN 结果
391 | type: sequence
392 | args:
393 | - matches:
394 | - resp_ip $fastly_ip
395 | exec: jump fallback_sequence_us
396 | - exec: return
397 |
398 | - tag: gfw_sequence # 处理 GFW 域名
399 | type: sequence
400 | args:
401 | - exec: jump remote_sequence
402 | - exec: jump change_cdn_ip_akamai
403 | - exec: jump change_cdn_ip_cf
404 | - exec: jump reforward_fastly_remote
405 | - exec: accept # 查询失败也会停止,防止后续查询回落到国内上游
406 |
407 | - tag: default_sequence # 默认使用 fallback
408 | type: sequence
409 | args:
410 | - exec: jump fallback_sequence
411 | - exec: jump change_cdn_ip_akamai
412 | - exec: jump change_cdn_ip_cf
413 | - exec: jump reforward_fastly_fallback
414 | - exec: accept # 查询失败也会停止,防止后续查询回落到国内上游
415 |
416 | - tag: default_sequence_original # 使用 fallback,不替换 CDN IP
417 | type: sequence
418 | args:
419 | - exec: jump fallback_sequence
420 | - exec: jump has_resp_sequence
421 |
422 | - tag: default_sequence_ipv6 # 使用 fallback,但不替换 CDN IP,IPV6 优先
423 | type: sequence
424 | args:
425 | - exec: jump fallback_sequence_ipv6
426 | - exec: jump has_resp_sequence
427 |
428 | - tag: ali_sequence
429 | type: sequence
430 | args:
431 | # - exec: prefer_ipv4
432 | - exec: $forward_alidns
433 | - exec: jump change_cdn_ip_akamai
434 | - exec: jump change_cdn_ip_cf
435 | - exec: jump reforward_fastly_fallback
436 | - exec: accept # 查询失败也会停止,防止后续查询其他上游
437 |
438 | - tag: ali_sequence_ipv4
439 | type: sequence
440 | args:
441 | - exec: prefer_ipv4
442 | - exec: $forward_alidns
443 | - exec: jump change_cdn_ip_akamai
444 | - exec: jump change_cdn_ip_cf
445 | - exec: jump reforward_fastly_fallback
446 | - exec: accept # 查询失败也会停止,防止后续查询其他上游
447 |
448 | # - tag: reforward_banned_ip
449 | # type: sequence
450 | # args:
451 | # - exec: debug_print "DNS poisoning detected"
452 | # - exec: jump fallback_sequence
453 | # - exec: return
454 |
455 | - tag: main
456 | type: sequence
457 | args:
458 | - matches:
459 | - qtype 65
460 | exec: reject 3 # 屏蔽 QTYPE 65
461 |
462 | - exec: $hosts
463 | - exec: jump has_resp_sequence
464 |
465 | - matches:
466 | - qname $privatelist #内网域名
467 | exec: reject 5 # 屏蔽内网域名
468 | # exec: $forward_lan # 查询内网 DNS
469 | # - exec: jump has_resp_sequence
470 |
471 | - matches:
472 | - qname $whitelist # DDNS 和 其他白名单
473 | exec: $forward_local
474 | - exec: ttl 5-180
475 | - exec: jump has_resp_sequence
476 |
477 | - matches:
478 | - qname $blocklist # 黑名单,可添加去广告列表
479 | exec: reject 5
480 |
481 | - exec: $cache_0 # 下面的请求结果均进入缓存
482 |
483 | - matches:
484 | - qname $ipv6list
485 | exec: jump default_sequence_ipv6 # IPV6 域名请求 EASY DNS
486 |
487 | - matches:
488 | - qname $originallist # 不进行 IP 替换的域名,通常是游戏等使用非常用端口的域名
489 | exec: jump default_sequence_original
490 |
491 | - matches:
492 | - qname $greylist
493 | exec: jump default_sequence # 污染域名请求 EASY DNS
494 |
495 | - matches:
496 | - qname $geosite_cn # 国内域名走阿里 DNS,也可以走运营商 DNS
497 | exec: jump ali_sequence # 如果使用策略 1,可以考虑去掉这一段。去掉后,当阿里 DNS 查询失败后会查询可信上游。
498 |
499 | - matches:
500 | - qname $cdnlist apple.com icloud.com edgesuite.net msftconnecttest.com trafficmanager.net
501 | exec: jump ali_sequence_ipv4 # 我这里用阿里 DNS 请求 AKAMAI 域名返回东京电信的概率较高,可以替换成其他。
502 |
503 | - matches:
504 | - qname $gfwlist
505 | exec: jump gfw_sequence # GFW 域名直接请求海外 DNS
506 |
507 | - matches:
508 | - qname $akamailist
509 | exec: jump ali_sequence_ipv4 # 我这里用阿里 DNS 请求 AKAMAI 域名返回东京电信的概率较高,可以替换成其他。
510 |
511 | # 策略 1:默认查询国内上游,入返回境外 IP,再次将域名交给可信 DNS 查询。
512 | - exec: $forward_alidns # 默认使用阿里 DNS,如果担心 DNS 泄露,可以调换顺序,把 fallback 放在前面,代价是延迟会变高。这种情况下可以使用前面的 cdnlist 域名先做判断。
513 | - matches:
514 | - resp_ip $banned_ip # 记录被污染域名,日后加入 gerylist。可以去掉。
515 | exec: debug_print "DNS poisoning detected"
516 | - matches:
517 | - "resp_ip $geoip_cn"
518 | exec: accept # 返回国内 IP 直接接受
519 | - exec: jump change_cdn_ip_akamai
520 | - matches: # 有些 AKAMAI 的域名不能直接替换 IP(没有绑定全证书),此处多加一次判断,接受所有 AKAMAI CDN 的 IP。
521 | - cname $akamailist
522 | exec: accept
523 | - exec: jump change_cdn_ip_cf
524 | - exec: jump reforward_fastly_fallback
525 |
526 | # 策略 2:注释上方策略 1 的配置,默认查询可信 DNS,可以避免“DNS 泄露”,对上游稳定性要求更高
527 | - exec: jump default_sequence # 其余域名使用可信 DNS
528 |
529 |
530 | - tag: udp_server
531 | type: udp_server
532 | args:
533 | entry: main
534 | listen: ":${mosDNSServerPort}"
535 |
536 | - tag: tcp_server
537 | type: tcp_server
538 | args:
539 | entry: main
540 | listen: ":${mosDNSServerPort}"
541 | # cert: "/etc/nginx/conf.d/_lan.crt" # 配置 cert 和 key 后会启用 TLS (DoT)。
542 | # key: "/etc/nginx/conf.d/_lan.key"
543 | idle_timeout: 10 # 空连接超时。单位秒。默认 10。
544 |
545 |
--------------------------------------------------------------------------------
/dsm/openwrt.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 |
4 |
5 | checkArchitecture(){
6 | # https://stackoverflow.com/questions/48678152/how-to-detect-386-amd64-arm-or-arm64-os-architecture-via-shell-bash
7 |
8 | case $(uname -m) in
9 | i386) osArchitecture="386" ;;
10 | i686) osArchitecture="386" ;;
11 | x86_64) osArchitecture="amd64" ;;
