From 92acd74aa322889f2cfe7c62b2491aa240b03565 Mon Sep 17 00:00:00 2001 From: wulabing <91d$5gKrmVShheJf> Date: Wed, 16 Oct 2019 01:27:30 +0800 Subject: [PATCH] =?UTF-8?q?=E9=80=82=E9=85=8D=20Centos8=20Debian10=20Ubunt?= =?UTF-8?q?u19.04=20=E4=BF=AE=E5=A4=8D=20=E9=83=A8=E5=88=86=E7=B3=BB?= =?UTF-8?q?=E7=BB=9F=E4=B8=8B=20=E8=AE=A1=E5=88=92=E4=BB=BB=E5=8A=A1?= =?UTF-8?q?=E4=B8=8D=E7=94=9F=E6=95=88=E7=9A=84=E9=97=AE=E9=A2=98=20?= =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20=E6=97=B6=E9=97=B4=E5=90=8C=E6=AD=A5?= =?UTF-8?q?=E6=9C=8D=E5=8A=A1=20=E5=9C=A8=20Centos8=20=E4=B8=8B=E6=97=A0?= =?UTF-8?q?=E6=B3=95=E5=AE=89=E8=A3=85=E7=9A=84=E9=94=99=E8=AF=AF=20?= =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20=E9=83=A8=E5=88=86=E7=B3=BB=E7=BB=9F?= =?UTF-8?q?=E4=B8=8B=20=E8=AF=81=E4=B9=A6=E4=B8=8D=E4=BC=9A=E8=87=AA?= =?UTF-8?q?=E5=8A=A8=E6=9B=B4=E6=96=B0=E7=9A=84=E9=97=AE=E9=A2=98=20?= =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20=E9=83=A8=E5=88=86=E7=B3=BB=E7=BB=9F?= =?UTF-8?q?=E4=B8=8B=20Nginx=20=E5=BC=80=E6=9C=BA=E8=87=AA=E5=90=AF?= =?UTF-8?q?=E9=85=8D=E7=BD=AE=E5=A4=B1=E6=95=88=E7=9A=84=E9=97=AE=E9=A2=98?= =?UTF-8?q?=20=E5=8F=98=E6=9B=B4=20=E9=87=8D=E5=A4=8D=E5=AE=89=E8=A3=85?= =?UTF-8?q?=E6=97=B6=EF=BC=8C=E5=B0=86=E4=B8=8D=E5=AF=B9=E7=9B=B8=E5=90=8C?= =?UTF-8?q?=E7=9A=84=E5=9F=9F=E5=90=8D=E8=BF=9B=E8=A1=8C=E9=87=8D=E5=A4=8D?= =?UTF-8?q?=E7=9A=84=E8=AF=81=E4=B9=A6=E7=94=B3=E8=AF=B7=EF=BC=8C=E9=98=B2?= =?UTF-8?q?=E6=AD=A2=E5=87=BA=E7=8E=B0=20Let's=20encrypt=20API=20=E6=AC=A1?= =?UTF-8?q?=E6=95=B0=E9=99=90=E5=88=B6=20=E5=8F=98=E6=9B=B4=20=E9=BB=98?= =?UTF-8?q?=E8=AE=A4=20alterID=2064=20->=204=20=EF=BC=8C=E5=87=8F=E5=B0=91?= =?UTF-8?q?=E8=B5=84=E6=BA=90=E5=8D=A0=E7=94=A8=20=E5=8F=98=E6=9B=B4=20ngi?= =?UTF-8?q?nx=20=E5=AE=89=E8=A3=85=E6=96=B9=E5=BC=8F=E4=BB=8E=E6=BA=90?= =?UTF-8?q?=E8=8E=B7=E5=8F=96=20=E5=8F=98=E6=9B=B4=E4=B8=BA=20=E7=BC=96?= =?UTF-8?q?=E8=AF=91=E5=AE=89=E8=A3=85=EF=BC=8C=E5=B9=B6=E4=BD=BF=E7=94=A8?= =?UTF-8?q?=E6=96=B0=E7=89=88Openssl=EF=BC=8C=E6=94=AF=E6=8C=81tls1.3=20?= =?UTF-8?q?=E5=8F=98=E6=9B=B4=20nginx=20=E9=85=8D=E7=BD=AE=E6=96=87?= =?UTF-8?q?=E4=BB=B6=20ssl=5Fprotocols=20ssl=5Fciphers=EF=BC=8C=E9=80=82?= =?UTF-8?q?=E9=85=8D=20tls1.3=20=E5=8F=98=E6=9B=B4=20=E5=8F=96=E6=B6=88?= =?UTF-8?q?=E5=AF=B9Debian8=20Ubuntu=2016.04=20=E7=9A=84=E9=80=82=E9=85=8D?= =?UTF-8?q?=E5=B7=A5=E4=BD=9C=EF=BC=88=E6=9C=AC=E7=89=88=E6=9C=AC=E5=8F=AF?= =?UTF-8?q?=E8=83=BD=E4=BE=9D=E6=97=A7=E5=8F=AF=E7=94=A8=EF=BC=89=20?= =?UTF-8?q?=E5=8F=98=E6=9B=B4=20=E9=BB=98=E8=AE=A4=E9=A1=B5=E9=9D=A2?= =?UTF-8?q?=E4=BC=AA=E8=A3=85=E4=B8=BA=20html5=20=E5=B0=8F=E6=B8=B8?= =?UTF-8?q?=E6=88=8F=20=E6=96=B0=E5=A2=9E=20=E5=AE=89=E8=A3=85=E5=AE=8C?= =?UTF-8?q?=E6=88=90=EF=BC=8C=E8=8A=82=E7=82=B9=E9=85=8D=E7=BD=AE=E4=BF=A1?