mack-a
/
v2ray-agent
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(一键脚本): 完善tls证书更新

pull/534/merge
mack-a 2020-07-13 17:46:39 +08:00
parent 40d65411c3
commit 1d983f0faa
10 changed files with 80 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -47,14 +47,15 @@ bash <(curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/in
- 5.自动添加伪装博客。
- 6.添加了默认的CDN自选ip智能解析。
- 7.默认安装最新的V2Ray版本。
- 8.增加定时任务 自动续期tls【todo】
- 8.增加定时任务 自动续期tls
# 示例图
- 未安装
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/install/一键脚本未安装.png" width=400>
- 已安装
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/install/一键脚本已安装.png" width=400>
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/install/一键脚本已安装01.png" width=400>
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/install/一键脚本已安装02.png" width=400>
## 全自动生成TLS证书一键脚本[只生成TLS证书]
- 针对只需要生成TLS证书的用户

BIN
fodder/install/一键脚本已安装.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 395 KiB

BIN
fodder/install/一键脚本已安装01.png 100644
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 331 KiB

BIN
fodder/install/一键脚本已安装02.png 100644
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 228 KiB

BIN
fodder/install/一键脚本未安装.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 266 KiB

After

Width:  |  Height:  |  Size: 344 KiB

BIN
fodder/一键脚本手动模式.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 184 KiB

BIN
fodder/一键脚本示例图.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 91 KiB

BIN
fodder/一键脚本自动模式.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 181 KiB