12 | arm) dpkg --print-architecture | grep -q "arm64" && osArchitecture="arm64" || osArchitecture="arm" ;;
13 | aarch64) dpkg --print-architecture | grep -q "arm64" && osArchitecture="arm64" || osArchitecture="arm" ;;
14 | * ) osArchitecture="arm" ;;
15 | esac
16 |
17 | }
18 |
19 |
20 | getLinuxOSRelease(){
21 |
22 | checkArchitecture
23 |
24 | # NAME="OpenWrt"
25 | # VERSION="SNAPSHOT"
26 | # ID="openwrt"
27 | if [ -f /etc/os-release ]; then
28 | . /etc/os-release
29 | osInfo=$NAME
30 | osID=$ID
31 | osReleaseVersionNo=$VERSION_ID
32 | fi
33 |
34 | echo "OS: ${osInfo}, ${ID}, ${VERSION_ID} CPU: $osArchitecture"
35 | }
36 |
37 |
38 | getGithubLatestReleaseVersion(){
39 | # https://github.com/p4gefau1t/trojan-go/issues/63
40 | wget --no-check-certificate -qO- https://api.github.com/repos/$1/tags | grep 'name' | cut -d\" -f4 | head -1 | cut -b 1-
41 | }
42 |
43 |
44 |
45 | mosdnsDownloadPath="/tmp"
46 | mosdnsLogFilePath="/tmp/mosdns.log"
47 | mosdnsEtcPath="/etc/mosdns"
48 |
49 | getIPDKdownloadFilename(){
50 | # mosdnsIPK_array=($(wget -qO- https://op.supes.top/packages/x86_64/ | grep -E "mosdns|v2ray" | awk -F'<a href=\"' '/ipk/{print $2}' | cut -d\" -f1 | sort -V))
51 |
52 | mosdnsFilename="mosdns_8bc1821-84_x86_64.ipk"
53 | mosdnsNeoFilename="mosdns-neo_abcb222-73_x86_64.ipk"
54 | mosdnsLuciFilename="luci-app-mosdns_git-22.189.25450-61bab3a_all.ipk"
55 |
56 | mosdnsUrl="https://op.supes.top/packages/x86_64/mosdns_8bc1821-84_x86_64.ipk"
57 | mosdnsNeoUrl="https://op.supes.top/packages/x86_64/mosdns_8bc1821-84_x86_64.ipk"
58 | mosdnsLuciUrl="https://op.supes.top/packages/x86_64/luci-app-mosdns_git-23.275.44892-e5a38e2_all.ipk"
59 |
60 | v2rayGeoSiteFilename="v2ray-geosite_20220425025949-4_all.ipk"
61 | v2rayGeoIpFilename="v2ray-geoip_202204210050-4_all.ipk"
62 |
63 | v2rayGeoSiteUrl="https://op.supes.top/packages/x86_64/v2ray-geosite_202203020836-6_all.ipk"
64 | v2rayGeoIpUrl="https://op.supes.top/packages/x86_64/v2ray-geoip_202203020834-6_all.ipk"
65 |
66 |
67 | mosdnsIPK_array=$(wget -qO- https://op.supes.top/packages/x86_64/ | grep -E "mosdns|v2ray" | awk -F'<a href=\"' '/ipk/{print $2}' | cut -d\" -f1 | sort -V)
68 |
69 | echo " 准备下载并安装以下文件"
70 |
71 | for filename in ${mosdnsIPK_array}; do
72 |
73 | if [ "${filename#*luci-app-mosdns}" != "$filename" ]; then
74 | mosdnsLuciFilename="${filename}"
75 | mosdnsLuciUrl="https://op.supes.top/packages/x86_64/${mosdnsLuciFilename}"
76 | echo "1 ${mosdnsLuciFilename}"
77 |
78 | elif [ "${filename#*mosdns-neo}" != "$filename" ]; then
79 | mosdnsNeoFilename="${filename}"
80 | mosdnsNeoUrl="https://op.supes.top/packages/x86_64/${mosdnsNeoFilename}"
81 | echo "2 ${mosdnsNeoFilename}"
82 |
83 | elif [ "${filename#*mosdns}" != "$filename" ]; then
84 | mosdnsFilename="${filename}"
85 | mosdnsUrl="https://op.supes.top/packages/x86_64/${mosdnsFilename}"
86 | echo "3 ${mosdnsFilename}"
87 |
88 | elif [ "${filename#*geosite}" != "$filename" ]; then
89 | v2rayGeoSiteFilename="${filename}"
90 | v2rayGeoSiteUrl="https://op.supes.top/packages/x86_64/${v2rayGeoSiteFilename}"
91 | echo "4 $v2rayGeoSiteFilename"
92 |
93 | elif [ "${filename#*geoip}" != "$filename" ]; then
94 | v2rayGeoIpFilename="${filename}"
95 | v2rayGeoIpUrl="https://op.supes.top/packages/x86_64/${v2rayGeoIpFilename}"
96 | echo "5 $v2rayGeoIpFilename"
97 | else
98 | tempUrlXX=""
99 | fi
100 | done
101 | }
102 |
103 |
104 | installMosdns(){
105 | getLinuxOSRelease
106 |
107 | echo
108 | echo " ================================================== "
109 |
110 | if [ "${osInfo}" = "OpenWrt" ]; then
111 | if [ "${osArchitecture}" = "amd64" ]; then
112 | echo " Prepare to install Mosdns on OpenWrt X86"
113 | echo " 准备安装 OpenWrt X86 Mosdns, 通过 opkg 安装"
114 | else
115 | echo " Prepare to install Mosdns on OpenWrt Arm Openwrt ! "
116 | echo " 准备安装 OpenWrt Arm Mosdns, 如果安装失败 请在下面页面自行查找对应Arm版本进行安装 ! "
117 | echo " https://github.com/sbwml/luci-app-mosdns/releases ! "
118 | echo
119 | echo " 手动安装方法: "
120 | echo " 下载文件 v2ray-geoip_2022-07-04_all.ipk, v2ray-geosite_2022-07-04_all.ipk "
121 | echo " 下载文件 mosdns_4.1.5-1_arm_cortex-a7.ipk, luci-app-mosdns_1.4_all.ipk "
122 | echo " 把已下载文件 通过 ssh 或 ftp 上传到路由器上 例如上传到 /tmp 目录后 "
123 | echo " 运行命令 cd /tmp "
124 | echo " 运行命令 opkg install v2ray-geoip_2022-07-04_all.ipk v2ray-geosite_2022-07-04_all.ipk"
125 | echo " 运行命令 opkg install mosdns_4.1.5-1_arm_cortex-a7.ipk luci-app-mosdns_1.4_all.ipk "
126 | exit
127 | fi
128 | else
129 | echo " ================================================== "
130 | echo " For Other linux platform, please use the script below: "
131 | echo " 针对非 OpenWrt 的 linux 系统, 请使用如下脚本安装: "
132 | echo " wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh "
133 | echo
134 | exit
135 | fi
136 |
137 | echo
138 | echo " 请保证网络可以正常访问 github.com"
139 | echo " 如果不能正常访问 github.com 将会导致下载文件失败从而无法正常安装"
140 | echo " 请访问下面的链接 来检查是否可以正常访问 github.com"
141 | echo " https://raw.githubusercontent.com/Loyalsoldier/v2ray-rules-dat/release/direct-list.txt"
142 | echo
143 |
144 |
145 | cd "${mosdnsDownloadPath}" || exit
