mack-a
/
v2ray-agent
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
v2ray-agent/shell/install_en.sh

5548 lines
184 KiB
Bash
Raw Blame History

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

#!/usr/bin/env bash
# detection area
#----------------------------------------------------
# check system
export LANG=en_US.UTF-8
echoContent() {
case $1 in
# red
"red")
# shellcheck disable=SC2154
${echoType} "\033[31m${printN}$2 \033[0m"
;;
# sky blue
"skyBlue")
${echoType} "\033[1;36m${printN}$2 \033[0m"
;;
# green
"green")
${echoType} "\033[32m${printN}$2 \033[0m"
;;
# White
"white")
${echoType} "\033[37m${printN}$2 \033[0m"
;;
"magenta")
${echoType} "\033[31m${printN}$2 \033[0m"
;;
# yellow
"yellow")
${echoType} "\033[33m${printN}$2 \033[0m"
;;
esac
}
checkSystem() {
if [[ -n $(find /etc -name "redhat-release") ]] || grep </proc/version -q -i "centos"; then
mkdir -p /etc/yum.repos.d
if [[ -f "/etc/centos-release" ]]; then
centosVersion=$(rpm -q centos-release | awk -F "[-]" '{print $3}' | awk -F "[.]" '{print $1}')
if [[ -z "${centosVersion}" ]] && grep </etc/centos-release -q -i "release 8"; then
centosVersion=8
fi
fi
release="centos"
installType='yum -y install'
removeType='yum -y remove'
upgrade="yum update -y --skip-broken"
elif grep </etc/issue -q -i "debian" && [[ -f "/etc/issue" ]] || grep </etc/issue -q -i "debian" && [[ -f "/proc/version" ]]; then
release="debian"
installType='apt -y install'
upgrade="apt update"
updateReleaseInfoChange='apt-get --allow-releaseinfo-change update'
removeType='apt -y autoremove'
elif grep </etc/issue -q -i "ubuntu" && [[ -f "/etc/issue" ]] || grep </etc/issue -q -i "ubuntu" && [[ -f "/proc/version" ]]; then
release="ubuntu"
installType='apt -y install'
upgrade="apt update"
updateReleaseInfoChange='apt-get --allow-releaseinfo-change update'
removeType='apt -y autoremove'
if grep </etc/issue -q -i "16."; then
release=
fi
fi
if [[ -z ${release} ]]; then
echoContent red "\nThis script does not support this system, please feedback the log below to the developer\n"
echoContent yellow "$(cat /etc/issue)"
echoContent yellow "$(cat /proc/version)"
exit 0
fi
}
# Check CPU provider
checkCPUVendor() {
if [[ -n $(which uname) ]]; then
if [[ "$(uname)" == "Linux" ]]; then
case "$(uname -m)" in
'amd64' | 'x86_64')
xrayCoreCPUVendor="Xray-linux-64"
v2rayCoreCPUVendor="v2ray-linux-64"
hysteriaCoreCPUVendor="hysteria-linux-amd64"
;;
'armv8' | 'aarch64')
xrayCoreCPUVendor="Xray-linux-arm64-v8a"
v2rayCoreCPUVendor="v2ray-linux-arm64-v8a"
hysteriaCoreCPUVendor="hysteria-linux-arm64"
;;
*)
echo "This CPU architecture is not supported--->"
exit 1
;;
esac
fi
else
echoContent red "This CPU architecture cannot be recognized, default amd64, x86_64--->"
xrayCoreCPUVendor="Xray-linux-64"
v2rayCoreCPUVendor="v2ray-linux-64"
fi
}
# initialize global variables
initVar() {
installType='yum -y install'
removeType='yum -y remove'
upgrade="yum -y update"
echoType='echo -e'
# Core supported cpu version
xrayCoreCPUVendor=""
v2rayCoreCPUVendor=""
hysteriaCoreCPUVendor=""
# domain name
domain=
# address of the CDN node
add=
# The total progress of the installation
totalProgress=1
# 1.xray-core installation
# 2.v2ray-core installation
# 3.v2ray-core[xtls] installation
coreInstallType=
# core installation path
# coreInstallPath=
# v2ctl Path
ctlPath=
# 1.Install all
# 2.Personalized installation
# v2rayAgentInstallType=
# Current personalized installation method 01234
currentInstallProtocolType=
# The order of the current alpn
currentAlpn=
# prepended type
frontingType=
# Personalized installation method selected
selectCustomInstallType=
# Path to v2ray-core, xray-core configuration files
configPath=
# Path to hysteria configuration file
hysteriaConfigPath=
# The path to the configuration file
currentPath=
# config file host
currentHost=
# The core type selected during installation
selectCoreType=
# Default core version
v2rayCoreVersion=
# random path
customPath=
# centos version
centosVersion=
# UUID
currentUUID=
# previousClients
previousClients=
localIP=
# Integrated update certificate logic no longer uses a separate script --RenewTLS
renewTLS=$1
# The number of attempts after tls install failed
installTLSCount=
# BTPanel state
# BTPanelStatus=
# nginx configuration file path
nginxConfigPath=/etc/nginx/conf.d/
# Is it a preview version
prereleaseStatus=false
# ssl type
sslType=
# ssl mailbox
sslEmail=
# check the number of days
sslRenewalDays=90
# dns ssl status
dnsSSLStatus=
# dns tls domain
dnsTLSDomain=
# Whether the domain name installs a wildcard certificate through dns
installDNSACMEStatus=
# custom port
customPort=
# hysteria port
hysteriaPort=
# hysteria protocol
hysteriaProtocol=
# hysteria delay
hysteriaLag=
# hysteria downlink speed
hysteriaClientDownloadSpeed=
# hysteria uplink speed
hysteriaClientUploadSpeed=
}
# read tls certificate details
readAcmeTLS() {
if [[ -n "${currentHost}" ]]; then
dnsTLSDomain=$(echo "${currentHost}" | awk -F "[.]" '{print $(NF-1)"."$NF}')
fi
if [[ -d "$HOME/.acme.sh/*.${dnsTLSDomain}_ecc" && -f "$HOME/.acme.sh/*.${dnsTLSDomain}_ecc/*.${dnsTLSDomain}.key" && -f "$HOME/.acme.sh/*.${dnsTLSDomain}_ecc/*.${dnsTLSDomain}.cer" ]]; then
installDNSACMEStatus=true
fi
}
# Read the default custom port
readCustomPort() {
if [[ -n "${configPath}" ]]; then
local port=
port=$(jq -r .inbounds[0].port "${configPath}${frontingType}.json")
if [[ "${port}" != "443" ]]; then
customPort=${port}
fi
fi
}
# Check the installation method
readInstallType() {
coreInstallType=
configPath=
hysteriaConfigPath=
# 1.Detect the installation directory
if [[ -d "/etc/v2ray-agent" ]]; then
# Detect installation method v2ray-core
if [[ -d "/etc/v2ray-agent/v2ray" && -f "/etc/v2ray-agent/v2ray/v2ray" && -f "/etc/v2ray-agent/v2ray/v2ctl" ]]; then
if [[ -d "/etc/v2ray-agent/v2ray/conf" && -f "/etc/v2ray-agent/v2ray/conf/02_VLESS_TCP_inbounds.json" ]]; then
configPath=/etc/v2ray-agent/v2ray/conf/
if grep </etc/v2ray-agent/v2ray/conf/02_VLESS_TCP_inbounds.json -q '"security": "tls"'; then
# v2ray-core without XTLS
coreInstallType=2
ctlPath=/etc/v2ray-agent/v2ray/v2ctl
elif grep </etc/v2ray-agent/v2ray/conf/02_VLESS_TCP_inbounds.json -q '"security": "xtls"'; then
# v2ray-core with XTLS
ctlPath=/etc/v2ray-agent/v2ray/v2ctl
coreInstallType=3
fi
fi
fi
if [[ -d "/etc/v2ray-agent/xray" && -f "/etc/v2ray-agent/xray/xray" ]]; then
# Check xray-core here
if [[ -d "/etc/v2ray-agent/xray/conf" ]] && [[ -f "/etc/v2ray-agent/xray/conf/02_VLESS_TCP_inbounds.json" || -f "/etc/v2ray-agent/xray/conf/02_trojan_TCP_inbounds.json" ]]; then
# xray-core
configPath=/etc/v2ray-agent/xray/conf/
ctlPath=/etc/v2ray-agent/xray/xray
coreInstallType=1
fi
fi
if [[ -d "/etc/v2ray-agent/hysteria" && -f "/etc/v2ray-agent/hysteria/hysteria" ]]; then
# Check hysteria here
if [[ -d "/etc/v2ray-agent/hysteria/conf" ]] && [[ -f "/etc/v2ray-agent/hysteria/conf/config.json" ]] && [[ -f "/etc/v2ray-agent/hysteria/conf/client_network.json" ]]; then
hysteriaConfigPath=/etc/v2ray-agent/hysteria/conf/
fi
fi
fi
}
# read protocol type
readInstallProtocolType() {
currentInstallProtocolType=
while read -r row; do
if echo "${row}" | grep -q 02_trojan_TCP_inbounds; then
currentInstallProtocolType=${currentInstallProtocolType}'trojan'
frontingType=02_trojan_TCP_inbounds
fi
if echo "${row}" | grep -q VLESS_TCP_inbounds; then
currentInstallProtocolType=${currentInstallProtocolType}'0'
frontingType=02_VLESS_TCP_inbounds
fi
if echo "${row}" | grep -q VLESS_WS_inbounds; then
currentInstallProtocolType=${currentInstallProtocolType}'1'
fi
if echo "${row}" | grep -q trojan_gRPC_inbounds; then
currentInstallProtocolType=${currentInstallProtocolType}'2'
fi
if echo "${row}" | grep -q VMess_WS_inbounds; then
currentInstallProtocolType=${currentInstallProtocolType}'3'
fi
if echo "${row}" | grep -q 04_trojan_TCP_inbounds; then
currentInstallProtocolType=${currentInstallProtocolType}'4'
fi
if echo "${row}" | grep -q VLESS_gRPC_inbounds; then
currentInstallProtocolType=${currentInstallProtocolType}'5'
fi
done < <(find ${configPath} -name "*inbounds.json" | awk -F "[.]" '{print $1}')
if [[ -n "${hysteriaConfigPath}" ]]; then
currentInstallProtocolType=${currentInstallProtocolType}'6'
fi
}
# Check if pagoda is installed
checkBTPanel() {
if pgrep -f "BT-Panel"; then
nginxConfigPath=/www/server/panel/vhost/nginx/
# BTPanelStatus=true
fi
}
# Read the order of the current alpn
readInstallAlpn() {
if [[ -n ${currentInstallProtocolType} ]]; then
local alpn
alpn=$(jq -r .inbounds[0].streamSettings.xtlsSettings.alpn[0] ${configPath}${frontingType}.json)
if [[ -n ${alpn} ]]; then
currentAlpn=${alpn}
fi
fi
}
# check firewall
allowPort() {
# If the firewall is enabled, add the corresponding open port
if systemctl status netfilter-persistent 2>/dev/null | grep -q "active (exited)"; then
local updateFirewalldStatus=
if ! iptables -L | grep -q "$1(mack-a)"; then
updateFirewalldStatus=true
iptables -I INPUT -p tcp --dport "$1" -m comment --comment "allow $1(mack-a)" -j ACCEPT
fi
if echo "${updateFirewalldStatus}" | grep -q "true"; then
netfilter-persistent save
fi
elif systemctl status ufw 2>/dev/null | grep -q "active (exited)"; then
if ufw status | grep -q "Status: active"; then
if ! ufw status | grep -q "$1"; then
sudo ufw allow "$1"
checkUFWAllowPort "$1"
fi
fi
elif
systemctl status firewalld 2>/dev/null | grep -q "active (running)"
then
local updateFirewalldStatus=
if ! firewall-cmd --list-ports --permanent | grep -qw "$1/tcp"; then
updateFirewalldStatus=true
firewall-cmd --zone=public --add-port="$1/tcp" --permanent
checkFirewalldAllowPort "$1"
fi
if echo "${updateFirewalldStatus}" | grep -q "true"; then
firewall-cmd --reload
fi
fi
}
# Check the occupancy of ports 80 and 443
checkPortUsedStatus() {
if lsof -i tcp:80 | grep -q LISTEN; then
echoContent red "\n ---> Port 80 is occupied, please close it manually and install\n"
lsof -i tcp:80 | grep LISTEN
exit 0
fi
if lsof -i tcp:443 | grep -q LISTEN; then
echoContent red "\n ---> Port 443 is occupied, please close it manually and install\n"
lsof -i tcp:80 | grep LISTEN
exit 0
fi
}
# output ufw port open status
checkUFWAllowPort() {
if ufw status | grep -q "$1"; then
echoContent green "---> $1 port opened successfully"
else
echoContent red "---> $1 port opening failed"
exit 0
fi
}
# Output firewall-cmd port open status
checkFirewalldAllowPort() {
if firewall-cmd --list-ports --permanent | grep -q "$1"; then
echoContent green "---> $1 port opened successfully"
else
echoContent red "---> $1 port opening failed"
exit 0
fi
}
# Read the hysteria network environment
readHysteriaConfig() {
if [[ -n "${hysteriaConfigPath}" ]]; then
hysteriaLag=$(jq -r .hysteriaLag <"${hysteriaConfigPath}client_network.json")
hysteriaClientDownloadSpeed=$(jq -r .hysteriaClientDownloadSpeed <"${hysteriaConfigPath}client_network.json")
hysteriaClientUploadSpeed=$(jq -r .hysteriaClientUploadSpeed <"${hysteriaConfigPath}client_network.json")
hysteriaPort=$(jq -r .listen <"${hysteriaConfigPath}config.json" | awk -F "[:]" '{print $2}')
hysteriaProtocol=$(jq -r .protocol <"${hysteriaConfigPath}config.json")
fi
}
# Check the file directory and path path
readConfigHostPathUUID() {
currentPath=
currentDefaultPort=
currentUUID=
currentHost=
currentPort=
currentAdd=
# read path
if [[ -n "${configPath}" ]]; then
local fallback
fallback=$(jq -r -c '.inbounds[0].settings.fallbacks[]|select(.path)' ${configPath}${frontingType}.json | head -1)
local path
path=$(echo "${fallback}" | jq -r .path | awk -F "[/]" '{print $2}')
if [[ $(echo "${fallback}" | jq -r .dest) == 31297 ]]; then
currentPath=$(echo "${path}" | awk -F "[w][s]" '{print $1}')
elif [[ $(echo "${fallback}" | jq -r .dest) == 31298 ]]; then
currentPath=$(echo "${path}" | awk -F "[t][c][p]" '{print $1}')
elif [[ $(echo "${fallback}" | jq -r .dest) == 31299 ]]; then
currentPath=$(echo "${path}" | awk -F "[v][w][s]" '{print $1}')
fi
# try to read alpn h2 Path
if [[ -z "${currentPath}" ]]; then
dest=$(jq -r -c '.inbounds[0].settings.fallbacks[]|select(.alpn)|.dest' ${configPath}${frontingType}.json | head -1)
if [[ "${dest}" == "31302" || "${dest}" == "31304" ]]; then
if grep -q "trojangrpc {" <${nginxConfigPath}alone.conf; then
currentPath=$(grep "trojangrpc {" <${nginxConfigPath}alone.conf | awk -F "[/]" '{print $2}' | awk -F "[t][r][o][j][a][n]" '{print $1}')
elif grep -q "grpc {" <${nginxConfigPath}alone.conf; then
currentPath=$(grep "grpc {" <${nginxConfigPath}alone.conf | head -1 | awk -F "[/]" '{print $2}' | awk -F "[g][r][p][c]" '{print $1}')
fi
fi
fi
local defaultPortFile=
defaultPortFile=$(find ${configPath}* | grep "default")
if [[ -n "${defaultPortFile}" ]]; then
currentDefaultPort=$(echo "${defaultPortFile}" | awk -F [_] '{print $4}')
else
currentDefaultPort=$(jq -r .inbounds[0].port ${configPath}${frontingType}.json)
fi
fi
if [[ "${coreInstallType}" == "1" ]]; then
currentHost=$(jq -r .inbounds[0].streamSettings.xtlsSettings.certificates[0].certificateFile ${configPath}${frontingType}.json | awk -F '[t][l][s][/]' '{print $2}' | awk -F '[.][c][r][t]' '{print $1}')
currentUUID=$(jq -r .inbounds[0].settings.clients[0].id ${configPath}${frontingType}.json)
currentAdd=$(jq -r .inbounds[0].settings.clients[0].add ${configPath}${frontingType}.json)
if [[ "${currentAdd}" == "null" ]]; then
currentAdd=${currentHost}
fi
currentPort=$(jq .inbounds[0].port ${configPath}${frontingType}.json)
elif [[ "${coreInstallType}" == "2" || "${coreInstallType}" == "3" ]]; then
if [[ "${coreInstallType}" == "3" ]]; then
currentHost=$(jq -r .inbounds[0].streamSettings.xtlsSettings.certificates[0].certificateFile ${configPath}${frontingType}.json | awk -F '[t][l][s][/]' '{print $2}' | awk -F '[.][c][r][t]' '{print $1}')
else
currentHost=$(jq -r .inbounds[0].streamSettings.tlsSettings.certificates[0].certificateFile ${configPath}${frontingType}.json | awk -F '[t][l][s][/]' '{print $2}' | awk -F '[.][c][r][t]' '{print $1}')
fi
currentAdd=$(jq -r .inbounds[0].settings.clients[0].add ${configPath}${frontingType}.json)
if [[ "${currentAdd}" == "null" ]]; then
currentAdd=${currentHost}
fi
currentUUID=$(jq -r .inbounds[0].settings.clients[0].id ${configPath}${frontingType}.json)
currentPort=$(jq .inbounds[0].port ${configPath}${frontingType}.json)
fi
}
# status display
showInstallStatus() {
if [[ -n "${coreInstallType}" ]]; then
if [[ "${coreInstallType}" == 1 ]]; then
if [[ -n $(pgrep -f xray/xray) ]]; then
echoContent yellow "\nCore: Xray-core [running]"
else
echoContent yellow "\nCore: Xray-core[not running]"
fi
elif [[ "${coreInstallType}" == 2 || "${coreInstallType}" == 3 ]]; then
if [[ -n $(pgrep -f v2ray/v2ray) ]]; then
echoContent yellow "\nCore: v2ray-core[running]"
else
echoContent yellow "\nCore: v2ray-core[not running]"
fi
fi
# read protocol type
readInstallProtocolType
if [[ -n ${currentInstallProtocolType} ]]; then
echoContent yellow "Protocol installed: \c"
fi
if echo ${currentInstallProtocolType} | grep -q 0; then
if [[ "${coreInstallType}" == 2 ]]; then
echoContent yellow "VLESS+TCP[TLS] \c"
else
echoContent yellow "VLESS+TCP[TLS/XTLS] \c"
fi
fi
if echo ${currentInstallProtocolType} | grep -q trojan; then
if [[ "${coreInstallType}" == 1 ]]; then
echoContent yellow "Trojan+TCP[TLS/XTLS] \c"
fi
fi
if echo ${currentInstallProtocolType} | grep -q 1; then
echoContent yellow "VLESS+WS[TLS] \c"
fi
if echo ${currentInstallProtocolType} | grep -q 2; then
echoContent yellow "Trojan+gRPC[TLS] \c"
fi
if echo ${currentInstallProtocolType} | grep -q 3; then
echoContent yellow "VMess+WS[TLS] \c"
fi
if echo ${currentInstallProtocolType} | grep -q 4; then
echoContent yellow "Trojan+TCP[TLS] \c"
fi
if echo ${currentInstallProtocolType} | grep -q 5; then
echoContent yellow "VLESS+gRPC[TLS] \c"
fi
fi
}
# clean up old residue
cleanUp() {
if [[ "$1" == "v2rayClean" ]]; then
rm -rf "$(find /etc/v2ray-agent/v2ray/* | grep -E '(config_full.json|conf)')"
handleV2Ray stop >/dev/null
rm -f /etc/systemd/system/v2ray.service
elif [[ "$1" == "xrayClean" ]]; then
rm -rf "$(find /etc/v2ray-agent/xray/* | grep -E '(config_full.json|conf)')"
handleXray stop >/dev/null
rm -f /etc/systemd/system/xray.service
elif [[ "$1" == "v2rayDel" ]]; then
rm -rf /etc/v2ray-agent/v2ray/*
elif [[ "$1" == "xrayDel" ]]; then
rm -rf /etc/v2ray-agent/xray/*
fi
}
initVar "$1"
checkSystem
checkCPUVendor
readInstallType
readInstallProtocolType
readConfigHostPathUUID
readInstallAlpn
readCustomPort
checkBTPanel
#----------------------------------------------------
# Initialize the installation directory
mkdirTools() {
mkdir -p /etc/v2ray-agent/tls
mkdir -p /etc/v2ray-agent/subscribe
mkdir -p /etc/v2ray-agent/subscribe_tmp
mkdir -p /etc/v2ray-agent/v2ray/conf
mkdir -p /etc/v2ray-agent/v2ray/tmp
mkdir -p /etc/v2ray-agent/xray/conf
mkdir -p /etc/v2ray-agent/xray/tmp
mkdir -p /etc/v2ray-agent/trojan
mkdir -p /etc/v2ray-agent/hysteria/conf
mkdir -p /etc/systemd/system/
mkdir -p /tmp/v2ray-agent-tls/
}
# install toolkit
installTools() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Install Tool"
# Fix ubuntu individual system issues
if [[ "${release}" == "ubuntu" ]]; then
dpkg --configure -a
fi
if [[ -n $(pgrep -f "apt") ]]; then
pgrep -f apt | xargs kill -9
fi
echoContent green " ---> Check and install updates [The new machine will be very slow, if there is no response for a long time, please stop it manually and execute it again]"
${upgrade} >/etc/v2ray-agent/install.log 2>&1
if grep <"/etc/v2ray-agent/install.log" -q "changed"; then
${updateReleaseInfoChange} >/dev/null 2>&1
fi
if [[ "${release}" == "centos" ]]; then
rm -rf /var/run/yum.pid
${installType} epel-release >/dev/null 2>&1
fi
# [[ -z `find /usr/bin /usr/sbin |grep -v grep|grep -w curl` ]]
if ! find /usr/bin /usr/sbin | grep -q -w wget; then
echoContent green " ---> install wget"
${installType} wget >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w curl; then
echoContent green " ---> install curl"
${installType} curl >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w unzip; then
echoContent green " ---> install unzip"
${installType} unzip >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w socat; then
echoContent green " ---> install socat"
${installType} socat >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w tar; then
echoContent green " ---> install tar"
${installType} tar >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w cron; then
echoContent green " ---> install crontabs"
if [[ "${release}" == "ubuntu" ]] || [[ "${release}" == "debian" ]]; then
${installType} cron >/dev/null 2>&1
else
${installType} crontabs >/dev/null 2>&1
fi
fi
if ! find /usr/bin /usr/sbin | grep -q -w jq; then
echoContent green " ---> install jq"
${installType} jq >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w binutils; then
echoContent green " ---> install binutils"
${installType} binutils >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w ping6; then
echoContent green " ---> install ping6"
${installType} inetutils-ping >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w qrencode; then
echoContent green " ---> install qrencode"
${installType} qrencode >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w sudo; then
echoContent green " ---> install sudo"
${installType} sudo >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w lsb-release; then
echoContent green " ---> install lsb-release"
${installType} lsb-release >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w lsof; then
echoContent green " ---> install lsof"
${installType} lsof >/dev/null 2>&1
fi
if ! find /usr/bin /usr/sbin | grep -q -w dig; then
echoContent green " ---> install dig"
if echo "${installType}" | grep -q -w "apt"; then
${installType} dnsutils >/dev/null 2>&1
elif echo "${installType}" | grep -q -w "yum"; then
${installType} bind-utils >/dev/null 2>&1
fi
fi
# Detect the nginx version and provide the option to uninstall
if ! find /usr/bin /usr/sbin | grep -q -w nginx; then
echoContent green " ---> install nginx"
installNginxTools
else
nginxVersion=$(nginx -v 2>&1)
nginxVersion=$(echo "${nginxVersion}" | awk -F "[n][g][i][n][x][/]" '{print $2}' | awk -F "[.]" '{print $2}')
if [[ ${nginxVersion} -lt 14 ]]; then
read -r -p "Read that the current Nginx version does not support gRPC, which will cause the installation to fail.Do you want to uninstall Nginx and then reinstall it? [y/n]:" unInstallNginxStatus
if [[ "${unInstallNginxStatus}" == "y" ]]; then
${removeType} nginx >/dev/null 2>&1
echoContent yellow " ---> nginx uninstallation completed"
echoContent green " ---> install nginx"
installNginxTools >/dev/null 2>&1
else
exit 0
fi
fi
fi
if ! find /usr/bin /usr/sbin | grep -q -w semanage; then
echoContent green " ---> install semanage"
${installType} bash-completion >/dev/null 2>&1
if [[ "${centosVersion}" == "7" ]]; then
policyCoreUtils="policycoreutils-python.x86_64"
elif [[ "${centosVersion}" == "8" ]]; then
policyCoreUtils="policycoreutils-python-utils-2.9-9.el8.noarch"
fi
if [[ -n "${policyCoreUtils}" ]]; then
${installType} ${policyCoreUtils} >/dev/null 2>&1
fi
if [[ -n $(which semanage) ]]; then
semanage port -a -t http_port_t -p tcp 31300
fi
fi
if [[ ! -d "$HOME/.acme.sh" ]] || [[ -d "$HOME/.acme.sh" && -z $(find "$HOME/.acme.sh/acme.sh") ]]; then
echoContent green " ---> install acme.sh"
curl -s https://get.acme.sh | sh >/etc/v2ray-agent/tls/acme.log 2>&1
if [[ ! -d "$HOME/.acme.sh" ]] || [[ -z $(find "$HOME/.acme.sh/acme.sh") ]]; then
echoContent red "acme installation failed--->"
tail -n 100 /etc/v2ray-agent/tls/acme.log
echoContent yellow "Error troubleshooting:"
echoContent red " 1.Failed to obtain Github files, please wait for Github to recover and try, the recovery progress can be viewed at [https://www.githubstatus.com/]"
