diff --git a/core b/core index 0c992eb..1159694 100644 --- a/core +++ b/core @@ -99,7 +99,7 @@ CurlFake() elif [ "$service_name" == "xtream_codes" ] then rm -f "${CURL_IMPERSONATE_FILE}-$service_name" - awk '!x{x=sub(/dir=.*/,"dir='"$HOME/curl-impersonate"'")}1' "$HOME/curl-impersonate/curl_chrome99_android" > "${CURL_IMPERSONATE_FILE}-$service_name" + awk '!x{x=sub(/dir=.*/,"dir='"$DEPENDS_ROOT/curl-impersonate"'")}1' "$DEPENDS_ROOT/curl-impersonate/curl_chrome99_android" > "${CURL_IMPERSONATE_FILE}-$service_name" chmod +x "${CURL_IMPERSONATE_FILE}-$service_name" echo "$(awk '!x{x=sub(/-H '\''User-Agent: .*'\'' \\/,"-H '\''User-Agent: '"$USER_AGENT_TV"''\'' \\")}1' "${CURL_IMPERSONATE_FILE}-$service_name")" > "${CURL_IMPERSONATE_FILE}-$service_name" shift diff --git a/docs/iptv.sh b/docs/iptv.sh index 535cc87..cc4894a 100755 --- a/docs/iptv.sh +++ b/docs/iptv.sh @@ -198,6 +198,8 @@ deb-src http://security.debian.org wheezy/updates main fi deb_fix=0 + sed -i '/deb_fix=/d' "$i18n_FILE" + printf "deb_fix=%s" "$deb_fix" >> "$i18n_FILE" fi } @@ -205,6 +207,7 @@ AptUpdate() { if [ "${apt_updated:-false}" = false ] then + Println "$info 更新软件包列表..." apt-get update --allow-releaseinfo-change >/dev/null apt_updated=true fi @@ -216,8 +219,6 @@ DepInstall() [[ -x $(command -v $dependency) ]] && return 0 - DistCheck - if [ "$dependency" == "gettext" ] || [ "$dependency" == "wget" ] then Println "${green}[INFO]${normal} Installing $dependency, it takes awhile..." @@ -229,12 +230,15 @@ DepInstall() setenforce 0 fi - if yum -y install $dependency >/dev/null 2>&1 + if ! rpm -q $dependency &>/dev/null then - Println "${green}[INFO]${normal} $dependency installation succeed..." - else - Println "${green}[ERROR]${normal} $dependency installation failed...\n" - exit 1 + if yum -y install $dependency &>/dev/null + then + Println "${green}[INFO]${normal} $dependency installation succeed..." + else + Println "${green}[ERROR]${normal} $dependency installation failed...\n" + return 1 + fi fi else if [ "$dist" == "deb" ] @@ -242,22 +246,22 @@ DepInstall() DebFixSources fi - AptUpdate - - if apt-get -y install $dependency >/dev/null 2>&1 + if ! dpkg -s $dependency &>/dev/null then - Println "${green}[INFO]${normal} $dependency installation succeed..." - else - Println "${green}[ERROR]${normal} $dependency installation failed...\n" - exit 1 + AptUpdate + if apt-get -y install $dependency &>/dev/null + then + Println "${green}[INFO]${normal} $dependency installation succeed..." + else + Println "${green}[ERROR]${normal} $dependency installation failed...\n" + return 1 + fi fi fi return 0 fi - Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" - if [ "$dist" == "rpm" ] then if [[ -x $(command -v getenforce) ]] && [ "$(getenforce)" != "Disabled" ] @@ -268,14 +272,27 @@ DepInstall() if [ "$dependency" == "dig" ] then dependency="bind-utils" + elif [ "$dependency" == "hexdump" ] + then + dependency="util-linux" + elif [ "$dependency" == "ss" ] + then + dependency="iproute" + elif [ "$dependency" == "tput" ] + then + dependency="ncurses" fi - if yum -y install $dependency >/dev/null 2>&1 + if ! rpm -q $dependency &>/dev/null then - Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" - else - Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" - exit 1 + Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" + if yum -y install $dependency >/dev/null 2>&1 + then + Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" + else + Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" + return 1 + fi fi else if [ "$dist" == "deb" ] @@ -283,19 +300,31 @@ DepInstall() DebFixSources fi - AptUpdate - if [ "$dependency" == "dig" ] then dependency="dnsutils" + elif [ "$dependency" == "hexdump" ] + then + dependency="bsdmainutils" + elif [ "$dependency" == "ss" ] + then + dependency="iproute2" + elif [ "$dependency" == "tput" ] + then + dependency="ncurses-bin" fi - if apt-get -y install $1 >/dev/null 2>&1 + if ! dpkg -s $dependency &>/dev/null then - Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" - else - Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" - exit 1 + AptUpdate + Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" + if apt-get -y install $1 >/dev/null 2>&1 + then + Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" + else + Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" + return 1 + fi fi fi } @@ -482,8 +511,6 @@ i18nGetMsg() LocaleFix() { - DistCheck - Println "${green}[INFO]${normal} Installing language (locale) support, it takes awhile..." if [ "$dist" == "rpm" ] @@ -528,6 +555,8 @@ eval_gettext() gettext "$1" | (export PATH `envsubst --variables "$1"`; envsubst "$1") } +DistCheck + TEXTDOMAIN=iptv TEXTDOMAINDIR=/usr/share/locale @@ -585,8 +614,6 @@ DepsCheck() return 0 fi - DistCheck - DepInstall tput Spinner "`gettext \"检查依赖, 耗时可能会很长\"`" DepsInstall @@ -603,38 +630,30 @@ DepsInstall() setenforce 0 fi - depends=(wget unzip vim curl crond logrotate patch nscd) + depends=(sudo wget unzip vim curl crond logrotate patch nscd bind-utils util-linux iproute) - if [[ ! -x $(command -v dig) ]] + if [ "${rpm_fix:-1}" -eq 1 ] then - depends+=(bind-utils) - fi - - if [[ ! -x $(command -v hexdump) ]] - then - depends+=(util-linux) - fi - - if [[ ! -x $(command -v ss) ]] - then - depends+=(iproute) + yum -y update ca-certificates &> /dev/null || yum -y reinstall ca-certificates &> /dev/null + rpm_fix=0 + sed -i '/rpm_fix=/d' "$i18n_FILE" + printf "rpm_fix=%s" "$rpm_fix" >> "$i18n_FILE" fi for depend in "${depends[@]}" do - if [[ ! -x $(command -v "$depend") ]] + [[ -x $(command -v $depend) ]] && continue + if ! rpm -q "$depend" &> /dev/null then - if yum -y install "$depend" >/dev/null 2>&1 + if yum -y install "$depend" &> /dev/null then Println "`eval_gettext \"\\\$info 依赖 \\\$depend 安装成功\"`" else Println "`eval_gettext \"\\\$error 依赖 \\\$depend 安装失败\"`\n" - exit 1 + return 1 fi fi done - - yum -y update ca-certificates >/dev/null 2>&1 || yum -y reinstall ca-certificates >/dev/null 2>&1 else if [ "$dist" == "deb" ] then @@ -643,30 +662,19 @@ DepsInstall() AptUpdate - apt-get -y install ca-certificates >/dev/null 2>&1 - - depends=(wget unzip vim curl cron ufw python3 logrotate patch nscd) - - if [[ ! -x $(command -v dig) ]] - then - depends+=(dnsutils) - fi - - if [[ ! -x $(command -v hexdump) ]] - then - depends+=(bsdmainutils) - fi + depends=(ca-certificates sudo wget unzip vim curl cron ufw python3 logrotate patch nscd dnsutils bsdmainutils) for depend in "${depends[@]}" do - if [[ ! -x $(command -v "$depend") ]] + [[ -x $(command -v $depend) ]] && continue + if ! dpkg -s "$depend" &> /dev/null then - if apt-get -y install "$depend" >/dev/null 2>&1 + if apt-get -y install "$depend" &> /dev/null then Println "`eval_gettext \"\\\$info 依赖 \\\$depend 安装成功\"`" else Println "`eval_gettext \"\\\$error 依赖 \\\$depend 安装失败\"`\n" - exit 1 + return 1 fi fi done @@ -3112,8 +3120,6 @@ PythonInstall() return 0 fi - DistCheck - Println "`eval_gettext \"\\\$info 安装 python3 ...\"`" Progress & @@ -4350,8 +4356,6 @@ CurlImpersonateCompile() GoInstall - DistCheck - if [ "$dist" == "rpm" ] then yum groupinstall -y "Development Tools" @@ -4651,8 +4655,6 @@ Update() reinstall_ffmpeg_yn="Y" fi - DistCheck - if [[ ${reinstall_ffmpeg_yn:-N} == [Yy] ]] then rm -rf "$IPTV_ROOT"/ffmpeg-git-*/ @@ -5047,7 +5049,7 @@ OpensslInstall() kill $progress_pid wait $progress_pid 2> /dev/null ' EXIT - DistCheck + if [ "$dist" == "rpm" ] then yum -y install openssl openssl-devel >/dev/null 2>&1 @@ -5069,7 +5071,7 @@ ImageMagickInstall() wait $progress_pid 2> /dev/null ' EXIT rm -f "$IPTV_ROOT/magick" - DistCheck + if [ "$dist" == "rpm" ] then yum -y install ImageMagick >/dev/null 2>&1 @@ -5102,7 +5104,6 @@ Pdf2htmlInstall() exit 1 fi - DistCheck Progress & progress_pid=$! trap ' @@ -11325,11 +11326,7 @@ SetEncrypt() then if [ ! -f "$NODE_ROOT/index.js" ] then - if [[ ! -x $(command -v mongo) ]] - then - MongodbInstall - fi - + MongodbInstall NodejsConfig fi else @@ -11343,11 +11340,7 @@ SetEncrypt() fi elif [ ! -f "$NODE_ROOT/index.js" ] then - if [[ ! -x $(command -v mongo) ]] - then - MongodbInstall - fi - + MongodbInstall NodejsConfig fi fi @@ -22289,7 +22282,7 @@ ImgcatInstall() kill $progress_pid wait $progress_pid 2> /dev/null ' EXIT - DistCheck + if [ "$dist" == "rpm" ] then yum -y install gcc gcc-c++ make ncurses-devel autoconf libjpeg-turbo-devel libpng-devel >/dev/null 2>&1 @@ -27941,7 +27934,6 @@ XtreamCodesListChnls() $FFMPEG -hide_banner -loglevel debug -user_agent "$user_agent" \ -headers "$headers_command" -cookies "$cookies_command" -i "$stream_link" -ss "$ss" -frames:v 1 "${TMP_FILE}.jpeg" || EXIT_STATUS=$? - DistCheck if [ ! -e "/usr/local/bin/imgcat" ] then ImgcatInstall @@ -28241,28 +28233,178 @@ NginxDomainInstallCert() Println "$info $domain 证书安装成功" } -OpenrestyInstall() +OpenrestyPackageInstall() { + # nc -vz 127.0.0.1 80 + DepInstall lsof + if lsof -Pi :80 -sTCP:LISTEN -t &>/dev/null + then + Println "$error 80 端口被占用, 请先关闭占用端口的程序\n" + return 1 + fi + + DepInstall curl + DepInstall ca-certificates + + ArchCheck + + if [ "$arch" == "arm64" ] + then + arch_path="/arm64" + else + arch_path="" + fi + + . /etc/os-release + + case $dist in + ubu) + DepInstall lsb-release + DepInstall ubuntu-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/openresty.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/openresty/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] https://mirrors.ustc.edu.cn/openresty${arch_path}/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} main" | tee /etc/apt/sources.list.d/openresty.list + else + curl -fsSL https://openresty.org/package/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] http://openresty.org/package${arch_path}/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} main" | tee /etc/apt/sources.list.d/openresty.list + fi + sudo apt-get update + fi + sudo apt-get -y install openresty --no-install-recommends + ;; + deb) + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/openresty.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/openresty/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] https://mirrors.ustc.edu.cn/openresty${arch_path}/debian \ + ${VERSION_CODENAME} openresty" | sudo tee /etc/apt/sources.list.d/openresty.list + else + curl -fsSL https://openresty.org/package/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] http://openresty.org/package${arch_path}/debian \ + ${VERSION_CODENAME} openresty" | sudo tee /etc/apt/sources.list.d/openresty.list + fi + sudo apt-get update + fi + sudo apt-get -y install openresty --no-install-recommends + ;; + rpm) + DepInstall yum-utils + + if [ ! -f /etc/yum.repos.d/openresty.repo ] + then + dist_names=( amazon alinux tlinux oracle rocky fedora centos rhel ) + + for dist_name in "${dist_names[@]}" + do + if grep -qi "$dist_name" <<< "$ID" || grep -qi "$dist_name" <<< "$NAME" + then + case $dist_name in + amazon|alinux|tlinux|oracle|fedora) + curl -s -L https://openresty.org/package/$dist_name/openresty.repo -o /etc/yum.repos.d/openresty.repo + ;; + rocky|centos|rhel) + if [ "${VERSION_ID%%.*}" -gt 8 ] + then + curl -s -L https://openresty.org/package/$dist_name/openresty2.repo -o /etc/yum.repos.d/openresty.repo + else + curl -s -L https://openresty.org/package/$dist_name/openresty.repo -o /etc/yum.repos.d/openresty.repo + fi + ;; + esac + break + fi + done + fi + sudo yum check-update + sudo yum install -y openresty openresty-opm openresty-doc + ;; + *) + Println "$error 不支持的系统\n" + return 1 + ;; + esac + + if ! grep -q "$nginx_name:" < "/etc/passwd" + then + if grep -q '\--group ' < <(adduser --help) + then + adduser "$nginx_name" --system --group --no-create-home > /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi + + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name 安装成功\n" +} + +OpenrestySourceInstall() +{ + local install="更新" + + if [ -z "${1:-}" ] + then + if [[ -x $(command -v $nginx_name) ]] + then + return 0 + fi + install="安装" + elif [[ ! -x $(command -v $nginx_name) ]] + then + install="安装" + fi + DepsCheck - JQInstall >/dev/null - Progress & - progress_pid=$! + echo + pcre_options=( pcre pcre2 ) + inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index - trap ' - kill $progress_pid - wait $progress_pid 2> /dev/null - ' EXIT + Println "$tip 如果选择 openssl, $nginx_name 将不支持 ssl_early_data (0-RTT)" + openssl_options=( openssl@1.1 quictls ) + inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index + + echo + inquirer list_input_index "额外添加编译选项" ny_options ny_index + install_options_selected=() + if [ "$ny_index" -eq 1 ] + then + echo + install_options=( --with-http_iconv_module --with-http_postgres_module --with-http_slice_module ) + inquirer checkbox_input "选择编译选项" install_options install_options_selected + fi cd ~ rm -rf nginx-http-flv-module-master - curl -s -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip + curl -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip + Println "$info 解压 nginx-http-flv-module ..." unzip nginx-http-flv-module.zip >/dev/null 2>&1 #cd nginx-http-flv-module-master - #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch - #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch >/dev/null 2>&1 + #curl -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch #cd ~ latest_release=0 @@ -28281,70 +28423,49 @@ OpenrestyInstall() if [ ! -d "./$openresty_package_name" ] then - curl -s -L "https://openresty.org/download/$openresty_package_name.tar.gz" -o "$openresty_package_name.tar.gz" + curl -L "https://openresty.org/download/$openresty_package_name.tar.gz" -o "$openresty_package_name.tar.gz" + Println "$info 解压 $openresty_package_name ..." tar xzf "$openresty_package_name.tar.gz" fi if [ "$dist" == "rpm" ] then - yum -y install gcc gcc-c++ make >/dev/null 2>&1 - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart crond >/dev/null 2>&1 - #if grep -q "Fedora" < "/etc/redhat-release" - #then - # dnf install -y dnf-plugins-core >/dev/null 2>&1 - # dnf config-manager --add-repo https://openresty.org/package/fedora/openresty.repo >/dev/null 2>&1 - # dnf install -y openresty >/dev/null 2>&1 || true - # dnf install -y openresty-resty >/dev/null 2>&1 - #elif grep -q "Amazon" < "/etc/redhat-release" - #then - # yum install -y yum-utils >/dev/null 2>&1 - # yum-config-manager --add-repo https://openresty.org/package/amazon/openresty.repo >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #elif grep -q "Red Hat" < "/etc/redhat-release" - #then - # wget https://openresty.org/package/rhel/openresty.repo -qO /etc/yum.repos.d/openresty.repo >/dev/null 2>&1 - # yum check-update >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #else - # wget https://openresty.org/package/centos/openresty.repo -qO /etc/yum.repos.d/openresty.repo >/dev/null 2>&1 - # yum check-update >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #fi - #elif [ "$dist" == "ubu" ] - #then - #apt-get -y install ca-certificates >/dev/null 2>&1 - #if ! wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null 2>&1 - #then - # apt-get -y install gnupg >/dev/null 2>&1 - # wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null - #fi - #echo "deb http://openresty.org/package/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/openresty.list - #apt-get update >/dev/null 2>&1 - #apt-get -y install openresty >/dev/null 2>&1 || true + . /etc/os-release + + case ${VERSION_ID%%.*} in + 9) + dnf config-manager --set-enabled crb + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + 8) + dnf config-manager --set-enabled powertools + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + *) + yum install -y epel-release + ;; + esac + + yum groupinstall -y 'Development Tools' + timedatectl set-timezone Asia/Shanghai + systemctl restart crond + yum install -y pcre-devel openssl-devel gcc zlib-devel libpq-devel else - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart cron >/dev/null 2>&1 - apt-get -y install debconf-utils >/dev/null 2>&1 + timedatectl set-timezone Asia/Shanghai + systemctl restart cron + apt-get -y install debconf-utils echo '* libraries/restart-without-asking boolean true' | debconf-set-selections - apt-get -y install perl software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential >/dev/null 2>&1 - #apt-get -y install ca-certificates software-properties-common >/dev/null 2>&1 - #if ! wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null 2>&1 - #then - # apt-get -y install gnupg >/dev/null 2>&1 - # wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null - #fi - #codename=$(grep -Po 'VERSION="[0-9]+ \(\K[^)]+' /etc/os-release) - #echo "deb http://openresty.org/package/debian $codename openresty" > /etc/apt/sources.list.d/openresty.list - #apt-get update >/dev/null 2>&1 - #apt-get -y install openresty >/dev/null 2>&1 || true + apt-get -y install libpcre3-dev perl make software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential libpq-dev fi - echo -n "...40%..." - while IFS= read -r line do if [[ $line =~ \/dev/null 2>&1 + pcre_name=pcre-8.45 + if [ ! -d $pcre_name ] + then + curl -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + else + pcre_name=$(curl -Lm 20 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') + if [ ! -d $pcre_name ] + then + curl -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi fi - openssl_name=openssl-1.1.1n + openssl_url="https://www.openssl.org/source/old" + openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) + + for openssl_ver in "${openssl_vers[@]}" + do + if [ "${openssl_ver%%.*}" -eq 1 ] + then + break + fi + done + + openssl_url="$openssl_url/$openssl_ver" + + openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) + openssl_pack="${openssl_packs[0]}" + openssl_name=${openssl_pack%.tar*} + + if [ "$openssl_options_index" -eq 1 ] + then + openssl_ver=${openssl_name#*-} + openssl_name=openssl-OpenSSL_${openssl_ver//./_}-quic1 + fi if [ ! -d ${openssl_name}-patched ] || [ ! -s ${openssl_name}-patched/openssl-1.1.1f-sess_set_get_cb_yield.patch ] then - rm -rf ${openssl_name} + rm -rf ${openssl_name:-notfound} rm -rf ${openssl_name}-patched - curl -s -L https://www.openssl.org/source/$openssl_name.tar.gz -o $openssl_name.tar.gz - tar xzf $openssl_name.tar.gz - mv $openssl_name $openssl_name-patched - cd $openssl_name-patched - curl -s -L "$FFMPEG_MIRROR_LINK/openssl-1.1.1f-sess_set_get_cb_yield.patch" -o openssl-1.1.1f-sess_set_get_cb_yield.patch - patch -p1 < openssl-1.1.1f-sess_set_get_cb_yield.patch >/dev/null 2>&1 || true + + if [ "$openssl_options_index" -eq 1 ] + then + if ! curl -Lm 30 https://github.com/quictls/openssl/archive/refs/tags/${openssl_name}.tar.gz -o "$openssl_name".tar.gz + then + curl -L "$FFMPEG_MIRROR_LINK/$openssl_name".tar.gz -o "$openssl_name".tar.gz + fi + tar xzf ${openssl_name}.tar.gz + else + curl -L "$openssl_url/$openssl_pack" -o "$openssl_pack" + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_pack" + fi + + mv ${openssl_name} ${openssl_name}-patched + cd ${openssl_name}-patched + + curl -L "$FFMPEG_MIRROR_LINK/openssl-1.1.1f-sess_set_get_cb_yield.patch" -o openssl-1.1.1f-sess_set_get_cb_yield.patch + patch -p1 < openssl-1.1.1f-sess_set_get_cb_yield.patch || true cd ~ fi - echo -n "...60%..." - cd "$openresty_package_name/bundle/ngx_lua-"* - curl -s -L "$FFMPEG_MIRROR_LINK/fix_ngx_lua_resp_get_headers_key_whitespace.patch" -o fix_ngx_lua_resp_get_headers_key_whitespace.patch - patch -p1 < fix_ngx_lua_resp_get_headers_key_whitespace.patch >/dev/null 2>&1 || true + curl -L "$FFMPEG_MIRROR_LINK/fix_ngx_lua_resp_get_headers_key_whitespace.patch" -o fix_ngx_lua_resp_get_headers_key_whitespace.patch + patch -p1 < fix_ngx_lua_resp_get_headers_key_whitespace.patch || true cd ../.. @@ -28396,10 +28562,11 @@ OpenrestyInstall() --with-pcre=../$pcre_name \ --with-pcre-jit \ --with-zlib=../$zlib_name \ - --with-openssl=../$openssl_name-patched \ + --with-openssl=../${openssl_name}-patched \ --with-openssl-opt="no-threads shared zlib -g enable-ssl3 enable-ssl3-method enable-ec_nistp_64_gcc_128" \ --with-http_ssl_module \ --with-http_v2_module \ + --with-http_v3_module \ --without-mail_pop3_module \ --without-mail_imap_module \ --without-mail_smtp_module \ @@ -28421,23 +28588,506 @@ OpenrestyInstall() --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ + --with-ipv6 \ --with-stream \ --with-stream_ssl_preread_module \ --with-stream_ssl_module \ --with-stream_realip_module \ --with-threads \ - --with-luajit-xcflags=-DLUAJIT_NUMMODE=2\ -DLUAJIT_ENABLE_LUA52COMPAT\ -fno-stack-check >/dev/null 2>&1 + --with-luajit-xcflags=-DLUAJIT_NUMMODE=2\ -DLUAJIT_ENABLE_LUA52COMPAT\ -fno-stack-check ${install_options_selected[@]+"${install_options_selected[@]}"} + + nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" + + make $nproc + make install + + ln -sf "$nginx_prefix"/sbin/nginx /usr/local/bin/ + + if ! grep -q "$nginx_name:" < "/etc/passwd" + then + if grep -q '\--group ' < <(adduser --help) + then + adduser "$nginx_name" --system --group --no-create-home > /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi - echo -n "...80%..." + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_processes .*/worker_processes ${nproc:2};/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name ${install}成功\n" +} + +OpenrestyInstall() +{ + if [ -d "$nginx_prefix" ] + then + Println "$error $nginx_name 已经存在 $nginx_prefix !