From ec2c7badd57d023294d0bd50eaedaf452880f853 Mon Sep 17 00:00:00 2001 From: Alomerry Wu Date: Mon, 29 Jan 2024 22:45:46 +0800 Subject: [PATCH] chore(vm): sperate ubuntu.sh --- vm/scripts/app/build.sh | 40 +++ vm/scripts/app/install/acme.sh | 17 + vm/scripts/app/install/frp.sh | 48 +++ vm/scripts/app/install/index.sh | 33 ++ vm/scripts/app/install/java.sh | 12 + vm/scripts/app/install/nginx.sh | 24 ++ vm/scripts/app/install/nvm.sh | 33 ++ vm/scripts/app/install/rust.sh | 15 + vm/scripts/app/install/v2ray.sh | 36 ++ vm/scripts/app/setup.sh | 39 +++ vm/scripts/app/tools.sh | 15 + .../{acme/install.sh => install/acme.sh} | 0 .../{v2ray => install}/install-v2ray.sh | 0 vm/scripts/install/nginx.sh | 13 + vm/scripts/nginx/install.sh | 9 - vm/scripts/nginx/website.conf | 6 + vm/scripts/run.sh | 56 +++ vm/ubuntu.sh | 325 ------------------ 18 files changed, 387 insertions(+), 334 deletions(-) create mode 100644 vm/scripts/app/build.sh create mode 100644 vm/scripts/app/install/acme.sh create mode 100644 vm/scripts/app/install/frp.sh create mode 100644 vm/scripts/app/install/index.sh create mode 100644 vm/scripts/app/install/java.sh create mode 100644 vm/scripts/app/install/nginx.sh create mode 100644 vm/scripts/app/install/nvm.sh create mode 100644 vm/scripts/app/install/rust.sh create mode 100644 vm/scripts/app/install/v2ray.sh create mode 100644 vm/scripts/app/setup.sh create mode 100644 vm/scripts/app/tools.sh rename vm/scripts/{acme/install.sh => install/acme.sh} (100%) rename vm/scripts/{v2ray => install}/install-v2ray.sh (100%) create mode 100644 vm/scripts/install/nginx.sh delete mode 100644 vm/scripts/nginx/install.sh create mode 100755 vm/scripts/run.sh delete mode 100755 vm/ubuntu.sh diff --git a/vm/scripts/app/build.sh b/vm/scripts/app/build.sh new file mode 100644 index 00000000..418ad2e0 --- /dev/null +++ b/vm/scripts/app/build.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +_build_mix() { + res=/tmp/res.tar.gz + workspace=/root/workspace/mix + website=/root/apps/nginx/site + for module in $@ ; do + cd $workspace/$module + pnpm install && pnpm build + distPath="" + + case "$module" in + blog) + distPath=$workspace/blog/dist/ + ;; + docs) + distPath=$workspace/docs/.vitepress/dist/ + ;; + esac + + tar -zcvf $res -C $distPath . + scp -r $res root@alomerry.com:/tmp/ + ssh root@alomerry.com "rm -rf $website/$module.alomerry.com/*; tar -zxvf $res -C $website/$module.alomerry.com/; rm $res" + done +} + +build_docs() { + _build_mix docs +} + + +build_blog() { + _build_mix blog +} + +build() { + for module in $@ ; do + eval "build_$module" + done +} diff --git a/vm/scripts/app/install/acme.sh b/vm/scripts/app/install/acme.sh new file mode 100644 index 00000000..32a0d49f --- /dev/null +++ b/vm/scripts/app/install/acme.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +install_acme() { + if command -v acme.sh; then + /root/.acme.sh/acme.sh --upgrade + return + fi + + # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/acme + wget $INSTALL_PATH/acme.sh -O /tmp/acme.sh + cat /tmp/acme.sh | sh -s -- --install-online + /root/.acme.sh/acme.sh --register-account -m alomerry.wu@gmail.com + /root/.acme.sh/acme.sh --set-default-ca --server letsencrypt + + wget $ACME_PATH/account.conf -O /root/.acme.sh/account.conf + ansible-vault decrypt --vault-id ~/.ansible/.vault /root/.acme.sh/account.conf +} \ No newline at end of file diff --git a/vm/scripts/app/install/frp.sh b/vm/scripts/app/install/frp.sh new file mode 100644 index 00000000..725d3078 --- /dev/null +++ b/vm/scripts/app/install/frp.sh @@ -0,0 +1,48 @@ +#!