添加 'xray-ui.sh'

xray-ui.sh

@@ -0,0 +1,369 @@
+#!/bin/bash
+curl -sS -H "Accept: application/vnd.github.v3+json" -o "/tmp/tmp_file" 'https://api.github.com/repos/qist/xray-ui/releases/latest'
+releases_version=($(sed 'y/,/\n/' "/tmp/tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}'))
+rm /tmp/tmp_file -f
+red='\033[0;31m'
+green='\033[0;32m'
+yellow='\033[0;33m'
+bblue='\033[0;34m'
+plain='\033[0m'
+
+red() { echo -e "\033[31m\033[01m$1\033[0m"; }
+green() { echo -e "\033[32m\033[01m$1\033[0m"; }
+yellow() { echo -e "\033[33m\033[01m$1\033[0m"; }
+blue() { echo -e "\033[36m\033[01m$1\033[0m"; }
+white() { echo -e "\033[37m\033[01m$1\033[0m"; }
+readp() { read -p "$(yellow "$1")" $2; }
+remoteV=${releases_version}
+clear
+white "Github项目  ：github.com/qist/xray-ui"
+yellow "感谢xray-ui代码贡献者们（vaxilu）"
+green "当前安装版本： $remoteV"
+yellow "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
+sleep 2
+cur_dir=$(pwd)
+
+# check root
+[[ $EUID -ne 0 ]] && echo -e "${red}错误：${plain} 必须使用root用户运行此脚本！\n" && exit 1
+
+# check os
+
+if [[ -f /etc/redhat-release ]]; then
+    release="centos"
+elif cat /etc/issue | grep -Eqi "debian"; then
+    release="debian"
+elif cat /etc/issue | grep -Eqi "ubuntu"; then
+    release="ubuntu"
+elif cat /etc/issue | grep -Eqi "centos|red hat|redhat"; then
+    release="centos"
+elif cat /proc/version | grep -Eqi "debian"; then
+    release="debian"
+elif cat /proc/version | grep -Eqi "ubuntu"; then
+    release="ubuntu"
+elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then
+    release="centos"
+elif cat /etc/system-release-cpe | grep -Eqi "amazon_linux"; then
+    release="amazon_linux"
+else
+    echo -e "${red}未检测到系统版本，请联系脚本作者！${plain}\n" && exit 1
+fi
+
+arch() {
+    case "$(uname -m)" in
+    x86_64 | x64 | amd64) echo 'amd64' ;;
+    i*86 | x86) echo '386' ;;
+    armv8* | armv8 | arm64 | aarch64) echo 'arm64' ;;
+    armv7* | armv7 | arm) echo 'armv7' ;;
+    armv6* | armv6) echo 'armv6' ;;
+    armv5* | armv5) echo 'armv5' ;;
+    s390x) echo 's390x' ;;
+    *) echo -e "${green}Unsupported CPU architecture! ${plain}" && rm -f install.sh && exit 1 ;;
+    esac
+}
+
+echo "arch: $(arch)"
+
+sys() {
+    [ -f /etc/os-release ] && grep -i pretty_name /etc/os-release | cut -d \" -f2 && return
+    [ -f /etc/lsb-release ] && grep -i description /etc/lsb-release | cut -d \" -f2 && return
+    [ -f /etc/redhat-release ] && awk '{print $0}' /etc/redhat-release && return
+}
+op=$(sys)
+version=$(uname -r | awk -F "-" '{print $1}')
+vi=$(systemd-detect-virt)
+white "VPS操作系统: $(blue "$op") \c" && white " 内核版本: $(blue "$version") \c" && white " CPU架构 : $(blue "$arch") \c" && white " 虚拟化类型: $(blue "$vi")"
+sleep 2
+
+if [ $(getconf WORD_BIT) != '32' ] && [ $(getconf LONG_BIT) != '64' ]; then
+    echo "本软件不支持 32 位系统(x86)，请使用 64 位系统(x86_64)，如果检测有误，请联系作者"
+    exit -1
+fi
+
+os_version=""
+
+# os version
+if [[ -f /etc/os-release ]]; then
+    os_version=$(awk -F'[= ."]' '/VERSION_ID/{print $3}' /etc/os-release)
+fi
+if [[ -z "$os_version" && -f /etc/lsb-release ]]; then
+    os_version=$(awk -F'[= ."]+' '/DISTRIB_RELEASE/{print $2}' /etc/lsb-release)
+fi
+
+if [[ x"${release}" == x"centos" ]]; then
