chunzhi/v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
v2/v2ray_installer.sh
chunzhi 0f29f6bf5f 上传文件至 /
2025-03-27 11:49:35 -04:00

700 lines
21 KiB
Bash
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# V2Ray 一键安装脚本
# 基于 https://ericclose.github.io/V2Ray-TLS-WebSocket-Nginx-with-Cloudflare.html
# 颜色定义
RED="\033[31m"
GREEN="\033[32m"
YELLOW="\033[33m"
BLUE="\033[36m"
PLAIN="\033[0m"
# 检查是否为root用户
if [[ $EUID -ne 0 ]]; then
echo -e "${RED}错误: 请使用root用户运行此脚本${PLAIN}"
exit 1
fi
# 系统检测
if [ -f /etc/redhat-release ]; then
OS="centos"
elif [ -f /etc/debian_version ]; then
OS="debian"
elif [ -f /etc/lsb-release ]; then
OS="ubuntu"
else
echo -e "${RED}不支持的操作系统!${PLAIN}"
exit 1
fi
# 检查系统位数
if [ $(getconf WORD_BIT) = '32' ] && [ $(getconf LONG_BIT) = '64' ]; then
MACHINE='x64'
else
MACHINE='x86'
fi
# 生成随机字符串
generate_random_string() {
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-16} | head -n 1
}
# 生成UUID
generate_uuid() {
uuid=$(cat /proc/sys/kernel/random/uuid)
echo "$uuid"
}
# 显示菜单
show_menu() {
echo -e "
${GREEN}V2Ray 一键安装脚本${PLAIN}
————————————————————————————————
${GREEN}1.${PLAIN} 安装 V2Ray (WebSocket + TLS + Web + Cloudflare)
${GREEN}2.${PLAIN} 更新 V2Ray
${GREEN}3.${PLAIN} 卸载 V2Ray
${GREEN}4.${PLAIN} 查看 V2Ray 配置
${GREEN}5.${PLAIN} 退出
————————————————————————————————
"
echo && read -p "请输入选择 [1-5]: " num
case "${num}" in
1) install_v2ray ;;
2) update_v2ray ;;
3) uninstall_v2ray ;;
4) view_v2ray_config ;;
5) exit 0 ;;
*) echo -e "${RED}请输入正确的数字 [1-5]${PLAIN}" && exit 1 ;;
esac
}
# 安装依赖
install_dependencies() {
echo -e "${BLUE}正在安装依赖...${PLAIN}"
if [ "$OS" == "centos" ]; then
yum update -y
yum install -y epel-release
yum install -y wget curl unzip vim openssl socat
else
apt update -y
apt install -y wget curl unzip vim openssl socat
fi
}
# 时间校准
time_sync() {
echo -e "${BLUE}正在同步系统时间...${PLAIN}"
if [ "$OS" == "centos" ]; then
yum install -y chrony
systemctl enable chronyd
systemctl start chronyd
chronyc sourcestats -v
chronyc tracking -v
else
apt install -y ntp
systemctl enable ntp
systemctl start ntp
fi
timedatectl set-ntp true
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
hwclock --systohc
echo -e "${GREEN}时间同步完成,当前时间:$(date -R)${PLAIN}"
}
# 安装防火墙
install_firewall() {
echo -e "${BLUE}正在配置防火墙...${PLAIN}"
if [ "$OS" == "centos" ]; then
systemctl enable firewalld
systemctl start firewalld
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --reload
else
apt install -y ufw
ufw enable
ufw allow 'OpenSSH'
ufw allow 'Nginx Full'
fi
}
# 安装V2Ray
install_v2ray() {
echo -e "${BLUE}开始安装V2Ray...${PLAIN}"
# 获取用户输入的域名
echo -e "${YELLOW}请输入您的域名 (例如: example.com)${PLAIN}"
read -p "域名: " domain
if [ -z "$domain" ]; then
echo -e "${RED}错误: 域名不能为空${PLAIN}"
exit 1
fi
# 安装依赖
install_dependencies
# 时间校准
time_sync
# 安装防火墙
install_firewall
