Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| e50cfeb0b2 | |||
| 2b56b07f28 | |||
| 006c46e020 | |||
| 8a8dcb853e | |||
| f546b4334b | |||
| 5936bc60ef | |||
| a3510a687d | |||
| b40cdb3855 | |||
| 64e580a1d9 |
136
xu
136
xu
@@ -4,8 +4,9 @@
|
||||
# 标题:X-UI 全能安装脚本 (咸V咆哮制作)
|
||||
# 更新:1. 提取全局域名与版本变量,方便后续维护
|
||||
# 2. 动态拼接架构下载链接,适配新版 release
|
||||
# 3. 模式1与模式2分别对应特定数据库配置
|
||||
# 4. 智能测速与双核下载引擎
|
||||
# 3. 数据库机制更新:1.db(客户标准) / 2.db(私人)
|
||||
# 4. 增加数据库防呆校验,防止下载错误网页死循环
|
||||
# 5. 新增:私人模式(模式2)密码防护机制
|
||||
# ==========================================
|
||||
|
||||
# --- 颜色配置 ---
|
||||
@@ -16,16 +17,23 @@ Blue="\033[36m"
|
||||
Font="\033[0m"
|
||||
|
||||
# --- 核心配置 (用户定制) ---
|
||||
# 定义基础域名和版本号,以后更换域名或版本只需修改这里
|
||||
# 定义基础域名和安装包版本号
|
||||
BASE_DOMAIN="git.77582585.xyz"
|
||||
XUI_VERSION="x-uiv2.8.10"
|
||||
REPO_PATH="3344/dock/releases/download"
|
||||
XUI_VERSION="x-uiv2.8.10"
|
||||
|
||||
# 定义数据库专属 Release 版本号
|
||||
DB_RELEASE="3xui1"
|
||||
|
||||
# 数据库链接 (使用变量自动拼接)
|
||||
DB_URL_PUBLIC="https://${BASE_DOMAIN}/${REPO_PATH}/3xui/x-ui%20%E6%88%B702.db" # 模式1链接
|
||||
DB_URL_PRIVATE="https://${BASE_DOMAIN}/attachments/c457401f-76dd-4499-8ea3-a8b628bc963a" # 模式2链接 (如果这个也是 release 里的,可自行参照上方格式修改)
|
||||
DB_URL_PUBLIC="https://${BASE_DOMAIN}/${REPO_PATH}/${DB_RELEASE}/1.db" # 模式1链接 (客户使用)
|
||||
DB_URL_PRIVATE="https://${BASE_DOMAIN}/${REPO_PATH}/${DB_RELEASE}/2.db" # 模式2链接 (私人使用)
|
||||
|
||||
# 默认账号设置 (数据库下载后会被重置为此账号)
|
||||
# --- 安全配置 ---
|
||||
# 设置私人模式的专属安装密码 (你可以随时在这里修改)
|
||||
PRIVATE_AUTH_CODE="3344521"
|
||||
|
||||
# 默认账号设置 (数据库下载后会被强制重置为此账号,防止无法登录)
|
||||
INSTALL_PATH="/usr/local/x-ui"
|
||||
BIN_LINK="/usr/bin/x-ui"
|
||||
DB_PATH="/etc/x-ui/x-ui.db"
|
||||
@@ -34,21 +42,36 @@ SET_PASS="3344"
|
||||
SET_PORT="8443"
|
||||
|
||||
# ==========================================
|
||||
# 1. 模式选择
|
||||
# 1. 模式选择与安全验证
|
||||
# ==========================================
|
||||
clear
|
||||
echo -e "${Blue}#################################################${Font}"
|
||||
echo -e "${Blue}# X-UI 自动安装脚本 (咸V咆哮制作1.2) #${Font}"
|
||||
echo -e "${Blue}# X-UI 自动安装脚本 (咸V咆哮制作1.4) #${Font}"
|
||||
echo -e "${Blue}#################################################${Font}"
|
||||
|
||||
echo -e "${Yellow}请选择安装配置模式:${Font}"
|
||||
echo -e "-------------------------------------------------"
|
||||
echo -e "1. ${Green}标准配置安装${Font} (使用指定的公共数据库配置)"
|
||||
echo -e "2. ${Green}私人配置安装${Font} (私人数据库配置严禁个人使用)"
|
||||
echo -e "1. ${Green}标准配置安装${Font} (使用 1.db 客户数据库)"
|
||||
echo -e "2. ${Red}私人配置安装${Font} (使用 2.db 私人数据库,需授权码)"
|
||||
echo -e "-------------------------------------------------"
|
||||
read -p "请输入数字 [1-2] (默认1): " INSTALL_MODE
|
||||
[[ -z "$INSTALL_MODE" ]] && INSTALL_MODE="1"
|
||||
|
||||
# 密码验证逻辑
|
||||
if [ "$INSTALL_MODE" == "2" ]; then
|
||||
echo -e "-------------------------------------------------"
|
||||
# -s 参数用于隐藏用户输入的密码
|
||||
read -s -p "请输入私人配置专属授权码: " INPUT_PWD
|
||||
echo "" # 换行输出
|
||||
if [ "$INPUT_PWD" != "$PRIVATE_AUTH_CODE" ]; then
|
||||
echo -e "${Red}!! 授权码错误:拒绝访问私人配置,脚本已终止 !!${Font}"
|
||||
exit 1
|
||||
else
|
||||
echo -e "${Green}>> 授权通过,准备安装私人配置...${Font}"
|
||||
fi
|
||||
echo -e "-------------------------------------------------"
|
||||
fi
|
||||
|
||||
# ==========================================
|
||||
# 2. 网络环境智能检测
|
||||
# ==========================================
|
||||
@@ -83,11 +106,9 @@ check_network
|
||||
auto_select_source() {
|
||||
echo -e "${Yellow}>> [1/7] 正在智能测速选择最佳软件源...${Font}"
|
||||
|
||||
# 定义测试目标
|
||||
ALIYUN_URL="https://mirrors.aliyun.com"
|
||||
GOOGLE_URL="https://www.google.com"
|
||||
|
||||
# 测速逻辑
|
||||
echo -n " 测试国际连通性... "
|
||||
SPEED_GLOBAL=$(curl -o /dev/null -s -w '%{time_total}' --connect-timeout 2 "$GOOGLE_URL")
|
||||
if [ $? -ne 0 ]; then SPEED_GLOBAL=999; echo "超时/无法连接"; else echo "${SPEED_GLOBAL}秒"; fi
|
||||
@@ -96,7 +117,6 @@ auto_select_source() {
|
||||
SPEED_CN=$(curl -o /dev/null -s -w '%{time_total}' --connect-timeout 2 "$ALIYUN_URL")
|
||||
if [ $? -ne 0 ]; then SPEED_CN=999; echo "超时/无法连接"; else echo "${SPEED_CN}秒"; fi
|
||||
|
||||
# 决策
|
||||
if (( $(echo "$SPEED_GLOBAL == 999" | bc -l) )); then
|
||||
echo -e "${Green}>> 判定为中国大陆环境 (无法连接Google),自动选择阿里云源${Font}"