= =?UTF-8?q?=E6=81=AF=E7=95=99=E6=A1=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- install.sh | 325 ++++++++++++++++++++++++++++++++++------------------- 1 file changed, 208 insertions(+), 117 deletions(-) diff --git a/install.sh b/install.sh index e90fb6a..45b0073 100644 --- a/install.sh +++ b/install.sh @@ -1,11 +1,11 @@ #!/bin/bash #==================================================== -# System Request:Debian 7+/Ubuntu 14.04+/Centos 6+ +# System Request:Debian 9+/Ubuntu 18.04+/Centos 7+ # Author: wulabing # Dscription: V2ray ws+tls onekey -# Version: 3.3.1 -# Blog: https://www.wulabing.com +# Version: 5.0 +# email:wulabing@admin.com # Official document: www.v2ray.com #==================================================== @@ -23,10 +23,13 @@ OK="${Green}[OK]${Font}" Error="${Red}[错误]${Font}" v2ray_conf_dir="/etc/v2ray" -nginx_conf_dir="/etc/nginx/conf.d" +nginx_conf_dir="/etc/nginx/conf/conf.d" v2ray_conf="${v2ray_conf_dir}/config.json" nginx_conf="${nginx_conf_dir}/v2ray.conf" - +nginx_dir=$"/etc/nginx" +nginx_openssl_src="/usr/local/src" +nginx_version="1.16.1" +openssl_version="1.1.1d" #生成伪装路径 camouflage=`cat /dev/urandom | head -n 10 | md5sum | head -c 8` @@ -36,51 +39,30 @@ source /etc/os-release VERSION=`echo ${VERSION} | awk -F "[()]" '{print $2}'` check_system(){ - if [[ "${ID}" == "centos" && ${VERSION_ID} -ge 7 ]];then - echo -e "${OK} ${GreenBG} 当前系统为 Centos ${VERSION_ID} ${VERSION} ${Font} " + echo -e "${OK} ${GreenBG} 当前系统为 Centos ${VERSION_ID} ${VERSION} ${Font}" INS="yum" - echo -e "${OK} ${GreenBG} SElinux 设置中,请耐心等待,不要进行其他操作${Font} " - setsebool -P httpd_can_network_connect 1 - echo -e "${OK} ${GreenBG} SElinux 设置完成 ${Font} " - ## Centos 也可以通过添加 epel 仓库来安装,目前不做改动 - cat>/etc/yum.repos.d/nginx.repo<> /etc/apt/sources.list - echo "deb-src http://nginx.org/packages/mainline/debian/ ${VERSION} nginx" >> /etc/apt/sources.list - wget -nc https://nginx.org/keys/nginx_signing.key - apt-key add nginx_signing.key - fi elif [[ "${ID}" == "ubuntu" && `echo "${VERSION_ID}" | cut -d '.' -f1` -ge 16 ]];then - echo -e "${OK} ${GreenBG} 当前系统为 Ubuntu ${VERSION_ID} ${UBUNTU_CODENAME} ${Font} " + echo -e "${OK} ${GreenBG} 当前系统为 Ubuntu ${VERSION_ID} ${UBUNTU_CODENAME} ${Font}" INS="apt" - ## 添加 Nginx apt源 - if [ ! -f nginx_signing.key ];then - echo "deb http://nginx.org/packages/mainline/ubuntu/ ${UBUNTU_CODENAME} nginx" >> /etc/apt/sources.list - echo "deb-src http://nginx.org/packages/mainline/ubuntu/ ${UBUNTU_CODENAME} nginx" >> /etc/apt/sources.list - wget -nc https://nginx.org/keys/nginx_signing.key - apt-key add nginx_signing.key - fi + INS update else - echo -e "${Error} ${RedBG} 当前系统为 ${ID} ${VERSION_ID} 不在支持的系统列表内,安装中断 ${Font} " + echo -e "${Error} ${RedBG} 当前系统为 ${ID} ${VERSION_ID} 不在支持的系统列表内,安装中断 ${Font}" exit 1 fi + systemctl stop firewalld && systemctl disable firewalld + echo -e "${OK} ${GreenBG} firewalld 已关闭 ${Font}" } + is_root(){ if [ `id -u` == 0 ] - then echo -e "${OK} ${GreenBG} 当前用户是root用户,进入安装流程 ${Font} " + then echo -e "${OK} ${GreenBG} 当前用户是root用户,进入安装流程 ${Font}" sleep 3 else echo -e "${Error} ${RedBG} 当前用户不是root用户,请切换到root用户后重新执行脚本 ${Font}" @@ -96,57 +78,105 @@ judge(){ exit 1 fi } -ntpdate_install(){ +chrony_install(){ + ${INS} -y install chrony + judge "安装 chrony 时间同步服务 " + + timedatectl set-ntp true + if [[ "${ID}" == "centos" ]];then - ${INS} install ntpdate -y + systemctl enable chronyd && systemctl restart chronyd else - ${INS} update - ${INS} install ntpdate -y + systemctl enable chrony && systemctl restart chrony fi - judge "安装 NTPdate 时间同步服务 " + + judge "chronyd 启动 " + + timedatectl set-timezone Asia/Shanghai + + echo -e "${OK} ${GreenBG} 等待时间同步 ${Font}" + sleep 10 + + chronyc sourcestats -v + chronyc tracking -v + date + read -p "请确认时间是否准确,误差范围±3分钟(Y/N): " chrony_install + [[ -z ${chrony_install} ]] && chrony_install="Y" + case $chrony_install in + [yY][eE][sS]|[yY]) + echo -e "${GreenBG} 继续安装 ${Font}" + sleep 2 + ;; + *) + echo -e "${RedBG} 安装终止 ${Font}" + exit 2 + ;; + esac } -time_modify(){ - ntpdate_install - - systemctl stop ntp &>/dev/null - - echo -e "${Info} ${GreenBG} 正在进行时间同步 ${Font}" - ntpdate time.nist.gov - - if [[ $? -eq 0 ]];then - echo -e "${OK} ${GreenBG} 时间同步成功 ${Font}" - echo -e "${OK} ${GreenBG} 当前系统时间 `date -R`(请注意时区间时间换算,换算后时间误差应为三分钟以内)${Font}" - sleep 1 - else - echo -e "${Error} ${RedBG} 时间同步失败,请检查ntpdate服务是否正常工作 ${Font}" - fi -} dependency_install(){ ${INS} install wget git lsof -y if [[ "${ID}" == "centos" ]];then ${INS} -y install crontabs else - ${INS} install cron + ${INS} -y install cron fi judge "安装 crontab" - # 新版的IP判定不需要使用net-tools - # ${INS} install net-tools -y - # judge "安装 net-tools" + if [[ "${ID}" == "centos" ]];then + systemctl start crond && systemctl enable crond + else + touch /var/spool/cron/crontabs/root && chmod 600 /var/spool/cron/crontabs/root + systemctl start cron && systemctl enable cron + + fi + judge "crontab 自启动配置 " + + ${INS} install bc -y judge "安装 bc" ${INS} install unzip -y judge "安装 unzip" + + if [[ "${ID}" == "centos" ]];then + ${INS} -y groupinstall "Development tools" + else + ${INS} -y install build-essential + fi + judge "编译工具包 安装" + + if [[ "${ID}" == "centos" ]];then + ${INS} -y install pcre pcre-devel zlib-devel + else + ${INS} -y install libpcre3 libpcre3-dev zlib1g-dev + fi + + + judge "nginx 编译依赖" + +} +basic_optimization(){ + # 最大文件打开数 + sed -i '/^\*\ *soft\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf + sed -i '/^\*\ *hard\ *nofile\ *[[:digit:]]*/d' /etc/security/limits.conf + echo '* soft nofile 