katekate/x-ui
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #148 from FranzKafkaYu/main

Browse Source 
add ssl issue and require config after install to avoid default config
This commit is contained in:
vaxilu
2022-03-13 09:36:41 +08:00
committed by GitHub
parent 5d86891162 b99c0fe230
commit 60ff4908cf
2 changed files with 217 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
install.sh Normal file → Executable file
View File

@@ -32,17 +32,17 @@ fi
arch=$(arch)
if [[ $arch == "x86_64" || $arch == "x64" || $arch == "amd64" ]]; then
arch="amd64"
arch="amd64"
elif [[ $arch == "aarch64" || $arch == "arm64" ]]; then
arch="arm64"
arch="arm64"
else
arch="amd64"
echo -e "${red}检测架构失败,使用默认架构: ${arch}${plain}"
arch="amd64"
echo -e "${red}检测架构失败,使用默认架构: ${arch}${plain}"
fi
echo "架构: ${arch}"
if [ $(getconf WORD_BIT) != '32' ] && [ $(getconf LONG_BIT) != '64' ] ; then
if [ $(getconf WORD_BIT) != '32' ] && [ $(getconf LONG_BIT) != '64' ]; then
echo "本软件不支持 32 位系统(x86),请使用 64 位系统(x86_64),如果检测有误,请联系作者"
exit -1
fi
@@ -79,11 +79,32 @@ install_base() {
fi
}
#This function will be called when user installed x-ui out of sercurity
config_after_install() {
echo -e "${yellow}出于安全考虑,安装完成后需要强制修改端口与账户密码${plain}"
read -p "请设置您的账户名:" config_account
echo -e "${yellow}您的账户名将设定为:${config_account}${plain}"
read -p "请设置您的账户密码:" config_password
echo -e "${yellow}您的账户密码将设定为:${config_password}${plain}"
read -p "请设置面板访问端口:" config_port
echo -e "${yellow}您的面板访问端口将设定为:${config_port}${plain}"
read -p "确认设定完成?[y/n]": config_confirm
if [[ x"${config_confirm}" == x"y" || x"${config_confirm}" == x"Y" ]]; then
echo -e "${yellow}确认设定,设定中${plain}"
/usr/local/x-ui/x-ui setting -username ${config_account} -password ${config_password}
echo -e "${yellow}账户密码设定完成${plain}"
/usr/local/x-ui/x-ui setting -port ${config_port}
echo -e "${yellow}面板端口设定完成${plain}"
else
echo -e "${red}已取消,所有设置项均为默认设置,请及时修改${plain}"
fi
}
install_x-ui() {
systemctl stop x-ui
cd /usr/local/
if [ $# == 0 ] ;then
if [ $# == 0 ]; then
last_version=$(curl -Ls "https://api.github.com/repos/vaxilu/x-ui/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
if [[ ! -n "$last_version" ]]; then
echo -e "${red}检测 x-ui 版本失败,可能是超出 Github API 限制,请稍后再试,或手动指定 x-ui 版本安装${plain}"
@@ -116,18 +137,20 @@ install_x-ui() {
chmod +x x-ui bin/xray-linux-${arch}
cp -f x-ui.service /etc/systemd/system/
wget --no-check-certificate -O /usr/bin/x-ui https://raw.githubusercontent.com/vaxilu/x-ui/main/x-ui.sh
chmod +x /usr/local/x-ui/x-ui.sh
chmod +x /usr/bin/x-ui
config_after_install
#echo -e "如果是全新安装,默认网页端口为 ${green}54321${plain},用户名和密码默认都是 ${green}admin${plain}"
#echo -e "请自行确保此端口没有被其他程序占用,${yellow}并且确保 54321 端口已放行${plain}"
# echo -e "若想将 54321 修改为其它端口,输入 x-ui 命令进行修改,同样也要确保你修改的端口也是放行的"
#echo -e ""
#echo -e "如果是更新面板,则按你之前的方式访问面板"
#echo -e ""
systemctl daemon-reload
systemctl enable x-ui
systemctl start x-ui
echo -e "${green}x-ui v${last_version}${plain} 安装完成,面板已启动,"
echo -e ""
echo -e "如果是全新安装,默认网页端口为 ${green}54321${plain},用户名和密码默认都是 ${green}admin${plain}"
echo -e "请自行确保此端口没有被其他程序占用,${yellow}并且确保 54321 端口已放行${plain}"