# 下载V2Ray安装脚本
echo -e "${BLUE}下载V2Ray安装脚本...${PLAIN}"
curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh
curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-dat-release.sh
# 安装V2Ray主程序
echo -e "${BLUE}安装V2Ray主程序...${PLAIN}"
bash install-release.sh
# 安装最新发行的geoip.dat和geosite.dat
echo -e "${BLUE}安装最新发行的geoip.dat和geosite.dat...${PLAIN}"
bash install-dat-release.sh
# 生成UUID
uuid=$(generate_uuid)
# 配置V2Ray
echo -e "${BLUE}配置V2Ray...${PLAIN}"
cat > /usr/local/etc/v2ray/config.json << EOF
{
"log":{
"loglevel":"warning"
},
"routing":{
"domainStrategy":"AsIs",
"rules":[
{
"type":"field",
"ip":[
"geoip:private"
],
"outboundTag":"block"
}
]
},
"inbounds":[
{
"listen":"127.0.0.1",
"port":10000,
"protocol":"vmess",
"settings":{
"clients":[
{
"id":"${uuid}",
"alterId":0
}
]
},
"streamSettings":{
"network":"ws",
"wsSettings":{
"path":"/ray"
}
}
}
],
"outbounds":[
{
"protocol":"freedom",
"tag":"direct"
},
{
"protocol":"blackhole",
"tag":"block"
}
]
}
EOF
# 安装Nginx
echo -e "${BLUE}安装Nginx...${PLAIN}"
if [ "$OS" == "centos" ]; then
yum install -y nginx
systemctl enable nginx
else
apt install -y nginx
systemctl enable nginx
fi
# 配置Nginx
echo -e "${BLUE}配置Nginx...${PLAIN}"
# 创建网站目录
mkdir -p /var/www/${domain}/html
# 设置目录权限
chown -R $USER:$USER /var/www/${domain}/html
chmod -R 755 /var/www/${domain}
# 创建示例页面
cat > /var/www/${domain}/html/index.html << EOF
<html>
<head>
<title>Welcome</title>
</head>
<body>
<h1>Success! Your Nginx server is successfully configured. </h1>
<p>This is a sample page.</p>
</body>
</html>
EOF
# 创建Nginx配置目录如果不存在
mkdir -p /etc/nginx/conf.d
# 创建Nginx配置文件
cat > /etc/nginx/conf.d/${domain}.conf << EOF
server {
listen 80;
listen [::]:80;
server_name ${domain} www.${domain};
return 301 https://\$host\$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
server_name ${domain} www.${domain};
root /var/www/${domain}/html;
index index.html index.htm index.nginx-debian.html;
# 增加错误页面,防止直接访问产生错误
error_page 404 /404.html;
# 增加WebSocket超时设置
proxy_connect_timeout 60s;
proxy_read_timeout 60s;
proxy_send_timeout 60s;
location / {
try_files \$uri \$uri/ =404;
}
location /ray {
if (\$http_upgrade != "websocket") {
return 404;
}
proxy_redirect off;
proxy_pass http://127.0.0.1:10000;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
# 增加WebSocket专用配置
proxy_read_timeout 300s;
proxy_send_timeout 300s;
proxy_buffer_size 64k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 64k;
}
}
EOF
# 创建404错误页面
cat > /var/www/${domain}/html/404.html << EOF
<!DOCTYPE html>
<html>
<head>
<title>404 Not Found</title>
<style>
body { font-family: Arial, sans-serif; text-align: center; padding: 50px; }
h1 { font-size: 36px; color: #333; }
p { font-size: 18px; color: #666; }
</style>
</head>
<body>
<h1>404 Not Found</h1>
<p>The page you are looking for does not exist.</p>
</body>
</html>
EOF
