gamesme/bash-script
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

更新 trojan.sh

Browse Source
This commit is contained in:
gamesme
2024-11-30 05:56:55 +08:00
parent e0f8c88848
commit ce461a201e
1 changed files with 74 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

226
trojan.sh
View File

@@ -65,50 +65,13 @@ EOF
sleep 3
rm -rf /usr/share/nginx/html/*
cd /usr/share/nginx/html/
wget https://git.i00.org/gamesme/bash-script/raw/branch/main/fakesite.zip >/dev/null 2>&1
unzip fakesite.zip >/dev/null 2>&1
wget -q https://github.com/mayswind/AriaNg-DailyBuild/archive/master.zip >/dev/null 2>&1
unzip master.zip >/dev/null 2>&1
sleep 5
if [ ! -d "/usr/src" ]; then
mkdir /usr/src
fi
if [ ! -d "/usr/src/trojan-cert" ]; then
mkdir /usr/src/trojan-cert /usr/src/trojan-temp
mkdir /usr/src/trojan-cert/$your_domain
if [ ! -d "/usr/src/trojan-cert/$your_domain" ]; then
red "不存在/usr/src/trojan-cert/$your_domain目录"
exit 1
fi
/root/.acme.sh/acme.sh --register-account -m cert@gamesme.me --server zerossl
/root/.acme.sh/acme.sh --issue -d $your_domain --nginx --ecc
if test -s /root/.acme.sh/${your_domain}_ecc/fullchain.cer; then
cert_success="1"
fi
elif [ -f "/usr/src/trojan-cert/$your_domain/fullchain.cer" ]; then
cd /usr/src/trojan-cert/$your_domain
create_time=`stat -c %Y fullchain.cer`
now_time=`date +%s`
minus=$(($now_time - $create_time ))
if [ $minus -gt 5184000 ]; then
/root/.acme.sh/acme.sh --register-account -m cert@gamesme.me --server zerossl
/root/.acme.sh/acme.sh --issue -d $your_domain --nginx --ecc
if test -s /root/.acme.sh/${your_domain}_ecc/fullchain.cer; then
cert_success="1"
fi
else
green "检测到域名$your_domain证书存在且未超过60天, 无需重新申请"
cert_success="1"
fi
else
mkdir /usr/src/trojan-cert/$your_domain
/root/.acme.sh/acme.sh --register-account -m cert@gamesme.me --server zerossl
/root/.acme.sh/acme.sh --issue -d $your_domain --nginx --ecc
if test -s /root/.acme.sh/${your_domain}_ecc/fullchain.cer; then
cert_success="1"
fi
fi
if [ "$cert_success" == "1" ]; then
cat > /etc/nginx/nginx.conf <<-EOF
cat > /etc/nginx/nginx.conf <<-EOF
user root;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
@@ -152,16 +115,8 @@ EOF
wget https://github.com/trojan-gfw/trojan/releases/download/v${latest_version}/trojan-${latest_version}-linux-amd64.tar.xz
tar xf trojan-${latest_version}-linux-amd64.tar.xz >/dev/null 2>&1
rm -f trojan-${latest_version}-linux-amd64.tar.xz
#下载trojan客户端
green "开始下载并处理trojan windows客户端"
wget https://github.com/xxxbrian/trojan.sh/raw/main/trojan-cli.zip
wget -P /usr/src/trojan-temp https://github.com/trojan-gfw/trojan/releases/download/v${latest_version}/trojan-${latest_version}-win.zip
unzip -o trojan-cli.zip >/dev/null 2>&1
unzip -o /usr/src/trojan-temp/trojan-${latest_version}-win.zip -d /usr/src/trojan-temp/ >/dev/null 2>&1