echoContent red "There is a bug in the 2.acme.sh script, see [https://github.com/acmesh-official/acme.sh] issues"
echoContent red " 3.For pure IPv6 machines, please set up NAT64 and execute the following commands"
echoContent skyBlue " echo -e \"nameserver 2001:67c:2b0::4\\\nnameserver 2001:67c:2b0::6\" >> /etc/resolv.conf"
exit 0
fi
fi
}
# Install Nginx
installNginxTools() {
if [[ "${release}" == "debian" ]]; then
sudo apt install gnupg2 ca-certificates lsb-release -y >/dev/null 2>&1
echo "deb http://nginx.org/packages/mainline/debian $(lsb_release -cs) nginx" | sudo tee /etc/apt/sources.list.d/nginx.list >/dev/null 2>&1
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx >/dev/null 2>&1
curl -o /tmp/nginx_signing.key https://nginx.org/keys/nginx_signing.key >/dev/null 2>&1
# gpg --dry-run --quiet --import --import-options import-show /tmp/nginx_signing.key
sudo mv /tmp/nginx_signing.key /etc/apt/trusted.gpg.d/nginx_signing.asc
sudo apt update >/dev/null 2>&1
elif [[ "${release}" == "ubuntu" ]]; then
sudo apt install gnupg2 ca-certificates lsb-release -y >/dev/null 2>&1
echo "deb http://nginx.org/packages/mainline/ubuntu $(lsb_release -cs) nginx" | sudo tee /etc/apt/sources.list.d/nginx.list >/dev/null 2>&1
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx >/dev/null 2>&1
curl -o /tmp/nginx_signing.key https://nginx.org/keys/nginx_signing.key >/dev/null 2>&1
# gpg --dry-run --quiet --import --import-options import-show /tmp/nginx_signing.key
sudo mv /tmp/nginx_signing.key /etc/apt/trusted.gpg.d/nginx_signing.asc
sudo apt update >/dev/null 2>&1
elif [[ "${release}" == "centos" ]]; then
${installType} yum-utils >/dev/null 2>&1
cat <<EOF >/etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/\$releasever/\$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
EOF
sudo yum-config-manager --enable nginx-mainline >/dev/null 2>&1
fi
${installType} nginx >/dev/null 2>&1
systemctl daemon-reload
systemctl enable nginx
}
# install warp
installWarp() {
${installType} gnupg2 -y >/dev/null 2>&1
if [[ "${release}" == "debian" ]]; then
curl -s https://pkg.cloudflareclient.com/pubkey.gpg | sudo apt-key add - >/dev/null 2>&1
echo "deb http://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list >/dev/null 2>&1
sudo apt update >/dev/null 2>&1
elif [[ "${release}" == "ubuntu" ]]; then
curl -s https://pkg.cloudflareclient.com/pubkey.gpg | sudo apt-key add - >/dev/null 2>&1
echo "deb http://pkg.cloudflareclient.com/ focal main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list >/dev/null 2>&1
sudo apt update >/dev/null 2>&1
elif [[ "${release}" == "centos" ]]; then
${installType} yum-utils >/dev/null 2>&1
sudo rpm -ivh "http://pkg.cloudflareclient.com/cloudflare-release-el${centosVersion}.rpm" >/dev/null 2>&1
fi
echoContent green " ---> install WARP"
${installType} cloudflare-warp >/dev/null 2>&1
if [[ -z $(which warp-cli) ]]; then
echoContent red "---> Failed to install WARP"
exit 0
fi
systemctl enable warp-svc
warp-cli --accept-tos register
warp-cli --accept-tos set-mode proxy
warp-cli --accept-tos set-proxy-port 31303
warp-cli --accept-tos connect
warp-cli --accept-tos enable-always-on
# if [[]];then
# fi
# todo curl --socks5 127.0.0.1:31303 https://www.cloudflare.com/cdn-cgi/trace
# systemctl daemon-reload
# systemctl enable cloudflare-warp
}
# Initialize Nginx application certificate configuration
initTLSNginxConfig() {
handleNginx stop
echoContent skyBlue "\nProgress $1/${totalProgress} : Initialize Nginx application certificate configuration"
if [[ -n "${currentHost}" ]]; then
echo
read -r -p "Read the last installation record, do you use the domain name of the last installation? [y/n]:" historyDomainStatus
if [[ "${historyDomainStatus}" == "y" ]]; then
domain=${currentHost}
echoContent yellow "\n ---> Domain name: ${domain}"
else
echo
echoContent yellow "Please enter the domain name to be configured Example: www.v2ray-agent.com --->"
read -r -p "domain name:" domain
fi
else
echo
echoContent yellow "Please enter the domain name to be configured Example: www.v2ray-agent.com --->"
read -r -p "domain name:" domain
fi
if [[ -z ${domain} ]]; then
echoContent red "The domain name cannot be empty--->"
initTLSNginxConfig 3
else
dnsTLSDomain=$(echo "${domain}" | awk -F "[.]" '{print $(NF-1)"."$NF}')
customPortFunction
local port=80
if [[ -n "${customPort}" ]]; then
port=${customPort}
fi
# Change setting
touch ${nginxConfigPath}alone.conf
cat <<EOF >${nginxConfigPath}alone.conf
server {
listen ${port};
listen [::]:${port};
server_name ${domain};
root /usr/share/nginx/html;
location ~ /.well-known {
allow all;
}
location /test {
return 200 'fjkvymb6len';
}
location /ip {
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header REMOTE-HOST \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
default_type text/plain;
return 200 \$proxy_add_x_forwarded_for;
}
}
EOF
fi
readAcmeTLS
}
# Modify nginx redirect configuration
updateRedirectNginxConf() {
# if [[ ${BTPanelStatus} == "true" ]]; then
#
# cat <<EOF >${nginxConfigPath}alone.conf
# server {
# listen 127.0.0.1:31300;
# server_name _;
# return 403;
# }
#EOF
#
# elif [[ -n "${customPort}" ]]; then
# cat <<EOF >${nginxConfigPath}alone.conf
# server {
# listen 127.0.0.1:31300;
# server_name _;
# return 403;
# }
#EOF
# fi
local redirectDomain=${domain}
if [[ -n "${customPort}" ]]; then
redirectDomain=${domain}:${customPort}
fi
cat <<EOF >${nginxConfigPath}alone.conf
server {
listen 80;
server_name ${domain};
return 302 https://${redirectDomain};
}
server {
listen 127.0.0.1:31300;
server_name _;
return 403;
}
EOF
if echo "${selectCustomInstallType}" | grep -q 2 && echo "${selectCustomInstallType}" | grep -q 5 || [[ -z "${selectCustomInstallType}" ]]; then
cat <<EOF >>${nginxConfigPath}alone.conf
server {
listen 127.0.0.1:31302 http2 so_keepalive=on;
server_name ${domain};
root /usr/share/nginx/html;
client_header_timeout 1071906480m;
keepalive_timeout 1071906480m;
location /s/ {
add_header Content-Type text/plain;
alias /etc/v2ray-agent/subscribe/;
}
location /${currentPath}grpc {
if (\$content_type !~ "application/grpc") {
return 404;
}
client_max_body_size 0;
grpc_set_header X-Real-IP \$proxy_add_x_forwarded_for;
client_body_timeout 1071906480m;
grpc_read_timeout 1071906480m;
grpc_pass grpc://127.0.0.1:31301;
}
location /${currentPath}trojangrpc {
if (\$content_type !~ "application/grpc") {
return 404;
}
client_max_body_size 0;
grpc_set_header X-Real-IP \$proxy_add_x_forwarded_for;
client_body_timeout 1071906480m;
grpc_read_timeout 1071906480m;
grpc_pass grpc://127.0.0.1:31304;
}
location / {
add_header Strict-Transport-Security "max-age=15552000; preload" always;
}
}
EOF
elif echo "${selectCustomInstallType}" | grep -q 5 || [[ -z "${selectCustomInstallType}" ]]; then
cat <<EOF >>${nginxConfigPath}alone.conf
server {
listen 127.0.0.1:31302 http2;
server_name ${domain};
root /usr/share/nginx/html;
location /s/ {
add_header Content-Type text/plain;
alias /etc/v2ray-agent/subscribe/;
}
location /${currentPath}grpc {
client_max_body_size 0;
# keepalive_time 1071906480m;
keepalive_requests 4294967296;
client_body_timeout 1071906480m;
send_timeout 1071906480m;
lingering_close always;
grpc_read_timeout 1071906480m;
grpc_send_timeout 1071906480m;
grpc_pass grpc://127.0.0.1:31301;
}
}
EOF
elif echo "${selectCustomInstallType}" | grep -q 2 || [[ -z "${selectCustomInstallType}" ]]; then
cat <<EOF >>${nginxConfigPath}alone.conf
server {
listen 127.0.0.1:31302 http2;
server_name ${domain};
root /usr/share/nginx/html;
location /s/ {
add_header Content-Type text/plain;
alias /etc/v2ray-agent/subscribe/;
}
location /${currentPath}trojangrpc {
client_max_body_size 0;
# keepalive_time 1071906480m;
keepalive_requests 4294967296;
client_body_timeout 1071906480m;
send_timeout 1071906480m;
lingering_close always;
grpc_read_timeout 1071906480m;
grpc_send_timeout 1071906480m;
grpc_pass grpc://127.0.0.1:31301;
}
}
EOF
else
cat <<EOF >>${nginxConfigPath}alone.conf
server {
listen 127.0.0.1:31302 http2;
server_name ${domain};
root /usr/share/nginx/html;
location /s/ {
add_header Content-Type text/plain;
alias /etc/v2ray-agent/subscribe/;
}
location / {
}
}
EOF
fi
cat <<EOF >>${nginxConfigPath}alone.conf
server {
listen 127.0.0.1:31300;
server_name ${domain};
root /usr/share/nginx/html;
location /s/ {
add_header Content-Type text/plain;
alias /etc/v2ray-agent/subscribe/;
}
location / {
add_header Strict-Transport-Security "max-age=15552000; preload" always;
}
}
EOF
}
# check ip
checkIP() {
echoContent skyBlue "\n ---> Check the domain name ip"
local checkDomain=${domain}
if [[ -n "${customPort}" ]]; then
checkDomain="http://${domain}:${customPort}"
fi
localIP=$(curl -s -m 2 "${checkDomain}/ip")
handleNginx stop
if [[ -z ${localIP} ]] || ! echo "${localIP}" | sed '1{s/[^(]*(//;s/).*//;q}' | grep -q '\.' && ! echo "${localIP}" | sed '1{s/[^(]*(//;s/).*//;q}' | grep -q ':'; then
echoContent red "\n ---> The ip of the current domain name was not detected"
echoContent skyBlue " ---> Please perform the following checks in order"
echoContent yellow " ---> 1.Check whether the domain name is written correctly"
echoContent yellow " ---> 2.Check whether the domain name dns resolution is correct"
echoContent yellow " ---> 3.If the parsing is correct, please wait for dns to take effect, it is expected to take effect within three minutes"
echoContent yellow " ---> 4.If a problem with Nginx startup is reported, please manually start nginx to check the error.If you can't handle it yourself, please file issues"
echoContent yellow " ---> 5.Error log: ${localIP}"
echo
echoContent skyBlue " ---> If the above settings are correct, please reinstall the pure system and try again"
if [[ -n ${localIP} ]]; then
echoContent yellow " ---> The detection return value is abnormal, it is recommended to manually uninstall nginx and re-execute the script"
fi
local portFirewallPortStatus="443、80"
if [[ -n "${customPort}" ]]; then
portFirewallPortStatus="${customPort}"
fi
echoContent red " ---> Please check if firewall rules are open ${portFirewallPortStatus}\n"
read -r -p "Do you want to modify the firewall rules by script to open the port ${portFirewallPortStatus}? [y/n]:" allPortFirewallStatus
if [[ ${allPortFirewallStatus} == "y" ]]; then
if [[ -n "${customPort}" ]]; then
allowPort "${customPort}"
else
allowPort 80
allowPort 443
fi
handleNginx start
checkIP
else
exit 0
fi
else
if echo "${localIP}" | awk -F "[,]" '{print $2}' | grep -q "." || echo "${localIP}" | awk -F "[,]" '{print $2}' | grep -q ":"; then
echoContent red "\n ---> Multiple IPs detected, please confirm whether to close cloudflare's cloud"
echoContent yellow " ---> After closing the cloud, wait three minutes and try again"
echoContent yellow " ---> The detected ip is as follows: [${localIP}]"
exit 0
fi
echoContent green " ---> The current domain name ip is: [${localIP}]"
fi
}
# custom email
customSSLEmail() {
if echo "$1" | grep -q "validate email"; then
read -r -p "Whether to re-enter the email address [y/n]:" sslEmailStatus
if [[ "${sslEmailStatus}" == "y" ]]; then
sed '/ACCOUNT_EMAIL/d' /root/.acme.sh/account.conf >/root/.acme.sh/account.conf_tmp && mv /root/.acme.sh/account.conf_tmp /root/.acme.sh/account.conf
else
exit 0
fi
fi
if [[ -d "/root/.acme.sh" && -f "/root/.acme.sh/account.conf" ]]; then
if ! grep -q "ACCOUNT_EMAIL" <"/root/.acme.sh/account.conf" && ! echo "${sslType}" | grep -q "letsencrypt"; then
read -r -p "Please enter email address:" sslEmail
if echo "${sslEmail}" | grep -q "@"; then
echo "ACCOUNT_EMAIL='${sslEmail}'" >>/root/.acme.sh/account.conf
echoContent green " ---> Add successfully"
else
echoContent yellow "Please re-enter the correct email format [example: username@example.com]"
customSSLEmail
fi
fi
fi
}
# select ssl installation type
switchSSLType() {
if [[ -z "${sslType}" ]]; then
echoContent red "\n=============================================================="
echoContent yellow "1.letsencrypt[default]"
echoContent yellow "2.zerossl"
echoContent yellow "3.buypass[DNS request not supported]"
echoContent red "=============================================================="
read -r -p "Please select [Enter] to use default:" selectSSLType
case ${selectSSLType} in
1)
sslType="letsencrypt"
;;
2)
sslType="zerossl"
;;
3)
sslType="buypass"
;;
*)
sslType="letsencrypt"
;;
esac
touch /etc/v2ray-agent/tls
echo "${sslType}" >/etc/v2ray-agent/tls/ssl_type
fi
}
# Select the acme installation certificate method
selectAcmeInstallSSL() {
local installSSLIPv6=
if echo "${localIP}" | grep -q ":"; then
installSSLIPv6="--listen-v6"
fi
echo
if [[ -n "${customPort}" ]]; then
if [[ "${selectSSLType}" == "3" ]]; then
echoContent red " ---> buypass does not support free wildcard certificates"
echo
exit
fi
dnsSSLStatus=true
else
read -r -p "Whether to use DNS to apply for certificate [y/n]:" installSSLDNSStatus
if [[ ${installSSLDNStatus} == 'y' ]]; then
dnsSSLStatus=true
fi
fi
acmeInstallSSL
readAcmeTLS
}
# Install SSL certificate
acmeInstallSSL() {
if [[ "${dnsSSLStatus}" == "true" ]]; then
sudo "$HOME/.acme.sh/acme.sh" --issue -d "*.${dnsTLSDomain}" --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please --standalone -k ec-256 --server "${sslType}" ${installSSLIPv6} 2>&1 | tee -a /etc/v2ray-agent/tls/acme.log >/dev/null
local txtValue=
txtValue=$(tail -n 10 /etc/v2ray-agent/tls/acme.log | grep "TXT value" | awk -F "'" '{print $2}')
if [[ -n "${txtValue}" ]]; then
echoContent green " ---> Please manually add DNS TXT record"
echoContent yellow " ---> Please refer to this tutorial for adding methods, https://github.com/mack-a/v2ray-agent/blob/master/documents/dns_txt.md"
echoContent green " ---> name_acme-challenge"
echoContent green " ---> value${txtValue}"
echoContent yellow " ---> Please wait for 1-2 minutes after the addition is complete"
echo
read -r -p "Whether the addition is complete [y/n]:" addDNSTXTRecordStatus
if [[ "${addDNSTXTRecordStatus}" == "y" ]]; then
local txtAnswer=
txtAnswer=$(dig +nocmd "_acme-challenge.${dnsTLSDomain}" txt +noall +answer | awk -F "[\"]" '{print $2}')
if [[ "${txtAnswer}" == "${txtValue}" ]]; then
echoContent green " ---> TXT record verification passed"
echoContent green "---> Generating certificate"
sudo "$HOME/.acme.sh/acme.sh" --renew -d "*.${dnsTLSDomain}" --yes-I-know-dns-manual-mode-enough-go-ahead-please --ecc --server "${sslType}" ${installSSLIPv6} 2>&1 | tee -a /etc/v2ray-agent/tls/acme.log >/dev/null
else
echoContent red " ---> Authentication failed, please try again after 1-2 minutes"
acmeInstallSSL
fi
else
echoContent red " ---> give up"
exit 0
fi
fi
else
echoContent green "---> Generating certificate"
sudo "$HOME/.acme.sh/acme.sh" --issue -d "${tlsDomain}" --standalone -k ec-256 --server "${sslType}" ${installSSLIPv6} 2>&1 | tee -a /etc/v2ray-agent/tls/acme.log >/dev/null
fi
}
# custom port
customPortFunction() {
local historyCustomPortStatus=
local showPort=
if [[ -n "${customPort}" || -n "${currentPort}" ]]; then
echo
read -r -p "Read the port of the last installation, do you use the port of the last installation? [y/n]:" historyCustomPortStatus
if [[ "${historyCustomPortStatus}" == "y" ]]; then
showPort="${currentPort}"
if [[ -n "${customPort}" ]]; then
showPort="${customPort}"
fi
echoContent yellow "\n ---> Port: ${showPort}"
fi
fi
if [[ "${historyCustomPortStatus}" == "n" ]] && [[ -z "${customPort}" && -z "${currentPort}" ]]; then
echo
echoContent yellow "Please enter the port [default: 443], such as a custom port, only allow the use of DNS to apply for a certificate [enter to use the default]"
read -r -p "port:" customPort
if [[ -n "${customPort}" ]]; then
if ((customPort >= 1 && customPort <= 65535)); then
checkCustomPort
allowPort "${customPort}"
else
echoContent red " ---> Port input error"
exit
fi
else
echoContent yellow "\n ---> Port: 443"
fi
fi
}
# Check if the port is occupied
checkCustomPort() {
if lsof -i "tcp:${customPort}" | grep -q LISTEN; then
echoContent red "\n ---> ${customPort} port is occupied, please close it manually and install it\n"
lsof -i tcp:80 | grep LISTEN
exit 0
fi
}
# install TLS
installTLS() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Apply for TLS certificate\n"
local tlsDomain=${domain}
# install tls
if [[ -f "/etc/v2ray-agent/tls/${tlsDomain}.crt" && -f "/etc/v2ray-agent/tls/${tlsDomain}.key" && -n $(cat "/etc/v2ray-agent/tls/${tlsDomain}.crt") ]] || [[ -d "$HOME/.acme.sh/${tlsDomain}_ecc" && -f "$HOME/.acme.sh/${tlsDomain}_ecc/${tlsDomain}.key" && -f "$HOME/.acme.sh/${tlsDomain}_ecc/${tlsDomain}.cer" ]]; then
echoContent green " ---> Certificate detected"
# checkTLStatus
renewalTLS
if [[ -z $(find /etc/v2ray-agent/tls/ -name "${tlsDomain}.crt") ]] || [[ -z $(find /etc/v2ray-agent/tls/ -name "${tlsDomain}.key") ]] || [[ -z $(cat "/etc/v2ray-agent/tls/${tlsDomain}.crt") ]]; then
sudo "$HOME/.acme.sh/acme.sh" --installcert -d "${tlsDomain}" --fullchainpath "/etc/v2ray-agent/tls/${tlsDomain}.crt" --keypath "/etc/v2ray-agent/tls/${tlsDomain}.key" --ecc >/dev/null
else
echoContent yellow " ---> If not expired or custom certificate, please select [n]\n"
read -r -p "Reinstall? [y/n]:" reInstallStatus
if [[ "${reInstallStatus}" == "y" ]]; then
rm -rf /etc/v2ray-agent/tls/*
installTLS "$1"
fi
fi
elif [[ -d "$HOME/.acme.sh" ]] && [[ ! -f "$HOME/.acme.sh/${tlsDomain}_ecc/${tlsDomain}.cer" || ! -f "$HOME/.acme.sh/${tlsDomain}_ecc/${tlsDomain}.key" ]]; then
echoContent green " ---> Install TLS certificate"
if [[ "${installDNSACMEStatus}" != "true" ]]; then
switchSSLType
customSSLEmail
selectAcmeInstallSSL
else
echoContent green " ---> Detected that a wildcard certificate has been installed, automatically generating"
fi
if [[ "${installDNSACMEStatus}" == "true" ]]; then
echo
if [[ -d "$HOME/.acme.sh/*.${dnsTLSDomain}_ecc" && -f "$HOME/.acme.sh/*.${dnsTLSDomain}_ecc/*.${dnsTLSDomain}.key" && -f "$HOME/.acme.sh/*.${dnsTLSDomain}_ecc/*.${dnsTLSDomain}.cer" ]]; then
sudo "$HOME/.acme.sh/acme.sh" --installcert -d "${dnsTLSDomain}" -d "*.${dnsTLSDomain}" --fullchainpath "/etc/v2ray-agent/tls/${tlsDomain}.crt" --keypath "/etc/v2ray-agent/tls/${tlsDomain}.key" --ecc >/dev/null
fi
elif [[ -d "$HOME/.acme.sh/${tlsDomain}_ecc" && -f "$HOME/.acme.sh/${tlsDomain}_ecc/${tlsDomain}.key" && -f "$HOME/.acme.sh/${tlsDomain}_ecc/${tlsDomain}.cer" ]]; then
sudo "$HOME/.acme.sh/acme.sh" --installcert -d "${tlsDomain}" --fullchainpath "/etc/v2ray-agent/tls/${tlsDomain}.crt" --keypath "/etc/v2ray-agent/tls/${tlsDomain}.key" --ecc >/dev/null
fi
if [[ ! -f "/etc/v2ray-agent/tls/${tlsDomain}.crt" || ! -f "/etc/v2ray-agent/tls/${tlsDomain}.key" ]] || [[ -z $(cat "/etc/v2ray-agent/tls/${tlsDomain}.key") || -z $(cat "/etc/v2ray-agent/tls/${tlsDomain}.crt") ]]; then
tail -n 10 /etc/v2ray-agent/tls/acme.log
if [[ ${installTLSCount} == "1" ]]; then
echoContent red " ---> TLS installation failed, please check the acme log"
exit 0
fi
installTLSCount=1
echo
echoContent red "---> TLS installation failed, checking whether ports 80 and 443 are open"
allowPort 80
allowPort 443
echoContent yellow " ---> Retry to install TLS certificate"
if tail -n 10 /etc/v2ray-agent/tls/acme.log | grep -q "Could not validate email address as valid"; then
echoContent red " ---> The mailbox cannot be verified by the SSL manufacturer, please re-enter"
echo
customSSLEmail "validate email"
installTLS "$1"
else
installTLS "$1"
fi
fi
echoContent green "---> TLS generated successfully"
else
echoContent yellow " ---> acme.sh is not installed"
exit 0
fi
}
# Configure fake blog
initNginxConfig() {
echoContent skyBlue "\nProgress $1/${totalProgress} : configure Nginx"
cat <<EOF >${nginxConfigPath}alone.conf
server {
listen 80;
listen [::]:80;
server_name ${domain};
root /usr/share/nginx/html;
location ~ /.well-known {allow all;}
location /test {return 200 'fjkvymb6len';}
}
EOF
}
# custom/random path
randomPathFunction() {
echoContent skyBlue "\nProgress $1/${totalProgress} : generate random path"
if [[ -n "${currentPath}" ]]; then
echo
read -r -p "Read the last installation record, do you use the path of the last installation? [y/n]:" historyPathStatus
echo
fi
if [[ "${historyPathStatus}" == "y" ]]; then
customPath=${currentPath}
echoContent green " ---> Use successfully\n"
else
echoContent yellow "Please enter a custom path [example: alone], no slashes required, [enter] random path"
read -r -p 'path:' customPath
if [[ -z "${customPath}" ]]; then
customPath=$(head -n 50 /dev/urandom | sed 's/[^a-z]//g' | strings -n 4 | tr '[:upper:]' '[:lower:]' | head -1)
currentPath=${customPath:0:4}
customPath=${currentPath}
else
currentPath=${customPath}
fi
fi
echoContent yellow "\n path:${currentPath}"
echoContent skyBlue "\n----------------------------"
}
# Nginx Camouflage Blog
nginxBlog() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Add fake site"
if [[ -d "/usr/share/nginx/html" && -f "/usr/share/nginx/html/check" ]]; then
echo
read -r -p "Detected installation of fake sites, do you need to reinstall [y/n]:" nginxBlogInstallStatus
if [[ "${nginxBlogInstallStatus}" == "y" ]]; then
rm -rf /usr/share/nginx/html
randomNum=$((RANDOM % 6 + 1))
wget -q -P /usr/share/nginx https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/blog/unable/html${randomNum}.zip >/dev/null
unzip -o /usr/share/nginx/html${randomNum}.zip -d /usr/share/nginx/html >/dev/null
rm -f /usr/share/nginx/html${randomNum}.zip*
echoContent green " ---> Add fake site successfully"
fi
else
randomNum=$((RANDOM % 6 + 1))
rm -rf /usr/share/nginx/html
wget -q -P /usr/share/nginx https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/blog/unable/html${randomNum}.zip >/dev/null
