#!/bin/bash #Set PATH unset check for i in `echo $PATH | sed 's/:/\n/g'` do if [[ ${i} == "/usr/local/bin" ]];then check="yes" fi done if [[ -z ${check} ]];then echo "export PATH=${PATH}:/usr/local/bin" >> ~/.bashrc . ~/.bashrc fi #Check Root [ $(id -u) != "0" ] && { echo "Error: You must be root to run this script"; exit 1; } #Check OS if [ -n "$(grep 'Aliyun Linux release' /etc/issue)" -o -e /etc/redhat-release ];then OS=CentOS [ -n "$(grep ' 7\.' /etc/redhat-release)" ] && CentOS_RHEL_version=7 [ -n "$(grep ' 6\.' /etc/redhat-release)" -o -n "$(grep 'Aliyun Linux release6 15' /etc/issue)" ] && CentOS_RHEL_version=6 [ -n "$(grep ' 5\.' /etc/redhat-release)" -o -n "$(grep 'Aliyun Linux release5' /etc/issue)" ] && CentOS_RHEL_version=5 elif [ -n "$(grep 'Amazon Linux AMI release' /etc/issue)" -o -e /etc/system-release ];then OS=CentOS CentOS_RHEL_version=6 elif [ -n "$(grep bian /etc/issue)" -o "$(lsb_release -is 2>/dev/null)" == 'Debian' ];then OS=Debian [ ! -e "$(which lsb_release)" ] && { apt-get -y update; apt-get -y install lsb-release; clear; } Debian_version=$(lsb_release -sr | awk -F. '{print $1}') elif [ -n "$(grep Deepin /etc/issue)" -o "$(lsb_release -is 2>/dev/null)" == 'Deepin' ];then OS=Debian [ ! -e "$(which lsb_release)" ] && { apt-get -y update; apt-get -y install lsb-release; clear; } Debian_version=$(lsb_release -sr | awk -F. '{print $1}') elif [ -n "$(grep Ubuntu /etc/issue)" -o "$(lsb_release -is 2>/dev/null)" == 'Ubuntu' -o -n "$(grep 'Linux Mint' /etc/issue)" ];then OS=Ubuntu [ ! -e "$(which lsb_release)" ] && { apt-get -y update; apt-get -y install lsb-release; clear; } Ubuntu_version=$(lsb_release -sr | awk -F. '{print $1}') [ -n "$(grep 'Linux Mint 18' /etc/issue)" ] && Ubuntu_version=16 elif [ ! -z "$(grep 'Arch Linux' /etc/issue)" ];then OS=Arch else echo "Does not support this OS, Please contact the author! " kill -9 $$ fi StopInstall(){ echo -e "\n安装中断,开始清理文件!" sleep 1s rm -rf /usr/local/bin/ssr rm -rf /usr/local/SSR-Bash-Python rm -rf /usr/local/shadowsocksr rm -rf ${PWD}/libsodium* rm -rf /etc/init.d/ssr-bash-python rm -rf /usr/local/AR-B-P-B if [[ ${OS} == CentOS ]];then sed -n -i 's#/etc/init.d/ssr-bash-python#d' /etc/rc.d/rc.local fi if [[ ${OS} == CentOS && ${CentOS_RHEL_version} == 7 ]];then systemctl stop iptables.service systemctl restart firewalld.service systemctl disable iptables.service systemctl enable firewalld.service fi checkcron=$(crontab -l 2>/dev/null | grep "timelimit.sh") if [[ ! -z ${checkcron} ]];then crontab -l > ~/crontab.bak 1>/dev/null 2>&1 sed -i "/timelimit.sh/d" ~/crontab.bak 1>/dev/null 2>&1 crontab ~/crontab.bak 1>/dev/null 2>&1 rm -rf ~/crontab.bak fi rm -rf $0 echo "清理完成!" } #收集日志 MakLog(){ mkdir /tmp/AR_Log cd /tmp/AR_Log mkdir ./data cd data cp -R /usr/local/shadowsocksr ./ cp -R /usr/local/SSR-Bash-Python ./ cd .. mkdir ./log cd ./log if [[ ${OS} == CentOS ]];then cp /var/log/yum.log ./ cp /var/log/dmesg ./ cp /var/log/httpd ./ cp /var/log/mysqld.log ./ cp /var/log/syslog ./ cp /var/log/daemon.log ./ cp /var/log/boot.log ./ cp /var/log/cron ./ cp /var/log/secure ./ cp /var/log/maillog ./ cp /var/log/spooler ./ dmesg >> ./dmesg.log else cp /var/log/apport.log ./ cp /var/log/boot.log ./ cp /var/log/dmesg ./ cp /var/log/dpkg.log ./ cp /var/log/kern.log ./ cp /var/log/fsck ./ cp /var/log/apt/*log ./ cp /var/log/cpus ./ dmesg >> ./dmesg.log fi cd .. && mkdir message && cd