146 |
147 |
148 |
149 | getIPDKdownloadFilename
150 |
151 |
152 | geositeFilename="geosite.dat"
153 | geoipFilename="geoip.dat"
154 | # cnipFilename="cn.dat"
155 |
156 | # versionV2rayRulesDat=$(getGithubLatestReleaseVersion "Loyalsoldier/v2ray-rules-dat")
157 | # geositeUrl="https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat"
158 | # geoipeUrl="https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat"
159 | # cnipUrl="https://github.com/Loyalsoldier/geoip/releases/download/202205120123/cn.dat"
160 |
161 | geositeUrl="https://cdn.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/geosite.dat"
162 | geoipeUrl="https://cdn.jsdelivr.net/gh/Loyalsoldier/v2ray-rules-dat@release/geoip.dat"
163 | # cnipUrl="https://raw.githubusercontent.com/Loyalsoldier/geoip/release/cn.dat"
164 |
165 |
166 |
167 |
168 | echo
169 | echo " ================================================== "
170 | echo " 请填写mosdns运行的端口号 默认端口5335"
171 | echo
172 | read -r -p "请填写mosdns运行的端口号? 默认直接回车为5335, 请输入纯数字:" isMosDNSServerPortInput
173 | isMosDNSServerPortInput=${isMosDNSServerPortInput:-5335}
174 |
175 | mosDNSServerPort="5335"
176 | isNumberMosdnsPort=$(echo $mosDNSServerPort | grep -E '^[+-]?[0-9]+#39;)
177 | if [ -n "${isNumberMosdnsPort}" ] ; then
178 | mosDNSServerPort="${isMosDNSServerPortInput}"
179 | fi
180 |
181 | echo
182 | echo " ================================================== "
183 | echo " 是否添加自建的DNS服务器, 默认直接回车不添加"
184 | echo " 选是为添加DNS服务器, 建议先架设好DNS服务器后再运行此脚本"
185 | echo " 本脚本默认已经内置了多个DNS服务器地址"
186 | echo
187 | read -r -p "是否添加自建的DNS服务器? 默认直接回车为不添加, 请输入[y/N]:" isAddNewDNSServerInput
188 | isAddNewDNSServerInput=${isAddNewDNSServerInput:-n}
189 |
190 | addNewDNSServerIPText=""
191 | addNewDNSServerDomainText=""
192 | if [[ "$isAddNewDNSServerInput" == [Nn] ]]; then
193 | echo
194 | else
195 | echo
196 | echo " ================================================== "
197 | echo " 请输入自建的DNS服务器IP 格式例如 1.1.1.1"
198 | echo " 请保证端口53 提供DNS解析服务, 如果是非53端口请填写端口号, 格式例如 1.1.1.1:8053"
199 | echo
200 | read -r -p "请输入自建DNS服务器IP地址, 请输入:" isAddNewDNSServerIPInput
201 |
202 | if [ -n "${isAddNewDNSServerIPInput}" ]; then
203 | read -r -d '' addNewDNSServerIPText << EOM
204 | - addr: "udp://${isAddNewDNSServerIPInput}"
205 | idle_timeout: 500
206 | trusted: true
207 | EOM
208 |
209 | fi
210 |
211 | echo
212 | echo " ================================================== "
213 | echo " 请输入自建的DNS服务器的域名 用于提供DOH服务, 格式例如 www.dns.com"
214 | echo " 请保证服务器在 /dns-query 提供DOH服务, 例如 https://www.dns.com/dns-query"
215 | echo
216 | read -r -p "请输入自建DOH服务器的域名, 不要输入https://, 请直接输入域名:" isAddNewDNSServerDomainInput
217 |
218 | if [ -n "${isAddNewDNSServerDomainInput}" ]; then
219 | read -r -d '' addNewDNSServerDomainText << EOM
220 | - addr: "https://${isAddNewDNSServerDomainInput}/dns-query"
221 | idle_timeout: 400
222 | trusted: true
223 | EOM
224 | fi
225 | fi
226 |
227 |
228 |
229 |
230 |
231 | echo
232 | echo " ================================================== "
233 | echo " Downloading mosdns. 开始下载 mosdns.ipk 等相关文件"
234 | echo
235 | wget -O ${mosdnsDownloadPath}/${mosdnsFilename} ${mosdnsUrl}
236 | #wget -O ${mosdnsDownloadPath}/${mosdnsNeoFilename} ${mosdnsNeoUrl}
237 | wget -O ${mosdnsDownloadPath}/${mosdnsLuciFilename} ${mosdnsLuciUrl}
238 |
239 | wget -O ${mosdnsDownloadPath}/${v2rayGeoSiteFilename} ${v2rayGeoSiteUrl}
240 | wget -O ${mosdnsDownloadPath}/${v2rayGeoIpFilename} ${v2rayGeoIpUrl}
241 |
242 |
243 | echo
244 | echo " Downloading cn.dat, geosite.dat, geoip.dat. 开始下载 cn.dat geosite.dat geoip.dat 等相关文件"
245 | echo
246 | echo " 请保证网络可以正常访问 github.com"
247 | echo " 如果不能正常访问 github.com 将会导致下载文件失败从而无法正常安装"
248 | echo
249 |
250 | if [ ! -f "${mosdnsDownloadPath}/${geositeFilename}" ]; then
251 | wget -O ${mosdnsDownloadPath}/${geositeFilename} ${geositeUrl}
252 | wget -O ${mosdnsDownloadPath}/${geoipFilename} ${geoipeUrl}
253 | fi
254 |
255 | if [ ! -f "${mosdnsDownloadPath}/${geositeFilename}" ]; then
256 | echo
257 | echo " ${geositeUrl}"
258 | echo " 下载失败, 请检查网络是否可以正常访问 gitHub.com"
259 | fi
260 |
261 | if [ ! -f "${mosdnsDownloadPath}/${geoipFilename}" ]; then
262 | echo
263 | echo " ${geoipeUrl}"
264 | echo " 下载失败, 请检查网络是否可以正常访问 gitHub.com"
265 | fi
266 |
267 |
268 | echo
269 | echo " ================================================== "
270 | echo " Install mosdns.ipk and luci-app-mosdns.ipk. 开始安装 mosdns.ipk luci-app-mosdns.ipk"
271 | echo
272 |
273 | rm -f /etc/config/mosdns
274 | rm -f /etc/config/mosdns-opkg
275 |
276 | rm -f "${mosdnsLogFilePath}"
277 | rm -rf "${mosdnsEtcPath}"
278 |
279 | opkg install ${v2rayGeoSiteFilename}
280 | opkg install ${v2rayGeoIpFilename}
281 |
282 | opkg install ${mosdnsFilename}
283 | opkg install ${mosdnsLuciFilename}
284 |
285 |
286 | mkdir -p ${mosdnsEtcPath}
287 |
288 | if [ -f "${mosdnsDownloadPath}/${geositeFilename}" ]; then
289 | cp -f ${mosdnsDownloadPath}/${geositeFilename} ${mosdnsEtcPath}
290 | else
291 | cp -f /usr/share/v2ray/${geositeFilename} ${mosdnsEtcPath}
292 | fi