\n" + return 1 + elif [[ -x $(command -v $nginx_name) ]] + then + Println "$error $nginx_name 已经存在 $(command -v $nginx_name), 请先卸载!\n" + return 1 + fi + + Println "$tip 选择快速安装将缺少 nginx-http-flv-module 和 quictls 选择" + openresty_install_options=( "${nginx_name}官方包 (快速安装)" '编译安装' ) + inquirer list_input_index "选择安装方式" openresty_install_options openresty_install_options_index + + if [ "$openresty_install_options_index" -eq 0 ] + then + OpenrestyPackageInstall + return + fi + + OpenrestySourceInstall +} + +OpenrestyUninstall() +{ + if [ ! -d "$nginx_prefix" ] + then + Println "$error $nginx_name 未安装 !\n" + return 1 + fi + + echo + ExitOnList n "`eval_gettext \"确定删除 \\\$nginx_name 包括所有配置文件, 操作不可恢复\"`" + + ServiceControlDisable $nginx_name + + rm -rf "${nginx_prefix%/*}" + + Println "$info $nginx_name 卸载完成\n" +} + +OpenrestyUpdate() +{ + ShFileUpdate "$nginx_name" + + if [ ! -d "$nginx_prefix" ] + then + Println "$error $nginx_name 未安装 !\n" + return 1 + fi + + if [ "$dist" == "rpm" ] && grep -q "$nginx_name" < <(yum list installed) + then + yum update -y "$nginx_name" + elif { [ "$dist" == "deb" ] || [ "$dist" == "ubu" ]; } && dpkg -s "$nginx_name" &> /dev/null + then + apt-get -y install --only-upgrade "$nginx_name" + else + OpenrestySourceInstall update + fi +} + +NginxPackageInstall() +{ + DepInstall curl + DepInstall ca-certificates + + . /etc/os-release + + case $dist in + ubu) + if ! [[ "${VERSION_CODENAME:-$UBUNTU_CODENAME}" =~ focal|jammy|mantic ]] + then + Println "$tip Nginx 官方不支持当前版本 ${VERSION_CODENAME:-$UBUNTU_CODENAME}, 安装可能出错" + fi + DepInstall lsb-release + DepInstall ubuntu-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/nginx.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/nginx/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://mirrors.ustc.edu.cn/nginx/mainline/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} nginx" | tee /etc/apt/sources.list.d/nginx.list + else + curl -fsSL https://nginx.org/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} nginx" | tee /etc/apt/sources.list.d/nginx.list + fi + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx + sudo apt-get update + fi + sudo apt-get -y install nginx + ;; + deb) + if ! [[ "${VERSION_CODENAME}" =~ bullseye|bookworm ]] + then + Println "$tip Nginx 官方不支持当前版本 ${VERSION_CODENAME}, 安装可能出错" + fi + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/nginx.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/nginx/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://mirrors.ustc.edu.cn/nginx/mainline/debian \ + ${VERSION_CODENAME} nginx" | sudo tee /etc/apt/sources.list.d/nginx.list + else + curl -fsSL https://nginx.org/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/debian \ + ${VERSION_CODENAME} nginx" | sudo tee /etc/apt/sources.list.d/nginx.list + fi + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx + sudo apt-get update + fi + sudo apt-get -y install nginx + ;; + rpm) + if [ "${VERSION_ID%%.*}" -eq 7 ] + then + Println "$tip 官方说明: Packages for RHEL 7 and SLES 12 are built without HTTP/3 support because OpenSSL used by those doesn't support TLSv1.3." + fi + + DepInstall yum-utils + + if [ ! -f /etc/yum.repos.d/nginx.repo ] + then + if grep -q Amazon < /etc/os-release + then + if [ "$VERSION" == "2" ] + then +cat > /etc/yum.repos.d/nginx.repo << EOF +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/amzn2/\$releasever/\$basearch/ +gpgcheck=1 +enabled=1 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +priority=9 + +[nginx-mainline] +name=nginx mainline repo +baseurl=http://nginx.org/packages/mainline/amzn2/\$releasever/\$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +priority=9 +EOF + elif [ "$VERSION" == "2023" ] + then +cat > /etc/yum.repos.d/nginx.repo << EOF +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/amzn/2023/\$basearch/ +gpgcheck=1 +enabled=1 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +priority=9 + +[nginx-mainline] +name=nginx mainline repo +baseurl=http://nginx.org/packages/mainline/amzn/2023/\$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +priority=9 +EOF + else + Println "$error 不支持的系统\n" + return 1 + fi + else +cat > /etc/yum.repos.d/nginx.repo << EOF +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/ +gpgcheck=1 +enabled=1 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true + +[nginx-mainline] +name=nginx mainline repo +baseurl=http://nginx.org/packages/mainline/centos/\$releasever/\$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +EOF + fi + fi + sudo yum-config-manager --disable nginx-stable + sudo yum-config-manager --enable nginx-mainline + sudo yum -y install nginx + ;; + *) + Println "$error 不支持的系统\n" + return 1 + ;; + esac + + if [ ! -d "$nginx_prefix" ] + then + mkdir -p "$nginx_prefix"/sbin + mv /usr/sbin/nginx* "$nginx_prefix"/sbin/ + ln -sf /etc/nginx "$nginx_prefix"/conf + ln -sf /var/log/nginx "$nginx_prefix"/logs + ln -sf /usr/share/nginx/html "$nginx_prefix"/html + ln -sf /var/run/nginx.pid "$nginx_prefix"/logs/nginx.pid + for file in "$nginx_prefix"/sbin/* + do +cat > /usr/local/bin/${file##*/} < /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi + + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + sed -i '/conf.d/d' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/var/log/nginx|logs|g' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/var/run|logs|g' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/etc/nginx/||g' "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name 安装成功\n" +} + +NginxSourceInstall() +{ + local install="更新" + + if [ -z "${1:-}" ] + then + if [[ -x $(command -v $nginx_name) ]] + then + return 0 + fi + install="安装" + elif [[ ! -x $(command -v $nginx_name) ]] + then + install="安装" + fi + + DepsCheck + + echo + pcre_options=( pcre pcre2 ) + inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index + + Println "$tip 如果选择 openssl, $nginx_name 将不支持 ssl_early_data (0-RTT)" + openssl_options=( openssl@1.1 openssl@3 quictls ) + inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index + + cd ~ + + rm -rf nginx-http-flv-module-master + curl -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip + Println "$info 解压 nginx-http-flv-module ..." + unzip nginx-http-flv-module.zip >/dev/null 2>&1 + + #cd nginx-http-flv-module-master + #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #cd ~ + + while IFS= read -r line + do + if [[ $line == *"/download/"* ]] + then + nginx_package_name=${line#*/download/} + nginx_package_name=${nginx_package_name%%.tar.gz*} + break + fi + done < <(curl -s -Lm 20 -H "User-Agent: $USER_AGENT_BROWSER" https://nginx.org/en/download.html 2> /dev/null) + + if [ ! -d "./$nginx_package_name" ] + then + curl -L "https://nginx.org/download/$nginx_package_name.tar.gz" -o "$nginx_package_name.tar.gz" + Println "$info 解压 $nginx_package_name ..." + tar xzf "$nginx_package_name.tar.gz" + fi + + if [ "$dist" == "rpm" ] + then + . /etc/os-release + + case ${VERSION_ID%%.*} in + 9) + dnf config-manager --set-enabled crb + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + 8) + dnf config-manager --set-enabled powertools + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + *) + yum install -y epel-release + ;; + esac + + yum groupinstall -y 'Development Tools' + timedatectl set-timezone Asia/Shanghai + systemctl restart crond + yum install -y pcre-devel openssl-devel gcc zlib-devel + else + timedatectl set-timezone Asia/Shanghai + systemctl restart cron + apt-get -y install debconf-utils + echo '* libraries/restart-without-asking boolean true' | debconf-set-selections + apt-get -y install libpcre3-dev perl make software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential + fi + + while IFS= read -r line + do + if [[ $line =~ \ /dev/null) + + if [ ! -d $zlib_name ] + then + curl -L https://www.zlib.net/$zlib_name.tar.gz -o $zlib_name.tar.gz + Println "$info 解压 $zlib_name ..." + tar xzf $zlib_name.tar.gz + fi + + if [ "$pcre_options_index" -eq 0 ] + then + pcre_name=pcre-8.45 + if [ ! -d $pcre_name ] + then + curl -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + else + pcre_name=$(curl -s -Lm 20 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') + if [ ! -d $pcre_name ] + then + curl -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + fi + + if [ "$openssl_options_index" -eq 2 ] + then + openssl_name=openssl-OpenSSL_1_1_1w-quic1 + curl -L "$FFMPEG_MIRROR_LINK/${openssl_name#*-}".tar.gz -o "$openssl_name".tar.gz + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_name".tar.gz + else + if [ "$openssl_options_index" -eq 0 ] + then + openssl_url="https://www.openssl.org/source/old" + openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) + + for openssl_ver in "${openssl_vers[@]}" + do + if [ "${openssl_ver%%.*}" -eq 1 ] + then + break + fi + done + openssl_url="$openssl_url/$openssl_ver" + else + openssl_url="https://www.openssl.org/source" + fi + + openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) + openssl_pack="${openssl_packs[0]}" + openssl_name=${openssl_pack%.tar*} + + if [ ! -d "./$openssl_name" ] + then + curl -L "$openssl_url/$openssl_pack" -o "$openssl_pack" + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_pack" + fi + fi + + cd "$nginx_package_name/" + + ./configure \ + --add-module=../nginx-http-flv-module-master \ + --with-debug \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_dav_module \ + --with-http_degradation_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_mp4_module \ + --with-http_random_index_module \ + --with-http_realip_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ + --with-http_sub_module \ + --with-http_v2_module \ + --with-http_v3_module \ + --with-http_flv_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-pcre=../$pcre_name \ + --with-pcre-jit \ + --with-zlib=../$zlib_name \ + --with-stream \ + --with-stream_realip_module \ + --with-stream_ssl_module \ + --with-stream_ssl_preread_module \ + --with-openssl=../$openssl_name \ + --with-threads nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" - make $nproc >/dev/null 2>&1 - make install >/dev/null 2>&1 - kill $progress_pid - wait $progress_pid 2> /dev/null || true - trap - EXIT - echo "...100%" + make $nproc + make install + + ln -sf "$nginx_prefix"/sbin/nginx /usr/local/bin/ if ! grep -q "$nginx_name:" < "/etc/passwd" then @@ -28460,201 +29110,36 @@ OpenrestyInstall() mkdir -p "$nginx_prefix/html/localhost/" CrossplaneInstall + + Println "$info $nginx_name ${install}成功\n" } NginxInstall() { - echo - pcre_options=( pcre pcre2 ) - inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index - - echo - openssl_options=( openssl@1.1 openssl@3 ) - inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index - - DepsCheck - JQInstall >/dev/null - - Progress & - progress_pid=$! - - trap ' - kill $progress_pid - wait $progress_pid 2> /dev/null - ' EXIT - - cd ~ - - rm -rf nginx-http-flv-module-master - curl -s -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip - unzip nginx-http-flv-module.zip >/dev/null 2>&1 - - #cd nginx-http-flv-module-master - #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch - #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch >/dev/null 2>&1 - #cd ~ - - while IFS= read -r line - do - if [[ $line == *"/download/"* ]] - then - nginx_package_name=${line#*/download/} - nginx_package_name=${nginx_package_name%%.tar.gz*} - break - fi - done < <(curl -s -Lm 20 -H "User-Agent: $USER_AGENT_BROWSER" https://nginx.org/en/download.html 2> /dev/null) - - if [ ! -d "./$nginx_package_name" ] - then - curl -s -L "https://nginx.org/download/$nginx_package_name.tar.gz" -o "$nginx_package_name.tar.gz" - tar xzf "$nginx_package_name.tar.gz" - fi - - if [ "$dist" == "rpm" ] - then - yum -y install gcc gcc-c++ make >/dev/null 2>&1 - # yum groupinstall 'Development Tools' - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart crond >/dev/null 2>&1 - else - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart cron >/dev/null 2>&1 - apt-get -y install debconf-utils >/dev/null 2>&1 - echo '* libraries/restart-without-asking boolean true' | debconf-set-selections - apt-get -y install software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip build-essential gettext >/dev/null 2>&1 - fi - - echo -n "...40%..." - - while IFS= read -r line - do - if [[ $line =~ \ /dev/null) - - if [ ! -d $zlib_name ] - then - curl -s -L https://www.zlib.net/$zlib_name.tar.gz -o $zlib_name.tar.gz - tar xzf $zlib_name.tar.gz - fi - - if [ "$pcre_options_index" -eq 0 ] + if [ -d "$nginx_prefix" ] then - pcre_name=pcre-8.45 - if [ ! -d $pcre_name ] - then - curl -s -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip - unzip $pcre_name.zip >/dev/null 2>&1 - fi - else - pcre_name=$(curl -s -Lm 10 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') - if [ ! -d $pcre_name ] - then - curl -s -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip - unzip $pcre_name.zip >/dev/null 2>&1 - fi - fi - - if [ "$openssl_options_index" -eq 0 ] + Println "$error $nginx_name 已经存在 $nginx_prefix !\n" + return 1 + elif [[ -x $(command -v $nginx_name) ]] then - openssl_url="https://www.openssl.org/source/old" - openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) - - for openssl_ver in "${openssl_vers[@]}" - do - if [ "${openssl_ver%%.*}" -eq 1 ] - then - break - fi - done - openssl_url="$openssl_url/$openssl_ver" - else - openssl_url="https://www.openssl.org/source" + Println "$error $nginx_name 已经存在 $(command -v $nginx_name), 请先卸载!\n" + return 1 fi - openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) - openssl_pack="${openssl_packs[0]}" - openssl_name=${openssl_pack%.tar*} - - if [ ! -d "./$openssl_name" ] + if [ "$dist" != "mac" ] then - curl -s -L "$openssl_url/$openssl_pack" -o "$openssl_pack" - tar xzf "$openssl_pack" - fi - - echo -n "...60%..." - - cd "$nginx_package_name/" - - ./configure \ - --add-module=../nginx-http-flv-module-master \ - --with-debug \ - --with-http_addition_module \ - --with-http_auth_request_module \ - --with-http_dav_module \ - --with-http_degradation_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_mp4_module \ - --with-http_random_index_module \ - --with-http_realip_module \ - --with-http_secure_link_module \ - --with-http_slice_module \ - --with-http_ssl_module \ - --with-http_stub_status_module \ - --with-http_sub_module \ - --with-http_v2_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-pcre=../$pcre_name \ - --with-pcre-jit \ - --with-zlib=../$zlib_name \ - --with-stream \ - --with-stream_realip_module \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-openssl=../$openssl_name \ - --with-threads >/dev/null 2>&1 - - echo -n "...80%..." - - nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" - - make $nproc >/dev/null 2>&1 - make install >/dev/null 2>&1 - - kill $progress_pid - wait $progress_pid 2> /dev/null || true - trap - EXIT - - ln -sf /usr/local/nginx/sbin/nginx /usr/local/bin/ - - echo "...100%" + Println "$tip 选择快速安装将缺少 nginx-http-flv-module 以及 quictls 选择" + nginx_install_options=( "${nginx_name}官方包 (快速安装)" '编译安装' ) + inquirer list_input_index "选择安装方式" nginx_install_options nginx_install_options_index - if ! grep -q "$nginx_name:" < "/etc/passwd" - then - if grep -q '\--group ' < <(adduser --help) + if [ "$nginx_install_options_index" -eq 0 ] then - adduser "$nginx_name" --system --group --no-create-home > /dev/null - else - adduser "$nginx_name" --system --no-create-home > /dev/null + NginxPackageInstall + return fi - usermod -s /usr/sbin/nologin "$nginx_name" fi - sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" - sed -i "s/worker_processes .*/worker_processes ${nproc:2};/" "$nginx_prefix/conf/nginx.conf" - sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" - - mkdir -p "$nginx_prefix/conf/sites_crt/" - mkdir -p "$nginx_prefix/conf/sites_available/" - mkdir -p "$nginx_prefix/conf/sites_enabled/" - mkdir -p "$nginx_prefix/html/localhost/" - - CrossplaneInstall + NginxSourceInstall } NginxUninstall() @@ -28662,7 +29147,7 @@ NginxUninstall() if [ ! -d "$nginx_prefix" ] then Println "$error $nginx_name 未安装 !\n" - exit 1 + return 1 fi echo @@ -28670,11 +29155,17 @@ NginxUninstall() systemctl stop $nginx_name || true - if [ "$nginx_ctl" == "or" ] + DepInstall file + + if file -h "$nginx_prefix/conf" | grep -q 'symbolic link' then - rm -rf "${nginx_prefix%/*}" - else - rm -rf "$nginx_prefix" + if [ "$dist" == "yum" ] + then + yum -y remove "$nginx_name" || true + else + apt-get -y purge nginx* || true + fi + rm -f /usr/local/bin/nginx* fi Println "$info $nginx_name 卸载完成\n" @@ -28687,15 +29178,23 @@ NginxUpdate() if [ ! -d "$nginx_prefix" ] then Println "$error $nginx_name 未安装 !\n" - exit 1 + return 1 fi - echo - ExitOnList n "`eval_gettext \"是否重新编译 \\\$nginx_name\"`" + DepInstall file + + if ! file -h "$nginx_prefix/conf" | grep -q 'symbolic link' + then + NginxSourceInstall update + return + fi - nginx_name_upper=$(tr '[:lower:]' '[:upper:]' <<< "${nginx_name:0:1}")"${nginx_name:1}" - "$nginx_name_upper"Install - Println "$info $nginx_name 升级完成\n" + if [ "$dist" == "rpm" ] + then + yum update -y "$nginx_name" + else + apt-get -y install --only-upgrade "$nginx_name" + fi } NginxViewStatus() @@ -30446,7 +30945,10 @@ NginxCheckLocalhost() NginxAddLocalhost - NginxAddRtmp + if "$NGINX_FILE" -V 2>&1 | grep -qi nginx-http-flv-module + then + NginxAddRtmp + fi if [ "$updated" -eq 1 ] then @@ -32230,25 +32732,30 @@ NginxAddDomain() GitInstall() { - DistCheck - if [ "$dist" == "rpm" ] - then - yum -y install git > /dev/null - elif [ "$dist" == "ubu" ] + if [[ -x $(command -v git) ]] then - add-apt-repository ppa:git-core/ppa -y > /dev/null - AptUpdate - apt-get -y install git > /dev/null - else - apt-get -y install git > /dev/null + return 0 fi - Println "$info git 安装成功...\n" + + Println "$info 安装 git" + + case $dist in + rpm) yum -y install git + ;; + deb) apt-get -y install git + ;; + ubu) + add-apt-repository ppa:git-core/ppa -y + apt-get -y update + apt-get -y install git + ;; + esac + + Println "$info git 安装成功\n" } ResourceLimit() { - DistCheck - if [ ! -e /proc/sys/fs/file-max ] then echo 65536 > /proc/sys/fs/file-max @@ -32593,7 +33100,7 @@ NodejsMenu() exit 1 fi - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" exit 1 @@ -32605,68 +33112,102 @@ NodejsMenu() MongodbInstall() { + if [[ -x $(command -v mongod) ]] + then + return 0 + fi + DepsCheck - Println "$info 安装 mongodb, 请等待(国内可能无法安装)..." + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi - ResourceLimit + DepInstall curl + DepInstall ca-certificates - if [ "$dist" == "rpm" ] + ArchCheck + + if [ "$arch" == "arm64" ] then - ArchCheck - if [ "$arch" == "arm64" ] - then - arch_path="aarch64" - elif [ "$arch" == "x86_64" ] || [ "$arch" == "s390x" ] - then - arch_path="$arch" - else - Println "$error 不支持当前系统\n" - exit 1 - fi + arch_path="aarch64" + elif [ "$arch" == "x86_64" ] || [ "$arch" == "s390x" ] + then + arch_path="$arch" + else + Println "$error 不支持当前系统\n" + return 1 + fi - printf '%s' " -[mongodb-org-4.4] + case $dist in + rpm) + DepInstall yum-utils + if [ ! -f /etc/yum.repos.d/mongodb-org-7.0.repo ] + then + if grep -qi Amazon <<< "$ID" || grep -qi Amazon <<< "$NAME" + then +cat > /etc/yum.repos.d/mongodb-org-7.0.repo < /etc/yum.repos.d/mongodb-org-4.4.repo - - yum install -y mongodb-org >/dev/null 2>&1 - else - AptUpdate - - if ! wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | apt-key add - > /dev/null 2>&1 - then - apt-get -y install gnupg >/dev/null 2>&1 - wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | apt-key add - > /dev/null - fi - - if [ "$dist" == "ubu" ] - then - if grep -q "xenial" < "/etc/apt/sources.list" +gpgkey=https://pgp.mongodb.com/server-7.0.asc +EOF + else +cat > /etc/yum.repos.d/mongodb-org-7.0.repo </dev/null - apt-get install -y mongodb-org >/dev/null 2>&1 - fi + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/mongodb-org-7.0.list ] + then + curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | gpg --batch --yes --dearmor -o /usr/share/keyrings/mongodb-server-7.0.gpg + echo "deb [ signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] http://repo.mongodb.org/apt/debian \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME}/mongodb-org/7.0 main" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list + sudo apt-get update + fi + sudo apt-get -y install mongodb-org + ;; + sles) + sudo zypper addrepo --gpgcheck "https://repo.mongodb.org/zypper/suse/${VERSION_ID%%.