Skip to content

Instantly share code, notes, and snippets.

@jianyun8023

jianyun8023/install_singbox.sh

Last active November 1, 2024 03:58
Show Gist options
  • Save jianyun8023/bb9e857b901f051376faa7d0843fc5ff to your computer and use it in GitHub Desktop.
Save jianyun8023/bb9e857b901f051376faa7d0843fc5ff to your computer and use it in GitHub Desktop.
Download ZIP
Raw
install_singbox.sh
#!/bin/bash
#fonts color
yellow() {
echo -e "\033[33m\033[01m$1\033[0m"
}
green() {
echo -e "\033[32m\033[01m$1\033[0m"
}
red() {
echo -e "\033[31m\033[01m$1\033[0m"
}
#copy from 秋水逸冰 ss scripts
if [[ -f /etc/redhat-release ]]; then
release="centos"
systemPackage="yum"
systempwd="/usr/lib/systemd/system/"
elif cat /etc/issue | grep -Eqi "debian"; then
release="debian"
systemPackage="apt"
systempwd="/lib/systemd/system/"
elif cat /etc/issue | grep -Eqi "ubuntu"; then
release="ubuntu"
systemPackage="apt"
systempwd="/lib/systemd/system/"
elif cat /etc/issue | grep -Eqi "centos|red hat|redhat"; then
release="centos"
systemPackage="yum"
systempwd="/usr/lib/systemd/system/"
elif cat /proc/version | grep -Eqi "debian"; then
release="debian"
systemPackage="apt"
systempwd="/lib/systemd/system/"
elif cat /proc/version | grep -Eqi "ubuntu"; then
release="ubuntu"
systemPackage="apt"
systempwd="/lib/systemd/system/"
elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then
release="centos"
systemPackage="yum"
systempwd="/usr/lib/systemd/system/"
fi
function install_v2ray() {
# CHECK=$(grep SELINUX= /etc/selinux/config | grep -v "#")
# if [ "$CHECK" == "SELINUX=enforcing" ]; then
# red "======================================================================="
# red "检测到SELinux为开启状态,为防止申请证书失败,请先重启VPS后,再执行本脚本"
# red "======================================================================="
# read -p "是否现在重启 ?请输入 [Y/n] :" yn
# [ -z "${yn}" ] && yn="y"
# if [[ $yn == [Yy] ]]; then
# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
# setenforce 0
# echo -e "VPS 重启中..."
# reboot
# fi
# exit
# fi
# if [ "$CHECK" == "SELINUX=permissive" ]; then
# red "======================================================================="
# red "检测到SELinux为宽容状态,为防止申请证书失败,请先重启VPS后,再执行本脚本"
# red "======================================================================="
# read -p "是否现在重启 ?请输入 [Y/n] :" yn
# [ -z "${yn}" ] && yn="y"
# if [[ $yn == [Yy] ]]; then
# sed -i 's/SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config
# setenforce 0
# echo -e "VPS 重启中..."
# reboot
# fi
# exit
# fi
if [ "$release" == "centos" ]; then
if [ -n "$(grep ' 6\.' /etc/redhat-release)" ]; then
red "==============="
red "当前系统不受支持"
red "==============="
exit
fi
if [ -n "$(grep ' 5\.' /etc/redhat-release)" ]; then
red "==============="
red "当前系统不受支持"
red "==============="
exit
fi
systemctl stop firewalld
systemctl disable firewalld
rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
elif [ "$release" == "ubuntu" ]; then
if [ -n "$(grep ' 14\.' /etc/os-release)" ]; then
red "==============="
red "当前系统不受支持"
red "==============="
exit
fi
if [ -n "$(grep ' 12\.' /etc/os-release)" ]; then
red "==============="
red "当前系统不受支持"
red "==============="
exit
fi
systemctl stop ufw
systemctl disable ufw
apt-get update
elif [ "$release" == "debian" ]; then
systemctl stop ufw
systemctl disable ufw
apt-get update
fi
$systemPackage -y install lsof nginx wget unzip zip curl tar >/dev/null 2>&1
systemctl enable nginx.service
green "======================="
yellow "请输入绑定到本VPS的域名"
green "======================="
read your_domain
real_addr_ipv4=$(ping -4 ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}')
real_addr_ipv6=$(ping -6 ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}')
local_addr_ipv4=$(curl -4 ipv4.icanhazip.com)
local_addr_ipv6=$(curl -6 ipv6.icanhazip.com)
if [ "$real_addr_ipv4" == "$local_addr_ipv4" ] || [ "$real_addr_ipv6" == "$local_addr_ipv6" ]; then
green "=========================================="
green " 域名解析正常,开始安装v2ray"
