diff --git a/vm/scripts/app/acme/install.sh b/vm/scripts/app/acme/install.sh new file mode 100644 index 00000000..ef6d3e93 --- /dev/null +++ b/vm/scripts/app/acme/install.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +GITHUB_TOKEN=${GITHUB_TOKEN} + +load_SK() { + # 将 curl 返回值 return 到变量中 + res=$(curl "${SECRET_PATH}/$1" -H "Authorization: token ${GITHUB_TOKEN}" -H 'Accept: application/vnd.github.v3.raw') + echo "$res" +} + +main() { + if command -v acme.sh; then + /root/.acme.sh/acme.sh --upgrade + return + fi + + wget -qO - https://get.acme.sh | sh -s email=alomerry.wu@gmail.com + /root/.acme.sh/acme.sh --register-account -m alomerry.wu@gmail.com + /root/.acme.sh/acme.sh --set-default-ca --server letsencrypt + + serverCfg=$(load_SK "vm/vps/acme/account.conf") + echo "$serverCfg" + echo "$serverCfg" > /root/.acme.sh/account.conf +} + +main "$@" \ No newline at end of file diff --git a/vm/scripts/cfg/frp/frpc.service b/vm/scripts/app/frp/cfg/frpc.service similarity index 100% rename from vm/scripts/cfg/frp/frpc.service rename to vm/scripts/app/frp/cfg/frpc.service diff --git a/vm/scripts/cfg/frp/frps.service b/vm/scripts/app/frp/cfg/frps.service similarity index 100% rename from vm/scripts/cfg/frp/frps.service rename to vm/scripts/app/frp/cfg/frps.service diff --git a/vm/scripts/cfg/frp/frp.sh b/vm/scripts/app/frp/frp-client.sh similarity index 100% rename from vm/scripts/cfg/frp/frp.sh rename to vm/scripts/app/frp/frp-client.sh diff --git a/vm/scripts/app/frp/frp-server.sh b/vm/scripts/app/frp/frp-server.sh new file mode 100644 index 00000000..a545577a --- /dev/null +++ b/vm/scripts/app/frp/frp-server.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +FRP_VERSION=${FRP_VERSION:-"0.54.0"} +GITHUB_TOKEN=${GITHUB_TOKEN} + +load_SK() { + echo "load_SK" + # 将 curl 返回值 return 到变量中 + echo "${SECRET_PATH}/$1" + res=$(curl "${SECRET_PATH}/$1" -H "Authorization: token ${GITHUB_TOKEN}" -H 'Accept: application/vnd.github.v3.raw') + echo "$res" +} + +main() { + if [ -f /root/apps/frps/${FRP_VERSION}.version ]; then + return + fi + + wget https://github.com/fatedier/frp/releases/download/v${FRP_VERSION}/frp_${FRP_VERSION}_linux_amd64.tar.gz -qO /tmp/frp.tar.gz + + rm -rf /root/apps/frps && mkdir /root/apps/frps -p + tar -xf /tmp/frp.tar.gz --strip-components 1 -C /root/apps/frps/ + + wget $FRP_PATH/cfg/frps.service -qO /etc/systemd/system/frps.service + + touch /root/apps/frps/${FRP_VERSION}.version + rm /root/apps/frps/*.toml /root/apps/frps/{LICENSE,frpc} + + serverCfg=$(load_SK "vm/vps/frps/frps.toml") + echo "$serverCfg" > /root/apps/frps/frps.toml + + systemctl enable frps.service && systemctl stop frps.service + systemctl daemon-reload && systemctl start frps.service + + rm -rf /tmp/frp.tar.gz +} + +main "$@" diff --git a/vm/scripts/app/install/container_runtimes.sh b/vm/scripts/app/k8s/install/container_runtimes.sh similarity index 100% rename from vm/scripts/app/install/container_runtimes.sh rename to vm/scripts/app/k8s/install/container_runtimes.sh diff --git a/vm/scripts/app/install/docker.sh b/vm/scripts/app/k8s/install/docker.sh similarity index 100% rename from vm/scripts/app/install/docker.sh rename to vm/scripts/app/k8s/install/docker.sh diff --git a/vm/scripts/app/install/index.sh