|
||||
SOURCE_CHOICE="1"
|
||||
@@ -109,7 +129,6 @@ auto_select_source() {
|
||||
fi
|
||||
}
|
||||
|
||||
# 执行自动选择
|
||||
if command -v bc >/dev/null 2>&1 && command -v curl >/dev/null 2>&1; then
|
||||
auto_select_source
|
||||
else
|
||||
@@ -117,7 +136,6 @@ else
|
||||
SOURCE_CHOICE="2"
|
||||
fi
|
||||
|
||||
# 执行换源操作
|
||||
PM="apt"
|
||||
if [[ -f /etc/redhat-release ]] || command -v yum >/dev/null 2>&1; then PM="yum"; fi
|
||||
|
||||
@@ -170,18 +188,13 @@ if [ "$PM" == "apt" ]; then
|
||||
|
||||
apt-get install -y curl wget tar ca-certificates bc
|
||||
install_soft sqlite3
|
||||
|
||||
echo -n " 安装 Axel 加速器... "
|
||||
install_soft axel && echo "完成" || echo "失败(跳过)"
|
||||
|
||||
echo -n " 安装 Aria2 加速器... "
|
||||
install_soft aria2 && echo "完成" || echo "失败(跳过)"
|
||||
install_soft axel
|
||||
install_soft aria2
|
||||
|
||||
if ! apt-get install -y ntpdate >/dev/null 2>&1; then
|
||||
apt-get install -y ntpsec-ntpdate >/dev/null 2>&1
|
||||
fi
|
||||
else
|
||||
# CentOS
|
||||
yum install -y epel-release >/dev/null 2>&1
|
||||
yum install -y curl wget tar bc >/dev/null 2>&1
|
||||
install_soft sqlite3
|
||||
@@ -206,82 +219,48 @@ echo -e "${Yellow}>> [4/7] 识别架构并匹配下载源...${Font}"
|
||||
ARCH=$(uname -m)
|
||||
FILE_NAME=""
|
||||
|
||||
# 识别架构并只设定对应的文件名
|
||||
case $ARCH in
|
||||
x86_64)
|
||||
FILE_NAME="x-ui-linux-amd64.tar.gz"
|
||||
;;
|
||||
aarch64|armv8)
|
||||
FILE_NAME="x-ui-linux-arm64.tar.gz"
|
||||
;;
|
||||
i386|i686)
|
||||
FILE_NAME="x-ui-linux-386.tar.gz"
|
||||
;;
|
||||
armv5*)
|
||||
FILE_NAME="x-ui-linux-armv5.tar.gz"
|
||||
;;
|
||||
armv6*)
|
||||
FILE_NAME="x-ui-linux-armv6.tar.gz"
|
||||
;;
|
||||
armv7*)
|
||||
FILE_NAME="x-ui-linux-armv7.tar.gz"
|
||||
;;
|
||||
s390x)
|
||||
FILE_NAME="x-ui-linux-s390x.tar.gz"
|
||||
;;
|
||||
*)
|
||||
echo -e "${Red}不支持或无法识别的架构: $ARCH${Font}"
|
||||
exit 1
|
||||
;;
|
||||
x86_64) FILE_NAME="x-ui-linux-amd64.tar.gz" ;;
|
||||
aarch64|armv8) FILE_NAME="x-ui-linux-arm64.tar.gz" ;;
|
||||
i386|i686) FILE_NAME="x-ui-linux-386.tar.gz" ;;
|
||||
armv5*) FILE_NAME="x-ui-linux-armv5.tar.gz" ;;
|
||||
armv6*) FILE_NAME="x-ui-linux-armv6.tar.gz" ;;
|
||||
armv7*) FILE_NAME="x-ui-linux-armv7.tar.gz" ;;
|
||||
s390x) FILE_NAME="x-ui-linux-s390x.tar.gz" ;;
|
||||
*) echo -e "${Red}不支持或无法识别的架构: $ARCH${Font}"; exit 1 ;;
|
||||
esac
|
||||
|
||||
# 动态组合成最终的下载链接
|
||||
DOWNLOAD_URL="https://${BASE_DOMAIN}/${REPO_PATH}/${XUI_VERSION}/${FILE_NAME}"
|
||||
|
||||
echo -e "${Green}检测到架构: $ARCH${Font}"
|
||||
echo -e "${Green}匹配文件名: $FILE_NAME${Font}"
|
||||
echo -e "${Green}下载直链: $DOWNLOAD_URL${Font}"
|
||||
echo -e "${Green}安装包直链: $DOWNLOAD_URL${Font}"
|
||||
|
||||
# ==========================================
|
||||
# 6. 智能下载管理器 (双核+自动回退)
|
||||
# 6. 智能下载管理器
|
||||
# ==========================================
|
||||
# 参数: $1=URL, $2=OutputFilename
|
||||
download_manager() {
|
||||
local url=$1
|
||||
local file=$2
|
||||
rm -f "$file"
|
||||
|
||||
# 优先级 1: Axel
|
||||
if command -v axel >/dev/null 2>&1; then
|
||||
echo -e "${Green}>> 启用 Axel 引擎 (16线程)...${Font}"
|
||||
if axel -n 16 -k -q -o "$file" "$url"; then return 0; fi
|
||||
echo -e "${Red}Axel 下载失败,切换备用引擎...${Font}"
|
||||
fi
|
||||
|
||||
# 优先级 2: Aria2
|
||||
if command -v aria2c >/dev/null 2>&1; then
|
||||
echo -e "${Green}>> 启用 Aria2 引擎 (16线程)...${Font}"
|
||||
if aria2c -x 16 -s 16 -k 1M -o "$file" "$url" >/dev/null 2>&1; then return 0; fi
|
||||
echo -e "${Red}Aria2 下载失败,切换单线程...${Font}"
|
||||
fi
|
||||
|
||||
# 优先级 3: Wget
|
||||
echo -e "${Yellow}>> 启用 Wget (单线程)...${Font}"
|
||||
if wget $NET_OPT --no-check-certificate --timeout=30 --tries=3 -O "$file" "$url"; then return 0; fi
|
||||
|
||||
# 优先级 4: Curl
|
||||
echo -e "${Yellow}>> 启用 Curl (最后保底)...${Font}"
|
||||
curl $NET_OPT -L -k --connect-timeout 30 --retry 3 -o "$file" "$url"
|
||||
}
|
||||
|
||||
echo -e "${Yellow}>> [5/7] 下载安装包 (Mode: $NET_OPT)...${Font}"
|
||||
echo -e "${Yellow}>> [5/7] 下载安装包...${Font}"
|
||||
cd /usr/local/
|
||||
# 调用下载管理器下载对应架构的文件
|
||||
download_manager "$DOWNLOAD_URL" "$FILE_NAME"
|
||||
|
||||
if ! tar -tzf "$FILE_NAME" >/dev/null 2>&1; then
|
||||
echo -e "${Red}严重错误:安装包下载失败或文件损坏!${Font}"
|
