From 804ca98ceca53a3e6e1d9ed274a66fe5d7f05b02 Mon Sep 17 00:00:00 2001 From: yanglc Date: Tue, 16 Jan 2024 23:09:44 +0800 Subject: [PATCH] done --- 99nginx.sh | 97 +++++++--------------------------------- README.md | 4 +- tunnel1/client/nginx.txt | 1 + tunnel1/client/wg0.conf | 2 +- tunnel1/server/nginx.txt | 1 + 5 files changed, 22 insertions(+), 83 deletions(-) diff --git a/99nginx.sh b/99nginx.sh index 72cc4ba..7833ba7 100644 --- a/99nginx.sh +++ b/99nginx.sh @@ -59,8 +59,8 @@ echo -e " read -p "请输入括号里的代号:" mplsdh if [ "$aNum" = "1" ];then rm -rf /etc/nginx/nginx.conf -wget -N --no-check-certificate -P /etc/nginx/ "https://h5ai.98yys.pw/99/$mplsdh/luodi/nginx.txt" -wget -N --no-check-certificate -P /etc/nginx/ssl "https://h5ai.98yys.pw/99/${mplsdh}/luodi/ca1.crt" +wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/client/nginx.txt" +wget -N --no-check-certificate -P /etc/nginx/ssl "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/client/ca1.crt" wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf" nginx_rows=`wc -l /etc/nginx/nginx.txt | awk '{print $1}'` echo -e " @@ -94,8 +94,8 @@ server { done elif [ "$aNum" = "2" ];then rm -rf /etc/nginx/nginx.conf -wget -N --no-check-certificate -P /etc/nginx/ "https://h5ai.98yys.pw/99/$mplsdh/zhongzhuan/nginx.txt" -wget -N --no-check-certificate -P /etc/nginx/ssl "https://h5ai.98yys.pw/99/${mplsdh}/zhongzhuan/ca1.crt" +wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/server/nginx.txt" +wget -N --no-check-certificate -P /etc/nginx/ssl "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/server/ca1.crt" wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf" nginx_rows=`wc -l /etc/nginx/nginx.txt | awk '{print $1}'` echo -e " @@ -141,9 +141,9 @@ systemctl restart nginx wireguard_conf(){ if [ "$aNum" = "1" ];then -wget -N --no-check-certificate -P /etc/wireguard "https://h5ai.98yys.pw/99/${mplsdh}/luodi/wg0.conf" +wget -N --no-check-certificate -P /etc/wireguard "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/client/wg0.conf" elif [ "$aNum" = "2" ];then -wget -N --no-check-certificate -P /etc/wireguard "https://h5ai.98yys.pw/99/${mplsdh}/zhongzhuan/wg0.conf" +wget -N --no-check-certificate -P /etc/wireguard "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/server/wg0.conf" fi wg-quick down wg0 wg-quick up wg0 @@ -187,7 +187,7 @@ apt-get purge ufw create_ssl(){ mkdir -p /etc/nginx/ssl cd /etc/nginx/ssl -servername=`curl -s http://ipv4.icanhazip.com` +servername=`curl -s https://ip.nekocat.cn` cat > my-openssl.cnf << EOF [ ca ] default_ca = CA_default @@ -217,7 +217,7 @@ openssl genrsa -out ca.key 2048 openssl req -x509 -new -nodes -key ca.key -subj "/CN=${servername}" -days 5000 -out ca.crt openssl genrsa -out server.key 2048 openssl req -new -sha256 -key server.key \ - -subj "/C=CN/ST=lj/L=lj/O=ljfxz/CN=${servername}" \ + -subj "/C=CN/ST=yanglc/L=yanglc/O=mymisaka/CN=${servername}" \ -reqexts SAN \ -config <(cat my-openssl.cnf <(printf "\n[SAN]\nsubjectAltName=DNS:${servername},IP:${servername}")) \ -out server.csr @@ -232,76 +232,11 @@ install_kernel(){ wget -N --no-check-certificate "https://git.igewu.org/yanglc/tunnel/raw/branch/main/tcp.sh" && chmod +x tcp.sh && ./tcp.sh } -install_v2ray(){ -bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/soga/master/install.sh) -rm -rf /etc/soga/soga.conf -read -p "输入对接域名(例如www.baidu.com):" ym -read -p "输入节点id:" nodeid -read -p "输入mukey:" mukey -read -p "输入soga授权码:" sogakey -echo " -# 基础配置 -type=sspanel-uim -server_type=v2ray -node_id=${nodeid} -soga_key=${sogakey} - -# webapi 或 db 对接任选一个 -api=webapi - -# webapi 对接信息 -webapi_url=https://${ym} -webapi_key=${mukey} - -# db 对接信息 -db_host= -db_port= -db_name= -db_user= -db_password= - -# 手动证书配置 -cert_file= -key_file= - -# 自动证书配置 -cert_mode= -cert_domain= -cert_key_length=ec-256 -dns_provider= - -# dns 配置 -default_dns= -dns_cache_time=10 -dns_strategy=ipv4_first - -# v2ray 特殊配置 -v2ray_reduce_memory=false -vless=false -vless_flow= - -# proxy protocol 中转配置 -proxy_protocol=false - -# 全局限制用户 IP 数配置 -redis_enable=false -redis_addr= -redis_password= -redis_db=0 -conn_limit_expiry=60 - -# 其它杂项 -user_conn_limit=0 -user_speed_limit=0 -node_speed_limit=0 -check_interval=60 -force_close_ssl=false -forbidden_bit_torrent=true -log_level=info - -# 更多配置项如有需要自行添加 -" > /etc/soga/soga.conf -soga restart +get_ip(){ +ehco -e "你的ipv6地址是:" +curl -6 ip.nekocat.cn +ehco -e "你的ipv4地址是:" +curl -4 ip.nekocat.cn } manage_nginx(){ @@ -330,7 +265,7 @@ clear echo -e " ${GREEN} 1.安装隧道工具 ${GREEN} 2.获取隧道配置 - ${GREEN} 3.对接v2ray + ${GREEN} 3.查看当前ip ${GREEN} 4.删除防火墙 ${GREEN} 5.管理隧道 ${GREEN} 6.自签ssl @@ -344,8 +279,8 @@ case "$num" in 2) nginx_conf ;; - 3) - install_v2ray + 3) + get_ip ;; 4) delete_firewall diff --git a/README.md b/README.md index 72a7d77..3a89964 100644 --- a/README.md +++ b/README.md @@ -2,4 +2,6 @@ 一个自用隧道 #server为中转机配置 -#client为落地机配置 \ No newline at end of file +nginx.txt格式为 中转机 端口 落地机 端口 本地wgip +#client为落地机配置 +nginx.txt格式为 落地机 端口 服务ip 端口 本地wgip diff --git a/tunnel1/client/nginx.txt b/tunnel1/client/nginx.txt index e69de29..977a602 100644 --- a/tunnel1/client/nginx.txt +++ b/tunnel1/client/nginx.txt @@ -0,0 +1 @@ +[2401:5a0:1000:11::a] 36890 127.0.0.1 17826 \ No newline at end of file diff --git a/tunnel1/client/wg0.conf b/tunnel1/client/wg0.conf index 61ae55c..fe9ee84 100644 --- a/tunnel1/client/wg0.conf +++ b/tunnel1/client/wg0.conf @@ -5,5 +5,5 @@ Address = 10.10.7.2/32 [Peer] PublicKey = AUeWgJQ+Kx8METeyNE1tVVwmH7yjwxW5ll/E+TkNOUQ= AllowedIPs = 10.10.7.1 -Endpoint = 223.113.130.51:15791 +Endpoint = [2409:8754:c10:2005::1c2]:15791 PersistentKeepalive = 10 \ No newline at end of file diff --git a/tunnel1/server/nginx.txt b/tunnel1/server/nginx.txt index e69de29..bf46cf7 100644 --- a/tunnel1/server/nginx.txt +++ b/tunnel1/server/nginx.txt @@ -0,0 +1 @@ +[2409:8754:c10:2005::1c2] 36890 [2401:5a0:1000:11::a] 36890 10.10.7.2 \ No newline at end of file