293 |
294 | if [ -f "${mosdnsDownloadPath}/${geoipFilename}" ]; then
295 | cp -f ${mosdnsDownloadPath}/${geoipFilename} ${mosdnsEtcPath}
296 | else
297 | cp -f /usr/share/v2ray/${geoipFilename} ${mosdnsEtcPath}
298 | fi
299 |
300 |
301 | cat > "${mosdnsEtcPath}/cus_config.yaml" <<-EOF
302 |
303 | log:
304 | level: info
305 | file: "${mosdnsLogFilePath}"
306 |
307 | data_providers:
308 | - tag: geosite
309 | file: ./geosite.dat
310 | auto_reload: true
311 | - tag: geoip
312 | file: ./geoip.dat
313 | auto_reload: true
314 |
315 | plugins:
316 | # 缓存
317 | - tag: cache
318 | type: cache
319 | args:
320 | size: 2048
321 | lazy_cache_ttl: 3600
322 | cache_everything: true
323 |
324 | # hosts map
325 | # - tag: map_hosts
326 | # type: hosts
327 | # args:
328 | # hosts:
329 | # - 'google.com 0.0.0.0'
330 | # - 'api.miwifi.com 127.0.0.1'
331 | # - 'www.baidu.com 0.0.0.0'
332 |
333 | # 转发至本地服务器的插件
334 | - tag: forward_local
335 | type: fast_forward
336 | args:
337 | upstream:
338 | - addr: "udp://223.5.5.5"
339 | trusted: true
340 | - addr: "udp://119.29.29.29"
341 | trusted: false
342 |
343 |
344 | # 转发至远程服务器的插件
345 | - tag: forward_remote
346 | type: fast_forward
347 | args:
348 | upstream:
349 | ${addNewDNSServerIPText}
350 | ${addNewDNSServerDomainText}
351 | - addr: "udp://208.67.222.222"
352 | trusted: true
353 |
354 | - addr: "udp://1.0.0.1"
355 | trusted: true
356 | - addr: "https://dns.cloudflare.com/dns-query"
357 | idle_timeout: 400
358 | trusted: true
359 |
360 | - addr: "udp://5.2.75.231"
361 | idle_timeout: 400
362 | trusted: true
363 |
364 | - addr: "udp://185.121.177.177"
365 | idle_timeout: 400
366 | trusted: true
367 |
368 | - addr: "udp://94.130.180.225"
369 | idle_timeout: 400
370 | trusted: true
371 |
372 | - addr: "udp://78.47.64.161"
373 | idle_timeout: 400
374 | trusted: true
375 |
376 | - addr: "udp://51.38.83.141"
377 |
378 | - addr: "udp://176.9.93.198"
379 | - addr: "udp://176.9.1.117"
380 |
381 | - addr: "udp://88.198.92.222"
382 |
383 |
384 | # 匹配本地域名的插件
385 | - tag: query_is_local_domain
386 | type: query_matcher
387 | args:
388 | domain:
389 | - 'provider:geosite:cn'
390 |
391 | - tag: query_is_gfw_domain
392 | type: query_matcher
393 | args:
394 | domain:
395 | - 'provider:geosite:gfw'
396 |
397 | # 匹配非本地域名的插件
398 | - tag: query_is_non_local_domain
399 | type: query_matcher
400 | args:
401 | domain:
402 | - 'provider:geosite:geolocation-!cn'
403 |
404 | # 匹配广告域名的插件
405 | - tag: query_is_ad_domain
406 | type: query_matcher
407 | args:
408 | domain:
409 | - 'provider:geosite:category-ads-all'
410 |
411 | # 匹配本地 IP 的插件
412 | - tag: response_has_local_ip
413 | type: response_matcher
414 | args:
415 | ip:
416 | - 'provider:geoip:cn'
417 |
418 |
419 | # 主要的运行逻辑插件
420 | # sequence 插件中调用的插件 tag 必须在 sequence 前定义,
421 | # 否则 sequence 找不到对应插件。
422 | - tag: main_sequence
423 | type: sequence
424 | args:
425 | exec:
426 | # hosts map
427 | # - map_hosts
428 |
429 | # 缓存
430 | - cache
431 |
432 | # 屏蔽广告域名 ad block
433 | - if: query_is_ad_domain
434 | exec:
435 | - _new_nxdomain_response
436 | - _return
437 |
438 | # 已知的本地域名用本地服务器解析
439 | - if: query_is_local_domain
440 | exec:
441 | - forward_local
442 | - _return
443 |
444 | - if: query_is_gfw_domain
445 | exec:
446 | - forward_remote
447 | - _return
448 |
449 | # 已知的非本地域名用远程服务器解析
450 | - if: query_is_non_local_domain
451 | exec:
452 | - _prefer_ipv4
453 | - forward_remote
454 | - _return
455 |
456 | # 剩下的未知域名用 IP 分流。
457 | # primary 从本地服务器获取应答,丢弃非本地 IP 的结果。
458 | - primary:
459 | - forward_local
460 | - if: "(! response_has_local_ip) && [_response_valid_answer]"
461 | exec:
462 | - _drop_response
463 | secondary:
464 | - _prefer_ipv4
465 | - forward_remote
466 | fast_fallback: 200
467 | always_standby: true
468 |
469 | servers:
470 | - exec: main_sequence
471 | listeners:
472 | - protocol: udp
473 | addr: ":${mosDNSServerPort}"
474 | - protocol: tcp
475 | addr: ":${mosDNSServerPort}"
476 |
477 |
478 | EOF
479 |
480 |
481 | echo
482 | echo " ================================================== "
483 | echo " Install mosdns success! 安装 mosdns 成功!"
484 | echo " mosdns running at port ${mosDNSServerPort}! 运行端口: ${mosDNSServerPort}!"
485 | echo " 查看访问日志: cat ${mosdnsLogFilePath}"
486 |
487 | echo " 请进入OpenWRT管理菜单: 服务-> MosDNS -> MosDNS 配置文件选择 下拉框选择 自定义配置 !"
488 | echo " 然后勾选 启用 复选框后, 点击 保存&应用 按钮 启动 MosDNS !"
489 | echo " ================================================== "
490 | echo
491 | }
492 |
493 |
494 |
495 | removeMosdns(){
496 |
497 | echo
498 | echo " =================================================="
499 | echo " 准备卸载 Mosdns on OpenWRT"
500 | echo " =================================================="
501 | echo
502 |
503 | opkg remove luci-app-mosdns
504 | opkg remove mosdns
505 |
506 | rm -f "${mosdnsLogFilePath}"
507 | rm -rf "${mosdnsEtcPath}"
508 |
509 | rm -f /etc/config/mosdns
510 | rm -f /etc/config/mosdns-opkg
511 |
512 |
513 |
514 | echo
515 | echo " ================================================== "
516 | echo " Mosdns 卸载完毕 !"