green "=========================================="
sleep 1s
#设置伪装站
rm -rf /var/www/html/*
cd /var/www/html/
## 站点内容
wget -o web.zip https://github.com/CorentinTh/it-tools/releases/download/v2024.5.13-a0bc346/it-tools-2024.5.13-a0bc346.zip
unzip web.zip
systemctl restart nginx.service
#申请https证书
mkdir -p /etc/nginx/cert
chmod 755 /etc/nginx/cert
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
~/.acme.sh/acme.sh --issue -d $your_domain --webroot /var/www/html/
~/.acme.sh/acme.sh --installcert -d $your_domain \
--key-file /etc/nginx/cert/private.key \
--fullchain-file /etc/nginx/cert/fullchain.crt \
--reloadcmd "systemctl restart nginx.service"
if test -s /etc/nginx/cert/fullchain.crt; then
chmod 644 /etc/nginx/cert/private.key
chmod 644 /etc/nginx/cert/fullchain.crt
cat >/etc/nginx/conf.d/wss.conf <<-EOF
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/nginx/cert/fullchain.crt;
ssl_certificate_key /etc/nginx/cert/private.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5:!3DES;
ssl_prefer_server_ciphers on;
server_name $your_domain;
root /var/www/html/ ;
location /wss {
if (\$http_upgrade != "websocket") {
return 404;
}
proxy_redirect off;
proxy_pass http://localhost:1234;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host \$host;
# Show real IP in v2ray access.log
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
}
}
EOF
systemctl restart nginx.service
if [ "$systemPackage" == "apt" ]; then
curl -fsSL https://sing-box.app/gpg.key -o /etc/apt/keyrings/sagernet.asc
chmod a+r /etc/apt/keyrings/sagernet.asc
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/sagernet.asc] https://deb.sagernet.org/ * *" |
tee /etc/apt/sources.list.d/sagernet.list >/dev/null
apt-get update
apt-get install sing-box # or sing-box-beta
else
bash <(curl -fsSL https://sing-box.app/$systemPackage-install.sh)
fi
v2ray_id=$(sing-box generate uuid)
hysteria2_password=$(sing-box generate rand 16 --base64)
mkdir -p /var/log/sing-box/
cat >/etc/sing-box/config.json <<-EOF
{
"log": {
"disabled": false,
"level": "error",
"output": "/var/log/sing-box/box.log",
"timestamp": true
},
"inbounds": [
{
"type": "hysteria2",
"tag": "hysteria2-sb-in",
"listen": "::",
"listen_port": 443,
"sniff": true,
"sniff_override_destination": true,
"up_mbps": 500,
"down_mbps": 500,
"users": [
{
"password": "$hysteria2_password"
}
],
"ignore_client_bandwidth": false,
"masquerade": "http://localhost:80",
"tls": {
"enabled": true,
"server_name": "$your_domain",
"alpn": [
"h3"
],
"certificate_path": "/etc/nginx/cert/fullchain.crt",
"key_path": "/etc/nginx/cert/private.key"
}
},
{
"type": "vmess",
"tag": "vmess-tls-sb-in",
"listen": "::",
"listen_port": 1234,
"sniff": true,
"sniff_override_destination": true,
"transport": {
"type": "ws",
"path": "/wss",
"max_early_data": 2048,
"early_data_header_name": "Sec-WebSocket-Protocol"
},
"users": [
{
"uuid": "$v2ray_id",
"alterId": 0
}
],
"multiplex": {
"enabled": true,
"padding": false
}
}
],
"outbounds": [
{
"type": "direct",
"tag": "direct"
},
{
"type": "direct",
"tag": "warp-out"
}
],
"route": {
"rule_set": [
{
"tag": "geosite-openai",
"type": "remote",
"format": "binary",
"url": "https://raw.githubusercontent.com/SagerNet/sing-geosite/rule-set/geosite-openai.srs",
"download_detour": "direct"
}
],
"rules": [
{
"rule_set": "geosite-openai",
"outbound": "warp-out"
},
{
"inbound": [
"hysteria2-sb-in",
"vmess-tls-sb-in"
],
"outbound": "direct"
}
]
},
"experimental": {
"cache_file": {
"enabled": true
}
}
}
EOF
systemctl enable sing-box.service
systemctl start sing-box.service
green "======================================================================"
green "vmess-ws-tls 已安装完成,请使用下面配置"
green "domain ${your_domain} id ${v2ray_id}"
green "hysteria2 已安装完成,请使用下面配置"
green "domain ${your_domain} password ${hysteria2_password}"
green "======================================================================"
else
red "================================"
red "https证书没有申请成果,本次安装失败"
