From e3c5fe759da0fe67bfa24eaa7d64efc4509e68ee Mon Sep 17 00:00:00 2001 From: chunzhi Date: Thu, 27 Mar 2025 05:53:48 -0400 Subject: [PATCH] =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E6=96=87=E4=BB=B6=E8=87=B3?= =?UTF-8?q?=20/?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- v2ray_installer.sh | 487 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 487 insertions(+) create mode 100644 v2ray_installer.sh diff --git a/v2ray_installer.sh b/v2ray_installer.sh new file mode 100644 index 0000000..ab6359f --- /dev/null +++ b/v2ray_installer.sh @@ -0,0 +1,487 @@ +#!/bin/bash + +# V2Ray 一键安装脚本 +# 基于 https://ericclose.github.io/V2Ray-TLS-WebSocket-Nginx-with-Cloudflare.html + +# 颜色定义 +RED="\033[31m" +GREEN="\033[32m" +YELLOW="\033[33m" +BLUE="\033[36m" +PLAIN="\033[0m" + +# 检查是否为root用户 +if [[ $EUID -ne 0 ]]; then + echo -e "${RED}错误: 请使用root用户运行此脚本${PLAIN}" + exit 1 +fi + +# 系统检测 +if [ -f /etc/redhat-release ]; then + OS="centos" +elif [ -f /etc/debian_version ]; then + OS="debian" +elif [ -f /etc/lsb-release ]; then + OS="ubuntu" +else + echo -e "${RED}不支持的操作系统!${PLAIN}" + exit 1 +fi + +# 检查系统位数 +if [ $(getconf WORD_BIT) = '32' ] && [ $(getconf LONG_BIT) = '64' ]; then + MACHINE='x64' +else + MACHINE='x86' +fi + +# 生成随机字符串 +generate_random_string() { + cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-16} | head -n 1 +} + +# 生成UUID +generate_uuid() { + uuid=$(cat /proc/sys/kernel/random/uuid) + echo "$uuid" +} + +# 显示菜单 +show_menu() { + echo -e " + ${GREEN}V2Ray 一键安装脚本${PLAIN} + ———————————————————————————————— + ${GREEN}1.${PLAIN} 安装 V2Ray (WebSocket + TLS + Web + Cloudflare) + ${GREEN}2.${PLAIN} 更新 V2Ray + ${GREEN}3.${PLAIN} 卸载 V2Ray + ${GREEN}4.${PLAIN} 查看 V2Ray 配置 + ${GREEN}5.${PLAIN} 退出 + ———————————————————————————————— + " + echo && read -p "请输入选择 [1-5]: " num + case "${num}" in + 1) install_v2ray ;; + 2) update_v2ray ;; + 3) uninstall_v2ray ;; + 4) view_v2ray_config ;; + 5) exit 0 ;; + *) echo -e "${RED}请输入正确的数字 [1-5]${PLAIN}" && exit 1 ;; + esac +} + +# 安装依赖 +install_dependencies() { + echo -e "${BLUE}正在安装依赖...${PLAIN}" + if [ "$OS" == "centos" ]; then + yum update -y + yum install -y epel-release + yum install -y wget curl unzip vim openssl socat + else + apt update -y + apt install -y wget curl unzip vim openssl socat + fi +} + +# 时间校准 +time_sync() { + echo -e "${BLUE}正在同步系统时间...${PLAIN}" + if [ "$OS" == "centos" ]; then + yum install -y chrony + systemctl enable chronyd + systemctl start chronyd + chronyc sourcestats -v + chronyc tracking -v + else + apt install -y ntp + systemctl enable ntp + systemctl start ntp + fi + timedatectl set-ntp true + ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime + hwclock --systohc + echo -e "${GREEN}时间同步完成,当前时间:$(date -R)${PLAIN}" +} + +# 安装防火墙 +install_firewall() { + echo -e "${BLUE}正在配置防火墙...${PLAIN}" + if [ "$OS" == "centos" ]; then + systemctl enable firewalld + systemctl start firewalld + firewall-cmd --zone=public --add-port=22/tcp --permanent + firewall-cmd --zone=public --add-port=80/tcp --permanent + firewall-cmd --zone=public --add-port=443/tcp --permanent + firewall-cmd --reload + else + apt install -y ufw + ufw enable + ufw allow 'OpenSSH' + ufw allow 'Nginx Full' + fi +} + +# 安装V2Ray +install_v2ray() { + echo -e "${BLUE}开始安装V2Ray...${PLAIN}" + + # 获取用户输入的域名 + echo -e "${YELLOW}请输入您的域名 (例如: example.com)${PLAIN}" + read -p "域名: " domain + + if [ -z "$domain" ]; then + echo -e "${RED}错误: 域名不能为空${PLAIN}" + exit 1 + fi + + # 安装依赖 + install_dependencies + + # 时间校准 + time_sync + + # 安装防火墙 + install_firewall + + # 下载V2Ray安装脚本 + echo -e "${BLUE}下载V2Ray安装脚本...