517 | echo " ================================================== "
518 |
519 | }
520 |
521 |
522 | main(){
523 |
524 | if [ -z "$1" ]; then
525 | installMosdns
526 | else
527 | removeMosdns
528 | fi
529 |
530 | }
531 |
532 | main $1
533 |
534 |
535 |
--------------------------------------------------------------------------------
/dsm/readme.md:
--------------------------------------------------------------------------------
1 | # PVE 和 群晖DSM NAS 安装工具, FRP 内网穿透工具 一键安装管理脚本
2 |
3 | ### 运行方法 Installation
4 |
5 | #### linux系统下 通过 wget 命令安装 via wget to install script
6 |
7 | ```bash
8 | wget --no-check-certificate -O /root/pve.sh https://raw.githubusercontent.com/jinwyp/one_click_script/master/dsm/pve.sh && chmod 700 /root/pve.sh && /root/pve.sh
9 |
10 | ```
11 |
12 | #### DSM 群晖系统下 通过 wget 命令安装 via wget to install script
13 |
14 | ```bash
15 | wget --no-check-certificate -O /root/pve.sh /tmp https://raw.githubusercontent.com/jinwyp/one_click_script/master/dsm/pve.sh && chmod 700 /tmp/pve.sh && /tmp/pve.sh
16 |
17 | ```
18 |
19 |
20 | ### 注意事项与常见问题 FAQ
21 |
22 | 1. 群晖补丁需要用 ssh 工具登录到群晖的系统后运行使用. 请先在群晖系统 "控制面板->终端机和SNMP" 开启SSH, 然后用admin用户登录ssh后, 运行上面命令. 由于第一次使用admin登陆后, 默认admin没有写入当前的文件夹的权限,所以第一次运行的命令把脚本放到了/tmp目录下. 以后开启root登陆后,可以直接用上面linux的运行方法把脚放到/root目录下即可.
23 |
24 |
25 |
26 | ### 功能介绍 Feature
27 |
28 | 
29 |
30 | 
31 |
32 |
33 |
--------------------------------------------------------------------------------
/netflix_check.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | Font_Black="\033[30m"
4 | Font_Red="\033[31m"
5 | Font_Green="\033[32m"
6 | Font_Yellow="\033[33m"
7 | Font_Blue="\033[34m"
8 | Font_Purple="\033[35m"
9 | Font_SkyBlue="\033[36m"
10 | Font_White="\033[37m"
11 | Font_Suffix="\033[0m"
12 |
13 | # fonts color
14 | red(){
15 | echo -e "\033[31m\033[01m$1\033[0m"
16 | }
17 | green(){
18 | echo -e "\033[32m\033[01m$1\033[0m"
19 | }
20 | yellow(){
21 | echo -e "\033[33m\033[01m$1\033[0m"
22 | }
23 | blue(){
24 | echo -e "\033[34m\033[01m$1\033[0m"
25 | }
26 | bold(){
27 | echo -e "\033[1m\033[01m$1\033[0m"
28 | }
29 |
30 |
31 |
32 |
33 |
34 | UA_Browser="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.87 Safari/537.36";
35 |
36 | configWARPPortFilePath="${HOME}/wireguard/warp-port"
37 | configWARPPortLocalServerPort="40000"
38 | warpPortInput="${1:-40000}"
39 |
40 | isAutoRefreshWarp=""
41 |
42 | function testWARPEnabled(){
43 |
44 | if [[ -f "${configWARPPortFilePath}" ]]; then
45 | configWARPPortLocalServerPort="$(cat ${configWARPPortFilePath})"
46 | yellow "检测到本机已安装 WARP Sock5, 端口号 ${configWARPPortLocalServerPort}"
47 | echo
48 | fi
49 |
50 | if [[ "$isAutoRefreshWarp" == "true" ]]; then
51 | warpPortInput="${configWARPPortLocalServerPort}"
52 | else
53 | read -p "请输入WARP Sock5 端口号? 直接回车默认${configWARPPortLocalServerPort}, 请输入纯数字:" warpPortInput
54 | warpPortInput=${warpPortInput:-$configWARPPortLocalServerPort}
55 | fi
56 | echo
57 |
58 | }
59 |
60 | isIPV6Enabled="false"
61 | function testIPV6Enabled(){
62 | cmdCatIpv6=$(cat /sys/module/ipv6/parameters/disable)
63 | isIPV6Enabled="false"
64 |
65 | if [[ ${cmdCatIpv6} == "0" ]]; then
66 | isIPV6Enabled="true"
67 | fi
68 |
69 | cmd1SysCtlIpv6=$(sysctl -a 2>/dev/null | grep net.ipv6.conf.all.disable_ipv6 | awk -F " " '{print $3}' )
70 | cmd2SysCtlIpv6=$(sysctl -a 2>/dev/null | grep net.ipv6.conf.default.disable_ipv6 | awk -F " " '{print $3}' )
71 |
72 | if [[ ${cmd1SysCtlIpv6} == "0" && ${cmd2SysCtlIpv6} == "0" ]]; then
73 | isIPV6Enabled="true"
74 | fi
75 | }
76 |
77 |
78 | function testNetflixAll(){
79 | curlCommand="curl --connect-timeout 10 -sL"
80 | curlInfo="IPv4"
81 |
82 | if [[ $1 == "ipv4" ]]; then
83 | bold " 开始测试本机的IPv4 解锁 Netflix 情况"
84 | curlCommand="${curlCommand} -4"
85 | curlInfo="IPv4"
86 |
87 | elif [[ $1 == "ipv4warp" ]]; then
88 |
89 | read -r -p "是否测试本机 IPv4 WARP Sock5 代理? 直接回车默认不测试 请输入[y/N]:" isIpv4WARPContinueInput
90 | isIpv4WARPContinueInput=${isIpv4WARPContinueInput:-n}
91 |
92 | if [[ ${isIpv4WARPContinueInput} == [Nn] ]]; then
93 | red " 已退出本机 IPv4 WARP Sock5 代理测试"
94 | echo
95 | return
96 | else
97 | testWARPEnabled
98 |
99 | bold " 开始测试本机的IPv4 通过CloudFlare WARP 解锁 Netflix 情况"
100 | curlCommand="${curlCommand} -x socks5h://127.0.0.1:${warpPortInput}"
101 | curlInfo="IPv4 CloudFlare WARP"
102 | fi
103 |
104 |
105 | elif [[ $1 == "ipv6" ]]; then
106 |
107 | if [[ "${isIPV6Enabled}" == "false" ]]; then
108 | red " 本机IPv6 没有开启 是否继续测试IPv6 "
109 | read -r -p "是否继续测试IPv6? 直接回车默认不继续测试 请输入[y/N]:" isIpv6ContinueInput
110 | isIpv6ContinueInput=${isIpv6ContinueInput:-n}
111 |
112 | if [[ ${isIpv6ContinueInput} == [Nn] ]]; then
113 | red " 已退出 本机IPv6 测试 "
114 | echo
115 | return
116 | else
117 | echo
118 | bold " 开始测试本机的IPv6 解锁 Netflix 情况"
119 | curlCommand="${curlCommand} -6"
120 | curlInfo="IPv6"
121 | fi
122 | else
123 | bold " 开始测试本机的IPv6 解锁 Netflix 情况"
124 | curlCommand="${curlCommand} -6"
125 | curlInfo="IPv6"
126 |
127 | fi
128 |
129 |
130 | elif [[ $1 == "ipv6warp" ]]; then
131 | bold " 开始测试本机的IPv6 通过CloudFlare WARP 解锁 Netflix 情况"
132 | curlCommand="${curlCommand} -6"
133 | curlInfo="IPv6 CloudFlare WARP"
134 |
135 | else
136 | red " 没有选择要进行的测试 已退出! "
137 | return
138 |
139 | fi
140 |
141 | # curl 参数说明
142 | # --connect-timeout <seconds> Maximum time allowed for connection