65536' >> /etc/security/limits.conf + echo '* hard nofile 65536' >> /etc/security/limits.conf + + # 关闭 Selinux + if [[ "${ID}" == "centos" ]];then + sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config + setenforce 0 + fi + } port_alterid_set(){ stty erase '^H' && read -p "请输入连接端口(default:443):" port [[ -z ${port} ]] && port="443" - stty erase '^H' && read -p "请输入alterID(default:64):" alterID - [[ -z ${alterID} ]] && alterID="64" + stty erase '^H' && read -p "请输入alterID(default:4):" alterID + [[ -z ${alterID} ]] && alterID="4" } modify_port_UUID(){ let PORT=$RANDOM+10000 @@ -157,21 +187,17 @@ modify_port_UUID(){ sed -i "/\"path\"/c \\\t \"path\":\"\/${camouflage}\/\"" ${v2ray_conf} } modify_nginx(){ - ## sed 部分地方 适应新配置修正 - if [[ -f /etc/nginx/nginx.conf.bak ]];then - cp /etc/nginx/nginx.conf.bak /etc/nginx/nginx.conf - fi sed -i "1,/listen/{s/listen 443 ssl;/listen ${port} ssl;/}" ${nginx_conf} sed -i "/server_name/c \\\tserver_name ${domain};" ${nginx_conf} sed -i "/location/c \\\tlocation \/${camouflage}\/" ${nginx_conf} sed -i "/proxy_pass/c \\\tproxy_pass http://127.0.0.1:${PORT};" ${nginx_conf} sed -i "/return/c \\\treturn 301 https://${domain}\$request_uri;" ${nginx_conf} - sed -i "27i \\\tproxy_intercept_errors on;" /etc/nginx/nginx.conf + sed -i "27i \\\tproxy_intercept_errors on;" ${nginx_dir}/conf/nginx.conf } web_camouflage(){ ##请注意 这里和LNMP脚本的默认路径冲突,千万不要在安装了LNMP的环境下使用本脚本,否则后果自负 rm -rf /home/wwwroot && mkdir -p /home/wwwroot && cd /home/wwwroot - git clone https://github.com/wulabing/sCalc.git + git clone https://github.com/eyebluecn/levis.git judge "web 站点伪装" } v2ray_install(){ @@ -191,21 +217,60 @@ v2ray_install(){ echo -e "${Error} ${RedBG} V2ray 安装文件下载失败,请检查下载地址是否可用 ${Font}" exit 4 fi + # 清除临时文件 + rm -rf /root/v2ray } nginx_install(){ - ${INS} install nginx -y - if [[ -d /etc/nginx ]];then - echo -e "${OK} ${GreenBG} nginx 安装完成 ${Font}" - sleep 2 - else - echo -e "${Error} ${RedBG} nginx 安装失败 ${Font}" - exit 5 - fi - if [[ ! -f /etc/nginx/nginx.conf.bak ]];then - cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak - echo -e "${OK} ${GreenBG} nginx 初始配置备份完成 ${Font}" - sleep 1 - fi + wget -nc http://nginx.org/download/nginx-${nginx_version}.tar.gz -P ${nginx_openssl_src} + judge "Nginx 下载" + wget -nc https://www.openssl.org/source/openssl-${openssl_version}.tar.gz -P ${nginx_openssl_src} + judge "openssl 下载" + + cd ${nginx_openssl_src} + + [[ -d nginx-"$nginx_version" ]] && rm -rf nginx-"$nginx_version" + tar -zxvf nginx-"$nginx_version".tar.gz + + [[ -d openssl-"$openssl_version" ]] && rm -rf openssl-"$openssl_version" + tar -zxvf openssl-"$openssl_version".tar.gz + + [[ -d "$nginx_dir" ]] && rm -rf ${nginx_dir} + + echo -e "${OK} ${GreenBG} 即将开始编译安装 Nginx, 过程稍久,请耐心等待 ${Font}" + sleep 4 + + cd