369 lines
18 KiB
Bash
369 lines
18 KiB
Bash
#!/bin/bash
|
||
curl -sS -H "Accept: application/vnd.github.v3+json" -o "/tmp/tmp_file" 'https://api.github.com/repos/qist/xray-ui/releases/latest'
|
||
releases_version=($(sed 'y/,/\n/' "/tmp/tmp_file" | grep 'tag_name' | awk -F '"' '{print $4}'))
|
||
rm /tmp/tmp_file -f
|
||
red='\033[0;31m'
|
||
green='\033[0;32m'
|
||
yellow='\033[0;33m'
|
||
bblue='\033[0;34m'
|
||
plain='\033[0m'
|
||
|
||
red() { echo -e "\033[31m\033[01m$1\033[0m"; }
|
||
green() { echo -e "\033[32m\033[01m$1\033[0m"; }
|
||
yellow() { echo -e "\033[33m\033[01m$1\033[0m"; }
|
||
blue() { echo -e "\033[36m\033[01m$1\033[0m"; }
|
||
white() { echo -e "\033[37m\033[01m$1\033[0m"; }
|
||
readp() { read -p "$(yellow "$1")" $2; }
|
||
remoteV=${releases_version}
|
||
clear
|
||
white "Github项目 :github.com/qist/xray-ui"
|
||
yellow "感谢xray-ui代码贡献者们(vaxilu)"
|
||
green "当前安装版本: $remoteV"
|
||
yellow "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
|
||
sleep 2
|
||
cur_dir=$(pwd)
|
||
|
||
# check root
|
||
[[ $EUID -ne 0 ]] && echo -e "${red}错误:${plain} 必须使用root用户运行此脚本!\n" && exit 1
|
||
|
||
# check os
|
||
|
||
if [[ -f /etc/redhat-release ]]; then
|
||
release="centos"
|
||
elif cat /etc/issue | grep -Eqi "debian"; then
|
||
release="debian"
|
||
elif cat /etc/issue | grep -Eqi "ubuntu"; then
|
||
release="ubuntu"
|
||
elif cat /etc/issue | grep -Eqi "centos|red hat|redhat"; then
|
||
release="centos"
|
||
elif cat /proc/version | grep -Eqi "debian"; then
|
||
release="debian"
|
||
elif cat /proc/version | grep -Eqi "ubuntu"; then
|
||
release="ubuntu"
|
||
elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then
|
||
release="centos"
|
||
elif cat /etc/system-release-cpe | grep -Eqi "amazon_linux"; then
|
||
release="amazon_linux"
|
||
else
|
||
echo -e "${red}未检测到系统版本,请联系脚本作者!${plain}\n" && exit 1
|
||
fi
|
||
|
||
arch() {
|
||
case "$(uname -m)" in
|
||
x86_64 | x64 | amd64) echo 'amd64' ;;
|
||
i*86 | x86) echo '386' ;;
|
||
armv8* | armv8 | arm64 | aarch64) echo 'arm64' ;;
|
||
armv7* | armv7 | arm) echo 'armv7' ;;
|
||
armv6* | armv6) echo 'armv6' ;;
|
||
armv5* | armv5) echo 'armv5' ;;
|
||
s390x) echo 's390x' ;;
|
||
*) echo -e "${green}Unsupported CPU architecture! ${plain}" && rm -f install.sh && exit 1 ;;
|
||
esac
|
||
}
|
||
|
||
echo "arch: $(arch)"
|
||
|
||
sys() {
|
||
[ -f /etc/os-release ] && grep -i pretty_name /etc/os-release | cut -d \" -f2 && return
|
||
[ -f /etc/lsb-release ] && grep -i description /etc/lsb-release | cut -d \" -f2 && return
|
||
[ -f /etc/redhat-release ] && awk '{print $0}' /etc/redhat-release && return
|
||
}
|
||
op=$(sys)
|
||
version=$(uname -r | awk -F "-" '{print $1}')
|
||
vi=$(systemd-detect-virt)
|
||