+    if [[ ${os_version} -le 6 ]]; then
+        echo -e "${red}请使用 CentOS 7 或更高版本的系统！${plain}\n" && exit 1
+    fi
+elif [[ x"${release}" == x"ubuntu" ]]; then
+    if [[ ${os_version} -lt 16 ]]; then
+        echo -e "${red}请使用 Ubuntu 16 或更高版本的系统！${plain}\n" && exit 1
+    fi
+elif [[ x"${release}" == x"debian" ]]; then
+    if [[ ${os_version} -lt 8 ]]; then
+        echo -e "${red}请使用 Debian 8 或更高版本的系统！${plain}\n" && exit 1
+    fi
+elif [[ x"${release}" == x"amazon_linux" ]]; then
+    if [[ ${os_version} -lt 2 ]]; then
+        echo -e "${red}请使用 Amazon Linux 2 或更高版本的系统！${plain}\n" && exit 1
+    fi
+fi
+ports=$(/usr/local/xray-ui/xray-ui 2>&1 | grep tcp | awk '{print $5}' | sed "s/://g")
+if [[ -n $ports ]]; then
+    green "经检测，xray-ui已安装"
+    echo
+    acp=$(/usr/local/xray-ui/xray-ui setting -show 2>/dev/null)
+    green "$acp"
+    echo
+    readp "是否直接重装xray-ui，请输入Y/y键并回车。如不重装，输入N/n键回车退出脚本):" ins
+    if [[ $ins = [Yy] ]]; then
+        systemctl stop xray-ui
+        systemctl disable xray-ui
+        rm /etc/systemd/system/xray-ui.service -f
+        systemctl daemon-reload
+        systemctl reset-failed
+        rm /etc/xray-ui/ -rf
+        rm /usr/local/xray-ui/ -rf
+        rm -rf /root/rayuil.sh /root/acme.sh
+        sed -i '/xrayuil.sh/d' /etc/crontab
+        sed -i '/xray-ui restart/d' /etc/crontab
+    else
+        exit 1
+    fi
+fi
+install_base() {
+    if [[ x"${release}" == x"centos" ]]; then
+        if [[ ${os_version} =~ 8 ]]; then
+            yum clean all && yum makecache
+        fi
+        yum install epel-release -y && yum install wget curl tar gzip lsof -y
+
+        setenforce 0 >/dev/null 2>&1
+    else
+        apt update && apt install wget curl tar lsof gzip -y
+    fi
+}
+generate_random_string() {
+    local n=$1
+    # 定义数字、大写字母和小写字母的集合
+    local characters='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+
+    # 生成随机字符并限制在指定字符集中
+    # 从 /dev/urandom 生成随机字节，使用 tr 进行过滤
+    local random_string=$(cat /dev/urandom | tr -dc "$characters" | fold -w "$n" | head -n 1)
+
+    echo "$random_string"
+}
+
+install_xray-ui() {
+    systemctl stop xray-ui
+    cd /usr/local/
+    if [ $# == 0 ]; then
+        wget --no-check-certificate -O /usr/local/xray-ui-linux-$(arch).tar.gz https://github.com/qist/xray-ui/releases/download/${releases_version}/xray-ui-linux-$(arch).tar.gz
+        if [[ $? -ne 0 ]]; then
+            echo -e "${red}下载 xray-ui 失败，请确保你的服务器能够下载 Github 的文件${plain}"
+            rm -f install.sh
+            exit 1
+        fi
+    else
+        last_version=$1
+        url="https://github.com/qist/xray-ui/releases/download/${releases_version}/xray-ui-linux-$(arch).tar.gz"
+        echo -e "开始安装 xray-ui v$1"
+        wget  --no-check-certificate -O /usr/local/xray-ui-linux-$(arch).tar.gz ${url}
+        if [[ $? -ne 0 ]]; then
+            echo -e "${red}下载 xray-ui v$1 失败，请确保此版本存在${plain}"
+            rm -f install.sh
+            exit 1
+        fi
+    fi
+
+    if [[ -e /usr/local/xray-ui/ ]]; then
+        rm /usr/local/xray-ui/ -rf
+    fi
+
+    tar -zxvf xray-ui-linux-$(arch).tar.gz
+    rm xray-ui-linux-$(arch).tar.gz -f