*}/mongodb-org/7.0/$arch_path/" mongodb + sudo zypper -n install mongodb-org + ;; + esac if [[ $(ps --no-headers -o comm 1) == "systemd" ]] then @@ -32682,7 +33223,7 @@ gpgkey=https://www.mongodb.org/static/pgp/server-4.4.asc service mongod start fi - Println "$info mongodb 安装成功" + Println "$info mongodb 安装成功\n" } MongodbMenu() @@ -32693,7 +33234,7 @@ MongodbMenu() if [ "$mongodb_options_index" -eq 0 ] then - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" exit 1 @@ -32702,7 +33243,7 @@ MongodbMenu() systemctl --no-pager -l status mongod elif [ "$mongodb_options_index" -eq 1 ] then - if [[ -x $(command -v mongo) ]] + if [[ -x $(command -v mongod) ]] then Println "$error mongodb 已存在\n" exit 1 @@ -32710,7 +33251,7 @@ MongodbMenu() MongodbInstall else - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" exit 1 @@ -32719,8 +33260,6 @@ MongodbMenu() echo ExitOnList n "升级会清除现有 mongodb 配置, 是否继续" - DistCheck - service mongod stop if [ "$dist" == "rpm" ] @@ -36402,7 +36941,7 @@ V2rayListInboundAccountLink() Println "分享链接: ${green}vmess://$vmess_link${normal}\n" echo ExitOnList y "`gettext \"打印二维码\"`" - DistCheck + if [ ! -e "/usr/local/bin/imgcat" ] then ImgcatInstall @@ -47881,7 +48420,6 @@ VipEnable() Println "$info 安装 md5sum..." if [[ ! -x $(command -v gcc) ]] then - DistCheck if [ "$dist" == "rpm" ] then yum -y install gcc gcc-c++ >/dev/null 2>&1 @@ -49103,7 +49641,10 @@ then if [ ! -s "/etc/systemd/system/$nginx_name.service" ] && [ -d "$nginx_prefix" ] then - ResourceLimit + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi cat > /etc/systemd/system/$nginx_name.service < /dev/null || true systemctl daemon-reload systemctl enable "$nginx_name" - systemctl start "$nginx_name" + if ! systemctl start "$nginx_name" + then + Println "$error 端口占用?\n" + fi fi case $* in @@ -49153,12 +49697,6 @@ case $* in nginx_confs=("$nginx_prefix"/conf/sites_available/*) shopt -u nullglob - if [ -z "${nginx_confs:-}" ] - then - Println "$error 请先添加域名 !\n" - exit 1 - fi - nginx_confs=( "$nginx_prefix"/conf/nginx.conf "${nginx_confs[@]}" ) echo @@ -49225,22 +49763,13 @@ esac read -p "`gettext \"输入序号\"` [1-15]: " openresty_num case "$openresty_num" in 1) - if [ -d "$nginx_prefix" ] - then - Println "$error openresty 已经存在 !\n" && exit 1 - fi - - echo - ExitOnList n "`gettext \"因为是编译 openresty, 耗时会很长, 是否继续\"`" - OpenrestyInstall - Println "$info openresty 安装完成\n" ;; 2) - NginxUninstall + OpenrestyUninstall ;; 3) - NginxUpdate + OpenrestyUpdate ;; 4) NginxListDomain @@ -49295,7 +49824,10 @@ then if [ ! -s "/etc/systemd/system/$nginx_name.service" ] && [ -d "$nginx_prefix" ] then - ResourceLimit + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi cat > /etc/systemd/system/$nginx_name.service < /dev/null || true systemctl daemon-reload systemctl enable "$nginx_name" - systemctl start "$nginx_name" + if ! systemctl start "$nginx_name" + then + Println "$error 端口占用?\n" + fi fi case ${1:-} in @@ -49345,12 +49880,6 @@ case ${1:-} in nginx_confs=("$nginx_prefix"/conf/sites_available/*) shopt -u nullglob - if [ -z "${nginx_confs:-}" ] - then - Println "$error 请先添加域名 !\n" - exit 1 - fi - nginx_confs=( "$nginx_prefix"/conf/nginx.conf "${nginx_confs[@]}" ) echo @@ -49422,16 +49951,7 @@ esac read -p "`gettext \"输入序号\"` [1-20]: " nginx_num case "$nginx_num" in 1) - if [ -d "$nginx_prefix" ] - then - Println "$error nginx 已经存在 !\n" && exit 1 - fi - - echo - ExitOnList n "`gettext \"因为是编译 nginx, 耗时会很长, 是否继续\"`" - NginxInstall - Println "$info nginx 安装完成\n" ;; 2) NginxUninstall @@ -49478,7 +49998,6 @@ esac 16) if [[ ! -x $(command -v postfix) ]] then - DistCheck Spinner "安装 postfix" PostfixInstall else echo @@ -51610,7 +52129,6 @@ then fi ;; 6) - DistCheck JQInstall if dnscrypt_version=$(curl -s -Lm 10 "$FFMPEG_MIRROR_LINK/dnscrypt.json" | $JQ_FILE -r '.tag_name') @@ -51780,7 +52298,6 @@ then Println "$info 请在虚拟机内执行 opkg update; opkg install qemu-ga 后关机再开启\n\n如果是在国内, 可以在 openwrt 内执行下面命令加快 opkg 速度\nsed -i 's_http[s]*://downloads.openwrt.org_$FFMPEG_MIRROR_LINK/openwrt_' /etc/opkg/distfeeds.conf\n" ;; 9) - DistCheck JQInstall Println "$tip 请确保已经安装 qemu-guest-agent\n" @@ -51806,7 +52323,6 @@ then Println "$info openwrt-v2ray 安装成功, 请重新登录 openwrt 后台\n" ;; 10) - DistCheck JQInstall Println "$tip 请确保已经安装 qemu-guest-agent\n" @@ -51840,7 +52356,6 @@ then Println "$info 界面语言切换成功\n" ;; 11) - DistCheck JQInstall Println "$tip 请确保已经安装 qemu-guest-agent\n" @@ -51913,7 +52428,6 @@ then Println "$info 切换成功\n" ;; 12) - DistCheck JQInstall Println "$tip 请确保已经安装 qemu-guest-agent\n" @@ -53222,7 +53736,6 @@ then exit 0 ;; "ed"|"editor") - DistCheck DepInstall vim if [ "$dist" == "rpm" ] then @@ -53460,8 +53973,6 @@ then xray_source="${X_CONFIG%/*}" - DistCheck - if [ "$dist" == "mac" ] then systemd_source="$HOME"/Library/LaunchAgents diff --git a/env b/env index 653ca27..1e291aa 100644 --- a/env +++ b/env @@ -18,20 +18,21 @@ indent_20='\r\033[20C' # files SH_LINK=https://woniuzfb.github.io/iptv/iptv.sh +AIOS_PREFIX=/usr/local SH_FALLBACK=cn.epub.fun -SH_FILE=/usr/local/bin/tv -i18n_FILE=/usr/local/bin/tv-i18n -OR_FILE=/usr/local/bin/or -NX_FILE=/usr/local/bin/nx -XC_FILE=/usr/local/bin/cx -ARM_FILE=/usr/local/bin/arm -PVE_FILE=/usr/local/bin/pve +SH_FILE="$AIOS_PREFIX"/bin/tv +i18n_FILE="$AIOS_PREFIX"/bin/tv-i18n +OR_FILE="$AIOS_PREFIX"/bin/or +NX_FILE="$AIOS_PREFIX"/bin/nx +XC_FILE="$AIOS_PREFIX"/bin/cx +ARM_FILE="$AIOS_PREFIX"/bin/arm +PVE_FILE="$AIOS_PREFIX"/bin/pve LOG_FILE="$HOME"/iptv.log -JQ_FILE=/usr/local/bin/jq -YQ_FILE=/usr/local/bin/yq -FFMPEG_FILE=/usr/local/bin/ffmpeg -FFPROBE_FILE=/usr/local/bin/ffprobe -CURL_IMPERSONATE_FILE=/usr/local/bin/curl-impersonate +JQ_FILE="$AIOS_PREFIX"/bin/jq +YQ_FILE="$AIOS_PREFIX"/bin/yq +FFMPEG_FILE="$AIOS_PREFIX"/bin/ffmpeg +FFPROBE_FILE="$AIOS_PREFIX"/bin/ffprobe +CURL_IMPERSONATE_FILE="$AIOS_PREFIX"/bin/curl-impersonate # backup BACKUP_ROOT="$HOME"/iptv_sh_backup @@ -44,7 +45,7 @@ NODE_ROOT="$HOME"/iptv_sh_node NODE_TOUTIAO_LINK=https://raw.githubusercontent.com/woniuzfb/iptv/main/scripts/toutiao # iptv -IPTV_ROOT=/usr/local/iptv +IPTV_ROOT="$AIOS_PREFIX"/iptv FFMPEG_LOG_ROOT="$IPTV_ROOT"/ffmpeg FFMPEG_MIRROR_LINK=http://pngquant.com/ffmpeg FFMPEG_MIRROR_ROOT="$IPTV_ROOT"/ffmpeg @@ -75,18 +76,18 @@ USER_AGENT_TV="Mozilla/5.0 (QtEmbedded; U; Linux; C) AppleWebKit/533.3 (KHTML, l USER_AGENT_PHONE="iPhone; CPU iPhone OS 15_2 like Mac OS X" # v2ray -V2_FILE=/usr/local/bin/v2 +V2_FILE="$AIOS_PREFIX"/bin/v2 V2_LINK=https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh V2_LINK_FALLBACK="$FFMPEG_MIRROR_LINK"/v2ray_install-release.sh -V2CTL_FILE=/usr/local/bin/v2ctl -V2_CONFIG=/usr/local/etc/v2ray/config.json +V2CTL_FILE="$AIOS_PREFIX"/bin/v2ctl +V2_CONFIG="$AIOS_PREFIX"/etc/v2ray/config.json # xray -X_FILE=/usr/local/bin/x -X_CONFIG=/usr/local/etc/xray/config.json +X_FILE="$AIOS_PREFIX"/bin/x +X_CONFIG="$AIOS_PREFIX"/etc/xray/config.json # cloudflare -CF_FILE=/usr/local/bin/cf +CF_FILE="$AIOS_PREFIX"/bin/cf CF_CONFIG="$HOME"/cloudflare.json CF_WORKERS_ROOT="$HOME"/workers CF_WORKERS_FILE="$CF_WORKERS_ROOT"/cloudflare_workers.py @@ -98,7 +99,7 @@ XTREAM_CODES_PROXY_LINK=https://raw.githubusercontent.com/woniuzfb/iptv/main/scr XTREAM_CODES_PROXY_LINK_FALLBACK="$FFMPEG_MIRROR_LINK"/xtream_codes_proxy.js # ibm cf -IBM_FILE=/usr/local/bin/ibm +IBM_FILE="$AIOS_PREFIX"/bin/ibm IBM_APPS_ROOT="$HOME"/ibm_apps IBM_CONFIG="$HOME"/ibm.json @@ -106,23 +107,28 @@ IBM_CONFIG="$HOME"/ibm.json SERVICES_ROOT="$HOME"/iptv_sh_services SERVICES_CONFIG="$SERVICES_ROOT"/config.json +# depends +DEPENDS_ROOT="$SERVICES_ROOT"/depends +AIOS_LINK=https://github.com/woniuzfb/iptv +QUICTLS_LINK=https://github.com/quictls/openssl + # Alist -ALIST_FILE=/usr/local/bin/ali +ALIST_FILE="$AIOS_PREFIX"/bin/ali ALIST_ROOT="$SERVICES_ROOT"/alist ALIST_LINK=https://github.com/alist-org/alist ALIST_LINK_FALLBACK="$FFMPEG_MIRROR_LINK"/alist # LianHuanHua -LIANHUANHUA_FILE=/usr/local/bin/lhh +LIANHUANHUA_FILE="$AIOS_PREFIX"/bin/lhh LIANHUANHUA_ROOT="$SERVICES_ROOT"/lianhuanhua LIANHUANHUA_CONFIG="$LIANHUANHUA_ROOT"/config.json # Rclone -RCLONE_FILE=/usr/local/bin/rc +RCLONE_FILE="$AIOS_PREFIX"/bin/rc RCLONE_ROOT="$SERVICES_ROOT"/rclone # Calibre -CALIBRE_FILE=/usr/local/bin/cw +CALIBRE_FILE="$AIOS_PREFIX"/bin/cw CALIBRE_ROOT="$SERVICES_ROOT"/calibre # Kcc @@ -130,10 +136,6 @@ KCC_ROOT="$CALIBRE_ROOT"/kcc KCC_FILE="$KCC_ROOT"/kcc-c2e.py # docker -DOCKER_FILE=/usr/local/bin/dr +DOCKER_FILE="$AIOS_PREFIX"/bin/dr DOCKER_ROOT="$SERVICES_ROOT"/docker DOCKER_CONFIG="$SERVICES_ROOT"/docker/docker-compose.yml - -# aios -AIOS_LINK=https://github.com/woniuzfb/iptv -AIOS_ROOT="$SERVICES_ROOT"/aios diff --git a/iptv.sh b/iptv.sh index 535cc87..cc4894a 100755 --- a/iptv.sh +++ b/iptv.sh @@ -198,6 +198,8 @@ deb-src http://security.debian.org wheezy/updates main fi deb_fix=0 + sed -i '/deb_fix=/d' "$i18n_FILE" + printf "deb_fix=%s" "$deb_fix" >> "$i18n_FILE" fi } @@ -205,6 +207,7 @@ AptUpdate() { if [ "${apt_updated:-false}" = false ] then + Println "$info 更新软件包列表..." apt-get update --allow-releaseinfo-change >/dev/null apt_updated=true fi @@ -216,8 +219,6 @@ DepInstall() [[ -x $(command -v $dependency) ]] && return 0 - DistCheck - if [ "$dependency" == "gettext" ] || [ "$dependency" == "wget" ] then Println "${green}[INFO]${normal} Installing $dependency, it takes awhile..." @@ -229,12 +230,15 @@ DepInstall() setenforce 0 fi - if yum -y install $dependency >/dev/null 2>&1 + if ! rpm -q $dependency &>/dev/null then - Println "${green}[INFO]${normal} $dependency installation succeed..." - else - Println "${green}[ERROR]${normal} $dependency installation failed...\n" - exit 1 + if yum -y install $dependency &>/dev/null + then + Println "${green}[INFO]${normal} $dependency installation succeed..." + else + Println "${green}[ERROR]${normal} $dependency installation failed...\n" + return 1 + fi fi else if [ "$dist" == "deb" ] @@ -242,22 +246,22 @@ DepInstall() DebFixSources fi - AptUpdate - - if apt-get -y install $dependency >/dev/null 2>&1 + if ! dpkg -s $dependency &>/dev/null then - Println "${green}[INFO]${normal} $dependency installation succeed..." - else - Println "${green}[ERROR]${normal} $dependency installation failed...\n" - exit 1 + AptUpdate + if apt-get -y install $dependency &>/dev/null + then + Println "${green}[INFO]${normal} $dependency installation succeed..." + else + Println "${green}[ERROR]${normal} $dependency installation failed...\n" + return 1 + fi fi fi return 0 fi - Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" - if [ "$dist" == "rpm" ] then if [[ -x $(command -v getenforce) ]] && [ "$(getenforce)" != "Disabled" ] @@ -268,14 +272,27 @@ DepInstall() if [ "$dependency" == "dig" ] then dependency="bind-utils" + elif [ "$dependency" == "hexdump" ] + then + dependency="util-linux" + elif [ "$dependency" == "ss" ] + then + dependency="iproute" + elif [ "$dependency" == "tput" ] + then + dependency="ncurses" fi - if yum -y install $dependency >/dev/null 2>&1 + if ! rpm -q $dependency &>/dev/null then - Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" - else - Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" - exit 1 + Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" + if yum -y install $dependency >/dev/null 2>&1 + then + Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" + else + Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" + return 1 + fi fi else if [ "$dist" == "deb" ] @@ -283,19 +300,31 @@ DepInstall() DebFixSources fi - AptUpdate - if [ "$dependency" == "dig" ] then dependency="dnsutils" + elif [ "$dependency" == "hexdump" ] + then + dependency="bsdmainutils" + elif [ "$dependency" == "ss" ] + then + dependency="iproute2" + elif [ "$dependency" == "tput" ] + then + dependency="ncurses-bin" fi - if apt-get -y install $1 >/dev/null 2>&1 + if ! dpkg -s $dependency &>/dev/null then - Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" - else - Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" - exit 1 + AptUpdate + Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" + if apt-get -y install $1 >/dev/null 2>&1 + then + Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" + else + Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" + return 1 + fi fi fi } @@ -482,8 +511,6 @@ i18nGetMsg() LocaleFix() { - DistCheck - Println "${green}[INFO]${normal} Installing language (locale) support, it takes awhile..." if [ "$dist" == "rpm" ] @@ -528,6 +555,8 @@ eval_gettext() gettext "$1" | (export PATH `envsubst --variables "$1"`; envsubst "$1") } +DistCheck + TEXTDOMAIN=iptv TEXTDOMAINDIR=/usr/share/locale @@ -585,8 +614,6 @@ DepsCheck() return 0 fi - DistCheck - DepInstall tput Spinner "`gettext \"检查依赖, 耗时可能会很长\"`" DepsInstall @@ -603,38 +630,30 @@ DepsInstall() setenforce 0 fi - depends=(wget unzip vim curl crond logrotate patch nscd) + depends=(sudo wget unzip vim curl crond logrotate patch nscd bind-utils util-linux iproute) - if [[ ! -x $(command -v dig) ]] + if [ "${rpm_fix:-1}" -eq 1 ] then - depends+=(bind-utils) - fi - - if [[ ! -x $(command -v hexdump) ]] - then - depends+=(util-linux) - fi - - if [[ ! -x $(command -v ss) ]] - then - depends+=(iproute) + yum -y update ca-certificates &> /dev/null || yum -y reinstall ca-certificates &> /dev/null + rpm_fix=0 + sed -i '/rpm_fix=/d' "$i18n_FILE" + printf "rpm_fix=%s" "$rpm_fix" >> "$i18n_FILE" fi for depend in "${depends[@]}" do - if [[ ! -x $(command -v "$depend") ]] + [[ -x $(command -v $depend) ]] && continue + if ! rpm -q "$depend" &> /dev/null then - if yum -y install "$depend" >/dev/null 2>&1 + if yum -y install "$depend" &> /dev/null then Println "`eval_gettext \"\\\$info 依赖 \\\$depend 安装成功\"`" else Println "`eval_gettext \"\\\$error 依赖 \\\$depend 安装失败\"`\n" - exit 1 + return 1 fi fi done - - yum -y update ca-certificates >/dev/null 2>&1 || yum -y reinstall ca-certificates >/dev/null 2>&1 else if [ "$dist" == "deb" ] then @@ -643,30 +662,19 @@ DepsInstall() AptUpdate - apt-get -y install ca-certificates >/dev/null 2>&1 - - depends=(wget unzip vim curl cron ufw python3 logrotate patch nscd) - - if [[ ! -x $(command -v dig) ]] - then - depends+=(dnsutils) - fi - - if [[ ! -x $(command -v hexdump) ]] - then - depends+=(bsdmainutils) - fi + depends=(ca-certificates sudo wget unzip vim curl cron ufw python3 logrotate patch nscd dnsutils bsdmainutils) for depend in "${depends[@]}" do - if [[ ! -x $(command -v "$depend") ]] + [[ -x $(command -v $depend) ]] && continue + if ! dpkg -s "$depend" &> /dev/null then - if apt-get -y install "$depend" >/dev/null 2>&1 + if apt-get -y install "$depend" &> /dev/null then Println "`eval_gettext \"\\\$info 依赖 \\\$depend 安装成功\"`" else Println "`eval_gettext \"\\\$error 依赖 \\\$depend 安装失败\"`\n" - exit 1 + return 1 fi fi done @@ -3112,8 +3120,6 @@ PythonInstall() return 0 fi - DistCheck - Println "`eval_gettext \"\\\$info 安装 python3 ...\"`" Progress & @@ -4350,8 +4356,6 @@ CurlImpersonateCompile() GoInstall - DistCheck - if [ "$dist" == "rpm" ] then yum groupinstall -y "Development Tools" @@ -4651,8 +4655,6 @@ Update() reinstall_ffmpeg_yn="Y" fi - DistCheck - if [[ ${reinstall_ffmpeg_yn:-N} == [Yy] ]] then rm -rf "$IPTV_ROOT"/ffmpeg-git-*/ @@ -5047,7 +5049,7 @@ OpensslInstall() kill $progress_pid wait $progress_pid 2> /dev/null ' EXIT - DistCheck + if [ "$dist" == "rpm" ] then yum -y install openssl openssl-devel >/dev/null 2>&1 @@ -5069,7 +5071,7 @@ ImageMagickInstall() wait $progress_pid 2> /dev/null ' EXIT rm -f "$IPTV_ROOT/magick" - DistCheck + if [ "$dist" == "rpm" ] then yum -y install ImageMagick >/dev/null 2>&1 @@ -5102,7 +5104,6 @@ Pdf2htmlInstall() exit 1 fi - DistCheck Progress & progress_pid=$! trap ' @@ -11325,11 +11326,7 @@ SetEncrypt() then if [ ! -f "$NODE_ROOT/index.js" ] then - if [[ ! -x $(command -v mongo) ]] - then - MongodbInstall - fi - + MongodbInstall NodejsConfig fi else @@ -11343,11 +11340,7 @@ SetEncrypt() fi elif [ ! -f "$NODE_ROOT/index.js" ] then - if [[ ! -x $(command -v mongo) ]] - then - MongodbInstall - fi - + MongodbInstall NodejsConfig fi fi @@ -22289,7 +22282,7 @@ ImgcatInstall() kill $progress_pid wait $progress_pid 2> /dev/null ' EXIT - DistCheck + if [ "$dist" == "rpm" ] then yum -y install gcc gcc-c++ make ncurses-devel autoconf libjpeg-turbo-devel libpng-devel >/dev/null 2>&1 @@ -27941,7 +27934,6 @@ XtreamCodesListChnls() $FFMPEG -hide_banner -loglevel debug -user_agent "$user_agent" \ -headers "$headers_command" -cookies "$cookies_command" -i "$stream_link" -ss "$ss" -frames:v 1 "${TMP_FILE}.jpeg" || EXIT_STATUS=$? - DistCheck if [ ! -e "/usr/local/bin/imgcat" ] then ImgcatInstall @@ -28241,28 +28233,178 @@ NginxDomainInstallCert() Println "$info $domain 证书安装成功" } -OpenrestyInstall() +OpenrestyPackageInstall() { + # nc -vz 127.0.0.1 80 + DepInstall lsof + if lsof -Pi :80 -sTCP:LISTEN -t &>/dev/null + then + Println "$error 80 端口被占用, 请先关闭占用端口的程序\n" + return 1 + fi + + DepInstall curl + DepInstall ca-certificates + + ArchCheck + + if [ "$arch" == "arm64" ] + then + arch_path="/arm64" + else + arch_path="" + fi + + . /etc/os-release + + case $dist in + ubu) + DepInstall lsb-release + DepInstall ubuntu-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/openresty.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/openresty/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] https://mirrors.ustc.edu.cn/openresty${arch_path}/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} main" | tee /etc/apt/sources.list.d/openresty.list + else + curl -fsSL https://openresty.org/package/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] http://openresty.org/package${arch_path}/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} main" | tee /etc/apt/sources.list.d/openresty.list + fi + sudo apt-get update + fi + sudo apt-get -y install openresty --no-install-recommends + ;; + deb) + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/openresty.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/openresty/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] https://mirrors.ustc.edu.cn/openresty${arch_path}/debian \ + ${VERSION_CODENAME} openresty" | sudo tee /etc/apt/sources.list.d/openresty.list + else + curl -fsSL https://openresty.org/package/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] http://openresty.org/package${arch_path}/debian \ + ${VERSION_CODENAME} openresty" | sudo tee /etc/apt/sources.list.d/openresty.list + fi + sudo apt-get update + fi + sudo apt-get -y install openresty --no-install-recommends + ;; + rpm) + DepInstall yum-utils + + if [ ! -f /etc/yum.repos.d/openresty.repo ] + then + dist_names=( amazon alinux tlinux oracle rocky fedora centos rhel ) + + for dist_name in "${dist_names[@]}" + do + if grep -qi "$dist_name" <<< "$ID" || grep -qi "$dist_name" <<< "$NAME" + then + case $dist_name in + amazon|alinux|tlinux|oracle|fedora) + curl -s -L https://openresty.org/package/$dist_name/openresty.repo -o /etc/yum.repos.d/openresty.repo + ;; + rocky|centos|rhel) + if [ "${VERSION_ID%%.*}" -gt 8 ] + then + curl -s -L https://openresty.org/package/$dist_name/openresty2.repo -o /etc/yum.repos.d/openresty.repo + else + curl -s -L https://openresty.org/package/$dist_name/openresty.repo -o /etc/yum.repos.d/openresty.repo + fi + ;; + esac + break + fi + done + fi + sudo yum check-update + sudo yum install -y openresty openresty-opm openresty-doc + ;; + *) + Println "$error 不支持的系统\n" + return 1 + ;; + esac + + if ! grep -q "$nginx_name:" < "/etc/passwd" + then + if grep -q '\--group ' < <(adduser --help) + then + adduser "$nginx_name" --system --group --no-create-home > /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi + + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name 安装成功\n" +} + +OpenrestySourceInstall() +{ + local install="更新" + + if [ -z "${1:-}" ] + then + if [[ -x $(command -v $nginx_name) ]] + then + return 0 + fi + install="安装" + elif [[ ! -x $(command -v $nginx_name) ]] + then + install="安装" + fi + DepsCheck - JQInstall >/dev/null - Progress & - progress_pid=$! + echo + pcre_options=( pcre pcre2 ) + inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index - trap ' - kill $progress_pid - wait $progress_pid 2> /dev/null - ' EXIT + Println "$tip 如果选择 openssl, $nginx_name 将不支持 ssl_early_data (0-RTT)" + openssl_options=( openssl@1.1 quictls ) + inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index + + echo + inquirer list_input_index "额外添加编译选项" ny_options ny_index + install_options_selected=() + if [ "$ny_index" -eq 1 ] + then + echo + install_options=( --with-http_iconv_module --with-http_postgres_module --with-http_slice_module ) + inquirer checkbox_input "选择编译选项" install_options install_options_selected + fi cd ~ rm -rf nginx-http-flv-module-master - curl -s -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip + curl -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip + Println "$info 解压 nginx-http-flv-module ..." unzip nginx-http-flv-module.zip >/dev/null 2>&1 #cd nginx-http-flv-module-master - #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch - #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch >/dev/null 2>&1 + #curl -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch #cd ~ latest_release=0 @@ -28281,70 +28423,49 @@ OpenrestyInstall() if [ ! -d "./$openresty_package_name" ] then - curl -s -L "https://openresty.org/download/$openresty_package_name.tar.gz" -o "$openresty_package_name.tar.gz" + curl -L "https://openresty.org/download/$openresty_package_name.tar.gz" -o "$openresty_package_name.tar.gz" + Println "$info 解压 $openresty_package_name ..." tar xzf "$openresty_package_name.tar.gz" fi if [ "$dist" == "rpm" ] then - yum -y install gcc gcc-c++ make >/dev/null 2>&1 - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart crond >/dev/null 2>&1 - #if grep -q "Fedora" < "/etc/redhat-release" - #then - # dnf install -y dnf-plugins-core >/dev/null 2>&1 - # dnf config-manager --add-repo https://openresty.org/package/fedora/openresty.repo >/dev/null 2>&1 - # dnf install -y openresty >/dev/null 2>&1 || true - # dnf install -y openresty-resty >/dev/null 2>&1 - #elif grep -q "Amazon" < "/etc/redhat-release" - #then - # yum install -y yum-utils >/dev/null 2>&1 - # yum-config-manager --add-repo https://openresty.org/package/amazon/openresty.repo >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #elif grep -q "Red Hat" < "/etc/redhat-release" - #then - # wget https://openresty.org/package/rhel/openresty.repo -qO /etc/yum.repos.d/openresty.repo >/dev/null 2>&1 - # yum check-update >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #else - # wget https://openresty.org/package/centos/openresty.repo -qO /etc/yum.repos.d/openresty.repo >/dev/null 2>&1 - # yum check-update >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #fi - #elif [ "$dist" == "ubu" ] - #then - #apt-get -y install ca-certificates >/dev/null 2>&1 - #if ! wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null 2>&1 - #then - # apt-get -y install gnupg >/dev/null 2>&1 - # wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null - #fi - #echo "deb http://openresty.org/package/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/openresty.list - #apt-get update >/dev/null 2>&1 - #apt-get -y install openresty >/dev/null 2>&1 || true + . /etc/os-release + + case ${VERSION_ID%%.