${PLAIN}" + curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh + curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-dat-release.sh + + # 安装V2Ray主程序 + echo -e "${BLUE}安装V2Ray主程序...${PLAIN}" + bash install-release.sh + + # 安装最新发行的geoip.dat和geosite.dat + echo -e "${BLUE}安装最新发行的geoip.dat和geosite.dat...${PLAIN}" + bash install-dat-release.sh + + # 生成UUID + uuid=$(generate_uuid) + + # 配置V2Ray + echo -e "${BLUE}配置V2Ray...${PLAIN}" + cat > /usr/local/etc/v2ray/config.json << EOF +{ + "log":{ + "loglevel":"warning" + }, + "routing":{ + "domainStrategy":"AsIs", + "rules":[ + { + "type":"field", + "ip":[ + "geoip:private" + ], + "outboundTag":"block" + } + ] + }, + "inbounds":[ + { + "listen":"127.0.0.1", + "port":10000, + "protocol":"vmess", + "settings":{ + "clients":[ + { + "id":"${uuid}", + "alterId":0 + } + ] + }, + "streamSettings":{ + "network":"ws", + "wsSettings":{ + "path":"/ray" + } + } + } + ], + "outbounds":[ + { + "protocol":"freedom", + "tag":"direct" + }, + { + "protocol":"blackhole", + "tag":"block" + } + ] +} +EOF + + # 安装Nginx + echo -e "${BLUE}安装Nginx...${PLAIN}" + if [ "$OS" == "centos" ]; then + yum install -y nginx + systemctl enable nginx + else + apt install -y nginx + systemctl enable nginx + fi + + # 配置Nginx + echo -e "${BLUE}配置Nginx...${PLAIN}" + + # 删除默认配置 + rm -f /etc/nginx/sites-enabled/default + + # 创建网站目录 + mkdir -p /var/www/${domain}/html + + # 设置目录权限 + chown -R $USER:$USER /var/www/${domain}/html + chmod -R 755 /var/www/${domain} + + # 创建示例页面 + cat > /var/www/${domain}/html/index.html << EOF + + + Welcome + + +

Success! Your Nginx server is successfully configured.

+

This is a sample page.

+ + +EOF + + # 创建Nginx配置文件 + cat > /etc/nginx/sites-available/${domain} << EOF +server { + listen 80 default_server; + listen [::]:80 default_server; + server_name ${domain} www.${domain}; + return 301 https://\$host\$request_uri; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/ssl/cert.pem; + ssl_certificate_key /etc/ssl/key.pem; + ssl_session_timeout 1d; + ssl_session_cache shared:MozSSL:10m; + ssl_session_tickets off; + + # intermediate configuration + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + + # HSTS (ngx_http_headers_module is required) (63072000 seconds) + add_header Strict-Transport-Security "max-age=63072000" always; + + server_name ${domain} www.${domain}; + root /var/www/${domain}/html; + index index.html index.htm index.nginx-debian.html; + + location / { + try_files \$uri \$uri/ =404; + } + + location /ray { + if (\$http_upgrade != "websocket") { + return 404; + } + proxy_redirect off; + proxy_pass http://127.0.0.1:10000; + proxy_http_version 1.1; + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host \$host; + proxy_set_header X-Real-IP \$remote_addr; + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; + } +} +EOF + + # 创建符号链接启用配置 + ln -s /etc/nginx/sites-available/${domain} /etc/nginx/sites-enabled/ + + # 调整nginx.conf + sed -i 's/#server_names_hash_bucket_size 64;/server_names_hash_bucket_size 64;/g' /etc/nginx/nginx.conf + + # 提示用户配置TLS证书 + echo -e "${YELLOW}请注意:${PLAIN}" + echo -e "${YELLOW}1. 您需要在Cloudflare上配置您的域名${PLAIN}" + echo -e "${YELLOW}2. 在Cloudflare的SSL/TLS -> Origin Server中创建证书${PLAIN}" + echo -e "${YELLOW}3. 将证书内容保存到服务器的/etc/ssl/cert.pem${PLAIN}" + echo -e "${YELLOW}4. 将私钥内容保存到服务器的/etc/ssl/key.pem${PLAIN}" + echo -e "${YELLOW}5. 将SSL/TLS加密模式设置为Full (strict)${PLAIN}" + echo -e "${YELLOW}准备好后按回车继续...