143 | # -4, --ipv4 Resolve names to IPv4 addresses
144 | # -s, --silent Silent mode
145 | # -S, --show-error Show error even when -s is used
146 | # -L, --location Follow redirects
147 | # -i, --include Include protocol response headers in the output
148 | # -f, --fail Fail silently (no output at all) on HTTP errors
149 |
150 |
151 | testNetflixOneMethod "${curlCommand}" "${curlInfo}"
152 | echo
153 |
154 | }
155 |
156 | function testNetflixOneMethod(){
157 | # https://stackoverflow.com/questions/3869072/test-for-non-zero-length-string-in-bash-n-var-or-var
158 |
159 | if [[ -n "$1" ]]; then
160 |
161 | netflixLinkIndex="https://www.netflix.com/"
162 | netflixLinkOwn="https://www.netflix.com/title/80018499"
163 |
164 |
165 | # green " Test Url: $1 -S ${netflixLinkIndex}"
166 | resultIndex=$($1 -S ${netflixLinkIndex} 2>&1)
167 |
168 | if [[ "${resultIndex}" == "curl"* ]];then
169 | red " 网络错误 无法打开 Netflix 网站"
170 | return
171 | fi
172 |
173 | if [[ -z "${resultIndex}" ]];then
174 | resultIndex2=$($1 -S ${netflixLinkIndex} 2>&1)
175 | if [[ -z "${resultIndex2}" ]];then
176 | red " 已被 Netflix 屏蔽, 403 访问错误 "
177 | return
178 | fi
179 | fi
180 |
181 | if [ "${resultIndex}" == "Not Available" ];then
182 | red " Netflix 不提供此地区服务 "
183 | if [[ "$isAutoRefreshWarp" == "true" ]]; then
184 | echo
185 | else
186 | return
187 | fi
188 |
189 | fi
190 |
191 |
192 |
193 |
194 |
195 | # green " Test Url: $1 -S ${netflixLinkOwn}"
196 | resultOwn=$($1 -S ${netflixLinkIndex} 2>&1)
197 |
198 | if [[ "${resultOwn}" == *"page-404"* ]] || [[ "${resultOwn}" == *"NSEZ-403"* ]];then
199 | red " 本机 $2 不能播放 Netflix 任何剧集"
200 | return
201 | fi
202 |
203 |
204 | # green " Test Url: $1 -fi https://www.netflix.com/title/80018499 2>&1 | sed -n '8p'"
205 | resultRegion=`tr [:lower:] [:upper:] <<< $($1 -fi "https://www.netflix.com/title/80018499" 2>&1 | sed -n '8p' | awk '{print $2}' | cut -d '/' -f4 | cut -d '-' -f1)`
206 |
207 | netflixRegion="${resultRegion}"
208 | # echo "x-robots-tag: ${netflixRegion}"
209 |
210 | if [[ "${resultRegion}" == *"INDEX"* ]] || [[ "${resultRegion}" == *"index"* ]];then
211 | netflixRegion="US"
212 | fi
213 |
214 | result1=$($1 -S "https://www.netflix.com/title/70143836" 2>&1)
215 | result2=$($1 -S "https://www.netflix.com/title/80027042" 2>&1)
216 | result3=$($1 -S "https://www.netflix.com/title/70140425" 2>&1)
217 | result4=$($1 -S "https://www.netflix.com/title/70283261" 2>&1)
218 | result5=$($1 -S "https://www.netflix.com/title/70143860" 2>&1)
219 | result6=$($1 -S "https://www.netflix.com/title/70202589" 2>&1)
220 | result7=$($1 -S "https://www.netflix.com/title/70305903" 2>&1)
221 |
222 | if [[ "$result1" == *"page-404"* ]] && [[ "$result2" == *"page-404"* ]] && [[ "$result3" == *"page-404"* ]] && [[ "$result4" == *"page-404"* ]] && [[ "$result5" == *"page-404"* ]] && [[ "$result6" == *"page-404"* ]]; then
223 | yellow " 本机 $2 仅解锁 Netflix 自制剧, 无法播放非自制剧. 区域: ${netflixRegion}"
224 |
225 | if [[ $2 == "IPv4 CloudFlare WARP Refresh" ]]; then
226 | echo
227 | green " 重启Warp 用于刷新能解锁IP, $2"
228 | warp_restart
229 | sleep 2
230 |
231 | autoRefreshWarpIP
232 | fi
233 | return
234 | fi
235 |
236 | green " 恭喜 本机 $2 解锁 Netflix 全部剧集 包括非自制剧. 区域: ${netflixRegion} "
237 | return
238 |
239 | else
240 | red " 要进行的测试 Url为空! "
241 | fi
242 |
243 |
244 | }
245 |
246 |
247 |
248 | function warp_restart(){
249 | if [ -f /etc/wireguard/wgcf.conf ]; then
250 | systemctl restart wg-quick@wgcf
251 | sleep 2
252 | fi
253 |
254 | if [ -f /usr/bin/warp-cli ]; then
255 | # systemctl restart warp-svc
256 | # sleep 3
257 | warp-cli --accept-tos delete
258 | sleep 2
259 | warp-cli --accept-tos register
260 | sleep 2
261 | warp-cli --accept-tos connect
262 | sleep 2
263 |
264 | fi
265 | green " 已经完成 重启Warp "
266 | }
267 |
268 |
269 | counter=1
270 | function autoRefreshWarpIPStart(){
271 |
272 | if [[ "$isAutoRefreshWarp" == "true" ]]; then
273 | testWARPEnabled
274 | autoRefreshWarpIP
275 | fi
276 |
277 | }
278 |
279 | function autoRefreshWarpIP(){
280 | # https://stackoverflow.com/questions/13638670/adding-counter-in-shell-script
281 |
282 | if [[ "$isAutoRefreshWarp" == "true" ]]; then
283 |
284 | echo
285 | time=$(date "+%Y-%m-%d %H:%M:%S")
286 | green " $time 开始自动刷新 WARP IP, 默认尝试20次 此次为第${counter}次"
287 | echo
288 | curlCommand="curl --connect-timeout 10 -sL"
289 | curlInfo="IPv4 CloudFlare WARP Refresh"
290 |
291 |
292 |
293 | if [ -f /usr/bin/warp-cli ]; then
294 | bold " 开始测试本机的IPv4 通过CloudFlare WARP sock5 解锁 Netflix 情况"
295 | curlCommand="${curlCommand} -x socks5h://127.0.0.1:${warpPortInput}"
296 | else
297 | bold " 开始测试本机的IPv6 通过CloudFlare WARP 解锁 Netflix 情况"
298 | curlCommand="${curlCommand} -6"
299 | fi
300 |
301 |
302 | if [[ "$counter" -gt 20 ]]; then
303 | exit 1
304 | else
305 | counter=$((counter+1))
306 | testNetflixOneMethod "${curlCommand}" "${curlInfo}"
307 | fi
308 | echo
309 | fi
310 |
311 | }
312 |
313 |
314 |
315 |
316 |
317 |
318 |
319 |
320 |
321 |
322 |
323 |
324 |
325 |
326 |
327 |
328 |
329 |
330 |
331 | function testYoutubeAll(){
332 | # curlCommand="curl --connect-timeout 10 -s --user-agent ${UA_Browser}"
333 | curlCommand="curl --connect-timeout 10 -s"
334 | curlInfo="IPv4"
335 |
336 | if [[ $1 == "ipv4" ]]; then
