From ea1048a11a2dd78934ca8e57fbd5f81ce4852de5 Mon Sep 17 00:00:00 2001 From: boypt Date: Thu, 21 Feb 2019 18:28:56 +0800 Subject: [PATCH] ssray, acme.sh for tls cert --- install.sh | 20 ++-- src/download-ssray.sh | 67 +++++++++++++ src/ss-info.sh | 15 ++- src/ssray.conf | 5 + src/ssray.service | 29 ++++++ v2ray.sh | 212 +++++++++++++++++++++++++++++++++++++++++- 6 files changed, 337 insertions(+), 11 deletions(-) create mode 100644 src/download-ssray.sh create mode 100644 src/ssray.conf create mode 100644 src/ssray.service diff --git a/install.sh b/install.sh index 2a8b757..4666d0e 100644 --- a/install.sh +++ b/install.sh @@ -16,8 +16,10 @@ sys_bit=$(uname -m) if [[ $sys_bit == "i386" || $sys_bit == "i686" ]]; then v2ray_bit="32" + v2arch="386" elif [[ $sys_bit == "x86_64" ]]; then v2ray_bit="64" + v2arch="amd64" else echo -e " 哈哈……这个 ${red}辣鸡脚本${none} 不支持你的系统。 ${yellow}(-_-) ${none} @@ -729,12 +731,17 @@ caddy_config() { } install_v2ray() { + echo + echo + echo -e "$yellow 同步系统仓库并安装必须组件,请骚吼~~~~~~~~~ $none" + echo + echo $cmd update -y if [[ $cmd == "apt-get" ]]; then - $cmd install -y lrzsz git zip unzip curl wget qrencode libcap2-bin + $cmd install -y socat lrzsz git zip unzip curl wget qrencode libcap2-bin else # $cmd install -y lrzsz git zip unzip curl wget qrencode libcap iptables-services - $cmd install -y lrzsz git zip unzip curl wget qrencode libcap + $cmd install -y socat lrzsz git zip unzip curl wget qrencode libcap fi ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime [ -d /etc/v2ray ] && rm -rf /etc/v2ray @@ -960,7 +967,7 @@ show_config_info() { } -install() { +install_233() { if [[ -f /usr/bin/v2ray/v2ray && -f /etc/v2ray/config.json ]] && [[ -f $backup && -d /etc/v2ray/233boy/v2ray ]]; then echo echo " 大佬...你已经安装 V2Ray 啦...无需重新安装" @@ -997,7 +1004,8 @@ install() { config show_config_info } -uninstall() { + +uninstall_233() { if [[ -f /usr/bin/v2ray/v2ray && -f /etc/v2ray/config.json ]] && [[ -f $backup && -d /etc/v2ray/233boy/v2ray ]]; then . $backup @@ -1068,11 +1076,11 @@ while :; do read -p "$(echo -e "请选择 [${magenta}1-2$none]:")" choose case $choose in 1) - install + install_233 break ;; 2) - uninstall + uninstall_233 break ;; *) diff --git a/src/download-ssray.sh b/src/download-ssray.sh new file mode 100644 index 0000000..69685c4 --- /dev/null +++ b/src/download-ssray.sh @@ -0,0 +1,67 @@ + + +_get_ssray_latest_version() { + ssray_latest_ver="$(curl -H 'Cache-Control: no-cache' -s https://api.github.com/repos/shadowsocks/v2ray-plugin/releases/latest | grep 'tag_name' | cut -d\" -f4)" + + if [[ ! $ssray_latest_ver ]]; then + echo + echo -e " $red获取 V2Ray 最新版本失败!!!$none" + echo + echo -e " 请尝试执行如下命令: $green echo 'nameserver 8.8.8.8' >/etc/resolv.conf $none" + echo + echo " 然后再重新运行脚本...." + echo + exit 1 + fi +} + +_download_ssray_file() { + _get_ssray_latest_version + [[ -d /tmp/ssray ]] && rm -rf /tmp/ssray + mkdir -p /tmp/ssray + ssray_tmp_file="/tmp/ssray.zip" + ssray_download_link="https://github.com/shadowsocks/v2ray-plugin/releases/download/${ssray_latest_ver}/v2ray-plugin-linux-${v2arch}-${ssray_latest_ver}.tar.gz" + + if ! wget --no-check-certificate -O "$ssray_tmp_file" $ssray_download_link; then + echo -e " + $red 下载 V2Ray Plugin 失败啦..