mv -f /usr/src/trojan-temp/trojan/trojan.exe /usr/src/trojan-cli/
green "请设置trojan密码, 建议不要出现特殊字符"
read -p "请输入密码 :" trojan_passwd
#trojan_passwd=$(cat /dev/urandom | head -1 | md5sum | head -c 8)
cat > /usr/src/trojan-cli/config.json <<-EOF
{
"run_type": "client",
@@ -263,28 +218,75 @@ RestartSec=1s
WantedBy=multi-user.target
EOF
chmod +x ${systempwd}trojan.service
systemctl enable trojan.service
cd /root
/root/.acme.sh/acme.sh --installcert --ecc -d $your_domain \
--key-file /usr/src/trojan-cert/$your_domain/private.key \
--fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \
--reloadcmd "systemctl restart trojan"
green "==========================================================================="
green "windows客户端路径/usr/src/trojan-cli/trojan-cli.zip, 此客户端已配置好所有参数"
green "==========================================================================="
echo
echo
green " 客户端配置文件"
green "==========================================================================="
cat /usr/src/trojan-cli/config.json
green "==========================================================================="
port_forward
else
red "==================================="
red "https证书没有申请成功, 本次安装失败"
red "==================================="
fi
chmod +x ${systempwd}trojan.service
systemctl enable trojan.service
cd /root
cat > /usr/src/trojan-cert/$your_domain/private.key<<-EOF
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDFgyVU/fGMnGRj
Re5GUAipHJ03EMtbvcJkb//97AvZ8ZbgGLAplMaFLPNnT07DkCWv3073V5RHyBbZ
XXRh18/o91KBYDaL9+Xu51xZ8jC3aLGnZDNXpZFXX0FRNcyUr8957lNM6f1EmXf/
39Ny1Xn+F17IrM7IhZfqqc45NFQZIWX01axHbIxJRLaGfparoRKbdw1F5I6JguJw
v/Lnl900t7TlDTtV6XQgiYQf2QjQGuTv95qCzqOka8ZGf6uUS1fgSuk7NeNbUM54
6hl7/GmZjggsTRXtkT0cdsQqoqbcM1nBIYp2GvLqH1opH+cZY/AnFfK44pSQ5uEm
KceYPZYvAgMBAAECggEAZKKdsuBw4qQMwkgvT8QXpZLex9/WvbfCBErMtCRBJZri
tOvfVlBnlhOBMXJHP32CtkmhgoUtGCXq/nWPhwre9GSPtTvAjzCQB1n6xBmSmODP
I+r5/f5uP4ZZUXeH9XpezFGSP+45DWrkqYrxweDjd4OQ1860zZbEANzkJmFzOBnW
fIdyWgdP9c5gPYirlUJLJ3cBEum4zbd+XC8N9X4IUyhPKJMZhAY0AFhTkTAYDWEJ
K+/5SNGpwUFry28asyI5SoesH4RRAoG5W1gCG0syjuPAy6ZpDvAe6Eix7pJ083z2
XrPzYMl+j0ud5I/WHP9bPB3KVZdMm5LAK+0OBiZsgQKBgQDQfyarNPOsp0RRKaa4
2UP/tLodgMFibs39L9NY0XuJQouKJtaFPgR9JFMkZP6GxfPUCVDEAxgUfgTVDVnn
7IIamBM+NoFcxDdMmK5fy+r6OKyZPMm4MDunSueI+1wReVSi0ovLzsZOARlCoJ72
X5grbyIwPW/f+v1Zx9GIA5WhDQKBgQDyg1CvHwhQYhs2iU1PDnw6M6HDKr5Ap6U5
fuOxPCrRquZac9yo6eXDDE8+qQoH4rUu+hXPElXhUAWxN3glxQD0z//OC5Is/j07
+tdIcYezImVsHnAxyOrC5QE7AZxr4VJvFYNURHzCpnY6fboFHL51JO5viQ0fZ21s
4ht0Dm1tKwKBgB0qrG4m6i+s9pGkEf6p5ilPTvnxmRv8BDT3C8nRBEcfWAXriPb6
xgX7nuXoevK/nmx7ISFKjYPQXTywsXMQUuMFgyug1Ff12waMFVixXh3C7+I/7rgl
hzLP97Ph9e872estKQFJ29Pts2rurU4p8U+iLFYzQgNDSU3V9ing1n3BAoGAIWwH
ipr0Ql/C8Fkr1mFgrYTAHm2dmruAAdSC/MIWBJ9Q79ZX6s+RYrgnk7MoNr3/ymGc
