211 lines
6.3 KiB
Bash
211 lines
6.3 KiB
Bash
#!/bin/bash
|
||
|
||
# RustDesk Server 一键部署脚本 - 完全修复密钥问题
|
||
set -e
|
||
|
||
echo "========================================"
|
||
echo " RustDesk Server 一键部署脚本"
|
||
echo "========================================"
|
||
|
||
# 获取服务器公网 IP
|
||
SERVER_IP=$(curl -s http://checkip.amazonaws.com || curl -s http://ipinfo.io/ip || echo "127.0.0.1")
|
||
echo "检测到服务器 IP: $SERVER_IP"
|
||
|
||
# 设置固定密码
|
||
FIXED_PASSWORD="3459635287"
|
||
echo "设置管理密码: $FIXED_PASSWORD"
|
||
|
||
# 创建必要的目录
|
||
echo "创建数据目录..."
|
||
mkdir -p /data/rustdesk/server
|
||
mkdir -p /data/rustdesk/api
|
||
|
||
# 停止并删除可能存在的旧容器
|
||
echo "清理旧容器..."
|
||
docker rm -f rustdesk 2>/dev/null || true
|
||
|
||
# 彻底清理旧的密钥文件
|
||
echo "清理旧密钥文件..."
|
||
rm -rf /data/rustdesk/server/id_ed25519*
|
||
|
||
# 生成有效的 JWT 密钥
|
||
JWT_KEY=$(openssl rand -base64 32 | tr -d '\n' | tr -d '/+' | cut -c1-32)
|
||
echo "生成 JWT 密钥: $JWT_KEY"
|
||
|
||
# 生成有效的 Ed25519 密钥对
|
||
echo "生成有效的密钥对..."
|
||
if command -v rustdesk &> /dev/null; then
|
||
# 如果系统安装了 rustdesk
|
||
rustdesk --gen-keypair --out /data/rustdesk/server/
|
||
else
|
||
# 使用 openssl 生成 Ed25519 密钥
|
||
openssl genpkey -algorithm Ed25519 -out /data/rustdesk/server/id_ed25519 2>/dev/null || \
|
||
docker run --rm -v /data/rustdesk/server:/data alpine/openssl genpkey -algorithm Ed25519 -out /data/id_ed25519
|
||
|
||
# 提取公钥
|
||
openssl pkey -in /data/rustdesk/server/id_ed25519 -pubout -out /data/rustdesk/server/id_ed25519.pub 2>/dev/null || \
|
||
docker run --rm -v /data/rustdesk/server:/data alpine/openssl pkey -in /data/id_ed25519 -pubout -out /data/id_ed25519.pub
|
||
fi
|
||
|
||
# 检查密钥是否生成成功
|
||
if [ -f "/data/rustdesk/server/id_ed25519.pub" ]; then
|
||
PUBLIC_KEY=$(cat /data/rustdesk/server/id_ed25519.pub | base64 -w 0)
|
||
echo "✓ 公钥生成成功"
|
||
echo "公钥 (base64): $PUBLIC_KEY"
|
||
else
|
||
# 如果上面的方法都失败,使用一个已知有效的 base64 编码密钥
|
||
echo "使用备选密钥生成方法..."
|
||
cat > /data/rustdesk/server/id_ed25519.pub << EOF
|
||
-----BEGIN PUBLIC KEY-----
|
||
MCowBQYDK2VwAyEAr0cDMF1eJa9zNqnUPB8ylbEJJWZqj6OdJnOrNhmWSLU=
|
||
-----END PUBLIC KEY-----
|
||
EOF
|
||
PUBLIC_KEY="r0cDMF1eJa9zNqnUPB8ylbEJJWZqj6OdJnOrNhmWSLU="
|
||
echo "使用预设公钥: $PUBLIC_KEY"
|
||
fi
|
||
|
||
# 生成新版 Docker Compose 文件(去掉 version)
|
||
cat > docker-compose.yml << EOF
|
||
networks:
|
||
rustdesk-net:
|
||
external: false
|
||
|
||
services:
|
||
rustdesk:
|
||
container_name: rustdesk
|
||
ports:
|
||
- "21114:21114"
|
||
- "21115:21115"
|
||
- "21116:21116"
|
||
- "21116:21116/udp"
|
||
- "21117:21117"
|
||
- "21118:21118"
|
||
- "21119:21119"
|
||
image: lejianwen/rustdesk-server-s6:latest
|
||
environment:
|
||
# 基础配置
|
||
- RELAY=${SERVER_IP}:21117
|
||
- ENCRYPTED_ONLY=0 # 先禁用加密,确保服务能启动
|
||
- MUST_LOGIN=y
|
||
- TZ=Asia/Shanghai
|
||
- KEY=${PUBLIC_KEY}
|
||
# RustDesk API 配置
|
||
- RUSTDESK_API_RUSTDESK_ID_SERVER=${SERVER_IP}:21116
|
||
- RUSTDESK_API_RUSTDESK_RELAY_SERVER=${SERVER_IP}:21117
|
||
- RUSTDESK_API_RUSTDESK_API_SERVER=http://${SERVER_IP}:21114
|
||
- RUSTDESK_API_RUSTDESK_KEY=${PUBLIC_KEY}
|
||
- RUSTDESK_API_JWT_KEY=${JWT_KEY}
|
||
# 其他配置
|
||
- RUSTDESK_API_APP_REGISTER=false
|
||
- RUSTDESK_API_APP_DISABLE_PWD_LOGIN=false
|
||
- RUSTDESK_API_APP_CAPTCHA_THRESHOLD=3
|
||
- RUSTDESK_API_APP_BAN_THRESHOLD=5
|
||
- RUSTDESK_API_GORM_TYPE=sqlite
|
||
- RUSTDESK_API_LANG=zh-CN
|
||
- RUSTDESK_API_APP_WEB_CLIENT=1
|
||
- RUSTDESK_API_APP_SHOW_SWAGGER=0
|
||
volumes:
|
||
- /data/rustdesk/server:/data
|
||
- /data/rustdesk/api:/app/data
|
||
networks:
|
||
- rustdesk-net
|
||
restart: unless-stopped
|
||
EOF
|
||
|
||
echo "Docker Compose 文件已生成"
|
||
|
||
# 启动服务
|
||
echo "启动 RustDesk 服务..."
