sh jimorsm'stool
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了sh jimorsm'stool相关的知识,希望对你有一定的参考价值。
#!/bin/bash
#函数 初始化系统
function initializeSystem()
{
case $ID in
debian|ubuntu|devuan)
echo 暂不支持
;;
centos|fedora|rhel)
PKGtool="yum"
if [$VERSION_ID -ge '22']; then
PKGtool = "dnf"
fi
echo 检查系统升级
$PKGtool update -y -q
echo 检查安装epel-release
if [ $(grep epel /etc/yum.repos.d/*.repo | wc -l) -eq 0 ]; then
$PKGtool install -y -q epel-release
fi
echo 安装常用工具
$PKGtool install git htop wget vim -y
echo "安装oh-my-sh"
$PKGtool install zsh -y
wget https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O - | sh
echo 配置服务器时间为rpc
rm -rf /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo 安装Pip
$PKGtool groupinstall "Development Tools" -y
$PKGtool install python-devel python-setuptools -y && easy_install pip
echo 配置SSH
configSSH
;;
*)
echo 不支持的系统
esac
}
#函数 配置SSH
function configSSH()
{
echo 1、root登入
echo 2、密钥认证
echo 3、密码认证
echo 任意键跳过
read -p "请选择" COMMAND
case $COMMAND in
1 )
read -p "root登入 1启用,2禁用" COMMAND
case $COMMAND in
1 )
sed -i 's/#PermitRootLogin/PermitRootLogin/g' /etc/ssh/sshd_config
sed -i 's/PermitRootLogin no/PermitRootLogin yes/g' /etc/ssh/sshd_config
;;
2 )
sed -i 's/#PermitRootLogin/PermitRootLogin/g' /etc/ssh/sshd_config
sed -i 's/PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
;;
* )
echo 输入错误,未执行操作
;;
esac
;;
2 )
read -p "公钥认证 1启用,2禁用(请自行上传公钥)" COMMAND
case $COMMAND in
1 )
sed -i 's/#PubkeyAuthentication/PubkeyAuthentication/g' /etc/ssh/sshd_config
sed -i 's/PubkeyAuthentication no/PubkeyAuthentication yes/g' /etc/ssh/sshd_config
;;
2 )
sed -i 's/#PubkeyAuthentication/PubkeyAuthentication/g' /etc/ssh/sshd_config
sed -i 's/PubkeyAuthentication yes/PubkeyAuthentication no/g' /etc/ssh/sshd_config
;;
* )
echo 输入错误,未执行操作
;;
esac
;;
3 )
read -p "密码认证 1启用,2禁用" COMMAND
case $COMMAND in
1 )
sed -i 's/#PasswordAuthentication/PasswordAuthentication/g' /etc/ssh/sshd_config
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
;;
2 )
sed -i 's/#PasswordAuthentication/PasswordAuthentication/g' /etc/ssh/sshd_config
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
;;
* )
echo 输入错误,未执行操作
;;
esac
;;
* )
;;
esac
}
#函数 配置防火墙
function configFirewall()
{
firewalldisactive=$(systemctl is-active firewalld.service)
iptablesisactive=$(systemctl is-active iptables.service)
# 添加防火墙允许列表
if [[ ${firewalldisactive} = 'active' ]]; then
firewall-cmd --zone=public --permanent --add-port=10000-65535/tcp
firewall-cmd --zone=public --permanent --add-port=10000-65535/udp
firewall-cmd --permanent --zone=public --add-masquerade
firewall-cmd --reload
elif [[ ${iptablesisactive} = 'active' ]]; then
iptables -I INPUT -p tcp --dport ${port} -j ACCEPT
iptables -I INPUT -p udp --dport ${port} -j ACCEPT
iptables -I FORWARD -s ${vpnnetwork} -j ACCEPT
iptables -t nat -A POSTROUTING -s ${vpnnetwork} -o ${eth} -j MASQUERADE
#iptables -t nat -A POSTROUTING -j MASQUERADE
service iptables save
else
printf "\e[33mWARNING!!! Either firewalld or iptables is NOT Running! \e[0m\n"
fi
}
function installSSR()
{
echo '开始安装shadowsocks'
#function InstallShadowsocks
echo '1安装依赖'
yum install wget htop git libsodium m2crypto python-devel libffi-devel openssl-devel python-setuptools -y && easy_install pip
yum groupinstall "Development Tools" -y
#yum install centos-release-scl -y
#yum install devtoolset-4-gcc* -y
#scl enable devtoolset-4 bash
echo '2下载Shadowsocks'
cd /home
git clone -b manyuser https://github.com/glzjin/shadowsocks.git
echo '3配置Shasowsocks'
cd shadowsocks
