diff --git a/v2ray_install_script.sh b/v2ray_install_script.sh new file mode 100644 index 0000000..66f29e5 --- /dev/null +++ b/v2ray_install_script.sh @@ -0,0 +1,708 @@ +#!/bin/bash + +# V2Ray 完整安装和自启动配置脚本 +# 解决系统重启后服务失效的问题 + +# 颜色定义 +RED="\033[31m" +GREEN="\033[32m" +YELLOW="\033[33m" +BLUE="\033[36m" +PLAIN="\033[0m" + +# 检查是否为root用户 +if [[ $EUID -ne 0 ]]; then + echo -e "${RED}错误: 请使用root用户运行此脚本${PLAIN}" + exit 1 +fi + +# 系统检测 +if [ -f /etc/redhat-release ]; then + OS="centos" +elif [ -f /etc/debian_version ]; then + OS="debian" +elif [ -f /etc/lsb-release ]; then + OS="ubuntu" +else + echo -e "${RED}不支持的操作系统!${PLAIN}" + exit 1 +fi + +# 生成随机字符串 +generate_random_string() { + cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-16} | head -n 1 +} + +# 生成UUID +generate_uuid() { + uuid=$(cat /proc/sys/kernel/random/uuid) + echo "$uuid" +} + +# 显示菜单 +show_menu() { + echo -e " + ${GREEN}V2Ray 完整安装和自启动配置脚本${PLAIN} + ———————————————————————————————— + ${GREEN}1.${PLAIN} 完整安装 V2Ray (包含自启动配置) + ${GREEN}2.${PLAIN} 仅配置自启动 (已安装V2Ray) + ${GREEN}3.${PLAIN} 修复服务配置 + ${GREEN}4.${PLAIN} 查看服务状态 + ${GREEN}5.${PLAIN} 退出 + ———————————————————————————————— + " + echo && read -p "请输入选择 [1-5]: " num + case "${num}" in + 1) complete_install ;; + 2) configure_autostart ;; + 3) fix_service_config ;; + 4) check_service_status ;; + 5) exit 0 ;; + *) echo -e "${RED}请输入正确的数字 [1-5]${PLAIN}" && exit 1 ;; + esac +} + +# 安装依赖 +install_dependencies() { + echo -e "${BLUE}正在安装依赖...${PLAIN}" + if [ "$OS" == "centos" ]; then + yum update -y + yum install -y epel-release + yum install -y wget curl unzip vim openssl socat + else + apt update -y + apt install -y wget curl unzip vim openssl socat + fi +} + +# 时间校准 +time_sync() { + echo -e "${BLUE}正在同步系统时间...${PLAIN}" + if [ "$OS" == "centos" ]; then + yum install -y chrony + systemctl enable chronyd + systemctl start chronyd + chronyc sourcestats -v + chronyc tracking -v + else + apt install -y ntp + systemctl enable ntp + systemctl start ntp + fi + timedatectl set-ntp true + ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime +} + +# 安装V2Ray +install_v2ray() { + echo -e "${BLUE}正在安装V2Ray...${PLAIN}" + + # 下载V2Ray安装脚本 + wget -O install-release.sh https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh + wget -O install-dat-release.sh https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-dat-release.sh + + # 安装V2Ray主程序 + echo -e "${BLUE}安装V2Ray主程序...${PLAIN}" + bash install-release.sh + + # 安装最新发行的geoip.dat和geosite.dat + echo -e "${BLUE}安装最新发行的geoip.dat和geosite.dat...${PLAIN}" + bash install-dat-release.sh + + # 清理安装文件 + rm -f install-release.sh install-dat-release.sh +} + +# 创建V2Ray服务文件 +create_v2ray_service() { + echo -e "${BLUE}创建V2Ray服务文件...${PLAIN}" + + # 创建systemd服务文件 + cat > /etc/systemd/system/v2ray.service << EOF +[Unit] +Description=V2Ray Service +Documentation=https://www.v2fly.org/ +After=network.target nss-lookup.target + +[Service] +Type=simple +User=root +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE +NoNewPrivileges=yes +ExecStart=/usr/local/bin/v2ray run -config /usr/local/etc/v2ray/config.json +Restart=on-failure +RestartSec=10s +LimitNOFILE=infinity + +[Install] +WantedBy=multi-user.target +EOF + + # 设置服务文件权限 + chmod 644 /etc/systemd/system/v2ray.service + + echo -e "${GREEN}V2Ray服务文件创建成功!