# echo -e "若想将 54321 修改为其它端口,输入 x-ui 命令进行修改,同样也要确保你修改的端口也是放行的"
echo -e ""
echo -e "如果是更新面板,则按你之前的方式访问面板"
echo -e ""
echo -e "x-ui 管理脚本使用方法: "
echo -e "----------------------------------------------"
echo -e "x-ui - 显示管理菜单 (功能更多)"

246
x-ui.sh
View File

@@ -5,8 +5,20 @@ green='\033[0;32m'
yellow='\033[0;33m'
plain='\033[0m'
#Add some basic function here
function LOGD() {
echo -e "${yellow}[DEG] $* ${plain}"
}
function LOGE() {
echo -e "${red}[ERR] $* ${plain}"
}
function LOGI() {
echo -e "${green}[INF] $* ${plain}"
}
# check root
[[ $EUID -ne 0 ]] && echo -e "${red}错误: ${plain} 必须使用root用户运行此脚本\n" && exit 1
[[ $EUID -ne 0 ]] && LOGE "错误: 必须使用root用户运行此脚本\n" && exit 1
# check os
if [[ -f /etc/redhat-release ]]; then
@@ -24,7 +36,7 @@ elif cat /proc/version | grep -Eqi "ubuntu"; then
elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then
release="centos"
else
echo -e "${red}未检测到系统版本,请联系脚本作者!${plain}\n" && exit 1
LOGE "未检测到系统版本,请联系脚本作者!\n" && exit 1
fi
os_version=""
@@ -39,15 +51,15 @@ fi
if [[ x"${release}" == x"centos" ]]; then
if [[ ${os_version} -le 6 ]]; then
echo -e "${red}请使用 CentOS 7 或更高版本的系统!${plain}\n" && exit 1
LOGE "请使用 CentOS 7 或更高版本的系统!\n" && exit 1
fi
elif [[ x"${release}" == x"ubuntu" ]]; then
if [[ ${os_version} -lt 16 ]]; then
echo -e "${red}请使用 Ubuntu 16 或更高版本的系统!${plain}\n" && exit 1
LOGE "请使用 Ubuntu 16 或更高版本的系统!\n" && exit 1
fi
elif [[ x"${release}" == x"debian" ]]; then
if [[ ${os_version} -lt 8 ]]; then
echo -e "${red}请使用 Debian 8 或更高版本的系统!${plain}\n" && exit 1
LOGE "请使用 Debian 8 或更高版本的系统!\n" && exit 1
fi
fi
@@ -95,7 +107,7 @@ install() {
update() {
confirm "本功能会强制重装当前最新版,数据不会丢失,是否继续?" "n"
if [[ $? != 0 ]]; then
echo -e "${red}已取消${plain}"
LOGE "已取消"
if [[ $# == 0 ]]; then
before_show_menu
fi
@@ -103,7 +115,7 @@ update() {
fi
bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/x-ui/master/install.sh)
if [[ $? == 0 ]]; then
echo -e "${green}更新完成,已自动重启面板${plain}"
LOGI "更新完成,已自动重启面板 "
exit 0
fi
}
@@ -162,7 +174,7 @@ reset_config() {
set_port() {
echo && echo -n -e "输入端口号[1-65535]: " && read port
if [[ -z "${port}" ]]; then
echo -e "${yellow}已取消${plain}"
LOGD "已取消"
before_show_menu
else
/usr/local/x-ui/x-ui setting -port ${port}
@@ -175,15 +187,15 @@ start() {
check_status
if [[ $? == 0 ]]; then
echo ""
echo -e "${green}面板已运行,无需再次启动,如需重启请选择重启${plain}"
LOGI "面板已运行,无需再次启动,如需重启请选择重启"
else
systemctl start x-ui
sleep 2
check_status
if [[ $? == 0 ]]; then
echo -e "${green}x-ui 启动成功${plain}"
LOGI "x-ui 启动成功"
else
echo -e "${red}面板启动失败,可能是因为启动时间超过了两秒,请稍后查看日志信息${plain}"
LOGE "面板启动失败,可能是因为启动时间超过了两秒,请稍后查看日志信息"
fi
fi
@@ -196,15 +208,15 @@ stop() {
check_status
if [[ $? == 1 ]]; then
echo ""
echo -e "${green}面板已停止,无需再次停止${plain}"
LOGI "面板已停止,无需再次停止"
else
systemctl stop x-ui
sleep 2
check_status
if [[ $? == 1 ]]; then
echo -e "${green}x-ui 与 xray 停止成功${plain}"
LOGI "x-ui 与 xray 停止成功"
else
echo -e "${red}面板停止失败,可能是因为停止时间超过了两秒,请稍后查看日志信息${plain}"
LOGE "面板停止失败,可能是因为停止时间超过了两秒,请稍后查看日志信息"
fi
fi
@@ -218,9 +230,9 @@ restart() {
sleep 2
check_status
if [[ $? == 0 ]]; then
echo -e "${green}x-ui 与 xray 重启成功${plain}"
LOGI "x-ui 与 xray 重启成功"
else
