From d58848e9b6b95c161b7dd6616546b629feddd5a5 Mon Sep 17 00:00:00 2001 From: mack-a Date: Tue, 11 Oct 2022 16:02:05 +0800 Subject: [PATCH] =?UTF-8?q?feat(=E8=84=9A=E6=9C=AC):=20=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E5=AE=89=E8=A3=85=E6=97=B6=E8=87=AA=E5=AE=9A=E4=B9=89=E7=AB=AF?= =?UTF-8?q?=E5=8F=A3=E3=80=81DNS=E7=94=B3=E8=AF=B7=E9=80=9A=E9=85=8D?= =?UTF-8?q?=E7=AC=A6=E8=AF=81=E4=B9=A6=E3=80=81=E5=85=BC=E5=AE=B9=E4=B8=8D?= =?UTF-8?q?=E6=94=AF=E6=8C=8180=E3=80=81443=E7=AB=AF=E5=8F=A3=E7=9A=84?= =?UTF-8?q?=E6=9C=BA=E5=99=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- install.sh | 160 +++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 124 insertions(+), 36 deletions(-) diff --git a/install.sh b/install.sh index 33d90fe..43fd799 100644 --- a/install.sh +++ b/install.sh @@ -211,6 +211,9 @@ initVar() { # 该域名是否通过dns安装通配符证书 installDNSACMEStatus= + + # 自定义端口 + customPort= } # 读取tls证书详情 @@ -219,6 +222,16 @@ readAcmeTLS() { installDNSACMEStatus=true fi } +# 读取默认自定义端口 +readCustomPort() { + if [[ -n "${configPath}" ]]; then + local port= + port=$(jq -r .inbounds[0].port "${configPath}02_VLESS_TCP_inbounds.json") + if [[ "${port}" != "443" ]]; then + customPort=${port} + fi + fi +} # 检测安装方式 readInstallType() { coreInstallType= @@ -230,7 +243,6 @@ readInstallType() { if [[ -d "/etc/v2ray-agent/v2ray" && -f "/etc/v2ray-agent/v2ray/v2ray" && -f "/etc/v2ray-agent/v2ray/v2ctl" ]]; then if [[ -d "/etc/v2ray-agent/v2ray/conf" && -f "/etc/v2ray-agent/v2ray/conf/02_VLESS_TCP_inbounds.json" ]]; then configPath=/etc/v2ray-agent/v2ray/conf/ - if grep ${nginxConfigPath}alone.conf server { - listen 80; - listen [::]:80; + listen ${port}; + listen [::]:${port}; server_name ${domain}; root /usr/share/nginx/html; location ~ /.well-known { @@ -845,9 +864,6 @@ server { } } EOF - # 启动nginx - handleNginx start - checkIP fi readAcmeTLS @@ -866,24 +882,13 @@ updateRedirectNginxConf() { } EOF - else + elif [[ -n "${customPort}" ]]; then cat <${nginxConfigPath}alone.conf - server { - listen 80; - server_name _; - return 403; - } - server { - listen 127.0.0.1:31300; - server_name _; - return 403; - } - server { - listen 80; - listen [::]:80; - server_name ${domain}; - return 302 https://${domain}\${request_uri}; - } + server { + listen 127.0.0.1:31300; + server_name _; + return 403; + } EOF fi @@ -1014,7 +1019,13 @@ EOF # 检查ip checkIP() { echoContent skyBlue "\n ---> 检查域名ip中" - localIP=$(curl -s -m 2 "${domain}/ip") + local checkDomain=${domain} + if [[ -n "${customPort}" ]]; then + checkDomain="http://${domain}:${customPort}" + fi + local localIP= + localIP=$(curl -s -m 2 "${checkDomain}/ip") + handleNginx stop if [[ -z ${localIP} ]] || ! echo "${localIP}" | sed '1{s/[^(]*(//;s/).*//;q}' | grep -q '\.' && ! echo "${localIP}" | sed '1{s/[^(]*(//;s/).*//;q}' | grep -q ':'; then echoContent red "\n ---> 未检测到当前域名的ip" @@ -1023,15 +1034,27 @@ checkIP() { echoContent yellow " ---> 2.检查域名dns解析是否正确" echoContent yellow " ---> 3.如解析正确,请等待dns生效,预计三分钟内生效" echoContent yellow " ---> 4.如报Nginx启动问题,请手动启动nginx查看错误,如自己无法处理请提issues" + echo echoContent skyBlue " ---> 如以上设置都正确,请重新安装纯净系统后再次尝试" if [[ -n ${localIP} ]]; then echoContent yellow " ---> 检测返回值异常,建议手动卸载nginx后重新执行脚本" fi - echoContent red " ---> 请检查防火墙规则是否开放443、80\n" - read -r -p "是否通过脚本修改防火墙规则开放443、80端口?[y/n]:" allPortFirewallStatus + local portFirewallPortStatus="443、80" + + if [[ -n "${customPort}" ]]; then + portFirewallPortStatus="${customPort}" + fi + echoContent red " ---> 请检查防火墙规则是否开放${portFirewallPortStatus}\n" + read -r -p "是否通过脚本修改防火墙规则开放${portFirewallPortStatus}端口?