/bin/bash + +install_frp_server() { + if [ -f /root/apps/frps/${FRP_VERSION}.version ]; then + return + fi + + wget https://github.com/fatedier/frp/releases/download/v${FRP_VERSION}/frp_${FRP_VERSION}_linux_amd64.tar.gz -O /tmp/frp.tar.gz + + rm -rf /root/apps/frps && mkdir /root/apps/frps -p + tar -xf /tmp/frp.tar.gz --strip-components 1 -C /root/apps/frps/ + wget -P /etc/systemd/system/ $FRP_PATH/frps.service + + rm /root/apps/frps/frps.ini + wget -P /root/apps/frps/ $FRP_PATH/frps.ini + ansible-vault decrypt --vault-id ~/.ansible/.vault /root/apps/frps/frps.ini + + touch /root/apps/frps/${FRP_VERSION}.version + rm -rf /root/apps/frps/{frps.tar.gz,frpc,frpc_full.ini,frps_full.ini,frpc.ini} + + systemctl enable frps.service && systemctl stop frps.service + systemctl daemon-reload && systemctl start frps.service + + rm -rf /tmp/frp.tar.gz +} + +install_frp_client() { + if [ -f /root/apps/frpc/${FRP_VERSION}.version ]; then + return + fi + + wget https://github.com/fatedier/frp/releases/download/v${FRP_VERSION}/frp_${FRP_VERSION}_linux_amd64.tar.gz -O /tmp/frp.tar.gz + + rm -rf /root/apps/frpc && mkdir /root/apps/frpc -p + tar -xf /tmp/frp.tar.gz --strip-components 1 -C /root/apps/frpc/ + wget -P /etc/systemd/system/ $FRP_PATH/frpc.service + + rm /root/apps/frpc/frpc.ini + wget -P /root/apps/frpc/ $FRP_PATH/frpc.ini + wget -P /root/apps/frpc/ $FRP_PATH/frpc_conf.ini + ansible-vault decrypt --vault-id ~/.ansible/.vault /root/apps/frpc/frpc.ini + + touch /root/apps/frpc/${FRP_VERSION}.version + systemctl enable frpc.service && systemctl stop frpc.service + systemctl daemon-reload && systemctl start frpc.service + + rm -rf /tmp/frp.tar.gz +} \ No newline at end of file diff --git a/vm/scripts/app/install/index.sh b/vm/scripts/app/install/index.sh new file mode 100644 index 00000000..4dc02ff9 --- /dev/null +++ b/vm/scripts/app/install/index.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +_load_install() { + wget $SCRIPTS_PATH/app/install/v2ray.sh -O /tmp/install-v2ray.sh + wget $SCRIPTS_PATH/app/install/nginx.sh -O /tmp/install-nginx.sh + wget $SCRIPTS_PATH/app/install/acme.sh -O /tmp/install-acme.sh + wget $SCRIPTS_PATH/app/install/frp.sh -O /tmp/install-frp.sh + wget $SCRIPTS_PATH/app/install/java.sh -O /tmp/install-java.sh + wget $SCRIPTS_PATH/app/install/rust.sh -O /tmp/install-rust.sh + wget $SCRIPTS_PATH/app/install/nvm.sh -O /tmp/install-nvm.sh + source /tmp/install-v2ray.sh + source /tmp/install-nginx.sh + source /tmp/install-acme.sh + source /tmp/install-frp.sh + source /tmp/install-java.sh + source /tmp/install-rust.sh + source /tmp/install-nvm.sh +} + +_install_required() { + if ! command -v ansible > /dev/null 2>&1; then + apt_install ansible + fi +} + +install() { + _load_install + _install_required + + for module in $@ ; do + eval "install_$module" + done +} diff --git a/vm/scripts/app/install/java.sh b/vm/scripts/app/install/java.sh new file mode 100644 index 00000000..912d9171 --- /dev/null +++ b/vm/scripts/app/install/java.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +install_java() { + # 检验命令是否存在 + if ! command -v javac > /dev/null 2>&1; then + apt_install openjdk-${JAVA_VERSION}-jdk-headless + fi + + if ! command -v javac > /dev/null 2>&1; then + apt_install openjdk-${JAVA_VERSION}-jre-headless + fi +} diff --git a/vm/scripts/app/install/nginx.sh b/vm/scripts/app/install/nginx.sh new file mode 100644 index 00000000..d7844aaa --- /dev/null +++ b/vm/scripts/app/install/nginx.