#!/bin/bash #==================================================== # System Request:Debian 9+/Ubuntu 18.04+/Centos 7+ # Author: wulabing # Dscription: V2ray ws+tls onekey Management # Version: 1.0 # email:admin@wulabing.com # Official document: www.v2ray.com #==================================================== PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin export PATH cd "$( cd "$(dirname "$0")" || exit pwd )" || exit #fonts color Green="\033[32m" Red="\033[31m" # Yellow="\033[33m" GreenBG="\033[42;37m" RedBG="\033[41;37m" Font="\033[0m" #notification information # Info="${Green}[信息]${Font}" OK="${Green}[OK]${Font}" Error="${Red}[错误]${Font}" # 版本 shell_version="1.1.9.0" shell_mode="None" github_branch="master" version_cmp="/tmp/version_cmp.tmp" v2ray_conf_dir="/etc/v2ray" nginx_conf_dir="/etc/nginx/conf/conf.d" v2ray_conf="${v2ray_conf_dir}/config.json" nginx_conf="${nginx_conf_dir}/v2ray.conf" nginx_dir="/etc/nginx" web_dir="/home/wwwroot" nginx_openssl_src="/usr/local/src" v2ray_bin_dir_old="/usr/bin/v2ray" v2ray_bin_dir="/usr/local/bin/v2ray" v2ctl_bin_dir="/usr/local/bin/v2ctl" v2ray_info_file="$HOME/v2ray_info.inf" v2ray_qr_config_file="/usr/local/vmess_qr.json" nginx_systemd_file="/etc/systemd/system/nginx.service" v2ray_systemd_file="/etc/systemd/system/v2ray.service" v2ray_access_log="/var/log/v2ray/access.log" v2ray_error_log="/var/log/v2ray/error.log" amce_sh_file="/root/.acme.sh/acme.sh" ssl_update_file="/usr/bin/ssl_update.sh" nginx_version="1.20.1" openssl_version="1.1.1k" jemalloc_version="5.2.1" old_config_status="off" # v2ray_plugin_version="$(wget -qO- "https://github.com/shadowsocks/v2ray-plugin/tags" | grep -E "/shadowsocks/v2ray-plugin/releases/tag/" | head -1 | sed -r 's/.*tag\/v(.+)\">.*/\1/')" #移动旧版本配置信息 对小于 1.1.0 版本适配 [[ -f "/etc/v2ray/vmess_qr.json" ]] && mv /etc/v2ray/vmess_qr.json $v2ray_qr_config_file #简易随机数 random_num=$((RANDOM%12+4)) #生成伪装路径 camouflage="/$(head -n 10 /dev/urandom | md5sum | head -c ${random_num})/" THREAD=$(grep 'processor' /proc/cpuinfo | sort -u | wc -l) source '/etc/os-release' #从VERSION中提取发行版系统的英文名称,为了在debian/ubuntu下添加相对应的Nginx apt源 VERSION=$(echo "${VERSION}" | awk -F "[()]" '{print $2}') check_system() { if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]]; then echo -e "${OK} ${GreenBG} 当前系统为 Centos ${VERSION_ID} ${VERSION} ${Font}" INS="yum" elif [[ "${ID}" == "debian" && ${VERSION_ID} -ge 8 ]]; then echo -e "${OK} ${GreenBG} 当前系统为 Debian ${VERSION_ID} ${VERSION} ${Font}" INS="apt" $INS update ## 添加 Nginx apt源 elif [[ "${ID}" == "ubuntu" && $(echo "${VERSION_ID}" | cut -d '.' -f1) -ge 16 ]]; then echo -e "${OK} ${GreenBG} 当前系统为 Ubuntu ${VERSION_ID} ${UBUNTU_CODENAME} ${Font}" INS="apt" rm /var/lib/dpkg/lock dpkg --configure -a rm /var/lib/apt/lists/lock rm /var/cache/apt/archives/lock $INS update else echo -e "${Error} ${RedBG} 当前系统为 ${ID} ${VERSION_ID} 不在支持的系统列表内,安装中断 ${Font}" exit 1 fi $INS install dbus systemctl stop firewalld