『Freesia』- (K)NoW_NAME
樱花任务/Sakura Quest ED1
我会把这个贴子当作【分享发现】收藏夹。
我会把这个贴子当作【分享发现】收藏夹。
92 个评论
沉默的广场
休假中
#!/bin/bash
echo "installation beginning"
printf "Input domain name: "
read domain
printf "Input websocket path: "
read wspath
mkdir tmp
wget "https://caddyserver.com/download/linux/amd64?license=personal&telemetry=off" -O tmp/caddy.tar.gz
wget "https://github.com/v2ray/v2ray-core/releases/download/v4.23.1/v2ray-linux-64.zip" -O tmp/v2ray.zip
gunzip tmp/caddy.tar.gz
tar -xvf tmp/caddy.tar -C tmp/
unzip tmp/v2ray.zip -d tmp/
mkdir -p /opt/breakwall /opt/breakwall/ssl /opt/breakwall/html
cp tmp/caddy /opt/breakwall/
cp tmp/v2ray /opt/breakwall/
cp tmp/v2ctl /opt/breakwall/
cp tmp/geoip.dat /opt/breakwall/
cp tmp/geosite.dat /opt/breakwall/
rm -rf tmp/
openssl genrsa -out /opt/breakwall/ssl/ca.key 2048
openssl req -new -key /opt/breakwall/ssl/ca.key -out /opt/breakwall/ssl/ca.csr -subj "/CN=$domain"
openssl req -x509 -days 3650 -key /opt/breakwall/ssl/ca.key -in /opt/breakwall/ssl/ca.csr -out /opt/breakwall/ssl/ca.crt
cat << EOF > /opt/breakwall/Caddyfile
https://$domain
tls /opt/breakwall/ssl/ca.crt /opt/breakwall/ssl/ca.key
root /opt/breakwall/html
proxy /$wspath https://127.0.0.1:8964
EOF
cat << EOF > /opt/breakwall/config.json
{
"inbound": {
"listen": "127.0.0.1",
"port": 8964,
"protocol": "socks",
"settings": {"udp": true},
"streamSettings": {
"wsSettings": {"path": "/$wspath"},
"network": "ws"
}
},
"outbound": {"protocol": "freedom"}
}
EOF
cat << EOF > /etc/systemd/system/caddy.service
[Unit]
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service
[Service]
Type=simple
User=breakwall
ExecStart=/opt/breakwall/caddy -conf=/opt/breakwall/Caddyfile -agree=true
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
Restart=on-abnormal
[Install]
WantedBy=multi-user.target
EOF
cat << EOF > /etc/systemd/system/v2ray.service
[Unit]
After=network.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
User=breakwall
ExecStart=/opt/breakwall/v2ray
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=yes
Restart=on-failure
RestartPreventExitStatus=23
[Install]
WantedBy=multi-user.target
EOF
rand_str=
function random_string() {
rand_num=$(($(date +%s%N)%$(($2-$1+1))+$1))
rand_str=$(cat /dev/urandom | tr -dc 'a-z' | fold -w ${rand_num} | head -n 1)
}
random_string 5 20
title=$rand_str
random_string 5 20
header=$rand_str
MIN_LINE=100
MAX_LINE=200
n_paragraphs=$(($(date +%s%N)%$(($MAX_LINE-$MIN_LINE+1))+$MIN_LINE))
random_string 50 120
paragraph=$rand_str
i=0
while(($i<n_paragraphs))
do
random_string 50 120
paragraph="${paragraph}<br />${rand_str}"
let "i++"
done
cat << EOF > /opt/breakwall/html/index.html
<html>
<head>
<title>${title}</title>
</head>
<body>
<h1>${header}</h1>
<p>${paragraph}</p>
</body>
</html>
EOF
useradd --system --home-dir /nonexistent --shell /sbin/nologin breakwall
chown -R breakwall:breakwall /opt/breakwall/html
chown -R breakwall:breakwall /opt/breakwall/ssl
chmod 700 /opt/breakwall/ssl
chmod +x /opt/breakwall/v2ray /opt/breakwall/v2ctl /opt/breakwall/caddy
systemctl daemon-reload
systemctl enable caddy v2ray --now
echo "Installation finished."