${PLAIN}" + read -p "" + + # 创建证书和私钥文件 + echo -e "${BLUE}请粘贴您的证书内容(按Ctrl+D结束输入):${PLAIN}" + cat > /etc/ssl/cert.pem + + echo -e "${BLUE}请粘贴您的私钥内容(按Ctrl+D结束输入):${PLAIN}" + cat > /etc/ssl/key.pem + + # 设置证书和私钥的权限 + chmod 644 /etc/ssl/cert.pem + chmod 600 /etc/ssl/key.pem + + # 启动服务 + echo -e "${BLUE}启动V2Ray和Nginx服务...${PLAIN}" + systemctl enable v2ray nginx --now + + # 检查服务状态 + v2ray_status=$(systemctl is-active v2ray) + nginx_status=$(systemctl is-active nginx) + + if [ "$v2ray_status" = "active" ] && [ "$nginx_status" = "active" ]; then + echo -e "${GREEN}V2Ray和Nginx服务已成功启动!${PLAIN}" + + # 显示配置信息 + echo -e "${GREEN}V2Ray配置信息:${PLAIN}" + echo -e "${YELLOW}地址: ${domain}${PLAIN}" + echo -e "${YELLOW}端口: 443${PLAIN}" + echo -e "${YELLOW}用户ID(UUID): ${uuid}${PLAIN}" + echo -e "${YELLOW}额外ID(alterId): 0${PLAIN}" + echo -e "${YELLOW}加密方式: auto${PLAIN}" + echo -e "${YELLOW}传输协议: ws${PLAIN}" + echo -e "${YELLOW}路径: /ray${PLAIN}" + echo -e "${YELLOW}TLS: 开启${PLAIN}" + + # 生成客户端配置 + cat > v2ray_client_config.json << EOF +{ + "inbounds": [ + { + "port": 1080, + "listen": "127.0.0.1", + "protocol": "socks", + "settings": { + "udp": true + } + } + ], + "outbounds": [ + { + "protocol": "vmess", + "settings": { + "vnext": [ + { + "address": "${domain}", + "port": 443, + "users": [ + { + "id": "${uuid}", + "alterId": 0 + } + ] + } + ] + }, + "streamSettings": { + "network": "ws", + "security": "tls", + "wsSettings": { + "path": "/ray" + } + } + } + ] +} +EOF + echo -e "${GREEN}客户端配置已保存到 v2ray_client_config.json${PLAIN}" + + # 启用BBR加速 + echo -e "${BLUE}正在启用BBR加速...${PLAIN}" + echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf + echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf + sysctl -p + + echo -e "${GREEN}BBR加速已启用${PLAIN}" + echo -e "${GREEN}安装完成!${PLAIN}" + else + echo -e "${RED}安装失败,请检查错误信息${PLAIN}" + if [ "$v2ray_status" != "active" ]; then + echo -e "${RED}V2Ray服务未能成功启动${PLAIN}" + systemctl status v2ray + fi + if [ "$nginx_status" != "active" ]; then + echo -e "${RED}Nginx服务未能成功启动${PLAIN}" + systemctl status nginx + fi + fi +} + +# 更新V2Ray +update_v2ray() { + echo -e "${BLUE}正在更新V2Ray...${PLAIN}" + bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh) + systemctl restart v2ray + echo -e "${GREEN}V2Ray已更新至最新版本${PLAIN}" +} + +# 卸载V2Ray +uninstall_v2ray() { + echo -e "${YELLOW}确定要卸载V2Ray吗?(y/n)${PLAIN}" + read -p "" answer + if [ "$answer" != "y" ]; then + return + fi + + echo -e "${BLUE}正在卸载V2Ray...${PLAIN}" + systemctl stop v2ray + systemctl disable v2ray + + # 卸载V2Ray + bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh) --remove + + # 删除配置文件 + rm -rf /usr/local/etc/v2ray + + echo -e "${GREEN}V2Ray已卸载${PLAIN}" + + echo -e "${YELLOW}是否要卸载Nginx?(y/n)${PLAIN}" + read -p "" answer + if [ "$answer" = "y" ]; then + echo -e "${BLUE}正在卸载Nginx...${PLAIN}" + systemctl stop nginx + systemctl disable nginx + + if [ "$OS" == "centos" ]; then + yum remove -y nginx + else + apt remove -y nginx + fi + + rm -rf /etc/nginx/sites-available + rm -rf /etc/nginx/sites-enabled + rm -rf /var/www + + echo -e "${GREEN}Nginx已卸载${PLAIN}" + fi +} + +# 查看V2Ray配置 +view_v2ray_config() { + echo -e "${BLUE}V2Ray配置信息:${PLAIN}" + cat /usr/local/etc/v2ray/config.json + + echo -e "\n${BLUE}Nginx配置信息:${PLAIN}" + ls -l /etc/nginx/sites-enabled/ + + echo -e "\n${BLUE}V2Ray运行状态:${PLAIN}" + systemctl status v2ray + + echo -e "\n${BLUE}Nginx运行状态:${PLAIN}" + systemctl status nginx +} + +# 主程序 +main() { + clear + echo -e "${GREEN}V2Ray一键安装脚本${PLAIN}" + echo -e "${GREEN}支持:${PLAIN}${YELLOW}Debian / Ubuntu / CentOS${PLAIN}" + echo -e "${GREEN}网站:${PLAIN}${YELLOW}https://ericclose.github.io/V2Ray-TLS-WebSocket-Nginx-with-Cloudflare.html${PLAIN}" + echo -e "—————————————————————————————————————" + show_menu +} + +main