b/vm/scripts/app/k8s/install/index.sh similarity index 100% rename from vm/scripts/app/install/index.sh rename to vm/scripts/app/k8s/install/index.sh diff --git a/vm/scripts/app/install/java.sh b/vm/scripts/app/k8s/install/java.sh similarity index 100% rename from vm/scripts/app/install/java.sh rename to vm/scripts/app/k8s/install/java.sh diff --git a/vm/scripts/app/install/nvm.sh b/vm/scripts/app/k8s/install/nvm.sh similarity index 100% rename from vm/scripts/app/install/nvm.sh rename to vm/scripts/app/k8s/install/nvm.sh diff --git a/vm/scripts/app/install/rust.sh b/vm/scripts/app/k8s/install/rust.sh similarity index 100% rename from vm/scripts/app/install/rust.sh rename to vm/scripts/app/k8s/install/rust.sh diff --git a/vm/scripts/app/k8s.sh b/vm/scripts/app/k8s/k8s.sh similarity index 100% rename from vm/scripts/app/k8s.sh rename to vm/scripts/app/k8s/k8s.sh diff --git a/vm/scripts/app/pve.sh b/vm/scripts/app/k8s/pve.sh similarity index 100% rename from vm/scripts/app/pve.sh rename to vm/scripts/app/k8s/pve.sh diff --git a/vm/scripts/app/setup.sh b/vm/scripts/app/k8s/setup.sh similarity index 100% rename from vm/scripts/app/setup.sh rename to vm/scripts/app/k8s/setup.sh diff --git a/vm/scripts/app/tools.sh b/vm/scripts/app/k8s/tools.sh similarity index 100% rename from vm/scripts/app/tools.sh rename to vm/scripts/app/k8s/tools.sh diff --git a/vm/scripts/app/nginx/aio.sh b/vm/scripts/app/nginx/aio.sh new file mode 100644 index 00000000..9013b72f --- /dev/null +++ b/vm/scripts/app/nginx/aio.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +# 安装 nginx +curl ${NGINX_PATH}/install.sh | bash +# 初始化 nginx +curl ${NGINX_PATH}/init.sh | bash +# 配置 nginx +curl ${NGINX_PATH}/setup.sh | bash \ No newline at end of file diff --git a/vm/scripts/cfg/nginx/nginx.conf b/vm/scripts/app/nginx/cfg/nginx.conf similarity index 100% rename from vm/scripts/cfg/nginx/nginx.conf rename to vm/scripts/app/nginx/cfg/nginx.conf diff --git a/vm/scripts/cfg/nginx/nginx.service b/vm/scripts/app/nginx/cfg/nginx.service similarity index 100% rename from vm/scripts/cfg/nginx/nginx.service rename to vm/scripts/app/nginx/cfg/nginx.service diff --git a/vm/scripts/cfg/nginx/website.conf b/vm/scripts/app/nginx/cfg/website.conf similarity index 100% rename from vm/scripts/cfg/nginx/website.conf rename to vm/scripts/app/nginx/cfg/website.conf diff --git a/vm/scripts/app/nginx/init.sh b/vm/scripts/app/nginx/init.sh new file mode 100644 index 00000000..777233c4 --- /dev/null +++ b/vm/scripts/app/nginx/init.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +if [ ! -d /root/apps/nginx ]; then + mkdir /root/apps/nginx/{site,cert,conf,logs} -p + mkdir /root/apps/nginx/site/{admin,blog,ref,empty,it-tools}.alomerry.com -p + touch /root/apps/nginx/cert/{privkey,fullchain}.pem +fi \ No newline at end of file diff --git a/vm/scripts/install/nginx.sh b/vm/scripts/app/nginx/install.sh similarity index 93% rename from vm/scripts/install/nginx.sh rename to vm/scripts/app/nginx/install.sh index 5d0c0538..1a695c0d 100644 --- a/vm/scripts/install/nginx.sh +++ b/vm/scripts/app/nginx/install.sh @@ -1,6 +1,6 @@ #!