white "VPS操作系统: $(blue "$op") \c" && white " 内核版本: $(blue "$version") \c" && white " CPU架构 : $(blue "$arch") \c" && white " 虚拟化类型: $(blue "$vi")"
|
||
sleep 2
|
||
|
||
if [ $(getconf WORD_BIT) != '32' ] && [ $(getconf LONG_BIT) != '64' ]; then
|
||
echo "本软件不支持 32 位系统(x86),请使用 64 位系统(x86_64),如果检测有误,请联系作者"
|
||
exit -1
|
||
fi
|
||
|
||
os_version=""
|
||
|
||
# os version
|
||
if [[ -f /etc/os-release ]]; then
|
||
os_version=$(awk -F'[= ."]' '/VERSION_ID/{print $3}' /etc/os-release)
|
||
fi
|
||
if [[ -z "$os_version" && -f /etc/lsb-release ]]; then
|
||
os_version=$(awk -F'[= ."]+' '/DISTRIB_RELEASE/{print $2}' /etc/lsb-release)
|
||
fi
|
||
|
||
if [[ x"${release}" == x"centos" ]]; then
|
||
if [[ ${os_version} -le 6 ]]; then
|
||
echo -e "${red}请使用 CentOS 7 或更高版本的系统!${plain}\n" && exit 1
|
||
fi
|
||
elif [[ x"${release}" == x"ubuntu" ]]; then
|
||
if [[ ${os_version} -lt 16 ]]; then
|
||
echo -e "${red}请使用 Ubuntu 16 或更高版本的系统!${plain}\n" && exit 1
|
||
fi
|
||
elif [[ x"${release}" == x"debian" ]]; then
|
||
if [[ ${os_version} -lt 8 ]]; then
|
||
echo -e "${red}请使用 Debian 8 或更高版本的系统!${plain}\n" && exit 1
|
||
fi
|
||
elif [[ x"${release}" == x"amazon_linux" ]]; then
|
||
if [[ ${os_version} -lt 2 ]]; then
|
||
echo -e "${red}请使用 Amazon Linux 2 或更高版本的系统!${plain}\n" && exit 1
|
||
fi
|
||
fi
|
||
ports=$(/usr/local/xray-ui/xray-ui 2>&1 | grep tcp | awk '{print $5}' | sed "s/://g")
|
||
if [[ -n $ports ]]; then
|
||
green "经检测,xray-ui已安装"
|
||
echo
|
||
acp=$(/usr/local/xray-ui/xray-ui setting -show 2>/dev/null)
|
||
green "$acp"
|
||
echo
|
||
readp "是否直接重装xray-ui,请输入Y/y键并回车。如不重装,输入N/n键回车退出脚本):" ins
|
||
if [[ $ins = [Yy] ]]; then
|
||
systemctl stop xray-ui
|
||
systemctl disable xray-ui
|
||
rm /etc/systemd/system/xray-ui.service -f
|
||
systemctl daemon-reload
|
||
systemctl reset-failed
|
||
rm /etc/xray-ui/ -rf
|
||
rm /usr/local/xray-ui/ -rf
|
||
rm -rf /root/rayuil.sh /root/acme.sh
|
||
sed -i '/xrayuil.sh/d' /etc/crontab
|
||
sed -i '/xray-ui restart/d' /etc/crontab
|
||
else
|
||
exit 1
|
||
fi
|
||
fi
|
||
install_base() {
|
||
if [[ x"${release}" == x"centos" ]]; then
|
||
if [[ ${os_version} =~ 8 ]]; then
|
||
yum clean all && yum makecache
|
||
fi
|
||
yum install epel-release -y && yum install wget curl tar gzip lsof -y
|
||
|
||
setenforce 0 >/dev/null 2>&1
|
||
else
|
||
apt update && apt install wget curl tar lsof gzip -y
|
||
fi
|
||
}
|
||
generate_random_string() {
|
||
local n=$1
|
||
# 定义数字、大写字母和小写字母的集合
|
||
local characters='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
|
||
|
||
# 生成随机字符并限制在指定字符集中
|
||
# 从 /dev/urandom 生成随机字节,使用 tr 进行过滤
|
||
local random_string=$(cat /dev/urandom | tr -dc "$characters" | fold -w "$n" | head -n 1)
|
||
|
||
echo "$random_string"
|
||
}
|
||
|
||
install_xray-ui() {
|
||
systemctl stop xray-ui
|
||
cd /usr/local/
|
||