+    cd xray-ui
+    # Check the system's architecture and rename the file accordingly
+    if [[ $(arch) == "armv5" || $(arch) == "armv6" || $(arch) == "armv7" ]]; then
+        mv bin/xray-linux-$(arch) bin/xray-linux-arm
+        chmod +x bin/xray-linux-arm
+    fi   
+    chmod +x xray-ui bin/xray-linux-$(arch)
+    cp -f xray-ui.service /etc/systemd/system/
+    wget --no-check-certificate -O /usr/bin/xray-ui https://raw.githubusercontent.com/qist/xray-ui/main/xray-ui.sh
+    chmod +x /usr/bin/xray-ui
+    systemctl daemon-reload
+    systemctl enable xray-ui
+    systemctl start xray-ui
+    sleep 2
+    cat >/root/xrayuil.sh <<-\EOF
+#!/bin/bash
+xui=`ps -aux |grep "xray-ui" |grep -v "grep" |wc -l`
+xray=`ps -aux |grep "xray-linux" |grep -v "grep" |wc -l`
+sleep 1
+if [ $xui = 0 ];then
+xray-ui restart
+fi
+if [ $xray = 0 ];then
+xray-ui restart
+fi
+EOF
+    chmod +x /root/xrayuil.sh
+    sed -i '/xrayuil.sh/d' /etc/crontab
+    echo "*/1 * * * * root bash /root/xrayuil.sh >/dev/null 2>&1" >>/etc/crontab
+    sed -i '/xray-ui restart/d' /etc/crontab
+    echo "0 1 1 * *  root xray-ui restart >/dev/null 2>&1" >>/etc/crontab
+    sleep 1
+    echo -e ""
+    blue "以下设置内容建议自定义，以防止账号密码路径及端口泄露"
+    echo -e ""
+    readp "设置xray-ui登录用户名（回车跳过为随机6位字符）：" username
+    if [[ -z ${username} ]]; then
+        uauto=$(date +%s%N | md5sum | cut -c 1-6)
+        username=$uauto
+    fi
+    sleep 1
+    green "xray-ui登录用户名：${username}"
+    echo -e ""
+    readp "设置xray-ui登录密码（回车跳过为随机6位字符）：" password
+    if [[ -z ${password} ]]; then
+        pauto=$(date +%s%N | md5sum | cut -c 1-6)
+        password=$pauto
+    fi
+    green "xray-ui登录密码：${password}"
+    /usr/local/xray-ui/xray-ui setting -username ${username} -password ${password} >/dev/null 2>&1
+    sleep 1
+    echo -e ""
+    readp "设置xray-ui登录端口[1-65535]（回车跳过为2000-65535之间的随机端口）：" port
+    if [[ -z $port ]]; then
+        port=$(shuf -i 2000-65535 -n 1)
+        until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]]; do
+            [[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用，请重新输入端口" && readp "自定义xray-ui端口:" port
+        done
+    else
+        until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]]; do
+            [[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用，请重新输入端口" && readp "自定义xray-ui端口:" port
+        done
+    fi
+    /usr/local/xray-ui/xray-ui setting -port $port >/dev/null 2>&1
+    green "xray-ui登录端口：${port}"
+    sleep 1
+    echo -e ""
+    readp "设置xray-ui web 路径 （回车跳过为随机10位字符）：" path
+    if [[ -z ${path} ]]; then
+        path=$(generate_random_string 10)
+    fi
+    /usr/local/xray-ui/xray-ui setting -webBasePath $path >/dev/null 2>&1
+    green "xray-ui web 路径：${path}"
+    sleep 1
+    xray-ui restart
+    xuilogin() {
+        v4=$(curl -s4m8 http://ip.sb -k)
+        v6=$(curl -s6m8 http://ip.sb -k)
+        if [[ -z $v4 ]]; then
+            int="${green}请在浏览器地址栏复制${plain}  ${bblue}[$v6]:$ports/$path${plain}  ${green}进入xray-ui登录界面\n当前xray-ui登录用户名：${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码：${plain}${bblue}${password}${plain}"
+        elif [[ -n $v4 && -n $v6 ]]; then