可能是你的 VPS 网络太辣鸡了...请重试...$none + " && exit 1 + fi + + tar xvfz $ssray_tmp_file -C /tmp + install -m755 $(ls /tmp/v2ray-plugin*) /usr/local/bin/v2ray-plugin + setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/v2ray-plugin +} + +_install_ssray_service() { + if [[ $systemd ]]; then + install -m644 /etc/v2ray/233boy/v2ray/src/ssray.service "/lib/systemd/system/" + install -m644 /etc/v2ray/233boy/v2ray/src/ssray.conf /etc/v2ray/ + sed -i "s/##REMOTEPORT##/${ssrayport}/; s/##LOCALPORT##/${ssport}/; s/##OPTION##/${ssrayopt}/;" /etc/v2ray/ssray.conf + systemctl enable ssray + else + $red 暂时不资瓷...$none + exit 1 + fi +} + +_update_ssray_version() { + _get_ssray_latest_version + if [[ $ssray_ver != $ssray_latest_ver ]]; then + echo + echo -e " $green 咦...发现新版本耶....正在拼命更新.......$none" + echo + _download_ssray_file + do_service restart ssray + echo + echo -e " $green 更新成功啦...当前 V2Ray 版本: ${cyan}$ssray_latest_ver$none" + echo + echo -e " $yellow 温馨提示: 为了避免出现莫名其妙的问题...V2Ray 客户端的版本最好和服务器的版本保持一致$none" + echo + else + echo + echo -e " $green 木有发现新版本....$none" + echo + fi +} + diff --git a/src/ss-info.sh b/src/ss-info.sh index 81fb276..b4f2747 100644 --- a/src/ss-info.sh +++ b/src/ss-info.sh @@ -1,6 +1,13 @@ [[ -z $ip ]] && get_ip if [[ $shadowsocks ]]; then - local ss="ss://$(echo -n "${ssciphers}:${sspass}@${ip}:${ssport}" | base64 -w 0)#v2ray6.com_ss_${ip}" + #local ss="ss://$(echo -n "${ssciphers}:${sspass}@${ip}:${ssport}" | base64 -w 0)#v2ray6.com_ss_${ip}" + local cipherstr=$(echo -n ${ssciphers}:${sspass} | base64 -w 0 | sed 's/=*$//') + local clientopt=$(echo ${ssrayopt} | sed 's/server;\?//') + local opt="?plugin=$(echo "v2ray-plugin;${clientopt}" | sed 's/=/%3d/g; s/;/%3b/g;')" + + local ss="ss://${cipherstr}@${ip}:${ssport}#v2ray6.com_ss_${ip}" + local ssplugin="ss://${cipherstr}@${ssray_domain}:${ssrayport}/${opt}#v2ray6.com_ssv2_${ssray_domain}" + echo echo "---------- Shadowsocks 配置信息 -------------" echo @@ -14,8 +21,10 @@ if [[ $shadowsocks ]]; then echo echo -e "$yellow SS 链接 = ${cyan}$ss$none" echo - echo -e " 备注:$red Shadowsocks Win 4.0.6 $none客户端可能无法识别该 SS 链接" - echo + if [[ $ssray ]]; then + echo -e "$yellow SS + V2ray - Plugin 链接 = ${cyan}$ssplugin$none" + echo + fi echo -e "提示: 输入$cyan v2ray ssqr $none可生成 Shadowsocks 二维码链接" echo fi diff --git a/src/ssray.conf b/src/ssray.conf new file mode 100644 index 0000000..8cb522e --- /dev/null +++ b/src/ssray.conf @@ -0,0 +1,5 @@ +SS_REMOTE_HOST=0.0.0.0 +SS_REMOTE_PORT=##REMOTEPORT## +SS_LOCAL_HOST=127.0.0.1 +SS_LOCAL_PORT=##LOCALPORT## +SS_PLUGIN_OPTIONS="##OPTION##" diff --git a/src/ssray.service b/src/ssray.service new file mode 100644 index 0000000..ad9a99f --- /dev/null +++ b/src/ssray.service @@ -0,0 +1,29 @@ +[Unit] +Description=Yet another SIP003 plugin for shadowsocks, based on v2ray +Documentation=https://github.com/shadowsocks/v2ray-plugin +After=network-online.target +Wants=network-online.target systemd-networkd-wait-online.service + +[Service] +Restart=always + +; User and group the process will run as. +User=root +Group=root + +EnvironmentFile=/etc/v2ray/ssray.conf +ExecStart=/usr/local/bin/v2ray-plugin +ExecReload=/bin/kill -USR1 $MAINPID + +; Use graceful shutdown with a reasonable timeout +KillMode=mixed +KillSignal=SIGQUIT +TimeoutStopSec=5s + +; Limit the number of file descriptors; see `man systemd.exec` for more limit settings. +LimitNOFILE=1048576 +; Unmodified caddy is not expected to use more than that. +LimitNPROC=512 + +[Install] +WantedBy=multi-user.target diff --git a/v2ray.sh b/v2ray.sh index dda9f7b..ab32e33 100644 --- a/v2ray.sh +++ b/v2ray.sh @@ -18,8 +18,10 @@ sys_bit=$(uname -m) if [[ $sys_bit == "i386" || $sys_bit == "i686" ]]; then v2ray_bit="32" + v2arch="386" elif [[ $sys_bit == "x86_64" ]]; then v2ray_bit="64" + v2arch="amd64" else echo -e " 哈哈……这个 ${red}辣鸡脚本${none} 不支持你的系统。 ${yellow}(-_-) ${none}" && exit 1 fi @@ -252,9 +254,11 @@ change_shadowsocks_config() { echo echo -e "$yellow 3. $none修改 Shadowsocks 加密协议" echo - echo -e "$yellow 4. $none关闭 Shadowsocks" + echo -e "$yellow 4. $none修改 Shadowsocks - V2rayPlugin 配置" echo - read -p "$(echo -e "请选择 [${magenta}1-4$none]:")" _opt + echo -e "$yellow 5. $none关闭 Shadowsocks" + echo + read -p "$(echo -e "请选择 [${magenta}1-5$none]:")" _opt if [[ -z $_opt ]]; then error else @@ -272,6 +276,10 @@ change_shadowsocks_config() { break ;; 4) + change_ssray_config + break + ;; + 5) disable_shadowsocks break ;; @@ -626,6 +634,206 @@ disable_shadowsocks() { done } + +ssray_config() { + echo + echo + echo -e " $red大佬...你没有配置 Shadowsocks - V2ray - Plugin $none...不过现在想要配置的话也是可以的 ^_^" + echo + echo + + + while :; do + echo -e "是否配置 ${yellow}Shadowsocks - V2ray Plugin ${none} [${magenta}Y/N$none]" + echo + echo + echo -e "${yellow}注:v2ray-plugin 跟v2ray 是互相独立的程序,眉有关系。${none}" + echo + echo -e "${yellow} v2ray-plugin 跟原版shadowsocks同时服务 ${none}" + echo + echo + read -p "$(echo -e "(默认 [${cyan}N$none]):") " install_ssray + [[ -z "$install_ssray" ]] && install_ssray="n" + if [[ "$install_ssray" == [Yy] ]]; then + echo + ssray=true + ssray_port_config + break + elif [[ "$install_ssray" == [Nn] ]]; then + break + else + error + fi + + done +} + +ssray_port_config() { + local random=$(shuf -i20001-65535 -n1) + while :; do + echo -e "请输入 "$yellow"Shadowsocks - v2ray-plugin"$none" 端口 ["$magenta"1-65535"$none"],不能和 "$yellow"V2Ray / shadowsocks "$none" 端口相同" + read -p "$(echo -e "(默认端口: ${cyan}${random}$none):") " ssrayport + [ -z "$ssrayport" ] && ssrayport=$random + case $ssrayport in + $ssport) + echo + echo " 不能和 Shadowsocks 端口一毛一样...." + error + ;; + $v2ray_port) + echo + echo " 不能和 V2Ray 端口一毛一样...." + error + ;; + [1-9] | [1-9][0-9] | [1-9][0-9][0-9] | [1-9][0-9][0-9][0-9] | [1-5][0-9][0-9][0-9][0-9] | 6[0-4][0-9][0-9][0-9] | 65[0-4][0-9][0-9] | 655[0-3][0-5]) + if [[ $v2ray_transport == [45] ]]; then + local tls=ture + fi + if [[ $tls && $ssrayport == "80" ]] || [[ $tls && $ssrayport == "443" ]]; then + echo + echo -e "由于你已选择了 "$green"WebSocket + TLS $none或$green HTTP/2"$none" 传输协议." + echo + echo -e "所以不能选择 "$magenta"80"$none" 或 "$magenta"443"$none" 端口" + error + elif [[ $v2ray_dynamic_port_start_input == $ssrayport || $v2ray_dynamic_port_end_input == $ssrayport ]]; then + local multi_port="${v2ray_dynamic_port_start_input} - ${v2ray_dynamic_port_end_input}" + echo + echo " 抱歉,此端口和 V2Ray 动态端口 冲突,当前 V2Ray 