From 3af084f5f421dc9eb72953f3e5a4e088810c69c2 Mon Sep 17 00:00:00 2001 From: Alomerry Wu Date: Fri, 26 Jan 2024 15:10:47 +0800 Subject: [PATCH] chore: update ubuntu.sh --- .gitignore | 2 + vm/scripts/acme/account.conf | 11 +++++ .../v2ray/{install.sh => install-v2ray.sh} | 20 ++++----- vm/scripts/v2ray/server.json | 32 ++++++++++--- vm/scripts/v2ray/v2ray.service | 8 ++-- vm/ubuntu.sh | 45 ++++++++++++------- 6 files changed, 82 insertions(+), 36 deletions(-) create mode 100644 vm/scripts/acme/account.conf rename vm/scripts/v2ray/{install.sh => install-v2ray.sh} (98%) diff --git a/.gitignore b/.gitignore index affa6840..9d0b8877 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,5 @@ node_modules docs/about/me/resume/ games/snake/rust/target + +admin diff --git a/vm/scripts/acme/account.conf b/vm/scripts/acme/account.conf new file mode 100644 index 00000000..6891e64f --- /dev/null +++ b/vm/scripts/acme/account.conf @@ -0,0 +1,11 @@ +$ANSIBLE_VAULT;1.1;AES256 +66383662373264363930623964653261366436303861393463313464326162623937633532396634 +6433366265323239653766356337623232663862616433370a323838616130356636303562653865 +39323739363730313965613338663166636366366563623834616561366231613438356566633764 +6132646465633864640a313435393930383565313565396465633965643965386236333337653661 +63653563626365343834333630356438353731346539613830623537326437323633373430663635 +33306534313337353233663936613665343536663266376432643264663335313566333736373335 +62656665643637386661306433653633633830363838643637363938646261663261653363333666 +32366134363631633934353864376463643936333862313330363865356161636531613461643433 +35323638303230353161303936303034636133613363653335313063353232373639666331666665 +6565613962623734333663323534343464363865376631393162 diff --git a/vm/scripts/v2ray/install.sh b/vm/scripts/v2ray/install-v2ray.sh similarity index 98% rename from vm/scripts/v2ray/install.sh rename to vm/scripts/v2ray/install-v2ray.sh index 0dfc60bb..3168ea28 100755 --- a/vm/scripts/v2ray/install.sh +++ b/vm/scripts/v2ray/install-v2ray.sh @@ -293,10 +293,10 @@ get_version() { download_v2ray() { DOWNLOAD_LINK="https://github.com/v2fly/v2ray-core/releases/download/$RELEASE_VERSION/v2ray-linux-$MACHINE.zip" echo "Downloading V2Ray archive: $DOWNLOAD_LINK" - # if ! curl -x "${PROXY}" -R -H 'Cache-Control: no-cache' -o "$ZIP_FILE" "$DOWNLOAD_LINK"; then - # echo 'error: Download failed! Please check your network or try again.' - # return 1 - # fi + if ! curl -x "${PROXY}" -R -H 'Cache-Control: no-cache' -o "$ZIP_FILE" "$DOWNLOAD_LINK"; then + echo 'error: Download failed! Please check your network or try again.' + return 1 + fi echo "Downloading verification file for V2Ray archive: $DOWNLOAD_LINK.dgst" if ! curl -x "${PROXY}" -sSR -H 'Cache-Control: no-cache' -o "$ZIP_FILE.dgst" "$DOWNLOAD_LINK.dgst"; then echo 'error: Download failed! Please check your network or try again.' @@ -562,12 +562,12 @@ main() { NUMBER="$?" if [[ "$NUMBER" -eq '0' ]] || [[ "$FORCE" -eq '1' ]] || [[ "$NUMBER" -eq 2 ]]; then echo "info: Installing V2Ray $RELEASE_VERSION for $(uname -m)" - # download_v2ray - # if [[ "$?" -eq '1' ]]; then - # "rm" -r "$TMP_DIRECTORY" - # echo "removed: $TMP_DIRECTORY" - # exit 1 - # fi + download_v2ray + if [[ "$?" -eq '1' ]]; then + "rm" -r "$TMP_DIRECTORY" + echo "removed: $TMP_DIRECTORY" + exit 1 + fi install_software 'unzip' 'unzip' decompression "$ZIP_FILE" elif [[ "$NUMBER" -eq '1' ]]; then diff --git a/vm/scripts/v2ray/server.json b/vm/scripts/v2ray/server.json index b28f2003..db8d5f6a 100644 --- a/vm/scripts/v2ray/server.json +++ b/vm/scripts/v2ray/server.json @@ -1,6 +1,28 @@ $ANSIBLE_VAULT;1.1;AES256 -64363030333161323032393261613237353932643237653330346639363666386339376262626438 -6561343235613933656166376263643866393538363739650a306565313337373264323632323061 -66383464393264396339613837633866643930653031306334383166613930313539323132653031 -3830656530306635650a393265363435313962663838666335633863356362386461363637373966 -3832 +39646435626630316562303961656535616434656535336161393839363138316537303535373161 +3064343966663162343564633765313537333631656661350a396230316332383633313064613533 +64396562613735396362396165613939663339626537616638313936326161376433373835393436 +6630643761383063370a633330333662636435633339383162633264343563656637316261333639 +65363430653631303038616663346636316534353336663032613834373661386433396233653738 +36616531613433643562666562656533616533383030656164656534303764386164353531376537 +65643934323234623633633738643063646239336661363931393866343032303933323435353865 +61353964656638373138353738646166323262373530386164396339636665623065326263396638 +62616338303030646138623436386335373163313731623161633331383165313731306132353630 +30333763333833643439323862626662383463383663633063363763623236386461646561373366 +31303434336161656335393064303166366234623039343831306637666437663030623564396161 +33373939386437303834373263343863636330656533373163623437376631646237373633633964 +30353963656136353633313334326165313332613231386637386336613433626434323630396336 +66626439343264323233633130393663333731396339336332383034326336326632343466353937 +35333534373539643462643235396133323133366161366636643366663531636637383739623665 +37363639613432643462316361666162336630393766366563396639383765626638346165646130 +35306233616534643433396264383363383565646236613031633262666639326138333832323630 +31373030396236313730393035303136643730316662316337386136393930663566363031313833 +31306537343361656430313366356230643933616431626636663139396232666166363731383635 +36383963633335643030626262643363353163346463346564363132653663663736633330323538 +36613038393164643965626162616361323361333639323936646432396265633964626639343362 +38656466623237666534373464383032386434666164353663343466383138653763346164353661 +39333331353739306630646231613363386135633233363933613031623830343733636365343564 +35363238643564363537393762386637633666336631303430616430366435363036313930643734 +30616330646339323339396635356633363536303461656161366266343931316563313430663461 +61343961303466336166383562653339353561366334663437393163616439616538373766656334 +386131396538326530396633656539313630 diff --git a/vm/scripts/v2ray/v2ray.service b/vm/scripts/v2ray/v2ray.service index 9d52742f..76fd6e05 100644 --- a/vm/scripts/v2ray/v2ray.service +++ b/vm/scripts/v2ray/v2ray.service @@ -4,13 +4,11 @@ Documentation=https://www.v2fly.org/ After=network.target nss-lookup.target [Service] -User=nobody -CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE -AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE -NoNewPrivileges=true +User=root +Type=simple ExecStart=/usr/local/bin/v2ray run -config /usr/local/etc/v2ray/config.json Restart=on-failure -RestartPreventExitStatus=23 +RestartSec=5s [Install] WantedBy=multi-user.target \ No newline at end of file diff --git a/vm/ubuntu.sh b/vm/ubuntu.sh index acca7631..dc90cec5 100755 --- a/vm/ubuntu.sh +++ b/vm/ubuntu.sh @@ -20,17 +20,17 @@ FRP_VERSION=${FRP_VERSION:-"0.51.3"} JAVA_VERSION=${JAVA_VERSION:-"8"} init() { - echo "y" | apt-get install tree aptitude ca-certificates curl gnupg wget cron lsof; + echo "y" | apt-get install tree aptitude ca-certificates curl gnupg wget cron lsof