red "================================"
fi
else
red "================================"
red "域名解析地址与本VPS IP地址不一致"
red "本次安装失败,请确保域名解析正常"
red "================================"
fi
}
function remove_v2ray() {
red "================================"
red "即将卸载Xray"
red "同时卸载安装的nginx"
red "================================"
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ remove
if [ "$release" == "centos" ]; then
yum remove -y nginx
else
apt autoremove -y nginx
fi
green "=============="
green "Xray删除完毕"
green "=============="
}
function bbr_boost_sh() {
bash <(curl -L -s -k "https://github.com/teddysun/across/raw/master/bbr.sh")
}
start_menu() {
clear
green " ===================================="
green " Xray 一键安装自动脚本 "
green " 系统:centos7+/debian9+/ubuntu16.04+"
green " ===================================="
echo
red " ===================================="
yellow " 1. 一键安装 Xray"
red " ===================================="
yellow " 2. 安装 4 IN 1 BBRPLUS加速脚本"
red " ===================================="
yellow " 3. 一键卸载 Xray"
red " ===================================="
yellow " 0. 退出脚本"
red " ===================================="
echo
read -p "请输入数字:" num
case "$num" in
1)
install_v2ray
;;
2)
bbr_boost_sh
;;
3)
remove_v2ray
;;
0)
exit 1
;;
*)
clear
red "请输入正确数字"
sleep 1s
start_menu
;;
esac
}
start_menu
Raw
install_xray.sh
#!/bin/bash
#fonts color
yellow() {
echo -e "\033[33m\033[01m$1\033[0m"
}
green() {
echo -e "\033[32m\033[01m$1\033[0m"
}
red() {
echo -e "\033[31m\033[01m$1\033[0m"
}
#copy from 秋水逸冰 ss scripts
if [[ -f /etc/redhat-release ]]; then
release="centos"
systemPackage="yum"
systempwd="/usr/lib/systemd/system/"
elif cat /etc/issue | grep -Eqi "debian"; then
release="debian"
systemPackage="apt-get"
systempwd="/lib/systemd/system/"
elif cat /etc/issue | grep -Eqi "ubuntu"; then
release="ubuntu"
systemPackage="apt-get"
systempwd="/lib/systemd/system/"
elif cat /etc/issue | grep -Eqi "centos|red hat|redhat"; then
release="centos"
systemPackage="yum"
systempwd="/usr/lib/systemd/system/"
elif cat /proc/version | grep -Eqi "debian"; then
release="debian"
systemPackage="apt-get"
systempwd="/lib/systemd/system/"
elif cat /proc/version | grep -Eqi "ubuntu"; then
release="ubuntu"
systemPackage="apt-get"
systempwd="/lib/systemd/system/"
elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then
release="centos"
systemPackage="yum"
systempwd="/usr/lib/systemd/system/"
fi
function check_root() {
if [ $(id -u) != "0" ]; then
red "请以root方式运行"
exit 1
fi
}
function install_cert() {
cert_dir=$1
green "======================="
yellow "请输入绑定到本VPS的域名"
green "======================="
read your_domain
real_addr_ipv4=$(ping -4 ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}')
real_addr_ipv6=$(ping -6 ${your_domain} -c 1 | sed -n 's/.*(\([0-9a-fA-F:]*\)).*/\1/p' | uniq)
local_addr_ipv4=$(curl -4 ipv4.icanhazip.com)
local_addr_ipv6=$(curl -6 ipv6.icanhazip.com)
if [ "$real_addr_ipv4" == "$local_addr_ipv4" ] || [ "$real_addr_ipv6" == "$local_addr_ipv6" ]; then
green "=========================================="
green " 域名解析正常,开始安装v2ray"
green "=========================================="
sleep 1s
#申请https证书
mkdir -p "${cert_dir}"
chmod 755 "${cert_dir}"
$systemPackage -y install cron >/dev/null 2>&1
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt
~/.acme.sh/acme.sh --issue -d $your_domain --webroot /var/www/html/
~/.acme.sh/acme.sh --installcert -d $your_domain \
--key-file "${cert_dir}/tls.key" \
--fullchain-file "${cert_dir}/tls.crt" \
--reloadcmd "systemctl restart xray.service"
else
red "================================"
red "域名解析地址与本VPS IP地址不一致"
red "本次安装失败,请确保域名解析正常"
red "================================"
fi
}
function install_nginx() {
$systemPackage -y install lsof nginx wget jq unzip zip curl tar >/dev/null 2>&1
systemctl enable nginx.service
#设置伪装站
rm -rf /var/www/html/*
cd /var/www/html/
## 站点内容
wget 'https://github.com/CorentinTh/it-tools/releases/download/v2024.5.13-a0bc346/it-tools-2024.5.13-a0bc346.zip'
