done
parent
3af7279514
commit
804ca98cec
97
99nginx.sh
97
99nginx.sh
|
@ -59,8 +59,8 @@ echo -e "
|
||||||
read -p "请输入括号里的代号:" mplsdh
|
read -p "请输入括号里的代号:" mplsdh
|
||||||
if [ "$aNum" = "1" ];then
|
if [ "$aNum" = "1" ];then
|
||||||
rm -rf /etc/nginx/nginx.conf
|
rm -rf /etc/nginx/nginx.conf
|
||||||
wget -N --no-check-certificate -P /etc/nginx/ "https://h5ai.98yys.pw/99/$mplsdh/luodi/nginx.txt"
|
wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/client/nginx.txt"
|
||||||
wget -N --no-check-certificate -P /etc/nginx/ssl "https://h5ai.98yys.pw/99/${mplsdh}/luodi/ca1.crt"
|
wget -N --no-check-certificate -P /etc/nginx/ssl "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/client/ca1.crt"
|
||||||
wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf"
|
wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf"
|
||||||
nginx_rows=`wc -l /etc/nginx/nginx.txt | awk '{print $1}'`
|
nginx_rows=`wc -l /etc/nginx/nginx.txt | awk '{print $1}'`
|
||||||
echo -e "
|
echo -e "
|
||||||
|
@ -94,8 +94,8 @@ server {
|
||||||
done
|
done
|
||||||
elif [ "$aNum" = "2" ];then
|
elif [ "$aNum" = "2" ];then
|
||||||
rm -rf /etc/nginx/nginx.conf
|
rm -rf /etc/nginx/nginx.conf
|
||||||
wget -N --no-check-certificate -P /etc/nginx/ "https://h5ai.98yys.pw/99/$mplsdh/zhongzhuan/nginx.txt"
|
wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/server/nginx.txt"
|
||||||
wget -N --no-check-certificate -P /etc/nginx/ssl "https://h5ai.98yys.pw/99/${mplsdh}/zhongzhuan/ca1.crt"
|
wget -N --no-check-certificate -P /etc/nginx/ssl "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/server/ca1.crt"
|
||||||
wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf"
|
wget -N --no-check-certificate -P /etc/nginx/ "https://git.igewu.org/yanglc/tunnel/raw/branch/main/nginx.conf"
|
||||||
nginx_rows=`wc -l /etc/nginx/nginx.txt | awk '{print $1}'`
|
nginx_rows=`wc -l /etc/nginx/nginx.txt | awk '{print $1}'`
|
||||||
echo -e "
|
echo -e "
|
||||||
|
@ -141,9 +141,9 @@ systemctl restart nginx
|
||||||
|
|
||||||
wireguard_conf(){
|
wireguard_conf(){
|
||||||
if [ "$aNum" = "1" ];then
|
if [ "$aNum" = "1" ];then
|
||||||
wget -N --no-check-certificate -P /etc/wireguard "https://h5ai.98yys.pw/99/${mplsdh}/luodi/wg0.conf"
|
wget -N --no-check-certificate -P /etc/wireguard "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/client/wg0.conf"
|
||||||
elif [ "$aNum" = "2" ];then
|
elif [ "$aNum" = "2" ];then
|
||||||
wget -N --no-check-certificate -P /etc/wireguard "https://h5ai.98yys.pw/99/${mplsdh}/zhongzhuan/wg0.conf"
|
wget -N --no-check-certificate -P /etc/wireguard "https://git.igewu.org/yanglc/tunnel/raw/branch/main/$mplsdh/server/wg0.conf"