systemctl disable firewalld echo -e "${OK} ${GreenBG} firewalld 已关闭 ${Font}" systemctl stop ufw systemctl disable ufw echo -e "${OK} ${GreenBG} ufw 已关闭 ${Font}" } is_root() { if [ 0 == $UID ]; then echo -e "${OK} ${GreenBG} 当前用户是root用户,进入安装流程 ${Font}" sleep 3 else echo -e "${Error} ${RedBG} 当前用户不是root用户,请切换到root用户后重新执行脚本 ${Font}" exit 1 fi } judge() { if [[ 0 -eq $? ]]; then echo -e "${OK} ${GreenBG} $1 完成 ${Font}" sleep 1 else echo -e "${Error} ${RedBG} $1 失败${Font}" exit 1 fi } chrony_install() { ${INS} -y install chrony judge "安装 chrony 时间同步服务 " timedatectl set-ntp true if [[ "${ID}" == "centos" ]]; then systemctl enable chronyd && systemctl restart chronyd else systemctl enable chrony && systemctl restart chrony fi judge "chronyd 启动 " timedatectl set-timezone Asia/Shanghai echo -e "${OK} ${GreenBG} 等待时间同步 ${Font}" sleep 10 chronyc sourcestats -v chronyc tracking -v date read -rp "请确认时间是否准确,误差范围±3分钟(Y/N): " chrony_install [[ -z ${chrony_install} ]] && chrony_install="Y" case $chrony_install in [yY][eE][sS] | [yY]) echo -e "${GreenBG} 继续安装 ${Font}" sleep 2 ;; *) echo -e "${RedBG} 安装终止 ${Font}" exit 2 ;; esac } dependency_install() { ${INS} install wget git lsof bind9-dnsutils -y if [[ "${ID}" == "centos" ]]; then ${INS} -y install crontabs else ${INS} -y install cron fi judge "安装 crontab" if [[ "${ID}" == "centos" ]]; then touch /var/spool/cron/root && chmod 600 /var/spool/cron/root systemctl start crond && systemctl enable crond else touch /var/spool/cron/crontabs/root && chmod 600 /var/spool/cron/crontabs/root systemctl start cron && systemctl enable cron fi judge "crontab 自启动配置 " ${INS} -y install bc judge "安装 bc" ${INS} -y install unzip judge "安装 unzip" ${INS} -y install qrencode judge "安装 qrencode" ${INS} -y install curl judge "安装 curl" if [[ "${ID}" == "centos" ]]; then ${INS} -y groupinstall "Development tools" else ${INS} -y install build-essential fi judge "编译工具包 安装" if [[ "${ID}" == "centos" ]]; then ${INS} -y install pcre pcre-devel zlib-devel epel-release else ${INS} -y install libpcre3 libpcre3-dev zlib1g-dev dbus fi # ${INS} -y install rng-tools # judge "rng-tools 安装" ${INS} -y install haveged # judge "haveged 安装" # sed -i -r '/^HRNGDEVICE/d;/#HRNGDEVICE=\/dev\/null/a HRNGDEVICE=/dev/urandom' /etc/default/rng-tools if [[ "${ID}" == "centos" ]]; then # systemctl start rngd && systemctl enable rngd # judge "rng-tools 启动" systemctl start haveged && systemctl enable haveged # judge "haveged 启动" else # systemctl start rng-tools && systemctl enable rng-tools # judge "rng-tools 启动" systemctl start haveged && systemctl enable haveged # judge "haveged 启动" fi mkdir -p /usr/local/bin >/dev/null 2>&1 } basic_optimization() { # 最大文件打开数 sed -i '/^\*\ *soft\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf sed -i '/^\*\ *hard\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf echo '* soft nofile 65536' >>/etc/security/limits.conf echo '* hard nofile 65536' >>/etc/security/limits.conf # 关闭 Selinux if [[ "${ID}" == "centos" ]]; then sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config setenforce 0 fi } port_alterid_set() { if [[ "on" != "$old_config_status" ]]; then read -rp "请输入连接端口(default:443):" port [[ -z ${port} ]] && port="443" alterID="0" fi } modify_path() { if [[ "on" == "$old_config_status" ]]; then camouflage="$(grep '\"path\"' $v2ray_qr_config_file | awk -F '"' '{print $4}')" fi sed -i "/\"path\"/c \\\t \"path\":\"${camouflage}\"" ${v2ray_conf} judge "V2ray 伪装路径 修改" } modify_inbound_port() { if [[ "on" == "$old_config_status" ]]; then port="$(info_extraction '\"port\"')" fi if [[ "$shell_mode" != "h2" ]]; then PORT=$((RANDOM + 10000)) sed -i "/\"port\"/c \ \"port\":${PORT}," ${v2ray_conf} else sed -i "/\"port\"/c \ \"port\":${port}," ${v2ray_conf} fi judge "V2ray inbound_port 修改" } modify_UUID() { [ -z "$UUID" ] && UUID=$(cat /proc/sys/kernel/random/uuid) if [[ "on" == "$old_config_status" ]]; then UUID="$(info_extraction '\"id\"')" fi sed -i "/\"id\"/c \\\t \"id\":\"${UUID}\"," ${v2ray_conf} judge "V2ray UUID 修改" [ -f ${v2ray_qr_config_file} ] && sed -i "/\"id\"/c \\ \"id\": \"${UUID}\"," ${v2ray_qr_config_file} echo -e "${OK} ${GreenBG} UUID:${UUID} ${Font}" } modify_nginx_port() { if [[ "on" == "$old_config_status" ]]; then port="$(info_extraction '\"port\"')" fi sed -i "/ssl http2;$/c \\\tlisten ${port} ssl http2;" ${nginx_conf} sed -i "3c \\\tlisten [::]:${port} http2;" ${nginx_conf} judge "V2ray port 修改" [ -f ${v2ray_qr_config_file} ] && sed -i "/\"port\"/c \\ \"port\": \"${port}\"," ${v2ray_qr_config_file} echo -e "${OK} ${GreenBG} 端口号:${port} ${Font}" } modify_nginx_other() { sed -i "/server_name/c \\\tserver_name ${domain};" ${nginx_conf} sed -i "/location/c \\\tlocation ${camouflage}" ${nginx_conf} sed -i "/proxy_pass/c \\\tproxy_pass http://127.0.0.1:${PORT};" ${nginx_conf} sed -i "/return/c \\\treturn 301 https://${domain}\$request_uri;" ${nginx_conf} #sed -i "27i \\\tproxy_intercept_errors on;" ${nginx_dir}/conf/nginx.conf } web_camouflage() { ##请注意 这里和LNMP脚本的默认路径冲突,千万不要在安装了LNMP的环境下使用本脚本,否则后果自负 rm -rf /home/wwwroot mkdir -p /home/wwwroot cd /home/wwwroot || exit git clone https://github.com/wulabing/3DCEList.git judge "web 站点伪装" } v2ray_install() { if [[ -d /root/v2ray ]]; then rm -rf /root/v2ray fi if [[ -d /etc/v2ray ]]; then rm -rf /etc/v2ray fi mkdir -p /root/v2ray cd /root/v2ray || exit wget -N --no-check-certificate https://raw.githubusercontent.com/wulabing/V2Ray_ws-tls_bash_onekey/${github_branch}/v2ray.sh if [[ -f v2ray.sh ]]; then rm -rf $v2ray_systemd_file systemctl daemon-reload bash v2ray.sh --force judge "安装 V2ray" else echo -e "${Error} ${RedBG} V2ray 安装文件下载失败,请检查下载地址是否可用 ${Font}" exit 4 fi # 清除临时文件 rm -rf /root/v2ray } nginx_exist_check() { if [[ -f "/etc/nginx/sbin/nginx" ]]; then echo -e "${OK} ${GreenBG} Nginx已存在,跳过编译安装过程 ${Font}" sleep 2 elif [[ -d "/usr/local/nginx/" ]]; then echo -e "${OK} ${GreenBG} 检测到其他套件安装的Nginx,继续安装会造成冲突,请处理后安装${Font}" exit 1 else nginx_install fi } nginx_install() { # if [[ -d "/etc/nginx" ]];then # rm -rf /etc/nginx # fi wget -nc --no-check-certificate http://nginx.org/download/nginx-${nginx_version}.tar.gz -P ${nginx_openssl_src} judge "Nginx 下载" wget -nc --no-check-certificate https://www.openssl.org/source/openssl-${openssl_version}.tar.gz -P ${nginx_openssl_src} judge "openssl 下载" wget -nc --no-check-certificate https://github.com/jemalloc/jemalloc/releases/download/${jemalloc_version}/jemalloc-${jemalloc_version}.tar.bz2 -P ${nginx_openssl_src} judge "jemalloc 下载" cd ${nginx_openssl_src} || exit [[ -d nginx-"$nginx_version" ]] && rm -rf nginx-"$nginx_version" tar -zxvf nginx-"$nginx_version".tar.gz [[ -d openssl-"$openssl_version" ]] && rm -rf openssl-"$openssl_version" tar -zxvf openssl-"$openssl_version".tar.gz [[ -d jemalloc-"${jemalloc_version}" ]] && rm -rf jemalloc-"${jemalloc_version}" tar -xvf jemalloc-"${jemalloc_version}".tar.bz2 [[ -d "$nginx_dir" ]] && rm -rf ${nginx_dir} echo -e "${OK} ${GreenBG} 即将开始编译安装 jemalloc ${Font}" sleep 2 cd jemalloc-${jemalloc_version} || exit ./configure judge "编译检查" make -j "${THREAD}" && make install judge "jemalloc 编译安装" echo '/usr/local/lib' >/etc/ld.so.conf.d/local.conf ldconfig echo -e "${OK} ${GreenBG} 即将开始编译安装 Nginx, 过程稍久,请耐心等待 ${Font}" sleep 4 cd ../nginx-${nginx_version} || exit ./configure --prefix="${nginx_dir}" \ --with-http_ssl_module \ --with-http_sub_module \ --with-http_gzip_static_module \ --with-http_stub_status_module \ --with-pcre \ --with-http_realip_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_secure_link_module \ --with-http_v2_module \ --with-cc-opt='-O3' \ --with-ld-opt="-ljemalloc" \ --with-openssl=../openssl-"$openssl_version" judge "编译检查" make -j "${THREAD}" && make install judge "Nginx 编译安装" # 修改基本配置 sed -i 's/#user nobody;/user root;/' ${nginx_dir}/conf/nginx.conf sed -i 's/worker_processes 1;/worker_processes 3;/' ${nginx_dir}/conf/nginx.conf sed -i 's/ worker_connections 1024;/ worker_connections 4096;/' ${nginx_dir}/conf/nginx.conf sed -i '$i include conf.d/*.conf;' ${nginx_dir}/conf/nginx.conf # 删除临时文件 rm -rf ../nginx-"${nginx_version}" rm -rf ../openssl-"${openssl_version}" rm -rf ../nginx-"${nginx_version}".tar.gz rm -rf ../openssl-"${openssl_version}".tar.gz # 添加配置文件夹,适配旧版脚本 mkdir ${nginx_dir}/conf/conf.d } ssl_install() { if [[ "${ID}" == "centos" ]]; then ${INS} install socat nc -y elif [[ "${ID}" == "debian" && ${VERSION_ID} -ge 12 ]]; then ${INS} install socat netcat-openbsd -y else ${INS} install socat netcat -y fi judge "安装 SSL 证书生成脚本依赖" curl https://get.acme.sh | sh judge "安装 SSL 证书生成脚本" } domain_check() { read -rp "请输入你的域名信息(eg:www.wulabing.com):" domain domain_ipv4="$(dig +short "${domain}" a)" domain_ipv6="$(dig +short "${domain}" aaaa)" echo -e "${OK} ${GreenBG} 正在获取 公网ip 信息,请耐心等待 ${Font}" wgcfv4_status=$(curl -s4m8 https://www.cloudflare.com/cdn-cgi/trace -k | grep warp | cut -d= -f2) wgcfv6_status=$(curl -s6m8 