-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathFddvd.sh
128 lines (123 loc) · 3.75 KB
/
Fddvd.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#!/bin/bash
blue(){
echo -e "\033[34m\033[01m$1\033[0m"
}
green(){
echo -e "\033[32m\033[01m$1\033[0m"
}
red(){
echo -e "\033[31m\033[01m$1\033[0m"
}
yellow(){
echo -e "\033[33m\033[01m$1\033[0m"
}
bred(){
echo -e "\033[31m\033[01m\033[05m$1\033[0m"
}
byellow(){
echo -e "\033[33m\033[01m\033[05m$1\033[0m"
}
yum -y install unzip wget curl firewalld epel*
systemctl restart firewalld
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --permanent --add-port=4437/tcp
firewall-cmd --permanent --add-port=22122/tcp
firewall-cmd --permanent --add-port=44377/tcp
firewall-cmd --reload
##########获取最新版本号
latest_version="$(wget --no-check-certificate -qO- https://api.github.com/repos/p4gefau1t/trojan-go/tags | grep 'name' | cut -d\" -f4 | head -1)"
yellow "最新版本号为:${latest_version}"
##########设置下载连接地址
trojango_link="https://github.com/p4gefau1t/trojan-go/releases/download/${latest_version}/trojan-go-linux-amd64.zip"
######################
mkdir /root/trojan-go
wget "${trojango_link}" -O /root/trojan-go/trojan-go.zip
cd /root/trojan-go
unzip trojan-go.zip && rm -rf trojan-go.zip
yellow "Unduh trojan-go selesai"
green "======================="
yellow "Silakan masukkan nama domain yang terikat ke VPS ini"
green "======================="
read your_domain
real_addr=`ping ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'`
local_addr=`curl ipv4.icanhazip.com`
green "======================="
yellow "Silakan masukkan kata sandi koneksi trojan"
green "======================="
read vpn_password
###############konfigurasi server
cat > /root/trojan-go/server.yaml <<-EOF
run-type: server
local-addr: 0.0.0.0
local-port: 443
remote-addr: 127.0.0.1
remote-port: 80
password:
- $vpn_password
ssl:
cert: /root/trojan-go/server.cer
key: /root/trojan-go/server.key
fallback_port: 80
EOF
# cat > /root/trojan-go/client.json <<-EOF
# {
# "run_type": "client",
# "local_addr": "127.0.0.1",
# "local_port": 1080,
# "remote_addr": "$your_domain",
# "remote_port": 443,
# "password": [
# "$vpn_password"
# ],
# "ssl": {
# "sni": "$your_domain"
# },
# "mux": {
# "enabled": true
# },
# "router": {
# "enabled": true,
# "bypass": [
# "geoip:cn",
# "geoip:private",
# "geosite:cn",
# "geosite:geolocation-cn"
# ],
# "block": [
# "geosite:category-ads"
# ],
# "proxy": [
# "geosite:geolocation-!cn"
# ],
# "default_policy": "proxy",
# "geoip": "/root/trojan-go/geoip.dat",
# "geosite": "/root/trojan-go/geosite.dat"
# }
# }
# EOF
if [ $real_addr == $local_addr ] ; then
green "=========================================="
green "Resolusi nama domain normal, buka instalasi nginx dan ajukan sertifikat https"
green "=========================================="
sleep 1s
yum install -y nginx
rm -rf /usr/share/nginx/html/*
cd /usr/share/nginx/html/
wget www.yahoo.co.jp
systemctl restart nginx.service
#申请https证书
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --issue -d $your_domain --webroot /usr/share/nginx/html/
~/.acme.sh/acme.sh --installcert -d $your_domain \
--key-file /root/trojan-go/server.key \
--fullchain-file /root/trojan-go/server.cert \
--reloadcmd "systemctl force-reload nginx.service"
#systemctl stop nginx.service
yellow "nohup /root/trojan-go/trojan-go -config /root/trojan-go/server.yaml >trojan-go.log 2<&1 &"
else
red "================================"
red "Alamat nama domain tidak sesuai dengan IP VPS"
red "Instal gagal, pastikan resolusi nama domain sesuai"
red "================================"
fi