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +install_nginx() { + if ! command -v nginx > /dev/null 2>&1; then + return; + fi + + # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/install/nginx.sh + wget $INSTALL_PATH/nginx.sh -O /tmp/nginx.sh + cat /tmp/nginx.sh | sh + + mkdir /root/apps/nginx/{site,cert,conf,logs} -p + mkdir /root/apps/nginx/site/{docs,blog,empty}.alomerry.com -p + touch /root/apps/nginx/cert/{privkey,fullchain}.pem + + wget -P /etc/systemd/system/ $NGINX_PATH/nginx.service + wget -P /etc/nginx/ $NGINX_PATH/nginx.conf + wget -P /root/apps/nginx/conf/ $NGINX_PATH//website.conf + chmod 644 /etc/nginx/nginx.conf + + systemctl daemon-reload + sleep 1 + systemctl force-reload nginx +} \ No newline at end of file diff --git a/vm/scripts/app/install/nvm.sh b/vm/scripts/app/install/nvm.sh new file mode 100644 index 00000000..3fc55255 --- /dev/null +++ b/vm/scripts/app/install/nvm.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +install_nvm() { + # TODO + if [ ! -d /root/.nvm ]; then + curl -o- ${GIT_RAW_URL}/nvm-sh/nvm/v${NVM_VERSION}/install.sh | bash + source ~/.bashrc + fi + + [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" + + nvm --version + + for module in $@ ; do + case "$module" in + node) + which npm >/dev/null 2>&1 + if [ $? -ne 0 ]; then + NVM_NODEJS_ORG_MIRROR=https://npmmirror.com/mirrors/node/ nvm install v${NODE_VERSION} + npm config set registry https://registry.npmmirror.com + nvm use v${NODE_VERSION} + fi + ;; + pnpm) + which pnpm >/dev/null 2>&1 + if [ $? -ne 0 ]; then + npm install -g pnpm + pnpm config set registry https://registry.npmmirror.com + fi + ;; + esac + done +} \ No newline at end of file diff --git a/vm/scripts/app/install/rust.sh b/vm/scripts/app/install/rust.sh new file mode 100644 index 00000000..5b9691c2 --- /dev/null +++ b/vm/scripts/app/install/rust.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +install_rust() { + install_java + if command -v cargo > /dev/null 2>&1; then + return; + fi + export RUSTUP_DIST_SERVER="https://rsproxy.cn" + export RUSTUP_UPDATE_ROOT="https://rsproxy.cn/rustup" + + curl --proto '=https' --tlsv1.2 -sSf https://rsproxy.cn/rustup-init.sh | sh + # 此处需要回车 + source "$HOME/.cargo/env" + # https://rsproxy.cn/#getStarted +} \ No newline at end of file diff --git a/vm/scripts/app/install/v2ray.sh b/vm/scripts/app/install/v2ray.sh new file mode 100644 index 00000000..90eb6ebe --- /dev/null +++ b/vm/scripts/app/install/v2ray.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +# https://iitii.github.io/2020/02/04/1/ +install_v2ray_client() { + if command -v v2ray > /dev/null 2>&1; then + return; + fi + + # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/install/v2ray.sh + curl -fsSL $V2RAY_PATH/v2ray.sh | bash + + mkdir /usr/local/etc/v2ray/ -p + wget -P /usr/local/etc/v2ray/ $V2RAY_PATH/client.json + wget -P /etc/systemd/system $V2RAY_PATH/v2ray.service + mv /usr/local/etc/v2ray/client.json /usr/local/etc/v2ray/config.json + ansible-vault decrypt --vault-id ~/.ansible/.vault /usr/local/etc/v2ray/config.json + + systemctl enable v2ray + systemctl start v2ray +} + +install_v2ray_server() { + if command -v v2ray > /dev/null 2>&1; then + return; + fi + + # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/install/v2ray.sh + curl -fsSL $V2RAY_PATH/v2ray.sh | sh + + wget -P /usr/local/etc/v2ray/ $V2RAY_PATH/server.json + mv /usr/local/etc/v2ray/server.json /usr/local/etc/v2ray/config.json + ansible-vault decrypt --vault-id ~/.ansible/.vault /usr/local/etc/v2ray/config.json + + systemctl enable v2ray + systemctl start v2ray +} \ No newline at end of file diff --git a/vm/scripts/app/setup.sh b/vm/scripts/app/setup.sh new file mode 100644 index 00000000..6884af4c --- /dev/null +++ b/vm/scripts/app/setup.