102
install.sh
View File

@ -190,11 +190,22 @@ installNginx(){
installTLS(){
mkdir -p /etc/nginx/v2ray-agent-https/
touch /etc/nginx/v2ray-agent-https/config
mkdir -p /tmp/tls
if [[ -z `find /tmp -name "$1*"` ]]
then
echoContent yellow "安装TLS证书--->"
echoContent yellow " 安装acme--->"
curl -s https://get.acme.sh | sh > /dev/null
curl -s https://get.acme.sh | sh >> /tmp/tls/acme.log
if [[ -z `find ~/.acme.sh -name "acme.sh"` ]]
then
echoContent red " acme安装失败--->"
echoContent yellow "错误排查:"
echoContent red " 1.获取Github文件失败请等待GitHub恢复后尝试恢复进度可查看 [https://www.githubstatus.com/]"
echoContent red " 2.acme.sh脚本出现bug可查看[https://github.com/acmesh-official/acme.sh] issues"
echoContent red " 3.反馈给开发者[私聊https://t.me/mack_a] 或 [提issues]"
exit 0
fi
echoContent green " acme安装完毕--->"
echoContent yellow "生成TLS证书中请等待--->"
sudo ~/.acme.sh/acme.sh --issue -d $1 --standalone -k ec-256 >/dev/null
@ -210,7 +221,7 @@ installTLS(){
fi
echoContent green " TLS生成成功--->"
echo $1 `date +%s` > /etc/nginx/v2ray-agent-https/config
mkdir -p /tmp/tls
cp -R /etc/nginx/v2ray-agent-https/config /tmp/tls/config
cp -R /etc/nginx/v2ray-agent-https/$1.crt /tmp/tls/$1.crt
cp -R /etc/nginx/v2ray-agent-https/$1.key /tmp/tls/$1.key
@ -252,50 +263,69 @@ installTLS(){
fi
echoContent green " Nginx启动成功TLS配置成功--->\n"
# 增加定时任务定时维护证书
# reInstallTLS $1
reInstallTLS $1
installV2Ray $1 ${customPath}
}
# 重新安装&更新tls证书
reInstallTLS(){
# echoContent yellow "添加定时维护证书"
echoContent yellow "添加定时维护证书,请等待--->"
touch /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo '' > /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
# echo '' > /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
# echo '' > /etc/nginx/v2ray-agent-https/backup_crontab.cron
touch /etc/nginx/v2ray-agent-https/backup_crontab.cron
# 定时任务
echo "40 0 * * * bash /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh" > /etc/nginx/v2ray-agent-https/backup_crontab.cron
mkdir -p /tmp/tls
touch /tmp/tls/tls.log
if [[ -z `crontab -l|grep -v grep|grep 'reloadInstallTLS'` ]]
then
echoContent yellow " 未添加定时更新tls证书添加中请等待--->"
crontab -l >> /etc/nginx/v2ray-agent-https/backup_crontab.cron
# 定时任务
echo "30 1 * * * /bin/bash /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh" >> /etc/nginx/v2ray-agent-https/backup_crontab.cron
crontab /etc/nginx/v2ray-agent-https/backup_crontab.cron
fi
# 备份
crontab -l > /etc/nginx/v2ray-agent-https/backup_crontab.cron
domain=$1
echo "#!/usr/bin/env bash" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "domain=\"${domain}\"" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "domain=${domain}" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "eccPath=\`find ~/.acme.sh -name \"\${domain}_ecc\"|head -1\`" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "if [[ ! -z \${eccPath} ]]" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "then" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "mkdir -p /tmp/tls" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "touch /tmp/tls/tls.log" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "touch /tmp/tls/acme.log" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "if [[ ! -z \${eccPath} ]]" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "then" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "modifyTime=\`stat \${eccPath}/\${domain}.key|sed -n '6,6p'|awk '{print \$2\" \"\$3\" \"\$4\" \"\$5}'\`" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "modifyTime=\`date +%s -d \"\${modifyTime}\"\`" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "currentTime=\`date +%s\`" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "stampDiff=\`expr \${currentTime} - \${modifyTime}\`" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "minutes=\`expr \${stampDiff} / 60\`" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "status=\"正常\"" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "reloadTime=\"暂无\"" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "if [[ ! -z \${modifyTime} ]] && [[ ! -z \${currentTime} ]] && [[ ! -z \${stampDiff} ]] && [[ ! -z \${minutes} ]] && [[ \${minutes} -lt '120' ]]" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "then" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "nginx -s stop" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "~/.acme.sh/acme.sh --installcert -d \${domain} --fullchainpath /etc/nginx/v2ray-agent-https/\${domain}.crt --keypath /etc/nginx/v2ray-agent-https/\${domain}.key --ecc >/dev/null" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "~/.acme.sh/acme.sh --installcert -d \${domain} --fullchainpath /etc/nginx/v2ray-agent-https/\${domain}.crt --keypath /etc/nginx/v2ray-agent-https/\${domain}.key --ecc >> /tmp/tls/acme.log" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "nginx" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "reloadTime=\`date -d @\${currentTime} +\"%F %H:%M:%S\"\`" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "fi" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "echo \"域名:\${domain}modifyTime:\"\`date -d @\${modifyTime} +\"%F %H:%M:%S\"\`,\"检查时间:\"\`date -d @\${currentTime} +\"%F %H:%M:%S\"\`,"上次生成证书的时:"\`expr \${minutes} / 1440\`\"天前\",\"证书状态:\"\${status},\"重新生成日期:\"\${reloadTime} >> /tmp/tls/tls.log" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "else" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "echo '无法找到证书路径' >> /tmp/tls/tls.log" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
echo "fi" >> /etc/nginx/v2ray-agent-https/reloadInstallTLS.sh
# crontab /etc/nginx/v2ray-agent-https/backup_crontab.cron
# crontabResult=\`crontab -l\`
if [[ -z `crontab -l|grep -v grep|grep 'reloadInstallTLS'` ]]
if [[ ! -z `crontab -l|grep -v grep|grep 'reloadInstallTLS'` ]]
then
echo
# echoContent green "添加定时维护证书"
echoContent green " 添加定时维护证书成功"
else
echo
# echoContent red "添加定时维护证书失败"
crontab -l >> /etc/nginx/v2ray-agent-https/backup_crontab.cron
# 定时任务
crontab /etc/nginx/v2ray-agent-https/backup_crontab.cron
echoContent green " 检测到已添加定时任务,继续使用"
fi
}
# V2Ray
installV2Ray(){
@ -303,7 +333,7 @@ installV2Ray(){
then
if [[ -z `find /usr/bin/ -name "v2ray*"` ]]
then
echoContent yellow "安装V2Ray--->"
echoContent yellow "\n安装V2Ray--->"
version=`curl -s https://github.com/v2ray/v2ray-core/releases|grep /v2ray/v2ray-core/releases/tag/|head -1|awk -F "[/]" '{print $6}'|awk -F "[>]" '{print $2}'|awk -F "[<]" '{print $1}'`
echoContent green " v2ray-core版本:${version}"
mkdir -p /tmp/v2ray
@ -316,7 +346,7 @@ installV2Ray(){
fi
echoContent green " V2Ray安装成功--->"
else
echoContent yellow "检测到V2Ray安装程序使用--->\n"
echoContent yellow "\n检测到V2Ray安装程序使用--->\n"
mkdir -p /usr/bin/v2ray/
cp /tmp/v2ray/v2ray /usr/bin/v2ray/ && cp /tmp/v2ray/v2ctl /usr/bin/v2ray/
fi
@ -347,7 +377,7 @@ installV2Ray(){
echo "https://$1/${nginxPath}"
if [[ ! -z `curl -s -L https://$1/${nginxPath}|grep -v grep|grep "Bad Request"` ]]
then
echoContent green " 安装完毕,服务可用--->\n"
echoContent green " 服务可用--->\n"
else
echoContent red " 服务不可用请检查Cloudflare->域名->SSL/TLS->Overview->Your SSL/TLS encryption mode is 是否是Full--->"
@ -520,6 +550,7 @@ init(){
v2rayStatus=1
echoContent yellow " version${v2rayVersion}"
echoContent yellow " 安装路径:/usr/bin/v2ray/"
echoContent yellow " 配置文件:/etc/v2ray/config.json"
echoContent yellow " 日志路径:"
echoContent yellow " access: /tmp/v2ray/v2ray_access_ws_tls.log"
echoContent yellow " error: /tmp/v2ray/v2ray_error_ws_tls.log"
@ -539,16 +570,33 @@ init(){
dayDiff=`expr ${stampDiff} / 86400`
echoContent yellow " 证书域名:${domain}"
echoContent yellow " 安装日期:`date -d @${tlsCreateTime} +"%F %H:%M:%S"`,剩余天数:`expr 90 - ${dayDiff}`"
echoContent yellow " 证书路径:"
echoContent yellow " /etc/nginx/v2ray-agent-https/${domain}.key"
echoContent yellow " /etc/nginx/v2ray-agent-https/${domain}.crt"
else
echoContent yellow " 暂未安装"
fi
echoContent green "\n定时任务相关文件路径"
if [[ ! -z `find /etc/nginx/v2ray-agent-https/ -name backup_crontab.cron` ]]
then
echoContent yellow " 定时更新tls脚本路径/etc/nginx/v2ray-agent-https/reloadInstallTLS.sh"
echoContent yellow " 定时任务文件路径:/etc/nginx/v2ray-agent-https/backup_crontab.cron"
echoContent yellow " 定时任务日志路径:/tmp/tls/tls.log"
echoContent yellow " acme.sh日志路径/tmp/tls/acme.log"
else
echoContent yellow " 暂未安装"
fi
echoContent red "=============================================================="
echoContent red "注意事项:"
echoContent green " 1.脚本会检查并安装工具包"
echoContent green " 2.如果使用此脚本生成过TLS证书、V2Ray会继续使用上次生成、安装的内容。"
echoContent green " 3.会删除、卸载已经安装的应用包括V2Ray、Nginx。"
echoContent green " 4.如果显示Nginx不可用请检查防火墙端口是否开放。"
echoContent green " 5.证书会在每天的0点31分检查更新"
echoContent green " 5.证书会在每天的1点30分检查更新"
echoContent green " 6.重启机器后日志、缓存文件会被删除不影响正常使用【tls更新日志、缓存|V2Ray执行文件、日志】"
echoContent red "=============================================================="
echoContent red "错误处理【这里请仔细阅读】"
echoContent yellow "Debian"
@ -558,12 +606,12 @@ init(){
installSelect=0
if [[ ${tlsStatus} = "1" ]] && [[ ${v2rayStatus} = "1" ]]
then
echoContent red "检测到已使用本脚本安装"
echoContent green "检测到已使用本脚本安装"
echoContent yellow " 1.重新安装【使用缓存的文件TLS证书、V2Ray】"
echoContent yellow " 2.完全重装【会清理tmp缓存文件TLS证书、V2Ray】"
else
echoContent red "未监测到使用本脚本安装"
echoContent yellow " 1.安装"
echoContent green "未监测到使用本脚本安装"
echoContent yellow " 1.安装【未安装】"
echoContent yellow " 2.完全安装【会清理tmp缓存文件TLS证书、V2Ray】"
fi