unzip -o /usr/share/nginx/html${randomNum}.zip -d /usr/share/nginx/html >/dev/null
rm -f /usr/share/nginx/html${randomNum}.zip*
echoContent green " ---> Add fake site successfully"
fi
}
# Modify http_port_t port
updateSELinuxHTTPPortT() {
$(find /usr/bin /usr/sbin | grep -w journalctl) -xe >/etc/v2ray-agent/nginx_error.log 2>&1
if find /usr/bin /usr/sbin | grep -q -w semanage && find /usr/bin /usr/sbin | grep -q -w getenforce && grep -E "31300|31302" </etc/v2ray-agent/nginx_error.log | grep -q "Permission denied"; then
echoContent red "---> Check if SELinux port is open"
if ! $(find /usr/bin /usr/sbin | grep -w semanage) port -l | grep http_port | grep -q 31300; then
$(find /usr/bin /usr/sbin | grep -w semanage) port -a -t http_port_t -p tcp 31300
echoContent green " ---> http_port_t 31300 port opened successfully"
fi
if ! $(find /usr/bin /usr/sbin | grep -w semanage) port -l | grep http_port | grep -q 31302; then
$(find /usr/bin /usr/sbin | grep -w semanage) port -a -t http_port_t -p tcp 31302
echoContent green " ---> http_port_t 31302 port opened successfully"
fi
handleNginx start
else
exit 0
fi
}
# Operate Nginx
handleNginx() {
if [[ -z $(pgrep -f "nginx") ]] && [[ "$1" == "start" ]]; then
systemctl start nginx 2>/etc/v2ray-agent/nginx_error.log
sleep 0.5
if [[ -z $(pgrep -f nginx) ]]; then
echoContent red "---> Nginx failed to start"
echoContent red " ---> Please try to install nginx manually and execute the script again"
if grep -q "journalctl -xe" </etc/v2ray-agent/nginx_error.log; then
updateSELinuxHTTPPortT
fi
# exit 0
else
echoContent green " ---> Nginx started successfully"
fi
elif [[ -n $(pgrep -f "nginx") ]] && [[ "$1" == "stop" ]]; then
systemctl stop nginx
sleep 0.5
if [[ -n $(pgrep -f "nginx") ]]; then
pgrep -f "nginx" | xargs kill -9
fi
echoContent green "---> Nginx closed successfully"
fi
}
# Scheduled task to update tls certificate
installCronTLS() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Add scheduled maintenance certificate"
crontab -l >/etc/v2ray-agent/backup_crontab.cron
local historyCrontab
historyCrontab=$(sed '/v2ray-agent/d;/acme.sh/d' /etc/v2ray-agent/backup_crontab.cron)
echo "${historyCrontab}" >/etc/v2ray-agent/backup_crontab.cron
echo "30 1 * * * /bin/bash /etc/v2ray-agent/install.sh RenewTLS >> /etc/v2ray-agent/crontab_tls.log 2>&1" >>/etc/v2ray-agent/backup_crontab.cron
crontab /etc/v2ray-agent/backup_crontab.cron
echoContent green "\n ---> Adding the timing maintenance certificate successfully"
}
# update certificate
renewalTLS() {
if [[ -n $1 ]]; then
echoContent skyBlue "\nProgress $1/1 : Renew certificate"
fi
readAcmeTLS
local domain=${currentHost}
if [[ -z "${currentHost}" && -n "${tlsDomain}" ]]; then
domain=${tlsDomain}
fi
if [[ -f "/etc/v2ray-agent/tls/ssl_type" ]]; then
if grep -q "buypass" <"/etc/v2ray-agent/tls/ssl_type"; then
sslRenewalDays=180
fi
fi
if [[ -d "$HOME/.acme.sh/${domain}_ecc" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.key" && -f "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" ]] || [[ "${installDNSACMEStatus}" == "true" ]]; then
modifyTime=
if [[ "${installDNSACMEStatus}" == "true" ]]; then
modifyTime=$(stat "$HOME/.acme.sh/*.${dnsTLSDomain}_ecc/*.${dnsTLSDomain}.cer" | sed -n '7,6p' | awk '{print $2" "$3" "$4" "$5}')
else
modifyTime=$(stat "$HOME/.acme.sh/${domain}_ecc/${domain}.cer" | sed -n '7,6p' | awk '{print $2" "$3" "$4" "$5}')
fi
modifyTime=$(date +%s -d "${modifyTime}")
currentTime=$(date +%s)
((stampDiff = currentTime - modifyTime))
((days = stampDiff / 86400))
((remainingDays = sslRenewalDays - days))
tlsStatus=${remainingDays}
if [[ ${remainingDays} -le 0 ]]; then
tlsStatus="Expired"
fi
echoContent skyBlue " ---> Certificate check date: $(date "+%F %H:%M:%S")"
echoContent skyBlue " ---> Certificate generation date: $(date -d @"${modifyTime}" +"%F %H:%M:%S")"
echoContent skyBlue " ---> Certificate generation days: ${days}"
echoContent skyBlue " ---> Certificate remaining days:"${tlsStatus}
echoContent skyBlue " ---> The certificate will be automatically updated on the last day before the certificate expires.If the update fails, please update it manually"
if [[ ${remainingDays} -le 1 ]]; then
echoContent yellow " ---> regenerate certificate"
handleNginx stop
sudo "$HOME/.acme.sh/acme.sh" --cron --home "$HOME/.acme.sh"
sudo "$HOME/.acme.sh/acme.sh" --installcert -d "${domain}" --fullchainpath /etc/v2ray-agent/tls/"${domain}.crt" --keypath /etc/v2ray-agent/tls/"${domain}.key" --ecc
reloadCore
handleNginx start
else
echoContent green " ---> Certificate valid"
fi
else
echoContent red "---> not installed"
fi
}
# View the status of the TLS certificate
checkTLStatus() {
if [[ -d "$HOME/.acme.sh/${currentHost}_ecc" ]] && [[ -f "$HOME/.acme.sh/${currentHost}_ecc/${currentHost}.key" ]] && [[ -f "$HOME/.acme.sh/${currentHost}_ecc/${currentHost}.cer" ]]; then
modifyTime=$(stat "$HOME/.acme.sh/${currentHost}_ecc/${currentHost}.cer" | sed -n '7,6p' | awk '{print $2" "$3" "$4" "$5}')
modifyTime=$(date +%s -d "${modifyTime}")
currentTime=$(date +%s)
((stampDiff = currentTime - modifyTime))
((days = stampDiff / 86400))
((remainingDays = sslRenewalDays - days))
tlsStatus=${remainingDays}
if [[ ${remainingDays} -le 0 ]]; then
tlsStatus="Expired"
fi
echoContent skyBlue " ---> Certificate generation date: $(date -d "@${modifyTime}" +"%F %H:%M:%S")"
echoContent skyBlue " ---> Certificate generation days: ${days}"
echoContent skyBlue " ---> Certificate remaining days: ${tlsStatus}"
fi
}
# Install V2Ray, specify the version
installV2Ray() {
readInstallType
echoContent skyBlue "\nProgress $1/${totalProgress} : Install V2Ray"
if [[ "${coreInstallType}" != "2" && "${coreInstallType}" != "3" ]]; then
if [[ "${selectCoreType}" == "2" ]]; then
version=$(curl -s https://api.github.com/repos/v2fly/v2ray-core/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | grep -v 'v5' | head -1)
else
version=${v2rayCoreVersion}
fi
echoContent green " ---> v2ray-core version: ${version}"
if wget --help | grep -q show-progress; then
wget -c -q --show-progress -P /etc/v2ray-agent/v2ray/ "https://github.com/v2fly/v2ray-core/releases/download/${version}/${v2rayCoreCPUVendor}.zip"
else
wget -c -P /etc/v2ray-agent/v2ray/ "https://github.com/v2fly/v2ray-core/releases/download/${version}/${v2rayCoreCPUVendor}.zip" >/dev/null 2>&1
fi
unzip -o "/etc/v2ray-agent/v2ray/${v2rayCoreCPUVendor}.zip" -d /etc/v2ray-agent/v2ray >/dev/null
rm -rf "/etc/v2ray-agent/v2ray/${v2rayCoreCPUVendor}.zip"
else
if [[ "${selectCoreType}" == "3" ]]; then
echoContent green " ---> lock v2ray-core version to v4.32.1"
rm -f /etc/v2ray-agent/v2ray/v2ray
rm -f /etc/v2ray-agent/v2ray/v2ctl
installV2Ray "$1"
else
echoContent green " ---> v2ray-core version:$(/etc/v2ray-agent/v2ray/v2ray --version | awk '{print $2}' | head -1)"
read -r -p "Update, upgrade? [y/n]:" reInstallV2RayStatus
if [[ "${reInstallV2RayStatus}" == "y" ]]; then
rm -f /etc/v2ray-agent/v2ray/v2ray
rm -f /etc/v2ray-agent/v2ray/v2ctl
installV2Ray "$1"
fi
fi
fi
}
# install hysteria
installHysteria() {
readInstallType
echoContent skyBlue "\nProgress $1/${totalProgress} : Install Hysteria"
if [[ -z "${hysteriaConfigPath}" ]]; then
version=$(curl -s https://api.github.com/repos/apernet/hysteria/hysteria/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | head -1)
echoContent green " ---> Hysteria version: ${version}"
if wget --help | grep -q show-progress; then
wget -c -q --show-progress -P /etc/v2ray-agent/hysteria/ "https://github.com/apernet/hysteria/hysteria/releases/download/${version}/${hysteriaCoreCPUVendor}"
else
wget -c -P /etc/v2ray-agent/hysteria/ "https://github.com/apernet/hysteria/hysteria/releases/download/${version}/${hysteriaCoreCPUVendor}" >/dev/null 2>&1
fi
mv "/etc/v2ray-agent/hysteria/${hysteriaCoreCPUVendor}" /etc/v2ray-agent/hysteria/hysteria
chmod 655 /etc/v2ray-agent/hysteria/hysteria
else
echoContent green " ---> Hysteria version:$(/etc/v2ray-agent/hysteria/hysteria --version | awk '{print $3}')"
read -r -p "Update, upgrade? [y/n]:" reInstallHysteriaStatus
if [[ "${reInstallHysteriaStatus}" == "y" ]]; then
rm -f /etc/v2ray-agent/hysteria/hysteria
installHysteria "$1"
fi
fi
}
# install xray
installXray() {
readInstallType
echoContent skyBlue "\nProgress $1/${totalProgress} : Install Xray"
if [[ "${coreInstallType}" != "1" ]]; then
version=$(curl -s https://api.github.com/repos/XTLS/Xray-core/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | head -1)
echoContent green " ---> Xray-core version: ${version}"
if wget --help | grep -q show-progress; then
wget -c -q --show-progress -P /etc/v2ray-agent/xray/ "https://github.com/XTLS/Xray-core/releases/download/${version}/${xrayCoreCPUVendor}.zip"
else
wget -c -P /etc/v2ray-agent/xray/ "https://github.com/XTLS/Xray-core/releases/download/${version}/${xrayCoreCPUVendor}.zip" >/dev/null 2>&1
fi
unzip -o "/etc/v2ray-agent/xray/${xrayCoreCPUVendor}.zip" -d /etc/v2ray-agent/xray >/dev/null
rm -rf "/etc/v2ray-agent/xray/${xrayCoreCPUVendor}.zip"
chmod 655 /etc/v2ray-agent/xray/xray
else
echoContent green " ---> Xray-core version:$(/etc/v2ray-agent/xray/xray --version | awk '{print $2}' | head -1)"
read -r -p "Update, upgrade? [y/n]:" reInstallXrayStatus
if [[ "${reInstallXrayStatus}" == "y" ]]; then
rm -f /etc/v2ray-agent/xray/xray
installXray "$1"
fi
fi
}
# v2ray version management
v2rayVersionManageMenu() {
echoContent skyBlue "\nProgress $1/${totalProgress} : V2Ray version management"
if [[ ! -d "/etc/v2ray-agent/v2ray/" ]]; then
echoContent red " ---> No installation directory detected, please execute the script to install the content"
menu
exit 0
fi
echoContent red "\n=============================================================="
echoContent yellow "1.Upgrade v2ray-core"
echoContent yellow "2.Fallback v2ray-core"
echoContent yellow "3.Close v2ray-core"
echoContent yellow "4.Open v2ray-core"
echoContent yellow "5.Restart v2ray-core"
echoContent red "=============================================================="
read -r -p "Please select:" selectV2RayType
if [[ "${selectV2RayType}" == "1" ]]; then
updateV2Ray
elif [[ "${selectV2RayType}" == "2" ]]; then
echoContent yellow "\n1.Only the last five versions can be rolled back"
echoContent yellow "2.It is not guaranteed that it can be used normally after the rollback"
echoContent yellow "3.If the rolled back version does not support the current config, it will not be able to connect, operate with caution"
echoContent skyBlue "------------------------Version-------------------------------"
curl -s https://api.github.com/repos/v2fly/v2ray-core/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | grep -v 'v5' | head -5 | awk '{print ""NR""":"$0}'
echoContent skyBlue "--------------------------------------------------------------"
read -r -p "Please enter the version to be rolled back:" selectV2rayVersionType
version=$(curl -s https://api.github.com/repos/v2fly/v2ray-core/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | grep -v 'v5' | head -5 | awk '{print ""NR""":"$0}' | grep "${selectV2rayVersionType}:" | awk -F "[:]" '{print $2}')
if [[ -n "${version}" ]]; then
updateV2Ray "${version}"
else
echoContent red "\n ---> Input error, please re-enter"
v2rayVersionManageMenu 1
fi
elif [[ "${selectV2RayType}" == "3" ]]; then
handleV2Ray stop
elif [[ "${selectV2RayType}" == "4" ]]; then
handleV2Ray start
elif [[ "${selectV2RayType}" == "5" ]]; then
reloadCore
fi
}
# xray version management
xrayVersionManageMenu() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Xray Version Management"
if [[ ! -d "/etc/v2ray-agent/xray/" ]]; then
echoContent red " ---> No installation directory detected, please execute the script to install the content"
menu
exit 0
fi
echoContent red "\n=============================================================="
echoContent yellow "1.Upgrade Xray-core"
echoContent yellow "2.Upgrade Xray-core preview version"
echoContent yellow "3.Fallback Xray-core"
echoContent yellow "4.Close Xray-core"
echoContent yellow "5.Open Xray-core"
echoContent yellow "6.Restart Xray-core"
echoContent red "=============================================================="
read -r -p "Please select:" selectXrayType
if [[ "${selectXrayType}" == "1" ]]; then
updateXray
elif [[ "${selectXrayType}" == "2" ]]; then
prereleaseStatus=true
updateXray
elif [[ "${selectXrayType}" == "3" ]]; then
echoContent yellow "\n1.Only the last five versions can be rolled back"
echoContent yellow "2.It is not guaranteed that it can be used normally after the rollback"
echoContent yellow "3.If the rolled back version does not support the current config, it will not be able to connect, operate with caution"
echoContent skyBlue "------------------------Version-------------------------------"
curl -s https://api.github.com/repos/XTLS/Xray-core/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | head -5 | awk '{print ""NR""":"$0}'
echoContent skyBlue "--------------------------------------------------------------"
read -r -p "Please enter the version to be rolled back:" selectXrayVersionType
version=$(curl -s https://api.github.com/repos/XTLS/Xray-core/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | head -5 | awk '{print ""NR""":"$0}' | grep "${selectXrayVersionType}:" | awk -F "[:]" '{print $2}')
if [[ -n "${version}" ]]; then
updateXray "${version}"
else
echoContent red "\n ---> Input error, please re-enter"
xrayVersionManageMenu 1
fi
elif [[ "${selectXrayType}" == "4" ]]; then
handleXray stop
elif [[ "${selectXrayType}" == "5" ]]; then
handleXray start
elif [[ "${selectXrayType}" == "6" ]]; then
reloadCore
fi
}
# Update V2Ray
updateV2Ray() {
readInstallType
if [[ -z "${coreInstallType}" ]]; then
if [[ -n "$1" ]]; then
version=$1
else
version=$(curl -s https://api.github.com/repos/v2fly/v2ray-core/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | grep -v 'v5' | head -1)
fi
# use locked version
if [[ -n "${v2rayCoreVersion}" ]]; then
version=${v2rayCoreVersion}
fi
echoContent green " ---> v2ray-core version: ${version}"
if wget --help | grep -q show-progress; then
wget -c -q --show-progress -P /etc/v2ray-agent/v2ray/ "https://github.com/v2fly/v2ray-core/releases/download/${version}/${v2rayCoreCPUVendor}.zip"
else
wget -c -P "/etc/v2ray-agent/v2ray/ https://github.com/v2fly/v2ray-core/releases/download/${version}/${v2rayCoreCPUVendor}.zip" >/dev/null 2>&1
fi
unzip -o "/etc/v2ray-agent/v2ray/${v2rayCoreCPUVendor}.zip" -d /etc/v2ray-agent/v2ray >/dev/null
rm -rf "/etc/v2ray-agent/v2ray/${v2rayCoreCPUVendor}.zip"
handleV2Ray stop
handleV2Ray start
else
echoContent green " ---> Current v2ray-core version: $(/etc/v2ray-agent/v2ray/v2ray --version | awk '{print $2}' | head -1)"
if [[ -n "$1" ]]; then
version=$1
else
version=$(curl -s https://api.github.com/repos/v2fly/v2ray-core/releases | jq -r '.[]|select (.prerelease==false)|.tag_name' | grep -v 'v5' | head -1)
fi
if [[ -n "${v2rayCoreVersion}" ]]; then
version=${v2rayCoreVersion}
fi
if [[ -n "$1" ]]; then
read -r -p "The rollback version is ${version}, do you want to continue? [y/n]:" rollbackV2RayStatus
if [[ "${rollbackV2RayStatus}" == "y" ]]; then
if [[ "${coreInstallType}" == "2" || "${coreInstallType}" == "3" ]]; then
echoContent green " ---> Current v2ray-core version: $(/etc/v2ray-agent/v2ray/v2ray --version | awk '{print $2}' | head -1)"
elif [[ "${coreInstallType}" == "1" ]]; then
echoContent green " ---> Current Xray-core version: $(/etc/v2ray-agent/xray/xray --version | awk '{print $2}' | head -1)"
fi
handleV2Ray stop
rm -f /etc/v2ray-agent/v2ray/v2ray
rm -f /etc/v2ray-agent/v2ray/v2ctl
updateV2Ray "${version}"
else
echoContent green " ---> Abort the fallback version"
fi
elif [[ "${version}" == "v$(/etc/v2ray-agent/v2ray/v2ray --version | awk '{print $2}' | head -1)" ]]; then
read -r -p "The current version is the same as the latest version, do you want to reinstall? [y/n]:" reInstallV2RayStatus
if [[ "${reInstallV2RayStatus}" == "y" ]]; then
handleV2Ray stop
rm -f /etc/v2ray-agent/v2ray/v2ray
rm -f /etc/v2ray-agent/v2ray/v2ctl
updateV2Ray
else
echoContent green " ---> Abort reinstallation"
fi
else
read -r -p "The latest version is: ${version}, update? [y/n]:" installV2RayStatus
if [[ "${installV2RayStatus}" == "y" ]]; then
rm -f /etc/v2ray-agent/v2ray/v2ray
rm -f /etc/v2ray-agent/v2ray/v2ctl
updateV2Ray
else
echoContent green " ---> Abort update"
fi
fi
fi
}
# Update Xray
updateXray() {
readInstallType
if [[ -z "${coreInstallType}" ]]; then
if [[ -n "$1" ]]; then
version=$1
else
version=$(curl -s https://api.github.com/repos/XTLS/Xray-core/releases | jq -r ".[]|select (.prerelease==${prereleaseStatus})|.tag_name" | head -1)
fi
echoContent green " ---> Xray-core version: ${version}"
if wget --help | grep -q show-progress; then
wget -c -q --show-progress -P /etc/v2ray-agent/xray/ "https://github.com/XTLS/Xray-core/releases/download/${version}/${xrayCoreCPUVendor}.zip"
else
wget -c -P /etc/v2ray-agent/xray/ "https://github.com/XTLS/Xray-core/releases/download/${version}/${xrayCoreCPUVendor}.zip" >/dev/null 2>&1
fi
unzip -o "/etc/v2ray-agent/xray/${xrayCoreCPUVendor}.zip" -d /etc/v2ray-agent/xray >/dev/null
rm -rf "/etc/v2ray-agent/xray/${xrayCoreCPUVendor}.zip"
chmod 655 /etc/v2ray-agent/xray/xray
handleXray stop
handleXray start
else
echoContent green " ---> Current Xray-core version: $(/etc/v2ray-agent/xray/xray --version | awk '{print $2}' | head -1)"
if [[ -n "$1" ]]; then
version=$1
else
version=$(curl -s https://api.github.com/repos/XTLS/Xray-core/releases | jq -r ".[]|select (.prerelease==${prereleaseStatus})|.tag_name" | head -1)
fi
if [[ -n "$1" ]]; then
read -r -p "The rollback version is ${version}, do you want to continue? [y/n]:" rollbackXrayStatus
if [[ "${rollbackXrayStatus}" == "y" ]]; then
echoContent green " ---> Current Xray-core version: $(/etc/v2ray-agent/xray/xray --version | awk '{print $2}' | head -1)"
handleXray stop
rm -f /etc/v2ray-agent/xray/xray
updateXray "${version}"
else
echoContent green " ---> Abort the fallback version"
fi
elif [[ "${version}" == "v$(/etc/v2ray-agent/xray/xray --version | awk '{print $2}' | head -1)" ]]; then
read -r -p "The current version is the same as the latest version, do you want to reinstall? [y/n]:" reInstallXrayStatus
if [[ "${reInstallXrayStatus}" == "y" ]]; then
handleXray stop
rm -f /etc/v2ray-agent/xray/xray
rm -f /etc/v2ray-agent/xray/xray
updateXray
else
echoContent green " ---> Abort reinstallation"
fi
else
read -r -p "The latest version is: ${version}, update? [y/n]:" installXrayStatus
if [[ "${installXrayStatus}" == "y" ]]; then
rm -f /etc/v2ray-agent/xray/xray
updateXray
else
echoContent green " ---> Abort update"
fi
fi
fi
}
# Verify that the entire service is available
checkGFWStatue() {
readInstallType
echoContent skyBlue "\nProgress $1/${totalProgress} : Verify service startup status"
if [[ "${coreInstallType}" == "1" ]] && [[ -n $(pgrep -f xray/xray) ]]; then
echoContent green " ---> Service started successfully"
elif [[ "${coreInstallType}" == "2" || "${coreInstallType}" == "3" ]] && [[ -n $(pgrep -f v2ray/v2ray) ]]; then
echoContent green " ---> Service started successfully"
else
echoContent red " ---> The service failed to start, please check whether the terminal has log printing"
exit 0
fi
}
# V2Ray starts automatically
installV2RayService() {
echoContent skyBlue "\nProgress $1/${totalProgress} : configure V2Ray to start automatically"
if [[ -n $(find /bin /usr/bin -name "systemctl") ]]; then
rm -rf /etc/systemd/system/v2ray.service
touch /etc/systemd/system/v2ray.service
execStart='/etc/v2ray-agent/v2ray/v2ray -confdir /etc/v2ray-agent/v2ray/conf'
cat <<EOF >/etc/systemd/system/v2ray.service
[Unit]
Description=V2Ray - A unified platform for anti-censorship
Documentation=https://v2ray.com https://guide.v2fly.org
After=network.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
User=root
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=yes
ExecStart=${execStart}
Restart=on-failure
RestartPreventExitStatus=23
LimitNPROC=10000
LimitNOFILE=1000000
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable v2ray.service
echoContent green " ---> Configure V2Ray to start automatically after booting successfully"
fi
}
# Install hysteria to start automatically
installHysteriaService() {
echoContent skyBlue "\nProgress $1/${totalProgress} : configure Hysteria to start automatically"
if [[ -n $(find /bin /usr/bin -name "systemctl") ]]; then
rm -rf /etc/systemd/system/hysteria.service
touch /etc/systemd/system/hysteria.service
execStart='/etc/v2ray-agent/hysteria/hysteria --log-level info -c /etc/v2ray-agent/hysteria/conf/config.json server'
cat <<EOF >/etc/systemd/system/hysteria.service
[Unit]
Description=Hysteria Service
Documentation=https://github.com/apernet/hysteria/hysteria/wiki
After=network.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
User=root
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=yes
ExecStart=${execStart}
Restart=on-failure
RestartPreventExitStatus=23
LimitNPROC=10000
LimitNOFILE=1000000
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable hysteria.service
echoContent green " ---> Configure Hysteria to boot successfully"
fi
}
# Xray starts automatically at boot
installXrayService() {
echoContent skyBlue "\nProgress $1/${totalProgress} : configure Xray to start automatically"
if [[ -n $(find /bin /usr/bin -name "systemctl") ]]; then
rm -rf /etc/systemd/system/xray.service
touch /etc/systemd/system/xray.service
execStart='/etc/v2ray-agent/xray/xray run -confdir /etc/v2ray-agent/xray/conf'
cat <<EOF >/etc/systemd/system/xray.service
[Unit]
Description=Xray Service
Documentation=https://github.com/XTLS/Xray-core