nginx-${nginx_version} + ./configure --prefix="${nginx_dir}" \ + --with-http_ssl_module \ + --with-http_gzip_static_module \ + --with-http_stub_status_module \ + --with-pcre \ + --with-http_realip_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_secure_link_module \ + --with-http_v2_module \ + --with-openssl=../openssl-"$openssl_version" + judge "编译检查" + make && make install + judge "Nginx 编译安装" + + # 修改基本配置 + sed -i 's/#user nobody;/user root;/' ${nginx_dir}/conf/nginx.conf + sed -i 's/worker_processes 1;/worker_processes 3;/' ${nginx_dir}/conf/nginx.conf + sed -i 's/ worker_connections 1024;/ worker_connections 4096;/' ${nginx_dir}/conf/nginx.conf + sed -i '$i include conf.d/*.conf;' ${nginx_dir}/conf/nginx.conf + + + + # 删除临时文件 + rm -rf nginx-"${nginx_version}" + rm -rf openssl-"${openssl_version}" + rm -rf ../nginx-"${nginx_version}".tar.gz + rm -rf ../openssl-"${openssl_version}".tar.gz + + # 添加配置文件夹,适配旧版脚本 + mkdir ${nginx_dir}/conf/conf.d } ssl_install(){ if [[ "${ID}" == "centos" ]];then @@ -217,10 +282,9 @@ ssl_install(){ curl https://get.acme.sh | sh judge "安装 SSL 证书生成脚本" - } domain_check(){ - stty erase '^H' && read -p "请输入你的域名信息(eg:www.wulabing.com):" domain + read -p "请输入你的域名信息(eg:www.wulabing.com):" domain domain_ip=`ping ${domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'` echo -e "${OK} ${GreenBG} 正在获取 公网ip 信息,请耐心等待 ${Font}" local_ip=`curl -4 ip.sb` @@ -231,6 +295,7 @@ domain_check(){ echo -e "${OK} ${GreenBG} 域名dns解析IP 与 本机IP 匹配 ${Font}" sleep 2 else + echo -e "${Error} ${RedBG} 请确保域名添加了正确的 A 记录,否则将无法正常使用 V2ray(y/n)" echo -e "${Error} ${RedBG} 域名dns解析IP 与 本机IP 不匹配 是否继续安装?(y/n)${Font}" && read install case $install in [yY][eE][sS]|[yY]) @@ -264,7 +329,8 @@ acme(){ if [[ $? -eq 0 ]];then echo -e "${OK} ${GreenBG} SSL 证书生成成功 ${Font}" sleep 2 - ~/.acme.sh/acme.sh --installcert -d ${domain} --fullchainpath /etc/v2ray/v2ray.crt --keypath /etc/v2ray/v2ray.key --ecc + mkdir /data + ~/.acme.sh/acme.sh --installcert -d ${domain} --fullchainpath /data/v2ray.crt --keypath /data/v2ray.key --ecc if [[ $? -eq 0 ]];then echo -e "${OK} ${GreenBG} 证书配置成功 ${Font}" sleep 2 @@ -285,14 +351,13 @@ nginx_conf_add(){ cat>${nginx_conf_dir}/v2ray.conf<> /etc/rc.local judge "设置 Nginx 开机自启" systemctl start v2ray judge "V2ray 启动" + + systemctl enable v2ray + judge "设置 v2ray 开机自启" } +#debian 系 9 10 适配 +rc_local_initialization(){ + if [[ -f /etc/rc.local ]];then + chmod +x /etc/rc.local + else + touch /etc/rc.local && chmod +x /etc/rc.local + echo "#!