||||
echo -e "${Red}尝试链接: $DOWNLOAD_URL${Font}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@@ -299,28 +278,25 @@ ln -sf "$INSTALL_PATH/x-ui.sh" "$BIN_LINK"
|
||||
mkdir -p /etc/x-ui/
|
||||
rm -f "$DB_PATH"
|
||||
|
||||
# 确定目标数据库链接
|
||||
if [ "$INSTALL_MODE" == "1" ]; then
|
||||
echo -e "${Yellow}>> 正在下载标准/公共配置...${Font}"
|
||||
echo -e "${Yellow}>> 正在下载 1.db (客户标准配置)...${Font}"
|
||||
TARGET_DB="$DB_URL_PUBLIC"
|
||||
else
|
||||
echo -e "${Yellow}>> 正在下载私人配置...${Font}"
|
||||
echo -e "${Yellow}>> 正在下载 2.db (私人配置)...${Font}"
|
||||
TARGET_DB="$DB_URL_PRIVATE"
|
||||
fi
|
||||
|
||||
# 下载配置数据库
|
||||
download_manager "$TARGET_DB" "$DB_PATH"
|
||||
|
||||
if [ ! -s "$DB_PATH" ] || [ $(stat -c%s "$DB_PATH") -lt 1000 ]; then
|
||||
echo -e "${Red}警告:数据库下载失败,尝试使用默认空数据库初始化...${Font}"
|
||||
# --- 防报错网页校验 ---
|
||||
if [ ! -s "$DB_PATH" ] || [ $(stat -c%s "$DB_PATH") -lt 10240 ]; then
|
||||
echo -e "${Red}警告:数据库下载失败或文件异常(大小不足 10KB),已自动回退为空白数据库!${Font}"
|
||||
cp /usr/local/x-ui/bin/x-ui.db "$DB_PATH"
|
||||
else
|
||||
echo -e "${Green}数据库配置下载成功!${Font}"
|
||||
echo -e "${Green}数据库配置下载且校验成功!${Font}"
|
||||
fi
|
||||
|
||||
# --- 统一强制重置账号 ---
|
||||
# 无论哪种模式,下载下来的数据库密码可能未知,强制重置为脚本头部设定的密码
|
||||
echo -e "${Yellow}>> 正在强制重置账户权限...${Font}"
|
||||
echo -e "${Yellow}>> 正在强制重置账户权限与端口...${Font}"
|
||||
chmod 777 "$DB_PATH" >/dev/null 2>&1
|
||||
|
||||
RESET_SUCCESS=0
|
||||
@@ -330,13 +306,11 @@ if command -v sqlite3 >/dev/null 2>&1; then
|
||||
sqlite3 -cmd ".timeout 2000" "$DB_PATH" "UPDATE users SET username='$SET_USER', password='$SET_PASS' WHERE id=1;"
|
||||
CURRENT_PASS=$(sqlite3 "$DB_PATH" "SELECT password FROM users WHERE id=1;")
|
||||
if [ "$CURRENT_PASS" == "$SET_PASS" ]; then
|
||||
echo -e "${Green}账户权限重置成功 (SQL模式)${Font}"
|
||||
RESET_SUCCESS=1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ $RESET_SUCCESS -eq 0 ]; then
|
||||
echo -e "${Yellow}使用官方接口重置账号...${Font}"
|
||||
./x-ui setting -username "$SET_USER" -password "$SET_PASS" -port "$SET_PORT" >/dev/null 2>&1
|
||||
fi
|
||||
chmod 644 "$DB_PATH" >/dev/null 2>&1
|
||||
@@ -383,5 +357,5 @@ echo -e "${Blue}#################################################${Font}"
|
||||
echo -e "访问地址 : ${Green}http://$IP:$SET_PORT${Font}"
|
||||
echo -e "用户名 : ${Green}$SET_USER${Font}"
|
||||
echo -e "密码 : ${Green}$SET_PASS${Font}"
|
||||
echo -e "当前模式 : ${Yellow}$([ "$INSTALL_MODE" == "1" ] && echo "标准配置" || echo "私人配置")${Font}"
|
||||
echo -e "当前模式 : ${Yellow}$([ "$INSTALL_MODE" == "1" ] && echo "客户配置(1.db)" || echo "私人配置(2.db)")${Font}"
|
||||
echo -e "${Blue}#################################################${Font}"
|
||||
460
xu1
460
xu1
@@ -1,8 +1,12 @@
|
||||
#!/bin/bash
|
||||
|
||||
# ==========================================
|
||||
# 标题:X-UI 全能安装脚本 (精简服务器版)
|
||||
# 更新:移除第三方多线程下载器,保留原生 wget/curl
|
||||
# 标题:X-UI 终极自动安装脚本 (咸V咆哮·物理拔线+真实校验版)
|
||||
# 特性:
|
||||
# 1. 禁用多线程工具空间预分配,彻底解决空壳文件欺骗。
|
||||
# 2. 引入 tar 内部结构模拟解压校验,100% 杜绝损坏包。
|
||||
# 3. 15秒生死线:连不上瞬间强杀进程切换。
|
||||
# 4. 强制全网 IPv4,规避 IPv6 路由黑洞。
|
||||
# ==========================================
|
||||
|
||||
# --- 颜色配置 ---
|
||||
@@ -12,216 +16,172 @@ Yellow="\033[33m"
|
||||
Blue="\033[36m"
|
||||
Font="\033[0m"
|
||||
|
||||
# --- 核心配置 (用户定制) ---
|
||||
DB_URL_PUBLIC="https://git.77582585.xyz/3344/dock/releases/download/3xui/x-ui%20%E6%88%B702.db"
|
||||
DB_URL_PRIVATE="https://git.77582585.xyz/attachments/c457401f-76dd-4499-8ea3-a8b628bc963a"
|
||||
|
||||
# --- 核心配置 ---
|
||||
DB_URL="https://git.77582585.xyz/3344/dock/releases/download/3xui1/1.db"
|
||||
PRIVATE_AUTH_CODE="7758258"
|
||||
INSTALL_PATH="/usr/local/x-ui"
|
||||
BIN_LINK="/usr/bin/x-ui"
|
||||
DB_PATH="/etc/x-ui/x-ui.db"
|
||||
SET_USER="3344"
|
||||
SET_PASS="3344"
|
||||
SET_PORT="8443"
|
||||
FAKE_UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
|
||||
|
||||
[[ $EUID -ne 0 ]] && echo -e "${Red}错误:请使用 root 权限运行此脚本!${Font}" && exit 1
|
||||
|
||||
gen_random_string() {
|
||||
local length="$1"
|
||||
echo $(LC_ALL=C tr -dc 'a-zA-Z0-9' </dev/urandom | fold -w "$length" | head -n 1)
|
||||
}
|
||||
|
||||
# 终极物理拔线 + 真实结构校验下载引擎
|
||||
download_file() {
|
||||
local url=$1
|
||||
local file=$2
|
||||
local fallback_url=$3
|
||||