|
||||||
fi
|
fi
|
||||||
wg-quick down wg0
|
wg-quick down wg0
|
||||||
wg-quick up wg0
|
wg-quick up wg0
|
||||||
|
@ -187,7 +187,7 @@ apt-get purge ufw
|
||||||
create_ssl(){
|
create_ssl(){
|
||||||
mkdir -p /etc/nginx/ssl
|
mkdir -p /etc/nginx/ssl
|
||||||
cd /etc/nginx/ssl
|
cd /etc/nginx/ssl
|
||||||
servername=`curl -s http://ipv4.icanhazip.com`
|
servername=`curl -s https://ip.nekocat.cn`
|
||||||
cat > my-openssl.cnf << EOF
|
cat > my-openssl.cnf << EOF
|
||||||
[ ca ]
|
[ ca ]
|
||||||
default_ca = CA_default
|
default_ca = CA_default
|
||||||
|
@ -217,7 +217,7 @@ openssl genrsa -out ca.key 2048
|
||||||
openssl req -x509 -new -nodes -key ca.key -subj "/CN=${servername}" -days 5000 -out ca.crt
|
openssl req -x509 -new -nodes -key ca.key -subj "/CN=${servername}" -days 5000 -out ca.crt
|
||||||
openssl genrsa -out server.key 2048
|
openssl genrsa -out server.key 2048
|
||||||
openssl req -new -sha256 -key server.key \
|
openssl req -new -sha256 -key server.key \
|
||||||
-subj "/C=CN/ST=lj/L=lj/O=ljfxz/CN=${servername}" \
|
-subj "/C=CN/ST=yanglc/L=yanglc/O=mymisaka/CN=${servername}" \
|
||||||
-reqexts SAN \
|
-reqexts SAN \
|
||||||
-config <(cat my-openssl.cnf <(printf "\n[SAN]\nsubjectAltName=DNS:${servername},IP:${servername}")) \
|
-config <(cat my-openssl.cnf <(printf "\n[SAN]\nsubjectAltName=DNS:${servername},IP:${servername}")) \
|
||||||
-out server.csr
|
-out server.csr
|
||||||
|
@ -232,76 +232,11 @@ install_kernel(){
|
||||||
wget -N --no-check-certificate "https://git.igewu.org/yanglc/tunnel/raw/branch/main/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
|
wget -N --no-check-certificate "https://git.igewu.org/yanglc/tunnel/raw/branch/main/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
|
||||||
}
|
}
|
||||||
|
|
||||||
install_v2ray(){
|
get_ip(){
|
||||||
bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/soga/master/install.sh)
|
ehco -e "你的ipv6地址是:"
|
||||||
rm -rf /etc/soga/soga.conf
|
curl -6 ip.nekocat.cn
|
||||||
read -p "输入对接域名(例如www.baidu.com):" ym
|
ehco -e "你的ipv4地址是:"
|
||||||
read -p "输入节点id:" nodeid
|
curl -4 ip.nekocat.cn
|
||||||
read -p "输入mukey:" mukey
|
|
||||||
read -p "输入soga授权码:" sogakey
|
|
||||||
echo "
|
|
||||||
# 基础配置
|
|
||||||
type=sspanel-uim
|
|
||||||
server_type=v2ray
|
|
||||||
node_id=${nodeid}
|
|
||||||
soga_key=${sogakey}
|
|
||||||
|
|
||||||
# webapi 或 db 对接任选一个
|
|
||||||
api=webapi
|
|
||||||
|
|
||||||
# webapi 对接信息
|
|
||||||
webapi_url=https://${ym}
|
|
||||||
webapi_key=${mukey}
|
|
||||||
|
|
||||||
# db 对接信息
|
|
||||||
db_host=
|
|
||||||