After=network.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
User=root
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=yes
ExecStart=${execStart}
Restart=on-failure
RestartPreventExitStatus=23
LimitNPROC=10000
LimitNOFILE=1000000
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable xray.service
echoContent green " ---> Configure Xray to boot successfully"
fi
}
# Operate V2Ray
handleV2Ray() {
# shellcheck disable=SC2010
if find /bin /usr/bin | grep -q systemctl && ls /etc/systemd/system/ | grep -q v2ray.service; then
if [[ -z $(pgrep -f "v2ray/v2ray") ]] && [[ "$1" == "start" ]]; then
systemctl start v2ray.service
elif [[ -n $(pgrep -f "v2ray/v2ray") ]] && [[ "$1" == "stop" ]]; then
systemctl stop v2ray.service
fi
fi
sleep 0.8
if [[ "$1" == "start" ]]; then
if [[ -n $(pgrep -f "v2ray/v2ray") ]]; then
echoContent green " ---> V2Ray started successfully"
else
echoContent red "V2Ray failed to start"
echoContent red "Please manually execute [/etc/v2ray-agent/v2ray/v2ray -confdir /etc/v2ray-agent/v2ray/conf] to view the error log"
exit 0
fi
elif [[ "$1" == "stop" ]]; then
if [[ -z $(pgrep -f "v2ray/v2ray") ]]; then
echoContent green "---> V2Ray closed successfully"
else
echoContent red "Failed to close V2Ray"
echoContent red "Please manually execute [ps -ef|grep -v grep|grep v2ray|awk '{print \$2}'|xargs kill -9]"
exit 0
fi
fi
}
# Operate Hysteria
handleHysteria() {
# shellcheck disable=SC2010
if find /bin /usr/bin | grep -q systemctl && ls /etc/systemd/system/ | grep -q hysteria.service; then
if [[ -z $(pgrep -f "hysteria/hysteria") ]] && [[ "$1" == "start" ]]; then
systemctl start hysteria.service
elif [[ -n $(pgrep -f "hysteria/hysteria") ]] && [[ "$1" == "stop" ]]; then
systemctl stop hysteria.service
fi
fi
sleep 0.8
if [[ "$1" == "start" ]]; then
if [[ -n $(pgrep -f "hysteria/hysteria") ]]; then
echoContent green " ---> Hysteria started successfully"
else
echoContent red "Hysteria failed to start"
echoContent red "Please manually execute [/etc/v2ray-agent/hysteria/hysteria --log-level debug -c /etc/v2ray-agent/hysteria/conf/config.json server] to view the error log"
exit 0
fi
elif [[ "$1" == "stop" ]]; then
if [[ -z $(pgrep -f "hysteria/hysteria") ]]; then
echoContent green " ---> Hysteria closed successfully"
else
echoContent red "Hysteria shutdown failed"
echoContent red "Please manually execute [ps -ef|grep -v grep|grep hysteria|awk '{print \$2}'|xargs kill -9]"
exit 0
fi
fi
}
# Manipulate xray
handleXray() {
if [[ -n $(find /bin /usr/bin -name "systemctl") ]] && [[ -n $(find /etc/systemd/system/ -name "xray.service") ]]; then
if [[ -z $(pgrep -f "xray/xray") ]] && [[ "$1" == "start" ]]; then
systemctl start xray.service
elif [[ -n $(pgrep -f "xray/xray") ]] && [[ "$1" == "stop" ]]; then
systemctl stop xray.service
fi
fi
sleep 0.8
if [[ "$1" == "start" ]]; then
if [[ -n $(pgrep -f "xray/xray") ]]; then
echoContent green "---> Xray started successfully"
else
echoContent red "Xray failed to start"
echoContent red "Please manually execute [/etc/v2ray-agent/xray/xray -confdir /etc/v2ray-agent/xray/conf] to view the error log"
exit 0
fi
elif [[ "$1" == "stop" ]]; then
if [[ -z $(pgrep -f "xray/xray") ]]; then
echoContent green "---> Xray closed successfully"
else
echoContent red "xray close failed"
echoContent red "Please manually execute [ps -ef|grep -v grep|grep xray|awk '{print \$2}'|xargs kill -9]"
exit 0
fi
fi
}
# Get clients configuration
getClients() {
local path=$1
local addClientsStatus=$2
previousClients=
if [[ ${addClientsStatus} == "true" ]]; then
if [[ ! -f "${path}" ]]; then
echo
local protocol
protocol=$(echo "${path}" | awk -F "[_]" '{print $2 $3}')
echoContent yellow "The last installed configuration file of this protocol [${protocol}] was not read, the first uuid of the configuration file is used"
else
previousClients=$(jq -r ".inbounds[0].settings.clients" "${path}")
fi
fi
}
# Add client configuration
addClients() {
local path=$1
local addClientsStatus=$2
if [[ ${addClientsStatus} == "true" && -n "${previousClients}" ]]; then
config=$(jq -r ".inbounds[0].settings.clients = ${previousClients}" "${path}")
echo "${config}" | jq .>"${path}"
fi
}
# Add hysteria configuration
addClientsHysteria() {
local path=$1
local addClientsStatus=$2
if [[ ${addClientsStatus} == "true" && -n "${previousClients}" ]]; then
local uuids=
uuids=$(echo "${previousClients}" | jq -r [.[].id])
if [[ "${frontingType}" == "02_trojan_TCP_inbounds" ]]; then
uuids=$(echo "${previousClients}" | jq -r [.[].password])
fi
config=$(jq -r ".auth.config = ${uuids}" "${path}")
echo "${config}" | jq .>"${path}"
fi
}
# Initialize the hysteria port
initHysteriaPort() {
readHysteriaConfig
if [[ -n "${hysteriaPort}" ]]; then
read -r -p "Read the port of the last installation, do you use the port of the last installation? [y/n]:" historyHysteriaPortStatus
if [[ "${historyHysteriaPortStatus}" == "y" ]]; then
echoContent yellow "\n ---> Port: ${hysteriaPort}"
else
hysteriaPort=
fi
fi
if [[ -z "${hysteriaPort}" ]]; then
echoContent yellow "Please enter the Hysteria port [Example: 10000], which cannot be repeated with other services"
read -r -p "Port:" hysteriaPort
fi
if [[ -z ${hysteriaPort} ]]; then
echoContent red " ---> Port cannot be empty"
initHysteriaPort "$2"
elif ((hysteriaPort < 1 || hysteriaPort > 65535)); then
echoContent red " ---> The port is invalid"
initHysteriaPort "$2"
fi
allowPort "${hysteriaPort}"
}
# Initialize the protocol of hysteria
initHysteriaProtocol() {
echoContent skyBlue "\nPlease select a protocol type"
echoContent red "=============================================================="
echoContent yellow "1.udp(QUIC) (default)"
echoContent yellow "2.faketcp"
echoContent yellow "3.wechat-video"
echoContent red "=============================================================="
read -r -p "Please select:" selectHysteriaProtocol
case ${selectHysteriaProtocol} in
1)
hysteriaProtocol="udp"
;;
2)
hysteriaProtocol="faketcp"
;;
3)
hysteriaProtocol="wechat-video"
;;
*)
hysteriaProtocol="udp"
;;
esac
echoContent yellow "\n ---> Protocol: ${hysteriaProtocol}\n"
}
# Initialize hysteria network information
initHysteriaNetwork() {
echoContent yellow "Please enter the average delay from local to server, please fill in according to the actual situation (default: 180, unit: ms)"
read -r -p "delay:" hysteriaLag
if [[ -z "${hysteriaLag}" ]]; then
hysteriaLag=180
echoContent yellow "\n ---> Delay: ${hysteriaLag}\n"
fi
echoContent yellow "Please enter the local bandwidth peak downlink speed (default: 100, unit: Mbps)"
read -r -p "Download speed:" hysteriaClientDownloadSpeed
if [[ -z "${hysteriaClientDownloadSpeed}" ]]; then
hysteriaClientDownloadSpeed=100
echoContent yellow "\n ---> Downlink speed: ${hysteriaClientDownloadSpeed}\n"
fi
echoContent yellow "Please enter the local bandwidth peak uplink speed (default: 50, unit: Mbps)"
read -r -p "Upload speed:" hysteriaClientUploadSpeed
if [[ -z "${hysteriaClientUploadSpeed}" ]]; then
hysteriaClientUploadSpeed=50
echoContent yellow "\n ---> Uplink speed: ${hysteriaClientUploadSpeed}\n"
fi
cat <<EOF >/etc/v2ray-agent/hysteria/conf/client_network.json
{
"hysteriaLag":"${hysteriaLag}",
"hysteriaClientUploadSpeed":"${hysteriaClientUploadSpeed}",
"hysteriaClientDownloadSpeed":"${hysteriaClientDownloadSpeed}"
}
EOF
}
# Initialize Hysteria configuration
initHysteriaConfig() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Initialize Hysteria configuration"
initHysteriaPort
initHysteriaProtocol
initHysteriaNetwork
getClients "${configPath}${frontingType}.json" true
cat <<EOF >/etc/v2ray-agent/hysteria/conf/config.json
{
"listen": ":${hysteriaPort}",
"protocol": "${hysteriaProtocol}",
"disable_udp": false,
"cert": "/etc/v2ray-agent/tls/${currentHost}.crt",
"key": "/etc/v2ray-agent/tls/${currentHost}.key",
"auth": {
"mode": "passwords",
"config": []
},
"alpn": "h3",
"recv_window_conn": 15728640,
"recv_window_client": 67108864,
"max_conn_client": 4096,
"disable_mtu_discovery": true,
"resolve_preference": "46",
"resolver": "https://8.8.8.8:443/dns-query"
}
EOF
addClientsHysteria "/etc/v2ray-agent/hysteria/conf/config.json" true
}
# Initialize V2Ray configuration file
initV2RayConfig() {
echoContent skyBlue "\nProgress $2/${totalProgress} : Initialize V2Ray configuration"
echo
read -r -p "Custom UUID? [y/n]:" customUUIDStatus
echo
if [[ "${customUUIDStatus}" == "y" ]]; then
read -r -p "Please enter a valid UUID:" currentCustomUUID
if [[ -n "${currentCustomUUID}" ]]; then
uuid=${currentCustomUUID}
fi
fi
local addClientsStatus=
if [[ -n "${currentUUID}" && -z "${uuid}" ]]; then
read -r -p "Read the last installation record, do you use the UUID of the last installation? [y/n]:" historyUUIDStatus
if [[ "${historyUUIDStatus}" == "y" ]]; then
uuid=${currentUUID}
addClientsStatus=true
else
uuid=$(/etc/v2ray-agent/v2ray/v2ctl uuid)
fi
elif [[ -z "${uuid}" ]]; then
uuid=$(/etc/v2ray-agent/v2ray/v2ctl uuid)
fi
if [[ -z "${uuid}" ]]; then
addClientsStatus=
echoContent red "\n ---> uuid read error, regenerate"
uuid=$(/etc/v2ray-agent/v2ray/v2ctl uuid)
fi
movePreviousConfig
# log
cat <<EOF >/etc/v2ray-agent/v2ray/conf/00_log.json
{
"log": {
"error": "/etc/v2ray-agent/v2ray/error.log",
"loglevel": "warning"
}
}
EOF
# outbounds
if [[ -n "${pingIPv6}" ]]; then
cat <<EOF >/etc/v2ray-agent/v2ray/conf/10_ipv6_outbounds.json
{
"outbounds": [
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
}
]
}
EOF
else
cat <<EOF >/etc/v2ray-agent/v2ray/conf/10_ipv4_outbounds.json
{
"outbounds":[
{
"protocol":"freedom",
"settings":{
"domainStrategy":"UseIPv4"
},
"tag":"IPv4-out"
},
{
"protocol":"freedom",
"settings":{
"domainStrategy":"UseIPv6"
},
"tag":"IPv6-out"
},
{
"protocol":"blackhole",
"tag":"blackhole-out"
}
]
}
EOF
fi
# dns
cat <<EOF >/etc/v2ray-agent/v2ray/conf/11_dns.json
{
"dns": {
"servers": [
"localhost"
]
}
}
EOF
# VLESS_TCP_TLS
# fall back to nginx
local fallbacksList='{"dest":31300,"xver":0},{"alpn":"h2","dest":31302,"xver":0}'
# trojan
if echo "${selectCustomInstallType}" | grep -q 4 || [[ "$1" == "all" ]]; then
fallbacksList='{"dest":31296,"xver":1},{"alpn":"h2","dest":31302,"xver":0}'
getClients "${configPath}../tmp/04_trojan_TCP_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/v2ray/conf/04_trojan_TCP_inbounds.json
{
"inbounds":[
{
"port": 31296,
"listen": "127.0.0.1",
"protocol": "trojan",
"tag":"trojanTCP",
"settings": {
"clients": [
{
"password": "${uuid}",
"email": "${domain}_${uuid}"
}
],
"fallbacks":[
{"dest":"31300"}
]
},
"streamSettings": {
"network": "tcp",
"security": "none",
"tcpSettings": {
"acceptProxyProtocol": true
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/v2ray/conf/04_trojan_TCP_inbounds.json" "${addClientsStatus}"
fi
# VLESS_WS_TLS
if echo "${selectCustomInstallType}" | grep -q 1 || [[ "$1" == "all" ]]; then
fallbacksList=${fallbacksList}',{"path":"/'${customPath}'ws","dest":31297,"xver":1}'
getClients "${configPath}../tmp/03_VLESS_WS_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/v2ray/conf/03_VLESS_WS_inbounds.json
{
"inbounds":[
{
"port": 31297,
"listen": "127.0.0.1",
"protocol": "vless",
"tag":"VLESSWS",
"settings": {
"clients": [
{
"id": "${uuid}",
"email": "${domain}_${uuid}"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/${customPath}ws"
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/v2ray/conf/03_VLESS_WS_inbounds.json" "${addClientsStatus}"
fi
# trojan_grpc
if echo "${selectCustomInstallType}" | grep -q 2 || [[ "$1" == "all" ]]; then
if ! echo "${selectCustomInstallType}" | grep -q 5 && [[ -n ${selectCustomInstallType} ]]; then
fallbacksList=${fallbacksList//31302/31304}
fi
getClients "${configPath}../tmp/04_trojan_gRPC_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/v2ray/conf/04_trojan_gRPC_inbounds.json
{
"inbounds": [
{
"port": 31304,
"listen": "127.0.0.1",
"protocol": "trojan",
"tag": "trojangRPCTCP",
"settings": {
"clients": [
{
"password": "${uuid}",
"email": "${domain}_${uuid}"
}
],
"fallbacks": [
{
"dest": "31300"
}
]
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "${customPath}trojangrpc"
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/v2ray/conf/04_trojan_gRPC_inbounds.json" "${addClientsStatus}"
fi
# VMess_WS
if echo "${selectCustomInstallType}" | grep -q 3 || [[ "$1" == "all" ]]; then
fallbacksList=${fallbacksList}',{"path":"/'${customPath}'vws","dest":31299,"xver":1}'
getClients "${configPath}../tmp/05_VMess_WS_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/v2ray/conf/05_VMess_WS_inbounds.json
{
"inbounds":[
{
"listen": "127.0.0.1",
"port": 31299,
"protocol": "vmess",
"tag":"VMessWS",
"settings": {
"clients": [
{
"id": "${uuid}",
"alterId": 0,
"add": "${add}",
"email": "${domain}_${uuid}"
}
]
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/${customPath}vws"
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/v2ray/conf/05_VMess_WS_inbounds.json" "${addClientsStatus}"
fi
if echo "${selectCustomInstallType}" | grep -q 5 || [[ "$1" == "all" ]]; then
getClients "${configPath}../tmp/06_VLESS_gRPC_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/v2ray/conf/06_VLESS_gRPC_inbounds.json
{
"inbounds":[
{
"port": 31301,
"listen": "127.0.0.1",
"protocol": "vless",
"tag":"VLESSGRPC",
"settings": {
"clients": [
{
"id": "${uuid}",
"add": "${add}",
"email": "${domain}_${uuid}"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "${customPath}grpc"
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/v2ray/conf/06_VLESS_gRPC_inbounds.json" "${addClientsStatus}"
fi
# VLESS_TCP
getClients "${configPath}../tmp/02_VLESS_TCP_inbounds.json" "${addClientsStatus}"
local defaultPort=443
if [[ -n "${customPort}" ]]; then
defaultPort=${customPort}
fi
cat <<EOF >/etc/v2ray-agent/v2ray/conf/02_VLESS_TCP_inbounds.json
{
"inbounds":[
{
"port": ${defaultPort},
"protocol": "vless",
"tag":"VLESSTCP",
"settings": {
"clients": [
{
"id": "${uuid}",
"add":"${add}",
"email": "${domain}_VLESS_TLS-direct_TCP"
}
],
"decryption": "none",
"fallbacks": [
${fallbacksList}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"minVersion": "1.2",
"alpn": [
"http/1.1",
"h2"
],
"certificates": [
{
"certificateFile": "/etc/v2ray-agent/tls/${domain}.crt",
"keyFile": "/etc/v2ray-agent/tls/${domain}.key",
"ocspStapling": 3600,
"usage":"encipherment"
}
]
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/v2ray/conf/02_VLESS_TCP_inbounds.json" "${addClientsStatus}"
}
# Initialize Xray Trojan XTLS configuration file
initXrayFrontingConfig() {
if [[ -z "${configPath}" ]]; then
echoContent red " ---> Not installed, please use script to install"
menu
exit 0
fi
if [[ "${coreInstallType}" != "1" ]]; then
echoContent red " ---> Available types are not installed"
fi
local xtlsType=
if echo ${currentInstallProtocolType} | grep -q trojan; then
xtlsType=VLESS
else
xtlsType=Trojan
fi
echoContent skyBlue "\nFunction 1/${totalProgress} : switch to ${xtlsType}"
echoContent red "\n=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "replaces the prefix with ${xtlsType}"
echoContent yellow "If the prefix is Trojan, when viewing the account, there will be two nodes of the Trojan protocol, one of which is unavailable xtls"
echoContent yellow "Execute again to switch to the previous preamble\n"
echoContent yellow "1.Switch to ${xtlsType}"
echoContent red "=============================================================="
read -r -p "Please select:" selectType
if [[ "${selectType}" == "1" ]]; then
if [[ "${xtlsType}" == "Trojan" ]]; then
local VLESSConfig
VLESSConfig=$(cat ${configPath}${frontingType}.json)
VLESSConfig=${VLESSConfig//"id"/"password"}
VLESSConfig=${VLESSConfig//VLESSTCP/TrojanTCPXTLS}
VLESSConfig=${VLESSConfig//VLESS/Trojan}
VLESSConfig=${VLESSConfig//"vless"/"trojan"}
VLESSConfig=${VLESSConfig//"id"/"password"}
echo "${VLESSConfig}" | jq .>${configPath}02_trojan_TCP_inbounds.json
rm ${configPath}${frontingType}.json
elif [[ "${xtlsType}" == "VLESS" ]]; then
local VLESSConfig
VLESSConfig=$(cat ${configPath}02_trojan_TCP_inbounds.json)
VLESSConfig=${VLESSConfig//"password"/"id"}
VLESSConfig=${VLESSConfig//TrojanTCPXTLS/VLESSTCP}
VLESSConfig=${VLESSConfig//Trojan/VLESS}
VLESSConfig=${VLESSConfig//"trojan"/"vless"}
VLESSConfig=${VLESSConfig//"password"/"id"}
echo "${VLESSConfig}" | jq .>${configPath}02_VLESS_TCP_inbounds.json
rm ${configPath}02_trojan_TCP_inbounds.json
fi
reloadCore
fi
exit 0
}
# Move the last configuration file to a temporary file
movePreviousConfig() {
if [[ -n "${configPath}" ]] && [[ -f "${configPath}02_VLESS_TCP_inbounds.json" ]]; then
rm -rf ${configPath}../tmp/*
mv ${configPath}* ${configPath}../tmp/
fi
}
# Initialize Xray configuration file
initXrayConfig() {
echoContent skyBlue "\nProgress $2/${totalProgress} : Initialize Xray configuration"
echo
local uuid=
local addClientsStatus=
if [[ -n "${currentUUID}" ]]; then
read -r -p "Read the last installation record, do you use the UUID of the last installation? [y/n]:" historyUUIDStatus
if [[ "${historyUUIDStatus}" == "y" ]]; then
addClientsStatus=true
uuid=${currentUUID}
echoContent green "\n ---> Successfully used"
fi
fi
if [[ -z "${uuid}" ]]; then
echoContent yellow "Please enter a custom UUID [must be legal], [enter] random UUID"
read -r -p 'UUID:' customUUID
if [[ -n ${customUUID} ]]; then
uuid=${customUUID}
else
uuid=$(/etc/v2ray-agent/xray/xray uuid)
fi
fi
if [[ -z "${uuid}" ]]; then
addClientsStatus=
echoContent red "\n ---> uuid read error, regenerate"
uuid=$(/etc/v2ray-agent/xray/xray uuid)
fi
echoContent yellow "\n ${uuid}"
movePreviousConfig
# log
cat <<EOF >/etc/v2ray-agent/xray/conf/00_log.json
{
"log": {
"error": "/etc/v2ray-agent/xray/error.log",
"loglevel": "warning"
}
}
EOF
# outbounds
if [[ -n "${pingIPv6}" ]]; then
cat <<EOF >/etc/v2ray-agent/xray/conf/10_ipv6_outbounds.json
{
"outbounds": [
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
}
]
}
EOF
else
cat <<EOF >/etc/v2ray-agent/xray/conf/10_ipv4_outbounds.json
{
"outbounds":[
{
"protocol":"freedom",
"settings":{
"domainStrategy":"UseIPv4"
},
"tag":"IPv4-out"
},
{
"protocol":"freedom",
"settings":{
"domainStrategy":"UseIPv6"
},
"tag":"IPv6-out"
},
{
"protocol":"blackhole",
"tag":"blackhole-out"
}
]
}
EOF
fi
# dns
cat <<EOF >/etc/v2ray-agent/xray/conf/11_dns.json
{
"dns": {
"servers": [
"localhost"
]
}
}
EOF
# VLESS_TCP_TLS/XTLS
# fall back to nginx
local fallbacksList='{"dest":31300,"xver":0},{"alpn":"h2","dest":31302,"xver":0}'
# trojan
if echo "${selectCustomInstallType}" | grep -q 4 || [[ "$1" == "all" ]]; then
fallbacksList='{"dest":31296,"xver":1},{"alpn":"h2","dest":31302,"xver":0}'
getClients "${configPath}../tmp/04_trojan_TCP_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/xray/conf/04_trojan_TCP_inbounds.json
{
"inbounds":[
{
"port": 31296,
"listen": "127.0.0.1",
"protocol": "trojan",
"tag":"trojanTCP",
"settings": {
"clients": [
{
"password": "${uuid}",
"email": "${domain}_${uuid}"
}
],
"fallbacks":[
{"dest":"31300"}
]
},
"streamSettings": {
"network": "tcp",
"security": "none",
"tcpSettings": {
"acceptProxyProtocol": true
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/xray/conf/04_trojan_TCP_inbounds.json" "${addClientsStatus}"
fi
# VLESS_WS_TLS
if echo "${selectCustomInstallType}" | grep -q 1 || [[ "$1" == "all" ]]; then
fallbacksList=${fallbacksList}',{"path":"/'${customPath}'ws","dest":31297,"xver":1}'
getClients "${configPath}../tmp/03_VLESS_WS_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/xray/conf/03_VLESS_WS_inbounds.json
{
"inbounds":[
{
"port": 31297,
"listen": "127.0.0.1",
"protocol": "vless",
"tag":"VLESSWS",
"settings": {
"clients": [
{
"id": "${uuid}",
"email": "${domain}_${uuid}"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/${customPath}ws"
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/xray/conf/03_VLESS_WS_inbounds.json" "${addClientsStatus}"
fi
# trojan_grpc
if echo "${selectCustomInstallType}" | grep -q 2 || [[ "$1" == "all" ]]; then
if ! echo "${selectCustomInstallType}" | grep -q 5 && [[ -n ${selectCustomInstallType} ]]; then
fallbacksList=${fallbacksList//31302/31304}
fi
getClients "${configPath}../tmp/04_trojan_gRPC_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/xray/conf/04_trojan_gRPC_inbounds.json
{
"inbounds": [
{
"port": 31304,
"listen": "127.0.0.1",
"protocol": "trojan",
"tag": "trojangRPCTCP",
"settings": {
"clients": [
{
"password": "${uuid}",
"email": "${domain}_${uuid}"
}
],
"fallbacks": [
{
"dest": "31300"
}
]
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "${customPath}trojangrpc"
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/xray/conf/04_trojan_gRPC_inbounds.json" "${addClientsStatus}"
fi
# VMess_WS
if echo "${selectCustomInstallType}" | grep -q 3 || [[ "$1" == "all" ]]; then
fallbacksList=${fallbacksList}',{"path":"/'${customPath}'vws","dest":31299,"xver":1}'
getClients "${configPath}../tmp/05_VMess_WS_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/xray/conf/05_VMess_WS_inbounds.json
{
"inbounds":[
{
"listen": "127.0.0.1",
"port": 31299,
"protocol": "vmess",
"tag":"VMessWS",
"settings": {
"clients": [
{
"id": "${uuid}",
"alterId": 0,
"add": "${add}",
"email": "${domain}_${uuid}"
}
]
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/${customPath}vws"
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/xray/conf/05_VMess_WS_inbounds.json" "${addClientsStatus}"
fi
if echo "${selectCustomInstallType}" | grep -q 5 || [[ "$1" == "all" ]]; then
getClients "${configPath}../tmp/06_VLESS_gRPC_inbounds.json" "${addClientsStatus}"
cat <<EOF >/etc/v2ray-agent/xray/conf/06_VLESS_gRPC_inbounds.json
{
"inbounds":[
{
"port": 31301,
"listen": "127.0.0.1",
"protocol": "vless",
"tag":"VLESSGRPC",
"settings": {
"clients": [
{
"id": "${uuid}",
"add": "${add}",