message echo -e "+++++系统信息+++++ $(date) -----内核/操作系统/CPU信息----- $(uname -a) ----- $(/etc/issue) $(cat /etc/redhat-release) ----- $(cat /proc/cpuinfo) -----计算机名----- $(hostname) -----内核模块----- $(lsmod) -----环境变量----- $(env) -----系统负载----- $(uptime) -----内存信息----- $(cat /proc/meminfo) -----网络接口属性----- $(ifconfig) -----防火墙设置----- $(iptables -L) -----路由表----- $(route -n) -----IP----- $(wget -qO- -t1 -T2 ipinfo.io/ip) -----所有监听端口----- $(netstat -lntp) -----已经建立的连接----- $(netstat -antp) -----网络统计----- $(netstat -s) -----所有进程----- $(ps -ef) -----服务状态----- $(service --status-all) -----安装的软件包----- $(rpm -qa) $(dpkg -l) " >> messages.txt cd .. tar -cjf ~/AR_Log.tar.bz2 /tmp/AR_Log rm -rf /tmp/AR_Log } #日志收集工具 if [[ $1 == "log" ]];then echo "日志收集将会收集到您操作系统的部分日志,以便于对错误进行定位,可能会包含您的隐私信息,您确定要收集吗?(Y/N)" read -n 1 yn if [[ ${yn} == [Yy] ]];then rm -rf ~/AR_Log.tar.bz2 echo -e "\n开始收集日志,通常这将很快完成" MakLog 1>/dev/null 2>&1 echo "收集完成,文件位于/root/AR_Log.tar.bz2" exit 0 else exit 2 fi fi #Get Current Directory workdir=$(pwd) #Install Basic Tools if [ ! -e /usr/local/bin/ssr ];then if [[ $1 == "uninstall" ]];then echo "你在开玩笑吗?你都没有安装怎么卸载呀!" exit 1 fi echo "开始部署" trap 'StopInstall 2>/dev/null && exit 0' 2 sleep 2s if [[ ${OS} == Ubuntu ]];then apt-get update apt-get install python -y apt-get install python-pip -y apt-get install git -y apt-get install language-pack-zh-hans -y apt-get -y install vnstat bc apt-get -y install net-tools dnsutils apt-get install build-essential screen curl -y apt-get install cron -y fi if [[ ${OS} == CentOS ]];then yum install python screen curl -y yum install python-setuptools -y && easy_install pip -y yum install git -y yum install bc -y yum install vnstat -y yum -y install bind-utils yum install net-tools -y yum groupinstall "Development Tools" -y yum install vixie-cron crontabs -y fi if [[ ${OS} == Debian ]];then apt-get update apt-get install python screen curl -y apt-get install python-pip -y apt-get install git -y apt-get -y install net-tools dnsutils apt-get -y install bc vnstat apt-get install build-essential -y apt-get install cron -y fi if [[ ${OS} == Arch ]];then pacman -Syyu --noconfirm pacman -S --noconfirm python screen curl pacman -S --noconfirm python-pip pacman -S --noconfirm git pacman -S --noconfirm bc net-tools bind-tools pacman -S --noconfirm gcc cronie pacman -S --noconfirm vnstat ln -s /etc/iptables/iptables.rules /etc/iptables.up.rules fi if [[ $? != 0 ]];then echo "安装失败,请稍候重试!" exit 1 fi if [[ ! -e /usr/share/dict/words ]];then cd /usr/share/dict wget -q https://down.fdos.me/words fi #Install Libsodium libsodiumfilea="/usr/local/lib/libsodium.so" libsodiumfileb="/usr/lib/libsodium.so" if [[ -e ${libsodiumfilea} ]];then echo "libsodium已安装!" elif [[ -e ${libsodiumfileb} ]];then echo "libsodium已安装!" else cd $workdir export LIBSODIUM_VER=1.0.17 wget -q https://github.com/jedisct1/libsodium/releases/download/${LIBSODIUM_VER}/libsodium-$LIBSODIUM_VER.tar.gz tar xvf libsodium-$LIBSODIUM_VER.tar.gz pushd libsodium-$LIBSODIUM_VER ./configure --prefix=/usr && make make install popd ldconfig cd $workdir && rm -rf libsodium-$LIBSODIUM_VER.tar.gz libsodium-$LIBSODIUM_VER # if [[ ! -e ${libsodiumfile} ]];then # echo "libsodium安装失败 !" # exit 1 # fi fi cd /usr/local git clone https://git.fdos.me/stack/shadowsocksr.git cd ./shadowsocksr git checkout manyuser git pull if [[ $1 == "develop" ]];then git checkout stack/dev fi fi #Install SSR and SSR-Bash if [ -e /usr/local/bin/ssr ];then if [[ $1 == "uninstall" ]];then echo "开始卸载" sleep 1s echo "删除iptables规则" ports=$(cat /usr/local/shadowsocksr/mudb.json | grep '"port":' | awk -F":" '{ print $2 }' | sed 's/[,."]