212 lines
7.1 KiB
Bash
212 lines
7.1 KiB
Bash
#!/bin/bash
|
||
|
||
# ==========================================
|
||
# 标题:咸v咆哮制作 - X-UI 终极全能版 (V4.0)
|
||
# 功能:全架构、抗网络波动、防锁死、时间校准、多防火墙适配
|
||
# ==========================================
|
||
|
||
# --- 颜色配置 ---
|
||
Red="\033[31m"
|
||
Green="\033[32m"
|
||
Yellow="\033[33m"
|
||
Blue="\033[36m"
|
||
Font="\033[0m"
|
||
|
||
# --- 核心配置 ---
|
||
BASE_URL="https://freeyx.vps3344.dpdns.org/xui"
|
||
INSTALL_PATH="/usr/local/x-ui"
|
||
BIN_LINK="/usr/bin/x-ui"
|
||
DB_PATH="/etc/x-ui/x-ui.db"
|
||
SET_USER="3344"
|
||
SET_PASS="3344"
|
||
SET_PORT="8443"
|
||
|
||
# ==========================================
|
||
# 1. 霸气开场
|
||
# ==========================================
|
||
clear
|
||
echo -e "${Blue}#################################################${Font}"
|
||
echo -e "${Blue}# X-UI 自动安装脚本 (V4.0 全能防御版) #${Font}"
|
||
echo -e "${Blue}# 兼容: IPv4/v6 | 多架构 | 智能防报错 #${Font}"
|
||
echo -e "${Blue}#################################################${Font}"
|
||
sleep 1
|
||
|
||
if [[ $EUID -ne 0 ]]; then
|
||
echo -e "${Red}错误:必须使用 root 身份运行!${Font}"
|
||
exit 1
|
||
fi
|
||
|
||
# ==========================================
|
||
# 2. 系统环境大清洗 (防报错核心)
|
||
# ==========================================
|
||
echo -e "${Yellow}>> [1/6] 正在执行系统环境预处理...${Font}"
|
||
|
||
# 2.1 暴力解锁 APT (解决 "Could not get lock" 问题)
|
||
# 检测是否有 apt/dpkg 进程在运行,直接杀掉
|
||
if pgrep -x "apt" >/dev/null || pgrep -x "apt-get" >/dev/null || pgrep -x "dpkg" >/dev/null; then
|
||
echo -e "${Yellow}发现后台有安装进程,正在强制终止...${Font}"
|
||
killall apt apt-get dpkg >/dev/null 2>&1
|
||
sleep 2
|
||
fi
|
||
rm -rf /var/lib/apt/lists/lock /var/cache/apt/archives/lock /var/lib/dpkg/lock*
|
||
|
||
# 2.2 修复 DPKG 状态
|
||
dpkg --configure -a >/dev/null 2>&1
|
||
|
||
# 2.3 安装核心依赖 (增加 ca-certificates 防止SSL报错, ntpdate 防止时间不同步)
|
||
echo -e "${Yellow}>> [2/6] 安装必要组件 (Curl, Wget, SQLite, Time)...${Font}"
|
||
if [[ -f /etc/redhat-release ]]; then
|
||
yum update -y && yum install -y curl wget tar sqlite3 ca-certificates
|
||
elif cat /etc/issue | grep -q -E -i "debian|ubuntu"; then
|
||
apt-get update -y && apt-get install -y curl wget tar sqlite3 ca-certificates
|
||
else
|
||
echo -e "${Red}错误:不支持的系统版本${Font}"
|
||
exit 1
|
||
fi
|
||
|
||
# 2.4 关键:校准系统时间 (防止客户端连接失败)
|
||
echo -e "${Yellow}>> [3/6] 正在校准服务器时间...${Font}"
|
||
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
|
||
date -s "$(curl -sI g.cn | grep Date | cut -d' ' -f3-6)Z" >/dev/null 2>&1
|
||
echo -e "${Green}当前服务器时间: $(date)${Font}"
|
||
|
||
# ==========================================
|
||
# 3. 架构识别与抗干扰下载
|
||
# ==========================================
|
||
echo -e "${Yellow}>> [4/6] 识别架构并下载...${Font}"
|
||
ARCH=$(uname -m)
|
||
FILE_NAME=""
|
||
|
||
case $ARCH in
|
||
x86_64) FILE_NAME="x-ui-linux-amd64.tar.gz" ;;
|
||
aarch64) FILE_NAME="x-ui-linux-arm64.tar.gz" ;;
|
||
i386|i686) FILE_NAME="x-ui-linux-386.tar.gz" ;;
|
||
armv5*) FILE_NAME="x-ui-linux-armv5.tar.gz" ;;
|
||
*) echo -e "${Red}不支持的架构: $ARCH${Font}"; exit 1 ;;
|
||
esac
|
||
|
||
DOWNLOAD_URL="${BASE_URL}/${FILE_NAME}"
|
||
cd /usr/local/
|
||
|
||
# 删除旧文件
|
||
rm -f "$FILE_NAME"
|
||
|
||
# 下载策略:强制 IPv4 + 超时重试 (解决卡死问题)
|
||
echo -e "${Yellow}正在下载 (强制 IPv4 通道)...${Font}"
|
||
# 尝试 wget
|
||
wget -4 --no-check-certificate --timeout=20 --tries=3 -O "$FILE_NAME" "$DOWNLOAD_URL"
|
||
|
||
# 如果 wget 失败,尝试 curl
|
||
if [ ! -f "$FILE_NAME" ] || [ ! -s "$FILE_NAME" ]; then
|
||
echo -e "${Yellow}Wget 下载失败,切换 Curl 救急...${Font}"
|
||
curl -4 -L -k --connect-timeout 20 --retry 3 -o "$FILE_NAME" "$DOWNLOAD_URL"
|
||
fi
|
||
|
||
# 最终完整性检查
|
||
if ! tar -tzf "$FILE_NAME" >/dev/null 2>&1; then
|
||
echo -e "${Red}严重错误:下载失败或文件损坏!请检查网络连接或源地址。${Font}"
|
||
exit 1
|
||
fi
|
||
|
||
# ==========================================
|
||
# 4. 安装与数据库强写
|
||
# ==========================================
|
||
echo -e "${Yellow}>> [5/6] 安装与数据库配置...${Font}"
|
||
|
||
# 停止旧服务并强杀进程
|
||
systemctl stop x-ui >/dev/null 2>&1
|
||
killall x-ui >/dev/null 2>&1
|
||
rm -rf x-ui
|
||
tar zxvf "$FILE_NAME" >/dev/null
|
||
cd x-ui
|
||
chmod +x x-ui x-ui.sh bin/xray-linux-*
|
||
ln -sf "$INSTALL_PATH/x-ui.sh" "$BIN_LINK"
|
||
|
||
# 准备数据库目录
|
||
mkdir -p /etc/x-ui/
|
||
|
||
# 第一次初始化生成 DB
|
||
./x-ui setting -port $SET_PORT -username $SET_USER -password $SET_PASS >/dev/null 2>&1
|
||
|
||
# 数据库强写逻辑
|
||
if command -v sqlite3 >/dev/null 2>&1; then
|
||
# 确保 DB 存在
|
||
[ ! -f "$DB_PATH" ] && cp /usr/local/x-ui/bin/x-ui.db "$DB_PATH"
|
||
|
||
# 执行修改
|
||
sqlite3 "$DB_PATH" "UPDATE settings SET value='/' WHERE key='webBasePath';"
|
||
sqlite3 "$DB_PATH" "UPDATE settings SET value='$SET_PORT' WHERE key='webPort';"
|
||
sqlite3 "$DB_PATH" "UPDATE users SET username='$SET_USER', password='$SET_PASS' WHERE id=1;"
|
||
|
||
# 验证
|
||
CHECK_PASS=$(sqlite3 "$DB_PATH" "SELECT password FROM users WHERE id=1;")
|
||
if [ "$CHECK_PASS" == "$SET_PASS" ]; then
|
||
echo -e "${Green}账号密码数据库校验通过!${Font}"
|
||
else
|
||
echo -e "${Red}警告:SQLite写入未生效,使用备用命令重置...${Font}"
|
||
./x-ui setting -username $SET_USER -password $SET_PASS
|
||
fi
|
||
fi
|
||
|
||
# ==========================================
|
||
# 5. 服务启动与防火墙全放行
|
||
# ==========================================
|
||
echo -e "${Yellow}>> [6/6] 配置服务与防火墙...${Font}"
|
||
|
||
cat > /etc/systemd/system/x-ui.service <<EOF
|
||
[Unit]
|
||
Description=x-ui Service
|
||
After=network.target
|
||
|
||
[Service]
|
||
Type=simple
|
||
User=root
|
||
WorkingDirectory=$INSTALL_PATH
|
||
ExecStart=$INSTALL_PATH/x-ui
|
||
Restart=on-failure
|
||
RestartSec=5s
|
||
|
||
[Install]
|
||
WantedBy=multi-user.target
|
||
EOF
|
||
|
||
systemctl daemon-reload
|
||
systemctl enable x-ui
|
||
systemctl restart x-ui
|
||
sleep 2
|
||
|
||
# 智能防火墙放行 (兼容 ufw, firewalld, iptables)
|
||
echo -e "${Yellow}正在适配防火墙端口 $SET_PORT...${Font}"
|
||
if command -v ufw >/dev/null 2>&1; then
|
||
ufw allow $SET_PORT/tcp >/dev/null 2>&1
|
||
fi
|
||
if command -v firewall-cmd >/dev/null 2>&1; then
|
||
firewall-cmd --zone=public --add-port=$SET_PORT/tcp --permanent >/dev/null 2>&1
|
||
firewall-cmd --reload >/dev/null 2>&1
|
||
fi
|
||
# iptables 作为兜底
|
||
iptables -I INPUT -p tcp --dport $SET_PORT -j ACCEPT 2>/dev/null
|
||
|
||
# ==========================================
|
||
# 6. 最终检测
|
||
# ==========================================
|
||
IP=$(curl -s4m8 ip.sb)
|
||
if [[ -z "$IP" ]]; then
|
||
IP=$(curl -s6m8 ip.sb) # 如果 ipv4 没取到,尝试取 ipv6
|
||
fi
|
||
|
||
echo -e ""
|
||
echo -e "${Blue}#################################################${Font}"
|
||
echo -e "${Green} 咸v咆哮制作 - 安装完成 (V4.0) ${Font}"
|
||
echo -e "${Blue}#################################################${Font}"
|
||
echo -e "访问地址 :${Green}http://$IP:$SET_PORT${Font}"
|
||
echo -e "用户名 :${Green}$SET_USER${Font}"
|
||
echo -e "密码 :${Green}$SET_PASS${Font}"
|
||
echo -e "${Blue}#################################################${Font}"
|
||
|
||
# 检查服务状态
|
||
if ! systemctl is-active x-ui >/dev/null 2>&1; then
|
||
echo -e "${Red}注意:Systemd 启动似乎失败,正在尝试后台运行模式...${Font}"
|
||
nohup ./x-ui >/dev/null 2>&1 &
|
||
fi
|