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +setup_server() { + setup_basic +} + +setup_local() { + setup_basic +} + +setup_ssl_issue() { + /root/.acme.sh/acme.sh --issue --dns dns_cf -d alomerry.com -d *.alomerry.com + set_ssl +} + +set_ssl_renew() { + /root/.acme.sh/acme.sh --renew -d alomerry.com + set_ssl +} + +set_ssl() { + /root/.acme.sh/acme.sh --install-cert -d alomerry.com --key-file /root/apps/nginx/cert/privkey.pem --fullchain-file /root/apps/nginx/cert/fullchain.pem +} + +setup_ssh() { + ssh-copy-id root@blog.alomerry.com + ssh-copy-id root@alomerry.com +} + +setup_basic() { + echo "y" | apt-get install tree aptitude ca-certificates curl gnupg wget cron lsof; + journalctl --vacuum-time=1d && journalctl --vacuum-size=30M +} + +setup() { + for module in $@ ; do + eval "setup_$module" + done +} \ No newline at end of file diff --git a/vm/scripts/app/tools.sh b/vm/scripts/app/tools.sh new file mode 100644 index 00000000..e95f3d59 --- /dev/null +++ b/vm/scripts/app/tools.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +# TODO 安装失败如何终止 +apt_install() { + echo "y" | apt-get install ${@:1}; +} + + # case "$1" in + # unlock) + # ansible-vault decrypt --vault-id ~/.ansible/.vault /root/workspace/mix/vm/scripts/frp/frpc.ini + # ;; + # lock) + # ansible-vault encrypt --vault-id ~/.ansible/.vault /root/workspace/mix/vm/scripts/frp/frpc.ini + # ;; + # esac \ No newline at end of file diff --git a/vm/scripts/acme/install.sh b/vm/scripts/install/acme.sh similarity index 100% rename from vm/scripts/acme/install.sh rename to vm/scripts/install/acme.sh diff --git a/vm/scripts/v2ray/install-v2ray.sh b/vm/scripts/install/install-v2ray.sh similarity index 100% rename from vm/scripts/v2ray/install-v2ray.sh rename to vm/scripts/install/install-v2ray.sh diff --git a/vm/scripts/install/nginx.sh b/vm/scripts/install/nginx.sh new file mode 100644 index 00000000..5d0c0538 --- /dev/null +++ b/vm/scripts/install/nginx.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +main() { + echo "y" | apt-get install socat curl gnupg2 ca-certificates lsb-release ubuntu-keyring; + + curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null + gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" | tee /etc/apt/sources.list.d/nginx.list + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | tee /etc/apt/preferences.d/99nginx + apt update && apt install nginx -y +} + +main "$@" \ No newline at end of file diff --git a/vm/scripts/nginx/install.sh b/vm/scripts/nginx/install.sh deleted file mode 100644 index 8593f406..00000000 --- a/vm/scripts/nginx/install.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -echo "y" | apt-get install socat curl gnupg2 ca-certificates lsb-release ubuntu-keyring; - -curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null -gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg -echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" | tee /etc/apt/sources.list.d/nginx.list -echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | tee /etc/apt/preferences.d/99nginx -apt update && apt install nginx -y \ No newline at end of file diff --git a/vm/scripts/nginx/website.conf b/vm/scripts/nginx/website.conf index 2e1899bd..b1a6ac8b 100644 --- a/vm/scripts/nginx/website.conf +++ b/vm/scripts/nginx/website.conf @@ -10,6 +10,12 @@ server { rewrite ^(/.