//g') for port in "${ports}" do if [[ ${OS} =~ ^Ubuntu$|^Debian$|^Arch$ ]];then iptables-restore < /etc/iptables.up.rules iptables -D INPUT -m state --state NEW -m tcp -p tcp --dport $port -j ACCEPT iptables -D INPUT -m state --state NEW -m udp -p udp --dport $port -j ACCEPT iptables-save > /etc/iptables.up.rules fi if [[ ${OS} == CentOS ]];then if [[ $CentOS_RHEL_version == 7 ]];then iptables-restore < /etc/iptables.up.rules iptables -D INPUT -m state --state NEW -m tcp -p tcp --dport $port -j ACCEPT iptables -D INPUT -m state --state NEW -m udp -p udp --dport $port -j ACCEPT iptables-save > /etc/iptables.up.rules else iptables -D INPUT -m state --state NEW -m tcp -p tcp --dport $port -j ACCEPT iptables -D INPUT -m state --state NEW -m udp -p udp --dport $port -j ACCEPT /etc/init.d/iptables save /etc/init.d/iptables restart fi fi done echo "删除:/usr/local/bin/ssr" rm -f /usr/local/bin/ssr echo "删除:/usr/local/SSR-Bash-Python" rm -rf /usr/local/SSR-Bash-Python echo "删除:/usr/local/shadowsocksr" rm -rf /usr/local/shadowsocksr echo "删除:${PWD}/install.sh" rm -f ${PWD}/install.sh echo "清理杂项!" crontab -l > ~/crontab.bak 1>/dev/null 2>&1 sed -i "/timelimit.sh/d" ~/crontab.bak 1>/dev/null 2>&1 crontab ~/crontab.bak 1>/dev/null 2>&1 rm -rf ~/crontab.bak sleep 1s echo "卸载完成!!" exit 0 fi if [[ ! $yn == n ]];then if [[ ! -e /usr/local/SSR-Bash-Python/version.txt ]];then yn="y" fi fi if [[ ${yn} == [yY] ]];then mv /usr/local/shadowsocksr/mudb.json /usr/local/mudb.json rm -rf /usr/local/shadowsocksr cd /usr/local git clone https://git.fdos.me/stack/shadowsocksr.git if [[ $1 == develop ]];then cd ./shadowsocksr git checkout stack/dev rm -f ./mudb.json mv ../mudb.json ./mudb.json else rm -f ./shadowsocksr/mudb.json mv /usr/local/mudb.json /usr/local/shadowsocksr/mudb.json fi fi echo "开始更新" sleep 1s echo "正在清理老版本" rm -f /usr/local/bin/ssr sleep 1s echo "开始部署" cd /usr/local/shadowsocksr git pull git checkout manyuser if [[ $1 == "develop" ]];then git checkout stack/dev fi fi if [[ -d /usr/local/SSR-Bash-Python ]];then if [[ $yn == [yY] ]];then rm -rf /usr/local/SSR-Bash-Python cd /usr/local git clone https://git.fdos.me/stack/AR-B-P-B.git mv AR-B-P-B SSR-Bash-Python fi cd /usr/local/SSR-Bash-Python git checkout master git pull if [[ $1 == "develop" ]];then git checkout develop git pull fi else cd /usr/local git clone https://git.fdos.me/stack/AR-B-P-B.git cd AR-B-P-B git checkout master if [[ $1 == "develop" ]];then git checkout develop fi cd .. mv AR-B-P-B SSR-Bash-Python bashinstall="no" fi cd /usr/local/shadowsocksr bash initcfg.sh if [[ ! -e /usr/bin/bc ]];then if [[ ${OS} == CentOS ]];then yum install bc -y fi if [[ ${OS} == Ubuntu || ${OS} == Debian ]];then apt-get install bc -y fi fi if [[ ${bashinstall} == "no" ]]; then #Start when boot if [[ ${OS} == Arch ]];then cat >/usr/lib/systemd/system/ssr-bash-python.service </etc/init.d/ssr-bash-python < /etc/rc.d/init.d/ssr-bash-python chmod +x /etc/rc.d/init.d/ssr-bash-python echo "/etc/rc.d/init.d/ssr-bash-python" >> /etc/rc.d/rc.local chmod +x /etc/rc.d/rc.local fi #Change CentOS7 Firewall if [[ ${OS} == CentOS && $CentOS_RHEL_version == 7 ]];then systemctl stop firewalld.service