${PLAIN}" +} + +# 配置V2Ray +configure_v2ray() { + local domain=$1 + local uuid=$2 + + echo -e "${BLUE}配置V2Ray...${PLAIN}" + + # 创建配置目录 + mkdir -p /usr/local/etc/v2ray + + # 生成V2Ray配置文件 + cat > /usr/local/etc/v2ray/config.json << EOF +{ + "log":{ + "loglevel":"warning" + }, + "routing":{ + "domainStrategy":"AsIs", + "rules":[ + { + "type":"field", + "ip":[ + "geoip:private" + ], + "outboundTag":"block" + } + ] + }, + "inbounds":[ + { + "listen":"127.0.0.1", + "port":10000, + "protocol":"vmess", + "settings":{ + "clients":[ + { + "id":"${uuid}", + "alterId":0 + } + ] + }, + "streamSettings":{ + "network":"ws", + "wsSettings":{ + "path":"/ray" + } + } + } + ], + "outbounds":[ + { + "protocol":"freedom", + "tag":"direct" + }, + { + "protocol":"blackhole", + "tag":"block" + } + ] +} +EOF + + # 设置配置文件权限 + chmod 644 /usr/local/etc/v2ray/config.json + + echo -e "${GREEN}V2Ray配置完成!${PLAIN}" +} + +# 安装和配置Nginx +install_nginx() { + local domain=$1 + + echo -e "${BLUE}安装Nginx...${PLAIN}" + if [ "$OS" == "centos" ]; then + yum install -y nginx + else + apt install -y nginx + fi + + # 配置Nginx + echo -e "${BLUE}配置Nginx...${PLAIN}" + + # 创建网站目录 + mkdir -p /var/www/${domain}/html + + # 设置目录权限 + chown -R nginx:nginx /var/www/${domain}/html + chmod -R 755 /var/www/${domain} + + # 创建示例页面 + cat > /var/www/${domain}/html/index.html << EOF + + + Welcome + + +

Success! Your Nginx server is successfully configured.

+

This is a sample page.

+ + +EOF + + + # 创建Nginx配置文件 + cat > /etc/nginx/sites-enabled/${domain}.conf << EOF +server { + listen 80; + listen [::]:80; + server_name ${domain} www.${domain}; + return 301 https://\$host\$request_uri; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/ssl/cert.pem; + ssl_certificate_key /etc/ssl/key.pem; + ssl_session_timeout 1d; + ssl_session_cache shared:MozSSL:10m; + ssl_session_tickets off; + + # intermediate configuration + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + # HSTS (ngx_http_headers_module is required) (63072000 seconds) + add_header Strict-Transport-Security "max-age=63072000" always; + + server_name ${domain} www.${domain}; + root /var/www/${domain}/html; + index index.html index.htm index.nginx-debian.html; + + # 增加错误页面,防止直接访问产生错误 + error_page 404 /404.html; + + # 增加WebSocket超时设置 + proxy_connect_timeout 60s; + proxy_read_timeout 60s; + proxy_send_timeout 60s; + + location / { + try_files \$uri \$uri/ =404; + } + + location /ray { + if (\$http_upgrade != "websocket") { + return 404; + } + proxy_redirect off; + proxy_pass http://127.0.0.1:10000; + proxy_http_version 1.1; + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host \$host; + proxy_set_header X-Real-IP \$remote_addr; + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; + + # 增加WebSocket专用配置 + proxy_read_timeout 300s; + proxy_send_timeout 300s; + proxy_buffer_size 64k; + proxy_buffers 4 64k; + proxy_busy_buffers_size 64k; + } +} +EOF + + # 创建404错误页面 + cat > /var/www/${domain}/html/404.html << EOF + + + + 404 Not Found + + + +

404 Not Found

+

The page you are looking for does not exist.

+ + +EOF + + # 调整nginx.conf + if grep -q "server_names_hash_bucket_size" /etc/nginx/nginx.conf; then + sed -i 's/#server_names_hash_bucket_size 64;/server_names_hash_bucket_size 64;/g' /etc/nginx/nginx.conf + fi + + # 测试Nginx配置文件语法 + echo -e "${BLUE}测试Nginx配置文件语法...${PLAIN}" + if nginx -t; then + echo -e "${GREEN}Nginx配置文件语法正确!${PLAIN}" + else + echo -e "${RED}Nginx配置文件语法错误,请检查配置!${PLAIN}" + return 1 + fi + + echo -e "${GREEN}Nginx配置完成!${PLAIN}" +} + +# 下载SSL证书 +download_ssl_certificates() { + echo -e "${BLUE}正在下载SSL证书...${PLAIN}" + + # 创建SSL目录 + mkdir -p /etc/ssl + + # 下载证书和私钥文件 + curl -s -o /etc/ssl/cert.pem https://img.cdn.18g.me/cloudflare/1.pem + curl -s -o /etc/ssl/key.pem https://img.cdn.18g.me/cloudflare/1.key + + if [ ! -f /etc/ssl/cert.pem ] || [ ! -f /etc/ssl/key.pem ]; then + echo -e "${RED}证书或私钥下载失败,请检查网络连接或手动配置证书和私钥${PLAIN}" + exit 1 + fi + + # 设置证书和私钥的权限 + chmod 644 /etc/ssl/cert.pem + chmod 600 /etc/ssl/key.pem + + echo -e "${GREEN}SSL证书下载成功!${PLAIN}" +} + +# 启用BBR加速 +enable_bbr() { + echo -e "${BLUE}正在启用BBR加速...${PLAIN}" + echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf + sysctl -p + echo -e "${GREEN}BBR加速已启用${PLAIN}" +} + +# 配置防火墙 +configure_firewall() { + echo -e "${BLUE}配置防火墙...${PLAIN}" + if [ "$OS" == "centos" ]; then + systemctl enable firewalld + systemctl start firewalld + firewall-cmd --permanent --add-service=http + firewall-cmd --permanent --add-service=https + firewall-cmd --permanent --add-port=10000/tcp + firewall-cmd --reload + else + ufw allow 80/tcp + ufw allow 443/tcp + ufw allow 10000/tcp + ufw --force enable + fi + echo -e "${GREEN}防火墙配置完成!${PLAIN}" +} + +# 启动和启用服务 +start_services() { + echo -e "${BLUE}启动和启用服务...${PLAIN}" + + # 重新加载systemd配置 + systemctl daemon-reload + + # 启用并启动V2Ray服务 + systemctl enable v2ray + systemctl restart v2ray + + # 启用并重启Nginx服务 + systemctl enable nginx + echo -e "${BLUE}重启Nginx服务以应用新配置...${PLAIN}" + systemctl restart nginx + + # 等待服务启动 + echo -e "${BLUE}等待服务启动...${PLAIN}" + sleep 3 + + # 检查服务状态 + local v2ray_status=$(systemctl is-active v2ray) + local nginx_status=$(systemctl is-active nginx) + + echo -e "${BLUE}服务状态检查:${PLAIN}" + echo -e "V2Ray状态: ${v2ray_status}" + echo -e "Nginx状态: ${nginx_status}" + + if [ "$v2ray_status" = "active" ] && [ "$nginx_status" = "active" ]; then + echo -e "${GREEN}所有服务已成功启动!${PLAIN}" + return 0 + else + echo -e "${RED}服务启动失败!${PLAIN}" + if [ "$v2ray_status" != "active" ]; then + echo -e "${RED}V2Ray服务状态异常,请检查配置和日志${PLAIN}" + echo -e "${YELLOW}可以运行以下命令查看详细错误信息:${PLAIN}" + echo -e "journalctl -u v2ray -f" + fi + if [ "$nginx_status" != "active" ]; then + echo -e "${RED}Nginx服务状态异常,请检查配置和日志${PLAIN}" + echo -e "${YELLOW}可以运行以下命令查看详细错误信息:${PLAIN}" + echo -e "journalctl -u nginx -f" + echo -e "nginx -t" + fi + return 1 + fi +} + +# 显示客户端配置信息 +show_client_info() { + local domain=$1 + local uuid=$2 + + echo -e "\n${GREEN}=== V2Ray 客户端配置信息 ===${PLAIN}" + echo -e "${BLUE}服务器地址:${PLAIN} ${domain}" + echo -e "${BLUE}端口:${PLAIN} 443" + echo -e "${BLUE}协议:${PLAIN} vmess" + echo -e "${BLUE}UUID:${PLAIN} ${uuid}" + echo -e "${BLUE}传输协议:${PLAIN} websocket" + echo -e "${BLUE}路径:${PLAIN} /ray" + echo -e "${BLUE}TLS:${PLAIN} 启用" + echo -e "${GREEN}================================${PLAIN}\n" + + # 生成客户端配置文件 + cat > v2ray_client_config.json << EOF +{ + "inbounds": [ + { + "port": 1080, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "vmess", + "settings": { + "vnext": [ + { + "address": "${domain}", + "port": 443, + "users": [ + { + "id": "${uuid}", + "alterId": 0, + "security": "auto" + } + ] + } + ] + }, + "streamSettings": { + "network": "ws", + "security": "tls", + "wsSettings": { + "path": "/ray" + }, + "tlsSettings": { + "allowInsecure": false + } + } + } + ] +} +EOF + echo -e "${GREEN}客户端配置已保存到 v2ray_client_config.json${PLAIN}" +} + +# 完整安装流程 +complete_install() { + echo -e "${BLUE}开始完整安装V2Ray...${PLAIN}" + + # 获取域名 + read -p "请输入您的域名: " domain + if [ -z "$domain" ]; then + echo -e "${RED}域名不能为空!${PLAIN}" + return 1 + fi + + # 生成UUID + uuid=$(generate_uuid) + + # 安装依赖 + install_dependencies + + # 时间校准 + time_sync + + # 安装V2Ray + install_v2ray + + # 创建V2Ray服务文件 + create_v2ray_service + + # 配置V2Ray + configure_v2ray "${domain}" "${uuid}" + + # 安装和配置Nginx + if ! install_nginx "${domain}"; then + echo -e "${RED}Nginx配置失败,请检查配置文件${PLAIN}" + return 1 + fi + + # 下载SSL证书 + download_ssl_certificates + + # 配置防火墙 + configure_firewall + + # 启用BBR加速 + enable_bbr + + # 启动和启用服务(包含nginx重启) + if start_services; then + # 显示客户端配置信息 + show_client_info "${domain}" "${uuid}" + + echo -e "${GREEN}安装完成!V2Ray已配置为开机自启动。${PLAIN}" + echo -e "${GREEN}系统重启后服务将自动启动。${PLAIN}" + echo -e "${GREEN}Nginx已重启并应用新配置。${PLAIN}" + else + echo -e "${RED}安装过程中出现错误,请检查日志。${PLAIN}" + return 1 + fi +} + +# 仅配置自启动 +configure_autostart() { + echo -e "${BLUE}配置V2Ray开机自启动...${PLAIN}" + + # 检查V2Ray服务是否存在 + if ! systemctl list-unit-files | grep -q "v2ray.service"; then + echo -e "${RED}错误: V2Ray服务未安装或未正确配置${PLAIN}" + echo -e "${YELLOW}请先运行完整安装选项${PLAIN}" + return 1 + fi + + # 创建V2Ray服务文件(如果不存在) + if [ ! -f /etc/systemd/system/v2ray.service ]; then + create_v2ray_service + fi + + # 启用V2Ray服务开机自启动 + echo -e "${BLUE}启用V2Ray服务开机自启动...${PLAIN}" + systemctl daemon-reload + systemctl enable v2ray + + # 检查Nginx服务是否存在并启用 + if systemctl list-unit-files | grep -q "nginx.service"; then + echo -e "${BLUE}启用Nginx服务开机自启动...${PLAIN}" + systemctl enable nginx + fi + + # 检查服务状态 + echo -e "${BLUE}检查服务状态...