/bin/bash -main() { +if ! command -v nginx > /dev/null 2>&1; then echo "y" | apt-get install socat curl gnupg2 ca-certificates lsb-release ubuntu-keyring; curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null @@ -8,6 +8,4 @@ main() { echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" | tee /etc/apt/sources.list.d/nginx.list echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | tee /etc/apt/preferences.d/99nginx apt update && apt install nginx -y -} - -main "$@" \ No newline at end of file +fi \ No newline at end of file diff --git a/vm/scripts/app/nginx/setup.sh b/vm/scripts/app/nginx/setup.sh new file mode 100644 index 00000000..d4d92703 --- /dev/null +++ b/vm/scripts/app/nginx/setup.sh @@ -0,0 +1,23 @@ +#!/bin/bash + + +if [ ! -f /etc/systemd/system/nginx.service ]; then + wget ${NGINX_PATH}/cfg/nginx.service -qO /etc/systemd/system/nginx.service + systemctl enable nginx +fi + +if [ ! -f /etc/nginx/nginx.conf ]; then + wget ${NGINX_PATH}/cfg/nginx.conf -qO /etc/nginx/nginx.conf +fi + +if [ ! -f /root/apps/nginx/conf/website.conf ]; then + wget ${NGINX_PATH}/cfg/website.conf -qO /root/apps/nginx/conf/website.conf +fi + +chmod 644 /etc/nginx/nginx.conf + +systemctl daemon-reload +sleep 1 +systemctl stop nginx +sleep 1 +systemctl start nginx \ No newline at end of file diff --git a/vm/scripts/cfg/v2ray/v2ray.service b/vm/scripts/app/v2ray/cfg/v2ray.service similarity index 100% rename from vm/scripts/cfg/v2ray/v2ray.service rename to vm/scripts/app/v2ray/cfg/v2ray.service diff --git a/vm/scripts/app/v2ray/install-server.sh b/vm/scripts/app/v2ray/install-server.sh new file mode 100644 index 00000000..363f8bef --- /dev/null +++ b/vm/scripts/app/v2ray/install-server.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +GITHUB_TOKEN=${GITHUB_TOKEN} + +# 根据传入配置地址返回内容,例如 vm/vps/v2ray/server.json +load_SK() { + echo "load_SK" + # 将 curl 返回值 return 到变量中 + echo "${SECRET_PATH}/$1" + res=$(curl "${SECRET_PATH}/$1" -H "Authorization: token ${GITHUB_TOKEN}" -H 'Accept: application/vnd.github.v3.raw') + echo "$res" +} + +main() { + # 检查是否有 v2ray server 配置 + if [ ! -f /usr/local/etc/v2ray/server.json ]; then + # 下载配置文件 + serverCfg=$(load_SK "vm/vps/v2ray/server.json") + echo "$serverCfg" > /usr/local/etc/v2ray/server.json + fi + + if ! command -v v2ray > /dev/null 2>&1; then + curl ${GIT_RAW_URL}/v2fly/fhs-install-v2ray/master/install-release.sh | bash + mv /usr/local/etc/v2ray/server.json /usr/local/etc/v2ray/config.json + systemctl enable v2ray + fi + + systemctl stop v2ray + sleep 1 + systemctl start v2ray +} + +main "$@" \ No newline at end of file diff --git a/vm/scripts/install/v2ray.sh b/vm/scripts/app/v2ray/v2ray.sh similarity index 100% rename from vm/scripts/install/v2ray.sh rename to vm/scripts/app/v2ray/v2ray.sh diff --git a/vm/scripts/cfg/acme/acme.sh b/vm/scripts/cfg/acme/acme.sh deleted file mode 100644 index c65037e9..00000000 --- a/vm/scripts/cfg/acme/acme.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -install_acme() { - if command -v acme.sh; then - /root/.acme.sh/acme.sh --upgrade - return - fi - - wget -qO - https://get.acme.sh | sh -s email=alomerry.wu@gmail.com - /root/.acme.sh/acme.sh --register-account -m alomerry.wu@gmail.com - /root/.acme.sh/acme.sh --set-default-ca --server letsencrypt - - # wget $ACME_PATH/account.conf -qO /root/.acme.sh/account.conf -} - -setup_ssl_issue() { - /root/.acme.sh/acme.sh --issue --dns dns_cf -d alomerry.com -d *.alomerry.com - set_ssl -} - -set_ssl_renew() { - /root/.acme.sh/acme.sh --renew -d alomerry.com - set_ssl -} - -set_ssl() { - /root/.acme.sh/acme.sh --install-cert -d alomerry.com --key-file /root/apps/nginx/cert/privkey.pem --fullchain-file /root/apps/nginx/cert/fullchain.pem -} \ No newline at end of file diff --git a/vm/scripts/cfg/nginx/nginx.sh b/vm/scripts/cfg/nginx/nginx.sh deleted file mode 100644 index 2af58e93..00000000 --- a/vm/scripts/cfg/nginx/nginx.