db_port=
|
|
||||||
db_name=
|
|
||||||
db_user=
|
|
||||||
db_password=
|
|
||||||
|
|
||||||
# 手动证书配置
|
|
||||||
cert_file=
|
|
||||||
key_file=
|
|
||||||
|
|
||||||
# 自动证书配置
|
|
||||||
cert_mode=
|
|
||||||
cert_domain=
|
|
||||||
cert_key_length=ec-256
|
|
||||||
dns_provider=
|
|
||||||
|
|
||||||
# dns 配置
|
|
||||||
default_dns=
|
|
||||||
dns_cache_time=10
|
|
||||||
dns_strategy=ipv4_first
|
|
||||||
|
|
||||||
# v2ray 特殊配置
|
|
||||||
v2ray_reduce_memory=false
|
|
||||||
vless=false
|
|
||||||
vless_flow=
|
|
||||||
|
|
||||||
# proxy protocol 中转配置
|
|
||||||
proxy_protocol=false
|
|
||||||
|
|
||||||
# 全局限制用户 IP 数配置
|
|
||||||
redis_enable=false
|
|
||||||
redis_addr=
|
|
||||||
redis_password=
|
|
||||||
redis_db=0
|
|
||||||
conn_limit_expiry=60
|
|
||||||
|
|
||||||
# 其它杂项
|
|
||||||
user_conn_limit=0
|
|
||||||
user_speed_limit=0
|
|
||||||
node_speed_limit=0
|
|
||||||
check_interval=60
|
|
||||||
force_close_ssl=false
|
|
||||||
forbidden_bit_torrent=true
|
|
||||||
log_level=info
|
|
||||||
|
|
||||||
# 更多配置项如有需要自行添加
|
|
||||||
" > /etc/soga/soga.conf
|
|
||||||
soga restart
|
|
||||||
}
|
}
|
||||||
|
|
||||||
manage_nginx(){
|
manage_nginx(){
|
||||||
|
@ -330,7 +265,7 @@ clear
|
||||||
echo -e "
|
echo -e "
|
||||||
${GREEN} 1.安装隧道工具
|
${GREEN} 1.安装隧道工具
|
||||||
${GREEN} 2.获取隧道配置
|
${GREEN} 2.获取隧道配置
|
||||||
${GREEN} 3.对接v2ray
|
${GREEN} 3.查看当前ip
|
||||||
${GREEN} 4.删除防火墙
|
${GREEN} 4.删除防火墙
|
||||||
${GREEN} 5.管理隧道
|
${GREEN} 5.管理隧道
|
||||||
${GREEN} 6.自签ssl
|
${GREEN} 6.自签ssl
|
||||||
|
@ -344,8 +279,8 @@ case "$num" in
|
||||||
2)
|
2)
|
||||||
nginx_conf
|
nginx_conf
|
||||||
;;
|
;;
|
||||||
3)
|
3)
|
||||||
install_v2ray
|
get_ip
|
||||||
;;
|
;;
|
||||||
4)
|
4)
|
||||||
delete_firewall
|
delete_firewall
|
||||||
|
|
|
@ -2,4 +2,6 @@
|
||||||
一个自用隧道
|
一个自用隧道
|
||||||
|
|
||||||
#server为中转机配置
|
#server为中转机配置
|
||||||
|
nginx.txt格式为 中转机 端口 落地机 端口 本地wgip
|
||||||
#client为落地机配置
|
#client为落地机配置
|
||||||
|
nginx.txt格式为 落地机 端口 服务ip 端口 本地wgip
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
[2401:5a0:1000:11::a] 36890 127.0.0.1 17826
|
|
@ -5,5 +5,5 @@ Address = 10.10.7.2/32
|
||||||
[Peer]
|
[Peer]
|
||||||
PublicKey = AUeWgJQ+Kx8METeyNE1tVVwmH7yjwxW5ll/E+TkNOUQ=
|
PublicKey = AUeWgJQ+Kx8METeyNE1tVVwmH7yjwxW5ll/E+TkNOUQ=
|
||||||
AllowedIPs = 10.10.7.1
|
AllowedIPs = 10.10.7.1
|
||||||
Endpoint = 223.113.130.51:15791
|
Endpoint = [2409:8754:c10:2005::1c2]:15791
|
||||||
PersistentKeepalive = 10
|
PersistentKeepalive = 10
|
|
@ -0,0 +1 @@
|
||||||
|
[2409:8754:c10:2005::1c2] 36890 [2401:5a0:1000:11::a] 36890 10.10.7.2
|
Loading…
Reference in New Issue