unzip it-tools-2024.5.13-a0bc346.zip -d /tmp
mv /tmp/dist/* /var/www/html/
systemctl restart nginx.service
}
function install_v2ray() {
#设置伪装站
install_nginx
cert_dir="/etc/ssl/certs/wildcard.16661888.xyz-tls-acme"
## /etc/ssl/certs/wildcard.16661888.xyz-tls-acme/tls.key
## /etc/ssl/certs/wildcard.16661888.xyz-tls-acme/tls.crt
cert_key="${cert_dir}/tls.key"
cert_crt="${cert_dir}/tls.crt"
# 检查是否存在证书
if test -s "${cert_key}"; then
chmod 644 "${cert_key}"
chmod 644 "${cert_crt}"
else
install_cert "$cert_dir"
fi
#安装v2ray
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
v2ray_id=$(xray uuid)
cat >/usr/local/etc/xray/config.json <<-EOF
{
"log": {
"access": "/var/log/xray/access.log",
"error": "/var/log/xray/error.log",
"loglevel": "warning"
},
"inbounds": [
{
"port": 443,
"listen": "::",
"protocol": "vless",
"settings": {
"clients": [
{
"id": "$v2ray_id",
"level": 0,
"email": "[email protected]"
}
],
"decryption": "none",
"fallbacks": [
{
"dest": 80
},
{
"path": "/wss",
"dest": "/dev/shm/xray.sock",
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"alpn": [
"http/1.1"
],
"certificates": [
{
"certificateFile": "${cert_crt}",
"keyFile": "${cert_key}"
}
]
}
}
},
{
"listen": "/dev/shm/xray.sock,0666",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "$v2ray_id",
"level": 0,
"email": "[email protected]"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"acceptProxyProtocol": true,
"path": "/wss"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
},
{
"protocol": "socks",
"settings": {
"servers": [
{
"address": "127.0.0.1",
"port": 40000
}
]
},
"tag": "warp-out"
},
{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}
],
"routing": {
"rules": [
{
"type": "field",
"domain": [
"geosite:openai",
"geosite:disney",
"geosite:netflix",
"geosite:cloudflare"
],
"outboundTag": "warp-out"
},
{
"type": "field",
"ip": [
"geoip:private"
],
"outboundTag": "blocked"
}
]
}
}
EOF
systemctl enable xray.service
systemctl start xray.service
green "======================================================================"
green "va2ay已安装完成,请使用下面配置"
green "domain ${your_domain} id ${v2ray_id}"
green "======================================================================"
}
function remove_v2ray() {
red "================================"
red "即将卸载Xray"
red "同时卸载安装的nginx"
red "================================"
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ remove
if [ "$release" == "centos" ]; then
yum remove -y nginx
else
apt autoremove -y nginx
fi
green "=============="
green "Xray删除完毕"
green "=============="
}
function bbr_boost_sh() {
bash <(curl -L -s -k "https://github.com/teddysun/across/raw/master/bbr.sh")
}
function warp_sh() {
bash <(curl -L -s -k "https://gitlab.com/fscarmen/warp/-/raw/main/menu.sh")
}
function check_unlock_media_sh() {
bash <(curl -L -s -k check.unlock.media) -R 0
}
function nxtrace_sh() {
bash <(curl -L -s -k nxtrace.org/nt)
}
start_menu() {
clear
green " ===================================="
green " Xray 一键安装自动脚本 "
green " 系统:centos7+/debian9+/ubuntu16.04+"
green " ===================================="
echo
red " ===================================="
yellow " 1. 一键安装 Xray"
red " ===================================="
yellow " 2. 安装 4 IN 1 BBRPLUS加速脚本"
red " ===================================="
yellow " 3. 一键卸载 Xray"
red " ===================================="
yellow " 4. 一键安装 Warp"
red " ===================================="
yellow " 5. 检查流媒体解锁状态"
red " ===================================="
yellow " 6. 一键安装NXTrace"
red " ===================================="
yellow " 0. 退出脚本"
red " ===================================="
echo
read -p "请输入数字:" num
case "$num" in
1)
install_v2ray
;;
2)
bbr_boost_sh
;;
3)
remove_v2ray
;;
4)
warp_sh
;;
5)
check_unlock_media_sh
;;
6)
nxtrace_sh
;;
0)
exit 1
;;
*)
clear
red "请输入正确数字"
sleep 1s
start_menu
;;
esac
}
start_menu
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment