diff --git a/ru b/ru index c22213b..5741c21 100644 --- a/ru +++ b/ru @@ -1,26 +1,40 @@ #!/bin/bash -set -e # 出现任何错误立即退出 +set -e -echo "🚀 RustDesk 服务器一键部署脚本 (跨VPS统一密钥版)" -echo "==========================================================" +echo "🚀 RustDesk 服务器一键部署脚本 (优化版)" +echo "========================================" -# 检查 Docker 是否安装 +# 检查 Docker if ! command -v docker &> /dev/null; then - echo "❌ Docker 未安装,请先安装 Docker" - exit 1 + echo "❌ Docker 未安装,正在安装 Docker..." + curl -fsSL https://get.docker.com | sh + systemctl start docker + systemctl enable docker fi -# 检查 Docker Compose 是否可用 -if ! command -v docker-compose &> /dev/null && ! docker compose version &> /dev/null; then - echo "❌ Docker Compose 不可用,请先安装 Docker Compose" - exit 1 -fi +# 设置 Docker 镜像加速器 +echo "🔧 配置 Docker 镜像加速..." +mkdir -p /etc/docker +cat > /etc/docker/daemon.json << EOF +{ + "registry-mirrors": [ + "https://docker.mirrors.ustc.edu.cn", + "https://hub-mirror.c.163.com", + "https://registry.docker-cn.com" + ] +} +EOF +systemctl daemon-reload +systemctl restart docker -# 使用 docker compose(新版本)或 docker-compose(旧版本) -DOCKER_COMPOSE_CMD="docker-compose" -if command -v docker &> /dev/null && docker compose version &> /dev/null; then - DOCKER_COMPOSE_CMD="docker compose" +# 检查 Docker Compose +DOCKER_COMPOSE_CMD="docker compose" +if ! command -v docker &> /dev/null || ! docker compose version &> /dev/null; then + echo "📥 安装 Docker Compose..." + curl -L "https://github.com/docker/compose/releases/download/v2.24.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose + chmod +x /usr/local/bin/docker-compose + DOCKER_COMPOSE_CMD="docker-compose" fi # 创建工作目录 @@ -32,15 +46,15 @@ echo "📁 工作目录: $(pwd)" echo "🔄 清理现有服务..." $DOCKER_COMPOSE_CMD down --remove-orphans 2>/dev/null || true -# 创建必要的目录结构 +# 创建目录结构 mkdir -p data/keys data/db -# 设置统一的固定密钥(跨VPS保持一致) +# 统一密钥配置 UNIFIED_PRIVATE_KEY="MC4CAQAwBQYDK2VwBCIEIAE8qD6H5JkG9T5s8s7XaYz1UvP6wQ3rN2tLbKj1mG" UNIFIED_PUBLIC_KEY="MCowBQYDK2VwAyEA2Q1Dp4q8q5V7s9kLx2mBwT3zN8rR6vY1zUj5tKfE=" UNIFIED_KEY_FINGERPRINT="2Q1Dp4q8q5V7s9kLx2mBwT3zN8rR6vY1zUj5tKfE=" -# 生成统一的密钥文件 +# 生成密钥文件 echo "🔑 生成统一密钥..." cat > data/keys/id_ed25519 << EOF -----BEGIN PRIVATE KEY----- @@ -54,200 +68,95 @@ $UNIFIED_PUBLIC_KEY -----END PUBLIC KEY----- EOF -# 设置正确的权限 chmod 600 data/keys/id_ed25519 chmod 644 data/keys/id_ed25519.pub # 检测公网 IP echo "🌐 检测服务器公网 IP..." -PUBLIC_IP="" -IP_SERVICES=( - "http://ipinfo.io/ip" - "http://ifconfig.me" - "http://icanhazip.com" - "http://ident.me" -) +PUBLIC_IP=$(curl -s --connect-timeout 5 http://ipinfo.io/ip || hostname -I | awk '{print $1}') +echo "✅ 服务器 IP: $PUBLIC_IP" -for service in "${IP_SERVICES[@]}"; do - if PUBLIC_IP=$(curl -s --connect-timeout 3 "$service"); then - if [[ "$PUBLIC_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - echo "✅ 从 $service 获取到 IP: $PUBLIC_IP" - break - fi - fi -done - -# 如果通过服务获取失败,使用本地IP -if [[ -z "$PUBLIC_IP" || ! "$PUBLIC_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - PUBLIC_IP=$(hostname -I | awk '{print $1}') - echo "⚠️ 使用本地 IP: $PUBLIC_IP" -fi - -# 生成随机管理员密码 +# 生成管理员密码 ADMIN_PASSWORD=$(openssl rand -base64 12 2>/dev/null || date +%s | sha256sum | base64 | head -c 12) -echo "🔐 生成管理员密码: $ADMIN_PASSWORD" -# 创建环境配置文件 +# 创建环境配置 cat > .env << EOF -# RustDesk 服务器配置 -RELAY_SERVER=$PUBLIC_IP PUBLIC_IP=$PUBLIC_IP UNIFIED_KEY=$UNIFIED_KEY_FINGERPRINT ADMIN_PASSWORD=$ADMIN_PASSWORD TIMEZONE=Asia/Shanghai - -# 安全配置 ENCRYPTED_ONLY=1 MUST_LOGIN=y - -# API 配置 -API_PORT=21114 -WEB_CLIENT_PORT=21115 -ID_SERVER_PORT=21116 -RELAY_PORT=21117 -WS_PORT=21118 EOF -# 创建 Docker Compose 配置 -cat > docker-compose.yml << EOF -version: '3.8' - +# 创建 Docker Compose 配置(修复版本警告) +cat > docker-compose.yml << 'EOF' services: rustdesk-server: container_name: rustdesk-server image: lejianwen/rustdesk-server-s6:latest ports: - - "\${API_PORT}:21114" # API 管理界面 - - "\${WEB_CLIENT_PORT}:21115" # 网页客户端 - - "\${ID_SERVER_PORT}:21116" # ID 服务器 (TCP) - - "\${ID_SERVER_PORT}:21116/udp" # ID 服务器 (UDP) - - "\${RELAY_PORT}:21117" # 中继服务器 - - "\${WS_PORT}:21118" # WebSocket - - "21119:21119" # 备用端口 + - "21114:21114" # API 管理界面 + - "21115:21115" # 网页客户端 + - "21116:21116" # ID 服务器 (TCP) + - "21116:21116/udp" + - "21117:21117" # 中继服务器 + - "21118:21118" # WebSocket + - "21119:21119" # 备用端口 environment: - # 网络配置 - - RELAY=\${RELAY_SERVER} - - PUBLIC_IP=\${PUBLIC_IP} - - # 安全配置 - - ENCRYPTED_ONLY=\${ENCRYPTED_ONLY} - - MUST_LOGIN=\${MUST_LOGIN} - - FIXED_KEY=\${UNIFIED_KEY} - - # API 配置 - - RUSTDESK_API_RUSTDESK_ID_SERVER=\${PUBLIC_IP}:\${ID_SERVER_PORT} - - RUSTDESK_API_RUSTDESK_RELAY_SERVER=\${PUBLIC_IP}:\${RELAY_PORT} - - RUSTDESK_API_RUSTDESK_API_SERVER=http://\${PUBLIC_IP}:\${API_PORT} - - RUSTDESK_API_RUSTDESK_KEY=\${UNIFIED_KEY} + - RELAY=${PUBLIC_IP} + - PUBLIC_IP=${PUBLIC_IP} + - ENCRYPTED_ONLY=${ENCRYPTED_ONLY} + - MUST_LOGIN=${MUST_LOGIN} + - FIXED_KEY=${UNIFIED_KEY} + - RUSTDESK_API_RUSTDESK_ID_SERVER=${PUBLIC_IP}:21116 + - RUSTDESK_API_RUSTDESK_RELAY_SERVER=${PUBLIC_IP}:21117 + - RUSTDESK_API_RUSTDESK_API_SERVER=http://${PUBLIC_IP}:21114 + - RUSTDESK_API_RUSTDESK_KEY=${UNIFIED_KEY} - RUSTDESK_API_RUSTDESK_KEY_FILE=/root/keys/id_ed25519.pub - - RUSTDESK_API_JWT_KEY=\${UNIFIED_KEY} - - # 网页客户端配置 + - RUSTDESK_API_JWT_KEY=${UNIFIED_KEY} - RUSTDESK_API_APP_WEB_CLIENT=1 - RUSTDESK_API_APP_REGISTER=false - - RUSTDESK_API_APP_CAPTCHA_THRESHOLD=-1 - - RUSTDESK_API_APP_BAN_THRESHOLD=0 - RUSTDESK_API_LANG=zh-CN - - # 系统配置 - - TZ=\${TIMEZONE} + - TZ=${TIMEZONE} volumes: - - ./data/keys:/root/keys # 统一密钥目录 - - ./data/db:/root/db # 数据库目录 + - ./data/keys:/root/keys + - ./data/db:/root/db restart: unless-stopped healthcheck: test: ["CMD", "netstat", "-ltn"] interval: 30s timeout: 10s retries: 3 - -networks: - default: - name: rustdesk-network EOF echo "✅ 配置文件创建完成" +# 拉取镜像(显示进度) +echo "📥 拉取 Docker 镜像..." +$DOCKER_COMPOSE_CMD pull + # 启动服务 -echo "🔄 启动 RustDesk 服务..." +echo "🔄 启动服务..." $DOCKER_COMPOSE_CMD up -d -# 等待服务启动 +# 等待启动 echo "⏳ 等待服务启动..." -for i in {1..30}; do - if $DOCKER_COMPOSE_CMD ps | grep -q "Up"; then - echo "✅ 服务启动成功" - break - fi - sleep 2 - echo -n "." -done +sleep 30 -sleep 10 - -# 重置管理员密码 +# 设置管理员密码 echo "🔐 设置管理员密码..." -if docker exec -it rustdesk-server ./apimain reset-admin-pwd "$ADMIN_PASSWORD" 2>/dev/null; then - echo "✅ 管理员密码设置成功" -else - echo "⚠️ 密码设置可能失败,请手动检查" -fi +docker exec rustdesk-server ./apimain reset-admin-pwd "$ADMIN_PASSWORD" 2>/dev/null || echo "⚠️ 密码设置可能需要重试" -# 显示服务状态 -echo "📊 服务状态:" -$DOCKER_COMPOSE_CMD ps - -# 验证密钥一致性 -echo "🔍 验证密钥一致性..." -SERVER_KEY=$($DOCKER_COMPOSE_CMD logs 2>/dev/null | grep "Key:" | tail -1 | awk '{print $NF}' || echo "") - -echo "=== 部署验证结果 ===" -echo "服务器使用密钥: $SERVER_KEY" -echo "统一固定密钥: $UNIFIED_KEY_FINGERPRINT" - -if [ "$SERVER_KEY" = "$UNIFIED_KEY_FINGERPRINT" ]; then - echo "✅ 密钥匹配成功!跨VPS密钥统一" -else - echo "❌ 密钥不匹配!" - echo "调试信息:" - $DOCKER_COMPOSE_CMD logs --tail=10 -fi - -# 显示最终配置信息 +# 显示部署结果 echo "" echo "🎉 RustDesk 服务器部署完成!" -echo "==========================================================" -echo "🌐 访问地址:" -echo " 网页远程登录: http://$PUBLIC_IP:21115" -echo " API 管理界面: http://$PUBLIC_IP:21114" -echo "" -echo "🔑 统一密钥配置:" -echo " 密钥指纹: $UNIFIED_KEY_FINGERPRINT" -echo " 私钥路径: $(pwd)/data/keys/id_ed25519" -echo " 公钥路径: $(pwd)/data/keys/id_ed25519.pub" -echo "" -echo "🔐 登录信息:" -echo " 管理员密码: $ADMIN_PASSWORD" -echo " (首次登录后请立即修改密码)" +echo "========================================" +echo "🌐 网页远程登录: http://$PUBLIC_IP:21115" +echo "🔑 统一密钥: $UNIFIED_KEY_FINGERPRINT" +echo "🔐 管理员密码: $ADMIN_PASSWORD" echo "" echo "📡 客户端配置:" echo " ID 服务器: $PUBLIC_IP:21116" echo " 中继服务器: $PUBLIC_IP:21117" -echo " API 服务器: http://$PUBLIC_IP:21114" -echo " 密钥: $UNIFIED_KEY_FINGERPRINT" -echo "" -echo "🔧 管理命令:" -echo " 查看日志: cd $WORK_DIR && $DOCKER_COMPOSE_CMD logs -f" -echo " 重启服务: cd $WORK_DIR && $DOCKER_COMPOSE_CMD restart" -echo " 停止服务: cd $WORK_DIR && $DOCKER_COMPOSE_CMD down" -echo "==========================================================" - -# 测试端口连通性 -echo "🔍 测试服务端口..." -for port in 21114 21115 21116 21117; do - if nc -z localhost $port 2>/dev/null; then - echo "✅ 端口 $port 监听正常" - else - echo "❌ 端口 $port 无法连接" - fi -done +echo "========================================"