if [ $# == 0 ]; then
|
||
wget --no-check-certificate -O /usr/local/xray-ui-linux-$(arch).tar.gz https://github.com/qist/xray-ui/releases/download/${releases_version}/xray-ui-linux-$(arch).tar.gz
|
||
if [[ $? -ne 0 ]]; then
|
||
echo -e "${red}下载 xray-ui 失败,请确保你的服务器能够下载 Github 的文件${plain}"
|
||
rm -f install.sh
|
||
exit 1
|
||
fi
|
||
else
|
||
last_version=$1
|
||
url="https://github.com/qist/xray-ui/releases/download/${releases_version}/xray-ui-linux-$(arch).tar.gz"
|
||
echo -e "开始安装 xray-ui v$1"
|
||
wget --no-check-certificate -O /usr/local/xray-ui-linux-$(arch).tar.gz ${url}
|
||
if [[ $? -ne 0 ]]; then
|
||
echo -e "${red}下载 xray-ui v$1 失败,请确保此版本存在${plain}"
|
||
rm -f install.sh
|
||
exit 1
|
||
fi
|
||
fi
|
||
|
||
if [[ -e /usr/local/xray-ui/ ]]; then
|
||
rm /usr/local/xray-ui/ -rf
|
||
fi
|
||
|
||
tar -zxvf xray-ui-linux-$(arch).tar.gz
|
||
rm xray-ui-linux-$(arch).tar.gz -f
|
||
cd xray-ui
|
||
# Check the system's architecture and rename the file accordingly
|
||
if [[ $(arch) == "armv5" || $(arch) == "armv6" || $(arch) == "armv7" ]]; then
|
||
mv bin/xray-linux-$(arch) bin/xray-linux-arm
|
||
chmod +x bin/xray-linux-arm
|
||
fi
|
||
chmod +x xray-ui bin/xray-linux-$(arch)
|
||
cp -f xray-ui.service /etc/systemd/system/
|
||
wget --no-check-certificate -O /usr/bin/xray-ui https://raw.githubusercontent.com/qist/xray-ui/main/xray-ui.sh
|
||
chmod +x /usr/bin/xray-ui
|
||
systemctl daemon-reload
|
||
systemctl enable xray-ui
|
||
systemctl start xray-ui
|
||
sleep 2
|
||
cat >/root/xrayuil.sh <<-\EOF
|
||
#!/bin/bash
|
||
xui=`ps -aux |grep "xray-ui" |grep -v "grep" |wc -l`
|
||
xray=`ps -aux |grep "xray-linux" |grep -v "grep" |wc -l`
|
||
sleep 1
|
||
if [ $xui = 0 ];then
|
||
xray-ui restart
|
||
fi
|
||
if [ $xray = 0 ];then
|
||
xray-ui restart
|
||
fi
|
||
EOF
|
||
chmod +x /root/xrayuil.sh
|
||
sed -i '/xrayuil.sh/d' /etc/crontab
|
||
echo "*/1 * * * * root bash /root/xrayuil.sh >/dev/null 2>&1" >>/etc/crontab
|
||
sed -i '/xray-ui restart/d' /etc/crontab
|
||
echo "0 1 1 * * root xray-ui restart >/dev/null 2>&1" >>/etc/crontab
|
||
sleep 1
|
||
echo -e ""
|
||
blue "以下设置内容建议自定义,以防止账号密码路径及端口泄露"
|
||
echo -e ""
|
||
readp "设置xray-ui登录用户名(回车跳过为随机6位字符):" username
|
||
if [[ -z ${username} ]]; then
|
||
uauto=$(date +%s%N | md5sum | cut -c 1-6)
|
||
username=$uauto
|
||
fi
|
||
sleep 1
|
||
green "xray-ui登录用户名:${username}"
|
||
echo -e ""
|
||
readp "设置xray-ui登录密码(回车跳过为随机6位字符):" password
|
||
if [[ -z ${password} ]]; then
|
||
pauto=$(date +%s%N | md5sum | cut -c 1-6)
|
||
password=$pauto
|
||
fi
|
||
green "xray-ui登录密码:${password}"
|
||
/usr/local/xray-ui/xray-ui setting -username ${username} -password ${password} >/dev/null 2>&1
|
||
sleep 1
|
||
echo -e ""
|
||
readp "设置xray-ui登录端口[1-65535](回车跳过为2000-65535之间的随机端口):" port