"email": "${domain}_${uuid}"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "grpc",
"grpcSettings": {
"serviceName": "${customPath}grpc"
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/xray/conf/06_VLESS_gRPC_inbounds.json" "${addClientsStatus}"
fi
# VLESS_TCP
getClients "${configPath}../tmp/02_VLESS_TCP_inbounds.json" "${addClientsStatus}"
local defaultPort=443
if [[ -n "${customPort}" ]]; then
defaultPort=${customPort}
fi
cat <<EOF >/etc/v2ray-agent/xray/conf/02_VLESS_TCP_inbounds.json
{
"inbounds":[
{
"port": ${defaultPort},
"protocol": "vless",
"tag":"VLESSTCP",
"settings": {
"clients": [
{
"id": "${uuid}",
"add":"${add}",
"flow":"xtls-rprx-direct",
"email": "${domain}_${uuid}"
}
],
"decryption": "none",
"fallbacks": [
${fallbacksList}
]
},
"streamSettings": {
"network": "tcp",
"security": "xtls",
"xtlsSettings": {
"minVersion": "1.2",
"alpn": [
"http/1.1",
"h2"
],
"certificates": [
{
"certificateFile": "/etc/v2ray-agent/tls/${domain}.crt",
"keyFile": "/etc/v2ray-agent/tls/${domain}.key",
"ocspStapling": 3600,
"usage":"encipherment"
}
]
}
}
}
]
}
EOF
addClients "/etc/v2ray-agent/xray/conf/02_VLESS_TCP_inbounds.json" "${addClientsStatus}"
}
# Initialize Trojan-Go configuration
initTrojanGoConfig() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Initialize Trojan configuration"
cat <<EOF >/etc/v2ray-agent/trojan/config_full.json
{
"run_type": "server",
"local_addr": "127.0.0.1",
"local_port": 31296,
"remote_addr": "127.0.0.1",
"remote_port": 31300,
"disable_http_check":true,
"log_level":3,
"log_file":"/etc/v2ray-agent/trojan/trojan.log",
"password": [
"${uuid}"
],
"dns":[
"localhost"
],
"transport_plugin":{
"enabled":true,
"type":"plaintext"
},
"websocket": {
"enabled": true,
"path": "/${customPath}tws",
"host": "${domain}",
"add":"${add}"
},
"router": {
"enabled": false
}
}
EOF
}
# Custom CDN IP
customCDNIP() {
echoContent skyBlue "\nProgress $1/${totalProgress} : add cloudflare custom CNAME"
echoContent red "\n=============================================================="
echoContent yellow "# Notes"
echoContent yellow "\nTutorial address:"
echoContent skyBlue "https://github.com/mack-a/v2ray-agent/blob/master/documents/optimize_V2Ray.md"
echoContent red "\nIf you don't know about Cloudflare optimization, please don't use"
echoContent yellow "\n 1.Mobile: 104.16.123.96"
echoContent yellow " 2.Unicom: www.cloudflare.com"
echoContent yellow " 3.Telecom: www.digitalocean.com"
echoContent skyBlue "----------------------------"
read -r -p "Please select [Enter not used]:" selectCloudflareType
case ${selectCloudflareType} in
1)
add="104.16.123.96"
;;
2)
add="www.cloudflare.com"
;;
3)
add="www.digitalocean.com"
;;
*)
add="${domain}"
echoContent yellow "\n ---> not used"
;;
esac
}
# generic
defaultBase64Code() {
local type=$1
local email=$2
local id=$3
port=${currentDefaultPort}
local subAccount
subAccount=$(echo "${email}" | awk -F "[_]" '{print $1}')_$(echo "${id}_currentHost" | md5sum | awk '{print $1}')
if [[ "${type}" == "vlesstcp" ]]; then
if [[ "${coreInstallType}" == "1" ]] && echo "${currentInstallProtocolType}" | grep -q 0; then
echoContent yellow " ---> General format (VLESS+TCP+TLS/xtls-rprx-direct)"
echoContent green " vless://${id}@${currentHost}:${currentDefaultPort}?encryption=none&security=xtls&type=tcp&host=${currentHost}&headerType=none&sni=${currentHost}&flow=xtls-rprx-direct#${email}\n"
echoContent yellow " ---> formatted plaintext (VLESS+TCP+TLS/xtls-rprx-direct)"
echoContent green "Protocol type: VLESS, address: ${currentHost}, port: ${currentDefaultPort}, user ID: ${id}, security: xtls, transmission method: tcp, flow: xtls-rprx-direct, account name: ${email}\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
vless://${id}@${currentHost}:${currentDefaultPort}?encryption=none&security=xtls&type=tcp&host=${currentHost}&headerType=none&sni=${currentHost}&flow=xtls-rprx-direct#${email}
EOF
echoContent yellow " ---> QR code VLESS(VLESS+TCP+TLS/xtls-rprx-direct)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless%3A%2F%2F${id}%40${currentHost}%3A${currentDefaultPort}%3Fencryption%3Dnone%26security%3Dxtls%26type%3Dtcp%26${currentHost}%3D${currentHost}%26headerType%3Dnone%26sni%3D${currentHost}%26flow%3Dxtls-rprx-direct%23${email}\n"
echoContent skyBlue "----------------------------------------------------------------------------------"
echoContent yellow " ---> General format (VLESS+TCP+TLS/xtls-rprx-splice)"
echoContent green " vless://${id}@${currentHost}:${currentDefaultPort}?encryption=none&security=xtls&type=tcp&host=${currentHost}&headerType=none&sni=${currentHost}&flow=xtls-rprx-splice#${email/direct/splice}\n"
echoContent yellow " ---> formatted plaintext (VLESS+TCP+TLS/xtls-rprx-splice)"
echoContent green " Protocol type: VLESS, address: ${currentHost}, port: ${currentDefaultPort}, user ID: ${id}, security: xtls, transmission method: tcp, flow: xtls-rprx-splice, account name: ${email/direct/splice}\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
vless://${id}@${currentHost}:${currentDefaultPort}?encryption=none&security=xtls&type=tcp&host=${currentHost}&headerType=none&sni=${currentHost}&flow=xtls-rprx-splice#${email/direct/splice}
EOF
echoContent yellow " ---> QR code VLESS(VLESS+TCP+TLS/xtls-rprx-splice)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless%3A%2F%2F${id}%40${currentHost}%3A${currentDefaultPort}%3Fencryption%3Dnone%26security%3Dxtls%26type%3Dtcp%26${currentHost}%3D${currentHost}%26headerType%3Dnone%26sni%3D${currentHost}%26flow%3Dxtls-rprx-splice%23${email/direct/splice}\n"
elif [[ "${coreInstallType}" == 2 || "${coreInstallType}" == "3" ]]; then
echoContent yellow " ---> General format (VLESS+TCP+TLS)"
echoContent green " vless://${id}@${currentHost}:${currentDefaultPort}?security=tls&encryption=none&host=${currentHost}&headerType=none&type=tcp#${email}\n"
echoContent yellow " ---> formatted plaintext (VLESS+TCP+TLS/xtls-rprx-splice)"
echoContent green " Protocol type: VLESS, address: ${currentHost}, port: ${currentDefaultPort}, user ID: ${id}, security: tls, transmission method: tcp, account name: ${email/direct/splice} \n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
vless://${id}@${currentHost}:${currentDefaultPort}?security=tls&encryption=none&host=${currentHost}&headerType=none&type=tcp#${email}
EOF
echoContent yellow " ---> QR code VLESS(VLESS+TCP+TLS)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless%3a%2f%2f${id}%40${currentHost}%3a${currentDefaultPort}%3fsecurity%3dtls%26encryption%3dnone%26host%3d${currentHost}%26headerType%3dnone%26type%3dtcp%23${email}\n"
fi
elif [[ "${type}" == "trojanTCPXTLS" ]]; then
echoContent yellow " ---> General format (Trojan+TCP+TLS/xtls-rprx-direct)"
echoContent green " trojan://${id}@${currentHost}:${currentDefaultPort}?encryption=none&security=xtls&type=tcp&host=${currentHost}&headerType=none&sni=${currentHost}&flow=xtls-rprx-direct#${email}\n"
echoContent yellow " ---> formatted plaintext (Trojan+TCP+TLS/xtls-rprx-direct)"
echoContent green "Protocol type: Trojan, address: ${currentHost}, port: ${currentDefaultPort}, user ID: ${id}, security: xtls, transmission method: tcp, flow: xtls-rprx-direct, account name: ${email}\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
trojan://${id}@${currentHost}:${currentDefaultPort}?encryption=none&security=xtls&type=tcp&host=${currentHost}&headerType=none&sni=${currentHost}&flow=xtls-rprx-direct#${email}
EOF
echoContent yellow " ---> QR code Trojan(Trojan+TCP+TLS/xtls-rprx-direct)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=trojan%3A%2F%2F${id}%40${currentHost}%3A${currentDefaultPort}%3Fencryption%3Dnone%26security%3Dxtls%26type%3Dtcp%26${currentHost}%3D${currentHost}%26headerType%3Dnone%26sni%3D${currentHost}%26flow%3Dxtls-rprx-direct%23${email}\n"
echoContent skyBlue "----------------------------------------------------------------------------------"
echoContent yellow " ---> Common format (Trojan+TCP+TLS/xtls-rprx-splice)"
echoContent green " trojan://${id}@${currentHost}:${currentDefaultPort}?encryption=none&security=xtls&type=tcp&host=${currentHost}&headerType=none&sni=${currentHost}&flow=xtls-rprx-splice#${email/direct/splice}\n"
echoContent yellow " ---> formatted plaintext (Trojan+TCP+TLS/xtls-rprx-splice)"
echoContent green " Protocol type: VLESS, address: ${currentHost}, port: ${currentDefaultPort}, user ID: ${id}, security: xtls, transmission method: tcp, flow: xtls-rprx-splice, account name: ${email/direct/splice}\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
trojan://${id}@${currentHost}:${currentDefaultPort}?encryption=none&security=xtls&type=tcp&host=${currentHost}&headerType=none&sni=${currentHost}&flow=xtls-rprx-splice#${email/direct/splice}
EOF
echoContent yellow " ---> QR code Trojan(Trojan+TCP+TLS/xtls-rprx-splice)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=trojan%3A%2F%2F${id}%40${currentHost}%3A${currentDefaultPort}%3Fencryption%3Dnone%26security%3Dxtls%26type%3Dtcp%26${currentHost}%3D${currentHost}%26headerType%3Dnone%26sni%3D${currentHost}%26flow%3Dxtls-rprx-splice%23${email/direct/splice}\n"
elif [[ "${type}" == "vmessws" ]]; then
qrCodeBase64Default=$(echo -n "{\"port\":${currentDefaultPort},\"ps\":\"${email}\",\"tls\":\"tls\",\"id\":\"${id}\",\"aid\":0,\"v\":2,\"host\":\"${currentHost}\",\"type\":\"none\",\"path\":\"/${currentPath}vws\",\"net\":\"ws\",\"add\":\"${currentAdd}\",\"allowInsecure\":0,\"method\":\"none\",\"peer\":\"${currentHost}\",\"sni\":\"${currentHost}\"}" | base64 -w 0)
qrCodeBase64Default="${qrCodeBase64Default// /}"
echoContent yellow " ---> 通用json(VMess+WS+TLS)"
echoContent green " {\"port\":${currentDefaultPort},\"ps\":\"${email}\",\"tls\":\"tls\",\"id\":\"${id}\",\"aid\":0,\"v\":2,\"host\":\"${currentHost}\",\"type\":\"none\",\"path\":\"/${currentPath}vws\",\"net\":\"ws\",\"add\":\"${currentAdd}\",\"allowInsecure\":0,\"method\":\"none\",\"peer\":\"${currentHost}\",\"sni\":\"${currentHost}\"}\n"
echoContent yellow "---> Generic vmess(VMess+WS+TLS) link"
echoContent green " vmess://${qrCodeBase64Default}\n"
echoContent yellow " ---> QR code vmess(VMess+WS+TLS)"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
vmess://${qrCodeBase64Default}
EOF
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vmess://${qrCodeBase64Default}\n"
# elif [[ "${type}" == "vmesstcp" ]]; then
#
# echoContent red "path:${path}"
# qrCodeBase64Default=$(echo -n "{\"add\":\"${add}\",\"aid\":0,\"host\":\"${host}\",\"id\":\"${id}\",\"net\":\"tcp\",\"path\":\"${path}\",\"port\":${port},\"ps\":\"${email}\",\"scy\":\"none\",\"sni\":\"${host}\",\"tls\":\"tls\",\"v\":2,\"type\":\"http\",\"allowInsecure\":0,\"peer\":\"${host}\",\"obfs\":\"http\",\"obfsParam\":\"${host}\"}" | base64)
# qrCodeBase64Default="${qrCodeBase64Default// /}"
#
# echoContent yellow " ---> 通用json(VMess+TCP+TLS)"
# echoContent green " {\"port\":'${port}',\"ps\":\"${email}\",\"tls\":\"tls\",\"id\":\"${id}\",\"aid\":0,\"v\":2,\"host\":\"${host}\",\"type\":\"http\",\"path\":\"${path}\",\"net\":\"http\",\"add\":\"${add}\",\"allowInsecure\":0,\"method\":\"post\",\"peer\":\"${host}\",\"obfs\":\"http\",\"obfsParam\":\"${host}\"}\n"
# echoContent yellow " ---> Generic vmess(VMess+TCP+TLS) link"
# echoContent green " vmess://${qrCodeBase64Default}\n"
#
# cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
#vmess://${qrCodeBase64Default}
#EOF
# echoContent yellow " ---> QR code vmess(VMess+TCP+TLS)"
# echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vmess://${qrCodeBase64Default}\n"
elif [[ "${type}" == "vlessws" ]]; then
echoContent yellow " ---> General format (VLESS+WS+TLS)"
echoContent green " vless://${id}@${currentAdd}:${currentDefaultPort}?encryption=none&security=tls&type=ws&host=${currentHost}&sni=${currentHost}&path=/${currentPath}ws#${email}\n"
echoContent yellow " ---> formatted plaintext (VLESS+WS+TLS)"
echoContent green " Protocol type: VLESS, address: ${currentAdd}, fake domain name/SNI: ${currentHost}, port: ${currentDefaultPort}, user ID: ${id}, security: tls, transmission method: ws, path :/${currentPath}ws, account name: ${email}\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
vless://${id}@${currentAdd}:${currentDefaultPort}?encryption=none&security=tls&type=ws&host=${currentHost}&sni=${currentHost}&path=/${currentPath}ws#${email}
EOF
echoContent yellow " ---> QR code VLESS(VLESS+WS+TLS)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless%3A%2F%2F${id}%40${currentAdd}%3A${currentDefaultPort}%3Fencryption%3Dnone%26security%3Dtls%26type%3Dws%26host%3D${currentHost}%26sni%3D${currentHost}%26path%3D%252f${currentPath}ws%23${email}"
elif [[ "${type}" == "vlessgrpc" ]]; then
echoContent yellow " ---> General format (VLESS+gRPC+TLS)"
echoContent green " vless://${id}@${currentAdd}:${currentDefaultPort}?encryption=none&security=tls&type=grpc&host=${currentHost}&path=${currentPath}grpc&serviceName=${currentPath}grpc&alpn=h2&sni=${currentHost}#${email}\n"
echoContent yellow " ---> formatted plaintext (VLESS+gRPC+TLS)"
echoContent green " Protocol type: VLESS, address: ${currentAdd}, fake domain name/SNI: ${currentHost}, port: ${currentDefaultPort}, user ID: ${id}, security: tls, transmission method: gRPC, alpn :h2, serviceName: ${currentPath}grpc, account name: ${email}\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
vless://${id}@${currentAdd}:${currentDefaultPort}?encryption=none&security=tls&type=grpc&host=${currentHost}&path=${currentPath}grpc&serviceName=${currentPath}grpc&alpn=h2&sni=${currentHost}#${email}
EOF
echoContent yellow " ---> QR code VLESS(VLESS+gRPC+TLS)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=vless%3A%2F%2F${id}%40${currentAdd}%3A${currentDefaultPort}%3Fencryption%3Dnone%26security%3Dtls%26type%3Dgrpc%26host%3D${currentHost}%26serviceName%3D${currentPath}grpc%26path%3D${currentPath}grpc%26sni%3D${currentHost}%26alpn%3Dh2%23${email}"
elif [[ "${type}" == "trojan" ]]; then
# URLEncode
echoContent yellow " ---> Trojan(TLS)"
echoContent green " trojan://${id}@${currentHost}:${currentDefaultPort}?peer=${currentHost}&sni=${currentHost}&alpn=http/1.1#${currentHost}_Trojan\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
trojan://${id}@${currentHost}:${currentDefaultPort}?peer=${currentHost}&sni=${currentHost}&alpn=http/1.1#${email}_Trojan
EOF
echoContent yellow " ---> QR code Trojan(TLS)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=trojan%3a%2f%2f${id}%40${currentHost}%3a${port}%3fpeer%3d${currentHost}%26sni%3d${currentHost}%26alpn%3Dhttp/1.1%23${email}\n"
elif [[ "${type}" == "trojangrpc" ]]; then
# URLEncode
echoContent yellow " ---> Trojan gRPC(TLS)"
echoContent green " trojan://${id}@${currentAdd}:${currentDefaultPort}?encryption=none&peer=${currentHost}&security=tls&type=grpc&sni=${currentHost}&alpn=h2&path=${currentPath}trojangrpc&serviceName=${currentPath}trojangrpc#${email}\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
trojan://${id}@${currentAdd}:${currentDefaultPort}?encryption=none&peer=${currentHost}&security=tls&type=grpc&sni=${currentHost}&alpn=h2&path=${currentPath}trojangrpc&serviceName=${currentPath}trojangrpc#${email}
EOF
echoContent yellow " ---> QR code Trojan gRPC(TLS)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=trojan%3a%2f%2f${id}%40${currentAdd}%3a${currentDefaultPort}%3Fencryption%3Dnone%26security%3Dtls%26peer%3d${currentHost}%26type%3Dgrpc%26sni%3d${currentHost}%26path%3D${currentPath}trojangrpc%26alpn%3Dh2%26serviceName%3D${currentPath}trojangrpc%23${email}\n"
elif [[ "${type}" == "hysteria" ]]; then
echoContent yellow " ---> Hysteria(TLS)"
echoContent green " hysteria://${currentHost}:${hysteriaPort}?protocol=${hysteriaProtocol}&auth=${id}&peer=${currentHost}&insecure=0&alpn=h3&upmbps=${hysteriaClientUploadSpeed}&downmbps=${hysteriaClientDownloadSpeed}#${email}\n"
cat <<EOF >>"/etc/v2ray-agent/subscribe_tmp/${subAccount}"
hysteria://${currentHost}:${hysteriaPort}?protocol=${hysteriaProtocol}&auth=${id}&peer=${currentHost}&insecure=0&alpn=h3&upmbps=${hysteriaClientUploadSpeed}&downmbps=${hysteriaClientDownloadSpeed}#${email}
EOF
echoContent yellow " ---> QR code Hysteria(TLS)"
echoContent green " https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=hysteria%3A%2F%2F${currentHost}%3A${hysteriaPort}%3Fprotocol%3D${hysteriaProtocol}%26auth%3D${id}%26peer%3D${currentHost}%26insecure%3D0%26alpn%3Dh3%26upmbps%3D${hysteriaClientUploadSpeed}%26downmbps%3D${hysteriaClientDownloadSpeed}%23${email}\n"
fi
}
# account
showAccounts() {
readInstallType
readInstallProtocolType
readConfigHostPathUUID
readHysteriaConfig
echoContent skyBlue "\nProgress $1/${totalProgress} : Account"
local show
# VLESS TCP
if [[ -n "${configPath}" ]]; then
show=1
if echo "${currentInstallProtocolType}" | grep -q trojan; then
echoContent skyBlue "===================== Trojan TCP TLS/XTLS-direct/XTLS-splice ======================\n"
jq .inbounds[0].settings.clients ${configPath}02_trojan_TCP_inbounds.json | jq -c '.[]' | while read -r user; do
local email=
email=$(echo "${user}" | jq -r .email)
echoContent skyBlue "\n ---> Account:${email}"
defaultBase64Code trojanTCPXTLS "${email}" "$(echo "${user}" | jq -r .password)"
done
else
echoContent skyBlue "===================== VLESS TCP TLS/XTLS-direct/XTLS-splice ======================\n"
jq .inbounds[0].settings.clients ${configPath}02_VLESS_TCP_inbounds.json | jq -c '.[]' | while read -r user; do
local email=
email=$(echo "${user}" | jq -r .email)
echoContent skyBlue "\n ---> Account:${email}"
echo
defaultBase64Code vlesstcp "${email}" "$(echo "${user}" | jq -r .id)"
done
fi
# VLESS WS
if echo ${currentInstallProtocolType} | grep -q 1; then
echoContent skyBlue "\n================================ VLESS WS TLS CDN ================================\n"
jq .inbounds[0].settings.clients ${configPath}03_VLESS_WS_inbounds.json | jq -c '.[]' | while read -r user; do
local email=
email=$(echo "${user}" | jq -r .email)
echoContent skyBlue "\n ---> Account:${email}"
echo
local path="${currentPath}ws"
# if [[ ${coreInstallType} == "1" ]]; then
# echoContent yellow "Xray's 0-RTT path will be behind it.It is not compatible with v2ray-based clients.Please delete it manually and use it\n"
# path="${currentPath}ws"
# fi
defaultBase64Code vlessws "${email}" "$(echo "${user}" | jq -r .id)"
done
fi
# VMess WS
if echo ${currentInstallProtocolType} | grep -q 3; then
echoContent skyBlue "\n================================ VMess WS TLS CDN ================================\n"
local path="${currentPath}vws"
if [[ ${coreInstallType} == "1" ]]; then
path="${currentPath}vws"
fi
jq .inbounds[0].settings.clients ${configPath}05_VMess_WS_inbounds.json | jq -c '.[]' | while read -r user; do
local email=
email=$(echo "${user}" | jq -r .email)
echoContent skyBlue "\n ---> Account:${email}"
echo
defaultBase64Code vmessws "${email}" "$(echo "${user}" | jq -r .id)"
done
fi
# VLESS grpc
if echo ${currentInstallProtocolType} | grep -q 5; then
echoContent skyBlue "\n=============================== VLESS gRPC TLS CDN ===============================\n"
echoContent red "\n ---> gRPC is in the testing stage and may not be compatible with the client you are using.If it cannot be used, please ignore it"
# local serviceName
# serviceName=$(jq -r .inbounds[0].streamSettings.grpcSettings.serviceName ${configPath}06_VLESS_gRPC_inbounds.json)
jq .inbounds[0].settings.clients ${configPath}06_VLESS_gRPC_inbounds.json | jq -c '.[]' | while read -r user; do
local email=
email=$(echo "${user}" | jq -r .email)
echoContent skyBlue "\n ---> Account:${email}"
echo
defaultBase64Code vlessgrpc "${email}" "$(echo "${user}" | jq -r .id)"
done
fi
fi
# trojan tcp
if echo ${currentInstallProtocolType} | grep -q 4; then
echoContent skyBlue "\n================================== Trojan TLS ==================================\n"
jq .inbounds[0].settings.clients ${configPath}04_trojan_TCP_inbounds.json | jq -c '.[]' | while read -r user; do
local email=
email=$(echo "${user}" | jq -r .email)
echoContent skyBlue "\n ---> Account:${email}"
defaultBase64Code trojan "${email}" "$(echo "${user}" | jq -r .password)"
done
fi
if echo ${currentInstallProtocolType} | grep -q 2; then
echoContent skyBlue "\n================================ Trojan gRPC TLS ================================\n"
echoContent red "\n ---> gRPC is in the testing stage and may not be compatible with the client you are using.If it cannot be used, please ignore it"
jq .inbounds[0].settings.clients ${configPath}04_trojan_gRPC_inbounds.json | jq -c '.[]' | while read -r user; do
local email=
email=$(echo "${user}" | jq -r .email)
echoContent skyBlue "\n ---> Account:${email}"
echo
defaultBase64Code trojangrpc "${email}" "$(echo "${user}" | jq -r .password)"
done
fi
if echo ${currentInstallProtocolType} | grep -q 6; then
echoContent skyBlue "\n================================ Hysteria TLS ================================\n"
echoContent red "\n ---> The speed of Hysteria depends on the local network environment.If it is used by QoS, the experience will be very poor.IDC may also consider it an attack, please use it with caution"
jq .auth.config ${hysteriaConfigPath}config.json | jq -r '.[]' | while read -r user; do
local defaultUser=
local uuidType=
uuidType=".id"
if [[ "${frontingType}" == "02_trojan_TCP_inbounds" ]]; then
uuidType=".password"
fi
defaultUser=$(jq '.inbounds[0].settings.clients[]|select('${uuidType}'=="'"${user}"'")' ${configPath}${frontingType}.json)
local email=
email=$(echo "${defaultUser}" | jq -r .email)
if [[ -n ${defaultUser} ]]; then
echoContent skyBlue "\n ---> Account:${email}"
echo
defaultBase64Code hysteria "${email}" "${user}"
fi
done
fi
if [[ -z ${show} ]]; then