local file_type=$4 # 区分是 tar 包还是 db 数据库
|
||||
|
||||
rm -f "$file" "$file.aria2"
|
||||
|
||||
# 核心:暴力校验文件真实性
|
||||
check_valid() {
|
||||
if [ ! -f "$file" ]; then return 1; fi
|
||||
|
||||
if [ "$file_type" == "tar" ]; then
|
||||
# 模拟解压校验:如果是个假包或者空壳,这句直接报错返回 1
|
||||
if tar -tzf "$file" >/dev/null 2>&1; then return 0; fi
|
||||
elif [ "$file_type" == "db" ]; then
|
||||
# 数据库包校验大小即可,要求大于 10KB
|
||||
local file_size=$(du -k "$file" | cut -f1)
|
||||
if [ "$file_size" -ge 10 ]; then return 0; fi
|
||||
fi
|
||||
|
||||
rm -f "$file" "$file.aria2" # 假包直接干掉
|
||||
return 1
|
||||
}
|
||||
|
||||
echo -e "${Yellow} -> 方案一:Aria2 (禁止预分配/15秒强杀)...${Font}"
|
||||
if command -v aria2c >/dev/null; then
|
||||
# 加入 --file-allocation=none 解决空壳文件 Bug
|
||||
timeout 15 aria2c -x 4 -s 4 --file-allocation=none --connect-timeout=5 --timeout=5 --max-tries=1 --disable-ipv6=true --user-agent="$FAKE_UA" --allow-overwrite=true --dir="$(dirname "$file")" --out="$(basename "$file")" "$url" >/dev/null 2>&1
|
||||
check_valid && return 0
|
||||
fi
|
||||
|
||||
echo -e "${Yellow} -> 方案二:Wget (强制IPv4/15秒强杀)...${Font}"
|
||||
timeout 15 wget -4 --no-check-certificate --user-agent="$FAKE_UA" -T 5 -t 1 -O "$file" "$url" >/dev/null 2>&1
|
||||
check_valid && return 0
|
||||
|
||||
echo -e "${Yellow} -> 方案三:Curl (强力降级/15秒强杀)...${Font}"
|
||||
timeout 15 curl -4 --http1.1 -L -k -A "$FAKE_UA" --connect-timeout 5 -m 15 --retry 1 -o "$file" "$url" >/dev/null 2>&1
|
||||
check_valid && return 0
|
||||
|
||||
if [[ -n "$fallback_url" ]]; then
|
||||
echo -e "${Red}!! 警告:直链节点全军覆没!启用方案四:GitHub 加速镜像池兜底 !!${Font}"
|
||||
timeout 30 wget -4 --no-check-certificate --user-agent="$FAKE_UA" -T 10 -t 2 -O "$file" "$fallback_url" >/dev/null 2>&1
|
||||
check_valid && return 0
|
||||
fi
|
||||
|
||||
return 1
|
||||
}
|
||||
|
||||
# ==========================================
|
||||
# 1. 模式选择
|
||||
# ==========================================
|
||||
clear
|
||||
echo -e "${Blue}#################################################${Font}"
|
||||
echo -e "${Blue}# X-UI 自动安装脚本 (轻量精简版) #${Font}"
|
||||
echo -e "${Blue}#################################################${Font}"
|
||||
echo -e "${Yellow}请选择安装配置模式:${Font}"
|
||||
echo -e "-------------------------------------------------"
|
||||
echo -e "1. ${Green}标准配置安装${Font} (使用指定的公共数据库配置)"
|
||||
echo -e "2. ${Green}私人配置安装${Font} (私人数据库配置严禁个人使用)"
|
||||
echo -e "-------------------------------------------------"
|
||||
read -p "请输入数字 [1-2] (默认1): " INSTALL_MODE
|
||||
echo -e "${Blue}══════════════════════════════════════════════════${Font}"
|
||||
echo -e "${Blue} X-UI 终极自动安装脚本 (咸V咆哮专属) ${Font}"
|
||||
echo -e "${Blue}══════════════════════════════════════════════════${Font}"
|
||||
echo -e "${Yellow}请选择安装模式:${Font}"
|
||||
echo -e " 1. ${Green}官方纯净安装${Font} (直链下载主程序,随机生成安全账密)"
|
||||
echo -e " 2. ${Red}载入自定义库${Font} (使用预设数据库,需授权码,自动增强安全)"
|
||||
echo -e "──────────────────────────────────────────────────"
|
||||
read -rp "请输入数字 [1-2] (默认1): " INSTALL_MODE
|
||||
[[ -z "$INSTALL_MODE" ]] && INSTALL_MODE="1"
|
||||
|
||||
# ==========================================
|
||||
# 2. 网络环境智能检测
|
||||
# ==========================================
|
||||
check_network() {
|
||||
echo -e "${Yellow}>> [1/6] 正在检测网络环境...${Font}"
|
||||
HAS_IPV4=0
|
||||
HAS_IPV6=0
|
||||
|
||||
if curl -s4m2 https://www.google.com/generate_204 >/dev/null 2>&1 || curl -s4m2 https://www.baidu.com >/dev/null 2>&1; then
|
||||
HAS_IPV4=1
|
||||
fi
|
||||
if curl -s6m2 https://www.google.com/generate_204 >/dev/null 2>&1; then
|
||||
HAS_IPV6=1
|
||||
fi
|
||||
|
||||
if [[ $HAS_IPV4 -eq 1 ]]; then
|
||||
echo -e "${Green}检测到 IPv4 网络,将优先使用 IPv4 通道${Font}"
|
||||
NET_OPT="-4"
|
||||
elif [[ $HAS_IPV6 -eq 1 ]]; then
|
||||
echo -e "${Green}检测到纯 IPv6 网络,将自动切换至 IPv6 通道${Font}"
|
||||
NET_OPT="-6"
|
||||
else
|
||||
echo -e "${Red}错误:未检测到任何可用网络!${Font}"
|
||||
if [ "$INSTALL_MODE" == "2" ]; then
|
||||
echo -e "──────────────────────────────────────────────────"
|
||||
read -s -rp "请输入专属授权码: " INPUT_PWD
|
||||
echo ""
|
||||
if [ "$INPUT_PWD" != "$PRIVATE_AUTH_CODE" ]; then
|
||||
echo -e "${Red}!! 授权码错误:拒绝安装,脚本已终止 !!${Font}"
|
||||
exit 1
|
||||
else
|
||||
echo -e "${Green}>> 授权通过,准备部署自定义配置...${Font}"