# 调整nginx.conf
if grep -q "server_names_hash_bucket_size" /etc/nginx/nginx.conf; then
sed -i 's/#server_names_hash_bucket_size 64;/server_names_hash_bucket_size 64;/g' /etc/nginx/nginx.conf
fi
# 提示用户配置TLS证书
echo -e "${YELLOW}请注意:${PLAIN}"
echo -e "${YELLOW}1. 您需要在Cloudflare上配置您的域名${PLAIN}"
echo -e "${YELLOW}2. 在Cloudflare的SSL/TLS -> Origin Server中创建证书${PLAIN}"
echo -e "${YELLOW}3. 脚本将自动下载并配置证书和私钥${PLAIN}"
echo -e "${YELLOW}4. 将SSL/TLS加密模式设置为Full (strict)${PLAIN}"
echo -e "${YELLOW}准备好后按回车继续...${PLAIN}"
read -p ""
# 下载证书和私钥文件
echo -e "${BLUE}正在下载证书和私钥文件...${PLAIN}"
curl -s -o /etc/ssl/cert.pem https://img.cdn.18g.me/cloudflare/1.pem
curl -s -o /etc/ssl/key.pem https://img.cdn.18g.me/cloudflare/1.key
if [ ! -f /etc/ssl/cert.pem ] || [ ! -f /etc/ssl/key.pem ]; then
echo -e "${RED}证书或私钥下载失败,请检查网络连接或手动配置证书和私钥${PLAIN}"
exit 1
fi
echo -e "${GREEN}证书和私钥文件下载成功!${PLAIN}"
# 设置证书和私钥的权限
chmod 644 /etc/ssl/cert.pem
chmod 600 /etc/ssl/key.pem
# 启动服务
echo -e "${BLUE}启动V2Ray和Nginx服务...${PLAIN}"
systemctl daemon-reload
systemctl enable v2ray --now
systemctl enable nginx --now
# 等待服务启动
echo -e "${BLUE}等待服务启动...${PLAIN}"
sleep 2
# 检查服务状态
v2ray_status=$(systemctl is-active v2ray)
nginx_status=$(systemctl is-active nginx)
if [ "$v2ray_status" = "active" ] && [ "$nginx_status" = "active" ]; then
echo -e "${GREEN}V2Ray和Nginx服务已成功启动${PLAIN}"
# 显示客户端配置信息
show_client_info "${domain}" "${uuid}"
# 检查时间同步
check_time_sync
# 启用BBR加速
echo -e "${BLUE}正在启用BBR加速...${PLAIN}"
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p
echo -e "${GREEN}BBR加速已启用${PLAIN}"
# 生成客户端配置
cat > v2ray_client_config.json << EOF
{
"inbounds": [
{
"port": 1080,
"listen": "127.0.0.1",
"protocol": "socks",
"settings": {
"udp": true
}
}
],
"outbounds": [
{
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "${domain}",
"port": 443,
"users": [
{
"id": "${uuid}",
"alterId": 0,
"security": "auto"
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"wsSettings": {
"path": "/ray"
},
"tlsSettings": {
"allowInsecure": false
}
}
}
]
}
EOF
echo -e "${GREEN}客户端配置已保存到 v2ray_client_config.json${PLAIN}"
# 显示V2Ray状态并查看可能的错误
echo -e "${BLUE}查看V2Ray运行状态和最近日志...${PLAIN}"
systemctl status v2ray --no-pager
if [ -f /var/log/v2ray/error.log ]; then
echo -e "${BLUE}最近的错误日志:${PLAIN}"
tail -n 10 /var/log/v2ray/error.log
fi
# 提供故障排除指南
echo -e "${GREEN}如果您遇到连接问题,请检查:${PLAIN}"
echo -e "${YELLOW}1. 客户端和服务器的时间是否同步${PLAIN}"
echo -e "${YELLOW}2. 客户端的UUID是否正确配置${PLAIN}"
echo -e "${YELLOW}3. WebSocket路径是否为 /ray${PLAIN}"
echo -e "${YELLOW}4. 是否启用了TLS${PLAIN}"
echo -e "${YELLOW}5. 防火墙是否允许443端口通信${PLAIN}"
# WebSocket连接问题解决方案
echo -e "${BLUE}如果出现WebSocket连接关闭错误可尝试以下解决方案${PLAIN}"
echo -e "${YELLOW}1. 重启Nginx和V2Ray${PLAIN}"
echo -e "${YELLOW} systemctl restart nginx v2ray${PLAIN}"
echo -e "${YELLOW}2. 检查Nginx错误日志${PLAIN}"