echoContent red "---> not installed"
fi
}
# Remove nginx302 configuration
removeNginx302() {
local count=0
grep -n "return 302" <"/etc/nginx/conf.d/alone.conf" | while read -r line; do
if ! echo "${line}" | grep -q "request_uri"; then
local removeIndex=
removeIndex=$(echo "${line}" | awk -F "[:]" '{print $1}')
removeIndex=$((removeIndex + count))
sed -i "${removeIndex}d" /etc/nginx/conf.d/alone.conf
count=$((count - 1))
fi
done
}
# Check if 302 is successful
checkNginx302() {
local domain302Status=
domain302Status=$(curl -s "https://${currentHost}")
if echo "${domain302Status}" | grep -q "302"; then
local domain302Result=
domain302Result=$(curl -L -s "https://${currentHost}")
if [[ -n "${domain302Result}" ]]; then
echoContent green "---> 302 redirection set successfully"
exit 0
fi
fi
echoContent red "---> 302 redirection setting failed, please double check if it is the same as the example"
backupNginxConfig restoreBackup
}
# Backup and restore nginx files
backupNginxConfig() {
if [[ "$1" == "backup" ]]; then
cp /etc/nginx/conf.d/alone.conf /etc/v2ray-agent/alone_backup.conf
echoContent green " ---> nginx configuration file backup successfully"
fi
if [[ "$1" == "restoreBackup" ]] && [[ -f "/etc/v2ray-agent/alone_backup.conf" ]]; then
cp /etc/v2ray-agent/alone_backup.conf /etc/nginx/conf.d/alone.conf
echoContent green " ---> nginx configuration file restore and backup successfully"
rm /etc/v2ray-agent/alone_backup.conf
fi
}
# Add 302 configuration
addNginx302() {
# local line302Result=
# line302Result=$(| tail -n 1)
local count=1
grep -n "Strict-Transport-Security" <"/etc/nginx/conf.d/alone.conf" | while read -r line; do
if [[ -n "${line}" ]]; then
local insertIndex=
insertIndex="$(echo "${line}" | awk -F "[:]" '{print $1}')"
insertIndex=$((insertIndex + count))
sed "${insertIndex}i return 302 '$1';" /etc/nginx/conf.d/alone.conf >/etc/nginx/conf.d/tmpfile && mv /etc/nginx/conf.d/tmpfile /etc/nginx/conf.d/alone.conf
count=$((count + 1))
else
echoContent red "---> 302 Add failed"
backupNginxConfig restoreBackup
fi
done
}
# Update camouflage station
updateNginxBlog() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Change fake site"
echoContent red "=============================================================="
echoContent yellow "# For customization, please manually copy the template file to /usr/share/nginx/html \n"
echoContent yellow "1.Novice guide"
echoContent yellow "2.Game website"
echoContent yellow "3.Personal blog 01"
echoContent yellow "4.Enterprise Station"
echoContent yellow "5.Unlock the encrypted music file template [https://github.com/ix64/unlock-music]"
echoContent yellow "6.mikutap[https://github.com/HFIProgramming/mikutap]"
echoContent yellow "7.Enterprise station 02"
echoContent yellow "8.Personal blog 02"
echoContent yellow "9.404 Automatically jump to baidu"
echoContent yellow "10.302 redirect site"
echoContent red "=============================================================="
read -r -p "Please select:" selectInstallNginxBlogType
if [[ "${selectInstallNginxBlogType}" == "10" ]]; then
echoContent red "\n=============================================================="
echoContent yellow "The priority of redirection is higher.If you change the fake site after configuring 302, the fake site under the root route will not work"
echoContent yellow "If you want to disguise the site to achieve the effect, you need to delete the 302 redirect configuration\n"
echoContent yellow "1.Add"
echoContent yellow "2.Delete"
echoContent red "=============================================================="
read -r -p "Please select:" redirectStatus
if [[ "${redirectStatus}" == "1" ]]; then
backupNginxConfig backup
read -r -p "Please enter the domain name to be redirected, such as https://www.baidu.com:" redirectDomain
removeNginx302
addNginx302 "${redirectDomain}"
handleNginx stop
handleNginx start
if [[ -z $(pgrep -f nginx) ]]; then
backupNginxConfig restoreBackup
handleNginx start
exit 0
fi
checkNginx302
exit 0
fi
if [[ "${redirectStatus}" == "2" ]]; then
removeNginx302
echoContent green " ---> Remove 302 redirect successfully"
exit 0
fi
fi
if [[ "${selectInstallNginxBlogType}" =~ ^[1-9]$ ]]; then
rm -rf /usr/share/nginx/*
if wget --help | grep -q show-progress; then
wget -c -q --show-progress -P /usr/share/nginx "https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/blog/unable/html${selectInstallNginxBlogType}.zip" >/dev/null
else
wget -c -P /usr/share/nginx "https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/blog/unable/html${selectInstallNginxBlogType}.zip" >/dev/null
fi
unzip -o "/usr/share/nginx/html${selectInstallNginxBlogType}.zip" -d /usr/share/nginx/html >/dev/null
rm -f "/usr/share/nginx/html${selectInstallNginxBlogType}.zip*"
echoContent green " ---> Replace the fake station successfully"
else
echoContent red " ---> Selection error, please select again"
updateNginxBlog
fi
}
# add new port
addCorePort() {
echoContent skyBlue "\nFunction 1/${totalProgress} : add new port"
echoContent red "\n=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "Support batch add"
echoContent yellow "does not affect the use of the default port"
echoContent yellow "When viewing an account, only the account with the default port will be displayed"
echoContent yellow "Special characters are not allowed, pay attention to the comma format"
echoContent yellow "Entry example: 2053,2083,2087\n"
echoContent yellow "1.Add port"
echoContent yellow "2.Delete port"
echoContent red "=============================================================="
read -r -p "Please select:" selectNewPortType
if [[ "${selectNewPortType}" == "1" ]]; then
read -r -p "Please enter the port number:" newPort
read -r -p "Please enter the default port number, the subscription port and node port will be changed at the same time, [Enter] default 443:" defaultPort
if [[ -n "${defaultPort}" ]]; then
rm -rf "$(find ${configPath}* | grep "default")"
fi
if [[ -n "${newPort}" ]]; then
while read -r port; do
rm -rf "$(find ${configPath}* | grep "${port}")"
local fileName=
if [[ -n "${defaultPort}" && "${port}" == "${defaultPort}" ]]; then
fileName="${configPath}02_dokodemodoor_inbounds_${port}_default.json"
else
fileName="${configPath}02_dokodemodoor_inbounds_${port}.json"
fi
# open port
allowPort "${port}"
local settingsPort=443
if [[ -n "${customPort}" ]]; then
settingsPort=${customPort}
fi
cat <<EOF >"${fileName}"
{
"inbounds": [
{
"listen": "0.0.0.0",
"port": ${port},
"protocol": "dokodemo-door",
"settings": {
"address": "127.0.0.1",
"port": ${settingsPort},
"network": "tcp",
"followRedirect": false
},
"tag": "dokodemo-door-newPort-${port}"
}
]
}
EOF
done < <(echo "${newPort}" | tr ',' '\n')
echoContent green " ---> Add successfully"
reloadCore
fi
elif [[ "${selectNewPortType}" == "2" ]]; then
find ${configPath} -name "*dokodemodoor*" | awk -F "[c][o][n][f][/]" '{print ""NR""":"$2}'
read -r -p "Please enter the port number to delete:" portIndex
local dokoConfig
dokoConfig=$(find ${configPath} -name "*dokodemodoor*" | awk -F "[c][o][n][f][/]" '{print ""NR""":"$2}' | grep "${portIndex}:")
if [[ -n "${dokoConfig}" ]]; then
rm "${configPath}/$(echo "${dokoConfig}" | awk -F "[:]" '{print $2}')"
reloadCore
else
echoContent yellow "\n ---> The input number is wrong, please select again"
addCorePort
fi
fi
}
# uninstall script
unInstall() {
read -r -p "Are you sure to uninstall the installation content? [y/n]:" unInstallStatus
if [[ "${unInstallStatus}" != "y" ]]; then
echoContent green " ---> Abort uninstall"
menu
exit 0
fi
handleNginx stop
if [[ -z $(pgrep -f "nginx") ]]; then
echoContent green "---> stop Nginx successfully"
fi
if [[ "${coreInstallType}" == "1" ]]; then
handleXray stop
rm -rf /etc/systemd/system/xray.service
echoContent green " ---> Delete Xray boot auto-start complete"
elif [[ "${coreInstallType}" == "2" ]]; then
handleV2Ray stop
rm -rf /etc/systemd/system/v2ray.service
echoContent green " ---> Delete V2Ray boot auto-start complete"
fi
if [[ -z "${hysteriaConfigPath}" ]]; then
handleHysteria stop
rm -rf /etc/systemd/system/hysteria.service
echoContent green " ---> Delete Hysteria boot auto-start complete"
fi
if [[ -f "/root/.acme.sh/acme.sh.env" ]] && grep -q 'acme.sh.env' </root/.bashrc; then
sed -i 's/."\/root\/.acme.sh\/acme.sh.env"//g' "$(grep '."/root/.acme.sh/acme.sh.env"' -rl /root/.bashrc)"
fi
rm -rf /root/.acme.sh
echoContent green "---> delete acme.sh complete"
rm -rf /tmp/v2ray-agent-tls/*
if [[ -d "/etc/v2ray-agent/tls" ]] && [[ -n $(find /etc/v2ray-agent/tls/ -name "*.key") ]] && [[ -n $(find /etc/v2ray-agent/tls/ -name "*.crt") ]]; then
mv /etc/v2ray-agent/tls /tmp/v2ray-agent-tls
if [[ -n $(find /tmp/v2ray-agent-tls -name '*.key') ]]; then
echoContent yellow " ---> The backup certificate is successful, please keep it.[/tmp/v2ray-agent-tls]"
fi
fi
rm -rf /etc/v2ray-agent
rm -rf ${nginxConfigPath}alone.conf
if [[ -d "/usr/share/nginx/html" && -f "/usr/share/nginx/html/check" ]]; then
rm -rf /usr/share/nginx/html
echoContent green " ---> Delete the fake website completed"
fi
rm -rf /usr/bin/vasma
rm -rf /usr/sbin/vasma
echoContent green " ---> Uninstall shortcut completed"
echoContent green "---> Uninstall v2ray-agent script completed"
}
#updateGeoSite
# Modify V2Ray CDN node
updateV2RayCDN() {
# todo refactor this method
echoContent skyBlue "\nProgress $1/${totalProgress} : Modify CDN node"
if [[ -n "${currentAdd}" ]]; then
echoContent red "=============================================================="
echoContent yellow "1.CNAME www.digitalocean.com"
echoContent yellow "2.CNAME www.cloudflare.com"
echoContent yellow "3.CNAME hostmonit.com"
echoContent yellow "4.Manual input"
echoContent red "=============================================================="
read -r -p "Please select:" selectCDNType
case ${selectCDNType} in
1)
setDomain="www.digitalocean.com"
;;
2)
setDomain="www.cloudflare.com"
;;
3)
setDomain="hostmonit.com"
;;
4)
read -r -p "Please enter the CDN IP or domain name you want to customize:" setDomain
;;
esac
if [[ -n ${setDomain} ]]; then
if [[ -n "${currentAdd}" ]]; then
sed -i "s/\"${currentAdd}\"/\"${setDomain}\"/g" "$(grep "${currentAdd}" -rl ${configPath}${frontingType}.json)"
fi
if [[ $(jq -r .inbounds[0].settings.clients[0].add ${configPath}${frontingType}.json) == "${setDomain}" ]]; then
echoContent green " ---> CDN modified successfully"
reloadCore
else
echoContent red " ---> Failed to modify CDN"
fi
fi
else
echoContent red " ---> Available types are not installed"
fi
}
# manageUser user management
manageUser() {
echoContent skyBlue "\nProgress $1/${totalProgress} : multi-user management"
echoContent skyBlue "-----------------------------------------------------"
echoContent yellow "1.Add user"
echoContent yellow "2.Delete user"
echoContent skyBlue "-----------------------------------------------------"
read -r -p "Please select:" manageUserType
if [[ "${manageUserType}" == "1" ]]; then
addUser
elif [[ "${manageUserType}" == "2" ]]; then
removeUser
else
echoContent red " ---> Selection error"
fi
}
# custom uuid
customUUID() {
# read -r -p "Do you want to customize UUID? [y/n]:" customUUIDStatus
# echo
# if [[ "${customUUIDStatus}" == "y" ]]; then
read -r -p "Please enter a valid UUID, [Enter] Random UUID:" currentCustomUUID
echo
if [[ -z "${currentCustomUUID}" ]]; then
# echoContent red " ---> UUID cannot be empty"
currentCustomUUID=$(${ctlPath} uuid)
echoContent yellow "uuid:${currentCustomUUID}\n"
else
jq -r -c '.inbounds[0].settings.clients[].id' ${configPath}${frontingType}.json | while read -r line; do
if [[ "${line}" == "${currentCustomUUID}" ]]; then
echo >/tmp/v2ray-agent
fi
done
if [[ -f "/tmp/v2ray-agent" && -n $(cat /tmp/v2ray-agent) ]]; then
echoContent red "---> UUID cannot be repeated"
rm /tmp/v2ray-agent
exit 0
fi
fi
# fi
}
# custom email
customUserEmail() {
# read -r -p "Do you want to customize email? [y/n]:" customEmailStatus
# echo
# if [[ "${customEmailStatus}" == "y" ]]; then
read -r -p "Please enter a valid email, [Enter] random email:" currentCustomEmail
echo
if [[ -z "${currentCustomEmail}" ]]; then
currentCustomEmail="${currentHost}_${currentCustomUUID}"
echoContent yellow "email: ${currentCustomEmail}\n"
# echoContent red " ---> email cannot be empty"
else
jq -r -c '.inbounds[0].settings.clients[].email' ${configPath}${frontingType}.json | while read -r line; do
if [[ "${line}" == "${currentCustomEmail}" ]]; then
echo >/tmp/v2ray-agent
fi
done
if [[ -f "/tmp/v2ray-agent" && -n $(cat /tmp/v2ray-agent) ]]; then
echoContent red " ---> email cannot be repeated"
rm /tmp/v2ray-agent
exit 0
fi
fi
# fi
}
# Add user
addUser() {
echoContent yellow "After adding a new user, you need to review the subscription again"
read -r -p "Please enter the number of users to add:" userNum
echo
if [[ -z ${userNum} || ${userNum} -le 0 ]]; then
echoContent red " ---> Input error, please re-enter"
exit 0
fi
# generate user
if [[ "${userNum}" == "1" ]]; then
customUUID
customUserEmail
fi
while [[ ${userNum} -gt 0 ]]; do
local users=
((userNum--)) || true
if [[ -n "${currentCustomUUID}" ]]; then
uuid=${currentCustomUUID}
else
uuid=$(${ctlPath} uuid)
fi
if [[ -n "${currentCustomEmail}" ]]; then
email=${currentCustomEmail}
else
email=${currentHost}_${uuid}
fi
# Compatible with v2ray-core
users="{\"id\":\"${uuid}\",\"flow\":\"xtls-rprx-direct\",\"email\":\"${email}\",\"alterId\":0}"
if [[ "${coreInstallType}" == "2" ]]; then
users="{\"id\":\"${uuid}\",\"email\":\"${email}\",\"alterId\":0}"
fi
if echo ${currentInstallProtocolType} | grep -q 0; then
local vlessUsers="${users//\,\"alterId\":0/}"
local vlessTcpResult
vlessTcpResult=$(jq -r ".inbounds[0].settings.clients += [${vlessUsers}]" ${configPath}${frontingType}.json)
echo "${vlessTcpResult}" | jq .>${configPath}${frontingType}.json
fi
if echo ${currentInstallProtocolType} | grep -q trojan; then
local trojanXTLSUsers="${users//\,\"alterId\":0/}"
trojanXTLSUsers=${trojanXTLSUsers//"id"/"password"}
local trojanXTLSResult
trojanXTLSResult=$(jq -r ".inbounds[0].settings.clients += [${trojanXTLSUsers}]" ${configPath}${frontingType}.json)
echo "${trojanXTLSResult}" | jq .>${configPath}${frontingType}.json
fi
if echo ${currentInstallProtocolType} | grep -q 1; then
local vlessUsers="${users//\,\"alterId\":0/}"
vlessUsers="${vlessUsers//\"flow\":\"xtls-rprx-direct\"\,/}"
local vlessWsResult
vlessWsResult=$(jq -r ".inbounds[0].settings.clients += [${vlessUsers}]" ${configPath}03_VLESS_WS_inbounds.json)
echo "${vlessWsResult}" | jq .>${configPath}03_VLESS_WS_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 2; then
local trojangRPCUsers="${users//\"flow\":\"xtls-rprx-direct\"\,/}"
trojangRPCUsers="${trojangRPCUsers//\,\"alterId\":0/}"
trojangRPCUsers=${trojangRPCUsers//"id"/"password"}
local trojangRPCResult
trojangRPCResult=$(jq -r ".inbounds[0].settings.clients += [${trojangRPCUsers}]" ${configPath}04_trojan_gRPC_inbounds.json)
echo "${trojangRPCResult}" | jq .>${configPath}04_trojan_gRPC_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 3; then
local vmessUsers="${users//\"flow\":\"xtls-rprx-direct\"\,/}"
local vmessWsResult
vmessWsResult=$(jq -r ".inbounds[0].settings.clients += [${vmessUsers}]" ${configPath}05_VMess_WS_inbounds.json)
echo "${vmessWsResult}" | jq .>${configPath}05_VMess_WS_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 5; then
local vlessGRPCUsers="${users//\"flow\":\"xtls-rprx-direct\"\,/}"
vlessGRPCUsers="${vlessGRPCUsers//\,\"alterId\":0/}"
local vlessGRPCResult
vlessGRPCResult=$(jq -r ".inbounds[0].settings.clients += [${vlessGRPCUsers}]" ${configPath}06_VLESS_gRPC_inbounds.json)
echo "${vlessGRPCResult}" | jq .>${configPath}06_VLESS_gRPC_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 4; then
local trojanUsers="${users//\"flow\":\"xtls-rprx-direct\"\,/}"
trojanUsers="${trojanUsers//id/password}"
trojanUsers="${trojanUsers//\,\"alterId\":0/}"
local trojanTCPResult
trojanTCPResult=$(jq -r ".inbounds[0].settings.clients += [${trojanUsers}]" ${configPath}04_trojan_TCP_inbounds.json)
echo "${trojanTCPResult}" | jq .>${configPath}04_trojan_TCP_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 6; then
local hysteriaResult
hysteriaResult=$(jq -r ".auth.config += [\"${uuid}\"]" ${hysteriaConfigPath}config.json)
echo "${hysteriaResult}" | jq .>${hysteriaConfigPath}config.json
fi
done
reloadCore
echoContent green " ---> Add complete"
manageAccount 1
}
# remove user
removeUser() {
if echo ${currentInstallProtocolType} | grep -q 0 || echo ${currentInstallProtocolType} | grep -q trojan; then
jq -r -c .inbounds[0].settings.clients[].email ${configPath}${frontingType}.json | awk '{print NR""":"$0}'
read -r -p "Please select the user number to delete [only single delete is supported]:" delUserIndex
if [[ $(jq -r '.inbounds[0].settings.clients|length' ${configPath}${frontingType}.json) -lt ${delUserIndex} ]]; then
echoContent red " ---> Selection error"
else
delUserIndex=$((delUserIndex - 1))
local vlessTcpResult
vlessTcpResult=$(jq -r 'del(.inbounds[0].settings.clients['${delUserIndex}'])' ${configPath}${frontingType}.json)
echo "${vlessTcpResult}" | jq .>${configPath}${frontingType}.json
fi
fi
if [[ -n "${delUserIndex}" ]]; then
if echo ${currentInstallProtocolType} | grep -q 1; then
local vlessWSResult
vlessWSResult=$(jq -r 'del(.inbounds[0].settings.clients['${delUserIndex}'])' ${configPath}03_VLESS_WS_inbounds.json)
echo "${vlessWSResult}" | jq .>${configPath}03_VLESS_WS_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 2; then
local trojangRPCUsers
trojangRPCUsers=$(jq -r 'del(.inbounds[0].settings.clients['${delUserIndex}'])' ${configPath}04_trojan_gRPC_inbounds.json)
echo "${trojangRPCUsers}" | jq .>${configPath}04_trojan_gRPC_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 3; then
local vmessWSResult
vmessWSResult=$(jq -r 'del(.inbounds[0].settings.clients['${delUserIndex}'])' ${configPath}05_VMess_WS_inbounds.json)
echo "${vmessWSResult}" | jq .>${configPath}05_VMess_WS_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 5; then
local vlessGRPCResult
vlessGRPCResult=$(jq -r 'del(.inbounds[0].settings.clients['${delUserIndex}'])' ${configPath}06_VLESS_gRPC_inbounds.json)
echo "${vlessGRPCResult}" | jq .>${configPath}06_VLESS_gRPC_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 4; then
local trojanTCPResult
trojanTCPResult=$(jq -r 'del(.inbounds[0].settings.clients['${delUserIndex}'])' ${configPath}04_trojan_TCP_inbounds.json)
echo "${trojanTCPResult}" | jq .>${configPath}04_trojan_TCP_inbounds.json
fi
if echo ${currentInstallProtocolType} | grep -q 6; then
local hysteriaResult
hysteriaResult=$(jq -r 'del(.auth.config['${delUserIndex}'])' ${hysteriaConfigPath}config.json)
echo "${hysteriaResult}" | jq .>${hysteriaConfigPath}config.json
fi
reloadCore
fi
manageAccount 1
}
# Updated script
updateV2RayAgent() {
echoContent skyBlue "\nProgress $1/${totalProgress} : Update v2ray-agent script"
rm -rf /etc/v2ray-agent/install.sh
if wget --help | grep -q show-progress; then
wget -c -q --show-progress -P /etc/v2ray-agent/ -N --no-check-certificate "https://raw.githubusercontent.com/mack-a/v2ray-agent/master/install.sh"
else
wget -c -q -P /etc/v2ray-agent/ -N --no-check-certificate "https://raw.githubusercontent.com/mack-a/v2ray-agent/master/install.sh"
fi
sudo chmod 700 /etc/v2ray-agent/install.sh
local version
version=$(grep 'Current version:v' "/etc/v2ray-agent/install.sh" | awk -F "[v]" '{print $2}' | tail -n +2 | head -n 1 | awk -F "[\"]" '{print $1}')
echoContent green "\n ---> Update completed"
echoContent yellow " ---> Please manually execute [vasma] to open the script"
echoContent green " ---> Current version: ${version}\n"
echoContent yellow "If the update is unsuccessful, please manually execute the following command\n"
echoContent skyBlue "wget -P /root -N --no-check-certificate https://raw.githubusercontent.com/mack-a/v2ray-agent/master/install.sh && chmod 700 /root/install.sh && /root/install.sh"
echo
exit 0
}
# Firewall
handleFirewall() {
if systemctl status ufw 2>/dev/null | grep -q "active (exited)" && [[ "$1" == "stop" ]]; then
systemctl stop ufw >/dev/null 2>&1
systemctl disable ufw >/dev/null 2>&1
echoContent green "---> ufw closed successfully"
fi
if systemctl status firewalld 2>/dev/null | grep -q "active (running)" && [[ "$1" == "stop" ]]; then
systemctl stop firewalld >/dev/null 2>&1
systemctl disable firewalld >/dev/null 2>&1
echoContent green "---> firewalld closed successfully"
fi
}
# install BBR
bbrInstall() {
echoContent red "\n=============================================================="
echoContent green "The mature works of [ylx2016] for BBR and DD scripts, the address is [https://github.com/ylx2016/Linux-NetSpeed], please be familiar with"
echoContent yellow "1.Installation script [recommended original BBR+FQ]"
echoContent yellow "2.Fallback home directory"
echoContent red "=============================================================="
read -r -p "Please select:" installBBRStatus
if [[ "${installBBRStatus}" == "1" ]]; then
wget -N --no-check-certificate "https://raw.githubusercontent.com/ylx2016/Linux-NetSpeed/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
else
menu
fi
}
# View and check logs
checkLog() {
if [[ -z ${configPath} ]]; then
echoContent red " ---> No installation directory detected, please execute the script to install the content"
fi
local logStatus=false
if grep -q "access" ${configPath}00_log.json; then
logStatus=true
fi
echoContent skyBlue "\nFunction $1/${totalProgress} : View log"
echoContent red "\n=============================================================="
echoContent yellow "# It is recommended to open access log only when debugging\n"