|
||
if [[ -z $port ]]; then
|
||
port=$(shuf -i 2000-65535 -n 1)
|
||
until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]]; do
|
||
[[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用,请重新输入端口" && readp "自定义xray-ui端口:" port
|
||
done
|
||
else
|
||
until [[ -z $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]]; do
|
||
[[ -n $(ss -ntlp | awk '{print $4}' | grep -w "$port") ]] && yellow "\n端口被占用,请重新输入端口" && readp "自定义xray-ui端口:" port
|
||
done
|
||
fi
|
||
/usr/local/xray-ui/xray-ui setting -port $port >/dev/null 2>&1
|
||
green "xray-ui登录端口:${port}"
|
||
sleep 1
|
||
echo -e ""
|
||
readp "设置xray-ui web 路径 (回车跳过为随机10位字符):" path
|
||
if [[ -z ${path} ]]; then
|
||
path=$(generate_random_string 10)
|
||
fi
|
||
/usr/local/xray-ui/xray-ui setting -webBasePath $path >/dev/null 2>&1
|
||
green "xray-ui web 路径:${path}"
|
||
sleep 1
|
||
xray-ui restart
|
||
xuilogin() {
|
||
v4=$(curl -s4m8 http://ip.sb -k)
|
||
v6=$(curl -s6m8 http://ip.sb -k)
|
||
if [[ -z $v4 ]]; then
|
||
int="${green}请在浏览器地址栏复制${plain} ${bblue}[$v6]:$ports/$path${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}"
|
||
elif [[ -n $v4 && -n $v6 ]]; then
|
||
int="${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ports/$path${plain} ${yellow}或者${plain} ${bblue}[$v6]:$ports/$path${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}"
|
||
else
|
||
int="${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ports/$path${plain} ${green}进入xray-ui登录界面\n当前xray-ui登录用户名:${plain}${bblue}${username}${plain}${green} \n当前xray-ui登录密码:${plain}${bblue}${password}${plain}"
|
||
fi
|
||
}
|
||
ssh_forwarding() {
|
||
# 获取 IPv4 和 IPv6 地址
|
||
v4=$(curl -s4m8 http://ip.sb -k)
|
||
v6=$(curl -s6m8 http://ip.sb -k)
|
||
|
||
echo -e ""
|
||
read -p "设置 xray-ui ssh 转发端口 [1-65535](回车跳过为 2000-65535 之间的随机端口):" ssh_port
|
||
|
||
# 如果未输入端口,则随机生成一个2000-65535之间的端口
|
||
if [[ -z $ssh_port ]]; then
|
||
ssh_port=$(shuf -i 2000-65535 -n 1)
|
||
fi
|
||
|
||
# 检查端口是否被占用,直到找到未占用的端口
|
||
while [[ -n $(ss -ntlp | awk '{print $4}' | grep -w ":$ssh_port") ]]; do
|
||
echo -e "\n端口 $ssh_port 被占用,请重新输入端口"
|
||
read -p "自定义 xray-ui ssh 转发端口:" ssh_port
|
||
if [[ -z $ssh_port ]]; then
|
||
ssh_port=$(shuf -i 2000-65535 -n 1)
|
||
fi
|
||
done
|
||
|
||
# 检查 IP 并输出相应的 SSH 和浏览器访问信息
|
||
if [[ -z $v4 ]]; then
|
||
# echo -e "${green}请在 xray-ui 服务器系统输入${plain} ${bblue}ssh -f -N -L [::]:$ssh_port:127.0.0.1:$ports root@127.0.0.1${plain} 输入 root 密码进行转发 不建议使用"
|
||
# echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}[$v6]:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
|
||
echo -e "${green}客户端转发 安全性高${plain} ${bblue}ssh -f -N -L [::]:$ssh_port:127.0.0.1:$ports root@[$v6]${plain} 输入 root 密码进行转发"
|
||
echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}[::1]:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