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -install_nginx() { - if ! command -v nginx > /dev/null 2>&1; then - return; - fi - - # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/install/nginx.sh - wget $INSTALL_PATH/nginx.sh -qO /tmp/nginx.sh - cat /tmp/nginx.sh | sh - - mkdir /root/apps/nginx/{site,cert,conf,logs} -p - mkdir /root/apps/nginx/site/{admin,blog,ref,empty,it-tools}.alomerry.com -p - touch /root/apps/nginx/cert/{privkey,fullchain}.pem - -# wget $NGINX_PATH/nginx.service -qO /etc/systemd/system/nginx.service -# wget $NGINX_PATH/nginx.conf -qO /etc/nginx/nginx.conf -# wget $NGINX_PATH/website.conf -qO /root/apps/nginx/conf/website.conf - chmod 644 /etc/nginx/nginx.conf - - systemctl daemon-reload - sleep 1 - systemctl force-reload nginx -} diff --git a/vm/scripts/cfg/v2ray/v2ray.sh b/vm/scripts/cfg/v2ray/v2ray.sh deleted file mode 100644 index 692f9fd4..00000000 --- a/vm/scripts/cfg/v2ray/v2ray.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -# https://iitii.github.io/2020/02/04/1/ -install_v2ray_client() { - if command -v v2ray > /dev/null 2>&1; then - return; - fi - - curl -fsSL https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/install/v2ray.sh | bash - - mkdir /usr/local/etc/v2ray/ -p - # vim /usr/local/etc/v2ray/config.json - wget $V2RAY_PATH/v2ray.service -qO /etc/systemd/system/v2ray.service - - systemctl enable v2ray - systemctl start v2ray -} - -install_v2ray_server() { - if command -v v2ray > /dev/null 2>&1; then - return; - fi - - curl -fsSL https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/install/v2ray.sh | bash - - # vim /usr/local/etc/v2ray/config.json - systemctl enable v2ray - systemctl start v2ray -} diff --git a/vm/scripts/run.sh b/vm/scripts/run.sh deleted file mode 100755 index fb04dbef..00000000 --- a/vm/scripts/run.sh +++ /dev/null @@ -1,96 +0,0 @@ -#!/bin/bash - -# TODO 改成 python - -# export http_proxy=127.0.0.1:7890 https_proxy=127.0.0.1:7890 -# unset http_proxy https_proxy - -PROXY=127.0.0.1:7890 - -GIT_RAW_URL=https://raw.githubusercontent.com -BRANCH=master -MIX_REPOSITORY=alomerry/mix -MIX_VM_VPS_STATIC=vm/scripts -# https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts -SCRIPTS_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC} -INSTALL_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/install -NGINX_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/nginx -ACME_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/acme -FRP_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/frp - -JAVA_VERSION=${JAVA_VERSION:-"8"} - -boot() { - # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/app/tools.sh - if [ ! -f /tmp/tools.sh ]; then - wget $SCRIPTS_PATH/app/tools.sh -qO /tmp/tools.sh - fi - if [ ! -f /tmp/setup.sh ]; then - wget $SCRIPTS_PATH/app/setup.sh -qO /tmp/setup.sh - fi - if [ ! -f /tmp/build.sh ]; then - wget $SCRIPTS_PATH/app/build.sh -qO /tmp/build.sh - fi - if [ ! -f /tmp/install.sh ]; then - wget $SCRIPTS_PATH/app/install/index.sh -qO /tmp/install.sh - fi - # https://blog.csdn.net/Renard_H/article/details/121458554 - source /tmp/tools.sh - source /tmp/install.sh - source /tmp/build.sh - source /tmp/setup.sh -} - -usage() { - case "$1" in - setup) - setup_usage ${@:1} - ;; - build) - build_usage ${@:1} - ;; - install) - install_usage ${@:1} - ;; - *) - echo "usage: alomerry.sh" - echo -e "\nOptions:" - echo " - setup" - echo " - build" - echo " - install" - exit 1 - ;; - esac -} - -main() { - args=$# - boot - # TODO 单独先处理一遍参数 - if [ ${!args} == -h ]; then - usage ${@:1:`expr ${args} - 1`} - return - fi - - # ATTENTION: 安装 ansible 以使用 ansible-vault 解密 - case "$1" in - setup) - setup ${@:2} - ;; - build) - build ${@:2} - ;; - install) - install ${@:2} - ;; - update) - rm -rf /tmp/tools.sh /tmp/setup.sh /tmp/build.sh /tmp/install.sh - boot - ;; - *) - echo "Done!" - ;; - esac -} - -main $@ diff --git a/vm/scripts/tools/env.sh b/vm/scripts/tools/env.sh new file mode 100644 index 00000000..a48e836d --- /dev/null +++ b/vm/scripts/tools/env.sh @@ -0,0 +1,17 @@ +# export http_proxy=127.0.0.1:7890 https_proxy=127.0.0.1:7890 +# unset http_proxy https_proxy + +PROXY=127.0.0.1:7890 + +# https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts +export GIT_RAW_URL=https://raw.githubusercontent.com; \ + export BRANCH=master; \ + export MIX_REPOSITORY=alomerry/mix; \ + export MIX_VM_VPS_STATIC=vm/scripts/app; \ + export SCRIPTS_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}; \ + export NGINX_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/nginx; \ + export V2RAY_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/v2ray; \ + export ACME_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/acme; \ + export FRP_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/frp; \ + export SECRET_PATH=${GIT_RAW_URL}/alomerry/secrets/master; \ + export JAVA_VERSION=${JAVA_VERSION:-"8"}; \ No newline at end of file diff --git a/vm/scripts/vps/install.sh b/vm/scripts/vps/install.sh new file mode 100644 index 00000000..a33db8ea --- /dev/null +++ b/vm/scripts/vps/install.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +HOME_PATH=$( + cd $(dirname ${0}) + pwd +) +GITHUB_TOKEN=${GITHUB_TOKEN} + +main() { + case "$1" in + nginx) + curl ${NGINX_PATH}/aio.sh | bash + ;; + v2ray) + curl ${V2RAY_PATH}/install-server.sh | bash + ;; + frps) + curl ${FRP_PATH}/frp-server.sh | bash + ;; + acme) + curl ${ACME_PATH}/install.sh | bash + setup_ssl_issue + set_ssl_renew + ;; + *) + echo "usage: alomerry.sh" + echo -e "\nOptions:" + echo " - setup" + echo " - build" + echo " - install" + exit 1 + ;; + esac +} + +load_SK +https://raw.githubusercontent.com/alomerry/secrets/master/vm/vps/acme/account.conf + +setup_ssl_issue() { + /root/.acme.sh/acme.sh --issue --dns dns_cf -d alomerry.com -d *.alomerry.com + set_ssl +} + +set_ssl_renew() { + /root/.acme.sh/acme.sh --renew -d alomerry.com + set_ssl +} + +set_ssl() { + /root/.acme.sh/acme.sh --install-cert -d alomerry.com --key-file /root/apps/nginx/cert/privkey.pem --fullchain-file /root/apps/nginx/cert/fullchain.pem +} + +main "$@"