79TPESY+IpZKcKod359q2bKuipTfS4zebpV25jEvWR84xyOxdvqomME4FYYQHk8Q
smRd7VWTpav+HwY/GVXlpml07YcLhZ4DupLicdECgYBWetGpTXGfHgZxQBu6EIvb
f4PAJ6i1A3Jrpf1zDzFI+P/QJUf0xZUDvF4uzjqEe7Oz6t7HFXMLl7f0zlwBCqKg
R0Vq1jGtLvsL24UIr8ujrJDEmt5zSMNYhDCkI1Rpl/lfS2BWikJTgVl4Bxz4O8Dj
Pw4j4HYa1hsLalNhkohZ0g==
-----END PRIVATE KEY-----
EOF
cat > /usr/src/trojan-cert/$your_domain/fullchain.cer<<-EOF
-----BEGIN CERTIFICATE-----
MIIEyjCCArKgAwIBAgIQTwN47Aj6/rIK5WCAN+orWTANBgkqhkiG9w0BAQsFADCB
jzELMAkGA1UEBhMCQ04xEzARBgNVBAgMCkdyZWF0Q2hpbmExDjAMBgNVBAcMBUxv
Y2FsMRUwEwYDVQQKDAxHYW1lc21lIEx0ZC4xFTATBgNVBAsMDEdhbWVzbWUgRHB0
LjEQMA4GA1UEAwwHR2FtZXNtZTEbMBkGCSqGSIb3DQEJARYMaUBnYW1lc21lLm1l
MB4XDTI0MDQwMTIyMjkzMloXDTI2MDcwMTIyMjkzMlowUjEnMCUGA1UEChMebWtj
ZXJ0IGRldmVsb3BtZW50IGNlcnRpZmljYXRlMScwJQYDVQQLDB5nYW1lc21lQHgt
cHJvLW0xIChDSFVOTkFOIExJVSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFgyVU/fGMnGRjRe5GUAipHJ03EMtbvcJkb//97AvZ8ZbgGLAplMaFLPNn
T07DkCWv3073V5RHyBbZXXRh18/o91KBYDaL9+Xu51xZ8jC3aLGnZDNXpZFXX0FR
NcyUr8957lNM6f1EmXf/39Ny1Xn+F17IrM7IhZfqqc45NFQZIWX01axHbIxJRLaG
fparoRKbdw1F5I6JguJwv/Lnl900t7TlDTtV6XQgiYQf2QjQGuTv95qCzqOka8ZG
f6uUS1fgSuk7NeNbUM546hl7/GmZjggsTRXtkT0cdsQqoqbcM1nBIYp2GvLqH1op
H+cZY/AnFfK44pSQ5uEmKceYPZYvAgMBAAGjXjBcMA4GA1UdDwEB/wQEAwIFoDAT
BgNVHSUEDDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBRHJocZUxq1ByyNh3O8vHhP
u+YELjAUBgNVHREEDTALggkqLnUyYi5sb2wwDQYJKoZIhvcNAQELBQADggIBAK7I
WaY4Pz9tt86zZFMQ96cwWO2Bqy5zQe2LBQlABrK0MkV+0mTFbqpAN7ClqTzkxyc5
jjwE5DUYJLId6cKHWAPynmIbNQcmvTBFunkFpEsqprmijt0Hhm63V6wBHBxAvGxR
8HoaSJJ0PRGl2u0BFbycmDL5ZNdDdVtjZvCXenOdRDcIqsDdjMm79/0n7rRuQ77c
5/OVBGVhVAVGuD7pyxKXQv6iumNkT9o6utPHIlXiS80df7ac0iCtyvuq8cPyOYND
BEIfVIOM+qm4WYPSTHEUrmN1lzoyhlZDiLRuVTNEMH8F5dGKlguxqfJZqNjOxUOh
GiL1InajsNVwmDCBpIrF/3hePW1PJM5XxE7DgqbnRoyMc6pdPhiZNHhhne5kFNR8
dL/7opexACjN6yp+xeh8GVlJgHOQz01sLmbK7bWo5DKiU7JRYOabDWNx2wxg3O18
KMmwkHSeFfcJxJRQ86nzBNmAuVm7UFYh7s66h0bZOCLy4Ik6Qf24J9tqqwvRLnoV
Rj9NhSMQY9SmuS8aYC4hYsoU9LRLIBuFLxVtinAyvoUn4uVul8haTMznqV/o+q+A
IOTFcQhop8TB7s0tH0zLmk/ykU+E5IRbWQsGH15bUAwoCRTLu9uv1YMO0MhUMfMs
A4LKG7+qOm+5egiZDomeaM472wyc/OK3jNR9uYMv
-----END CERTIFICATE-----
EOF
green " 客户端配置文件"
green "==========================================================================="
cat /usr/src/trojan-cli/config.json
green "==========================================================================="
port_forward
}
function preinstall_check(){
@@ -394,60 +396,6 @@ function preinstall_check(){
fi
}
function repair_cert(){
systemctl stop nginx
if [ $? -ne 0 ]; then
red "停止 nginx 失败,退出脚本"
exit 1
fi
check_port 80
green "============================"
blue "请输入绑定到本VPS的域名"
blue "务必与之前失败使用的域名一致"
green "============================"
read your_domain