+            int="${green}请在浏览器地址栏复制${plain}  ${bblue}$v4:$ports/$path${plain}  ${yellow}或者${plain}  ${bblue}[$v6]:$ports/$path${plain}  ${green}进入xray-ui登录界面\n当前xray-ui登录用户名：${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码：${plain}${bblue}${password}${plain}"
+        else
+            int="${green}请在浏览器地址栏复制${plain}  ${bblue}$v4:$ports/$path${plain}  ${green}进入xray-ui登录界面\n当前xray-ui登录用户名：${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码：${plain}${bblue}${password}${plain}"
+        fi
+    }
+ssh_forwarding() {
+    # 获取 IPv4 和 IPv6 地址
+    v4=$(curl -s4m8 http://ip.sb -k)
+    v6=$(curl -s6m8 http://ip.sb -k)
+
+    echo -e ""
+    read -p "设置 xray-ui ssh 转发端口 [1-65535]（回车跳过为 2000-65535 之间的随机端口）：" ssh_port
+
+    # 如果未输入端口，则随机生成一个2000-65535之间的端口
+    if [[ -z $ssh_port ]]; then
+        ssh_port=$(shuf -i 2000-65535 -n 1)
+    fi
+
+    # 检查端口是否被占用，直到找到未占用的端口
+    while [[ -n $(ss -ntlp | awk '{print $4}' | grep -w ":$ssh_port") ]]; do
+        echo -e "\n端口 $ssh_port 被占用，请重新输入端口"
+        read -p "自定义 xray-ui ssh 转发端口:" ssh_port
+        if [[ -z $ssh_port ]]; then
+            ssh_port=$(shuf -i 2000-65535 -n 1)
+        fi
+    done
+
+    # 检查 IP 并输出相应的 SSH 和浏览器访问信息
+    if [[ -z $v4 ]]; then
+        # echo -e "${green}请在 xray-ui 服务器系统输入${plain} ${bblue}ssh  -f -N -L [::]:$ssh_port:127.0.0.1:$ports root@127.0.0.1${plain} 输入 root 密码进行转发 不建议使用"
+        # echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}[$v6]:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
+        echo -e "${green}客户端转发 安全性高${plain} ${bblue}ssh  -f -N -L [::]:$ssh_port:127.0.0.1:$ports root@[$v6]${plain} 输入 root 密码进行转发"
+        echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}[::1]:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
+        echo -e "${green}当前 xray-ui 登录用户名：${plain}${bblue}${username}${plain}"
+        echo -e "${green}当前 xray-ui 登录密码：${plain}${bblue}${password}${plain}"
+        yellow "不使用ssh 转发请配置nginx https代理或者xray-ui 配置证书"
+    elif [[ -n $v4 && -n $v6 ]]; then
+        # echo -e "${green}请在  xray-ui 服务器系统输入${plain} ${bblue}ssh  -f -N -L 0.0.0.0:$ssh_port:127.0.0.1:$ports root@127.0.0.1${plain} ${yellow}或者 ${bblue}ssh  -f -N -L [::]:$ssh_port:127.0.0.1:$ports root@127.0.0.1${plain} 输入 root 密码进行转发 不建议使用"
+        # echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ssh_port/$path${plain} ${yellow}或者${plain} ${bblue}[$v6]:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
+        echo -e "${green}客户端转发 安全性高 ${plain} ${bblue}ssh  -f -N -L 0.0.0.0:$ssh_port:127.0.0.1:$ports root@$v4${plain} ${yellow}或者 ${bblue}ssh  -f -N -L [::]:$ssh_port:127.0.0.1:$ports root@[$v6]${plain} 输入 root 密码进行转发"
+        echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}127.0.0.1:$ssh_port/$path${plain} ${yellow}或者${plain} ${bblue}[::1]:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
+        echo -e "${green}当前 xray-ui 登录用户名：${plain}${bblue}${username}${plain}"
+        echo -e "${green}当前 xray-ui 登录密码：${plain}${bblue}${password}${plain}"
+        yellow "不使用ssh 转发请配置nginx https代理或者xray-ui 配置证书"
+    else
+        # echo -e "${green}请在  xray-ui 服务器系统输入${plain} ${bblue}ssh  -f -N -L 0.0.0.0:$ssh_port:127.0.0.1:$ports root@127.0.0.1${plain} 输入 root 密码进行转发 "