*)$ https://$host$1 permanent; } + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header Cache-Control private; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; + # ssl_certificate /root/apps/nginx/cert/blog.alomerry.com/certificate.crt; # ssl_certificate_key /root/apps/nginx/cert/blog.alomerry.com/private.key; ssl_certificate /root/apps/nginx/cert/fullchain.pem; diff --git a/vm/scripts/run.sh b/vm/scripts/run.sh new file mode 100755 index 00000000..f9bbfe61 --- /dev/null +++ b/vm/scripts/run.sh @@ -0,0 +1,56 @@ +#!/bin/bash + +# TODO 改成 python + +# export http_proxy=127.0.0.1:7890 https_proxy=127.0.0.1:7890 +# unset http_proxy https_proxy + +PROXY=127.0.0.1:7890 + +GIT_RAW_URL=https://raw.githubusercontent.com +BRANCH=master +MIX_REPOSITORY=alomerry/mix +MIX_VM_VPS_STATIC=vm/scripts +SCRIPTS_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC} +INSTALL_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/install +NGINX_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/nginx +ACME_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/acme +V2RAY_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/v2ray +FRP_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/frp + +NODE_VERSION=${NODE_VERSION:-"20.10.0"} +NVM_VERSION=${NVM_VERSION:-"0.39.7"} +FRP_VERSION=${FRP_VERSION:-"0.51.3"} +JAVA_VERSION=${JAVA_VERSION:-"8"} + +boot() { + wget $SCRIPTS_PATH/app/tools.sh -O /tmp/tools.sh + wget $SCRIPTS_PATH/app/setup.sh -O /tmp/setup.sh + wget $SCRIPTS_PATH/app/build.sh -O /tmp/build.sh + wget $SCRIPTS_PATH/app/install/index.sh -O /tmp/install.sh + source /tmp/tools.sh + source /tmp/install.sh + source /tmp/build.sh + source /tmp/setup.sh +} + +main() { + boot + # ATTENTION: 安装 ansible 以使用 ansible-vault 解密 + case "$1" in + setup) # server local ssh ssl ssl_{issue,renew} + setup ${@:2} + ;; + build) # blog,docs + build ${@:2} + ;; + install) # acme rust nginx java frp_{server,client} v2ray_{server,client} nvm + install ${@:2} + ;; + *) + echo "Done!" + ;; + esac +} + +main $@ \ No newline at end of file diff --git a/vm/ubuntu.sh b/vm/ubuntu.sh deleted file mode 100755 index dc90cec5..00000000 --- a/vm/ubuntu.sh +++ /dev/null @@ -1,325 +0,0 @@ -#!/bin/bash - -# export http_proxy=127.0.0.1:7890 https_proxy=127.0.0.1:7890 -# unset http_proxy https_proxy - -PROXY=127.0.0.1:7890 - -GIT_RAW_URL=https://raw.githubusercontent.com -BRANCH=master -MIX_REPOSITORY=alomerry/mix -MIX_VM_VPS_STATIC=vm/scripts -NGINX_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/nginx -ACME_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/acme -V2RAY_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/v2ray -FRP_PATH=${GIT_RAW_URL}/${MIX_REPOSITORY}/${BRANCH}/${MIX_VM_VPS_STATIC}/frp - -NODE_VERSION=${NODE_VERSION:-"20.10.0"} -NVM_VERSION=${NVM_VERSION:-"0.39.7"} -FRP_VERSION=${FRP_VERSION:-"0.51.3"} -JAVA_VERSION=${JAVA_VERSION:-"8"} - -init() { - echo "y" | apt-get install tree aptitude ca-certificates curl gnupg wget cron lsof crontab; - journalctl --vacuum-time=1d && journalctl --vacuum-size=30M -} - -install_nginx() { - if ! command -v nginx > /dev/null 2>&1; then - return; - fi - - # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/nginx - curl -fsSL $NGINX_PATH/install.sh | bash - - mkdir /root/apps/nginx/{site,cert,conf,logs} -p - mkdir /root/apps/nginx/site/{docs,blog,empty}.alomerry.com -p - touch /root/apps/nginx/cert/{privkey,fullchain}.pem - - wget -P /etc/systemd/system/ $NGINX_PATH/nginx.service - wget -P /etc/nginx/ $NGINX_PATH/nginx.conf - wget -P /root/apps/nginx/conf/ $NGINX_PATH//website.conf - chmod 644 /etc/nginx/nginx.conf - - systemctl daemon-reload - sleep 1 - systemctl force-reload nginx -} - -install_acme() { - if command -v acme.sh; then - /root/.acme.sh/acme.sh --upgrade - return - fi - - # https://raw.githubusercontent.com/alomerry/mix/master/vm/vps/static/acme - curl -fsSL $ACME_PATH/install.sh | sh -s -- --install-online && source /root/.bashrc - /root/.acme.sh/acme.sh --register-account -m alomerry.wu@gmail.com - /root/.acme.sh/acme.sh --set-default-ca --server letsencrypt - - if ! command -v ansible > /dev/null 2>&1; then - apt_install ansible - fi - - rm /root/.acme.sh/account.conf - wget -P /root/.acme.sh/ $ACME_PATH/account.conf - ansible-vault decrypt --vault-id ~/.ansible/.vault /root/.acme.sh/account.conf -} - -set_ssl() { - case "$1" in - renew) - /root/.acme.sh/acme.sh --renew -d alomerry.com - ;; - issue) - /root/.acme.sh/acme.sh --issue --dns dns_cf -d alomerry.com -d *.alomerry.com - ;; - esac - - /root/.acme.sh/acme.sh --install-cert -d alomerry.com --key-file /root/apps/nginx/cert/privkey.pem --fullchain-file /root/apps/nginx/cert/fullchain.pem -} - -# https://iitii.github.io/2020/02/04/1/ -install_v2ray() { - if command -v v2ray > /dev/null 2>&1; then - return; - fi - - # https://raw.githubusercontent.com/alomerry/mix/master/vm/scripts/v2ray - curl -fsSL $V2RAY_PATH/install-v2ray.sh | sh - - case "$1" in - client) - mkdir /usr/local/etc/v2ray/ -p - wget -P /usr/local/etc/v2ray/ $V2RAY_PATH/client.json - wget -P /etc/systemd/system $V2RAY_PATH/v2ray.service - mv /usr/local/etc/v2ray/client.json /usr/local/etc/v2ray/config.json - ansible-vault decrypt --vault-id ~/.ansible/.vault /usr/local/etc/v2ray/config.json - ;; - server) - wget -P /usr/local/etc/v2ray/ $V2RAY_PATH/server.json - mv /usr/local/etc/v2ray/server.json /usr/local/etc/v2ray/config.json - ansible-vault decrypt --vault-id ~/.ansible/.vault /usr/local/etc/v2ray/config.json - ;; - esac - - systemctl enable v2ray - systemctl start v2ray -} - -install_java() { - # 检验命令是否存在 - if ! command -v javac > /dev/null 2>&1; then - apt_install openjdk-${JAVA_VERSION}-jdk-headless - fi - - if ! command -v javac > /dev/null 2>&1; then - apt_install openjdk-${JAVA_VERSION}-jre-headless - fi -} - -install_rust() { - install_java - if command -v cargo > /dev/null 2>&1; then - return; - fi - export RUSTUP_DIST_SERVER="https://rsproxy.cn" - export RUSTUP_UPDATE_ROOT="https://rsproxy.cn/rustup" - - curl --proto '=https' --tlsv1.2 -sSf https://rsproxy.cn/rustup-init.sh | sh - # 此处需要回车 - source "$HOME/.cargo/env" - # https://rsproxy.cn/#getStarted -} - -apt_install() { - echo "y" | apt-get ${@:1}; -} - -install_frp() { - if ! command -v ansible > /dev/null 2>&1; then - apt_install ansible - fi - case "$1" in - unlock) - ansible-vault decrypt --vault-id ~/.ansible/.vault /root/workspace/mix/vm/scripts/frp/frpc.ini - ;; - lock) - ansible-vault encrypt --vault-id ~/.ansible/.vault /root/workspace/mix/vm/scripts/frp/frpc.ini - ;; - - esac - - - case "$1" in - client) - if [ -f /root/apps/frpc/${FRP_VERSION}.version ]; then - return - fi - ;; - server) - if [ -f /root/apps/frps/${FRP_VERSION}.version ]; then - return - fi - ;; - *) - return - ;; - esac - - - wget -P /tmp/ https://github.com/fatedier/frp/releases/download/v${FRP_VERSION}/frp_${FRP_VERSION}_linux_amd64.tar.gz - - case "$1" in - client) - rm -rf /root/apps/frpc && mkdir /root/apps/frpc -p - tar -xf /tmp/frp_${FRP_VERSION}_linux_amd64.tar.gz --strip-components 1 -C /root/apps/frpc/ - wget -P /etc/systemd/system/ $FRP_PATH/frpc.service - - rm /root/apps/frpc/frpc.ini - wget -P /root/apps/frpc/ $FRP_PATH/frpc.ini - wget -P /root/apps/frpc/ $FRP_PATH/frpc_conf.ini - ansible-vault decrypt --vault-id ~/.ansible/.vault /root/apps/frpc/frpc.ini - - touch /root/apps/frpc/${FRP_VERSION}.version - systemctl enable frpc.service && systemctl stop frpc.service - systemctl daemon-reload && systemctl start frpc.service - ;; - server) - rm -rf /root/apps/frps && mkdir /root/apps/frps -p - tar -xf /tmp/frp_${FRP_VERSION}_linux_amd64.tar.gz --strip-components 1 -C /root/apps/frps/ - wget -P /etc/systemd/system/ $FRP_PATH/frps.service - - rm /root/apps/frps/frps.ini - wget -P /root/apps/frps/ $FRP_PATH/frps.ini - ansible-vault decrypt --vault-id ~/.ansible/.vault /root/apps/frps/frps.ini - - touch /root/apps/frps/${FRP_VERSION}.version - rm -rf /root/apps/frps/{frps.tar.gz,frpc,frpc_full.ini,frps_full.ini,frpc.ini} - - systemctl enable frps.service && systemctl stop frps.service - systemctl daemon-reload && systemctl start frps.service - ;; - esac - - rm -rf /tmp/frp_${FRP_VERSION}_linux_amd64.tar.gz -} - -install_nvm() { - if [ ! -d /root/.nvm ]; then - curl -o- ${GIT_RAW_URL}/nvm-sh/nvm/v${NVM_VERSION}/install.sh | bash - source ~/.bashrc - fi - - [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" - - nvm --version - - for module in $@ ; do - case "$module" in - node) - which npm >/dev/null 2>&1 - if [ $? -ne 0 ]; then - NVM_NODEJS_ORG_MIRROR=https://npmmirror.com/mirrors/node/ nvm install v${NODE_VERSION} - npm config set registry https://registry.npmmirror.com - nvm use v${NODE_VERSION} - fi - ;; - pnpm) - which pnpm >/dev/null 2>&1 - if [ $? -ne 0 ]; then - npm install -g pnpm - pnpm config set registry https://registry.npmmirror.com - fi - ;; - esac - done -} - -set_ssh() { - for vps in $@ ; do - case "$vps" in - blog) - ssh-copy-id root@blog.alomerry.com - ;; - esac - done - - ssh-copy-id root@alomerry.com -} - -build_mix() { - res=/tmp/res.tar.gz - workspace=/root/workspace/mix - website=/root/apps/nginx/site - for module in $@ ; do - cd $workspace/$module - pnpm install && pnpm build - distPath="" - - case "$module" in - blog) - distPath=$workspace/blog/dist/ - ;; - docs) - distPath=$workspace/docs/.vitepress/dist/ - ;; - esac - - tar -zcvf $res -C $distPath . - scp -r $res root@alomerry.com:/tmp/ - ssh root@alomerry.com "rm -rf $website/$module.alomerry.com/*; tar -zxvf $res -C $website/$module.alomerry.com/; rm $res" - done -} - -setup() { - case "$1" in - ssh) - set_ssh ${@:2} - ;; - esac -} - -install() { - for module in $@ ; do - eval "install_$module" - done -} - -main() { - # ATTENTION: 安装 ansible 以使用 ansible-vault 解密 - case "$1" in - init) - init - ;; - v2ray) - install_v2ray $2 - ;; - frp) - install_frp $2 - ;; - ssl) - # renew issue - set_ssl $2 - ;; - nvm) - install_nvm ${@:2} - ;; - build-mix) - build_mix ${@:2} - ;; - install) - # acme rust nginx java - install ${@:2} - ;; - setup) - # TODO 区分 server home - setup ${@:2} - ;; - *) - echo "Done!" - ;; - esac -} - -main $@