*} in + 9) + dnf config-manager --set-enabled crb + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + 8) + dnf config-manager --set-enabled powertools + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + *) + yum install -y epel-release + ;; + esac + + yum groupinstall -y 'Development Tools' + timedatectl set-timezone Asia/Shanghai + systemctl restart crond + yum install -y pcre-devel openssl-devel gcc zlib-devel libpq-devel else - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart cron >/dev/null 2>&1 - apt-get -y install debconf-utils >/dev/null 2>&1 + timedatectl set-timezone Asia/Shanghai + systemctl restart cron + apt-get -y install debconf-utils echo '* libraries/restart-without-asking boolean true' | debconf-set-selections - apt-get -y install perl software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential >/dev/null 2>&1 - #apt-get -y install ca-certificates software-properties-common >/dev/null 2>&1 - #if ! wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null 2>&1 - #then - # apt-get -y install gnupg >/dev/null 2>&1 - # wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null - #fi - #codename=$(grep -Po 'VERSION="[0-9]+ \(\K[^)]+' /etc/os-release) - #echo "deb http://openresty.org/package/debian $codename openresty" > /etc/apt/sources.list.d/openresty.list - #apt-get update >/dev/null 2>&1 - #apt-get -y install openresty >/dev/null 2>&1 || true + apt-get -y install libpcre3-dev perl make software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential libpq-dev fi - echo -n "...40%..." - while IFS= read -r line do if [[ $line =~ \/dev/null 2>&1 + pcre_name=pcre-8.45 + if [ ! -d $pcre_name ] + then + curl -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + else + pcre_name=$(curl -Lm 20 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') + if [ ! -d $pcre_name ] + then + curl -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi fi - openssl_name=openssl-1.1.1n + openssl_url="https://www.openssl.org/source/old" + openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) + + for openssl_ver in "${openssl_vers[@]}" + do + if [ "${openssl_ver%%.*}" -eq 1 ] + then + break + fi + done + + openssl_url="$openssl_url/$openssl_ver" + + openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) + openssl_pack="${openssl_packs[0]}" + openssl_name=${openssl_pack%.tar*} + + if [ "$openssl_options_index" -eq 1 ] + then + openssl_ver=${openssl_name#*-} + openssl_name=openssl-OpenSSL_${openssl_ver//./_}-quic1 + fi if [ ! -d ${openssl_name}-patched ] || [ ! -s ${openssl_name}-patched/openssl-1.1.1f-sess_set_get_cb_yield.patch ] then - rm -rf ${openssl_name} + rm -rf ${openssl_name:-notfound} rm -rf ${openssl_name}-patched - curl -s -L https://www.openssl.org/source/$openssl_name.tar.gz -o $openssl_name.tar.gz - tar xzf $openssl_name.tar.gz - mv $openssl_name $openssl_name-patched - cd $openssl_name-patched - curl -s -L "$FFMPEG_MIRROR_LINK/openssl-1.1.1f-sess_set_get_cb_yield.patch" -o openssl-1.1.1f-sess_set_get_cb_yield.patch - patch -p1 < openssl-1.1.1f-sess_set_get_cb_yield.patch >/dev/null 2>&1 || true + + if [ "$openssl_options_index" -eq 1 ] + then + if ! curl -Lm 30 https://github.com/quictls/openssl/archive/refs/tags/${openssl_name}.tar.gz -o "$openssl_name".tar.gz + then + curl -L "$FFMPEG_MIRROR_LINK/$openssl_name".tar.gz -o "$openssl_name".tar.gz + fi + tar xzf ${openssl_name}.tar.gz + else + curl -L "$openssl_url/$openssl_pack" -o "$openssl_pack" + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_pack" + fi + + mv ${openssl_name} ${openssl_name}-patched + cd ${openssl_name}-patched + + curl -L "$FFMPEG_MIRROR_LINK/openssl-1.1.1f-sess_set_get_cb_yield.patch" -o openssl-1.1.1f-sess_set_get_cb_yield.patch + patch -p1 < openssl-1.1.1f-sess_set_get_cb_yield.patch || true cd ~ fi - echo -n "...60%..." - cd "$openresty_package_name/bundle/ngx_lua-"* - curl -s -L "$FFMPEG_MIRROR_LINK/fix_ngx_lua_resp_get_headers_key_whitespace.patch" -o fix_ngx_lua_resp_get_headers_key_whitespace.patch - patch -p1 < fix_ngx_lua_resp_get_headers_key_whitespace.patch >/dev/null 2>&1 || true + curl -L "$FFMPEG_MIRROR_LINK/fix_ngx_lua_resp_get_headers_key_whitespace.patch" -o fix_ngx_lua_resp_get_headers_key_whitespace.patch + patch -p1 < fix_ngx_lua_resp_get_headers_key_whitespace.patch || true cd ../.. @@ -28396,10 +28562,11 @@ OpenrestyInstall() --with-pcre=../$pcre_name \ --with-pcre-jit \ --with-zlib=../$zlib_name \ - --with-openssl=../$openssl_name-patched \ + --with-openssl=../${openssl_name}-patched \ --with-openssl-opt="no-threads shared zlib -g enable-ssl3 enable-ssl3-method enable-ec_nistp_64_gcc_128" \ --with-http_ssl_module \ --with-http_v2_module \ + --with-http_v3_module \ --without-mail_pop3_module \ --without-mail_imap_module \ --without-mail_smtp_module \ @@ -28421,23 +28588,506 @@ OpenrestyInstall() --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ + --with-ipv6 \ --with-stream \ --with-stream_ssl_preread_module \ --with-stream_ssl_module \ --with-stream_realip_module \ --with-threads \ - --with-luajit-xcflags=-DLUAJIT_NUMMODE=2\ -DLUAJIT_ENABLE_LUA52COMPAT\ -fno-stack-check >/dev/null 2>&1 + --with-luajit-xcflags=-DLUAJIT_NUMMODE=2\ -DLUAJIT_ENABLE_LUA52COMPAT\ -fno-stack-check ${install_options_selected[@]+"${install_options_selected[@]}"} + + nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" + + make $nproc + make install + + ln -sf "$nginx_prefix"/sbin/nginx /usr/local/bin/ + + if ! grep -q "$nginx_name:" < "/etc/passwd" + then + if grep -q '\--group ' < <(adduser --help) + then + adduser "$nginx_name" --system --group --no-create-home > /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi - echo -n "...80%..." + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_processes .*/worker_processes ${nproc:2};/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name ${install}成功\n" +} + +OpenrestyInstall() +{ + if [ -d "$nginx_prefix" ] + then + Println "$error $nginx_name 已经存在 $nginx_prefix !\n" + return 1 + elif [[ -x $(command -v $nginx_name) ]] + then + Println "$error $nginx_name 已经存在 $(command -v $nginx_name), 请先卸载!\n" + return 1 + fi + + Println "$tip 选择快速安装将缺少 nginx-http-flv-module 和 quictls 选择" + openresty_install_options=( "${nginx_name}官方包 (快速安装)" '编译安装' ) + inquirer list_input_index "选择安装方式" openresty_install_options openresty_install_options_index + + if [ "$openresty_install_options_index" -eq 0 ] + then + OpenrestyPackageInstall + return + fi + + OpenrestySourceInstall +} + +OpenrestyUninstall() +{ + if [ ! -d "$nginx_prefix" ] + then + Println "$error $nginx_name 未安装 !\n" + return 1 + fi + + echo + ExitOnList n "`eval_gettext \"确定删除 \\\$nginx_name 包括所有配置文件, 操作不可恢复\"`" + + ServiceControlDisable $nginx_name + + rm -rf "${nginx_prefix%/*}" + + Println "$info $nginx_name 卸载完成\n" +} + +OpenrestyUpdate() +{ + ShFileUpdate "$nginx_name" + + if [ ! -d "$nginx_prefix" ] + then + Println "$error $nginx_name 未安装 !\n" + return 1 + fi + + if [ "$dist" == "rpm" ] && grep -q "$nginx_name" < <(yum list installed) + then + yum update -y "$nginx_name" + elif { [ "$dist" == "deb" ] || [ "$dist" == "ubu" ]; } && dpkg -s "$nginx_name" &> /dev/null + then + apt-get -y install --only-upgrade "$nginx_name" + else + OpenrestySourceInstall update + fi +} + +NginxPackageInstall() +{ + DepInstall curl + DepInstall ca-certificates + + . /etc/os-release + + case $dist in + ubu) + if ! [[ "${VERSION_CODENAME:-$UBUNTU_CODENAME}" =~ focal|jammy|mantic ]] + then + Println "$tip Nginx 官方不支持当前版本 ${VERSION_CODENAME:-$UBUNTU_CODENAME}, 安装可能出错" + fi + DepInstall lsb-release + DepInstall ubuntu-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/nginx.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/nginx/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://mirrors.ustc.edu.cn/nginx/mainline/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} nginx" | tee /etc/apt/sources.list.d/nginx.list + else + curl -fsSL https://nginx.org/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} nginx" | tee /etc/apt/sources.list.d/nginx.list + fi + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx + sudo apt-get update + fi + sudo apt-get -y install nginx + ;; + deb) + if ! [[ "${VERSION_CODENAME}" =~ bullseye|bookworm ]] + then + Println "$tip Nginx 官方不支持当前版本 ${VERSION_CODENAME}, 安装可能出错" + fi + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/nginx.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/nginx/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://mirrors.ustc.edu.cn/nginx/mainline/debian \ + ${VERSION_CODENAME} nginx" | sudo tee /etc/apt/sources.list.d/nginx.list + else + curl -fsSL https://nginx.org/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/debian \ + ${VERSION_CODENAME} nginx" | sudo tee /etc/apt/sources.list.d/nginx.list + fi + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx + sudo apt-get update + fi + sudo apt-get -y install nginx + ;; + rpm) + if [ "${VERSION_ID%%.*}" -eq 7 ] + then + Println "$tip 官方说明: Packages for RHEL 7 and SLES 12 are built without HTTP/3 support because OpenSSL used by those doesn't support TLSv1.3." + fi + + DepInstall yum-utils + + if [ ! -f /etc/yum.repos.d/nginx.repo ] + then + if grep -q Amazon < /etc/os-release + then + if [ "$VERSION" == "2" ] + then +cat > /etc/yum.repos.d/nginx.repo << EOF +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/amzn2/\$releasever/\$basearch/ +gpgcheck=1 +enabled=1 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +priority=9 + +[nginx-mainline] +name=nginx mainline repo +baseurl=http://nginx.org/packages/mainline/amzn2/\$releasever/\$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +priority=9 +EOF + elif [ "$VERSION" == "2023" ] + then +cat > /etc/yum.repos.d/nginx.repo << EOF +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/amzn/2023/\$basearch/ +gpgcheck=1 +enabled=1 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +priority=9 + +[nginx-mainline] +name=nginx mainline repo +baseurl=http://nginx.org/packages/mainline/amzn/2023/\$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +priority=9 +EOF + else + Println "$error 不支持的系统\n" + return 1 + fi + else +cat > /etc/yum.repos.d/nginx.repo << EOF +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/ +gpgcheck=1 +enabled=1 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true + +[nginx-mainline] +name=nginx mainline repo +baseurl=http://nginx.org/packages/mainline/centos/\$releasever/\$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true +EOF + fi + fi + sudo yum-config-manager --disable nginx-stable + sudo yum-config-manager --enable nginx-mainline + sudo yum -y install nginx + ;; + *) + Println "$error 不支持的系统\n" + return 1 + ;; + esac + + if [ ! -d "$nginx_prefix" ] + then + mkdir -p "$nginx_prefix"/sbin + mv /usr/sbin/nginx* "$nginx_prefix"/sbin/ + ln -sf /etc/nginx "$nginx_prefix"/conf + ln -sf /var/log/nginx "$nginx_prefix"/logs + ln -sf /usr/share/nginx/html "$nginx_prefix"/html + ln -sf /var/run/nginx.pid "$nginx_prefix"/logs/nginx.pid + for file in "$nginx_prefix"/sbin/* + do +cat > /usr/local/bin/${file##*/} < /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi + + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + sed -i '/conf.d/d' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/var/log/nginx|logs|g' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/var/run|logs|g' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/etc/nginx/||g' "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name 安装成功\n" +} + +NginxSourceInstall() +{ + local install="更新" + + if [ -z "${1:-}" ] + then + if [[ -x $(command -v $nginx_name) ]] + then + return 0 + fi + install="安装" + elif [[ ! -x $(command -v $nginx_name) ]] + then + install="安装" + fi + + DepsCheck + + echo + pcre_options=( pcre pcre2 ) + inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index + + Println "$tip 如果选择 openssl, $nginx_name 将不支持 ssl_early_data (0-RTT)" + openssl_options=( openssl@1.1 openssl@3 quictls ) + inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index + + cd ~ + + rm -rf nginx-http-flv-module-master + curl -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip + Println "$info 解压 nginx-http-flv-module ..." + unzip nginx-http-flv-module.zip >/dev/null 2>&1 + + #cd nginx-http-flv-module-master + #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #cd ~ + + while IFS= read -r line + do + if [[ $line == *"/download/"* ]] + then + nginx_package_name=${line#*/download/} + nginx_package_name=${nginx_package_name%%.tar.gz*} + break + fi + done < <(curl -s -Lm 20 -H "User-Agent: $USER_AGENT_BROWSER" https://nginx.org/en/download.html 2> /dev/null) + + if [ ! -d "./$nginx_package_name" ] + then + curl -L "https://nginx.org/download/$nginx_package_name.tar.gz" -o "$nginx_package_name.tar.gz" + Println "$info 解压 $nginx_package_name ..." + tar xzf "$nginx_package_name.tar.gz" + fi + + if [ "$dist" == "rpm" ] + then + . /etc/os-release + + case ${VERSION_ID%%.*} in + 9) + dnf config-manager --set-enabled crb + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + 8) + dnf config-manager --set-enabled powertools + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + *) + yum install -y epel-release + ;; + esac + + yum groupinstall -y 'Development Tools' + timedatectl set-timezone Asia/Shanghai + systemctl restart crond + yum install -y pcre-devel openssl-devel gcc zlib-devel + else + timedatectl set-timezone Asia/Shanghai + systemctl restart cron + apt-get -y install debconf-utils + echo '* libraries/restart-without-asking boolean true' | debconf-set-selections + apt-get -y install libpcre3-dev perl make software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential + fi + + while IFS= read -r line + do + if [[ $line =~ \ /dev/null) + + if [ ! -d $zlib_name ] + then + curl -L https://www.zlib.net/$zlib_name.tar.gz -o $zlib_name.tar.gz + Println "$info 解压 $zlib_name ..." + tar xzf $zlib_name.tar.gz + fi + + if [ "$pcre_options_index" -eq 0 ] + then + pcre_name=pcre-8.45 + if [ ! -d $pcre_name ] + then + curl -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + else + pcre_name=$(curl -s -Lm 20 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') + if [ ! -d $pcre_name ] + then + curl -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + fi + + if [ "$openssl_options_index" -eq 2 ] + then + openssl_name=openssl-OpenSSL_1_1_1w-quic1 + curl -L "$FFMPEG_MIRROR_LINK/${openssl_name#*-}".tar.gz -o "$openssl_name".tar.gz + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_name".tar.gz + else + if [ "$openssl_options_index" -eq 0 ] + then + openssl_url="https://www.openssl.org/source/old" + openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) + + for openssl_ver in "${openssl_vers[@]}" + do + if [ "${openssl_ver%%.*}" -eq 1 ] + then + break + fi + done + openssl_url="$openssl_url/$openssl_ver" + else + openssl_url="https://www.openssl.org/source" + fi + + openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) + openssl_pack="${openssl_packs[0]}" + openssl_name=${openssl_pack%.tar*} + + if [ ! -d "./$openssl_name" ] + then + curl -L "$openssl_url/$openssl_pack" -o "$openssl_pack" + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_pack" + fi + fi + + cd "$nginx_package_name/" + + ./configure \ + --add-module=../nginx-http-flv-module-master \ + --with-debug \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_dav_module \ + --with-http_degradation_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_mp4_module \ + --with-http_random_index_module \ + --with-http_realip_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ + --with-http_sub_module \ + --with-http_v2_module \ + --with-http_v3_module \ + --with-http_flv_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-pcre=../$pcre_name \ + --with-pcre-jit \ + --with-zlib=../$zlib_name \ + --with-stream \ + --with-stream_realip_module \ + --with-stream_ssl_module \ + --with-stream_ssl_preread_module \ + --with-openssl=../$openssl_name \ + --with-threads nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" - make $nproc >/dev/null 2>&1 - make install >/dev/null 2>&1 - kill $progress_pid - wait $progress_pid 2> /dev/null || true - trap - EXIT - echo "...100%" + make $nproc + make install + + ln -sf "$nginx_prefix"/sbin/nginx /usr/local/bin/ if ! grep -q "$nginx_name:" < "/etc/passwd" then @@ -28460,201 +29110,36 @@ OpenrestyInstall() mkdir -p "$nginx_prefix/html/localhost/" CrossplaneInstall + + Println "$info $nginx_name ${install}成功\n" } NginxInstall() { - echo - pcre_options=( pcre pcre2 ) - inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index - - echo - openssl_options=( openssl@1.1 openssl@3 ) - inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index - - DepsCheck - JQInstall >/dev/null - - Progress & - progress_pid=$! - - trap ' - kill $progress_pid - wait $progress_pid 2> /dev/null - ' EXIT - - cd ~ - - rm -rf nginx-http-flv-module-master - curl -s -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip - unzip nginx-http-flv-module.zip >/dev/null 2>&1 - - #cd nginx-http-flv-module-master - #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch - #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch >/dev/null 2>&1 - #cd ~ - - while IFS= read -r line - do - if [[ $line == *"/download/"* ]] - then - nginx_package_name=${line#*/download/} - nginx_package_name=${nginx_package_name%%.tar.gz*} - break - fi - done < <(curl -s -Lm 20 -H "User-Agent: $USER_AGENT_BROWSER" https://nginx.org/en/download.html 2> /dev/null) - - if [ ! -d "./$nginx_package_name" ] - then - curl -s -L "https://nginx.org/download/$nginx_package_name.tar.gz" -o "$nginx_package_name.tar.gz" - tar xzf "$nginx_package_name.tar.gz" - fi - - if [ "$dist" == "rpm" ] - then - yum -y install gcc gcc-c++ make >/dev/null 2>&1 - # yum groupinstall 'Development Tools' - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart crond >/dev/null 2>&1 - else - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart cron >/dev/null 2>&1 - apt-get -y install debconf-utils >/dev/null 2>&1 - echo '* libraries/restart-without-asking boolean true' | debconf-set-selections - apt-get -y install software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip build-essential gettext >/dev/null 2>&1 - fi - - echo -n "...40%..." - - while IFS= read -r line - do - if [[ $line =~ \ /dev/null) - - if [ ! -d $zlib_name ] - then - curl -s -L https://www.zlib.net/$zlib_name.tar.gz -o $zlib_name.tar.gz - tar xzf $zlib_name.tar.gz - fi - - if [ "$pcre_options_index" -eq 0 ] + if [ -d "$nginx_prefix" ] then - pcre_name=pcre-8.45 - if [ ! -d $pcre_name ] - then - curl -s -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip - unzip $pcre_name.zip >/dev/null 2>&1 - fi - else - pcre_name=$(curl -s -Lm 10 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') - if [ ! -d $pcre_name ] - then - curl -s -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip - unzip $pcre_name.zip >/dev/null 2>&1 - fi - fi - - if [ "$openssl_options_index" -eq 0 ] + Println "$error $nginx_name 已经存在 $nginx_prefix !\n" + return 1 + elif [[ -x $(command -v $nginx_name) ]] then - openssl_url="https://www.openssl.org/source/old" - openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) - - for openssl_ver in "${openssl_vers[@]}" - do - if [ "${openssl_ver%%.*}" -eq 1 ] - then - break - fi - done - openssl_url="$openssl_url/$openssl_ver" - else - openssl_url="https://www.openssl.org/source" + Println "$error $nginx_name 已经存在 $(command -v $nginx_name), 请先卸载!\n" + return 1 fi - openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) - openssl_pack="${openssl_packs[0]}" - openssl_name=${openssl_pack%.tar*} - - if [ ! -d "./$openssl_name" ] + if [ "$dist" != "mac" ] then - curl -s -L "$openssl_url/$openssl_pack" -o "$openssl_pack" - tar xzf "$openssl_pack" - fi - - echo -n "...60%..." - - cd "$nginx_package_name/" - - ./configure \ - --add-module=../nginx-http-flv-module-master \ - --with-debug \ - --with-http_addition_module \ - --with-http_auth_request_module \ - --with-http_dav_module \ - --with-http_degradation_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_mp4_module \ - --with-http_random_index_module \ - --with-http_realip_module \ - --with-http_secure_link_module \ - --with-http_slice_module \ - --with-http_ssl_module \ - --with-http_stub_status_module \ - --with-http_sub_module \ - --with-http_v2_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-pcre=../$pcre_name \ - --with-pcre-jit \ - --with-zlib=../$zlib_name \ - --with-stream \ - --with-stream_realip_module \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-openssl=../$openssl_name \ - --with-threads >/dev/null 2>&1 - - echo -n "...80%..." - - nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" - - make $nproc >/dev/null 2>&1 - make install >/dev/null 2>&1 - - kill $progress_pid - wait $progress_pid 2> /dev/null || true - trap - EXIT - - ln -sf /usr/local/nginx/sbin/nginx /usr/local/bin/ - - echo "...100%" + Println "$tip 选择快速安装将缺少 nginx-http-flv-module 以及 quictls 选择" + nginx_install_options=( "${nginx_name}官方包 (快速安装)" '编译安装' ) + inquirer list_input_index "选择安装方式" nginx_install_options nginx_install_options_index - if ! grep -q "$nginx_name:" < "/etc/passwd" - then - if grep -q '\--group ' < <(adduser --help) + if [ "$nginx_install_options_index" -eq 0 ] then - adduser "$nginx_name" --system --group --no-create-home > /dev/null - else - adduser "$nginx_name" --system --no-create-home > /dev/null + NginxPackageInstall + return fi - usermod -s /usr/sbin/nologin "$nginx_name" fi - sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" - sed -i "s/worker_processes .*/worker_processes ${nproc:2};/" "$nginx_prefix/conf/nginx.conf" - sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" - - mkdir -p "$nginx_prefix/conf/sites_crt/" - mkdir -p "$nginx_prefix/conf/sites_available/" - mkdir -p "$nginx_prefix/conf/sites_enabled/" - mkdir -p "$nginx_prefix/html/localhost/" - - CrossplaneInstall + NginxSourceInstall } NginxUninstall() @@ -28662,7 +29147,7 @@ NginxUninstall() if [ ! -d "$nginx_prefix" ] then Println "$error $nginx_name 未安装 !\n" - exit 1 + return 1 fi echo @@ -28670,11 +29155,17 @@ NginxUninstall() systemctl stop $nginx_name || true - if [ "$nginx_ctl" == "or" ] + DepInstall file + + if file -h "$nginx_prefix/conf" | grep -q 'symbolic link' then - rm -rf "${nginx_prefix%/*}" - else - rm -rf "$nginx_prefix" + if [ "$dist" == "yum" ] + then + yum -y remove "$nginx_name" || true + else + apt-get -y purge nginx* || true + fi + rm -f /usr/local/bin/nginx* fi Println "$info $nginx_name 卸载完成\n" @@ -28687,15 +29178,23 @@ NginxUpdate() if [ ! -d "$nginx_prefix" ] then Println "$error $nginx_name 未安装 !\n" - exit 1 + return 1 fi - echo - ExitOnList n "`eval_gettext \"是否重新编译 \\\$nginx_name\"`" + DepInstall file + + if ! file -h "$nginx_prefix/conf" | grep -q 'symbolic link' + then + NginxSourceInstall update + return + fi - nginx_name_upper=$(tr '[:lower:]' '[:upper:]' <<< "${nginx_name:0:1}")"${nginx_name:1}" - "$nginx_name_upper"Install - Println "$info $nginx_name 升级完成\n" + if [ "$dist" == "rpm" ] + then + yum update -y "$nginx_name" + else + apt-get -y install --only-upgrade "$nginx_name" + fi } NginxViewStatus() @@ -30446,7 +30945,10 @@ NginxCheckLocalhost() NginxAddLocalhost - NginxAddRtmp + if "$NGINX_FILE" -V 2>&1 | grep -qi nginx-http-flv-module + then + NginxAddRtmp + fi if [ "$updated" -eq 1 ] then @@ -32230,25 +32732,30 @@ NginxAddDomain() GitInstall() { - DistCheck - if [ "$dist" == "rpm" ] - then - yum -y install git > /dev/null - elif [ "$dist" == "ubu" ] + if [[ -x $(command -v git) ]] then - add-apt-repository ppa:git-core/ppa -y > /dev/null - AptUpdate - apt-get -y install git > /dev/null - else - apt-get -y install git > /dev/null + return 0 fi - Println "$info git 安装成功...\n" + + Println "$info 安装 git" + + case $dist in + rpm) yum -y install git + ;; + deb) apt-get -y install git + ;; + ubu) + add-apt-repository ppa:git-core/ppa -y + apt-get -y update + apt-get -y install git + ;; + esac + + Println "$info git 安装成功\n" } ResourceLimit() { - DistCheck - if [ ! -e /proc/sys/fs/file-max ] then echo 65536 > /proc/sys/fs/file-max @@ -32593,7 +33100,7 @@ NodejsMenu() exit 1 fi - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" exit 1 @@ -32605,68 +33112,102 @@ NodejsMenu() MongodbInstall() { + if [[ -x $(command -v mongod) ]] + then + return 0 + fi + DepsCheck - Println "$info 安装 mongodb, 请等待(国内可能无法安装)..." + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi - ResourceLimit + DepInstall curl + DepInstall ca-certificates - if [ "$dist" == "rpm" ] + ArchCheck + + if [ "$arch" == "arm64" ] then - ArchCheck - if [ "$arch" == "arm64" ] - then - arch_path="aarch64" - elif [ "$arch" == "x86_64" ] || [ "$arch" == "s390x" ] - then - arch_path="$arch" - else - Println "$error 不支持当前系统\n" - exit 1 - fi + arch_path="aarch64" + elif [ "$arch" == "x86_64" ] || [ "$arch" == "s390x" ] + then + arch_path="$arch" + else + Println "$error 不支持当前系统\n" + return 1 + fi - printf '%s' " -[mongodb-org-4.4] + case $dist in + rpm) + DepInstall yum-utils + if [ ! -f /etc/yum.repos.d/mongodb-org-7.0.repo ] + then + if grep -qi Amazon <<< "$ID" || grep -qi Amazon <<< "$NAME" + then +cat > /etc/yum.repos.d/mongodb-org-7.0.repo < /etc/yum.repos.d/mongodb-org-4.4.repo - - yum install -y mongodb-org >/dev/null 2>&1 - else - AptUpdate - - if ! wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | apt-key add - > /dev/null 2>&1 - then - apt-get -y install gnupg >/dev/null 2>&1 - wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | apt-key add - > /dev/null - fi - - if [ "$dist" == "ubu" ] - then - if grep -q "xenial" < "/etc/apt/sources.list" +gpgkey=https://pgp.mongodb.com/server-7.0.asc +EOF + else +cat > /etc/yum.repos.d/mongodb-org-7.0.repo </dev/null - apt-get install -y mongodb-org >/dev/null 2>&1 - fi + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/mongodb-org-7.0.list ] + then + curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | gpg --batch --yes --dearmor -o /usr/share/keyrings/mongodb-server-7.0.gpg + echo "deb [ signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] http://repo.mongodb.org/apt/debian \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME}/mongodb-org/7.0 main" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list + sudo apt-get update + fi + sudo apt-get -y install mongodb-org + ;; + sles) + sudo zypper addrepo --gpgcheck "https://repo.mongodb.org/zypper/suse/${VERSION_ID%%.*}/mongodb-org/7.0/$arch_path/" mongodb + sudo zypper -n install mongodb-org + ;; + esac if [[ $(ps --no-headers -o comm 1) == "systemd" ]] then @@ -32682,7 +33223,7 @@ gpgkey=https://www.mongodb.org/static/pgp/server-4.4.asc service mongod start fi - Println "$info mongodb 安装成功" + Println "$info mongodb 安装成功\n" } MongodbMenu() @@ -32693,7 +33234,7 @@ MongodbMenu() if [ "$mongodb_options_index" -eq 0 ] then - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" exit 1 @@ -32702,7 +33243,7 @@ MongodbMenu() systemctl --no-pager -l status mongod elif [ "$mongodb_options_index" -eq 1 ] then - if [[ -x $(command -v mongo) ]] + if [[ -x $(command -v mongod) ]] then Println "$error mongodb 已存在\n" exit 1 @@ -32710,7 +33251,7 @@ MongodbMenu() MongodbInstall else - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" exit 1 @@ -32719,8 +33260,6 @@ MongodbMenu() echo ExitOnList n "升级会清除现有 mongodb 配置, 是否继续" - DistCheck - service mongod stop if [ "$dist" == "rpm" ] @@ -36402,7 +36941,7 @@ V2rayListInboundAccountLink() Println "分享链接: ${green}vmess://$vmess_link${normal}\n" echo ExitOnList y "`gettext \"打印二维码\"`" - DistCheck + if [ ! -e "/usr/local/bin/imgcat" ] then ImgcatInstall @@ -47881,7 +48420,6 @@ VipEnable() Println "$info 安装 md5sum..." if [[ ! -x $(command -v gcc) ]] then - DistCheck if [ "$dist" == "rpm" ] then yum -y install gcc gcc-c++ >/dev/null 2>&1 @@ -49103,7 +49641,10 @@ then if [ ! -s "/etc/systemd/system/$nginx_name.service" ] && [ -d "$nginx_prefix" ] then - ResourceLimit + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi cat > /etc/systemd/system/$nginx_name.service < /dev/null || true systemctl daemon-reload systemctl enable "$nginx_name" - systemctl start "$nginx_name" + if ! systemctl start "$nginx_name" + then + Println "$error 端口占用?\n" + fi fi case $* in @@ -49153,12 +49697,6 @@ case $* in nginx_confs=("$nginx_prefix"/conf/sites_available/*) shopt -u nullglob - if [ -z "${nginx_confs:-}" ] - then - Println "$error 请先添加域名 !\n" - exit 1 - fi - nginx_confs=( "$nginx_prefix"/conf/nginx.conf "${nginx_confs[@]}" ) echo @@ -49225,22 +49763,13 @@ esac read -p "`gettext \"输入序号\"` [1-15]: " openresty_num case "$openresty_num" in 1) - if [ -d "$nginx_prefix" ] - then - Println "$error openresty 已经存在 !\n" && exit 1 - fi - - echo - ExitOnList n "`gettext \"因为是编译 openresty, 耗时会很长, 是否继续\"`" - OpenrestyInstall - Println "$info openresty 安装完成\n" ;; 2) - NginxUninstall + OpenrestyUninstall ;; 3) - NginxUpdate + OpenrestyUpdate ;; 4) NginxListDomain @@ -49295,7 +49824,10 @@ then if [ ! -s "/etc/systemd/system/$nginx_name.service" ] && [ -d "$nginx_prefix" ] then - ResourceLimit + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi cat > /etc/systemd/system/$nginx_name.service < /dev/null || true systemctl daemon-reload systemctl enable "$nginx_name" - systemctl start "$nginx_name" + if ! systemctl start "$nginx_name" + then + Println "$error 端口占用?\n" + fi fi case ${1:-} in @@ -49345,12 +49880,6 @@ case ${1:-} in nginx_confs=("$nginx_prefix"/conf/sites_available/*) shopt -u nullglob - if [ -z "${nginx_confs:-}" ] - then - Println "$error 请先添加域名 !\n" - exit 1 - fi - nginx_confs=( "$nginx_prefix"/conf/nginx.conf "${nginx_confs[@]}" ) echo @@ -49422,16 +49951,7 @@ esac read -p "`gettext \"输入序号\"` [1-20]: " nginx_num case "$nginx_num" in 1) - if [ -d "$nginx_prefix" ] - then - Println "$error nginx 已经存在 !\n" && exit 1 - fi - - echo - ExitOnList n "`gettext \"因为是编译 nginx, 耗时会很长, 是否继续\"`" - NginxInstall - Println "$info nginx 安装完成\n" ;; 2) NginxUninstall @@ -49478,7 +49998,6 @@ esac 16) if [[ ! -x $(command -v postfix) ]] then - DistCheck Spinner "安装 postfix" PostfixInstall else echo @@ -51610,7 +52129,6 @@ then fi ;; 6) - DistCheck JQInstall if dnscrypt_version=$(curl -s -Lm 10 "$FFMPEG_MIRROR_LINK/dnscrypt.json" | $JQ_FILE -r '.tag_name') @@ -51780,7 +52298,6 @@ then Println "$info 请在虚拟机内执行 opkg update; opkg install qemu-ga 后关机再开启\n\n如果是在国内, 可以在 openwrt 内执行下面命令加快 opkg 速度\nsed -i 's_http[s]*://downloads.openwrt.org_$FFMPEG_MIRROR_LINK/openwrt_' /etc/opkg/distfeeds.conf\n" ;; 9) - DistCheck JQInstall Println "$tip 请确保已经安装 qemu-guest-agent\n" @@ -51806,7 +52323,6 @@ then Println "$info openwrt-v2ray 安装成功, 请重新登录 openwrt 后台\n" ;; 10) - DistCheck JQInstall Println "$tip 请确保已经安装 qemu-guest-agent\n" @@ -51840,7 +52356,6 @@ then Println "$info 界面语言切换成功\n" ;; 11) - DistCheck JQInstall Println "$tip 请确保已经安装 qemu-guest-agent\n" @@ -51913,7 +52428,6 @@ then Println "$info 切换成功\n" ;; 12) - DistCheck JQInstall Println "$tip 请确保已经安装 qemu-guest-agent\n" @@ -53222,7 +53736,6 @@ then exit 0 ;; "ed"|"editor") - DistCheck DepInstall vim if [ "$dist" == "rpm" ] then @@ -53460,8 +53973,6 @@ then xray_source="${X_CONFIG%/*}" - DistCheck - if [ "$dist" == "mac" ] then systemd_source="$HOME"/Library/LaunchAgents diff --git a/src/docker/crt b/src/docker/crt index cf739cf..f2a61f8 100644 --- a/src/docker/crt +++ b/src/docker/crt @@ -12,15 +12,16 @@ DockerCrtManage() { if [ ! -d "$DOCKER_ROOT" ] then - if [ ! -d "$AIOS_ROOT" ] + if [ ! -d "$DEPENDS_ROOT"/aios ] then + mkdir -p "$DEPENDS_ROOT" GitInstall - git clone "$AIOS_LINK" "$AIOS_ROOT" + git clone "$AIOS_LINK" "$DEPENDS_ROOT"/aios else - cd "$AIOS_ROOT" - git pull + cd "$DEPENDS_ROOT"/aios + git fetch --all && git reset --hard origin/main fi - cp -r "$AIOS_ROOT"/scripts/docker "$DOCKER_ROOT" + cp -r "$DEPENDS_ROOT"/aios/scripts/docker "$DOCKER_ROOT" fi echo diff --git a/src/iptv/cmd_backup b/src/iptv/cmd_backup index 0e9172c..88f33ed 100644 --- a/src/iptv/cmd_backup +++ b/src/iptv/cmd_backup @@ -137,6 +137,7 @@ services_excludes_before=( venv/ node_modules/ .git/ + /depends/ /calibre/bin/ /calibre/kcc/ ) diff --git a/src/iptv/set_stream b/src/iptv/set_stream index 293e03d..c2d3c72 100644 --- a/src/iptv/set_stream +++ b/src/iptv/set_stream @@ -702,11 +702,7 @@ SetEncrypt() then if [ ! -f "$NODE_ROOT/index.js" ] then - if [[ ! -x $(command -v mongo) ]] - then - MongodbInstall - fi - + MongodbInstall NodejsConfig fi else @@ -720,11 +716,7 @@ SetEncrypt() fi elif [ ! -f "$NODE_ROOT/index.js" ] then - if [[ ! -x $(command -v mongo) ]] - then - MongodbInstall - fi - + MongodbInstall NodejsConfig fi fi diff --git a/src/nginx/check_localhost b/src/nginx/check_localhost index fedfb1f..8f54ff7 100644 --- a/src/nginx/check_localhost +++ b/src/nginx/check_localhost @@ -121,7 +121,10 @@ NginxCheckLocalhost() NginxAddLocalhost - NginxAddRtmp + if "$NGINX_FILE" -V 2>&1 | grep -qi nginx-http-flv-module + then + NginxAddRtmp + fi if [ "$updated" -eq 1 ] then diff --git a/src/nginx/install b/src/nginx/install new file mode 100644 index 0000000..461a44c --- /dev/null +++ b/src/nginx/install @@ -0,0 +1,595 @@ +NginxPackageInstall() +{ + DepInstall curl + DepInstall ca-certificates + + . /etc/os-release + + case $dist in + ubu) + if ! [[ "${VERSION_CODENAME:-$UBUNTU_CODENAME}" =~ focal|jammy|mantic ]] + then + Println "$tip Nginx 官方不支持当前版本 ${VERSION_CODENAME:-$UBUNTU_CODENAME}, 安装可能出错" + fi + DepInstall lsb-release + DepInstall ubuntu-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/nginx.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/nginx/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://mirrors.ustc.edu.cn/nginx/mainline/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} nginx" | tee /etc/apt/sources.list.d/nginx.list + else + curl -fsSL https://nginx.org/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} nginx" | tee /etc/apt/sources.list.d/nginx.list + fi + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx + sudo apt-get update + fi + sudo apt-get -y install nginx + ;; + deb) + if ! [[ "${VERSION_CODENAME}" =~ bullseye|bookworm ]] + then + Println "$tip Nginx 官方不支持当前版本 ${VERSION_CODENAME}, 安装可能出错" + fi + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/nginx.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/nginx/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://mirrors.ustc.edu.cn/nginx/mainline/debian \ + ${VERSION_CODENAME} nginx" | sudo tee /etc/apt/sources.list.d/nginx.list + else + curl -fsSL https://nginx.org/keys/nginx_signing.key | gpg --batch --yes --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/mainline/debian \ + ${VERSION_CODENAME} nginx" | sudo tee /etc/apt/sources.list.d/nginx.list + fi + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx + sudo apt-get update + fi + sudo apt-get -y install nginx + ;; + rpm) + if [ "${VERSION_ID%%.*}" -eq 7 ] + then + Println "$tip 官方说明: Packages for RHEL 7 and SLES 12 are built without HTTP/3 support because OpenSSL used by those doesn't support TLSv1.3." + fi + + DepInstall yum-utils + + if [ ! -f /etc/yum.repos.d/nginx.repo ] + then + if grep -q Amazon < /etc/os-release + then + if [ "$VERSION" == "2" ] + then +cat > /etc/yum.repos.d/nginx.repo < /etc/yum.repos.d/nginx.repo < /etc/yum.repos.d/nginx.repo < "$AIOS_PREFIX"/bin/${file##*/} < /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi + + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + sed -i '/conf.d/d' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/var/log/nginx|logs|g' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/var/run|logs|g' "$nginx_prefix/conf/nginx.conf" + sed -i 's|/etc/nginx/||g' "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name 安装成功\n" +} + +NginxSourceInstall() +{ + local install="更新" + + if [ -z "${1:-}" ] + then + if [[ -x $(command -v $nginx_name) ]] + then + return 0 + fi + install="安装" + elif [[ ! -x $(command -v $nginx_name) ]] + then + install="安装" + fi + + DepsCheck + + echo + pcre_options=( pcre pcre2 ) + inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index + + Println "$tip 如果选择 openssl, $nginx_name 将不支持 ssl_early_data (0-RTT)" + openssl_options=( openssl@1.1 openssl@3 quictls ) + inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index + + if [ "$dist" == "mac" ] && [ ! -d "$nginx_prefix" ] + then + Println "$info 建立目录 "$nginx_prefix", 可能需要输入密码\n" + sudo mkdir "$nginx_prefix" + sudo chown $USER "$nginx_prefix" + fi + + mkdir -p "$DEPENDS_ROOT" + cd "$DEPENDS_ROOT" + + rm -rf nginx-http-flv-module-master + curl -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip + Println "$info 解压 nginx-http-flv-module ..." + unzip nginx-http-flv-module.zip >/dev/null 2>&1 + + #cd nginx-http-flv-module-master + #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #cd "$DEPENDS_ROOT" + + while IFS= read -r line + do + if [[ $line == *"/download/"* ]] + then + nginx_package_name=${line#*/download/} + nginx_package_name=${nginx_package_name%%.tar.gz*} + break + fi + done < <(curl -s -Lm 20 -H "User-Agent: $USER_AGENT_BROWSER" https://nginx.org/en/download.html 2> /dev/null) + + if [ ! -d "./$nginx_package_name" ] + then + curl -L "https://nginx.org/download/$nginx_package_name.tar.gz" -o "$nginx_package_name.tar.gz" + Println "$info 解压 $nginx_package_name ..." + tar xzf "$nginx_package_name.tar.gz" + fi + + if [ "$dist" == "mac" ] + then + DepInstall "${pcre_options[pcre_options_index]}" + DepInstall zlib + + cc_opt="-I$HOMEBREW_PREFIX/opt/${pcre_options[pcre_options_index]}/include -I$HOMEBREW_PREFIX/opt/zlib/include" + ld_opt="-I$HOMEBREW_PREFIX/opt/${pcre_options[pcre_options_index]}/lib -L$HOMEBREW_PREFIX/opt/zlib/lib" + + if [ "$openssl_options_index" -eq 2 ] + then + QuictlsInstall + cc_opt="$cc_opt -I$DEPENDS_ROOT/quictls/build/include" + ld_opt="$ld_opt -L$DEPENDS_ROOT/quictls/build/lib" + else + DepInstall "${openssl_options[openssl_options_index]}" + cc_opt="$cc_opt -I$HOMEBREW_PREFIX/opt/${openssl_options[openssl_options_index]}/include" + ld_opt="$ld_opt -L$HOMEBREW_PREFIX/opt/${openssl_options[openssl_options_index]}/lib" + fi + + cd "$DEPENDS_ROOT/$nginx_package_name/" + + ./configure \ + --with-cc-opt="$cc_opt" \ + --with-ld-opt="$ld_opt" \ + --add-module=../nginx-http-flv-module-master \ + --with-debug \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_dav_module \ + --with-http_degradation_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_mp4_module \ + --with-http_random_index_module \ + --with-http_realip_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ + --with-http_sub_module \ + --with-http_v2_module \ + --with-http_v3_module \ + --with-http_flv_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-pcre \ + --with-pcre-jit \ + --with-stream \ + --with-stream_realip_module \ + --with-stream_ssl_module \ + --with-stream_ssl_preread_module \ + --with-threads + else + if [ "$dist" == "rpm" ] + then + . /etc/os-release + + case ${VERSION_ID%%.*} in + 9) + dnf config-manager --set-enabled crb + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + 8) + dnf config-manager --set-enabled powertools + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + *) + yum install -y epel-release + ;; + esac + + yum groupinstall -y 'Development Tools' + timedatectl set-timezone Asia/Shanghai + systemctl restart crond + yum install -y pcre-devel openssl-devel gcc zlib-devel + else + timedatectl set-timezone Asia/Shanghai + systemctl restart cron + apt-get -y install debconf-utils + echo '* libraries/restart-without-asking boolean true' | debconf-set-selections + apt-get -y install libpcre3-dev perl make software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential + fi + + while IFS= read -r line + do + if [[ $line =~ \ /dev/null) + + if [ ! -d $zlib_name ] + then + curl -L https://www.zlib.net/$zlib_name.tar.gz -o $zlib_name.tar.gz + Println "$info 解压 $zlib_name ..." + tar xzf $zlib_name.tar.gz + fi + + if [ "$pcre_options_index" -eq 0 ] + then + pcre_name=pcre-8.45 + if [ ! -d $pcre_name ] + then + curl -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + else + pcre_name=$(curl -s -Lm 20 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') + if [ ! -d $pcre_name ] + then + curl -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + fi + + if [ "$openssl_options_index" -eq 2 ] + then + openssl_name=openssl-OpenSSL_1_1_1w-quic1 + curl -L "$FFMPEG_MIRROR_LINK/${openssl_name#*-}".tar.gz -o "$openssl_name".tar.gz + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_name".tar.gz + else + if [ "$openssl_options_index" -eq 0 ] + then + openssl_url="https://www.openssl.org/source/old" + openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) + + for openssl_ver in "${openssl_vers[@]}" + do + if [ "${openssl_ver%%.*}" -eq 1 ] + then + break + fi + done + openssl_url="$openssl_url/$openssl_ver" + else + openssl_url="https://www.openssl.org/source" + fi + + openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) + openssl_pack="${openssl_packs[0]}" + openssl_name=${openssl_pack%.tar*} + + if [ ! -d "./$openssl_name" ] + then + curl -L "$openssl_url/$openssl_pack" -o "$openssl_pack" + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_pack" + fi + fi + + cd "$nginx_package_name/" + + ./configure \ + --add-module=../nginx-http-flv-module-master \ + --with-debug \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_dav_module \ + --with-http_degradation_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_mp4_module \ + --with-http_random_index_module \ + --with-http_realip_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ + --with-http_sub_module \ + --with-http_v2_module \ + --with-http_v3_module \ + --with-http_flv_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-pcre=../$pcre_name \ + --with-pcre-jit \ + --with-zlib=../$zlib_name \ + --with-stream \ + --with-stream_realip_module \ + --with-stream_ssl_module \ + --with-stream_ssl_preread_module \ + --with-openssl=../$openssl_name \ + --with-threads + fi + + nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" + + make $nproc + make install + + ln -sf "$nginx_prefix"/sbin/nginx "$AIOS_PREFIX"/bin/ + + if [ "$dist" != "mac" ] + then + if ! grep -q "$nginx_name:" < "/etc/passwd" + then + if grep -q '\--group ' < <(adduser --help) + then + adduser "$nginx_name" --system --group --no-create-home > /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi + + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + fi + + sed -i "s/worker_processes .*/worker_processes ${nproc:2};/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name ${install}成功\n" +} + +NginxInstall() +{ + if [ -d "$nginx_prefix" ] + then + Println "$error $nginx_name 已经存在 $nginx_prefix !\n" + return 1 + elif [[ -x $(command -v $nginx_name) ]] + then + Println "$error $nginx_name 已经存在 $(command -v $nginx_name), 请先卸载!\n" + return 1 + fi + + if [ "$dist" != "mac" ] + then + Println "$tip 选择快速安装将缺少 nginx-http-flv-module 以及 quictls 选择" + nginx_install_options=( "${nginx_name}官方包 (快速安装)" '编译安装' ) + inquirer list_input_index "选择安装方式" nginx_install_options nginx_install_options_index + + if [ "$nginx_install_options_index" -eq 0 ] + then + NginxPackageInstall + return + fi + fi + + NginxSourceInstall +} + +NginxUninstall() +{ + if [ ! -d "$nginx_prefix" ] + then + Println "$error $nginx_name 未安装 !\n" + return 1 + fi + + echo + ExitOnList n "`eval_gettext \"确定删除 \\\$nginx_name 包括所有配置文件, 操作不可恢复\"`" + + ServiceControlDisable $nginx_name + + DepInstall file + + if file -h "$nginx_prefix/conf" | grep -q 'symbolic link' + then + if [ "$dist" == "yum" ] + then + yum -y remove "$nginx_name" || true + else + apt-get -y purge nginx* || true + fi + rm -f /usr/local/bin/nginx* + fi + + rm -rf "$nginx_prefix" + + Println "$info $nginx_name 卸载完成\n" +} + +NginxUpdate() +{ + ShFileUpdate "$nginx_name" + + if [ ! -d "$nginx_prefix" ] + then + Println "$error $nginx_name 未安装 !\n" + return 1 + fi + + DepInstall file + + if ! file -h "$nginx_prefix/conf" | grep -q 'symbolic link' + then + NginxSourceInstall update + return + fi + + if [ "$dist" == "rpm" ] + then + yum update -y "$nginx_name" + else + apt-get -y install --only-upgrade "$nginx_name" + fi +} diff --git a/src/nginx/menu_mongodb b/src/nginx/menu_mongodb index 1566a91..c3c4ef1 100644 --- a/src/nginx/menu_mongodb +++ b/src/nginx/menu_mongodb @@ -6,27 +6,27 @@ MongodbMenu() if [ "$mongodb_options_index" -eq 0 ] then - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" - exit 1 + return 1 fi systemctl --no-pager -l status mongod elif [ "$mongodb_options_index" -eq 1 ] then - if [[ -x $(command -v mongo) ]] + if [[ -x $(command -v mongod) ]] then Println "$error mongodb 已存在\n" - exit 1 + return 1 fi MongodbInstall else - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" - exit 1 + return 1 fi echo diff --git a/src/nginx/menu_nodejs b/src/nginx/menu_nodejs index 62db26d..ba79a63 100644 --- a/src/nginx/menu_nodejs +++ b/src/nginx/menu_nodejs @@ -37,7 +37,7 @@ NodejsMenu() exit 1 fi - if [[ ! -x $(command -v mongo) ]] + if [[ ! -x $(command -v mongod) ]] then Println "$error 请先安装 mongodb\n" exit 1 diff --git a/src/nginx/sites_crt b/src/nginx/sites_crt index 025c87b..85d857b 100644 --- a/src/nginx/sites_crt +++ b/src/nginx/sites_crt @@ -2,16 +2,16 @@ NginxSitesCrtInstall() { local domain=$1 - if [ -e "/usr/local/nginx/conf/sites_crt/$domain.crt" ] && [ -d /usr/local/openresty/nginx/conf ] && [ ! -e "/usr/local/openresty/nginx/conf/sites_crt/$domain.crt" ] + if [ -e "$AIOS_PREFIX/nginx/conf/sites_crt/$domain.crt" ] && [ -d "$AIOS_PREFIX"/openresty/nginx/conf ] && [ ! -e "$AIOS_PREFIX/openresty/nginx/conf/sites_crt/$domain.crt" ] then - mkdir -p /usr/local/openresty/nginx/conf/sites_crt - ln "/usr/local/nginx/conf/sites_crt/$domain.crt" "/usr/local/openresty/nginx/conf/sites_crt/$domain.crt" - ln "/usr/local/nginx/conf/sites_crt/$domain.key" "/usr/local/openresty/nginx/conf/sites_crt/$domain.key" - elif [ -e "/usr/local/openresty/nginx/conf/sites_crt/$domain.crt" ] && [ -d /usr/local/nginx/conf ] && [ ! -e "/usr/local/nginx/conf/sites_crt/$domain.crt" ] + mkdir -p "$AIOS_PREFIX"/openresty/nginx/conf/sites_crt + ln "$AIOS_PREFIX/nginx/conf/sites_crt/$domain.crt" "$AIOS_PREFIX/openresty/nginx/conf/sites_crt/$domain.crt" + ln "$AIOS_PREFIX/nginx/conf/sites_crt/$domain.key" "$AIOS_PREFIX/openresty/nginx/conf/sites_crt/$domain.key" + elif [ -e "$AIOS_PREFIX/openresty/nginx/conf/sites_crt/$domain.crt" ] && [ -d "$AIOS_PREFIX"/nginx/conf ] && [ ! -e "$AIOS_PREFIX/nginx/conf/sites_crt/$domain.crt" ] then - mkdir -p /usr/local/nginx/conf/sites_crt - ln "/usr/local/openresty/nginx/conf/sites_crt/$domain.crt" "/usr/local/nginx/conf/sites_crt/$domain.crt" - ln "/usr/local/openresty/nginx/conf/sites_crt/$domain.key" "/usr/local/nginx/conf/sites_crt/$domain.key" + mkdir -p "$AIOS_PREFIX"/nginx/conf/sites_crt + ln "$AIOS_PREFIX/openresty/nginx/conf/sites_crt/$domain.crt" "$AIOS_PREFIX/nginx/conf/sites_crt/$domain.crt" + ln "$AIOS_PREFIX/openresty/nginx/conf/sites_crt/$domain.key" "$AIOS_PREFIX/nginx/conf/sites_crt/$domain.key" fi if [ -e "$nginx_prefix/conf/sites_crt/$domain.crt" ] && [ -e "$nginx_prefix/conf/sites_crt/$domain.key" ] diff --git a/src/nginx/update_cert b/src/nginx/update_cert index e0ff711..cf5cf69 100644 --- a/src/nginx/update_cert +++ b/src/nginx/update_cert @@ -43,16 +43,16 @@ NginxDomainUpdateCrt() [ "$stopped" -eq 1 ] && systemctl start $nginx_name fi - if [ -e "/usr/local/share/v2ray/$domain.crt" ] + if [ -e "$AIOS_PREFIX/share/v2ray/$domain.crt" ] then - cp -f "$nginx_prefix/conf/sites_crt/$domain.crt" "/usr/local/share/v2ray/$domain.crt" - cp -f "$nginx_prefix/conf/sites_crt/$domain.key" "/usr/local/share/v2ray/$domain.key" + cp -f "$nginx_prefix/conf/sites_crt/$domain.crt" "$AIOS_PREFIX/share/v2ray/$domain.crt" + cp -f "$nginx_prefix/conf/sites_crt/$domain.key" "$AIOS_PREFIX/share/v2ray/$domain.key" fi - if [ -e "/usr/local/share/xray/$domain.crt" ] + if [ -e "$AIOS_PREFIX/share/xray/$domain.crt" ] then - cp -f "$nginx_prefix/conf/sites_crt/$domain.crt" "/usr/local/share/xray/$domain.crt" - cp -f "$nginx_prefix/conf/sites_crt/$domain.key" "/usr/local/share/xray/$domain.key" + cp -f "$nginx_prefix/conf/sites_crt/$domain.crt" "$AIOS_PREFIX/share/xray/$domain.crt" + cp -f "$nginx_prefix/conf/sites_crt/$domain.key" "$AIOS_PREFIX/share/xray/$domain.key" fi [ "$quiet" -eq 0 ] && Println "$info $domain 证书更新成功\n" diff --git a/src/nx b/src/nx index 154aff3..882acc9 100644 --- a/src/nx +++ b/src/nx @@ -9,6 +9,7 @@ Include utils/mongodb "$@" Include utils/dnscrypt "$@" Include utils/iperf "$@" Include utils/swap "$@" +Include utils/quictls "$@" Include src/nginx/view_status "$@" Include src/nginx/toggle "$@" Include src/nginx/restart "$@" @@ -58,310 +59,25 @@ Include src/nginx/config_nodejs "$@" Include src/nginx/menu_nodejs "$@" Include src/nginx/menu_mongodb "$@" Include src/nginx/sites_crt "$@" +Include src/nginx/install "$@" Include src/service/browse "$@" - -NginxInstall() -{ - echo - pcre_options=( pcre pcre2 ) - inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index - - echo - openssl_options=( openssl@1.1 openssl@3 ) - inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index - - DepsCheck - - if [ "$dist" == "mac" ] && [ ! -d /usr/local/nginx ] - then - Println "$info 建立目录 /usr/local/nginx, 可能需要输入密码\n" - sudo mkdir /usr/local/nginx - sudo chown $USER /usr/local/nginx - fi - - Progress & - progress_pid=$! - - trap ' - kill $progress_pid - wait $progress_pid 2> /dev/null - ' EXIT - - cd ~ - - rm -rf nginx-http-flv-module-master - curl -s -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip - unzip nginx-http-flv-module.zip >/dev/null 2>&1 - - #cd nginx-http-flv-module-master - #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch - #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch >/dev/null 2>&1 - #cd ~ - - while IFS= read -r line - do - if [[ $line == *"/download/"* ]] - then - nginx_package_name=${line#*/download/} - nginx_package_name=${nginx_package_name%%.tar.gz*} - break - fi - done < <(curl -s -Lm 20 -H "User-Agent: $USER_AGENT_BROWSER" https://nginx.org/en/download.html 2> /dev/null) - - if [ ! -d "./$nginx_package_name" ] - then - curl -s -L "https://nginx.org/download/$nginx_package_name.tar.gz" -o "$nginx_package_name.tar.gz" - tar xzf "$nginx_package_name.tar.gz" - fi - - if [ "$dist" == "mac" ] - then - DepInstall "${openssl_options[openssl_options_index]}" >/dev/null - DepInstall "${pcre_options[pcre_options_index]}" >/dev/null - DepInstall zlib >/dev/null - - echo -n "...40%..." - - cd "$nginx_package_name/" - - cc_opt="-I/usr/local/opt/${pcre_options[pcre_options_index]}/include -I/usr/local/opt/zlib/include -I/usr/local/opt/${openssl_options[openssl_options_index]}/include" - ld_opt="-I/usr/local/opt/${pcre_options[pcre_options_index]}/lib -L/usr/local/opt/zlib/lib -L/usr/local/opt/${openssl_options[openssl_options_index]}/lib" - - ./configure \ - --with-cc-opt="$cc_opt" \ - --with-ld-opt="$ld_opt" \ - --add-module=../nginx-http-flv-module-master \ - --with-debug \ - --with-http_addition_module \ - --with-http_auth_request_module \ - --with-http_dav_module \ - --with-http_degradation_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_mp4_module \ - --with-http_random_index_module \ - --with-http_realip_module \ - --with-http_secure_link_module \ - --with-http_slice_module \ - --with-http_ssl_module \ - --with-http_stub_status_module \ - --with-http_sub_module \ - --with-http_v2_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-pcre \ - --with-pcre-jit \ - --with-stream \ - --with-stream_realip_module \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-threads >/dev/null 2>&1 - else - if [ "$dist" == "rpm" ] - then - yum -y install gcc gcc-c++ make >/dev/null 2>&1 - # yum groupinstall 'Development Tools' - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart crond >/dev/null 2>&1 - else - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart cron >/dev/null 2>&1 - apt-get -y install debconf-utils >/dev/null 2>&1 - echo '* libraries/restart-without-asking boolean true' | debconf-set-selections - apt-get -y install software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip build-essential gettext >/dev/null 2>&1 - fi - - echo -n "...40%..." - - while IFS= read -r line - do - if [[ $line =~ \ /dev/null) - - if [ ! -d $zlib_name ] - then - curl -s -L https://www.zlib.net/$zlib_name.tar.gz -o $zlib_name.tar.gz - tar xzf $zlib_name.tar.gz - fi - - if [ "$pcre_options_index" -eq 0 ] - then - pcre_name=pcre-8.45 - if [ ! -d $pcre_name ] - then - curl -s -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip - unzip $pcre_name.zip >/dev/null 2>&1 - fi - else - pcre_name=$(curl -s -Lm 10 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') - if [ ! -d $pcre_name ] - then - curl -s -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip - unzip $pcre_name.zip >/dev/null 2>&1 - fi - fi - - if [ "$openssl_options_index" -eq 0 ] - then - openssl_url="https://www.openssl.org/source/old" - openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) - - for openssl_ver in "${openssl_vers[@]}" - do - if [ "${openssl_ver%%.*}" -eq 1 ] - then - break - fi - done - openssl_url="$openssl_url/$openssl_ver" - else - openssl_url="https://www.openssl.org/source" - fi - - openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) - openssl_pack="${openssl_packs[0]}" - openssl_name=${openssl_pack%.tar*} - - if [ ! -d "./$openssl_name" ] - then - curl -s -L "$openssl_url/$openssl_pack" -o "$openssl_pack" - tar xzf "$openssl_pack" - fi - - echo -n "...60%..." - - cd "$nginx_package_name/" - - ./configure \ - --add-module=../nginx-http-flv-module-master \ - --with-debug \ - --with-http_addition_module \ - --with-http_auth_request_module \ - --with-http_dav_module \ - --with-http_degradation_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_mp4_module \ - --with-http_random_index_module \ - --with-http_realip_module \ - --with-http_secure_link_module \ - --with-http_slice_module \ - --with-http_ssl_module \ - --with-http_stub_status_module \ - --with-http_sub_module \ - --with-http_v2_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-pcre=../$pcre_name \ - --with-pcre-jit \ - --with-zlib=../$zlib_name \ - --with-stream \ - --with-stream_realip_module \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-openssl=../$openssl_name \ - --with-threads >/dev/null 2>&1 - fi - - echo -n "...80%..." - - nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" - - make $nproc >/dev/null 2>&1 - make install >/dev/null 2>&1 - - kill $progress_pid - wait $progress_pid 2> /dev/null || true - trap - EXIT - - ln -sf /usr/local/nginx/sbin/nginx /usr/local/bin/ - - echo "...100%" - - if [ "$dist" != "mac" ] - then - if ! grep -q "$nginx_name:" < "/etc/passwd" - then - if grep -q '\--group ' < <(adduser --help) - then - adduser "$nginx_name" --system --group --no-create-home > /dev/null - else - adduser "$nginx_name" --system --no-create-home > /dev/null - fi - usermod -s /usr/sbin/nologin "$nginx_name" - fi - - sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" - fi - - sed -i "s/worker_processes .*/worker_processes ${nproc:2};/" "$nginx_prefix/conf/nginx.conf" - sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" - - mkdir -p "$nginx_prefix/conf/sites_crt/" - mkdir -p "$nginx_prefix/conf/sites_available/" - mkdir -p "$nginx_prefix/conf/sites_enabled/" - mkdir -p "$nginx_prefix/html/localhost/" - - CrossplaneInstall -} - -NginxUninstall() -{ - if [ ! -d "$nginx_prefix" ] - then - Println "$error $nginx_name 未安装 !\n" - exit 1 - fi - - echo - ExitOnList n "`eval_gettext \"确定删除 \\\$nginx_name 包括所有配置文件, 操作不可恢复\"`" - - systemctl stop $nginx_name || true - - if [ "$nginx_ctl" == "or" ] - then - rm -rf "${nginx_prefix%/*}" - else - rm -rf "$nginx_prefix" - fi - - Println "$info $nginx_name 卸载完成\n" -} - -NginxUpdate() -{ - ShFileUpdate "$nginx_name" - - if [ ! -d "$nginx_prefix" ] - then - Println "$error $nginx_name 未安装 !\n" - exit 1 - fi - - echo - ExitOnList n "`eval_gettext \"是否重新编译 \\\$nginx_name\"`" - - nginx_name_upper=$(tr '[:lower:]' '[:upper:]' <<< "${nginx_name:0:1}")"${nginx_name:1}" - "$nginx_name_upper"Install - Println "$info $nginx_name 升级完成\n" -} +Include src/service/control "$@" ShFileCheck JQInstall -nginx_prefix="/usr/local/nginx" +nginx_prefix="$AIOS_PREFIX/nginx" nginx_name="nginx" nginx_ctl="nx" NGINX_FILE="$nginx_prefix/sbin/nginx" if [ "$dist" != "mac" ] && [ ! -s "/etc/systemd/system/$nginx_name.service" ] && [ -d "$nginx_prefix" ] then - ResourceLimit + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi cat > /etc/systemd/system/$nginx_name.service < /dev/null || true systemctl daemon-reload systemctl enable "$nginx_name" - systemctl start "$nginx_name" + if ! systemctl start "$nginx_name" + then + Println "$error 端口占用?\n" + fi fi case ${1:-} in @@ -411,12 +130,6 @@ case ${1:-} in nginx_confs=("$nginx_prefix"/conf/sites_available/*) shopt -u nullglob - if [ -z "${nginx_confs:-}" ] - then - Println "$error 请先添加域名 !\n" - exit 1 - fi - nginx_confs=( "$nginx_prefix"/conf/nginx.conf "${nginx_confs[@]}" ) echo @@ -492,16 +205,7 @@ Println " nginx 管理面板 ${normal}${red}[v$sh_ver]${normal} read -p "`gettext \"输入序号\"` [1-24]: " nginx_num case "$nginx_num" in 1) - if [ -d "$nginx_prefix" ] - then - Println "$error nginx 已经存在 !\n" && exit 1 - fi - - echo - ExitOnList n "`gettext \"因为是编译 nginx, 耗时会很长, 是否继续\"`" - NginxInstall - Println "$info nginx 安装完成\n" ;; 2) NginxUninstall diff --git a/src/openresty/install b/src/openresty/install new file mode 100644 index 0000000..0d7d991 --- /dev/null +++ b/src/openresty/install @@ -0,0 +1,575 @@ +OpenrestyPackageInstall() +{ + # nc -vz 127.0.0.1 80 + DepInstall lsof + if lsof -Pi :80 -sTCP:LISTEN -t &>/dev/null + then + Println "$error 80 端口被占用, 请先关闭占用端口的程序\n" + return 1 + fi + + DepInstall curl + DepInstall ca-certificates + + ArchCheck + + if [ "$arch" == "arm64" ] + then + arch_path="/arm64" + else + arch_path="" + fi + + . /etc/os-release + + case $dist in + ubu) + DepInstall lsb-release + DepInstall ubuntu-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/openresty.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/openresty/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] https://mirrors.ustc.edu.cn/openresty${arch_path}/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} main" | tee /etc/apt/sources.list.d/openresty.list + else + curl -fsSL https://openresty.org/package/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] http://openresty.org/package${arch_path}/ubuntu \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME} main" | tee /etc/apt/sources.list.d/openresty.list + fi + sudo apt-get update + fi + sudo apt-get -y install openresty --no-install-recommends + ;; + deb) + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/openresty.list ] + then + if grep -q "mirrors.ustc.edu.cn" < /etc/apt/sources.list + then + curl -fsSL https://mirrors.ustc.edu.cn/openresty/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] https://mirrors.ustc.edu.cn/openresty${arch_path}/debian \ + ${VERSION_CODENAME} openresty" | sudo tee /etc/apt/sources.list.d/openresty.list + else + curl -fsSL https://openresty.org/package/pubkey.gpg | gpg --batch --yes --dearmor -o /usr/share/keyrings/openresty.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/openresty.gpg] http://openresty.org/package${arch_path}/debian \ + ${VERSION_CODENAME} openresty" | sudo tee /etc/apt/sources.list.d/openresty.list + fi + sudo apt-get update + fi + sudo apt-get -y install openresty --no-install-recommends + ;; + rpm) + DepInstall yum-utils + + if [ ! -f /etc/yum.repos.d/openresty.repo ] + then + dist_names=( amazon alinux tlinux oracle rocky fedora centos rhel ) + + for dist_name in "${dist_names[@]}" + do + if grep -qi "$dist_name" <<< "$ID" || grep -qi "$dist_name" <<< "$NAME" + then + case $dist_name in + amazon|alinux|tlinux|oracle|fedora) + curl -s -L https://openresty.org/package/$dist_name/openresty.repo -o /etc/yum.repos.d/openresty.repo + ;; + rocky|centos|rhel) + if [ "${VERSION_ID%%.