5
test.sh
View File

@ -1,7 +1,6 @@
#!/usr/bin/env bash
domain="test1.am1z.xyz"
domain="test3.am1z.xyz"
eccPath=`find ~/.acme.sh -name "${domain}_ecc"|head -1`
echo ${eccPath}
mkdir -p /tmp/tls
touch /tmp/tls/tls.log
touch /tmp/tls/acme.log
@ -21,7 +20,7 @@ then
nginx
reloadTime=`date -d @${currentTime} +"%F %H:%M:%S"`
fi
echo "域名:${domain}modifyTime:"`date -d @${modifyTime} +"%F %H:%M:%S"`,"定时任务执行时间:"`date -d @${currentTime} +"%F %H:%M:%S"`,"上次生成证书的时:"`expr ${minutes} / 1440`"天前","证书状态:"${status},"重新生成日期:"${reloadTime} >> /tmp/tls/tls.log
echo "域名:${domain}modifyTime:"`date -d @${modifyTime} +"%F %H:%M:%S"`,"检查时间:"`date -d @${currentTime} +"%F %H:%M:%S"`,"上次生成证书的时:"`expr ${minutes} / 1440`"天前","证书状态:"${status},"重新生成日期:"${reloadTime} >> /tmp/tls/tls.log
else
echo '无法找到证书路径' >> /tmp/tls/tls.log
fi