#!/bin/bash re="\033[0m" red="\033[1;91m" green="\e[1;32m" yellow="\e[1;33m" purple="\e[1;35m" red() { echo -e "\e[1;91m$1\033[0m"; } green() { echo -e "\e[1;32m$1\033[0m"; } yellow() { echo -e "\e[1;33m$1\033[0m"; } purple() { echo -e "\e[1;35m$1\033[0m"; } reading() { read -p "$(red "$1")" "$2"; } export LC_ALL=C HOSTNAME=$(hostname) USERNAME=$(whoami | tr '[:upper:]' '[:lower:]') export UUID=${UUID:-$(uuidgen -r)} export NEZHA_SERVER=${NEZHA_SERVER:-''} export NEZHA_PORT=${NEZHA_PORT:-''} export NEZHA_KEY=${NEZHA_KEY:-''} export ARGO_DOMAIN=${ARGO_DOMAIN:-''} export ARGO_AUTH=${ARGO_AUTH:-''} export CFIP=${CFIP:-'cf.877774.xyz'} export CFPORT=${CFPORT:-'443'} export SUB_TOKEN=${SUB_TOKEN:-${UUID:0:8}} if [[ "$HOSTNAME" =~ ct8 ]]; then CURRENT_DOMAIN="ct8.pl" elif [[ "$HOSTNAME" =~ hostuno ]]; then CURRENT_DOMAIN="useruno.com" else CURRENT_DOMAIN="serv00.net" fi WORKDIR="${HOME}/domains/${USERNAME}.${CURRENT_DOMAIN}/logs" FILE_PATH="${HOME}/domains/${USERNAME}.${CURRENT_DOMAIN}/public_html" rm -rf "$WORKDIR" && mkdir -p "$WORKDIR" "$FILE_PATH" && chmod 777 "$WORKDIR" "$FILE_PATH" >/dev/null 2>&1 bash -c 'ps aux | grep $(whoami) | grep -v "sshd\|bash\|grep" | awk "{print \$2}" | xargs -r kill -9 >/dev/null 2>&1' >/dev/null 2>&1 command -v curl &>/dev/null && COMMAND="curl -so" || command -v wget &>/dev/null && COMMAND="wget -qO" || { red "Error: neither curl nor wget found, please install one of them." >&2; exit 1; } check_port () { port_list=$(devil port list) tcp_ports=$(echo "$port_list" | grep -c "tcp") udp_ports=$(echo "$port_list" | grep -c "udp") if [[ $tcp_ports -ne 1 || $udp_ports -ne 2 ]]; then red "端口规则不符合要求,正在调整..." if [[ $tcp_ports -gt 1 ]]; then tcp_to_delete=$((tcp_ports - 1)) echo "$port_list" | awk '/tcp/ {print $1, $2}' | head -n $tcp_to_delete | while read port type; do devil port del $type $port green "已删除TCP端口: $port" done fi if [[ $udp_ports -gt 2 ]]; then udp_to_delete=$((udp_ports - 2)) echo "$port_list" | awk '/udp/ {print $1, $2}' | head -n $udp_to_delete | while read port type; do devil port del $type $port green "已删除UDP端口: $port" done fi if [[ $tcp_ports -lt 1 ]]; then while true; do tcp_port=$(shuf -i 10000-65535 -n 1) result=$(devil port add tcp $tcp_port 2>&1) if [[ $result == *"Ok"* ]]; then green "已添加TCP端口: $tcp_port" break else yellow "端口 $tcp_port 不可用,尝试其他端口..." fi done fi if [[ $udp_ports -lt 2 ]]; then udp_ports_to_add=$((2 - udp_ports)) udp_ports_added=0 while [[ $udp_ports_added -lt $udp_ports_to_add ]]; do udp_port=$(shuf -i 10000-65535 -n 1) result=$(devil port add udp $udp_port 2>&1) if [[ $result == *"Ok"* ]]; then green "已添加UDP端口: $udp_port" if [[ $udp_ports_added -eq 0 ]]; then udp_port1=$udp_port else udp_port2=$udp_port fi udp_ports_added=$((udp_ports_added + 1)) else yellow "端口 $udp_port 不可用,尝试其他端口..." fi done fi green "端口已调整完成,将断开ssh连接,请重新连接shh重新执行脚本" devil binexec on >/dev/null 2>&1 kill -9 $(ps -o ppid= -p $$) >/dev/null 2>&1 else tcp_port=$(echo "$port_list" | awk '/tcp/ {print $1}') udp_ports=$(echo "$port_list" | awk '/udp/ {print $1}') udp_port1=$(echo "$udp_ports" | sed -n '1p') udp_port2=$(echo "$udp_ports" | sed -n '2p') fi export VMESS_PORT=$tcp_port export TUIC_PORT=$udp_port1 export HY2_PORT=$udp_port2 purple "vmess-argo使用的tcp端口: $tcp_port" purple "tuic和hy2分别使用的UDP端口: $udp_port1 和 $udp_port2" } check_website() { FULL_DOMAIN="${USERNAME}.