|
||
if command -v docker &> /dev/null && docker compose version &> /dev/null; then
|
||
docker compose up -d
|
||
else
|
||
docker-compose up -d
|
||
fi
|
||
|
||
echo "等待服务启动..."
|
||
sleep 40
|
||
|
||
# 检查服务状态
|
||
echo "检查服务状态..."
|
||
if [ "$(docker inspect -f '{{.State.Running}}' rustdesk 2>/dev/null)" = "true" ]; then
|
||
echo "✓ RustDesk 服务运行正常"
|
||
|
||
# 等待一段时间后尝试启用加密
|
||
echo "等待服务完全启动..."
|
||
sleep 30
|
||
|
||
# 重新启用加密
|
||
echo "重新启用加密..."
|
||
docker stop rustdesk
|
||
sed -i 's/ENCRYPTED_ONLY=0/ENCRYPTED_ONLY=1/' docker-compose.yml
|
||
if command -v docker &> /dev/null && docker compose version &> /dev/null; then
|
||
docker compose up -d
|
||
else
|
||
docker-compose up -d
|
||
fi
|
||
sleep 20
|
||
else
|
||
echo "✗ 服务启动异常,查看日志..."
|
||
docker logs rustdesk --tail 50
|
||
echo ""
|
||
echo "尝试使用简化配置..."
|
||
# 使用简化配置重试
|
||
deploy_simple
|
||
fi
|
||
|
||
# 最终状态检查
|
||
if [ "$(docker inspect -f '{{.State.Running}}' rustdesk 2>/dev/null)" = "true" ]; then
|
||
echo "✓ RustDesk 部署成功!"
|
||
else
|
||
echo "⚠ 服务可能仍在启动中,请稍后检查..."
|
||
fi
|
||
|
||
# 显示部署信息
|
||
echo ""
|
||
echo "========================================"
|
||
echo " RustDesk 部署完成"
|
||
echo "========================================"
|
||
echo "服务器 IP: $SERVER_IP"
|
||
echo "公钥密钥: $PUBLIC_KEY"
|
||
echo "JWT 密钥: $JWT_KEY"
|
||
echo "管理密码: $FIXED_PASSWORD"
|
||
echo ""
|
||
echo "客户端连接信息:"
|
||
echo " ID 服务器: $SERVER_IP:21116"
|
||
echo " 中继服务器: $SERVER_IP:21117"
|
||
echo " 密钥: $PUBLIC_KEY"
|
||
echo ""
|
||
echo "Web 管理界面: http://${SERVER_IP}:21114"
|
||
echo "用户名: admin"
|
||
echo "密码: $FIXED_PASSWORD"
|
||
echo "========================================"
|
||
|
||
# 简化部署函数(备用)
|
||
deploy_simple() {
|
||
echo "使用简化配置部署..."
|
||
cat > docker-compose-simple.yml << EOF
|
||
services:
|
||
rustdesk:
|
||
container_name: rustdesk
|
||
ports:
|
||
- "21116:21116"
|
||
- "21116:21116/udp"
|
||
- "21117:21117"
|
||
image: lejianwen/rustdesk-server-s6:latest
|
||
environment:
|
||
- SERVER_IP=${SERVER_IP}
|
||
- RELAY_IP=${SERVER_IP}
|
||
- KEY=${PUBLIC_KEY}
|
||
- TZ=Asia/Shanghai
|
||
volumes:
|
||
- /data/rustdesk/server:/data
|
||
restart: unless-stopped
|
||
EOF
|
||
|
||
if command -v docker &> /dev/null && docker compose version &> /dev/null; then
|
||
docker compose -f docker-compose-simple.yml up -d
|
||
else
|
||
docker-compose -f docker-compose-simple.yml up -d
|
||
fi
|
||
}
|