337 | bold " 开始测试本机的IPv4 解锁 Youtube Premium 情况"
338 | curlCommand="${curlCommand} -4"
339 | curlInfo="IPv4"
340 |
341 | elif [[ $1 == "ipv4warp" ]]; then
342 |
343 | if [[ ${isIpv4WARPContinueInput} == [Nn] ]]; then
344 | red " 已退出本机 IPv4 WARP Sock5 代理测试"
345 | echo
346 | return
347 | else
348 |
349 | bold " 开始测试本机的IPv4 通过CloudFlare WARP 解锁 Youtube Premium 情况"
350 | curlCommand="${curlCommand} -x socks5h://127.0.0.1:${warpPortInput}"
351 | curlInfo="IPv4 CloudFlare WARP"
352 | fi
353 |
354 | elif [[ $1 == "ipv6" ]]; then
355 |
356 | if [[ "${isIPV6Enabled}" == "false" ]]; then
357 |
358 | if [[ ${isIpv6ContinueInput} == [Nn] ]]; then
359 | red " 已退出 本机IPv6 测试 "
360 | echo
361 | return
362 | else
363 | bold " 开始测试本机的IPv6 解锁 Youtube Premium 情况"
364 | curlCommand="${curlCommand} -6"
365 | curlInfo="IPv6"
366 | fi
367 | else
368 | bold " 开始测试本机的IPv6 解锁 Youtube Premium 情况"
369 | curlCommand="${curlCommand} -6"
370 | curlInfo="IPv6"
371 |
372 | fi
373 |
374 | elif [[ $1 == "ipv6warp" ]]; then
375 | bold " 开始测试本机的IPv6 通过CloudFlare WARP 解锁 Youtube Premium 情况"
376 | curlCommand="${curlCommand} -6"
377 | curlInfo="IPv6 CloudFlare WARP"
378 |
379 | else
380 | red " 没有选择要进行的测试 已退出! "
381 | return
382 |
383 | fi
384 |
385 | # curl 参数说明
386 | # --connect-timeout <seconds> Maximum time allowed for connection
387 | # -4, --ipv4 Resolve names to IPv4 addresses
388 | # -s, --silent Silent mode
389 | # -S, --show-error Show error even when -s is used
390 | # -L, --location Follow redirects
391 |
392 | testYoutubeOneMethod "${curlCommand}" "${curlInfo}"
393 | echo
394 |
395 | }
396 |
397 | function testYoutubeOneMethod(){
398 |
399 | if [[ -n "$1" ]]; then
400 |
401 | youtubeLinkRed="https://www.youtube.com/red"
402 |
403 | # green " Test Url: $1 ${youtubeLinkRed}"
404 |
405 | resultYoutubeIndex=$($1 -S ${youtubeLinkRed} 2>&1)
406 |
407 | if [[ "${resultYoutubeIndex}" == "curl"* ]];then
408 | red " 网络错误 无法打开 YouTube 网站"
409 | return
410 | fi
411 |
412 | resultYoutube=$($1 ${youtubeLinkRed} | sed 's/,/\n/g' | grep countryCode | cut -d '"' -f4)
413 |
414 | if [ ! -n "${resultYoutube}" ]; then
415 | yellow " YouTube 角标不显示 可能不支持 YouTube Premium"
416 | else
417 | green " 本机 $2 支持 YouTube Premium, 角标: ${resultYoutube}"
418 | fi
419 |
420 | else
421 | red " 要进行的测试 Url为空! "
422 | fi
423 |
424 | }
425 |
426 |
427 |
428 |
429 |
430 |
431 |
432 |
433 |
434 |
435 |
436 |
437 |
438 |
439 |
440 |
441 |
442 |
443 | function testDisneyPlusAll(){
444 | curlCommand="curl --connect-timeout 10 -s --user-agent ${UA_Browser}"
445 | # curlCommand="curl --connect-timeout 10 -s"
446 | curlInfo="IPv4"
447 |
448 | if [[ $1 == "ipv4" ]]; then
449 | bold " 开始测试本机的IPv4 解锁 Disney+ 情况"
450 | curlCommand="${curlCommand} -4"
451 | curlInfo="IPv4"
452 |
453 | elif [[ $1 == "ipv4warp" ]]; then
454 |
455 | if [[ ${isIpv4WARPContinueInput} == [Nn] ]]; then
456 | red " 已退出本机 IPv4 WARP Sock5 代理测试"
457 | echo
458 | return
459 | else
460 |
461 | bold " 开始测试本机的IPv4 通过CloudFlare WARP 解锁 Disney+ 情况"
462 | curlCommand="${curlCommand} -x socks5h://127.0.0.1:${warpPortInput}"
463 | curlInfo="IPv4 CloudFlare WARP"
464 | fi
465 |
466 | elif [[ $1 == "ipv6" ]]; then
467 |
468 | if [[ "${isIPV6Enabled}" == "false" ]]; then
469 |
470 | if [[ ${isIpv6ContinueInput} == [Nn] ]]; then
471 | red " 已退出 本机IPv6 测试 "
472 | echo
473 | return
474 | else
475 | bold " 开始测试本机的IPv6 解锁 Disney+ 情况"
476 | curlCommand="${curlCommand} -6"
477 | curlInfo="IPv6"
478 | fi
479 | else
480 | bold " 开始测试本机的IPv6 解锁 Disney+ 情况"
481 | curlCommand="${curlCommand} -6"
482 | curlInfo="IPv6"
483 |
484 | fi
485 |
486 | elif [[ $1 == "ipv6warp" ]]; then
487 | bold " 开始测试本机的IPv6 通过CloudFlare WARP 解锁 Disney+ 情况"
488 | curlCommand="${curlCommand} -6"
489 | curlInfo="IPv6 CloudFlare WARP"
490 |
491 | else
492 | red " 没有选择要进行的测试 已退出! "
493 | return
494 |
495 | fi
496 |
497 | # curl 参数说明
498 | # --connect-timeout <seconds> Maximum time allowed for connection
499 | # -4, --ipv4 Resolve names to IPv4 addresses
500 | # -s, --silent Silent mode
501 | # -S, --show-error Show error even when -s is used
502 | # -L, --location Follow redirects
503 |
504 | testDisneyPlusOneMethod "${curlCommand}" "${curlInfo}"
505 | echo
506 |
507 | }
508 |
509 | function testDisneyPlusOneMethod(){
510 |
511 | if [[ -n "$1" ]]; then
512 |
513 | disneyLinkPrepare="https://disney.api.edge.bamgrid.com/devices"
514 | disneyLinkRed="https://www.disneyplus.com/movies/thor-the-dark-world/ZHk7aM5xTbW7"
515 |
516 | # green " Test Url: $1 ${disneyLinkRed}"
517 |
518 | resultDisneyPlusIndex=$($1 --max-time 10 -S -X POST "${disneyLinkPrepare}" -H "authorization: Bearer ZGlzbmV5JmJyb3dzZXImMS4wLjA.Cu56AgSfBTDag5NiRA81oLHkDZfu5L3CKadnefEAY84" -H "content-type: application/json; charset=UTF-8" -d '{"deviceFamily":"browser","applicationRuntime":"chrome","deviceProfile":"windows","attributes":{}}' 2>&1)
519 |
520 | if [[ "${resultDisneyPlusIndex}" == "curl"* ]];then
521 | red " 网络错误 无法打开 Disney+ 网站"
522 | return
523 | fi
524 |
525 | local PreDisneyCookie=$(curl -s --max-time 10 "https://raw.githubusercontent.com/lmc999/RegionRestrictionCheck/main/cookies" | sed -n '1p')
526 |
527 | #resultYoutube=$(curl --connect-timeout 10 https://www.disneyplus.com/movies/thor-the-dark-world/ZHk7aM5xTbW7 | grep 'The Dark World' )