if [[ "${logStatus}" == "false" ]]; then
echoContent yellow "1.Open access log"
else
echoContent yellow "1.Close the access log"
fi
echoContent yellow "2.Monitor access log"
echoContent yellow "3.Monitor error log"
echoContent yellow "4.View the certificate timing task log"
echoContent yellow "5.View certificate installation log"
echoContent yellow "6.Clear the log"
echoContent red "=============================================================="
read -r -p "Please select:" selectAccessLogType
local configPathLog=${configPath//conf\//}
case ${selectAccessLogType} in
1)
if [[ "${logStatus}" == "false" ]]; then
cat <<EOF >${configPath}00_log.json
{
"log": {
"access":"${configPathLog}access.log",
"error": "${configPathLog}error.log",
"loglevel": "debug"
}
}
EOF
elif [[ "${logStatus}" == "true" ]]; then
cat <<EOF >${configPath}00_log.json
{
"log": {
"error": "${configPathLog}error.log",
"loglevel": "warning"
}
}
EOF
fi
reloadCore
checkLog 1
;;
2)
tail -f ${configPathLog}access.log
;;
3)
tail -f ${configPathLog}error.log
;;
4)
tail -n 100 /etc/v2ray-agent/crontab_tls.log
;;
5)
tail -n 100 /etc/v2ray-agent/tls/acme.log
;;
6)
echo >${configPathLog}access.log
echo >${configPathLog}error.log
;;
esac
}
# Script shortcut
aliasInstall() {
if [[ -f "$HOME/install.sh" ]] && [[ -d "/etc/v2ray-agent" ]] && grep <"$HOME/install.sh" -q "作者:mack-a"; then
mv "$HOME/install.sh" /etc/v2ray-agent/install.sh
local vasmaType=
if [[ -d "/usr/bin/" ]]; then
if [[ ! -f "/usr/bin/vasma" ]]; then
ln -s /etc/v2ray-agent/install.sh /usr/bin/vasma
chmod 700 /usr/bin/vasma
vasmaType=true
fi
rm -rf "$HOME/install.sh"
elif [[ -d "/usr/sbin" ]]; then
if [[ ! -f "/usr/sbin/vasma" ]]; then
ln -s /etc/v2ray-agent/install.sh /usr/sbin/vasma
chmod 700 /usr/sbin/vasma
vasmaType=true
fi
rm -rf "$HOME/install.sh"
fi
if [[ "${vasmaType}" == "true" ]]; then
echoContent green "Shortcut created successfully, executable [vasma] to reopen the script"
fi
fi
}
# check ipv6, ipv4
checkIPv6() {
# pingIPv6=$(ping6 -c 1 www.google.com | sed '2{s/[^(]*(//;s/).*//;q;}' | tail -n +2)
pingIPv6=$(ping6 -c 1 www.google.com | sed -n '1p' | sed 's/.*(//g;s/).*//g')
if [[ -z "${pingIPv6}" ]]; then
echoContent red " ---> ipv6 is not supported"
exit 0
fi
}
# ipv6 offload
ipv6Routing() {
if [[ -z "${configPath}" ]]; then
echoContent red " ---> Not installed, please use script to install"
menu
exit 0
fi
checkIPv6
echoContent skyBlue "\nFunction 1/${totalProgress} : IPv6 offload"
echoContent red "\n=============================================================="
echoContent yellow "1.Add domain name"
echoContent yellow "2.Uninstall IPv6 offload"
echoContent red "=============================================================="
read -r -p "Please select:" ipv6Status
if [[ "${ipv6Status}" == "1" ]]; then
echoContent red "=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "1.The rule only supports the predefined domain name list [https://github.com/v2fly/domain-list-community]"
echoContent yellow "2.Detailed documentation [https://www.v2fly.org/config/routing.html]"
echoContent yellow "3.If the kernel fails to start, please check the domain name and add the domain name again"
echoContent yellow "4.Special characters are not allowed, pay attention to the format of commas"
echoContent yellow "5.Every time you add it, it will be added again, and the last domain name will not be retained"
echoContent yellow "6.It is strongly recommended to block domestic websites, enter [cn] below to block"
echoContent yellow "7.Input example: google,youtube,facebook,cn\n"
read -r -p "Please enter the domain name according to the above example:" domainList
if [[ -f "${configPath}09_routing.json" ]]; then
unInstallRouting IPv6-out outboundTag
routing=$(jq -r ".routing.rules += [{\"type\":\"field\",\"domain\":[\"geosite:${domainList//,/\",\"geosite:}\"],\"outboundTag\":\"IPv6-out\"}]" ${configPath}09_routing.json)
echo "${routing}" | jq .>${configPath}09_routing.json
else
cat <<EOF >"${configPath}09_routing.json"
{
"routing":{
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"domain": [
"geosite:${domainList//,/\",\"geosite:}"
],
"outboundTag": "IPv6-out"
}
]
}
}
EOF
fi
unInstallOutbounds IPv6-out
outbounds=$(jq -r '.outbounds += [{"protocol":"freedom","settings":{"domainStrategy":"UseIPv6"},"tag":"IPv6-out"}]' ${configPath}10_ipv4_outbounds.json)
echo "${outbounds}" | jq .>${configPath}10_ipv4_outbounds.json
echoContent green " ---> Add successfully"
elif [[ "${ipv6Status}" == "2" ]]; then
unInstallRouting IPv6-out outboundTag
unInstallOutbounds IPv6-out
echoContent green "---> IPv6 offloading succeeded"
else
echoContent red " ---> Selection error"
exit 0
fi
reloadCore
}
# bt download management
btTools() {
if [[ -z "${configPath}" ]]; then
echoContent red " ---> Not installed, please use script to install"
menu
exit 0
fi
echoContent skyBlue "\nFunction 1/${totalProgress} : bt download management"
echoContent red "\n=============================================================="
if [[ -f ${configPath}09_routing.json ]] && grep -q bittorrent <${configPath}09_routing.json; then
echoContent yellow "Current Status: Disabled"
else
echoContent yellow "Current status: not disabled"
fi
echoContent yellow "1.Disable"
echoContent yellow "2.Open"
echoContent red "=============================================================="
read -r -p "Please select:" btStatus
if [[ "${btStatus}" == "1" ]]; then
if [[ -f "${configPath}09_routing.json" ]]; then
unInstallRouting blackhole-out outboundTag
routing=$(jq -r '.routing.rules += [{"type":"field","outboundTag":"blackhole-out","protocol":["bittorrent"]}]' ${configPath}09_routing.json)
echo "${routing}" | jq .>${configPath}09_routing.json
else
cat <<EOF >${configPath}09_routing.json
{
"routing":{
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"outboundTag": "blackhole-out",
"protocol": [ "bittorrent" ]
}
]
}
}
EOF
fi
installSniffing
unInstallOutbounds blackhole-out
outbounds=$(jq -r '.outbounds += [{"protocol":"blackhole","tag":"blackhole-out"}]' ${configPath}10_ipv4_outbounds.json)
echo "${outbounds}" | jq .>${configPath}10_ipv4_outbounds.json
echoContent green "---> BT download disabled successfully"
elif [[ "${btStatus}" == "2" ]]; then
unInstallSniffing
unInstallRouting blackhole-out outboundTag bittorrent
# unInstallOutbounds blackhole-out
echoContent green " ---> BT download successfully opened"
else
echoContent red " ---> Selection error"
exit 0
fi
reloadCore
}
# Domain blacklist
blacklist() {
if [[ -z "${configPath}" ]]; then
echoContent red " ---> Not installed, please use script to install"
menu
exit 0
fi
echoContent skyBlue "\nProgress $1/${totalProgress} : domain name blacklist"
echoContent red "\n=============================================================="
echoContent yellow "1.Add domain name"
echoContent yellow "2.Delete blacklist"
echoContent red "=============================================================="
read -r -p "Please select:" blacklistStatus
if [[ "${blacklistStatus}" == "1" ]]; then
echoContent red "=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "1.The rule only supports the predefined domain name list [https://github.com/v2fly/domain-list-community]"
echoContent yellow "2.Detailed documentation [https://www.v2fly.org/config/routing.html]"
echoContent yellow "3.If the kernel fails to start, please check the domain name and add the domain name again"
echoContent yellow "4.Special characters are not allowed, pay attention to the format of commas"
echoContent yellow "5.Every time you add it, it will be added again, and the last domain name will not be retained"
echoContent yellow "6.Input example: speedtest,facebook\n"
read -r -p "Please enter the domain name according to the above example:" domainList
if [[ -f "${configPath}09_routing.json" ]]; then
unInstallRouting blackhole-out outboundTag
routing=$(jq -r ".routing.rules += [{\"type\":\"field\",\"domain\":[\"geosite:${domainList//,/\",\"geosite:}\"],\"outboundTag\":\"blackhole-out\"}]" ${configPath}09_routing.json)
echo "${routing}" | jq .>${configPath}09_routing.json
else
cat <<EOF >${configPath}09_routing.json
{
"routing":{
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"domain": [
"geosite:${domainList//,/\",\"geosite:}"
],
"outboundTag": "blackhole-out"
}
]
}
}
EOF
fi
echoContent green " ---> Add successfully"
elif [[ "${blacklistStatus}" == "2" ]]; then
unInstallRouting blackhole-out outboundTag
echoContent green " ---> Domain name blacklist deleted successfully"
else
echoContent red " ---> Selection error"
exit 0
fi
reloadCore
}
# Uninstall Routing according to tag
unInstallRouting() {
local tag=$1
local type=$2
local protocol=$3
if [[ -f "${configPath}09_routing.json" ]]; then
local routing
if grep -q "${tag}" ${configPath}09_routing.json && grep -q "${type}" ${configPath}09_routing.json; then
jq -c .routing.rules[] ${configPath}09_routing.json | while read -r line; do
local index=$((index + 1))
local delStatus=0
if [[ "${type}" == "outboundTag" ]] && echo "${line}" | jq .outboundTag | grep -q "${tag}"; then
partStatus=1
elif [[ "${type}" == "inboundTag" ]] && echo "${line}" | jq .inboundTag | grep -q "${tag}"; then
partStatus=1
fi
if [[ -n ${protocol} ]] && echo "${line}" | jq .protocol | grep -q "${protocol}"; then
partStatus=1
elif [[ -z ${protocol} ]] && [[ $(echo "${line}" | jq .protocol) != "null" ]]; then
partStatus=0
fi
if [[ ${delStatus} == 1 ]]; then
routing=$(jq -r 'del(.routing.rules['"$(("${index}" - 1))"'])' ${configPath}09_routing.json)
echo "${routing}" | jq .>${configPath}09_routing.json
fi
done
fi
fi
}
# Uninstall outbound according to tag
unInstallOutbounds() {
local tag=$1
if grep -q "${tag}" ${configPath}10_ipv4_outbounds.json; then
local ipv6OutIndex
ipv6OutIndex=$(jq .outbounds[].tag ${configPath}10_ipv4_outbounds.json | awk '{print ""NR""":"$0}' | grep "${tag}" | awk -F "[:]" '{print $1}' | head -1)
if [[ ${ipv6OutIndex} -gt 0 ]]; then
routing=$(jq -r 'del(.outbounds['$(("${ipv6OutIndex}" - 1))'])' ${configPath}10_ipv4_outbounds.json)
echo "${routing}" | jq .>${configPath}10_ipv4_outbounds.json
fi
fi
}
# uninstall sniffing
unInstallSniffing() {
find ${configPath} -name "*inbounds.json*" | awk -F "[c][o][n][f][/]" '{print $2}' | while read -r inbound; do
sniffing=$(jq -r 'del(.inbounds[0].sniffing)' "${configPath}${inbound}")
echo "${sniffing}" | jq .>"${configPath}${inbound}"
done
}
# install sniff
installSniffing() {
find ${configPath} -name "*inbounds.json*" | awk -F "[c][o][n][f][/]" '{print $2}' | while read -r inbound; do
sniffing=$(jq -r '.inbounds[0].sniffing = {"enabled":true,"destOverride":["http","tls"]}' "${configPath}${inbound}")
echo "${sniffing}" | jq .>"${configPath}${inbound}"
done
}
# warp triage
warpRouting() {
echoContent skyBlue "\nProgress $1/${totalProgress} : WARP diversion"
echoContent red "=============================================================="
# echoContent yellow "# Notes\n"
# echoContent yellow "1.There are bugs in the official warp after several rounds of testing.Restarting the warp will cause the warp to fail and fail to start, and the CPU usage may also skyrocket"
# echoContent yellow "2.The machine can be used normally without restarting the machine.If you have to use the official warp, it is recommended not to restart the machine"
# echoContent yellow "3.Some machines still work normally after restarting"
# echoContent yellow "4.Can't be used after restart, you can also uninstall and reinstall"
# install warp
if [[ -z $(which warp-cli) ]]; then
echo
read -r -p "WARP is not installed, is it installed? [y/n]:" installCloudflareWarpStatus
if [[ "${installCloudflareWarpStatus}" == "y" ]]; then
installWarp
else
echoContent yellow " ---> Abort installation"
exit 0
fi
fi
echoContent red "\n=============================================================="
echoContent yellow "1.Add domain name"
echoContent yellow "2.Uninstall WARP offload"
echoContent red "=============================================================="
read -r -p "Please select:" warpStatus
if [[ "${warpStatus}" == "1" ]]; then
echoContent red "=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "1.The rule only supports the predefined domain name list [https://github.com/v2fly/domain-list-community]"
echoContent yellow "2.Detailed documentation [https://www.v2fly.org/config/routing.html]"
echoContent yellow "3.Only traffic can be distributed to warp, not ipv4 or ipv6"
echoContent yellow "4.If the kernel fails to start, please check the domain name and add the domain name again"
echoContent yellow "5.Special characters are not allowed, pay attention to the format of comma"
echoContent yellow "6.Every time you add it, it will be added again, and the last domain name will not be retained"
echoContent yellow "7.Input example: google,youtube,facebook\n"
read -r -p "Please enter the domain name according to the above example:" domainList
if [[ -f "${configPath}09_routing.json" ]]; then
unInstallRouting warp-socks-out outboundTag
routing=$(jq -r ".routing.rules += [{\"type\":\"field\",\"domain\":[\"geosite:${domainList//,/\",\"geosite:}\"],\"outboundTag\":\"warp-socks-out\"}]" ${configPath}09_routing.json)
echo "${routing}" | jq .>${configPath}09_routing.json
else
cat <<EOF >${configPath}09_routing.json
{
"routing":{
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"domain": [
"geosite:${domainList//,/\",\"geosite:}"
],
"outboundTag": "warp-socks-out"
}
]
}
}
EOF
fi
unInstallOutbounds warp-socks-out
local outbounds
outbounds=$(jq -r '.outbounds += [{"protocol":"socks","settings":{"servers":[{"address":"127.0.0.1","port":31303}]},"tag":"warp-socks-out"}]' ${configPath}10_ipv4_outbounds.json)
echo "${outbounds}" | jq .>${configPath}10_ipv4_outbounds.json
echoContent green " ---> Add successfully"
elif [[ "${warpStatus}" == "2" ]]; then
${removeType} cloudflare-warp >/dev/null 2>&1
unInstallRouting warp-socks-out outboundTag
unInstallOutbounds warp-socks-out
echoContent green " ---> WARP offloading uninstalled successfully"
else
echoContent red " ---> Selection error"
exit 0
fi
reloadCore
}
# Streaming Toolbox
streamingToolbox() {
echoContent skyBlue "\nFunction 1/${totalProgress} : Streaming Toolbox"
echoContent red "\n=============================================================="
# echoContent yellow "1.Netflix detection"
echoContent yellow "1.Any door landing machine unlocks streaming media"
echoContent yellow "2.DNS unlock streaming"
echoContent yellow "3.VMess+WS+TLS unlock streaming"
read -r -p "Please select:" selectType
case ${selectType} in
1)
dokodemoDoorUnblockStreamingMedia
;;
2)
dnsUnlockNetflix
;;
3)
unblockVMessWSTLSStreamingMedia
;;
esac
}
# Arbitrary door unlock streaming
dokodemoDoorUnblockStreamingMedia() {
echoContent skyBlue "\nFunction 1/${totalProgress} : Unlock streaming media with any door landing machine"
echoContent red "\n=============================================================="
echoContent yellow "# Notes"
echoContent yellow "Any door unlock details, please check this article [https://github.com/mack-a/v2ray-agent/blob/master/documents/netflix/dokodemo-unblock_netflix.md]\n"
echoContent yellow "1.Add outbound"
echoContent yellow "2.Add inbound"
echoContent yellow "3.Uninstall"
read -r -p "Please select:" selectType
case ${selectType} in
1)
setDokodemoDoorUnblockStreamingMediaOutbounds
;;
2)
setDokodemoDoorUnblockStreamingMediaInbounds
;;
3)
removeDokodemoDoorUnblockStreamingMedia
;;
esac
}
# VMess+WS+TLS to unlock streaming media [outbound only]
unblockVMessWSTLSStreamingMedia() {
echoContent skyBlue "\nFunction 1/${totalProgress} : VMess+WS+TLS outbound unblock streaming"
echoContent red "\n=============================================================="
echoContent yellow "# Notes"
echoContent yellow "Suitable for unlocking services via VMess provided by other service providers\n"
echoContent yellow "1.Add outbound"
echoContent yellow "2.Uninstall"
read -r -p "Please select:" selectType
case ${selectType} in
1)
setVMessWSTLSUnblockStreamingMediaOutbounds
;;
2)
removeVMessWSTLSUnblockStreamingMedia
;;
esac
}
# Set VMess+WS+TLS to unblock Netflix [outbound only]
setVMessWSTLSUnblockStreamingMediaOutbounds() {
read -r -p "Please enter the address to unlock the streaming media VMess+WS+TLS:" setVMessWSTLSAddress
echoContent red "=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "1.The rule only supports the predefined domain name list [https://github.com/v2fly/domain-list-community]"
echoContent yellow "2.Detailed documentation [https://www.v2fly.org/config/routing.html]"
echoContent yellow "3.If the kernel fails to start, please check the domain name and add the domain name again"
echoContent yellow "4.Special characters are not allowed, pay attention to the format of commas"
echoContent yellow "5.Every time you add it, it will be added again, and the last domain name will not be retained"
echoContent yellow "6.Input example: netflix, disney, hulu\n"
read -r -p "Please enter the domain name according to the above example:" domainList
if [[ -z ${domainList} ]]; then
echoContent red " ---> The domain name cannot be empty"
setVMessWSTLSUnblockStreamingMediaOutbounds
fi
if [[ -n "${setVMessWSTLSAddress}" ]]; then
unInstallOutbounds VMess-out
echo
read -r -p "Please enter the port of VMess+WS+TLS:" setVMessWSTLSPort
echo
if [[ -z "${setVMessWSTLSPort}" ]]; then
echoContent red " ---> Port cannot be empty"
fi
read -r -p "Please enter the UUID of VMess+WS+TLS:" setVMessWSTLSUUID
echo
if [[ -z "${setVMessWSTLSUUID}" ]]; then
echoContent red " ---> UUID cannot be empty"
fi
read -r -p "Please enter the Path of VMess+WS+TLS:" setVMessWSTLSPath
echo
if [[ -z "${setVMessWSTLSPath}" ]]; then
echoContent red " ---> Path cannot be empty"
fi
outbounds=$(jq -r ".outbounds += [{\"tag\":\"VMess-out\",\"protocol\":\"vmess\",\"streamSettings\":{\"network\":\"ws\",\"security\":\"tls\",\"tlsSettings\":{\"allowInsecure\":false},\"wsSettings\":{\"path\":\"${setVMessWSTLSPath}\"}},\"mux\":{\"enabled\":true,\"concurrency\":8},\"settings\":{\"vnext\":[{\"address\":\"${setVMessWSTLSAddress}\",\"port\":${setVMessWSTLSPort},\"users\":[{\"id\":\"${setVMessWSTLSUUID}\",\"security\":\"auto\",\"alterId\":0}]}]}}]" ${configPath}10_ipv4_outbounds.json)
echo "${outbounds}" | jq .>${configPath}10_ipv4_outbounds.json
if [[ -f "${configPath}09_routing.json" ]]; then
unInstallRouting VMess-out outboundTag
local routing
routing=$(jq -r ".routing.rules += [{\"type\":\"field\",\"domain\":[\"ip.sb\",\"geosite:${domainList//,/\",\"geosite:}\"],\"outboundTag\":\"VMess-out\"}]" ${configPath}09_routing.json)
echo "${routing}" | jq .>${configPath}09_routing.json
else
cat <<EOF >${configPath}09_routing.json
{
"routing": {
"rules": [
{
"type": "field",
"domain": [
"ip.sb",
"geosite:${domainList//,/\",\"geosite:}"
],
"outboundTag": "VMess-out"
}
]
}
}
EOF
fi
reloadCore
echoContent green " ---> Add outbound unlock success"
exit 0
fi
echoContent red " ---> The address cannot be empty"
setVMessWSTLSUnblockStreamingMediaOutbounds
}
# Set any door to unlock Netflix [outbound]
setDokodemoDoorUnblockStreamingMediaOutbounds() {
read -r -p "Please enter the IP to unlock the streaming vps:" setIP
echoContent red "=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "1.The rule only supports the predefined domain name list [https://github.com/v2fly/domain-list-community]"
echoContent yellow "2.Detailed documentation [https://www.v2fly.org/config/routing.html]"
echoContent yellow "3.If the kernel fails to start, please check the domain name and add the domain name again"
echoContent yellow "4.Special characters are not allowed, pay attention to the format of commas"
echoContent yellow "5.Every time you add it, it will be added again, and the last domain name will not be retained"
echoContent yellow "6.Input example: netflix, disney, hulu\n"
read -r -p "Please enter the domain name according to the above example:" domainList
if [[ -z ${domainList} ]]; then
echoContent red " ---> The domain name cannot be empty"
setDokodemoDoorUnblockStreamingMediaOutbounds
fi
if [[ -n "${setIP}" ]]; then
unInstallOutbounds streamingMedia-80
unInstallOutbounds streamingMedia-443
outbounds=$(jq -r ".outbounds += [{\"tag\":\"streamingMedia-80\",\"protocol\":\"freedom\",\"settings\":{\"domainStrategy\":\"AsIs\",\"redirect\":\"${setIP}:22387\"}},{\"tag\":\"streamingMedia-443\",\"protocol\":\"freedom\",\"settings\":{\"domainStrategy\":\"AsIs\",\"redirect\":\"${setIP}:22388\"}}]" ${configPath}10_ipv4_outbounds.json)
echo "${outbounds}" | jq .>${configPath}10_ipv4_outbounds.json
if [[ -f "${configPath}09_routing.json" ]]; then
unInstallRouting streamingMedia-80 outboundTag
unInstallRouting streamingMedia-443 outboundTag
local routing
routing=$(jq -r ".routing.rules += [{\"type\":\"field\",\"port\":80,\"domain\":[\"ip.sb\",\"geosite:${domainList//,/\",\"geosite:}\"],\"outboundTag\":\"streamingMedia-80\"},{\"type\":\"field\",\"port\":443,\"domain\":[\"ip.sb\",\"geosite:${domainList//,/\",\"geosite:}\"],\"outboundTag\":\"streamingMedia-443\"}]" ${configPath}09_routing.json)
echo "${routing}" | jq .>${configPath}09_routing.json
else
cat <<EOF >${configPath}09_routing.json
{
"routing": {
"domainStrategy": "AsIs",
"rules": [
{
"type": "field",
"port": 80,
"domain": [
"ip.sb",
"geosite:${domainList//,/\",\"geosite:}"
],
"outboundTag": "streamingMedia-80"
},
{
"type": "field",
"port": 443,
"domain": [
"ip.sb",
"geosite:${domainList//,/\",\"geosite:}"
],
"outboundTag": "streamingMedia-443"
}
]
}
}
EOF
fi
reloadCore
echoContent green " ---> Add outbound unlock success"
exit 0
fi
echoContent red " ---> ip cannot be empty"
}