echo -e "${YELLOW} tail -n 30 /var/log/nginx/error.log${PLAIN}"
echo -e "${YELLOW}3. 确认SSL证书有效${PLAIN}"
echo -e "${YELLOW} openssl x509 -text -in /etc/ssl/cert.pem${PLAIN}"
echo -e "${GREEN}安装完成!${PLAIN}"
else
echo -e "${RED}安装失败,请检查错误信息${PLAIN}"
if [ "$v2ray_status" != "active" ]; then
echo -e "${RED}V2Ray服务未能成功启动${PLAIN}"
systemctl status v2ray
fi
if [ "$nginx_status" != "active" ]; then
echo -e "${RED}Nginx服务未能成功启动${PLAIN}"
systemctl status nginx
fi
fi
}
# 显示客户端配置详情
show_client_info() {
local domain=$1
local uuid=$2
echo -e "${GREEN}V2Ray配置信息${PLAIN}"
echo -e "${YELLOW}-----------------------------${PLAIN}"
echo -e "${YELLOW}地址 (Address): ${domain}${PLAIN}"
echo -e "${YELLOW}端口 (Port): 443${PLAIN}"
echo -e "${YELLOW}用户ID (UUID): ${uuid}${PLAIN}"
echo -e "${YELLOW}额外ID (AlterId): 0${PLAIN}"
echo -e "${YELLOW}加密方式 (Security): auto${PLAIN}"
echo -e "${YELLOW}传输协议 (Network): ws${PLAIN}"
echo -e "${YELLOW}WebSocket路径 (Path): /ray${PLAIN}"
echo -e "${YELLOW}TLS: 开启${PLAIN}"
echo -e "${YELLOW}-----------------------------${PLAIN}"
# 生成VMess链接
generate_vmess_link "${domain}" "${uuid}"
echo -e "${GREEN}提示请确保客户端和服务器的时间误差在90秒内${PLAIN}"
echo -e "${GREEN} 如果无法连接可以尝试重启V2Ray服务${PLAIN}"
echo -e "${GREEN} systemctl restart v2ray${PLAIN}"
echo -e "${YELLOW}-----------------------------${PLAIN}"
}
# 生成VMess链接
generate_vmess_link() {
local domain=$1
local uuid=$2
local remark="v2ray_${domain}" # 备注名称
# 构建VMess配置JSON
local vmess_json="{\"v\":\"2\",\"ps\":\"${remark}\",\"add\":\"${domain}\",\"port\":\"443\",\"id\":\"${uuid}\",\"aid\":\"0\",\"net\":\"ws\",\"type\":\"none\",\"host\":\"${domain}\",\"path\":\"/ray\",\"tls\":\"tls\"}"
# Base64编码确保适用于URL
local vmess_link=""
if [ -x "$(command -v base64)" ]; then
# Linux标准base64命令
vmess_link=$(echo -n "${vmess_json}" | base64 -w 0)
else
# Fallback到简化版本不处理换行
vmess_link=$(echo -n "${vmess_json}" | base64)
fi
# 输出VMess链接
echo -e "${GREEN}VMess链接 (可直接导入V2Ray客户端)${PLAIN}"
echo -e "${BLUE}vmess://${vmess_link}${PLAIN}"
# 输出导入提示
echo -e "${GREEN}使用方法:${PLAIN}"
echo -e "${YELLOW}1. 复制上面的VMess链接${PLAIN}"
echo -e "${YELLOW}2. 在V2Ray客户端中选择\"从剪贴板导入\"${PLAIN}"
echo -e "${YELLOW}3. 或扫描下方二维码${PLAIN}"
# 如果有qrencode命令则生成二维码
if [ -x "$(command -v qrencode)" ]; then
qrencode -t ANSI "vmess://${vmess_link}"
else
echo -e "${YELLOW}提示安装qrencode可显示配置二维码${PLAIN}"
echo -e "${YELLOW} apt install qrencode 或 yum install qrencode${PLAIN}"
fi
}
# 检查时间同步状态
check_time_sync() {
echo -e "${BLUE}检查系统时间同步状态...${PLAIN}"
# 显示当前时间
current_time=$(date -R)
echo -e "${YELLOW}当前系统时间: ${current_time}${PLAIN}"
# 尝试同步时间的多种方法
echo -e "${BLUE}尝试同步系统时间...${PLAIN}"
# 方法1: 使用timedatectl如果可用
if command -v timedatectl &> /dev/null; then
timedatectl set-ntp true
if [ $? -ne 0 ]; then
echo -e "${YELLOW}timedatectl设置NTP失败尝试其他方法${PLAIN}"
else
echo -e "${GREEN}已通过timedatectl启用时间同步${PLAIN}"
return
fi
fi