https://www.cloudflare.com/cdn-cgi/trace -k | grep warp | cut -d= -f2) if [[ ${wgcfv4_status} =~ "on"|"plus" ]] || [[ ${wgcfv6_status} =~ "on"|"plus" ]]; then # 关闭wgcf-warp,以防误判VPS IP情况 wg-quick down wgcf >/dev/null 2>&1 echo -e "${OK} ${GreenBG} 已关闭 wgcf-warp ${Font}" fi local_ipv4=$(curl -s4m8 http://ip.sb) local_ipv6=$(curl -s6m8 http://ip.sb) if [[ -z ${local_ipv4} && -n ${local_ipv6} ]]; then echo -e nameserver 2a01:4f8:c2c:123f::1 > /etc/resolv.conf echo -e "${OK} ${GreenBG} 识别为 IPv6 Only 的 VPS,自动添加 DNS64 服务器 ${Font}" fi echo -e "域名 DNS 解析到的的 IP:${domain_ip}" echo -e "本机IPv4: ${local_ipv4}" echo -e "本机IPv6: ${local_ipv6}" sleep 2 if [[ ${domain_ipv4} == ${local_ipv4} ]]; then echo -e "${OK} ${GreenBG} 域名 DNS 解析 IP 与 本机 IPv4 匹配 ${Font}" sleep 2 elif [[ ${domain_ipv6} == ${local_ipv6} ]]; then echo -e "${OK} ${GreenBG} 域名 DNS 解析 IP 与 本机 IPv6 匹配 ${Font}" sleep 2 else echo -e "${Error} ${RedBG} 请确保域名添加了正确的 A / AAAA 记录,否则将无法正常使用 V2ray ${Font}" echo -e "${Error} ${RedBG} 域名 DNS 解析 IP 与 本机 IPv4 / IPv6 不匹配 是否继续安装?(y/n)${Font}" && read -r install case $install in [yY][eE][sS] | [yY]) echo -e "${GreenBG} 继续安装 ${Font}" sleep 2 ;; *) echo -e "${RedBG} 安装终止 ${Font}" exit 2 ;; esac fi } port_exist_check() { if [[ 0 -eq $(lsof -i:"$1" | grep -i -c "listen") ]]; then echo -e "${OK} ${GreenBG} $1 端口未被占用 ${Font}" sleep 1 else echo -e "${Error} ${RedBG} 检测到 $1 端口被占用,以下为 $1 端口占用信息 ${Font}" lsof -i:"$1" echo -e "${OK} ${GreenBG} 5s 后将尝试自动 kill 占用进程 ${Font}" sleep 5 lsof -i:"$1" | awk '{print $2}' | grep -v "PID" | xargs kill -9 echo -e "${OK} ${GreenBG} kill 完成 ${Font}" sleep 1 fi } acme() { "$HOME"/.acme.sh/acme.sh --set-default-ca --server letsencrypt if "$HOME"/.acme.sh/acme.sh --issue --insecure -d "${domain}" --standalone -k ec-256 --force; then echo -e "${OK} ${GreenBG} SSL 证书生成成功 ${Font}" sleep 2 mkdir /data if "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath /data/v2ray.crt --keypath /data/v2ray.key --ecc --force; then echo -e "${OK} ${GreenBG} 证书配置成功 ${Font}" sleep 2 if [[ -n $(type -P wgcf) && -n $(type -P wg-quick) ]]; then wg-quick up wgcf >/dev/null 2>&1 echo -e "${OK} ${GreenBG} 已启动 wgcf-warp ${Font}" fi fi else echo -e "${Error} ${RedBG} SSL 证书生成失败 ${Font}" rm -rf "$HOME/.acme.sh/${domain}_ecc" if [[ -n $(type -P wgcf) && -n $(type -P wg-quick) ]]; then wg-quick up wgcf >/dev/null 2>&1 echo -e "${OK} ${GreenBG} 已启动 wgcf-warp ${Font}" fi exit 1 fi } v2ray_conf_add_tls() { cd /etc/v2ray || exit wget --no-check-certificate https://raw.githubusercontent.com/wulabing/V2Ray_ws-tls_bash_onekey/${github_branch}/tls/config.json -O config.json modify_path modify_inbound_port modify_UUID } v2ray_conf_add_h2() { cd /etc/v2ray || exit wget --no-check-certificate https://raw.githubusercontent.com/wulabing/V2Ray_ws-tls_bash_onekey/${github_branch}/http2/config.json -O config.json modify_path modify_inbound_port modify_UUID } old_config_exist_check() { if [[ -f $v2ray_qr_config_file ]]; then echo -e "${OK} ${GreenBG} 