+        # echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
+        echo -e "${green}客户端转发 安全性高${plain} ${bblue}ssh  -f -N -L 0.0.0.0:$ssh_port:127.0.0.1:$ports root@$v4${plain} 输入 root 密码进行转发"
+        echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}127.0.0.1:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
+        echo -e "${green}当前 xray-ui 登录用户名：${plain}${bblue}${username}${plain}"
+        echo -e "${green}当前 xray-ui 登录密码：${plain}${bblue}${password}${plain}"
+        yellow "不使用ssh 转发请配置nginx https代理或者xray-ui 配置证书"
+    fi
+    }
+    ports=$(/usr/local/xray-ui/xray-ui 2>&1 | grep "tcp" | awk '{print $5}' | cut -d':' -f2)
+    if [[ -n $ports ]]; then
+        echo -e ""
+        yellow "xray-ui $remoteV 安装成功，请稍等3秒，检测IP环境，输出xray-ui登录信息……"
+        ssh_forwarding
+        yellow "下面是xray-ui tls mTLS 配置信息"
+        yellow "证书管理 xray-ui ssl_main  cf 证书申请 xray-ui ssl_CF"
+        yellow "TLS 配置 /usr/local/xray-ui/xray-ui cert -webCert /root/cert/你的域名/fullchain.pem -webCertKey /root/cert/你的域名/privkey.pem 重启 xray-ui restart 生效"
+        yellow "mTLS 配置 /usr/local/xray-ui/xray-ui cert -webCert /root/cert/你的域名/fullchain.pem -webCertKey /root/cert/你的域名/privkey.pem -webCa /root/cert/ca.cer 重启 xray-ui restart 生效"
+        yellow "访问：https://你的域名:$ports/$path"
+        yellow "mTLS windows 使用....."
+        yellow "生成windows客户端证书 client.p12..."
+        yellow "openssl pkcs12 -export -out client.p12 -inkey /root/cert/你的域名/privkey.pem -in  /root/cert/${domain}.cer -certfile /root/cert/ca.cer"
+        yellow "client.p12: windows客户端证书 记得设置密码 导入证书需要密码"
+        yellow "client.p12 文件导入windows系统 桌面双击打开->导入->下一步->将所有证书都放入下列存储->个人->完成 如果导入失败开始菜单搜证书 打开管理用户证书管理->个人->所有任务->导入->输入密码"
+    
+    else
+        red "xray-ui安装失败，请查看日志，运行 xray-ui log"
+    fi
+    sleep 1
+    echo -e ""
+    echo -e "$int"
+    echo -e ""
+    echo -e "xray-ui 管理脚本使用方法: "
+    echo -e "----------------------------------------------"
+    echo -e "xray-ui              - 显示管理菜单"
+    echo -e "xray-ui start        - 启动 xray-ui 面板"
+    echo -e "xray-ui stop         - 停止 xray-ui 面板"
+    echo -e "xray-ui restart      - 重启 xray-ui 面板"
+    echo -e "xray-ui status       - 查看 xray-ui 状态"
+    echo -e "xray-ui enable       - 设置 xray-ui 开机自启"
+    echo -e "xray-ui disable      - 取消 xray-ui 开机自启"
+    echo -e "xray-ui log          - 查看 xray-ui 日志"
+    echo -e "xray-ui v2-ui        - 迁移本机器的 v2-ui 账号数据至 xray-ui"
+    echo -e "xray-ui update       - 更新 xray-ui 面板"
+    echo -e "xray-ui geoip        - 更新 geoip ip库"
+    echo -e "xray-ui update_shell - 更新 xray-ui 脚本"
+    echo -e "xray-ui install      - 安装 xray-ui 面板"
+    echo -e "xray-ui x25519       - REALITY  key 生成"
+    echo -e "xray-ui ssl_main     - SSL 证书管理"
+    echo -e "xray-ui ssl_CF       - Cloudflare SSL 证书"
+    echo -e "xray-ui crontab      - 添加geoip到任务计划每天凌晨1.30执行"    
+    echo -e "xray-ui uninstall    - 卸载 xray-ui 面板"
+    echo -e "----------------------------------------------"
+    rm -f install.sh
+}
+
+echo -e "${green}开始安装xray-ui必要依赖${plain}"
+install_base
+echo -e "${green}开始安装xray-ui核心组件${plain}"
+install_xray-ui $1