# 方法2: 使用ntpd或chronyd如果已安装
if command -v ntpd &> /dev/null; then
if [ "$OS" == "centos" ]; then
systemctl restart ntpd
echo -e "${GREEN}已重启ntpd服务${PLAIN}"
else
systemctl restart ntp
echo -e "${GREEN}已重启ntp服务${PLAIN}"
fi
return
fi
if command -v chronyd &> /dev/null; then
systemctl restart chronyd
echo -e "${GREEN}已重启chronyd服务${PLAIN}"
return
fi
# 方法3: 手动使用ntpdate如果已安装
if command -v ntpdate &> /dev/null; then
echo -e "${BLUE}使用ntpdate手动同步时间...${PLAIN}"
ntpdate -u time.google.com || ntpdate -u time.windows.com || ntpdate -u pool.ntp.org
if [ $? -eq 0 ]; then
echo -e "${GREEN}时间同步成功${PLAIN}"
else
echo -e "${YELLOW}ntpdate同步失败${PLAIN}"
fi
return
fi
# 方法4: 使用rdate如果已安装
if command -v rdate &> /dev/null; then
echo -e "${BLUE}使用rdate同步时间...${PLAIN}"
rdate -s time-a.nist.gov || rdate -s time-b.nist.gov
if [ $? -eq 0 ]; then
echo -e "${GREEN}时间同步成功${PLAIN}"
else
echo -e "${YELLOW}rdate同步失败${PLAIN}"
fi
return
fi
# 如果以上方法都失败,尝试安装时间同步工具
echo -e "${YELLOW}未找到可用的时间同步工具,尝试安装...${PLAIN}"
if [ "$OS" == "centos" ]; then
yum install -y ntpdate
ntpdate -u pool.ntp.org
else
apt update
apt install -y ntpdate
ntpdate -u pool.ntp.org
fi
# 最后提示用户
echo -e "${YELLOW}重要提示: V2Ray要求服务器和客户端的时间差在90秒内${PLAIN}"
echo -e "${YELLOW}请确保您的系统时间是准确的${PLAIN}"
echo -e "${YELLOW}当前时间: $(date -R)${PLAIN}"
}
# 更新V2Ray
update_v2ray() {
echo -e "${BLUE}正在更新V2Ray...${PLAIN}"
bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)
systemctl restart v2ray
echo -e "${GREEN}V2Ray已更新至最新版本${PLAIN}"
}
# 卸载V2Ray
uninstall_v2ray() {
echo -e "${YELLOW}确定要卸载V2Ray吗(y/n)${PLAIN}"
read -p "" answer
if [ "$answer" != "y" ]; then
return
fi
echo -e "${BLUE}正在卸载V2Ray...${PLAIN}"
systemctl stop v2ray
systemctl disable v2ray
# 卸载V2Ray
bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh) --remove
# 删除配置文件
rm -rf /usr/local/etc/v2ray
echo -e "${GREEN}V2Ray已卸载${PLAIN}"
echo -e "${YELLOW}是否要卸载Nginx(y/n)${PLAIN}"
read -p "" answer
if [ "$answer" = "y" ]; then
echo -e "${BLUE}正在卸载Nginx...${PLAIN}"
systemctl stop nginx
systemctl disable nginx
if [ "$OS" == "centos" ]; then
yum remove -y nginx
else
apt remove -y nginx
fi
rm -rf /etc/nginx/conf.d
rm -rf /var/www
echo -e "${GREEN}Nginx已卸载${PLAIN}"
fi
}
# 查看V2Ray配置
view_v2ray_config() {
echo -e "${BLUE}V2Ray配置信息${PLAIN}"
cat /usr/local/etc/v2ray/config.json
echo -e "\n${BLUE}Nginx配置信息${PLAIN}"
ls -l /etc/nginx/conf.d/
echo -e "\n${BLUE}V2Ray运行状态${PLAIN}"
systemctl status v2ray
echo -e "\n${BLUE}Nginx运行状态${PLAIN}"
systemctl status nginx
}
# 主程序
main() {
clear
echo -e "${GREEN}V2Ray一键安装脚本${PLAIN}"
echo -e "${GREEN}支持:${PLAIN}${YELLOW}Debian / Ubuntu / CentOS${PLAIN}"
echo -e "${GREEN}网站:${PLAIN}${YELLOW}https://ericclose.github.io/V2Ray-TLS-WebSocket-Nginx-with-Cloudflare.html${PLAIN}"
echo -e "—————————————————————————————————————"
show_menu
}
main
Reference in New Issue View Git Blame Copy Permalink