${PLAIN}" + + # 检查V2Ray自启动状态 + local v2ray_enabled=$(systemctl is-enabled v2ray 2>/dev/null) + if [ "$v2ray_enabled" = "enabled" ]; then + echo -e "${GREEN}✓ V2Ray已设置为开机自启动${PLAIN}" + else + echo -e "${RED}✗ V2Ray开机自启动设置失败${PLAIN}" + return 1 + fi + + # 检查Nginx自启动状态 + if systemctl list-unit-files | grep -q "nginx.service"; then + local nginx_enabled=$(systemctl is-enabled nginx 2>/dev/null) + if [ "$nginx_enabled" = "enabled" ]; then + echo -e "${GREEN}✓ Nginx已设置为开机自启动${PLAIN}" + else + echo -e "${YELLOW}! Nginx开机自启动未设置${PLAIN}" + fi + fi + + echo -e "\n${GREEN}配置完成!系统重启后V2Ray将自动启动。${PLAIN}" +} + +# 修复服务配置 +fix_service_config() { + echo -e "${BLUE}修复V2Ray服务配置...${PLAIN}" + + # 检查V2Ray是否已安装 + if [ ! -f /usr/local/bin/v2ray ]; then + echo -e "${RED}错误: V2Ray未安装,请先运行完整安装${PLAIN}" + return 1 + fi + + # 创建V2Ray服务文件 + create_v2ray_service + + # 重新加载systemd配置 + systemctl daemon-reload + + # 启用服务 + systemctl enable v2ray + + # 重启服务 + systemctl restart v2ray + + # 如果nginx存在,也重启nginx + if systemctl list-unit-files | grep -q "nginx.service"; then + echo -e "${BLUE}同时重启Nginx服务...${PLAIN}" + systemctl restart nginx + fi + + # 检查服务状态 + local v2ray_status=$(systemctl is-active v2ray) + if [ "$v2ray_status" = "active" ]; then + echo -e "${GREEN}V2Ray服务修复成功!${PLAIN}" + echo -e "${GREEN}服务已设置为开机自启动。${PLAIN}" + else + echo -e "${RED}V2Ray服务修复失败!${PLAIN}" + echo -e "${YELLOW}请检查配置文件和服务日志。${PLAIN}" + return 1 + fi +} + +# 检查服务状态 +check_service_status() { + echo -e "${BLUE}检查V2Ray服务状态...${PLAIN}" + + # 检查V2Ray服务状态 + if systemctl list-unit-files | grep -q "v2ray.service"; then + echo -e "${BLUE}V2Ray服务状态:${PLAIN}" + echo -e " 运行状态: $(systemctl is-active v2ray)" + echo -e " 自启动状态: $(systemctl is-enabled v2ray)" + echo -e " 服务状态:" + systemctl status v2ray --no-pager | head -n 10 + else + echo -e "${RED}V2Ray服务未安装或未配置${PLAIN}" + fi + + echo -e "\n${BLUE}Nginx服务状态:${PLAIN}" + if systemctl list-unit-files | grep -q "nginx.service"; then + echo -e " 运行状态: $(systemctl is-active nginx)" + echo -e " 自启动状态: $(systemctl is-enabled nginx)" + echo -e " 服务状态:" + systemctl status nginx --no-pager | head -n 10 + else + echo -e "${RED}Nginx服务未安装或未配置${PLAIN}" + fi + + # 提供管理命令 + echo -e "\n${BLUE}服务管理命令:${PLAIN}" + echo -e "${GREEN}启动服务:${PLAIN} systemctl start v2ray nginx" + echo -e "${GREEN}停止服务:${PLAIN} systemctl stop v2ray nginx" + echo -e "${GREEN}重启服务:${PLAIN} systemctl restart v2ray nginx" + echo -e "${GREEN}查看状态:${PLAIN} systemctl status v2ray nginx" + echo -e "${GREEN}禁用自启:${PLAIN} systemctl disable v2ray nginx" +} + +# 主程序 +main() { + echo -e "${GREEN}欢迎使用V2Ray完整安装和自启动配置脚本${PLAIN}" + echo -e "${GREEN}此脚本将解决系统重启后服务失效的问题${PLAIN}" + echo + + show_menu +} + +# 运行主程序 +main \ No newline at end of file