|
||||
fi
|
||||
}
|
||||
check_network
|
||||
|
||||
# ==========================================
|
||||
# 3. 系统环境与依赖处理
|
||||
# ==========================================
|
||||
echo -e "${Yellow}>> [2/6] 安装基础依赖...${Font}"
|
||||
PM="apt"
|
||||
if [[ -f /etc/redhat-release ]] || command -v yum >/dev/null 2>&1; then PM="yum"; fi
|
||||
|
||||
install_soft() {
|
||||
if [ "$PM" == "apt" ]; then
|
||||
apt-get install -y $1 >/dev/null 2>&1
|
||||
elif [ "$PM" == "yum" ]; then
|
||||
yum install -y $1 >/dev/null 2>&1
|
||||
fi
|
||||
}
|
||||
|
||||
if [ "$PM" == "apt" ]; then
|
||||
pgrep -x "apt" && killall apt apt-get dpkg >/dev/null 2>&1
|
||||
rm -rf /var/lib/apt/lists/lock /var/lib/dpkg/lock*
|
||||
dpkg --configure -a >/dev/null 2>&1
|
||||
apt-get update -o Acquire::http::Timeout="20" || echo -e "${Red}源更新超时,尝试继续...${Font}"
|
||||
apt-get install -y curl wget tar ca-certificates bc sqlite3
|
||||
if ! apt-get install -y ntpdate >/dev/null 2>&1; then
|
||||
apt-get install -y ntpsec-ntpdate >/dev/null 2>&1
|
||||
fi
|
||||
else
|
||||
yum install -y epel-release >/dev/null 2>&1
|
||||
yum install -y curl wget tar bc sqlite3 ntpdate >/dev/null 2>&1
|
||||
echo -e "──────────────────────────────────────────────────"
|
||||
fi
|
||||
|
||||
# ==========================================
|
||||
# 4. 时间校准与架构匹配
|
||||
# 步骤 1:系统优化与 BBR 加速
|
||||
# ==========================================
|
||||
echo -e "${Yellow}>> [3/6] 校准时间与识别架构...${Font}"
|
||||
rm -f /etc/localtime
|
||||
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
|
||||
if command -v ntpdate >/dev/null 2>&1; then
|
||||
ntpdate pool.ntp.org >/dev/null 2>&1
|
||||
echo -e "${Yellow}>> [1/7] 正在清理系统并开启 BBR 网络加速...${Font}"
|
||||
if command -v apt-get >/dev/null; then
|
||||
apt-get autoremove -y >/dev/null 2>&1
|
||||
apt-get clean >/dev/null 2>&1
|
||||
elif command -v yum >/dev/null; then
|
||||
yum clean all >/dev/null 2>&1
|
||||
fi
|
||||
if ! grep -q "bbr" /etc/sysctl.conf; then
|
||||
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
|
||||
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
|
||||
sysctl -p >/dev/null 2>&1
|
||||
echo -e "${Green}✓ BBR 加速已成功开启${Font}"
|
||||
else
|
||||
date -s "$(curl -sI g.cn | grep Date | cut -d' ' -f3-6)Z" >/dev/null 2>&1
|
||||
echo -e "${Green}✓ BBR 之前已开启,跳过${Font}"
|
||||
fi
|
||||
|
||||
# ==========================================
|
||||
# 步骤 2:安装基础依赖
|
||||
# ==========================================
|
||||
echo -e "${Yellow}>> [2/7] 正在安装极速下载器与必备依赖...${Font}"
|
||||
if command -v apt-get >/dev/null; then
|
||||
apt-get update -y -q >/dev/null 2>&1
|
||||
apt-get install -y -q aria2 wget curl tar tzdata socat ca-certificates sqlite3 bc coreutils >/dev/null 2>&1
|
||||
elif command -v yum >/dev/null; then
|
||||
yum install -y -q epel-release >/dev/null 2>&1
|
||||
yum install -y -q aria2 wget curl tar tzdata socat ca-certificates sqlite3 bc coreutils >/dev/null 2>&1
|
||||
fi
|
||||
|
||||
SERVER_IP=$(curl -s4m5 api.ipify.org)
|
||||
[[ -z "$SERVER_IP" ]] && SERVER_IP=$(curl -s6m5 api64.ipify.org)
|
||||
|
||||
# ==========================================
|
||||
# 步骤 3:架构匹配与多源拉取
|
||||
# ==========================================
|
||||
echo -e "${Yellow}>> [3/7] 识别架构并拉取核心程序...${Font}"
|
||||
ARCH=$(uname -m)
|
||||
DOWNLOAD_URL=""
|
||||
FILE_NAME=""
|
||||
FALLBACK_URL=""
|
||||
|
||||
case $ARCH in
|
||||
x86_64)
|
||||
FILE_NAME="x-ui-linux-amd64.tar.gz"
|
||||
DOWNLOAD_URL="https://git.77582585.xyz/attachments/40eeb013-5006-423f-ad74-a0541ab340f4"
|
||||
;;
|
||||
aarch64|armv8)
|
||||
FILE_NAME="x-ui-linux-arm64.tar.gz"
|
||||
DOWNLOAD_URL="https://git.77582585.xyz/attachments/4ab708d5-6bc8-42c0-8494-ef5efe03e074"
|
||||
;;
|
||||
i386|i686)
|
||||
FILE_NAME="x-ui-linux-386.tar.gz"
|
||||
DOWNLOAD_URL="https://git.77582585.xyz/attachments/d1604006-c6b7-4c7c-9652-b42b229ef4cb"
|
||||
;;
|
||||
armv5*)
|
||||
FILE_NAME="x-ui-linux-armv5.tar.gz"
|
||||
DOWNLOAD_URL="https://git.77582585.xyz/attachments/8a5c678c-4ae4-43c4-910d-7e47f7c21c22"
|
||||
;;
|
||||
armv6*)
|
||||
FILE_NAME="x-ui-linux-armv6.tar.gz"
|
||||
DOWNLOAD_URL="https://git.77582585.xyz/attachments/0e7c7fd7-192e-44b3-9739-785a5fb1b51f"