yum install iptables-services -y sshport=$(netstat -nlp | grep sshd | awk '{print $4}' | awk -F : '{print $NF}' | sort -n | uniq) cat << EOF > /etc/sysconfig/iptables # sample configuration for iptables service # you can edit this manually or use system-config-firewall # please do not ask us to add additional ports/services to this default configuration *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport ${sshport} -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT EOF systemctl restart iptables.service systemctl enable iptables.service systemctl disable firewalld.service fi fi #Install SSR-Bash Background if [[ $1 == "develop" ]];then wget -q -N --no-check-certificate -O /usr/local/bin/ssr https://git.fdos.me/stack/AR-B-P-B/raw/develop/ssr chmod +x /usr/local/bin/ssr else wget -q -N --no-check-certificate -O /usr/local/bin/ssr https://git.fdos.me/stack/AR-B-P-B/raw/master/ssr chmod +x /usr/local/bin/ssr fi #Modify ShadowsocksR API sed -i "s/sspanelv2/mudbjson/g" /usr/local/shadowsocksr/userapiconfig.py sed -i "s/UPDATE_TIME = 60/UPDATE_TIME = 10/g" /usr/local/shadowsocksr/userapiconfig.py #INstall Success read -t 20 -p "输入与您主机绑定的域名(请在20秒内输入,超时将跳过本步骤.默认填入本机IP): " ipname if [[ -z ${ipname} ]];then ipname=$(wget -qO- -t1 -T2 ipinfo.io/ip) else myip=$(wget -qO- -t1 -T2 ipinfo.io/ip) if [[ ${myip} != ${ipname} ]];then domainip=$(dig +short -t a "${ipname}" 2>/dev/null | awk '/^[0-9]/') if [[ ${myip} != ${domainip} ]];then echo "警告,您输入的域名与实际不符或解析未生效,将为您填入您的真实IP,稍后您可以待解析生效后再次执行安装脚本填入" ipname=${myip} sleep 1s fi fi fi echo "$ipname" > /usr/local/shadowsocksr/myip.txt sed -i "s/SERVER_PUB_ADDR = .*$/SERVER_PUB_ADDR = '${ipname}'/g" /usr/local/shadowsocksr/userapiconfig.py if [[ $1 == develop ]];then if [[ -e /usr/local/SSR-Bash-Python/check.log ]];then cd /usr/local/SSR-Bash-Python read -n 1 -t 3 -p "你是否想要重新配置服务器巡检配置(注意,这将会清空你的日志)[Y/N]" yn if [[ $yn == [Yy] ]];then bash servercheck.sh reconf nohup bash servercheck.sh run 2>/dev/null & else bash servercheck.sh stop nohup bash servercheck.sh run 2>/dev/null & echo "服务已重启" fi else read -t 10 -p "是否设置服务器自检,实验型功能![Y/N]" yn if [[ $yn == [yY] ]];then cd /usr/local/SSR-Bash-Python bash servercheck.sh conf nohup bash servercheck.sh run 2>/dev/null & PID=$(ps -ef |grep -v grep | grep "bash" | grep "servercheck.sh" | grep "run" | awk '{print $2}') if [[ -z ${PID} ]];then echo "程序启动失败,请联系作者" fi else echo "你居然拒绝了T.T" fi fi checkcron=$(crontab -l 2>/dev/null | grep "timelimit.sh") if [[ -z ${checkcron} ]];then crontab -l > ~/crontab.bak 1>/dev/null 2>&1 sed -i "/timelimit.sh/d" ~/crontab.tmp 1>/dev/null 2>&1 echo -e "\n*/5 * * * * /bin/bash /usr/local/SSR-Bash-Python/timelimit.sh c" >> ~/crontab.bak crontab ~/crontab.bak systemctl restart cron rm -r ~/crontab.bak fi fi if [[ -e /etc/sysconfig/iptables-config ]];then ipconf=$(cat /etc/sysconfig/iptables-config | grep 'IPTABLES_MODULES_UNLOAD="no"') if [[ -z ${ipconf} ]];then sed -i 's/IPTABLES_MODULES_UNLOAD="yes"/IPTABLES_MODULES_UNLOAD="no"/g' /etc/sysconfig/iptables-config echo "安装完成,准备重启" sleep 3s reboot fi fi bash /usr/local/SSR-Bash-Python/self-check.sh echo '安装完成!输入 ssr 即可使用本程序~' echo "若安装出现异常,或安装完成后无法使用,请手动执行bash ./install.sh log 这将收集日志文件,并将日志文件发送给作者 " if [[ ${check} != "yes" ]] ;then echo "如果你执行 ssr 提示找不到命令,请尝试退出并重新登录来解决" fi echo '原作者已经停止本脚本更新,此版本为作者删除项目前最后一个版本魔改而来' echo '不喜勿喷!' echo '谨慎使用!仅供研究!' echo '谨慎使用!仅供研究!' echo '谨慎使用!仅供研究!'