[y/n]:" allPortFirewallStatus + if [[ ${allPortFirewallStatus} == "y" ]]; then - allowPort 80 - allowPort 443 + if [[ -n "${customPort}" ]]; then + allowPort "${customPort}" + else + allowPort 80 + allowPort 443 + fi + handleNginx start checkIP else @@ -1107,9 +1130,13 @@ acmeInstallSSL() { installSSLIPv6="--listen-v6" fi echo - read -r -p "是否使用DNS申请证书[y/n]:" installSSLDNStatus - if [[ ${installSSLDNStatus} == 'y' ]]; then + if [[ -n "${customPort}" ]]; then dnsSSLStatus=true + else + read -r -p "是否使用DNS申请证书[y/n]:" installSSLDNStatus + if [[ ${installSSLDNStatus} == 'y' ]]; then + dnsSSLStatus=true + fi fi if [[ "${dnsSSLStatus}" == "true" ]]; then @@ -1146,6 +1173,38 @@ acmeInstallSSL() { fi readAcmeTLS } +# 自定义端口 +customPortFunction() { + local historyCustomPortStatus= + if [[ -n "${customPort}" ]]; then + echo + read -r -p "读取到上次安装时的端口,是否使用上次安装时的端口 ?[y/n]:" historyCustomPortStatus + if [[ "${historyCustomPortStatus}" == "y" ]]; then + echoContent yellow "\n ---> 端口: ${customPort}" + fi + fi + + if [[ "${historyCustomPortStatus}" == "n" || -z "${customPort}" ]]; then + echo + echoContent yellow "请输入自定义端口[例: 2083],自定义端口后只允许使用DNS申请证书,[回车]使用443" + read -r -p "端口:" customPort + if ((customPort >= 1 && customPort <= 65535)); then + checkCustomPort + else + echoContent green " ---> 端口输入错误" + exit + fi + fi + +} +# 检测端口是否占用 +checkCustomPort() { + if lsof -i "tcp:${customPort}" | grep -q LISTEN; then + echoContent red "\n ---> ${customPort}端口被占用,请手动关闭后安装\n" + lsof -i tcp:80 | grep LISTEN + exit 0 + fi +} # 安装TLS installTLS() { @@ -1373,10 +1432,10 @@ renewalTLS() { fi fi - if [[ -d "$HOME/.acme.sh/${domain}_ecc" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]] || [[ "${dnsTLSDomainStatus}" == "true" ]]; then + if [[ -d "$HOME/.acme.sh/${domain}_ecc" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]] || [[ "${installDNSACMEStatus}" == "true" ]]; then modifyTime= - if [[ "${dnsTLSDomainStatus}" == "true" ]]; then + if [[ "${installDNSACMEStatus}" == "true" ]]; then modifyTime=$(stat "$HOME/.acme.sh/*.${dnsTLSDomain}_ecc/*.${dnsTLSDomain}.cer" | sed -n '7,6p' | awk '{print $2" "$3" "$4" "$5}') else modifyTime=$(stat "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" | sed -n '7,6p' | awk '{print $2" "$3" "$4" "$5}') @@ -2204,11 +2263,16 @@ EOF # VLESS_TCP getClients "${configPath}../tmp/02_VLESS_TCP_inbounds.json" "${addClientsStatus}" + local defaultPort=443 + if [[ -n "${customPort}" ]]; then + defaultPort=${customPort} + fi + cat </etc/v2ray-agent/v2ray/conf/02_VLESS_TCP_inbounds.json { "inbounds":[ { - "port": 443, + "port": ${defaultPort}, "protocol": "vless", "tag":"VLESSTCP", "settings": { @@ -2610,11 +2674,16 @@ EOF # VLESS_TCP getClients "${configPath}../tmp/02_VLESS_TCP_inbounds.json" "${addClientsStatus}" + local defaultPort=443 + if [[ -n "${customPort}" ]]; then + defaultPort=${customPort} + fi + cat </etc/v2ray-agent/xray/conf/02_VLESS_TCP_inbounds.json { "inbounds":[ { - "port": 443, + "port": ${defaultPort}, "protocol": "vless", "tag":"VLESSTCP", "settings": { @@ -3152,6 +3221,11 @@ addCorePort() { # 开放端口 allowPort "${port}" + local settingsPort=443 + if [[ -n "${customPort}" ]]; then + settingsPort=${customPort} + fi + cat <"${fileName}" { "inbounds": [ @@ -3161,7 +3235,7 @@ addCorePort() { "protocol": "dokodemo-door", "settings": { "address": "127.0.0.1", - "port": 443, + "port": ${settingsPort}, "network": "tcp", "followRedirect": false }, @@ -4639,6 +4713,10 @@ customXrayInstall() { installTools 1 # 申请tls initTLSNginxConfig 2 + handleXray stop + handleNginx start + checkIP + installTLS 3 handleNginx stop # 随机path @@ -4715,6 +4793,11 @@ v2rayCoreInstall() { installTools 2 # 申请tls initTLSNginxConfig 3 + + handleV2Ray stop + handleNginx start + checkIP + installTLS 4 handleNginx stop # initNginxConfig 5 @@ -4745,6 +4828,11 @@ xrayCoreInstall() { installTools 2 # 申请tls initTLSNginxConfig 3 + + handleXray stop + handleNginx start + checkIP + installTLS 4 handleNginx stop randomPathFunction 5 @@ -4902,7 +4990,7 @@ menu() { cd "$HOME" || exit echoContent red "\n==============================================================" echoContent green "作者:mack-a" - echoContent green "当前版本:v2.5.78" + echoContent green "当前版本:v2.6.1" echoContent green "Github:https://github.com/mack-a/v2ray-agent" echoContent green "描述:八合一共存脚本\c" showInstallStatus