|
||
echo -e "${green}当前 xray-ui 登录用户名:${plain}${bblue}${username}${plain}"
|
||
echo -e "${green}当前 xray-ui 登录密码:${plain}${bblue}${password}${plain}"
|
||
yellow "不使用ssh 转发请配置nginx https代理或者xray-ui 配置证书"
|
||
elif [[ -n $v4 && -n $v6 ]]; then
|
||
# echo -e "${green}请在 xray-ui 服务器系统输入${plain} ${bblue}ssh -f -N -L 0.0.0.0:$ssh_port:127.0.0.1:$ports root@127.0.0.1${plain} ${yellow}或者 ${bblue}ssh -f -N -L [::]:$ssh_port:127.0.0.1:$ports root@127.0.0.1${plain} 输入 root 密码进行转发 不建议使用"
|
||
# echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ssh_port/$path${plain} ${yellow}或者${plain} ${bblue}[$v6]:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
|
||
echo -e "${green}客户端转发 安全性高 ${plain} ${bblue}ssh -f -N -L 0.0.0.0:$ssh_port:127.0.0.1:$ports root@$v4${plain} ${yellow}或者 ${bblue}ssh -f -N -L [::]:$ssh_port:127.0.0.1:$ports root@[$v6]${plain} 输入 root 密码进行转发"
|
||
echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}127.0.0.1:$ssh_port/$path${plain} ${yellow}或者${plain} ${bblue}[::1]:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
|
||
echo -e "${green}当前 xray-ui 登录用户名:${plain}${bblue}${username}${plain}"
|
||
echo -e "${green}当前 xray-ui 登录密码:${plain}${bblue}${password}${plain}"
|
||
yellow "不使用ssh 转发请配置nginx https代理或者xray-ui 配置证书"
|
||
else
|
||
# echo -e "${green}请在 xray-ui 服务器系统输入${plain} ${bblue}ssh -f -N -L 0.0.0.0:$ssh_port:127.0.0.1:$ports root@127.0.0.1${plain} 输入 root 密码进行转发 "
|
||
# echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}$v4:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
|
||
echo -e "${green}客户端转发 安全性高${plain} ${bblue}ssh -f -N -L 0.0.0.0:$ssh_port:127.0.0.1:$ports root@$v4${plain} 输入 root 密码进行转发"
|
||
echo -e "${green}请在浏览器地址栏复制${plain} ${bblue}127.0.0.1:$ssh_port/$path${plain} ${green}进入 xray-ui 登录界面"
|
||
echo -e "${green}当前 xray-ui 登录用户名:${plain}${bblue}${username}${plain}"
|
||
echo -e "${green}当前 xray-ui 登录密码:${plain}${bblue}${password}${plain}"
|
||
yellow "不使用ssh 转发请配置nginx https代理或者xray-ui 配置证书"
|
||
fi
|
||
}
|
||
ports=$(/usr/local/xray-ui/xray-ui 2>&1 | grep "tcp" | awk '{print $5}' | cut -d':' -f2)
|
||
if [[ -n $ports ]]; then
|
||
echo -e ""
|
||
yellow "xray-ui $remoteV 安装成功,请稍等3秒,检测IP环境,输出xray-ui登录信息……"
|
||
ssh_forwarding
|
||
yellow "下面是xray-ui tls mTLS 配置信息"
|
||
yellow "证书管理 xray-ui ssl_main cf 证书申请 xray-ui ssl_CF"
|
||
yellow "TLS 配置 /usr/local/xray-ui/xray-ui cert -webCert /root/cert/你的域名/fullchain.pem -webCertKey /root/cert/你的域名/privkey.pem 重启 xray-ui restart 生效"
|
||
yellow "mTLS 配置 /usr/local/xray-ui/xray-ui cert -webCert /root/cert/你的域名/fullchain.pem -webCertKey /root/cert/你的域名/privkey.pem -webCa /root/cert/ca.cer 重启 xray-ui restart 生效"
|
||
yellow "访问:https://你的域名:$ports/$path"
|
||
yellow "mTLS windows 使用....."