cp apiconfig.py userapiconfig.py
cp config.json user-config.json
read -p "输入节点id:" NOD_ID
read -p "节点自动测速,与面板保持一致 0为关闭:" SPEEDTEST
read -p "云安全,自动上报与下载封禁IP 1为开启,0为关闭:" CLOUDSAFE
read -p "自动封禁SS密码和加密方式错误的IP 1为开启,0为关闭:" ANTISSATTACK
sed -i "s/NODE_ID = 1/NODE_ID = $NOD_ID/g" userapiconfig.py
sed -i "s/SPEEDTEST = 6/SPEEDTEST = $SPEEDTEST/g" userapiconfig.py
sed -i "s/CLOUDSAFE = 1/CLOUDSAFE = $CLOUDSAFE/g" userapiconfig.py
sed -i "s/ANTISSATTACK = 0/ANTISSATTACK = $ANTISSATTACK/g" userapiconfig.py
read -p "启用单端口多用户 0:不启用 1:启用" MU
if [[ $MU = "1" ]]; then
read -p "输入多用户混淆参数后缀 MU_SUFFIX:" MU_SUFFIX
read -p "输入多用户混淆参数表达式,例:%5m%id.%suffix (%5m代表取用户特征 md5 的前五位,%id 代表用户id %suffix 代表上面这个后缀)
MU_REGEX:" MU_REGEX
sed -i "s/MU_SUFFIX = 'zhaoj.in'/MU_SUFFIX = '$MU_SUFFIX'/g" userapiconfig.py
sed -i "s/'%5m%id.%suffix'/'$MU_REGEX'/g" userapiconfig.py
fi
read -p "后端与面板连接方式 0:MYSQL 1:WEBAPI :" WEBAPI
if [[ $WEBAPI = "1" ]]; then
read -p "输入WEBAPI_URL: https://" WEBAPI_URL
read -p "输入WEBAPI_TOKEN:" WEBAPI_TOKEN
sed -i "s/API_INTERFACE = 'glzjinmod'/API_INTERFACE = 'modwebapi'/g" /home/shadowsocks/userapiconfig.py
sed -i "s#WEBAPI_URL = 'https://zhaoj.in'#WEBAPI_URL = 'https://$WEBAPI_URL'#g" /home/shadowsocks/userapiconfig.py
sed -i "s/WEBAPI_TOKEN = 'glzjin'/WEBAPI_TOKEN = '$WEBAPI_TOKEN'/g" /home/shadowsocks/userapiconfig.py
elif [[ $WEBAPI = "0" ]]; then
read -p "输入MYSQL_HOST: " MYSQL_HOST
read -p "输入MYSQL_PORT: " MYSQL_PORT
read -p "输入MYSQL_USER: " MYSQL_USER
read -p "输入MYSQL_PASS: " MYSQL_PASS
read -p "输入MYSQL_DB: " MYSQL_DB
sed -i "s/API_INTERFACE = 'modwebapi'/API_INTERFACE = 'glzjinmod'/g" /home/shadowsocks/userapiconfig.py
sed -i "s/MYSQL_HOST = '127.0.0.1'/MYSQL_HOST = '$MYSQL_HOST'/g" userapiconfig.py
sed -i "s/MYSQL_PORT = 3006/MYSQL_PORT = $MYSQL_PORT/g" userapiconfig.py
sed -i "s/MYSQL_USER = 'ss'/MYSQL_USER = '$MYSQL_USER'/g" userapiconfig.py
sed -i "s/MYSQL_PASS = 'ss'/MYSQL_PASS = '$MYSQL_PASS'/g" userapiconfig.py
sed -i "s/MYSQL_DB = 'shadowsocks'/MYSQL_DB = '$MYSQL_DB'/g" userapiconfig.py
$MYSQL_SSL_ENABLE = 0
read -p "启用 MYSQL SSL:
0:不启用 1:启用" MYSQL_SSL_ENABLE
if [[ $MYSQL_SSL_ENABLE = "1" ]]; then
read -p "输入MYSQL_SSL_CA: " MYSQL_SSL_CA
read -p "输入MYSQL_SSL_CERT: " MYSQL_SSL_CERT
read -p "输入MYSQL_SSL_KEY: " MYSQL_SSL_KEY
sed -i "s/MYSQL_SSL_ENABLE = 0/MYSQL_SSL_ENABLE = $MYSQL_SSL_ENABLE/g" userapiconfig.py
sed -i "s/MYSQL_SSL_CA = ''/MYSQL_SSL_CA = '$MYSQL_SSL_CA'/g" userapiconfig.py
sed -i "s/MYSQL_SSL_CERT = ''/MYSQL_SSL_CERT = '$MYSQL_SSL_CERT'/g" userapiconfig.py
sed -i "s/MYSQL_SSL_KEY = ''/MYSQL_SSL_KEY = '$MYSQL_SSL_KEY'/g" userapiconfig.py
fi
fi
echo '4安装python模块'
pip install -r requirements.txt
pip install cymysql greenlet gevent
echo '5配置Systemd守护'
echo "[Unit]
Description=Shadowsocks Server Service
After=network.target
[Service]
LimitNOFILE=51200
TimeoutStartSec=0
ExecStart=/bin/python /home/shadowsocks/server.py
ExecStop=/bin/bash /home/shadowsocks/stop.sh
[Install]
WantedBy=multi-user.target">/etc/systemd/system/shadowsocks.service
echo '6启用并开启守护进程'
systemctl daemon-reload
systemctl enable shadowsocks
systemctl restart shadowsocks
echo '7完成'
}
# 主程序开始
# 检测是否是root用户
if [[ $(id -u) != "0" ]]; then
printf "\e[42m\e[31mError: You must be root to run this script.\e[0m\n"
exit 1
fi
#检测系统及版本
source /etc/os-release
echo 系统:$ID
echo 版本:$VERSION_ID
##选择功能
echo 选择以下功能执行:
echo 1、初始化系统配置
echo 2、安装SSR
echo 任意键退出
read -p "请选择" COMMAND
case $COMMAND in
1 )
initializeSystem
;;
2 )
installSSR
;;
* )
exit
;;
esac
以上是关于sh jimorsm'stool的主要内容,如果未能解决你的问题,请参考以下文章