${CURRENT_DOMAIN}" CURRENT_SITE=$(devil www list | awk -v domain="$FULL_DOMAIN" '$1 == domain && $2 == "php"') if [ -n "$CURRENT_SITE" ]; then green "已存在 ${FULL_DOMAIN} 的PHP站点,无需修改" else EXIST_SITE=$(devil www list | awk -v domain="$FULL_DOMAIN" '$1 == domain') if [ -n "$EXIST_SITE" ]; then devil www del "$FULL_DOMAIN" >/dev/null 2>&1 devil www add "$FULL_DOMAIN" php "$HOME/domains/$FULL_DOMAIN" >/dev/null 2>&1 green "已删除旧的站点并创建新的php站点" else devil www add "$FULL_DOMAIN" php "$HOME/domains/$FULL_DOMAIN" >/dev/null 2>&1 green "已创建php站点 ${FULL_DOMAIN}" fi fi index_url="https://github.com/eooce/Sing-box/releases/download/00/index.html" [ -f "${FILE_PATH}/index.html" ] || $COMMAND "${FILE_PATH}/index.html" "$index_url" } argo_configure() { clear purple "正在安装中,请稍等..." if [[ -z $ARGO_AUTH || -z $ARGO_DOMAIN ]]; then green "ARGO_DOMAIN or ARGO_AUTH is empty,use quick tunnel" return fi if [[ $ARGO_AUTH =~ TunnelSecret ]]; then echo $ARGO_AUTH > tunnel.json cat > tunnel.yml << EOF tunnel: $(cut -d\" -f12 <<< "$ARGO_AUTH") credentials-file: tunnel.json protocol: http2 ingress: - hostname: $ARGO_DOMAIN service: http://localhost:$VMESS_PORT originRequest: noTLSVerify: true - service: http_status:404 EOF else green "ARGO_AUTH mismatch TunnelSecret,use token connect to tunnel" fi } generate_config() { openssl ecparam -genkey -name prime256v1 -out "private.key" openssl req -new -x509 -days 3650 -key "private.key" -out "cert.pem" -subj "/CN=$USERNAME.${CURRENT_DOMAIN}" yellow "获取可用IP中,请稍等..." available_ip=$(get_ip) purple "当前选择IP为:$available_ip 如安装完后节点不通可尝试重新安装" cat > config.json <> config.json <> config.json < "${WORKDIR}/config.yaml" << EOF client_secret: ${NEZHA_KEY} debug: false disable_auto_update: true disable_command_execute: false disable_force_update: true disable_nat: false disable_send_query: false gpu: false insecure_tls: false ip_report_period: 1800 report_delay: 1 server: ${NEZHA_SERVER} skip_connection_count: false skip_procs_count: false temperature: false tls: ${NEZHA_TLS} use_gitee_to_upgrade: false use_ipv6_country_code: false uuid: ${UUID} EOF fi declare -A FILE_MAP generate_random_name() { local chars=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 local name="" for i in {1..6}; do name="$name${chars:RANDOM%${#chars}:1}" done echo "$name" } download_with_fallback() { local URL=$1 local NEW_FILENAME=$2 curl -L -sS --max-time 2 -o "$NEW_FILENAME" "$URL" & CURL_PID=$! CURL_START_SIZE=$(stat -c%s "$NEW_FILENAME" 2>/dev/null || echo 0) sleep 1 CURL_CURRENT_SIZE=$(stat -c%s "$NEW_FILENAME" 2>/dev/null || echo 0) if [ "$CURL_CURRENT_SIZE" -le "$CURL_START_SIZE" ]; then kill $CURL_PID 2>/dev/null wait $CURL_PID 2>/dev/null wget -q -O "$NEW_FILENAME" "$URL" green "Downloading $NEW_FILENAME by wget" else wait $CURL_PID green "Downloading $NEW_FILENAME by curl" fi } for entry in "${FILE_INFO[@]}"; do URL=$(echo "$entry" | cut -d ' ' -f 1) RANDOM_NAME=$(generate_random_name) NEW_FILENAME="$DOWNLOAD_DIR/$RANDOM_NAME" download_with_fallback "$URL" "$NEW_FILENAME" chmod +x "$NEW_FILENAME" FILE_MAP[$(echo "$entry" | cut -d ' ' -f 2)]="$NEW_FILENAME" done wait if [ -e "$(basename ${FILE_MAP[web]})" ]; then nohup ./"$(basename ${FILE_MAP[web]})" run -c config.json >/dev/null 2>&1 & sleep 2 pgrep -x "$(basename ${FILE_MAP[web]})" > /dev/null && green "$(basename ${FILE_MAP[web]}) is running" || { red "$(basename ${FILE_MAP[web]}) is not running, restarting..."; pkill -x "$(basename ${FILE_MAP[web]})" && nohup ./"$(basename ${FILE_MAP[web]})" run -c config.json >/dev/null 2>&1 & sleep 2; purple "$(basename ${FILE_MAP[web]}) restarted"; } fi if [ -e "$(basename ${FILE_MAP[bot]})" ]; then if [[ $ARGO_AUTH =~ ^[A-Z0-9a-z=]{120,250}$ ]]; then args="tunnel --edge-ip-version auto --no-autoupdate --protocol http2 run --token ${ARGO_AUTH}" elif [[ $ARGO_AUTH =~ TunnelSecret ]]; then args="tunnel --edge-ip-version auto --config tunnel.yml run" else args="tunnel --edge-ip-version auto --no-autoupdate --protocol http2 --logfile boot.log --loglevel info --url http://localhost:$VMESS_PORT" fi nohup ./"$(basename ${FILE_MAP[bot]})" $args >/dev/null 2>&1 & sleep 2 pgrep -x "$(basename ${FILE_MAP[bot]})" > /dev/null && green "$(basename ${FILE_MAP[bot]}) is running" || { red "$(basename ${FILE_MAP[bot]}) is not running, restarting..."; pkill -x "$(basename ${FILE_MAP[bot]})" && nohup ./"$(basename ${FILE_MAP[bot]})" "${args}" >/dev/null 2>&1 & sleep 2; purple "$(basename ${FILE_MAP[bot]}) restarted"; } fi if [ -n "$NEZHA_SERVER" ] && [ -n "$NEZHA_PORT" ] && [ -n "$NEZHA_KEY" ]; then if [ -e "$(basename ${FILE_MAP[npm]})" ]; then tlsPorts=("443" "8443" "2096" "2087" "2083" "2053") [[ "${tlsPorts[*]}" =~ "${NEZHA_PORT}" ]] && NEZHA_TLS="--tls" || NEZHA_TLS="" export TMPDIR=$(pwd) nohup ./"$(basename ${FILE_MAP[npm]})" -s ${NEZHA_SERVER}:${NEZHA_PORT} -p ${NEZHA_KEY} ${NEZHA_TLS} >/dev/null 2>&1 & sleep 2 pgrep -x "$(basename ${FILE_MAP[npm]})" > /dev/null && green "$(basename ${FILE_MAP[npm]}) is running" || { red "$(basename ${FILE_MAP[npm]}) is not running, restarting..."; pkill -x "$(basename ${FILE_MAP[npm]})" && nohup ./"$(basename ${FILE_MAP[npm]})" -s "${NEZHA_SERVER}:${NEZHA_PORT}" -p "${NEZHA_KEY}" ${NEZHA_TLS} >/dev/null 2>&1 & sleep 2; purple "$(basename ${FILE_MAP[npm]}) restarted"; } fi elif [ -n "$NEZHA_SERVER" ] && [ -n "$NEZHA_KEY" ]; then if [ -e "$(basename ${FILE_MAP[php]})" ]; then nohup ./"$(basename ${FILE_MAP[php]})" -c "${WORKDIR}/config.yaml" >/dev/null 2>&1 & sleep 2 pgrep -x "$(basename ${FILE_MAP[php]})" > /dev/null && green "$(basename ${FILE_MAP[php]}) is running" || { red "$(basename ${FILE_MAP[php]}) is not running, restarting..."; pkill -x "$(basename ${FILE_MAP[php]})" && nohup ./"$(basename ${FILE_MAP[php]})" -s -c "${WORKDIR}/config.yaml" >/dev/null 2>&1 & sleep 2; purple "$(basename ${FILE_MAP[php]}) restarted"; } fi else purple "NEZHA variable is empty, skipping running" fi for key in "${!FILE_MAP[@]}"; do if [ -e "$(basename ${FILE_MAP[$key]})" ]; then rm -rf "$(basename ${FILE_MAP[$key]})" >/dev/null 2>&1 fi done } get_argodomain() { if [[ -n $ARGO_AUTH ]]; then echo "$ARGO_DOMAIN" else local retry=0 local max_retries=6 local argodomain="" while [[ $retry -lt $max_retries ]]; do ((retry++)) argodomain=$(grep -oE 'https://[[:alnum:]+\.-]+\.trycloudflare\.com' boot.log | sed 's@https://@@') if [[ -n $argodomain ]]; then break fi sleep 1 done echo "$argodomain" fi } get_ip() { IP_LIST=($(devil vhost list | awk '/^[0-9]+/ {print $1}')) API_URL="https://status.eooce.com/api" IP="" THIRD_IP=${IP_LIST[2]} RESPONSE=$(curl -s --max-time 2 "${API_URL}/${THIRD_IP}") if [[ $(echo "$RESPONSE" | jq -r '.status') == "Available" ]]; then IP=$THIRD_IP else FIRST_IP=${IP_LIST[0]} RESPONSE=$(curl -s --max-time 2 "${API_URL}/${FIRST_IP}") if [[ $(echo "$RESPONSE" | jq -r '.status') == "Available" ]]; then IP=$FIRST_IP else IP=${IP_LIST[1]} fi fi echo "$IP" } generate_sub_link () { echo "" rm -rf ${FILE_PATH}/.htaccess base64 -w0 ${FILE_PATH}/list.txt > ${FILE_PATH}/v2.log PHP_URL="https://00.ssss.nyc.mn/sub.php" QR_URL="https://00.ssss.nyc.mn/qrencode" $COMMAND "${FILE_PATH}/${SUB_TOKEN}.php" "$PHP_URL" $COMMAND "${WORKDIR}/qrencode" "$QR_URL" && chmod +x "${WORKDIR}/qrencode" V2rayN_LINK="https://${USERNAME}.${CURRENT_DOMAIN}/v2.log" AUTO_LINK="https://${USERNAME}.${CURRENT_DOMAIN}/${SUB_TOKEN}" curl -sS "https://sublink.eooce.com/clash?config=${V2rayN_LINK}" -o ${FILE_PATH}/clash.yaml curl -sS "https://sublink.eooce.com/singbox?config=${V2rayN_LINK}" -o ${FILE_PATH}/singbox.yaml "${WORKDIR}/qrencode" -m 2 -t UTF8 "${AUTO_LINK}" purple "\n自适应节点订阅链接: ${AUTO_LINK}\n" green "二维码和节点订阅链接适用于 V2rayN/Nekoray/ShadowRocket/Clash/Mihomo/Sing-box/karing/Loon/sterisand 等\n\n" cat > ${FILE_PATH}/.htaccess << EOF RewriteEngine On DirectoryIndex index.html RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(\?|$) RewriteRule ^$ /index.html [L] Order Allow,Deny Allow from all Order Allow,Deny Deny from all RewriteRule ^${SUB_TOKEN}$ ${SUB_TOKEN}.php [L] EOF } get_links(){ argodomain=$(get_argodomain) echo -e "\e[1;32mArgoDomain:\e[1;35m${argodomain}\e[0m\n" ISP=$(curl -sm 3 -H "User-Agent: Mozilla/5.0" "https://api.ip.sb/geoip" | awk -F\" '{print $32}' | sed -e 's/ /_/g' || echo "0") get_name() { if [ "$HOSTNAME" = "s1.ct8.pl" ]; then SERVER="CT8"; else SERVER=$(echo "$HOSTNAME" | cut -d '.' -f 1); fi; echo "$SERVER"; } NAME="$ISP-$(get_name)" yellow "注意:v2ray或其他软件的跳过证书验证需设置为true,否则hy2或tuic节点可能不通\n" cat > ${FILE_PATH}/list.txt <