动态端口范围为:$multi_port" + error + elif [[ $v2ray_dynamic_port_start_input -lt $ssrayport && $ssrayport -le $v2ray_dynamic_port_end_input ]]; then + local multi_port="${v2ray_dynamic_port_start_input} - ${v2ray_dynamic_port_end_input}" + echo + echo " 抱歉,此端口和 V2Ray 动态端口 冲突,当前 V2Ray 动态端口范围为:$multi_port" + error + else + echo + echo + echo -e "$yellow Shadowsocks v2ray-plugin 端口 = $cyan$ssrayport$none" + echo "----------------------------------------------------------------" + echo + break + fi + ;; + *) + error + ;; + esac + + done + + ssray_proto_config +} + +ssray_proto_config() { + + ssray_transports=( + "HTTP (Websocket)" + "HTTPS (Websocket TLS)" + "QUIC (udp)" + ) + echo + while :; do + echo -e "请选择 "$yellow"V2Ray-Plugin"$none" 传输协议 [${magenta}1-${#transport[*]}$none]" + echo + for ((i = 1; i <= ${#ssray_transports[*]}; i++)); do + Stream="${ssray_transports[$i - 1]}" + echo -e "$yellow $i. $none${Stream}" + done + echo + echo -e "$yellow 备注: 2.HTTPS 3.QUIC 均要求严格验证【域名】与【证书】,需要解析至本机的公共域名 $none" + echo + read -p "$(echo -e "(默认协议: ${cyan}http$none)"):" ssray_transport + [ -z "$ssray_transport" ] && ssray_transport=1 + echo -e "$yellow V2Ray-Plugin 传输协议 = $cyan${ssray_transports[$ssray_transport - 1]}$none" + echo + echo + echo "----------------------------------------------------------------" + get_ip + case $ssray_transport in + 1) + ssrayopt="server" + ssray_domain=$ip + break + ;; + [2-3]) + while :; do + echo + echo -e "请输入一个 $magenta正确的域名$none,一定一定一定要正确,不!能!出!错!" + read -p "(例如:233blog.com): " ssray_domain + [ -z "$ssray_domain" ] && error && continue + echo + echo + echo -e "$yellow 你的域名 = $cyan$ssray_domain$none" + echo "----------------------------------------------------------------" + break + done + echo + echo + echo -e "$yellow 请将 $magenta$ssray_domain$none $yellow解析到: $cyan$ip$none" + echo + echo -e "$yellow 请将 $magenta$ssray_domain$none $yellow解析到: $cyan$ip$none" + echo + echo -e "$yellow 请将 $magenta$ssray_domain$none $yellow解析到: $cyan$ip$none" + echo "----------------------------------------------------------------" + echo + case $ssray_transport in + 2) + ssrayopt="server;tls;host=${ssray_domain}" + break + ;; + 3) + ssrayopt="server;mode=quic;host=${ssray_domain}" + break + ;; + esac + break + ;; + *) + error + ;; + esac + done + echo + echo + echo + if [[ $ssray_transport -gt 1 && $ssray_domain ]]; then + if [[ -f /root/.acme.sh/$ssray_domain/fullchain.cer && -f /root/.acme.sh/$ssray_domain/$ssray_domain.key ]]; then + echo -e "$yellow 噫!好像已经有证书了! 皮皮虾咋们走! $none" + else + echo -e "$yellow 开始安装acme.sh $none" + curl https://get.acme.sh | bash + + echo -e "$yellow 开始申请 $ssray_domain 的证书,如果有正在使用80端口的程序先让它们退下~... $none" + pkill caddy + pkill httpd + pkill nginx + sleep 3 + + if /root/.acme.sh/acme.sh --issue --standalone -d $ssray_domain ; then + echo -e "$yellow 好了搞定了。$none" + else + echo -e "$yellow 不知道什么鬼,上面的出错提示截图找人问吧!$none" + exit 1 + fi + fi + fi +} + +change_ssray_config() { + if [[ $ssray ]]; then + echo + else + ssray_config + _load download-ssray.sh + _download_ssray_file + _install_ssray_service + open_port $ssrayport + do_service restart ssray + _load ss-info.sh + fi +} + + change_v2ray_config() { local _menu=( "修改 V2Ray 端口"