diff --git a/v2ray_installer.sh b/v2ray_installer.sh index d96417e..38d851d 100644 --- a/v2ray_installer.sh +++ b/v2ray_installer.sh @@ -224,18 +224,25 @@ EOF # 配置Nginx echo -e "${BLUE}配置Nginx...${PLAIN}" - # 删除默认配置 - rm -f /etc/nginx/sites-enabled/default - - # 创建网站目录 - mkdir -p /var/www/${domain}/html - - # 设置目录权限 - chown -R $USER:$USER /var/www/${domain}/html - chmod -R 755 /var/www/${domain} - - # 创建示例页面 - cat > /var/www/${domain}/html/index.html << EOF + # 检查Nginx配置目录结构 + if [ -d /etc/nginx/sites-available ]; then + # Debian/Ubuntu风格的配置 + echo -e "${BLUE}检测到Debian/Ubuntu风格的Nginx配置${PLAIN}" + + # 删除默认配置 + if [ -f /etc/nginx/sites-enabled/default ]; then + rm -f /etc/nginx/sites-enabled/default + fi + + # 创建网站目录 + mkdir -p /var/www/${domain}/html + + # 设置目录权限 + chown -R $USER:$USER /var/www/${domain}/html + chmod -R 755 /var/www/${domain} + + # 创建示例页面 + cat > /var/www/${domain}/html/index.html << EOF Welcome @@ -246,9 +253,9 @@ EOF EOF - - # 创建Nginx配置文件 - cat > /etc/nginx/sites-available/${domain} << EOF + + # 创建Nginx配置文件 + cat > /etc/nginx/sites-available/${domain} << EOF server { listen 80; listen [::]:80; @@ -296,12 +303,89 @@ server { } } EOF + + # 创建符号链接启用配置 + ln -s /etc/nginx/sites-available/${domain} /etc/nginx/sites-enabled/ + + else + # CentOS/其他风格的配置 + echo -e "${BLUE}检测到CentOS/其他风格的Nginx配置${PLAIN}" + + # 创建网站目录 + mkdir -p /var/www/${domain}/html + + # 设置目录权限 + chown -R $USER:$USER /var/www/${domain}/html + chmod -R 755 /var/www/${domain} + + # 创建示例页面 + cat > /var/www/${domain}/html/index.html << EOF + + + Welcome + + +

Success! Your Nginx server is successfully configured.

+

This is a sample page.

+ + +EOF + + # 创建Nginx配置文件 + cat > /etc/nginx/conf.d/${domain}.conf << EOF +server { + listen 80; + listen [::]:80; + server_name ${domain} www.${domain}; + return 301 https://\$host\$request_uri; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/ssl/cert.pem; + ssl_certificate_key /etc/ssl/key.pem; + ssl_session_timeout 1d; + ssl_session_cache shared:MozSSL:10m; + ssl_session_tickets off; - # 创建符号链接启用配置 - ln -s /etc/nginx/sites-available/${domain} /etc/nginx/sites-enabled/ + # intermediate configuration + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + # HSTS (ngx_http_headers_module is required) (63072000 seconds) + add_header Strict-Transport-Security "max-age=63072000" always; + + server_name ${domain} www.${domain}; + root /var/www/${domain}/html; + index index.html index.htm index.nginx-debian.html; + + location / { + try_files \$uri \$uri/ =404; + } + + location /ray { + if (\$http_upgrade != "websocket") { + return 404; + } + proxy_redirect off; + proxy_pass http://127.0.0.1:10000; + proxy_http_version 1.1; + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host \$host; + proxy_set_header X-Real-IP \$remote_addr; + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; + } +} +EOF + fi # 调整nginx.conf - sed -i 's/#server_names_hash_bucket_size 64;/server_names_hash_bucket_size 64;/g' /etc/nginx/nginx.conf + if grep -q "server_names_hash_bucket_size" /etc/nginx/nginx.conf; then + sed -i 's/#server_names_hash_bucket_size 64;/server_names_hash_bucket_size 64;/g' /etc/nginx/nginx.conf + fi # 提示用户配置TLS证书 echo -e "${YELLOW}请注意:${PLAIN}"