|
||||
;;
|
||||
armv7*)
|
||||
FILE_NAME="x-ui-linux-armv7.tar.gz"
|
||||
DOWNLOAD_URL="https://git.77582585.xyz/attachments/9d1bf416-afb6-4e9f-b46b-ab3a1913a998"
|
||||
;;
|
||||
s390x)
|
||||
FILE_NAME="x-ui-linux-s390x.tar.gz"
|
||||
DOWNLOAD_URL="https://git.77582585.xyz/attachments/18784828-0d20-4bc5-908c-15f91bcf8eb5"
|
||||
;;
|
||||
*)
|
||||
echo -e "${Red}不支持或无法识别的架构: $ARCH${Font}"
|
||||
exit 1
|
||||
;;
|
||||
x86_64|amd64) DOWNLOAD_URL="https://git.77582585.xyz/attachments/40eeb013-5006-423f-ad74-a0541ab340f4"; FILE_NAME="x-ui-linux-amd64.tar.gz" ;;
|
||||
aarch64|armv8|arm64) DOWNLOAD_URL="https://git.77582585.xyz/attachments/4ab708d5-6bc8-42c0-8494-ef5efe03e074"; FILE_NAME="x-ui-linux-arm64.tar.gz" ;;
|
||||
i386|i686|x86) DOWNLOAD_URL="https://git.77582585.xyz/attachments/d1604006-c6b7-4c7c-9652-b42b229ef4cb"; FILE_NAME="x-ui-linux-386.tar.gz" ;;
|
||||
armv5*) DOWNLOAD_URL="https://git.77582585.xyz/attachments/8a5c678c-4ae4-43c4-910d-7e47f7c21c22"; FILE_NAME="x-ui-linux-armv5.tar.gz" ;;
|
||||
armv6*) DOWNLOAD_URL="https://git.77582585.xyz/attachments/0e7c7fd7-192e-44b3-9739-785a5fb1b51f"; FILE_NAME="x-ui-linux-armv6.tar.gz" ;;
|
||||
armv7*) DOWNLOAD_URL="https://git.77582585.xyz/attachments/9d1bf416-afb6-4e9f-b46b-ab3a1913a998"; FILE_NAME="x-ui-linux-armv7.tar.gz" ;;
|
||||
s390x) DOWNLOAD_URL="https://git.77582585.xyz/attachments/18784828-0d20-4bc5-908c-15f91bcf8eb5"; FILE_NAME="x-ui-linux-s390x.tar.gz" ;;
|
||||
*) echo -e "${Red}不支持的架构: $ARCH${Font}" && exit 1 ;;
|
||||
esac
|
||||
echo -e "${Green}检测到架构: $ARCH,匹配文件名: $FILE_NAME${Font}"
|
||||
|
||||
# ==========================================
|
||||
# 5. 本地基础下载逻辑
|
||||
# ==========================================
|
||||
download_manager() {
|
||||
local url=$1
|
||||
local file=$2
|
||||
rm -f "$file"
|
||||
|
||||
echo -e "${Yellow}>> 尝试使用 Wget 下载...${Font}"
|
||||
if wget $NET_OPT --no-check-certificate --timeout=30 --tries=3 -O "$file" "$url"; then return 0; fi
|
||||
|
||||
echo -e "${Yellow}>> Wget 失败,尝试使用 Curl 兜底...${Font}"
|
||||
curl $NET_OPT -L -k --connect-timeout 30 --retry 3 -o "$file" "$url"
|
||||
}
|
||||
FALLBACK_URL="https://ghproxy.net/https://github.com/MHSanaei/3x-ui/releases/latest/download/${FILE_NAME}"
|
||||
|
||||
echo -e "${Yellow}>> [4/6] 下载安装包 (Mode: $NET_OPT)...${Font}"
|
||||
echo -e "${Green}✓ 检测到架构: $ARCH,启动极速灾备下载引擎...${Font}"
|
||||
systemctl stop x-ui >/dev/null 2>&1
|
||||
rm -rf /usr/local/x-ui
|
||||
mkdir -p /usr/local/
|
||||
cd /usr/local/
|
||||
download_manager "$DOWNLOAD_URL" "$FILE_NAME"
|
||||
|
||||
if ! tar -tzf "$FILE_NAME" >/dev/null 2>&1; then
|
||||
echo -e "${Red}严重错误:安装包下载失败或文件损坏!${Font}"
|
||||
# 注意这里多传了一个参数 "tar",要求它做模拟解压校验
|
||||
if ! download_file "$DOWNLOAD_URL" "$FILE_NAME" "$FALLBACK_URL" "tar"; then
|
||||
echo -e "${Red}!! 终极下载彻底失败:连加速镜像池也挂了,请检查服务器是否能连接外网 !!${Font}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# ==========================================
|
||||
# 6. 安装与配置
|
||||
# ==========================================
|
||||
echo -e "${Yellow}>> [5/6] 解压与配置...${Font}"
|
||||
systemctl stop x-ui >/dev/null 2>&1
|
||||
killall x-ui >/dev/null 2>&1
|
||||
rm -rf x-ui
|
||||
echo -e "${Green}✓ 核心程序下载成功,模拟解压校验通过!${Font}"
|
||||
|
||||
# 既然上面模拟解压过了,这里100%不会报错
|
||||
tar zxvf "$FILE_NAME" >/dev/null
|
||||
rm -f "$FILE_NAME"
|
||||
cd x-ui
|
||||
chmod +x x-ui x-ui.sh bin/xray-linux-*
|
||||
ln -sf "$INSTALL_PATH/x-ui.sh" "$BIN_LINK"
|
||||
mkdir -p /etc/x-ui/
|
||||
rm -f "$DB_PATH"
|
||||
|
||||
if [ "$INSTALL_MODE" == "1" ]; then
|
||||
TARGET_DB="$DB_URL_PUBLIC"
|
||||
else
|
||||
TARGET_DB="$DB_URL_PRIVATE"
|
||||
fi
|
||||
ln -sf "$INSTALL_PATH/x-ui.sh" /usr/bin/x-ui
|
||||
|
||||
echo -e "${Yellow}>> 正在下载数据库配置...${Font}"
|
||||
download_manager "$TARGET_DB" "$DB_PATH"
|
||||
|
||||
if [ ! -s "$DB_PATH" ] || [ $(stat -c%s "$DB_PATH") -lt 1000 ]; then
|
||||
echo -e "${Red}警告:数据库下载失败,尝试使用默认空数据库初始化...${Font}"
|
||||
cp /usr/local/x-ui/bin/x-ui.db "$DB_PATH"
|
||||
fi
|
||||
|
||||
echo -e "${Yellow}>> 正在重置账户权限...${Font}"
|
||||
chmod 777 "$DB_PATH" >/dev/null 2>&1
|
||||
RESET_SUCCESS=0
|
||||
if command -v sqlite3 >/dev/null 2>&1; then
|
||||