# if test -s /root/.acme.sh/${your_domain}_ecc/fullchain.cer; then
# green "证书文件存在"
# exit 1
# fi
real_addr=`ping ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'`
local_addr=`curl ipv4.icanhazip.com`
if [ $real_addr == $local_addr ] ; then
if [ -f "/usr/src/trojan-cert/$your_domain/fullchain.cer" ]; then
cd /usr/src/trojan-cert/$your_domain
create_time=`stat -c %Y fullchain.cer`
now_time=`date +%s`
minus=$(($now_time - $create_time ))
if [ $minus -gt 5184000 ]; then
/root/.acme.sh/acme.sh --register-account -m cert@gamesme.me --server zerossl
/root/.acme.sh/acme.sh --issue -d $your_domain --standalone --ecc
/root/.acme.sh/acme.sh --installcert --ecc -d $your_domain \
--key-file /usr/src/trojan-cert/$your_domain/private.key \
--fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \
--reloadcmd "systemctl restart trojan"
if test -s /usr/src/trojan-cert/$your_domain/fullchain.cer; then
green "证书申请成功"
systemctl restart trojan
systemctl start nginx
else
red "申请证书失败"
fi
else
/root/.acme.sh/acme.sh --installcert --ecc -d $your_domain \
--key-file /usr/src/trojan-cert/$your_domain/private.key \
--fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \
--reloadcmd "systemctl restart trojan"
green "检测到域名$your_domain证书存在且未超过60天,无需重新申请"
cert_success="1"
fi
fi
else
red "================================"
red "域名解析地址与本VPS IP地址不一致"
red "本次安装失败, 请确保域名解析正常"
red "================================"
fi
}
function remove_trojan(){
red "================================"
@@ -472,7 +420,6 @@ function remove_trojan(){
rm -rf /usr/src/trojan-cert/
rm -rf /usr/share/nginx/html/*
rm -rf /etc/nginx/
rm -rf /root/.acme.sh/
green "=============="
green "trojan删除完毕"
green "=============="
@@ -489,7 +436,7 @@ function check_port() {
fi
}
function port_forward(){
iptables -t nat -A PREROUTING -p tcp --dport 49000:50000 -j REDIRECT --to-ports 443
iptables -t nat -A PREROUTING -p tcp --dport 49000:49010 -j REDIRECT --to-ports 443
green "=========================="
green "已将49000-50000端口转发至443"
green "=========================="
@@ -519,25 +466,6 @@ function update_trojan(){
}
function install_acme(){
file_path="/root/.acme.sh/acme.sh"
if [ -f "$file_path" ]
then
red "$file_path 已存在"
else
blue "$file_path 不存在, 现在安装"
curl https://get.acme.sh | sh
fi
}
function check_cert() {
local domain=$1
local cert_path="/root/.acme.sh/${domain}_ecc/fullchain.cer"
if [[ -s $cert_path ]]; then
green "证书文件存在"
exit 1
fi
}
start_menu(){
clear
green " ======================================="
@@ -552,14 +480,12 @@ start_menu(){
green " 1. 安装trojan"
red " 2. 卸载trojan"
green " 3. 升级trojan"
green " 4. 修复证书"
green " 5. 端口映射"
green " 4. 端口映射"
blue " 0. 退出脚本"
echo
read -p "请输入数字 :" num
case "$num" in
1)
install_acme
preinstall_check
;;
2)
@@ -569,10 +495,6 @@ start_menu(){
update_trojan
;;
4)
install_acme
repair_cert
;;
5)
port_forward
;;
0)