检测到旧配置文件,是否读取旧文件配置 [Y/N]? ${Font}" read -r ssl_delete case $ssl_delete in [yY][eE][sS] | [yY]) echo -e "${OK} ${GreenBG} 已保留旧配置 ${Font}" old_config_status="on" port=$(info_extraction '\"port\"') ;; *) rm -rf $v2ray_qr_config_file echo -e "${OK} ${GreenBG} 已删除旧配置 ${Font}" ;; esac fi } nginx_conf_add() { touch ${nginx_conf_dir}/v2ray.conf cat >${nginx_conf_dir}/v2ray.conf <> /etc/rc.local # systemctl start rc-local # fi # # judge "rc.local 配置" #} acme_cron_update() { wget -N -P /usr/bin --no-check-certificate "https://raw.githubusercontent.com/wulabing/V2Ray_ws-tls_bash_onekey/dev/ssl_update.sh" if [[ $(crontab -l | grep -c "ssl_update.sh") -lt 1 ]]; then if [[ "${ID}" == "centos" ]]; then # sed -i "/acme.sh/c 0 3 * * 0 \"/root/.acme.sh\"/acme.sh --cron --home \"/root/.acme.sh\" \ # &> /dev/null" /var/spool/cron/root sed -i "/acme.sh/c 0 3 * * 0 bash ${ssl_update_file}" /var/spool/cron/root else # sed -i "/acme.sh/c 0 3 * * 0 \"/root/.acme.sh\"/acme.sh --cron --home \"/root/.acme.sh\" \ # &> /dev/null" /var/spool/cron/crontabs/root sed -i "/acme.sh/c 0 3 * * 0 bash ${ssl_update_file}" /var/spool/cron/crontabs/root fi fi judge "cron 计划任务更新" } vmess_qr_config_tls_ws() { cat >$v2ray_qr_config_file <<-EOF { "v": "2", "ps": "wulabing_${domain}", "add": "${domain}", "port": "${port}", "id": "${UUID}", "aid": "${alterID}", "net": "ws", "type": "none", "host": "${domain}", "path": "${camouflage}", "tls": "tls" } EOF } vmess_qr_config_h2() { cat >$v2ray_qr_config_file <<-EOF { "v": "2", "ps": "wulabing_${domain}", "add": "${domain}", "port": "${port}", "id": "${UUID}", "aid": "${alterID}", "net": "h2", "type": "none", "path": "${camouflage}", "tls": "tls" } EOF } vmess_qr_link_image() { vmess_link="vmess://$(base64 -w 0 $v2ray_qr_config_file)" { echo -e "$Red 二维码: $Font" echo -n "${vmess_link}" | qrencode -o - -t utf8 echo -e "${Red} URL导入链接:${vmess_link} ${Font}" } >>"${v2ray_info_file}" } vmess_quan_link_image() { echo "$(info_extraction '\"ps\"') = vmess, $(info_extraction '\"add\"'), \ $(info_extraction '\"port\"'), chacha20-ietf-poly1305, "\"$(info_extraction '\"id\"')\"", over-tls=true, \ certificate=1, obfs=ws, obfs-path="\"$(info_extraction '\"path\"')\"", " > /tmp/vmess_quan.tmp vmess_link="vmess://$(base64 -w 0 /tmp/vmess_quan.tmp)" { echo -e "$Red 二维码: $Font" echo -n "${vmess_link}" | qrencode -o - -t utf8 echo -e "${Red} URL导入链接:${vmess_link} ${Font}" } >>"${v2ray_info_file}" } vmess_link_image_choice() { echo "请选择生成的链接种类" echo "1: V2RayNG/V2RayN" echo "2: quantumult" read -rp "请输入:" link_version [[ -z ${link_version} ]] && link_version=1 if [[ $link_version == 1 ]]; then vmess_qr_link_image elif [[ $link_version == 2 ]]; then vmess_quan_link_image else vmess_qr_link_image fi } info_extraction() { grep "$1" $v2ray_qr_config_file | awk -F '"' '{print $4}' } basic_information() { { echo -e "${OK} ${GreenBG} V2ray+ws+tls 安装成功" echo -e "${Red} V2ray 配置信息 ${Font}" echo -e "${Red} 地址(address):${Font} $(info_extraction '\"add\"') " echo -e "${Red} 端口(port):${Font} $(info_extraction '\"port\"') " echo -e "${Red} 用户id(UUID):${Font} $(info_extraction '\"id\"')" echo -e "${Red} 额外id(alterId):${Font} $(info_extraction '\"aid\"')" echo -e "${Red} 加密方式(security):${Font} 自适应 " echo -e "${Red} 传输协议(network):${Font} $(info_extraction '\"net\"') " echo -e "${Red} 伪装类型(type):${Font} none " echo -e "${Red} 路径(不要落下/):${Font} $(info_extraction '\"path\"') " echo -e "${Red} 底层传输安全:${Font} tls " } >"${v2ray_info_file}" } show_information() { cat "${v2ray_info_file}" } ssl_judge_and_install() { if [[ -f "/data/v2ray.key" || -f "/data/v2ray.crt" ]]; then echo "/data 目录下证书文件已存在" echo -e "${OK} ${GreenBG} 是否删除 [Y/N]? ${Font}" read -r ssl_delete case $ssl_delete in [yY][eE][sS] | [yY]) rm -rf /data/v2ray.crt /data/v2ray.key echo -e "${OK} ${GreenBG} 已删除 ${Font}" ;; *) ;; esac fi if [[ -f "/data/v2ray.key" || -f "/data/v2ray.crt" ]]; then echo "证书文件已存在" elif [[ -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]]; then echo "证书文件已存在" "$HOME"/.acme.sh/acme.sh --installcert -d "${domain}" --fullchainpath /data/v2ray.crt --keypath /data/v2ray.key --ecc judge "证书应用" else ssl_install acme fi } nginx_systemd() { cat >$nginx_systemd_file </dev/null 2>&1 [[ -d $HOME/.acme.sh ]] && rm -rf "$HOME/.acme.sh" echo -e "${OK} ${GreenBG} 已清空证书遗留文件 ${Font}" } judge_mode() { if [ -f $v2ray_bin_dir ] || [ -f $v2ray_bin_dir_old/v2ray ]; then if grep -q "ws" $v2ray_qr_config_file; then shell_mode="ws" elif grep -q "h2" $v2ray_qr_config_file; then shell_mode="h2" fi fi } install_v2ray_ws_tls() { is_root check_system chrony_install dependency_install basic_optimization domain_check old_config_exist_check port_alterid_set v2ray_install port_exist_check 80 port_exist_check "${port}" nginx_exist_check v2ray_conf_add_tls nginx_conf_add web_camouflage ssl_judge_and_install nginx_systemd vmess_qr_config_tls_ws basic_information vmess_link_image_choice tls_type show_information start_process_systemd enable_process_systemd acme_cron_update } install_v2_h2() { is_root check_system chrony_install dependency_install basic_optimization domain_check old_config_exist_check port_alterid_set v2ray_install port_exist_check 80 port_exist_check "${port}" v2ray_conf_add_h2 ssl_judge_and_install vmess_qr_config_h2 basic_information vmess_qr_link_image show_information start_process_systemd enable_process_systemd } update_sh() { ol_version=$(curl -L -s https://raw.githubusercontent.com/wulabing/V2Ray_ws-tls_bash_onekey/${github_branch}/install.sh | grep "shell_version=" | head -1 | awk -F '=|"' '{print $3}') echo "$ol_version" >$version_cmp echo "$shell_version" >>$version_cmp if [[ "$shell_version" < "$(sort -rV $version_cmp | head -1)" ]]; then echo -e "${OK} ${GreenBG} 存在新版本,是否更新 [Y/N]? ${Font}" read -r update_confirm case $update_confirm in [yY][eE][sS] | [yY]) wget -N --no-check-certificate https://raw.githubusercontent.com/wulabing/V2Ray_ws-tls_bash_onekey/${github_branch}/install.sh