echo -e "${red}面板重启失败,可能是因为启动时间超过了两秒,请稍后查看日志信息${plain}"
LOGE "面板重启失败,可能是因为启动时间超过了两秒,请稍后查看日志信息"
fi
if [[ $# == 0 ]]; then
before_show_menu
@@ -237,9 +249,9 @@ status() {
enable() {
systemctl enable x-ui
if [[ $? == 0 ]]; then
echo -e "${green}x-ui 设置开机自启成功${plain}"
LOGI "x-ui 设置开机自启成功"
else
echo -e "${red}x-ui 设置开机自启失败${plain}"
LOGE "x-ui 设置开机自启失败"
fi
if [[ $# == 0 ]]; then
@@ -250,9 +262,9 @@ enable() {
disable() {
systemctl disable x-ui
if [[ $? == 0 ]]; then
echo -e "${green}x-ui 取消开机自启成功${plain}"
LOGI "x-ui 取消开机自启成功"
else
echo -e "${red}x-ui 取消开机自启失败${plain}"
LOGE "x-ui 取消开机自启失败"
fi
if [[ $# == 0 ]]; then
@@ -284,11 +296,11 @@ update_shell() {
wget -O /usr/bin/x-ui -N --no-check-certificate https://github.com/vaxilu/x-ui/raw/master/x-ui.sh
if [[ $? != 0 ]]; then
echo ""
echo -e "${red}下载脚本失败,请检查本机能否连接 Github${plain}"
LOGE "下载脚本失败,请检查本机能否连接 Github"
before_show_menu
else
chmod +x /usr/bin/x-ui
echo -e "${green}升级脚本成功,请重新运行脚本${plain}" && exit 0
LOGI "升级脚本成功,请重新运行脚本" && exit 0
fi
}
@@ -310,7 +322,7 @@ check_enabled() {
if [[ x"${temp}" == x"enabled" ]]; then
return 0
else
return 1;
return 1
fi
}
@@ -318,7 +330,7 @@ check_uninstall() {
check_status
if [[ $? != 2 ]]; then
echo ""
echo -e "${red}面板已安装,请不要重复安装${plain}"
LOGE "面板已安装,请不要重复安装"
if [[ $# == 0 ]]; then
before_show_menu
fi
@@ -332,7 +344,7 @@ check_install() {
check_status
if [[ $? == 2 ]]; then
echo ""
echo -e "${red}请先安装面板${plain}"
LOGE "请先安装面板"
if [[ $# == 0 ]]; then
before_show_menu
fi
@@ -345,16 +357,17 @@ check_install() {
show_status() {
check_status
case $? in
0)
echo -e "面板状态: ${green}已运行${plain}"
show_enable_status
;;
1)
echo -e "面板状态: ${yellow}未运行${plain}"
show_enable_status
;;
2)
echo -e "面板状态: ${red}未安装${plain}"
0)
echo -e "面板状态: ${green}已运行${plain}"
show_enable_status
;;
1)
echo -e "面板状态: ${yellow}未运行${plain}"
show_enable_status
;;
2)
echo -e "面板状态: ${red}未安装${plain}"
;;
esac
show_xray_status
}
@@ -386,6 +399,81 @@ show_xray_status() {
fi
}
ssl_cert_issue() {
echo -E ""
LOGD "******使用说明******"
LOGI "该脚本将使用Acme脚本申请证书,使用时需保证:"
LOGI "1.知晓Cloudflare 注册邮箱"
LOGI "2.知晓Cloudflare Global API Key"
LOGI "3.域名已通过Cloudflare进行解析到当前服务器"
LOGI "4.该脚本申请证书默认安装路径为/root/cert目录"
confirm "我已确认以上内容[y/n]" "y"
if [ $? -eq 0 ]; then
cd ~
LOGI "安装Acme脚本"
curl https://get.acme.sh | sh
if [ $? -ne 0 ]; then
LOGE "安装acme脚本失败"
exit 1
fi
CF_Domain=""
CF_GlobalKey=""
CF_AccountEmail=""
certPath=/root/cert
if [ ! -d "$certPath" ]; then
mkdir $certPath
else
rm -rf $certPath
mkdir $certPath
fi
LOGD "请设置域名:"
read -p "Input your domain here:" CF_Domain
LOGD "你的域名设置为:${CF_Domain}"
LOGD "请设置API密钥:"
read -p "Input your key here:" CF_GlobalKey
LOGD "你的API密钥为:${CF_GlobalKey}"
LOGD "请设置注册邮箱:"
read -p "Input your email here:" CF_AccountEmail
LOGD "你的注册邮箱为:${CF_AccountEmail}"
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
if [ $? -ne 0 ]; then
LOGE "修改默认CA为Lets'Encrypt失败,脚本退出"
exit 1
fi
export CF_Key="${CF_GlobalKey}"
export CF_Email=${CF_AccountEmail}
~/.acme.sh/acme.sh --issue --dns dns_cf -d ${CF_Domain} -d *.${CF_Domain} --log
if [ $? -ne 0 ]; then
LOGDE "证书签发失败,脚本退出"
exit 1
else
LOGDI "证书签发成功,安装中..."