crontab; journalctl --vacuum-time=1d && journalctl --vacuum-size=30M } install_nginx() { - if [ -f /usr/sbin/nginx ]; then + if ! command -v nginx > /dev/null 2>&1; then return; fi - # https://raw.githubusercontent.com/alomerry/mix/master/vm/vps/static/nginx - curl -fsSL $NGINX_PATH/install.sh | sh + # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/nginx + curl -fsSL $NGINX_PATH/install.sh | bash mkdir /root/apps/nginx/{site,cert,conf,logs} -p mkdir /root/apps/nginx/site/{docs,blog,empty}.alomerry.com -p @@ -47,7 +47,7 @@ install_nginx() { } install_acme() { - if [ -f /root/.acme.sh/acme.sh ]; then + if command -v acme.sh; then /root/.acme.sh/acme.sh --upgrade return fi @@ -57,7 +57,13 @@ install_acme() { /root/.acme.sh/acme.sh --register-account -m alomerry.wu@gmail.com /root/.acme.sh/acme.sh --set-default-ca --server letsencrypt + if ! command -v ansible > /dev/null 2>&1; then + apt_install ansible + fi + + rm /root/.acme.sh/account.conf wget -P /root/.acme.sh/ $ACME_PATH/account.conf + ansible-vault decrypt --vault-id ~/.ansible/.vault /root/.acme.sh/account.conf } set_ssl() { @@ -70,19 +76,17 @@ set_ssl() { ;; esac - if [ $? -e 0 ]; then - /root/.acme.sh/acme.sh --install-cert -d alomerry.com --key-file /root/apps/nginx/cert/privkey.pem --fullchain-file /root/apps/nginx/cert/fullchain.pem - fi + /root/.acme.sh/acme.sh --install-cert -d alomerry.com --key-file /root/apps/nginx/cert/privkey.pem --fullchain-file /root/apps/nginx/cert/fullchain.pem } # https://iitii.github.io/2020/02/04/1/ install_v2ray() { - if [ -f /usr/local/bin/v2ray ]; then - return + if command -v v2ray > /dev/null 2>&1; then + return; fi - # https://raw.githubusercontent.com/alomerry/mix/master/vm/vps/static/v2ray - curl -fsSL $V2RAY_PATH/install.sh | sh + # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/v2ray + curl -fsSL $V2RAY_PATH/install-v2ray.sh | sh case "$1" in client) @@ -106,17 +110,16 @@ install_v2ray() { install_java() { # 检验命令是否存在 if ! command -v javac > /dev/null 2>&1; then - apt-get install openjdk-${JAVA_VERSION}-jdk-headless -y + apt_install openjdk-${JAVA_VERSION}-jdk-headless fi if ! command -v javac > /dev/null 2>&1; then - apt-get install openjdk-${JAVA_VERSION}-jre-headless -y + apt_install openjdk-${JAVA_VERSION}-jre-headless fi } install_rust() { install_java - if command -v cargo > /dev/null 2>&1; then return; fi @@ -129,7 +132,14 @@ install_rust() { # https://rsproxy.cn/#getStarted } +apt_install() { + echo "y" | apt-get ${@:1}; +} + install_frp() { + if ! command -v ansible > /dev/null 2>&1; then + apt_install ansible + fi case "$1" in unlock) ansible-vault decrypt --vault-id ~/.ansible/.vault /root/workspace/mix/vm/scripts/frp/frpc.ini @@ -166,7 +176,7 @@ install_frp() { tar -xf /tmp/frp_${FRP_VERSION}_linux_amd64.tar.gz --strip-components 1 -C /root/apps/frpc/ wget -P /etc/systemd/system/ $FRP_PATH/frpc.service - # 下载配置并解析,需要提前安装 ansible + rm /root/apps/frpc/frpc.ini wget -P /root/apps/frpc/ $FRP_PATH/frpc.ini wget -P /root/apps/frpc/ $FRP_PATH/frpc_conf.ini ansible-vault decrypt --vault-id ~/.ansible/.vault /root/apps/frpc/frpc.ini @@ -180,6 +190,7 @@ install_frp() { tar -xf /tmp/frp_${FRP_VERSION}_linux_amd64.tar.gz --strip-components 1 -C /root/apps/frps/ wget -P /etc/systemd/system/ $FRP_PATH/frps.service + rm /root/apps/frps/frps.ini wget -P /root/apps/frps/ $FRP_PATH/frps.ini ansible-vault decrypt --vault-id ~/.ansible/.vault /root/apps/frps/frps.ini @@ -288,6 +299,7 @@ main() { install_frp $2 ;; ssl) + # renew issue set_ssl $2 ;; nvm) @@ -301,6 +313,7 @@ main() { install ${@:2} ;; setup) + # TODO 区分 server home setup ${@:2} ;; *)