加入卸载功能

2019-11-26 17:24:05 +08:00 · 2019-11-26 17:24:05 +08:00 · 9efb4ed333
parent 6cee7fe1e6
commit 9efb4ed333
1 changed files with 59 additions and 12 deletions
--- a/install.sh
+++ b/install.sh
@ -27,9 +27,14 @@ nginx_conf_dir="/etc/nginx/conf/conf.d"
 v2ray_conf="${v2ray_conf_dir}/config.json"
 nginx_conf="${nginx_conf_dir}/v2ray.conf"
 nginx_dir="/etc/nginx"
 web_dir="/home/wwwroot"
 nginx_openssl_src="/usr/local/src"
 v2ray_bin_file="/usr/bin/v2ray"
 nginx_systemd_file="/lib/systemd/system/nginx.service"
 v2ray_systemd_file="/etc/systemd/system/v2ray.service"
 nginx_version="1.16.1"
 openssl_version="1.1.1d"
 #生成伪装路径
 camouflage=`cat /dev/urandom | head -n 10 | md5sum | head -c 8`
@ -180,7 +185,7 @@ basic_optimization(){
 port_alterid_set(){
    read -p "请输入连接端口（default:443）:" port
    [[ -z ${port} ]] && port="443"
-    read -p "请输入alterID（default:2）:" alterID
+    read -p "请输入alterID（default:2 仅允许填数字）:" alterID
    [[ -z ${alterID} ]] && alterID="2"
 }
 modify_port_UUID(){
@ -372,7 +377,7 @@ nginx_conf_add(){
        listen 443 ssl http2;
        ssl_certificate       /data/v2ray.crt;
        ssl_certificate_key   /data/v2ray.key;
-        ssl_protocols         TLSv1.3;
+        ssl_protocols         TLSv1.2 TLSv1.3;
        ssl_ciphers           TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
        server_name           serveraddr.com;
        index index.html index.htm;
@ -494,8 +499,9 @@ ssl_judge_and_install(){
        acme
    fi
 }
 nginx_systemd(){
-    cat>/lib/systemd/system/nginx.service<<EOF
+    cat>$nginx_systemd_file<<EOF
 [Unit]
 Description=The NGINX HTTP and reverse proxy server
 After=syslog.target network.target remote-fs.target nss-lookup.target
@ -515,6 +521,36 @@ EOF
 judge "Nginx systemd ServerFile 添加"
 }
 tls_type(){
    if [[ -f "/etc/nginx/sbin/nginx" ]] && [[ -f "$nginx_conf" ]];then
        echo "请选择支持的 TLS 版本（default:1）:"
        echo "1: TLS1.2 and TLS1.3"
        echo "2: TLS1.3 only"
        read -p  "请输入：" tls_version
        [[ -z ${tls_version} ]] && tls_version=1
        if [[ $tls_version == 2 ]];then
            sed -i 's/ssl_protocols.*/ssl_protocols         TLSv1.3;/' $nginx_conf
            echo -e "${OK} ${GreenBG} 已切换至 TLS1.3 only ${Font}"
        else
            sed -i 's/ssl_protocols.*/ssl_protocols         TLSv1.2 TLSv1.3;/' $nginx_conf
            echo -e "${OK} ${GreenBG} 已切换至TLS1.2 and TLS1.3 ${Font}"
        fi
        systemctl restart nginx
        judge "Nginx 重启"
    else
        echo -e "${Error} ${RedBG} Nginx 或 配置文件不存在，请正确安装脚本后执行${Font}"
    fi
 }
 uninstall_all(){
    [[ -f $nginx_systemd_file ]] && rm -f $nginx_systemd_file
    [[ -f $v2ray_systemd_file ]] && rm -f $v2ray_systemd_file
    [[ -d $v2ray_bin_file ]] && rm -rf $v2ray_bin_file
    [[ -d $nginx_dir ]] && rm -rf $nginx_dir
    [[ -d $v2ray_conf_dir ]] && rm -rf $v2ray_conf_dir
    [[ -d $web_dir ]] && rm -rf $web_dir
    echo -e "${OK} ${GreenBG} 已卸载，SSL证书文件已保留 ${Font}"
 }
 main(){
    is_root
    check_system
@ -531,13 +567,24 @@ main(){
    nginx_conf_add
    web_camouflage
    #将证书生成放在最后，尽量避免多次尝试脚本从而造成的多次证书申请
    ssl_judge_and_install
    nginx_systemd
    show_information
    start_process_systemd
    acme_cron_update
 }
-
+list(){
    case $1 in
        tls_modify)
            tls_type
            ;;
        uninstall)
            uninstall_all
            ;;
        *)
            main
            ;;
    esac
 }
 list $1