sqlite3 -cmd ".timeout 2000" "$DB_PATH" "UPDATE settings SET value='/' WHERE key='webBasePath';"
|
||||
sqlite3 -cmd ".timeout 2000" "$DB_PATH" "UPDATE settings SET value='$SET_PORT' WHERE key='webPort';"
|
||||
sqlite3 -cmd ".timeout 2000" "$DB_PATH" "UPDATE users SET username='$SET_USER', password='$SET_PASS' WHERE id=1;"
|
||||
CURRENT_PASS=$(sqlite3 "$DB_PATH" "SELECT password FROM users WHERE id=1;")
|
||||
if [ "$CURRENT_PASS" == "$SET_PASS" ]; then
|
||||
RESET_SUCCESS=1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ $RESET_SUCCESS -eq 0 ]; then
|
||||
./x-ui setting -username "$SET_USER" -password "$SET_PASS" -port "$SET_PORT" >/dev/null 2>&1
|
||||
fi
|
||||
chmod 644 "$DB_PATH" >/dev/null 2>&1
|
||||
|
||||
# ==========================================
|
||||
# 7. 启动与放行
|
||||
# ==========================================
|
||||
echo -e "${Yellow}>> [6/6] 启动服务与防火墙放行...${Font}"
|
||||
cat > /etc/systemd/system/x-ui.service <<EOF
|
||||
[Unit]
|
||||
Description=x-ui Service
|
||||
@@ -239,25 +199,137 @@ RestartSec=5s
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl enable x-ui
|
||||
systemctl restart x-ui
|
||||
sleep 2
|
||||
# ==========================================
|
||||
# 步骤 4:数据库部署与安全加固
|
||||
# ==========================================
|
||||
echo -e "${Yellow}>> [4/7] 正在部署数据库并进行安全加固...${Font}"
|
||||
mkdir -p /etc/x-ui/
|
||||
rm -f "$DB_PATH"
|
||||
|
||||
if command -v ufw >/dev/null 2>&1; then ufw allow $SET_PORT/tcp >/dev/null 2>&1; fi
|
||||
CONFIG_USER=""
|
||||
CONFIG_PASS=""
|
||||
CONFIG_PORT=""
|
||||
CONFIG_PATH="$(gen_random_string 16)"
|
||||
|
||||
if [ "$INSTALL_MODE" == "1" ]; then
|
||||
echo -e "${Green}✓ 模式一:初始化纯净数据库${Font}"
|
||||
CONFIG_USER=$(gen_random_string 8)
|
||||
CONFIG_PASS=$(gen_random_string 10)
|
||||
CONFIG_PORT=$(shuf -i 10000-60000 -n 1)
|
||||
|
||||
$INSTALL_PATH/x-ui setting -username "${CONFIG_USER}" -password "${CONFIG_PASS}" -port "${CONFIG_PORT}" -webBasePath "${CONFIG_PATH}" >/dev/null 2>&1
|
||||
else
|
||||
echo -e "${Green}✓ 模式二:拉取自定义数据库...${Font}"
|
||||
|
||||
# 数据库拉取,传参 "db" 要求校验大小即可
|
||||
if ! download_file "$DB_URL" "$DB_PATH" "" "db"; then
|
||||
echo -e "${Red}警告:自定义数据库下载失败,退回初始状态!${Font}"
|
||||
cp $INSTALL_PATH/bin/x-ui.db "$DB_PATH"
|
||||
fi
|
||||
|
||||
CONFIG_USER=$(sqlite3 "$DB_PATH" "SELECT username FROM users WHERE id=1;")
|
||||
CONFIG_PASS=$(sqlite3 "$DB_PATH" "SELECT password FROM users WHERE id=1;")
|
||||
CONFIG_PORT=$(sqlite3 "$DB_PATH" "SELECT value FROM settings WHERE key='webPort';")
|
||||
|
||||
sqlite3 -cmd ".timeout 2000" "$DB_PATH" "UPDATE settings SET value='/${CONFIG_PATH}/' WHERE key='webBasePath';"
|
||||
echo -e "${Green}✓ 已为自定义库注入随机网页路径:/${CONFIG_PATH}/${Font}"
|
||||
fi
|
||||
|
||||
# ==========================================
|
||||
# 步骤 5:启动服务与防火墙放行
|
||||
# ==========================================
|
||||
echo -e "${Yellow}>> [5/7] 启动面板并放行防火墙端口 (${CONFIG_PORT})...${Font}"
|
||||
systemctl daemon-reload
|
||||
systemctl enable x-ui >/dev/null 2>&1
|
||||
systemctl restart x-ui
|
||||
|
||||
if command -v ufw >/dev/null 2>&1; then ufw allow ${CONFIG_PORT}/tcp >/dev/null 2>&1; fi
|
||||
if command -v firewall-cmd >/dev/null 2>&1; then
|
||||
firewall-cmd --zone=public --add-port=$SET_PORT/tcp --permanent >/dev/null 2>&1
|
||||
firewall-cmd --zone=public --add-port=${CONFIG_PORT}/tcp --permanent >/dev/null 2>&1
|
||||
firewall-cmd --reload >/dev/null 2>&1
|
||||
fi
|
||||
iptables -I INPUT -p tcp --dport $SET_PORT -j ACCEPT 2>/dev/null
|
||||
iptables -I INPUT -p tcp --dport ${CONFIG_PORT} -j ACCEPT 2>/dev/null
|
||||
|
||||
IP=$(curl -s4m5 ip.sb)
|
||||
[ -z "$IP" ] && IP=$(curl -s6m5 ip.sb)
|
||||
# ==========================================
|
||||
# 步骤 6:SSL 证书配置
|
||||
# ==========================================
|
||||
echo ""
|
||||
echo -e "${Blue}══════════════════════════════════════════════════${Font}"
|
||||
echo -e "${Yellow}>> [6/7] SSL 证书安全设置 (强烈推荐配置 HTTPS)${Font}"
|
||||
echo -e "${Blue}══════════════════════════════════════════════════${Font}"
|
||||
echo -e " 1. ${Green}使用 Let's Encrypt 申请域名证书${Font} (需解析域名至本机,有效期90天)"
|
||||
echo -e " 2. ${Green}使用 Let's Encrypt 申请 IP 证书${Font} (自动绑定本机IP,有效期6天自动续)"
|
||||
echo -e " 3. ${Red}跳过,裸奔 HTTP${Font} (极易被墙探测,不推荐)"