# Set any door to unlock Netflix [inbound]
setDokodemoDoorUnblockStreamingMediaInbounds() {
echoContent skyBlue "\nFunction 1/${totalProgress} : add inbound to any door"
echoContent red "\n=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "1.The rule only supports the predefined domain name list [https://github.com/v2fly/domain-list-community]"
echoContent yellow "2.Detailed documentation [https://www.v2fly.org/config/routing.html]"
echoContent yellow "3.If the kernel fails to start, please check the domain name and add the domain name again"
echoContent yellow "4.Special characters are not allowed, pay attention to the format of commas"
echoContent yellow "5.Every time you add it, it will be added again, and the last domain name will not be retained"
echoContent yellow "6.ip input example: 1.1.1.1,1.1.1.2"
echoContent yellow "7.The domain name below must be the same as the outbound vps"
# echoContent yellow "8.If there is a firewall, please manually open ports 22387 and 22388"
echoContent yellow "8.Example of domain name entry: netflix, disney, hulu\n"
read -r -p "Please enter the IP that is allowed to access the unlocked vps:" setIPs
if [[ -n "${setIPs}" ]]; then
read -r -p "Please enter the domain name according to the above example:" domainList
allowPort 22387
allowPort 22388
cat <<EOF >${configPath}01_netflix_inbounds.json
{
"inbounds": [
{
"listen": "0.0.0.0",
"port": 22387,
"protocol": "dokodemo-door",
"settings": {
"address": "0.0.0.0",
"port": 80,
"network": "tcp",
"followRedirect": false
},
"sniffing": {
"enabled": true,
"destOverride": [
"http"
]
},
"tag": "streamingMedia-80"
},
{
"listen": "0.0.0.0",
"port": 22388,
"protocol": "dokodemo-door",
"settings": {
"address": "0.0.0.0",
"port": 443,
"network": "tcp",
"followRedirect": false
},
"sniffing": {
"enabled": true,
"destOverride": [
"tls"
]
},
"tag": "streamingMedia-443"
}
]
}
EOF
cat <<EOF >${configPath}10_ipv4_outbounds.json
{
"outbounds":[
{
"protocol":"freedom",
"settings":{
"domainStrategy":"UseIPv4"
},
"tag":"IPv4-out"
},
{
"protocol":"freedom",
"settings":{
"domainStrategy":"UseIPv6"
},
"tag":"IPv6-out"
},
{
"protocol":"blackhole",
"tag":"blackhole-out"
}
]
}
EOF
if [[ -f "${configPath}09_routing.json" ]]; then
unInstallRouting streamingMedia-80 inboundTag
unInstallRouting streamingMedia-443 inboundTag
local routing
routing=$(jq -r ".routing.rules += [{\"source\":[\"${setIPs//,/\",\"}\"],\"type\":\"field\",\"inboundTag\":[\"streamingMedia-80\",\"streamingMedia-443\"],\"outboundTag\":\"direct\"},{\"domains\":[\"geosite:${domainList//,/\",\"geosite:}\"],\"type\":\"field\",\"inboundTag\":[\"streamingMedia-80\",\"streamingMedia-443\"],\"outboundTag\":\"blackhole-out\"}]" ${configPath}09_routing.json)
echo "${routing}" | jq .>${configPath}09_routing.json
else
cat <<EOF >${configPath}09_routing.json
{
"routing": {
"rules": [
{
"source": [
"${setIPs//,/\",\"}"
],
"type": "field",
"inboundTag": [
"streamingMedia-80",
"streamingMedia-443"
],
"outboundTag": "direct"
},
{
"domains": [
"geosite:${domainList//,/\",\"geosite:}"
],
"type": "field",
"inboundTag": [
"streamingMedia-80",
"streamingMedia-443"
],
"outboundTag": "blackhole-out"
}
]
}
}
EOF
fi
reloadCore
echoContent green " ---> Add landing machine inbound unlock successfully"
exit 0
fi
echoContent red " ---> ip cannot be empty"
}
# Remove any door to unlock Netflix
removeDokodemoDoorUnblockStreamingMedia() {
unInstallOutbounds streamingMedia-80
unInstallOutbounds streamingMedia-443
unInstallRouting streamingMedia-80 inboundTag
unInstallRouting streamingMedia-443 inboundTag
unInstallRouting streamingMedia-80 outboundTag
unInstallRouting streamingMedia-443 outboundTag
rm -rf ${configPath}01_netflix_inbounds.json
reloadCore
echoContent green " ---> Uninstall successful"
}
# Remove VMess+WS+TLS to unlock streaming
removeVMessWSTLSUnblockStreamingMedia() {
unInstallOutbounds VMess-out
unInstallRouting VMess-out outboundTag
reloadCore
echoContent green " ---> Uninstall successful"
}
# restart the core
reloadCore() {
if [[ "${coreInstallType}" == "1" ]]; then
handleXray stop
handleXray start
elif [[ "${coreInstallType}" == "2" || "${coreInstallType}" == "3" ]]; then
handleV2Ray stop
handleV2Ray start
fi
if [[ -n "${hysteriaConfigPath}" ]]; then
handleHysteria stop
handleHysteria start
fi
}
# dns unblock Netflix
dnsUnlockNetflix() {
if [[ -z "${configPath}" ]]; then
echoContent red " ---> Not installed, please use script to install"
menu
exit 0
fi
echoContent skyBlue "\nFunction 1/${totalProgress} : DNS unblock streaming"
echoContent red "\n=============================================================="
echoContent yellow "1.Add"
echoContent yellow "2.Uninstall"
read -r -p "Please select:" selectType
case ${selectType} in
1)
setUnlockDNS
;;
2)
removeUnlockDNS
;;
esac
}
# set dns
setUnlockDNS() {
read -r -p "Please enter Unblock Streaming DNS:" setDNS
if [[ -n ${setDNS} ]]; then
echoContent red "=============================================================="
echoContent yellow "# Notes\n"
echoContent yellow "1.The rule only supports the predefined domain name list [https://github.com/v2fly/domain-list-community]"
echoContent yellow "2.Detailed documentation [https://www.v2fly.org/config/routing.html]"
echoContent yellow "3.If the kernel fails to start, please check the domain name and add the domain name again"
echoContent yellow "4.Special characters are not allowed, pay attention to the format of commas"
echoContent yellow "5.Every time you add it, it will be added again, and the last domain name will not be retained"
echoContent yellow "6.Input example: netflix, disney, hulu"
echoContent yellow "7.Please enter 1 for the default scheme, the default scheme includes the following"
echoContent yellow "netflix,bahamut,hulu,hbo,disney,bbc,4chan,fox,abema,dmm,niconico,pixiv,bilibili,viu"
read -r -p "Please enter the domain name according to the above example:" domainList
if [[ "${domainList}" == "1" ]]; then
cat <<EOF >${configPath}11_dns.json
{
"dns": {
"servers": [
{
"address": "${setDNS}",
"port": 53,
"domains": [
"geosite:netflix",
"geosite:bahamut",
"geosite:hulu",
"geosite:hbo",
"geosite:disney",
"geosite:bbc",
"geosite:4chan",
"geosite:fox",
"geosite:abema",
"geosite:dmm",
"geosite:niconico",
"geosite:pixiv",
"geosite:bilibili",
"geosite:viu"
]
},
"localhost"
]
}
}
EOF
elif [[ -n "${domainList}" ]]; then
cat <<EOF >${configPath}11_dns.json
{
"dns": {
"servers": [
{
"address": "${setDNS}",
"port": 53,
"domains": [
"geosite:${domainList//,/\",\"geosite:}"
]
},
"localhost"
]
}
}
EOF
fi
reloadCore
echoContent yellow "\n ---> If you still can't watch it, you can try the following two solutions"
echoContent yellow "1.Restart vps"
echoContent yellow " 2.After uninstalling dns unlock, modify the local [/etc/resolv.conf] DNS settings and restart vps\n"
else
echoContent red " ---> dns cannot be empty"
fi
exit 0
}
# remove Netflix unblock
removeUnlockDNS() {
cat <<EOF >${configPath}11_dns.json
{
"dns": {
"servers": [
"localhost"
]
}
}
EOF
reloadCore
echoContent green " ---> Uninstall successful"
exit 0
}
# v2ray-core personalized installation
customV2RayInstall() {
echoContent skyBlue "\n========================Personalized installation==================== =========="
echoContent yellow "VLESS is pre-installed, and 0 is installed by default.If only 0 needs to be installed, only 0 can be selected"
echoContent yellow "0.VLESS+TLS/XTLS+TCP"
echoContent yellow "1.VLESS+TLS+WS[CDN]"
echoContent yellow "2.Trojan+TLS+gRPC[CDN]"
echoContent yellow "3.VMess+TLS+WS[CDN]"
echoContent yellow "4.Trojan"
echoContent yellow "5.VLESS+TLS+gRPC[CDN]"
read -r -p "Please select [multiple choices], [eg: 123]:" selectCustomInstallType
echoContent skyBlue "--------------------------------------------------------------"
if [[ -z ${selectCustomInstallType} ]]; then
selectCustomInstallType=0
fi
if [[ "${selectCustomInstallType}" =~ ^[0-5]+$ ]]; then
cleanUp xrayClean
totalProgress=17
installTools 1
# apply for tls
initTLSNginxConfig 2
installTLS 3
handleNginx stop
# random path
if echo ${selectCustomInstallType} | grep -q 1 || echo ${selectCustomInstallType} | grep -q 3 || echo ${selectCustomInstallType} | grep -q 4; then
randomPathFunction 5
customCDNIP 6
fi
nginxBlog 7
updateRedirectNginxConf
handleNginx start
# Install V2Ray
installV2Ray 8
installV2RayService 9
initV2RayConfig custom 10
cleanUp xrayDel
installCronTLS 14
handleV2Ray stop
handleV2Ray start
# generate account
checkGFWStatue 15
showAccounts 16
else
echoContent red " ---> Invalid input"
customV2RayInstall
fi
}
# Xray-core personalized installation
customXrayInstall() {
echoContent skyBlue "\n========================Personalized installation==================== =========="
echoContent yellow "VLESS is pre-installed, and 0 is installed by default.If only 0 needs to be installed, only 0 can be selected"
echoContent yellow "0.VLESS+TLS/XTLS+TCP"
echoContent yellow "1.VLESS+TLS+WS[CDN]"
echoContent yellow "2.Trojan+TLS+gRPC[CDN]"
echoContent yellow "3.VMess+TLS+WS[CDN]"
echoContent yellow "4.Trojan"
echoContent yellow "5.VLESS+TLS+gRPC[CDN]"
read -r -p "Please select [multiple choices], [eg: 123]:" selectCustomInstallType
echoContent skyBlue "--------------------------------------------------------------"
if [[ -z ${selectCustomInstallType} ]]; then
echoContent red " ---> cannot be empty"
customXrayInstall
elif [[ "${selectCustomInstallType}" =~ ^[0-5]+$ ]]; then
cleanUp v2rayClean
totalProgress=17
installTools 1
# apply for tls
initTLSNginxConfig 2
handleXray stop
handleNginx start
checkIP
installTLS 3
handleNginx stop
# random path
if echo "${selectCustomInstallType}" | grep -q 1 || echo "${selectCustomInstallType}" | grep -q 2 || echo "${selectCustomInstallType}" | grep -q 3 || echo "${selectCustomInstallType}" | grep -q 5; then
randomPathFunction 5
customCDNIP 6
fi
nginxBlog 7
updateRedirectNginxConf
handleNginx start
# Install V2Ray
installXray 8
installXrayService 9
initXrayConfig custom 10
cleanUp v2rayDel
installCronTLS 14
handleXray stop
handleXray start
# generate account
checkGFWStatue 15
showAccounts 16
else
echoContent red " ---> Invalid input"
customXrayInstall
fi
}
# Select core installation---v2ray-core, xray-core
selectCoreInstall() {
echoContent skyBlue "\nFunction 1/${totalProgress} : select core installation"
echoContent red "\n=============================================================="
echoContent yellow "1.Xray-core"
echoContent yellow "2.v2ray-core"
echoContent red "=============================================================="
read -r -p "Please select:" selectCoreType
case ${selectCoreType} in
1)
if [[ "${selectInstallType}" == "2" ]]; then
customXrayInstall
else
xrayCoreInstall
fi
;;
2)
v2rayCoreVersion=
if [[ "${selectInstallType}" == "2" ]]; then
customV2RayInstall
else
v2rayCoreInstall
fi
;;
3)
v2rayCoreVersion=v4.32.1
if [[ "${selectInstallType}" == "2" ]]; then
customV2RayInstall
else
v2rayCoreInstall
fi
;;
*)
echoContent red ' ---> selection error, re-select'
selectCoreInstall
;;
esac
}
# v2ray-core install
v2rayCoreInstall() {
cleanUp xrayClean
selectCustomInstallType=
totalProgress=13
installTools 2
# apply for tls
initTLSNginxConfig 3
handleV2Ray stop
handleNginx start
checkIP
installTLS 4
handleNginx stop
# initNginxConfig 5
randomPathFunction 5
# Install V2Ray
installV2Ray 6
installV2RayService 7
customCDNIP 8
initV2RayConfig all 9
cleanUp xrayDel
installCronTLS 10
nginxBlog 11
updateRedirectNginxConf
handleV2Ray stop
sleep 2
handleV2Ray start
handleNginx start
# generate account
checkGFWStatue 12
showAccounts 13
}
# xray-core install
xrayCoreInstall() {
cleanUp v2rayClean
selectCustomInstallType=
totalProgress=13
installTools 2
# apply for tls
initTLSNginxConfig 3
handleXray stop
handleNginx start
checkIP
installTLS 4
handleNginx stop
randomPathFunction 5
# install Xray
# handleV2Ray stop
installXray 6
installXrayService 7
customCDNIP 8
initXrayConfig all 9
cleanUp v2rayDel
installCronTLS 10
nginxBlog 11
updateRedirectNginxConf
handleXray stop
sleep 2
handleXray start
handleNginx start
# generate account
checkGFWStatue 12
showAccounts 13
}
# Hysteria installation
hysteriaCoreInstall() {
if [[ -z "${coreInstallType}" ]]; then
echoContent red "\n ---> Due to environment dependencies, such as installing hysteria, please install Xray/V2ray first"
menu
exit 0
fi
totalProgress=5
installHysteria 1
initHysteriaConfig 2
installHysteriaService 3
handleHysteria stop
handleHysteria start
showAccounts 5
}
# uninstall hysteria
unInstallHysteriaCore() {
if [[ -z "${hysteriaConfigPath}" ]]; then
echoContent red "\n ---> Not installed"
exit 0
fi
handleHysteria stop
rm -rf /etc/v2ray-agent/hysteria/*
rm -rf /etc/systemd/system/hysteria.service
echoContent green " ---> Uninstallation completed"
}
# Core management
coreVersionManageMenu() {
if [[ -z "${coreInstallType}" ]]; then
echoContent red "\n ---> No installation directory detected, please execute the script to install the content"
menu
exit 0
fi
if [[ "${coreInstallType}" == "1" ]]; then
xrayVersionManageMenu 1
elif [[ "${coreInstallType}" == "2" ]]; then
v2rayCoreVersion=
v2rayVersionManageMenu 1
elif [[ "${coreInstallType}" == "3" ]]; then
v2rayCoreVersion=v4.32.1
v2rayVersionManageMenu 1
fi
}
# cron task check certificate
cronRenewTLS() {
if [[ "${renewTLS}" == "RenewTLS" ]]; then
renewalTLS
exit 0
fi
}
# Account management
manageAccount() {
echoContent skyBlue "\nFunction 1/${totalProgress} : Account Management"
echoContent red "\n=============================================================="
echoContent yellow "# Every time you delete or add an account, you need to re-check the subscription to generate a subscription"
echoContent yellow "# If Hysteria is installed, the account will be added to Hysteria at the same time\n"
echoContent yellow "1.View account"
echoContent yellow "2.View subscription"
echoContent yellow "3.Add user"
echoContent yellow "4.Delete user"
echoContent red "=============================================================="
read -r -p "Please enter:" manageAccountStatus
if [[ "${manageAccountStatus}" == "1" ]]; then
showAccounts 1
elif [[ "${manageAccountStatus}" == "2" ]]; then
subscribe 1
elif [[ "${manageAccountStatus}" == "3" ]]; then
addUser
elif [[ "${manageAccountStatus}" == "4" ]]; then
removeUser
else
echoContent red " ---> Selection error"
fi
}
# subscribe
subscribe() {
if [[ -n "${configPath}" ]]; then
echoContent skyBlue "-------------------------Note-------------------------"
echoContent yellow "# Subscriptions will be regenerated when viewing subscriptions"
echoContent yellow "# Every time you add or delete an account, you need to check the subscription again"
rm -rf /etc/v2ray-agent/subscribe/*
rm -rf /etc/v2ray-agent/subscribe_tmp/*
showAccounts >/dev/null
mv /etc/v2ray-agent/subscribe_tmp/* /etc/v2ray-agent/subscribe/
if [[ -n $(ls /etc/v2ray-agent/subscribe/) ]]; then
find /etc/v2ray-agent/subscribe/* | while read -r email; do
email=$(echo "${email}" | awk -F "[b][e][/]" '{print $2}')
local base64Result
base64Result=$(base64 -w 0 "/etc/v2ray-agent/subscribe/${email}")
echo "${base64Result}" >"/etc/v2ray-agent/subscribe/${email}"
echoContent skyBlue "--------------------------------------------------------------"
echoContent yellow "email:${email}\n"
local currentDomain=${currentHost}
if [[ -n "${currentDefaultPort}" && "${currentDefaultPort}" != "443" ]]; then
currentDomain="${currentHost}:${currentDefaultPort}"
fi
echoContent yellow "url:https://${currentDomain}/s/${email}\n"
echoContent yellow "Online QR code: https://api.qrserver.com/v1/create-qr-code/?size=400x400&data=https://${currentDomain}/s/${email}\n"
echo "https://${currentDomain}/s/${email}" | qrencode -s 10 -m 1 -t UTF8
echoContent skyBlue "--------------------------------------------------------------"
done
fi
else
echoContent red "---> not installed"
fi
}
# toggle alpn
switchAlpn() {
echoContent skyBlue "\nFunction 1/${totalProgress} : toggle alpn"
if [[ -z ${currentAlpn} ]]; then
echoContent red " ---> Unable to read alpn, please check if it is installed"
exit 0
fi
echoContent red "\n=============================================================="
echoContent green "The current alpn first is: ${currentAlpn}"
echoContent yellow " 1.When http/1.1 is the first, trojan is available, and some gRPC clients are available [client supports manual selection of alpn available]"
echoContent yellow " 2.When h2 is the first, gRPC is available, and some trojan clients are available [clients support manual selection of alpn available]"
echoContent yellow " 3.If the client does not support manual replacement of alpn, it is recommended to use this function to change the order of alpn on the server to use the corresponding protocol"
echoContent red "=============================================================="
if [[ "${currentAlpn}" == "http/1.1" ]]; then
echoContent yellow "1.Switch the first position of alpn h2"
elif [[ "${currentAlpn}" == "h2" ]]; then
echoContent yellow "1.Switch alpn http/1.1 first"
else
echoContent red 'incompatible'
fi
echoContent red "=============================================================="
read -r -p "Please select:" selectSwitchAlpnType
if [[ "${selectSwitchAlpnType}" == "1" && "${currentAlpn}" == "http/1.1" ]]; then
local frontingTypeJSON
frontingTypeJSON=$(jq -r ".inbounds[0].streamSettings.xtlsSettings.alpn = [\"h2\",\"http/1.1\"]" ${configPath}${frontingType}.json)
echo "${frontingTypeJSON}" | jq .>${configPath}${frontingType}.json
elif [[ "${selectSwitchAlpnType}" == "1" && "${currentAlpn}" == "h2" ]]; then
local frontingTypeJSON
frontingTypeJSON=$(jq -r ".inbounds[0].streamSettings.xtlsSettings.alpn =[\"http/1.1\",\"h2\"]" ${configPath}${frontingType}.json)
echo "${frontingTypeJSON}" | jq .>${configPath}${frontingType}.json
else
echoContent red " ---> Selection error"
exit 0
fi
reloadCore
}
#hysteria management
manageHysteria() {
echoContent skyBlue "\nProgress 1/1: Hysteria Management"
echoContent red "\n=============================================================="
local hysteriaStatus=
if [[ -n "${hysteriaConfigPath}" ]]; then
echoContent yellow "1.Reinstall"
echoContent yellow "2.Uninstall"
echoContent yellow "3.upgrade core"
echoContent yellow "4.View log"
hysteriaStatus=true
else
echoContent yellow "1.Install"
fi
echoContent red "=============================================================="
read -r -p "Please select:" installHysteriaStatus
if [[ "${installHysteriaStatus}" == "1" ]]; then
hysteriaCoreInstall
elif [[ "${installHysteriaStatus}" == "2" && "${hysteriaStatus}" == "true" ]]; then
unInstallHysteriaCore
elif [[ "${installHysteriaStatus}" == "3" && "${hysteriaStatus}" == "true" ]]; then
installHysteria 1
handleHysteria start
elif [[ "${installHysteriaStatus}" == "4" && "${hysteriaStatus}" == "true" ]]; then
journalctl -fu hysteria
fi
}
# main menu
menu() {
cd "$HOME" || exit
echoContent red "\n=============================================================="
echoContent green "author:mack-a"
echoContent green "Current version: v2.6.10"
echoContent green "Github:https://github.com/mack-a/v2ray-agent"
echoContent green "Description: 8-in-1 coexistence script\c"
showInstallStatus
echoContent red "\n=============================================================="
echoContent red "Promotion Area"
echoContent green "AFF donation: https://github.com/mack-a/v2ray-agent/blob/master/documents/donation_aff.md\n"
echoContent green "Virtual currency donation: 0xB08b731653515b083deE362fefFc45d5eb96c35d\n"
echoContent green "Contact TG for promotion: https://t.me/mackaff"
echoContent red "=============================================================="
if [[ -n "${coreInstallType}" ]]; then
echoContent yellow "1.Reinstall"
else
echoContent yellow "1.Install"
fi
echoContent yellow "2.Install in any combination"
if echo ${currentInstallProtocolType} | grep -q trojan; then
echoContent yellow "3.Switch VLESS[XTLS]"
elif echo ${currentInstallProtocolType} | grep -q 0; then
echoContent yellow "3.Switch Trojan[XTLS]"
fi
echoContent yellow "4.Hysteria management"
echoContent skyBlue "-------------------------Tool management--------------------"
echoContent yellow "5.Account Management"
echoContent yellow "6.Replace camouflage station"
echoContent yellow "7.Update certificate"
echoContent yellow "8.Replace CDN node"
echoContent yellow "9.IPv6 offload"
echoContent yellow "10.WARP shunt"
echoContent yellow "11.Streaming tools"
echoContent yellow "12.Add new port"
echoContent yellow "13.BT download management"
echoContent yellow "14.Switch alpn"
echoContent yellow "15.Domain blacklist"
echoContent skyBlue "-------------------------Version Management--------------------"
echoContent yellow "16.core management"
echoContent yellow "17.Update script"
echoContent yellow "18.Install BBR and DD scripts"
echoContent skyBlue "-------------------------Script management--------------------"
echoContent yellow "19.View log"
echoContent yellow "20.Uninstall script"
echoContent red "=============================================================="
mkdirTools
aliasInstall
read -r -p "Please select:" selectInstallType
case ${selectInstallType} in
1)
selectCoreInstall
;;
2)
selectCoreInstall
;;
3)
initXrayFrontingConfig 1
;;
4)
manageHysteria
;;
5)
manageAccount 1
;;
6)
updateNginxBlog 1
;;
7)
renewalTLS 1
;;
8)
updateV2RayCDN 1
;;
9)
ipv6Routing 1
;;
10)
warpRouting 1
;;
11)
streamingToolbox 1
;;
12)
addCorePort 1
;;
13)
btTools 1
;;
14)
switchAlpn 1
;;
15)
blacklist 1
;;
16)
coreVersionManageMenu 1
;;
17)
updateV2RayAgent 1
;;
18)
bbrInstall
;;
19)
checkLog 1
;;
20)
unInstall 1
;;
esac
}
cronRenewTLS
menu
Reference in New Issue View Git Blame Copy Permalink