*}" -gt 8 ] + then + curl -s -L https://openresty.org/package/$dist_name/openresty2.repo -o /etc/yum.repos.d/openresty.repo + else + curl -s -L https://openresty.org/package/$dist_name/openresty.repo -o /etc/yum.repos.d/openresty.repo + fi + ;; + esac + break + fi + done + fi + sudo yum check-update + sudo yum install -y openresty openresty-opm openresty-doc + ;; + *) + Println "$error 不支持的系统\n" + return 1 + ;; + esac + + if ! grep -q "$nginx_name:" < "/etc/passwd" + then + if grep -q '\--group ' < <(adduser --help) + then + adduser "$nginx_name" --system --group --no-create-home > /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi + + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name 安装成功\n" +} + +OpenrestySourceInstall() +{ + local install="更新" + + if [ -z "${1:-}" ] + then + if [[ -x $(command -v $nginx_name) ]] + then + return 0 + fi + install="安装" + elif [[ ! -x $(command -v $nginx_name) ]] + then + install="安装" + fi + + DepsCheck + + echo + pcre_options=( pcre pcre2 ) + inquirer list_input_index "选择 pcre 版本" pcre_options pcre_options_index + + Println "$tip 如果选择 openssl, $nginx_name 将不支持 ssl_early_data (0-RTT)" + openssl_options=( openssl@1.1 quictls ) + inquirer list_input_index "选择 openssl 版本" openssl_options openssl_options_index + + echo + inquirer list_input_index "额外添加编译选项" ny_options ny_index + install_options_selected=() + if [ "$ny_index" -eq 1 ] + then + echo + install_options=( --with-http_iconv_module --with-http_postgres_module --with-http_slice_module ) + inquirer checkbox_input "选择编译选项" install_options install_options_selected + fi + + if [ "$dist" == "mac" ] + then + Println "$tip 如果选择官方编译, $nginx_name 将缺少 nginx-http-flv-module 和 quictls 选择" + inquirer list_input_index "使用官方编译" yn_options yn_index + if [ "$yn_index" -eq 0 ] + then + brew tap openresty/brew + brew install openresty ${install_options_selected[@]+"${install_options_selected[@]}"} + if [ ! -d "$nginx_prefix" ] + then + Println "$info 建立目录 $nginx_prefix, 可能需要输入密码\n" + sudo mkdir -p "$nginx_prefix"/html/localhost/ + sudo chown "$USER" "$nginx_prefix" + ln -s "$HOMEBREW_PREFIX"/etc/openresty "$nginx_prefix"/conf + ln -s "$HOMEBREW_PREFIX"/var/log/nginx "$nginx_prefix"/logs + fi + return + fi + if [ ! -d "$nginx_prefix" ] + then + Println "$info 建立目录 "$nginx_prefix", 可能需要输入密码\n" + sudo mkdir "$nginx_prefix" + sudo chown $USER "$nginx_prefix" + sudo chown $USER "${nginx_prefix%/*}" + if [ ! -f /etc/paths.d/openresty ] + then + sudo mkdir -p /etc/paths.d + echo "$HOMEBREW_PREFIX"/openresty/bin | sudo tee /etc/paths.d/openresty + fi + fi + fi + + mkdir -p "$DEPENDS_ROOT" + cd "$DEPENDS_ROOT" + + rm -rf nginx-http-flv-module-master + curl -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip + Println "$info 解压 nginx-http-flv-module ..." + unzip nginx-http-flv-module.zip >/dev/null 2>&1 + + #cd nginx-http-flv-module-master + #curl -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch + #cd "$DEPENDS_ROOT" + + latest_release=0 + while IFS= read -r line + do + if [[ $line == *"Lastest release"* ]] + then + latest_release=1 + elif [ "$latest_release" -eq 1 ] && [[ $line == *" /dev/null) + + if [ ! -d "./$openresty_package_name" ] + then + curl -L "https://openresty.org/download/$openresty_package_name.tar.gz" -o "$openresty_package_name.tar.gz" + Println "$info 解压 $openresty_package_name ..." + tar xzf "$openresty_package_name.tar.gz" + fi + + if [ "$dist" == "mac" ] + then + DepInstall "${pcre_options[pcre_options_index]}" + DepInstall zlib + DepInstall geoip + + cc_opt="-I$HOMEBREW_PREFIX/opt/geoip/include -I$HOMEBREW_PREFIX/opt/${pcre_options[pcre_options_index]}/include -I$HOMEBREW_PREFIX/opt/zlib/include" + ld_opt="-L$HOMEBREW_PREFIX/opt/geoip/lib -I$HOMEBREW_PREFIX/opt/${pcre_options[pcre_options_index]}/lib -L$HOMEBREW_PREFIX/opt/zlib/lib" + + for install_option in "${install_options_selected[@]}" + do + if [ "$install_option" == "--with-http_postgres_module" ] + then + DepInstall postgresql@14 + cc_opt="$cc_opt -I$HOMEBREW_PREFIX/opt/postgresql@14/include" + ld_opt="$ld_opt -L$HOMEBREW_PREFIX/opt/postgresql@14/lib" + break + fi + done + + if [ "$openssl_options_index" -eq 1 ] + then + QuictlsInstall + cc_opt="$cc_opt -I$DEPENDS_ROOT/quictls/build/include" + ld_opt="$ld_opt -L$DEPENDS_ROOT/quictls/build/lib" + else + DepInstall openresty/brew/openresty-openssl111 + cc_opt="$cc_opt -I$HOMEBREW_PREFIX/opt/openresty-openssl111/include" + ld_opt="$ld_opt -L$HOMEBREW_PREFIX/opt/openresty-openssl111/lib" + fi + + cd "$openresty_package_name/bundle/ngx_lua-"* + + curl -L "$FFMPEG_MIRROR_LINK/fix_ngx_lua_resp_get_headers_key_whitespace.patch" -o fix_ngx_lua_resp_get_headers_key_whitespace.patch + patch -p1 < fix_ngx_lua_resp_get_headers_key_whitespace.patch || true + + cd ../../ + + ./configure \ + --add-module=../nginx-http-flv-module-master \ + --with-cc-opt="$cc_opt" \ + --with-ld-opt="$ld_opt" \ + --with-debug \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_dav_module \ + --with-http_degradation_module \ + --with-http_gunzip_module \ + --with-http_geoip_module \ + --with-http_gzip_static_module \ + --with-http_mp4_module \ + --with-http_random_index_module \ + --with-http_realip_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_ssl_module \ + --with-http_stub_status_module \ + --with-http_sub_module \ + --with-http_v2_module \ + --with-http_v3_module \ + --with-http_flv_module \ + --without-mail_pop3_module \ + --without-mail_imap_module \ + --without-mail_smtp_module \ + --with-pcre-jit \ + --without-http_rds_json_module \ + --without-http_rds_csv_module \ + --without-lua_rds_parser \ + --with-ipv6 \ + --with-stream \ + --with-stream_realip_module \ + --with-stream_ssl_module \ + --with-stream_ssl_preread_module \ + --with-threads \ + --with-luajit-xcflags=-DLUAJIT_NUMMODE=2\ -DLUAJIT_ENABLE_LUA52COMPAT\ -fno-stack-check ${install_options_selected[@]+"${install_options_selected[@]}"} + else + if [ "$dist" == "rpm" ] + then + . /etc/os-release + + case ${VERSION_ID%%.*} in + 9) + dnf config-manager --set-enabled crb + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + 8) + dnf config-manager --set-enabled powertools + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + *) + yum install -y epel-release + ;; + esac + + yum groupinstall -y 'Development Tools' + timedatectl set-timezone Asia/Shanghai + systemctl restart crond + yum install -y pcre-devel openssl-devel gcc zlib-devel libpq-devel + else + timedatectl set-timezone Asia/Shanghai + systemctl restart cron + apt-get -y install debconf-utils + echo '* libraries/restart-without-asking boolean true' | debconf-set-selections + apt-get -y install libpcre3-dev perl make software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential libpq-dev + fi + + while IFS= read -r line + do + if [[ $line =~ \ /dev/null) + + if [ ! -d $zlib_name ] + then + curl -L https://www.zlib.net/$zlib_name.tar.gz -o $zlib_name.tar.gz + Println "$info 解压 $zlib_name ..." + tar xzf $zlib_name.tar.gz + fi + + if [ "$pcre_options_index" -eq 0 ] + then + pcre_name=pcre-8.45 + if [ ! -d $pcre_name ] + then + curl -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + else + pcre_name=$(curl -Lm 20 "$FFMPEG_MIRROR_LINK/pcre2.json" | $JQ_FILE -r '.tag_name') + if [ ! -d $pcre_name ] + then + curl -L $FFMPEG_MIRROR_LINK/pcre2/$pcre_name/$pcre_name.zip -o $pcre_name.zip + Println "$info 解压 $pcre_name ..." + unzip $pcre_name.zip >/dev/null 2>&1 + fi + fi + + openssl_url="https://www.openssl.org/source/old" + openssl_vers=($(curl -s -Lm 20 $openssl_url/ | grep -oP '
  • \K[^<]+')) + + for openssl_ver in "${openssl_vers[@]}" + do + if [ "${openssl_ver%%.*}" -eq 1 ] + then + break + fi + done + + openssl_url="$openssl_url/$openssl_ver" + + openssl_packs=($(curl -s -Lm 20 $openssl_url/ | grep -oP '\K[^<]+')) + openssl_pack="${openssl_packs[0]}" + openssl_name=${openssl_pack%.tar*} + + if [ "$openssl_options_index" -eq 1 ] + then + openssl_ver=${openssl_name#*-} + openssl_name=openssl-OpenSSL_${openssl_ver//./_}-quic1 + fi + + if [ ! -d ${openssl_name}-patched ] || [ ! -s ${openssl_name}-patched/openssl-1.1.1f-sess_set_get_cb_yield.patch ] + then + rm -rf ${openssl_name:-notfound} + rm -rf ${openssl_name}-patched + + if [ "$openssl_options_index" -eq 1 ] + then + if ! curl -Lm 30 https://github.com/quictls/openssl/archive/refs/tags/${openssl_name}.tar.gz -o "$openssl_name".tar.gz + then + curl -L "$FFMPEG_MIRROR_LINK/$openssl_name".tar.gz -o "$openssl_name".tar.gz + fi + tar xzf ${openssl_name}.tar.gz + else + curl -L "$openssl_url/$openssl_pack" -o "$openssl_pack" + Println "$info 解压 $openssl_name ..." + tar xzf "$openssl_pack" + fi + + mv ${openssl_name} ${openssl_name}-patched + cd ${openssl_name}-patched + + curl -L "$FFMPEG_MIRROR_LINK/openssl-1.1.1f-sess_set_get_cb_yield.patch" -o openssl-1.1.1f-sess_set_get_cb_yield.patch + patch -p1 < openssl-1.1.1f-sess_set_get_cb_yield.patch || true + cd "$DEPENDS_ROOT" + fi + + cd "$openresty_package_name/bundle/ngx_lua-"* + + curl -L "$FFMPEG_MIRROR_LINK/fix_ngx_lua_resp_get_headers_key_whitespace.patch" -o fix_ngx_lua_resp_get_headers_key_whitespace.patch + patch -p1 < fix_ngx_lua_resp_get_headers_key_whitespace.patch || true + + cd ../.. + + ./configure \ + --add-module=../nginx-http-flv-module-master \ + --with-pcre=../$pcre_name \ + --with-pcre-jit \ + --with-zlib=../$zlib_name \ + --with-openssl=../${openssl_name}-patched \ + --with-openssl-opt="no-threads shared zlib -g enable-ssl3 enable-ssl3-method enable-ec_nistp_64_gcc_128" \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-http_v3_module \ + --without-mail_pop3_module \ + --without-mail_imap_module \ + --without-mail_smtp_module \ + --without-http_rds_json_module \ + --without-http_rds_csv_module \ + --without-lua_rds_parser \ + --with-http_stub_status_module \ + --with-http_realip_module \ + --with-debug \ + --with-http_addition_module \ + --with-http_auth_request_module \ + --with-http_secure_link_module \ + --with-http_slice_module \ + --with-http_random_index_module \ + --with-http_gzip_static_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_degradation_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-ipv6 \ + --with-stream \ + --with-stream_ssl_preread_module \ + --with-stream_ssl_module \ + --with-stream_realip_module \ + --with-threads \ + --with-luajit-xcflags=-DLUAJIT_NUMMODE=2\ -DLUAJIT_ENABLE_LUA52COMPAT\ -fno-stack-check ${install_options_selected[@]+"${install_options_selected[@]}"} + fi + + nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" + + make $nproc + make install + + ln -sf "$nginx_prefix"/sbin/nginx "$AIOS_PREFIX"/bin/ + + if [ "$dist" != "mac" ] + then + if ! grep -q "$nginx_name:" < "/etc/passwd" + then + if grep -q '\--group ' < <(adduser --help) + then + adduser "$nginx_name" --system --group --no-create-home > /dev/null + else + adduser "$nginx_name" --system --no-create-home > /dev/null + fi + usermod -s /usr/sbin/nologin "$nginx_name" + fi + + sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" + fi + + sed -i "s/worker_processes .*/worker_processes ${nproc:2};/" "$nginx_prefix/conf/nginx.conf" + sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" + + mkdir -p "$nginx_prefix/conf/sites_crt/" + mkdir -p "$nginx_prefix/conf/sites_available/" + mkdir -p "$nginx_prefix/conf/sites_enabled/" + mkdir -p "$nginx_prefix/html/localhost/" + + CrossplaneInstall + + Println "$info $nginx_name ${install}成功\n" +} + +OpenrestyInstall() +{ + if [ -d "$nginx_prefix" ] + then + Println "$error $nginx_name 已经存在 $nginx_prefix !\n" + return 1 + elif [[ -x $(command -v $nginx_name) ]] + then + Println "$error $nginx_name 已经存在 $(command -v $nginx_name), 请先卸载!\n" + return 1 + fi + + if [ "$dist" != "mac" ] + then + Println "$tip 选择快速安装将缺少 nginx-http-flv-module 和 quictls 选择" + openresty_install_options=( "${nginx_name}官方包 (快速安装)" '编译安装' ) + inquirer list_input_index "选择安装方式" openresty_install_options openresty_install_options_index + + if [ "$openresty_install_options_index" -eq 0 ] + then + OpenrestyPackageInstall + return + fi + fi + + OpenrestySourceInstall +} + +OpenrestyUninstall() +{ + if [ ! -d "$nginx_prefix" ] + then + Println "$error $nginx_name 未安装 !\n" + return 1 + fi + + echo + ExitOnList n "`eval_gettext \"确定删除 \\\$nginx_name 包括所有配置文件, 操作不可恢复\"`" + + ServiceControlDisable $nginx_name + + rm -rf "${nginx_prefix%/*}" + + Println "$info $nginx_name 卸载完成\n" +} + +OpenrestyUpdate() +{ + ShFileUpdate "$nginx_name" + + if [ ! -d "$nginx_prefix" ] + then + Println "$error $nginx_name 未安装 !\n" + return 1 + fi + + if [ "$dist" == "rpm" ] && grep -q "$nginx_name" < <(yum list installed) + then + yum update -y "$nginx_name" + elif { [ "$dist" == "deb" ] || [ "$dist" == "ubu" ]; } && dpkg -s "$nginx_name" &> /dev/null + then + apt-get -y install --only-upgrade "$nginx_name" + else + OpenrestySourceInstall update + fi +} diff --git a/src/or b/src/or index de749e6..2f3ad18 100644 --- a/src/or +++ b/src/or @@ -8,6 +8,7 @@ Include utils/nodejs "$@" Include utils/mongodb "$@" Include utils/dnscrypt "$@" Include utils/iperf "$@" +Include utils/quictls "$@" Include src/nginx/view_status "$@" Include src/nginx/toggle "$@" Include src/nginx/restart "$@" @@ -57,306 +58,24 @@ Include src/nginx/config_nodejs "$@" Include src/nginx/menu_nodejs "$@" Include src/nginx/menu_mongodb "$@" Include src/nginx/sites_crt "$@" - -OpenrestyInstall() -{ - DepsCheck - - if [ "$dist" == "mac" ] && [ ! -d /usr/local/openresty ] - then - Println "$info 建立目录 /usr/local/openresty, 可能需要输入密码\n" - sudo mkdir /usr/local/openresty - sudo chown $USER /usr/local/openresty - fi - - Progress & - progress_pid=$! - - trap ' - kill $progress_pid - wait $progress_pid 2> /dev/null - ' EXIT - - cd ~ - - rm -rf nginx-http-flv-module-master - curl -s -L "$FFMPEG_MIRROR_LINK/nginx-http-flv-module.zip" -o nginx-http-flv-module.zip - unzip nginx-http-flv-module.zip >/dev/null 2>&1 - - #cd nginx-http-flv-module-master - #curl -s -L "$FFMPEG_MIRROR_LINK/Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch" -o Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch - #patch -p1 < Add-SVT-HEVC-support-for-RTMP-and-HLS-on-Nginx-HTTP-FLV.patch >/dev/null 2>&1 - #cd ~ - - latest_release=0 - while IFS= read -r line - do - if [[ $line == *"Lastest release"* ]] - then - latest_release=1 - elif [ "$latest_release" -eq 1 ] && [[ $line == *" /dev/null) - - if [ ! -d "./$openresty_package_name" ] - then - curl -s -L "https://openresty.org/download/$openresty_package_name.tar.gz" -o "$openresty_package_name.tar.gz" - tar xzf "$openresty_package_name.tar.gz" - fi - - if [ "$dist" == "mac" ] - then - DepInstall openresty/brew/openresty-openssl111 >/dev/null - DepInstall pcre >/dev/null - DepInstall zlib >/dev/null - DepInstall geoip >/dev/null - - echo -n "...40%..." - - cd "$openresty_package_name/bundle/ngx_lua-"* - - curl -s -L "$FFMPEG_MIRROR_LINK/fix_ngx_lua_resp_get_headers_key_whitespace.patch" -o fix_ngx_lua_resp_get_headers_key_whitespace.patch - patch -p1 < fix_ngx_lua_resp_get_headers_key_whitespace.patch >/dev/null 2>&1 || true - - cd ../../ - - cc_opt="-I/usr/local/opt/geoip/include -I/usr/local/opt/pcre@1.1/include -I/usr/local/opt/zlib/include -I/usr/local/opt/openresty-openssl111/include" - ld_opt="-L/usr/local/opt/geoip/lib -I/usr/local/opt/pcre@1.1/lib -L/usr/local/opt/zlib/lib -L/usr/local/opt/openresty-openssl111/lib" - - ./configure \ - --with-cc-opt="$cc_opt" \ - --with-ld-opt="$ld_opt" \ - --add-module=../nginx-http-flv-module-master \ - --with-debug \ - --with-http_addition_module \ - --with-http_auth_request_module \ - --with-http_dav_module \ - --with-http_degradation_module \ - --with-http_gunzip_module \ - --with-http_geoip_module \ - --with-http_gzip_static_module \ - --with-http_mp4_module \ - --with-http_random_index_module \ - --with-http_realip_module \ - --with-http_secure_link_module \ - --with-http_slice_module \ - --with-http_ssl_module \ - --with-http_stub_status_module \ - --with-http_sub_module \ - --with-http_v2_module \ - --with-http_flv_module \ - --without-mail_pop3_module \ - --without-mail_imap_module \ - --without-mail_smtp_module \ - --with-pcre-jit \ - --without-http_rds_json_module \ - --without-http_rds_csv_module \ - --without-lua_rds_parser \ - --with-stream \ - --with-stream_realip_module \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-threads \ - --with-luajit-xcflags=-DLUAJIT_NUMMODE=2\ -DLUAJIT_ENABLE_LUA52COMPAT\ -fno-stack-check >/dev/null 2>&1 - else - if [ "$dist" == "rpm" ] - then - yum -y install gcc gcc-c++ make >/dev/null 2>&1 - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart crond >/dev/null 2>&1 - #if grep -q "Fedora" < "/etc/redhat-release" - #then - # dnf install -y dnf-plugins-core >/dev/null 2>&1 - # dnf config-manager --add-repo https://openresty.org/package/fedora/openresty.repo >/dev/null 2>&1 - # dnf install -y openresty >/dev/null 2>&1 || true - # dnf install -y openresty-resty >/dev/null 2>&1 - #elif grep -q "Amazon" < "/etc/redhat-release" - #then - # yum install -y yum-utils >/dev/null 2>&1 - # yum-config-manager --add-repo https://openresty.org/package/amazon/openresty.repo >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #elif grep -q "Red Hat" < "/etc/redhat-release" - #then - # wget https://openresty.org/package/rhel/openresty.repo -qO /etc/yum.repos.d/openresty.repo >/dev/null 2>&1 - # yum check-update >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #else - # wget https://openresty.org/package/centos/openresty.repo -qO /etc/yum.repos.d/openresty.repo >/dev/null 2>&1 - # yum check-update >/dev/null 2>&1 - # yum install -y openresty >/dev/null 2>&1 || true - # yum install -y openresty-resty >/dev/null 2>&1 - #fi - #elif [ "$dist" == "ubu" ] - #then - #apt-get -y install ca-certificates >/dev/null 2>&1 - #if ! wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null 2>&1 - #then - # apt-get -y install gnupg >/dev/null 2>&1 - # wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null - #fi - #echo "deb http://openresty.org/package/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/openresty.list - #apt-get update >/dev/null 2>&1 - #apt-get -y install openresty >/dev/null 2>&1 || true - else - timedatectl set-timezone Asia/Shanghai >/dev/null 2>&1 - systemctl restart cron >/dev/null 2>&1 - apt-get -y install debconf-utils >/dev/null 2>&1 - echo '* libraries/restart-without-asking boolean true' | debconf-set-selections - apt-get -y install perl software-properties-common pkg-config libssl-dev libghc-zlib-dev libcurl4-gnutls-dev libexpat1-dev unzip gettext build-essential >/dev/null 2>&1 - #apt-get -y install ca-certificates software-properties-common >/dev/null 2>&1 - #if ! wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null 2>&1 - #then - # apt-get -y install gnupg >/dev/null 2>&1 - # wget -qO - https://openresty.org/package/pubkey.gpg | apt-key add - > /dev/null - #fi - #codename=$(grep -Po 'VERSION="[0-9]+ \(\K[^)]+' /etc/os-release) - #echo "deb http://openresty.org/package/debian $codename openresty" > /etc/apt/sources.list.d/openresty.list - #apt-get update >/dev/null 2>&1 - #apt-get -y install openresty >/dev/null 2>&1 || true - fi - - echo -n "...40%..." - - while IFS= read -r line - do - if [[ $line =~ \ /dev/null) - - if [ ! -d $zlib_name ] - then - curl -s -L https://www.zlib.net/$zlib_name.tar.gz -o $zlib_name.tar.gz - tar xzf $zlib_name.tar.gz - fi - - pcre_name=pcre-8.45 - if [ ! -d $pcre_name ] - then - curl -s -L https://downloads.sourceforge.net/pcre/pcre/${pcre_name#*-}/$pcre_name.zip -o $pcre_name.zip - unzip $pcre_name.zip >/dev/null 2>&1 - fi - - openssl_name=openssl-1.1.1n - - if [ ! -d ${openssl_name}-patched ] || [ ! -s ${openssl_name}-patched/openssl-1.1.1f-sess_set_get_cb_yield.patch ] - then - rm -rf ${openssl_name} - rm -rf ${openssl_name}-patched - curl -s -L https://www.openssl.org/source/old/1.1.1/${openssl_name}.tar.gz -o ${openssl_name}.tar.gz - tar xzf ${openssl_name}.tar.gz - mv ${openssl_name} ${openssl_name}-patched - cd ${openssl_name}-patched - curl -s -L "$FFMPEG_MIRROR_LINK/openssl-1.1.1f-sess_set_get_cb_yield.patch" -o openssl-1.1.1f-sess_set_get_cb_yield.patch - patch -p1 < openssl-1.1.1f-sess_set_get_cb_yield.patch >/dev/null 2>&1 || true - cd ~ - fi - - echo -n "...60%..." - - cd "$openresty_package_name/bundle/ngx_lua-"* - - curl -s -L "$FFMPEG_MIRROR_LINK/fix_ngx_lua_resp_get_headers_key_whitespace.patch" -o fix_ngx_lua_resp_get_headers_key_whitespace.patch - patch -p1 < fix_ngx_lua_resp_get_headers_key_whitespace.patch >/dev/null 2>&1 || true - - cd ../.. - - ./configure \ - --add-module=../nginx-http-flv-module-master \ - --with-pcre=../$pcre_name \ - --with-pcre-jit \ - --with-zlib=../$zlib_name \ - --with-openssl=../$openssl_name-patched \ - --with-openssl-opt="no-threads shared zlib -g enable-ssl3 enable-ssl3-method enable-ec_nistp_64_gcc_128" \ - --with-http_ssl_module \ - --with-http_v2_module \ - --without-mail_pop3_module \ - --without-mail_imap_module \ - --without-mail_smtp_module \ - --without-http_rds_json_module \ - --without-http_rds_csv_module \ - --without-lua_rds_parser \ - --with-http_stub_status_module \ - --with-http_realip_module \ - --with-debug \ - --with-http_addition_module \ - --with-http_auth_request_module \ - --with-http_secure_link_module \ - --with-http_slice_module \ - --with-http_random_index_module \ - --with-http_gzip_static_module \ - --with-http_sub_module \ - --with-http_dav_module \ - --with-http_degradation_module \ - --with-http_flv_module \ - --with-http_mp4_module \ - --with-http_gunzip_module \ - --with-stream \ - --with-stream_ssl_preread_module \ - --with-stream_ssl_module \ - --with-stream_realip_module \ - --with-threads \ - --with-luajit-xcflags=-DLUAJIT_NUMMODE=2\ -DLUAJIT_ENABLE_LUA52COMPAT\ -fno-stack-check >/dev/null 2>&1 - fi - - echo -n "...80%..." - - nproc="-j$(nproc 2> /dev/null)" || nproc="-j1" - make $nproc >/dev/null 2>&1 - make install >/dev/null 2>&1 - - kill $progress_pid - wait $progress_pid 2> /dev/null || true - trap - EXIT - echo "...100%" - - if [ "$dist" != "mac" ] - then - if ! grep -q "$nginx_name:" < "/etc/passwd" - then - if grep -q '\--group ' < <(adduser --help) - then - adduser "$nginx_name" --system --group --no-create-home > /dev/null - else - adduser "$nginx_name" --system --no-create-home > /dev/null - fi - usermod -s /usr/sbin/nologin "$nginx_name" - fi - - sed -i "s/#user nobody;/user $nginx_name $nginx_name;/" "$nginx_prefix/conf/nginx.conf" - fi - - sed -i "s/worker_processes .*/worker_processes ${nproc:2};/" "$nginx_prefix/conf/nginx.conf" - sed -i "s/worker_connections 1024;/worker_connections 51200;/" "$nginx_prefix/conf/nginx.conf" - - mkdir -p "$nginx_prefix/conf/sites_crt/" - mkdir -p "$nginx_prefix/conf/sites_available/" - mkdir -p "$nginx_prefix/conf/sites_enabled/" - mkdir -p "$nginx_prefix/html/localhost/" - - CrossplaneInstall -} +Include src/openresty/install "$@" +Include src/service/control "$@" ShFileCheck JQInstall -nginx_prefix="/usr/local/openresty/nginx" +nginx_prefix="$AIOS_PREFIX/openresty/nginx" nginx_name="openresty" nginx_ctl="or" NGINX_FILE="$nginx_prefix/sbin/nginx" if [ "$dist" != "mac" ] && [ ! -s "/etc/systemd/system/$nginx_name.service" ] && [ -d "$nginx_prefix" ] then - ResourceLimit + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi cat > /etc/systemd/system/$nginx_name.service < /dev/null || true systemctl daemon-reload systemctl enable "$nginx_name" - systemctl start "$nginx_name" + if ! systemctl start "$nginx_name" + then + Println "$error 端口占用?\n" + fi fi case ${1:-} in @@ -406,12 +128,6 @@ case ${1:-} in nginx_confs=("$nginx_prefix"/conf/sites_available/*) shopt -u nullglob - if [ -z "${nginx_confs:-}" ] - then - Println "$error 请先添加域名 !\n" - exit 1 - fi - nginx_confs=( "$nginx_prefix"/conf/nginx.conf "${nginx_confs[@]}" ) echo @@ -480,22 +196,13 @@ Println " openresty 管理面板 ${normal}${red}[v$sh_ver]${normal} read -p "`gettext \"输入序号\"` [1-17]: " openresty_num case "$openresty_num" in 1) - if [ -d "$nginx_prefix" ] - then - Println "$error openresty 已经存在 !