|
||||
read -rp "请选择 SSL 申请方式 [1-3]: " SSL_CHOICE
|
||||
|
||||
echo -e "\n${Blue}#################################################${Font}"
|
||||
echo -e "${Green} X-UI 安装完成 (精简服务器版) ${Font}"
|
||||
echo -e "${Blue}#################################################${Font}"
|
||||
echo -e "访问地址 : ${Green}http://$IP:$SET_PORT${Font}"
|
||||
echo -e "用户名 : ${Green}$SET_USER${Font}"
|
||||
echo -e "密码 : ${Green}$SET_PASS${Font}"
|
||||
echo -e "${Blue}#################################################${Font}"
|
||||
FINAL_HOST="$SERVER_IP"
|
||||
|
||||
if [[ "$SSL_CHOICE" == "1" || "$SSL_CHOICE" == "2" ]]; then
|
||||
iptables -I INPUT -p tcp --dport 80 -j ACCEPT 2>/dev/null
|
||||
|
||||
if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
|
||||
echo -e "${Yellow}>> 正在安装 acme.sh 证书工具...${Font}"
|
||||
curl -s https://get.acme.sh | sh >/dev/null 2>&1
|
||||
fi
|
||||
|
||||
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force >/dev/null 2>&1
|
||||
systemctl stop x-ui
|
||||
|
||||
if [ "$SSL_CHOICE" == "1" ]; then
|
||||
read -rp "请输入已解析到本机的域名: " DOMAIN_NAME
|
||||
echo -e "${Yellow}>> 正在为 ${DOMAIN_NAME} 申请域名证书...${Font}"
|
||||
~/.acme.sh/acme.sh --issue -d ${DOMAIN_NAME} --standalone --httpport 80 --force
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
CERT_DIR="/root/cert/${DOMAIN_NAME}"
|
||||
mkdir -p "$CERT_DIR"
|
||||
~/.acme.sh/acme.sh --installcert -d ${DOMAIN_NAME} --key-file ${CERT_DIR}/privkey.pem --fullchain-file ${CERT_DIR}/fullchain.pem --reloadcmd "systemctl restart x-ui" >/dev/null 2>&1
|
||||
$INSTALL_PATH/x-ui cert -webCert "${CERT_DIR}/fullchain.pem" -webCertKey "${CERT_DIR}/privkey.pem" >/dev/null 2>&1
|
||||
FINAL_HOST="${DOMAIN_NAME}"
|
||||
echo -e "${Green}✓ 域名证书申请并部署成功!${Font}"
|
||||
else
|
||||
echo -e "${Red}!! 证书申请失败,请确保域名已解析且 80 端口未被占用。回退至 HTTP 模式。${Font}"
|
||||
fi
|
||||
|
||||
elif [ "$SSL_CHOICE" == "2" ]; then
|
||||
echo -e "${Yellow}>> 正在为本机 IP (${SERVER_IP}) 申请短效证书...${Font}"
|
||||
CERT_DIR="/root/cert/ip"
|
||||
mkdir -p "$CERT_DIR"
|
||||
~/.acme.sh/acme.sh --issue -d ${SERVER_IP} --standalone --server letsencrypt --certificate-profile shortlived --days 6 --httpport 80 --force
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
~/.acme.sh/acme.sh --installcert -d ${SERVER_IP} --key-file "${CERT_DIR}/privkey.pem" --fullchain-file "${CERT_DIR}/fullchain.pem" --reloadcmd "systemctl restart x-ui" >/dev/null 2>&1
|
||||
$INSTALL_PATH/x-ui cert -webCert "${CERT_DIR}/fullchain.pem" -webCertKey "${CERT_DIR}/privkey.pem" >/dev/null 2>&1
|
||||
echo -e "${Green}✓ IP 证书申请并部署成功!(后台会自动续期)${Font}"
|
||||
else
|
||||
echo -e "${Red}!! 证书申请失败,请确保 80 端口未被占用。回退至 HTTP 模式。${Font}"
|
||||
fi
|
||||
fi
|
||||
systemctl start x-ui
|
||||
fi
|
||||
|
||||
# ==========================================
|
||||
# 步骤 7:完成与信息展示
|
||||
# ==========================================
|
||||
PROTOCOL="http"
|
||||
if [[ "$SSL_CHOICE" == "1" || "$SSL_CHOICE" == "2" ]]; then
|
||||
if $INSTALL_PATH/x-ui setting -getCert true | grep -q "cert: /root/cert/"; then
|
||||
PROTOCOL="https"
|
||||
fi
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo -e "${Blue}══════════════════════════════════════════════════${Font}"
|
||||
echo -e "${Green} X-UI 面板安装部署完成 ${Font}"
|
||||
echo -e "${Blue}══════════════════════════════════════════════════${Font}"
|
||||
echo -e "部署模式 : ${Yellow}$([ "$INSTALL_MODE" == "1" ] && echo "官方纯净模式" || echo "自定义数据库模式 (已注入随机路径防封)")${Font}"
|
||||
echo -e "访问协议 : $([ "$PROTOCOL" == "https" ] && echo "${Green}HTTPS (SSL 安全加密)${Font}" || echo "${Red}HTTP (未加密)${Font}")"
|
||||
echo -e "──────────────────────────────────────────────────"
|
||||
echo -e "面板地址 : ${Green}${PROTOCOL}://${FINAL_HOST}:${CONFIG_PORT}/${CONFIG_PATH}/${Font}"
|
||||
echo -e "登入账号 : ${Green}${CONFIG_USER}${Font}"
|
||||
echo -e "登入密码 : ${Green}${CONFIG_PASS}${Font}"
|
||||
echo -e "面板端口 : ${Green}${CONFIG_PORT}${Font}"
|
||||
echo -e "安全路径 : ${Green}/${CONFIG_PATH}/${Font}"
|
||||
echo -e "${Blue}══════════════════════════════════════════════════${Font}"
|
||||
echo -e "${Yellow}⚠ 强烈建议:请立即保存上方的信息!${Font}"
|
||||
echo -e "${Yellow}⚠ 日常管理:在终端输入 x-ui 即可呼出管理菜单。${Font}"
|
||||
Reference in New Issue
Block a user