fi
~/.acme.sh/acme.sh --installcert -d ${CF_Domain} -d *.${CF_Domain} --ca-file /root/cert/ca.cer \
--cert-file /root/cert/${CF_Domain}.cer --key-file /root/cert/${CF_Domain}.key \
--fullchain-file /root/cert/fullchain.cer
if [ $? -ne 0 ]; then
LOGE "证书安装失败,脚本退出"
exit 1
else
LOGDI "证书安装成功,开启自动更新..."
fi
~/.acme.sh/acme.sh --upgrade --auto-upgrade
if [ $? -ne 0 ]; then
LOGE "自动更新设置失败,脚本退出"
ls -lah cert
chmod 755 $certPath
exit 1
else
LOGI "证书已安装且已开启自动更新,具体信息如下"
ls -lah cert
chmod 755 $certPath
fi
else
show_menu
fi
}
show_usage() {
echo "x-ui 管理脚本使用方法: "
echo "------------------------------------------"
@@ -427,72 +515,102 @@ show_menu() {
${green}13.${plain} 取消 x-ui 开机自启
————————————————
${green}14.${plain} 一键安装 bbr (最新内核)
${green}15.${plain} 一键申请SSL证书(acme申请)
"
show_status
echo && read -p "请输入选择 [0-14]: " num
case "${num}" in
0) exit 0
0)
exit 0
;;
1) check_uninstall && install
1)
check_uninstall && install
;;
2) check_install && update
2)
check_install && update
;;
3) check_install && uninstall
3)
check_install && uninstall
;;
4) check_install && reset_user
4)
check_install && reset_user
;;
5) check_install && reset_config
5)
check_install && reset_config
;;
6) check_install && set_port
6)
check_install && set_port
;;
7) check_install && start
7)
check_install && start
;;
8) check_install && stop
8)
check_install && stop
;;
9) check_install && restart
9)
check_install && restart
;;
10) check_install && status
10)
check_install && status
;;
11) check_install && show_log
11)
check_install && show_log
;;
12) check_install && enable
12)
check_install && enable
;;
13) check_install && disable
13)
check_install && disable
;;
14) install_bbr
14)
install_bbr
;;
*) echo -e "${red}请输入正确的数字 [0-14]${plain}"
15)
ssl_cert_issue
;;
*)
LOGE "请输入正确的数字 [0-14]"
;;
esac
}
if [[ $# > 0 ]]; then
case $1 in
"start") check_install 0 && start 0
"start")
check_install 0 && start 0
;;
"stop") check_install 0 && stop 0
"stop")
check_install 0 && stop 0
;;
"restart") check_install 0 && restart 0
"restart")
check_install 0 && restart 0
;;
"status") check_install 0 && status 0
"status")
check_install 0 && status 0
;;
"enable") check_install 0 && enable 0
"enable")
check_install 0 && enable 0
;;
"disable") check_install 0 && disable 0
"disable")
check_install 0 && disable 0
;;
"log") check_install 0 && show_log 0
"log")
check_install 0 && show_log 0
;;
"v2-ui") check_install 0 && migrate_v2_ui 0
"v2-ui")
check_install 0 && migrate_v2_ui 0
;;
"update") check_install 0 && update 0
"update")
check_install 0 && update 0
;;
"install") check_uninstall 0 && install 0
"install")
check_uninstall 0 && install 0
;;
"uninstall") check_install 0 && uninstall 0
"uninstall")
check_install 0 && uninstall 0
;;
*) show_usage
*) show_usage ;;
esac
else
show_menu