\n" && exit 1 - fi - - echo - ExitOnList n "`gettext \"因为是编译 openresty, 耗时会很长, 是否继续\"`" - OpenrestyInstall - Println "$info openresty 安装完成\n" ;; 2) - NginxUninstall + OpenrestyUninstall ;; 3) - NginxUpdate + OpenrestyUpdate ;; 4) NginxListDomain diff --git a/src/tv b/src/tv index 13b9245..e5637c4 100644 --- a/src/tv +++ b/src/tv @@ -106,6 +106,8 @@ Include src/iptv/menu_vip_user "$@" Include src/iptv/menu_vip "$@" Include src/iptv/menu_iptv "$@" Include src/iptv/usage "$@" +Include src/nginx/install "$@" +Include src/openresty/install "$@" Install() { diff --git a/utils/curl b/utils/curl index 0ef1ed2..367328d 100644 --- a/utils/curl +++ b/utils/curl @@ -32,7 +32,7 @@ CurlImpersonateInstall() if ! curl_impersonate_ver=$(curl -s -Lm 20 "https://api.github.com/repos/lwthiker/curl-impersonate/releases/latest" | $JQ_FILE -r '.tag_name') then Println "$error curl impersonate 下载出错, 无法连接 github ?\n" - exit 1 + return 1 fi if [ "$arch" == "x86_64" ] @@ -48,26 +48,26 @@ CurlImpersonateInstall() curl_impersonate_package_name="curl-impersonate-$curl_impersonate_ver.aarch64-linux-gnu" else Println "$error 系统不支持安装 curl impersonate\n" - exit 1 + return 1 fi Println "$info 下载 curl impersonate ..." - mkdir -p "$HOME/curl-impersonate/" - - if ! curl -s -Lm 20 "https://github.com/lwthiker/curl-impersonate/releases/download/$curl_impersonate_ver/$curl_impersonate_package_name.tar.gz" -o "$HOME/$curl_impersonate_package_name.tar.gz_tmp" + if ! curl -s -Lm 20 "https://github.com/lwthiker/curl-impersonate/releases/download/$curl_impersonate_ver/$curl_impersonate_package_name.tar.gz" -o "$DEPENDS_ROOT/$curl_impersonate_package_name.tar.gz_tmp" then Println "$error curl impersonate 下载出错, 无法连接 github ?\n" - exit 1 + return 1 fi - mv "$HOME/$curl_impersonate_package_name.tar.gz_tmp" "$HOME/$curl_impersonate_package_name.tar.gz" + mv "$DEPENDS_ROOT/$curl_impersonate_package_name.tar.gz_tmp" "$DEPENDS_ROOT/$curl_impersonate_package_name.tar.gz" + + mkdir -p "$DEPENDS_ROOT/curl-impersonate/" - tar -C "$HOME/curl-impersonate/" -xzf "$HOME/$curl_impersonate_package_name.tar.gz" + tar -C "$DEPENDS_ROOT/curl-impersonate/" -xzf "$DEPENDS_ROOT/$curl_impersonate_package_name.tar.gz" rm -f "$CURL_IMPERSONATE_FILE" - awk '!x{x=sub(/dir=.*/,"dir='"$HOME/curl-impersonate"'")}1' "$HOME/curl-impersonate/curl_chrome99" > "$CURL_IMPERSONATE_FILE" + awk '!x{x=sub(/dir=.*/,"dir='"$DEPENDS_ROOT/curl-impersonate"'")}1' "$DEPENDS_ROOT/curl-impersonate/curl_chrome99" > "$CURL_IMPERSONATE_FILE" chmod +x "$CURL_IMPERSONATE_FILE" @@ -131,7 +131,7 @@ CurlImpersonateUpdate() impersonate_options=() - for ele in "$HOME"/curl-impersonate/curl_* + for ele in "$DEPENDS_ROOT"/curl-impersonate/curl_* do impersonate_options+=("${ele##*/}") done @@ -141,7 +141,7 @@ CurlImpersonateUpdate() rm -f "$impersonate_service_file" - awk '!x{x=sub(/dir=.*/,"dir='"$HOME/curl-impersonate"'")}1' "$HOME/curl-impersonate/$impersonate_option" > "$impersonate_service_file" + awk '!x{x=sub(/dir=.*/,"dir='"$DEPENDS_ROOT/curl-impersonate"'")}1' "$DEPENDS_ROOT/curl-impersonate/$impersonate_option" > "$impersonate_service_file" chmod +x "$impersonate_service_file" @@ -188,11 +188,12 @@ CurlImpersonateUpdate() CurlImpersonateCompile() { echo - inquirer text_input "输入 curl-impersonate 安装目录" curl_impersonate_prefix /usr/local/curl-impersonate + inquirer text_input "输入 curl-impersonate 安装目录" curl_impersonate_prefix "$AIOS_PREFIX"/curl-impersonate GitInstall - cd ~ + mkdir -p "$DEPENDS_ROOT" + cd "$DEPENDS_ROOT" if [ -d curl-impersonate.git ] then @@ -243,8 +244,8 @@ CurlImpersonateCompile() # sudo cp -f curl-*/curl-impersonate-chrome-config "$curl_impersonate_prefix"/bin/ # sudo chmod +x "$curl_impersonate_prefix"/bin/curl-impersonate-chrome-config - # rm -f /usr/local/bin/curl-config - # sudo ln -s "$curl_impersonate_prefix"/bin/curl-impersonate-chrome-config /usr/local/bin/curl-config + # rm -f "$AIOS_PREFIX"/bin/curl-config + # sudo ln -s "$curl_impersonate_prefix"/bin/curl-impersonate-chrome-config "$AIOS_PREFIX"/bin/curl-config Println "$info curl impersonate 编译成功\n" } @@ -254,15 +255,16 @@ NodeLibcurlImpersonateCompile() NodejsInstall echo - inquirer text_input "输入编译安装好的 curl impersonate 路径" curl_impersonate_prefix /usr/local/curl-impersonate + inquirer text_input "输入编译安装好的 curl impersonate 路径" curl_impersonate_prefix "$AIOS_PREFIX"/curl-impersonate if [ ! -d "$curl_impersonate_prefix" ] then Println "$error curl impersonate 目录不存在, 请先编译安装\n" - exit 1 + return 1 fi - cd ~ + mkdir -p "$DEPENDS_ROOT" + cd "$DEPENDS_ROOT" if [ -d node-libcurl-impersonate ] then @@ -277,15 +279,15 @@ NodeLibcurlImpersonateCompile() if [ "$dist" == "mac" ] then - Println "$tip 可能需要输入密码创建链接 ln -s ${curl_impersonate_prefix}/bin/curl-impersonate-chrome-config /usr/local/bin/curl-config" - sudo ln -s "${curl_impersonate_prefix}"/lib/libcurl-impersonate-chrome.*.dylib /usr/local/curl-impersonate/lib/libcurl.dylib + Println "$tip 可能需要输入密码创建链接 ln -s ${curl_impersonate_prefix}/bin/curl-impersonate-chrome-config $AIOS_PREFIX/bin/curl-config" + sudo ln -s "${curl_impersonate_prefix}"/lib/libcurl-impersonate-chrome.*.dylib "$AIOS_PREFIX"/curl-impersonate/lib/libcurl.dylib fi - rm -f /usr/local/bin/curl-config - sudo ln -s "$curl_impersonate_prefix"/bin/curl-impersonate-chrome-config /usr/local/bin/curl-config + rm -f "$AIOS_PREFIX"/bin/curl-config + sudo ln -s "$curl_impersonate_prefix"/bin/curl-impersonate-chrome-config "$AIOS_PREFIX"/bin/curl-config npm run clean:dist npm install --force --build-from-source --unsafe-perm npm run build:dist - Println "$info 查看 $HOME/node-libcurl-impersonate/lib/binding/node_libcurl-impersonate.node\n可以这样使用 const { Curl, CurlFeature, CurlHttpVersion, CurlSslVersion } = require('$HOME/node-libcurl-impersonate/dist')\n详见 https://github.com/JCMais/node-libcurl/\n" + Println "$info 查看 "$DEPENDS_ROOT"/node-libcurl-impersonate/lib/binding/node_libcurl-impersonate.node\n可以这样使用 const { Curl, CurlFeature, CurlHttpVersion, CurlSslVersion } = require('$DEPENDS_ROOT/node-libcurl-impersonate/dist')\n详见 https://github.com/JCMais/node-libcurl/\n" } diff --git a/utils/ffmpeg b/utils/ffmpeg index bea7b59..9cf1992 100644 --- a/utils/ffmpeg +++ b/utils/ffmpeg @@ -23,8 +23,6 @@ FFmpegInstall() echo inquirer list_input_index "FFmpeg 开启 openvino, 开启时可能会安装失败" ny_options ny_options_index - BrewInstall - if [ "$ny_options_index" -eq 0 ] then if ! curl -s -L https://github.com/Homebrew/homebrew-core/raw/HEAD/Formula/f/ffmpeg.rb -- | grep -v openvino > "$HOME"/ffmpeg.rb diff --git a/utils/htpasswd b/utils/htpasswd index e8f0a84..d546bc7 100644 --- a/utils/htpasswd +++ b/utils/htpasswd @@ -7,7 +7,7 @@ HtpasswdInstall() if [ "$dist" == "mac" ] then - BrewInstall httpd + DepInstall httpd elif [ "$dist" == "rpm" ] then DepInstall httpd-tools diff --git a/utils/i18n b/utils/i18n index 9d2fe50..57de24d 100644 --- a/utils/i18n +++ b/utils/i18n @@ -242,10 +242,31 @@ if [ "$dist" == "mac" ] then TEXTDOMAINDIR=/usr/local/share/locale + BrewInstall + + ArchCheck + + if [ "$arch" == "arm64" ] + then + HOMEBREW_PREFIX="/opt/homebrew" + if [ "${add_homebrew_path:-false}" = true ] + then + echo 'eval "$(/opt/homebrew/bin/brew shellenv)"' >> ~/.zprofile + fi + if ! grep -q homebrew <<< "$PATH" + then + export PATH="/opt/homebrew/bin:$PATH" + fi + else + HOMEBREW_PREFIX="/usr/local" + fi + DepInstall gsed DepInstall gdate DepInstall ggrep + AIOS_PREFIX="$HOMEBREW_PREFIX" + sed() { gsed "$@" diff --git a/utils/mongodb b/utils/mongodb index 751cd10..d5366df 100644 --- a/utils/mongodb +++ b/utils/mongodb @@ -1,67 +1,112 @@ MongodbInstall() { + if [[ -x $(command -v mongod) ]] + then + return 0 + fi + DepsCheck - Println "$info 安装 mongodb, 请等待(国内可能无法安装)..." + if ! ResourceLimit + then + Println "$error 可能环境是 Unprivileged Container ?\n" + fi + + DepInstall curl + DepInstall ca-certificates - ResourceLimit + ArchCheck - if [ "$dist" == "rpm" ] + if [ "$arch" == "arm64" ] + then + arch_path="aarch64" + elif [ "$arch" == "x86_64" ] || [ "$arch" == "s390x" ] then - ArchCheck - if [ "$arch" == "arm64" ] - then - arch_path="aarch64" - elif [ "$arch" == "x86_64" ] || [ "$arch" == "s390x" ] - then - arch_path="$arch" - else - Println "$error 不支持当前系统\n" - exit 1 - fi + arch_path="$arch" + else + Println "$error 不支持当前系统\n" + return 1 + fi -cat > /etc/yum.repos.d/mongodb-org-4.4.repo < /dev/null + then + xcode-select --install + fi + brew tap mongodb/brew + brew install mongodb-community + brew services start mongodb-community + Println "$info mongodb 安装成功\n" + return 0 + ;; + rpm) + DepInstall yum-utils + if [ ! -f /etc/yum.repos.d/mongodb-org-7.0.repo ] + then + if grep -qi Amazon <<< "$ID" || grep -qi Amazon <<< "$NAME" + then +cat > /etc/yum.repos.d/mongodb-org-7.0.repo </dev/null 2>&1 - else - AptUpdate - - if ! wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | apt-key add - > /dev/null 2>&1 - then - apt-get -y install gnupg >/dev/null 2>&1 - wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | apt-key add - > /dev/null - fi - - if [ "$dist" == "ubu" ] - then - if grep -q "xenial" < "/etc/apt/sources.list" + else +cat > /etc/yum.repos.d/mongodb-org-7.0.repo </dev/null - apt-get install -y mongodb-org >/dev/null 2>&1 - fi + DepInstall lsb-release + DepInstall debian-archive-keyring + DepInstall gpg + if [ ! -f /etc/apt/sources.list.d/mongodb-org-7.0.list ] + then + curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | gpg --batch --yes --dearmor -o /usr/share/keyrings/mongodb-server-7.0.gpg + echo "deb [ signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] http://repo.mongodb.org/apt/debian \ + ${VERSION_CODENAME:-$UBUNTU_CODENAME}/mongodb-org/7.0 main" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list + sudo apt-get update + fi + sudo apt-get -y install mongodb-org + ;; + sles) + sudo zypper addrepo --gpgcheck "https://repo.mongodb.org/zypper/suse/${VERSION_ID%%.*}/mongodb-org/7.0/$arch_path/" mongodb + sudo zypper -n install mongodb-org + ;; + esac if [[ $(ps --no-headers -o comm 1) == "systemd" ]] then @@ -77,5 +122,5 @@ EOF service mongod start fi - Println "$info mongodb 安装成功" + Println "$info mongodb 安装成功\n" } diff --git a/utils/postgresql b/utils/postgresql index 8b0b809..cd865a3 100644 --- a/utils/postgresql +++ b/utils/postgresql @@ -79,7 +79,7 @@ PostgresqlInstall() ;; rpm) ArchCheck - . /etc/os-release + local repo_name="" if [ "$arch" == "arm64" ] then @@ -122,7 +122,6 @@ PostgresqlInstall() systemctl start postgresql.service ;; sles) - . /etc/os-release if [ "${VERSION_ID%%.*}" -eq 12 ] then SUSEConnect -p PackageHub/12/x86_64 diff --git a/utils/python b/utils/python index 00d8f41..216efea 100644 --- a/utils/python +++ b/utils/python @@ -26,9 +26,9 @@ PythonInstall() yum install -y gcc openssl-devel bzip2-devel libffi-devel >/dev/null 2>&1 echo -n "...50%..." cd ~ - wget --timeout=10 --tries=3 --no-check-certificate https://www.python.org/ftp/python/3.12.2/Python-3.12.2.tgz -qO Python-3.12.2.tgz - tar xzf Python-3.12.2.tgz - cd Python-3.12.2 + wget --timeout=10 --tries=3 --no-check-certificate https://www.python.org/ftp/python/3.12.3/Python-3.12.3.tgz -qO Python-3.12.3.tgz + tar xzf Python-3.12.3.tgz + cd Python-3.12.3 ./configure >/dev/null 2>&1 make >/dev/null 2>&1 make install >/dev/null 2>&1 diff --git a/utils/quictls b/utils/quictls new file mode 100644 index 0000000..2f8853d --- /dev/null +++ b/utils/quictls @@ -0,0 +1,87 @@ +QuictlsInstall() +{ + if [ -d "$DEPENDS_ROOT"/quictls/build ] + then + return 0 + fi + + GitInstall + + rm -rf "$DEPENDS_ROOT"/quictls + mkdir -p "$DEPENDS_ROOT" + + git clone "$QUICTLS_LINK" "$DEPENDS_ROOT"/quictls + + cd "$DEPENDS_ROOT"/quictls + + DepInstall ca-certificates + DepInstall perl + + unset OPENSSL_LOCAL_CONFIG_DIR + + args=( + --prefix="$DEPENDS_ROOT"/quictls/build + --openssldir="$DEPENDS_ROOT"/quictls/build/etc + --libdir=lib + ) + + ArchCheck + + if [ "$dist" == "mac" ] + then + export PERL="$HOMEBREW_PREFIX"/opt/perl/bin/perl + args+=( darwin64-${arch}-cc ) + else + case $arch in + x86_64) args+=( linux-x86_64 ) + ;; + i386) args+=( linux-elf ) + ;; + arm64) args+=( linux-aarch64 ) + ;; + arm*) args+=( linux-armv4 ) + ;; + *) Println "$error 不支持的架构 $arch\n"; return 1 + esac + + if [ "$dist" == "rpm" ] + then + . /etc/os-release + + case ${VERSION_ID%%.*} in + 9) + dnf config-manager --set-enabled crb + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + 8) + dnf config-manager --set-enabled powertools + dnf install -y epel-release + if dnf list epel-next-release &>/dev/null + then + dnf install -y epel-next-release + fi + ;; + 7) + yum install -y epel-release + ;; + *) Println "$error 不支持的系统版本\n"; return 1 + ;; + esac + + yum groupinstall -y 'Development Tools' + yum install -y glibc-devel lua-devel pcre-devel openssl-devel systemd-devel zlib-devel + else + sudo apt-get install -y gcc libc6-dev liblua5.4-dev libpcre3-dev libssl-dev libsystemd-dev make zlib1g-dev + fi + fi + + git checkout OpenSSL_1_1_1w+quic + mkdir -p build/etc + perl ./Configure "${args[@]}" + make + make install +} diff --git a/utils/system b/utils/system index 1e66946..d22b480 100644 --- a/utils/system +++ b/utils/system @@ -108,6 +108,8 @@ EOF fi deb_fix=0 + sed -i '/deb_fix=/d' "$i18n_FILE" + printf "deb_fix=%s" "$deb_fix" >> "$i18n_FILE" fi } @@ -115,6 +117,7 @@ AptUpdate() { if [ "${apt_updated:-false}" = false ] then + Println "$info 更新软件包列表..." apt-get update --allow-releaseinfo-change >/dev/null apt_updated=true fi @@ -122,11 +125,12 @@ AptUpdate() BrewInstall() { - if [[ ! -x $(command -v brew) ]] + if [[ ! -x $(command -v brew) ]] then + Println "${green}[info]${normal} 安装 Homebrew ...\n" if ! curl -s -S -Lm 20 https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh | bash then - Println "${green}[info]${normal} 尝试更换国内源...\n" + Println "${green}[info]${normal} 尝试更换国内源 ...\n" export HOMEBREW_BREW_GIT_REMOTE="https://mirrors.ustc.edu.cn/brew.git" export HOMEBREW_CORE_GIT_REMOTE="https://mirrors.ustc.edu.cn/homebrew-core.git" @@ -136,12 +140,11 @@ BrewInstall() if ! curl -s -S -Lm 20 https://mirrors.ustc.edu.cn/misc/brew-install.sh | bash then Println "${green}[ERROR]${normal} 无法安装 Homebrew\n" - exit 1 + return 1 fi - - export HOMEBREW_BREW_GIT_REMOTE="https://mirrors.ustc.edu.cn/brew.git" - brew update >/dev/null 2>&1 fi + brew update >/dev/null 2>&1 + add_homebrew_path=true fi } @@ -157,8 +160,6 @@ DepInstall() if [ "$dist" == "mac" ] then - BrewInstall - if [ "$dependency" == "gsed" ] then dependency=gnu-sed @@ -170,12 +171,15 @@ DepInstall() dependency=grep fi - if brew install $dependency >/dev/null 2>&1 + if ! brew list $dependency &>/dev/null then - Println "${green}[INFO]${normal} $dependency installation succeed..." - else - Println "${green}[ERROR]${normal} $dependency installation failed...\n" - exit 1 + if brew install $dependency &>/dev/null + then + Println "${green}[INFO]${normal} $dependency installation succeed..." + else + Println "${green}[ERROR]${normal} $dependency installation failed...\n" + return 1 + fi fi elif [ "$dist" == "rpm" ] then @@ -184,12 +188,15 @@ DepInstall() setenforce 0 fi - if yum -y install $dependency >/dev/null 2>&1 + if ! rpm -q $dependency &>/dev/null then - Println "${green}[INFO]${normal} $dependency installation succeed..." - else - Println "${green}[ERROR]${normal} $dependency installation failed...\n" - exit 1 + if yum -y install $dependency &>/dev/null + then + Println "${green}[INFO]${normal} $dependency installation succeed..." + else + Println "${green}[ERROR]${normal} $dependency installation failed...\n" + return 1 + fi fi else if [ "$dist" == "deb" ] @@ -197,38 +204,39 @@ DepInstall() DebFixSources fi - AptUpdate - - if apt-get -y install $dependency >/dev/null 2>&1 + if ! dpkg -s $dependency &>/dev/null then - Println "${green}[INFO]${normal} $dependency installation succeed..." - else - Println "${green}[ERROR]${normal} $dependency installation failed...\n" - exit 1 + AptUpdate + if apt-get -y install $dependency &>/dev/null + then + Println "${green}[INFO]${normal} $dependency installation succeed..." + else + Println "${green}[ERROR]${normal} $dependency installation failed...\n" + return 1 + fi fi fi return 0 fi - Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" - if [ "$dist" == "mac" ] then - BrewInstall - - if [ "$dependency" == "brew" ] + if [ "$dependency" == "tput" ] then - Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" - return 0 + dependency="ncurses" fi - if brew install $dependency >/dev/null 2>&1 + if ! brew list $dependency &>/dev/null then - Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" - else - Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" - exit 1 + Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" + if brew install $dependency >/dev/null 2>&1 + then + Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" + else + Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" + return 1 + fi fi elif [ "$dist" == "rpm" ] then @@ -240,14 +248,27 @@ DepInstall() if [ "$dependency" == "dig" ] then dependency="bind-utils" + elif [ "$dependency" == "hexdump" ] + then + dependency="util-linux" + elif [ "$dependency" == "ss" ] + then + dependency="iproute" + elif [ "$dependency" == "tput" ] + then + dependency="ncurses" fi - if yum -y install $dependency >/dev/null 2>&1 + if ! rpm -q $dependency &>/dev/null then - Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" - else - Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" - exit 1 + Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" + if yum -y install $dependency >/dev/null 2>&1 + then + Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" + else + Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" + return 1 + fi fi else if [ "$dist" == "deb" ] @@ -255,19 +276,31 @@ DepInstall() DebFixSources fi - AptUpdate - if [ "$dependency" == "dig" ] then dependency="dnsutils" + elif [ "$dependency" == "hexdump" ] + then + dependency="bsdmainutils" + elif [ "$dependency" == "ss" ] + then + dependency="iproute2" + elif [ "$dependency" == "tput" ] + then + dependency="ncurses-bin" fi - if apt-get -y install $1 >/dev/null 2>&1 + if ! dpkg -s $dependency &>/dev/null then - Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" - else - Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" - exit 1 + AptUpdate + Println "`eval_gettext \"\\\$info 安装 \\\$dependency, 请稍等...\"`" + if apt-get -y install $1 >/dev/null 2>&1 + then + Println "`eval_gettext \"\\\$info \\\$dependency 安装成功\"`" + else + Println "`eval_gettext \"\\\$error \\\$dependency 安装失败\"`\n" + return 1 + fi fi fi } @@ -290,18 +323,19 @@ DepsInstall() { if [ "$dist" == "mac" ] then - depends=(wget unzip vim curl patch) + depends=(wget unzip vim curl patchutils) for depend in "${depends[@]}" do - if [[ ! -x $(command -v "$depend") ]] + [[ -x $(command -v $depend) ]] && continue + if ! brew list "$depend" &> /dev/null then if brew install "$depend" >/dev/null 2>&1 then Println "`eval_gettext \"\\\$info 依赖 \\\$depend 安装成功\"`" else Println "`eval_gettext \"\\\$error 依赖 \\\$depend 安装失败\"`\n" - exit 1 + return 1 fi fi done @@ -312,38 +346,30 @@ DepsInstall() setenforce 0 fi - depends=(sudo wget unzip vim curl crond logrotate patch nscd) + depends=(sudo wget unzip vim curl crond logrotate patch nscd bind-utils util-linux iproute ncurses) - if [[ ! -x $(command -v dig) ]] + if [ "${rpm_fix:-1}" -eq 1 ] then - depends+=(bind-utils) - fi - - if [[ ! -x $(command -v hexdump) ]] - then - depends+=(util-linux) - fi - - if [[ ! -x $(command -v ss) ]] - then - depends+=(iproute) + yum -y update ca-certificates &> /dev/null || yum -y reinstall ca-certificates &> /dev/null + rpm_fix=0 + sed -i '/rpm_fix=/d' "$i18n_FILE" + printf "rpm_fix=%s" "$rpm_fix" >> "$i18n_FILE" fi for depend in "${depends[@]}" do - if [[ ! -x $(command -v "$depend") ]] + [[ -x $(command -v $depend) ]] && continue + if ! rpm -q "$depend" &> /dev/null then - if yum -y install "$depend" >/dev/null 2>&1 + if yum -y install "$depend" &> /dev/null then Println "`eval_gettext \"\\\$info 依赖 \\\$depend 安装成功\"`" else Println "`eval_gettext \"\\\$error 依赖 \\\$depend 安装失败\"`\n" - exit 1 + return 1 fi fi done - - yum -y update ca-certificates >/dev/null 2>&1 || yum -y reinstall ca-certificates >/dev/null 2>&1 else if [ "$dist" == "deb" ] then @@ -352,30 +378,19 @@ DepsInstall() AptUpdate - apt-get -y install ca-certificates >/dev/null 2>&1 - - depends=(sudo wget unzip vim curl cron ufw python3 logrotate patch nscd) - - if [[ ! -x $(command -v dig) ]] - then - depends+=(dnsutils) - fi - - if [[ ! -x $(command -v hexdump) ]] - then - depends+=(bsdmainutils) - fi + depends=(ca-certificates sudo wget unzip vim curl cron ufw python3 logrotate patch nscd dnsutils bsdmainutils ncurses-bin) for depend in "${depends[@]}" do - if [[ ! -x $(command -v "$depend") ]] + [[ -x $(command -v $depend) ]] && continue + if ! dpkg -s "$depend" &> /dev/null then - if apt-get -y install "$depend" >/dev/null 2>&1 + if apt-get -y install "$depend" &> /dev/null then Println "`eval_gettext \"\\\$info 依赖 \\\$depend 安装成功\"`" else Println "`eval_gettext \"\\\$error 依赖 \\\$depend 安装失败\"`\n" - exit 1 + return 1 fi fi done @@ -384,6 +399,11 @@ DepsInstall() ResourceLimit() { + if [ "$dist" == "mac" ] + then + return 0 + fi + if [ ! -e /proc/sys/fs/file-max ] then echo 65536 > /proc/sys/fs/file-max