528 | resultYoutube=$($1 ${disneyLinkRed} | grep 'The Dark World' )
529 |
530 | if [ -z "${resultYoutube}" ]; then
531 | yellow " 无法打开 Disney Plus 影片"
532 | else
533 | green " 本机 $2 支持观看 Disney Plus 影片"
534 | fi
535 |
536 | else
537 | red " 要进行的测试 Url为空! "
538 | fi
539 |
540 | }
541 |
542 |
543 | function MediaUnlockTest_DisneyPlus() {
544 | echo -n -e " Disney+:\t\t\t\t->\c"
545 | local PreAssertion=$(curl $useNIC $xForward -${1} --user-agent "${UA_Browser}" -s --max-time 10 -X POST "https://disney.api.edge.bamgrid.com/devices" -H "authorization: Bearer ZGlzbmV5JmJyb3dzZXImMS4wLjA.Cu56AgSfBTDag5NiRA81oLHkDZfu5L3CKadnefEAY84" -H "content-type: application/json; charset=UTF-8" -d '{"deviceFamily":"browser","applicationRuntime":"chrome","deviceProfile":"windows","attributes":{}}' 2>&1)
546 | if [[ "$PreAssertion" == "curl"* ]] && [[ "$1" == "6" ]]; then
547 | echo -n -e "\r Disney+:\t\t\t\t${Font_Red}IPv6 Not Support${Font_Suffix}\n"
548 | return
549 | elif [[ "$PreAssertion" == "curl"* ]]; then
550 | echo -n -e "\r Disney+:\t\t\t\t${Font_Red}Failed (Network Connection)${Font_Suffix}\n"
551 | return
552 | fi
553 |
554 | local assertion=$(echo $PreAssertion | python -m json.tool 2>/dev/null | grep assertion | cut -f4 -d'"')
555 | local PreDisneyCookie=$(curl -s --max-time 10 "https://raw.githubusercontent.com/lmc999/RegionRestrictionCheck/main/cookies" | sed -n '1p')
556 | local disneycookie=$(echo $PreDisneyCookie | sed "s/DISNEYASSERTION/${assertion}/g")
557 | local TokenContent=$(curl $useNIC $xForward -${1} --user-agent "${UA_Browser}" -s --max-time 10 -X POST "https://disney.api.edge.bamgrid.com/token" -H "authorization: Bearer ZGlzbmV5JmJyb3dzZXImMS4wLjA.Cu56AgSfBTDag5NiRA81oLHkDZfu5L3CKadnefEAY84" -d "$disneycookie")
558 | local isBanned=$(echo $TokenContent | python -m json.tool 2>/dev/null | grep 'forbidden-location')
559 | local is403=$(echo $TokenContent | grep '403 ERROR')
560 |
561 | if [ -n "$isBanned" ] || [ -n "$is403" ]; then
562 | echo -n -e "\r Disney+:\t\t\t\t${Font_Red}No${Font_Suffix}\n"
563 | return
564 | fi
565 |
566 | local fakecontent=$(curl -s --max-time 10 "https://raw.githubusercontent.com/lmc999/RegionRestrictionCheck/main/cookies" | sed -n '8p')
567 | local refreshToken=$(echo $TokenContent | python -m json.tool 2>/dev/null | grep 'refresh_token' | awk '{print $2}' | cut -f2 -d'"')
568 | local disneycontent=$(echo $fakecontent | sed "s/ILOVEDISNEY/${refreshToken}/g")
569 | local tmpresult=$(curl $useNIC $xForward -${1} --user-agent "${UA_Browser}" -X POST -sSL --max-time 10 "https://disney.api.edge.bamgrid.com/graph/v1/device/graphql" -H "authorization: ZGlzbmV5JmJyb3dzZXImMS4wLjA.Cu56AgSfBTDag5NiRA81oLHkDZfu5L3CKadnefEAY84" -d "$disneycontent" 2>&1)
570 | local previewcheck=$(curl $useNIC $xForward -${1} -s -o /dev/null -L --max-time 10 -w '%{url_effective}\n' "https://disneyplus.com" | grep preview)
571 | local isUnabailable=$(echo $previewcheck | grep 'unavailable')
572 | local region=$(echo $tmpresult | python -m json.tool 2>/dev/null | grep 'countryCode' | cut -f4 -d'"')
573 | local inSupportedLocation=$(echo $tmpresult | python -m json.tool 2>/dev/null | grep 'inSupportedLocation' | awk '{print $2}' | cut -f1 -d',')
574 |
575 | if [[ "$region" == "JP" ]]; then
576 | echo -n -e "\r Disney+:\t\t\t\t${Font_Green}Yes (Region: JP)${Font_Suffix}\n"
577 | return
578 | elif [ -n "$region" ] && [[ "$inSupportedLocation" == "false" ]] && [ -z "$isUnabailable" ]; then
579 | echo -n -e "\r Disney+:\t\t\t\t${Font_Yellow}Available For [Disney+ $region] Soon${Font_Suffix}\n"
580 | return
581 | elif [ -n "$region" ] && [ -n "$isUnavailable" ]; then
582 | echo -n -e "\r Disney+:\t\t\t\t${Font_Red}No${Font_Suffix}\n"
583 | return
584 | elif [ -n "$region" ] && [[ "$inSupportedLocation" == "true" ]]; then
585 | echo -n -e "\r Disney+:\t\t\t\t${Font_Green}Yes (Region: $region)${Font_Suffix}\n"
586 | return
587 | elif [ -z "$region" ]; then
588 | echo -n -e "\r Disney+:\t\t\t\t${Font_Red}No${Font_Suffix}\n"
589 | return
590 | else
591 | echo -n -e "\r Disney+:\t\t\t\t${Font_Red}Failed${Font_Suffix}\n"
592 | return
593 | fi
594 |
595 | }
596 |
597 |
598 |
599 |
600 |
601 |
602 |
603 |
604 |
605 |
606 |
607 |
608 |
609 |
610 |
611 | function startNetflixTest(){
612 |
613 | echo
614 | green " =================================================="
615 | green " Netflix 非自制剧解锁 检测脚本 By JinWYP"
616 | red " 本脚本无法检测出使用 V2ray 服务器端路由规则解锁Netflix"
617 | red " 需要在 V2ray 客户端上运行本脚本才可以检测成功"
618 | green " =================================================="
619 | echo
620 |
621 | if [[ -n "$1" ]]; then
622 | isAutoRefreshWarp="true"
623 | autoRefreshWarpIPStart
624 |
625 | else
626 |
627 | testIPV6Enabled
628 |
629 | testNetflixAll "ipv4"
630 | testNetflixAll "ipv6"
631 | testNetflixAll "ipv4warp"
632 |
633 | green " ===== Youtube Premium 准备开始检测 ====="
634 |
635 | testYoutubeAll "ipv4"
636 | testYoutubeAll "ipv6"
637 | testYoutubeAll "ipv4warp"
638 |
639 | green " ===== Disney+ 准备开始检测 ====="
640 |
641 | testDisneyPlusAll "ipv4"
642 | testDisneyPlusAll "ipv6"
643 | testDisneyPlusAll "ipv4warp"
644 |
645 | fi
646 | }
647 |
648 |
649 |
650 | startNetflixTest "$1"
651 |
652 |
--------------------------------------------------------------------------------