echo -e "${OK} ${GreenBG} 更新完成 ${Font}" exit 0 ;; *) ;; esac else echo -e "${OK} ${GreenBG} 当前版本为最新版本 ${Font}" fi } maintain() { echo -e "${RedBG}该选项暂时无法使用${Font}" echo -e "${RedBG}$1${Font}" exit 0 } list() { case $1 in tls_modify) tls_type ;; uninstall) uninstall_all ;; crontab_modify) acme_cron_update ;; boost) bbr_boost_sh ;; *) menu ;; esac } modify_camouflage_path() { [[ -z ${camouflage_path} ]] && camouflage_path=1 sed -i "/location/c \\\tlocation \/${camouflage_path}\/" ${nginx_conf} #Modify the camouflage path of the nginx configuration file sed -i "/\"path\"/c \\\t \"path\":\"\/${camouflage_path}\/\"" ${v2ray_conf} #Modify the camouflage path of the v2ray configuration file judge "V2ray camouflage path modified" } menu() { update_sh echo -e "\t V2ray 安装管理脚本 ${Red}[${shell_version}]${Font}" echo -e "\t---authored by wulabing---" echo -e "\thttps://github.com/wulabing\n" echo -e "当前已安装版本:${shell_mode}\n" echo -e "—————————————— 安装向导 ——————————————""" echo -e "${Green}0.${Font} 升级 脚本" echo -e "${Green}1.${Font} 安装 V2Ray (Nginx+ws+tls)" echo -e "${Green}2.${Font} 安装 V2Ray (http/2)" echo -e "${Green}3.${Font} 升级 V2Ray core" echo -e "—————————————— 配置变更 ——————————————" echo -e "${Green}4.${Font} 变更 UUID" echo -e "${Green}6.${Font} 变更 port" echo -e "${Green}7.${Font} 变更 TLS 版本(仅ws+tls有效)" echo -e "${Green}18.${Font} 变更伪装路径" echo -e "—————————————— 查看信息 ——————————————" echo -e "${Green}8.${Font} 查看 实时访问日志" echo -e "${Green}9.${Font} 查看 实时错误日志" echo -e "${Green}10.${Font} 查看 V2Ray 配置信息" echo -e "—————————————— 其他选项 ——————————————" echo -e "${Green}11.${Font} 安装 4合1 bbr 锐速安装脚本" echo -e "${Green}12.${Font} 安装 MTproxy(支持TLS混淆)" echo -e "${Green}13.${Font} 证书 有效期更新" echo -e "${Green}14.${Font} 卸载 V2Ray" echo -e "${Green}15.${Font} 更新 证书crontab计划任务" echo -e "${Green}16.${Font} 清空 证书遗留文件" echo -e "${Green}17.${Font} 退出 \n" read -rp "请输入数字:" menu_num case $menu_num in 0) update_sh ;; 1) shell_mode="ws" install_v2ray_ws_tls ;; 2) shell_mode="h2" install_v2_h2 ;; 3) bash <(curl -L -s https://raw.githubusercontent.com/wulabing/V2Ray_ws-tls_bash_onekey/${github_branch}/v2ray.sh) ;; 4) read -rp "请输入UUID:" UUID modify_UUID start_process_systemd ;; 6) read -rp "请输入连接端口:" port if grep -q "ws" $v2ray_qr_config_file; then modify_nginx_port elif grep -q "h2" $v2ray_qr_config_file; then modify_inbound_port fi start_process_systemd ;; 7) tls_type ;; 8) show_access_log ;; 9) show_error_log ;; 10) basic_information if [[ $shell_mode == "ws" ]]; then vmess_link_image_choice else vmess_qr_link_image fi show_information ;; 11) bbr_boost_sh ;; 12) mtproxy_sh ;; 13) stop_process_systemd ssl_update_manuel start_process_systemd ;; 14) source '/etc/os-release' uninstall_all ;; 15) acme_cron_update ;; 16) delete_tls_key_and_crt ;; 17) exit 0 ;; 18) read -rp "请输入伪装路径(注意!不需要加斜杠 eg:ray):" camouflage_path modify_camouflage_path start_process_systemd ;; *) echo -e "${RedBG}请输入正确的数字${Font}" ;; esac } judge_mode list "$1"