/bin/bash" >> /etc/rc.local + systemctl start rc-local + fi + + judge "rc.local 配置" +} acme_cron_update(){ if [[ "${ID}" == "centos" ]];then - sed -i "/acme.sh/c 0 0 * * 0 systemctl stop nginx && \"/root/.acme.sh\"/acme.sh --cron --home \"/root/.acme.sh\" \ - > /dev/null && systemctl start nginx " /var/spool/cron/root + sed -i "/acme.sh/c 0 0 * * 0 /etc/nginx/sbin/nginx -s stop && \"/root/.acme.sh\"/acme.sh --cron --home \"/root/.acme.sh\" \ + > /dev/null && /etc/nginx/sbin/nginx" /var/spool/cron/root else - sed -i "/acme.sh/c 0 0 * * 0 systemctl stop nginx && \"/root/.acme.sh\"/acme.sh --cron --home \"/root/.acme.sh\" \ - > /dev/null && systemctl start nginx " /var/spool/cron/crontabs/root + sed -i "/acme.sh/c 0 0 * * 0 /etc/nginx/sbin/nginx -s stop && \"/root/.acme.sh\"/acme.sh --cron --home \"/root/.acme.sh\" \ + > /dev/null && /etc/nginx/sbin/nginx" /var/spool/cron/crontabs/root fi judge "cron 计划任务更新" } show_information(){ clear + cd ~ - echo -e "${OK} ${Green} V2ray+ws+tls 安装成功 " - echo -e "${Red} V2ray 配置信息 ${Font}" - echo -e "${Red} 地址(address):${Font} ${domain} " - echo -e "${Red} 端口(port):${Font} ${port} " - echo -e "${Red} 用户id(UUID):${Font} ${UUID}" - echo -e "${Red} 额外id(alterId):${Font} ${alterID}" - echo -e "${Red} 加密方式(security):${Font} 自适应 " - echo -e "${Red} 传输协议(network):${Font} ws " - echo -e "${Red} 伪装类型(type):${Font} none " - echo -e "${Red} 路径(不要落下/):${Font} /${camouflage}/ " - echo -e "${Red} 底层传输安全:${Font} tls " + echo -e "${OK} ${Green} V2ray+ws+tls 安装成功" >./v2ray_info.txt + echo -e "${Red} V2ray 配置信息 ${Font}" >>./v2ray_info.txt + echo -e "${Red} 地址(address):${Font} ${domain} " >>./v2ray_info.txt + echo -e "${Red} 端口(port):${Font} ${port} " >>./v2ray_info.txt + echo -e "${Red} 用户id(UUID):${Font} ${UUID}" >>./v2ray_info.txt + echo -e "${Red} 额外id(alterId):${Font} ${alterID}" >>./v2ray_info.txt + echo -e "${Red} 加密方式(security):${Font} 自适应 " >>./v2ray_info.txt + echo -e "${Red} 传输协议(network):${Font} ws " >>./v2ray_info.txt + echo -e "${Red} 伪装类型(type):${Font} none " >>./v2ray_info.txt + echo -e "${Red} 路径(不要落下/):${Font} /${camouflage}/ " >>./v2ray_info.txt + echo -e "${Red} 底层传输安全:${Font} tls " >>./v2ray_info.txt - + cat ./v2ray_info.txt } - +ssl_judge_and_install(){ + if [[ -f "/data/v2ray.key" && -f "/data/v2ray.crt" ]];then + echo "证书文件已存在" + elif [[ -f "~/.acme.sh/${domain}_ecc/${domain}.key" && -f "~/.acme.sh/${domain}_ecc/${domain}.cer" ]];then + echo "证书文件已存在" + ~/.acme.sh/acme.sh --installcert -d ${domain} --fullchainpath /data/v2ray.crt --keypath /data/v2ray.key --ecc + judge "证书应用" + else + ssl_install + acme + fi +} main(){ is_root check_system - time_modify + chrony_install dependency_install + basic_optimization domain_check port_alterid_set v2ray_install @@ -372,17 +466,14 @@ main(){ nginx_conf_add web_camouflage - #改变证书安装位置,防止端口冲突关闭相关应用 - systemctl stop nginx - systemctl stop v2ray - #将证书生成放在最后,尽量避免多次尝试脚本从而造成的多次证书申请 - ssl_install - acme + ssl_judge_and_install show_information + rc_local_initialization start_process_systemd acme_cron_update } main +