|
||
yellow "生成windows客户端证书 client.p12..."
|
||
yellow "openssl pkcs12 -export -out client.p12 -inkey /root/cert/你的域名/privkey.pem -in /root/cert/${domain}.cer -certfile /root/cert/ca.cer"
|
||
yellow "client.p12: windows客户端证书 记得设置密码 导入证书需要密码"
|
||
yellow "client.p12 文件导入windows系统 桌面双击打开->导入->下一步->将所有证书都放入下列存储->个人->完成 如果导入失败开始菜单搜证书 打开管理用户证书管理->个人->所有任务->导入->输入密码"
|
||
|
||
else
|
||
red "xray-ui安装失败,请查看日志,运行 xray-ui log"
|
||
fi
|
||
sleep 1
|
||
echo -e ""
|
||
echo -e "$int"
|
||
echo -e ""
|
||
echo -e "xray-ui 管理脚本使用方法: "
|
||
echo -e "----------------------------------------------"
|
||
echo -e "xray-ui - 显示管理菜单"
|
||
echo -e "xray-ui start - 启动 xray-ui 面板"
|
||
echo -e "xray-ui stop - 停止 xray-ui 面板"
|
||
echo -e "xray-ui restart - 重启 xray-ui 面板"
|
||
echo -e "xray-ui status - 查看 xray-ui 状态"
|
||
echo -e "xray-ui enable - 设置 xray-ui 开机自启"
|
||
echo -e "xray-ui disable - 取消 xray-ui 开机自启"
|
||
echo -e "xray-ui log - 查看 xray-ui 日志"
|
||
echo -e "xray-ui v2-ui - 迁移本机器的 v2-ui 账号数据至 xray-ui"
|
||
echo -e "xray-ui update - 更新 xray-ui 面板"
|
||
echo -e "xray-ui geoip - 更新 geoip ip库"
|
||
echo -e "xray-ui update_shell - 更新 xray-ui 脚本"
|
||
echo -e "xray-ui install - 安装 xray-ui 面板"
|
||
echo -e "xray-ui x25519 - REALITY key 生成"
|
||
echo -e "xray-ui ssl_main - SSL 证书管理"
|
||
echo -e "xray-ui ssl_CF - Cloudflare SSL 证书"
|
||
echo -e "xray-ui crontab - 添加geoip到任务计划每天凌晨1.30执行"
|
||
echo -e "xray-ui uninstall - 卸载 xray-ui 面板"
|
||
echo -e "----------------------------------------------"
|
||
rm -f install.sh
|
||
}
|
||
|
||
echo -e "${green}开始安装xray-ui必要依赖${plain}"
|
||
install_base
|
||
echo -e "${green}开始安装xray-ui核心组件${plain}"
|
||
install_xray-ui $1 |