#!/usr/bin/env bash # 设置各变量 WSPATH=${WSPATH:-'argo'} UUID=${UUID:-'de04add9-5c68-8bab-950c-08cd5320df18'} WEB_USERNAME=${WEB_USERNAME:-'admin'} WEB_PASSWORD=${WEB_PASSWORD:-'password'} generate_config() { cat > config.json << EOF { "log":{ "access":"/dev/null", "error":"/dev/null", "loglevel":"none" }, "inbounds":[ { "port":8080, "protocol":"vless", "settings":{ "clients":[ { "id":"${UUID}", "flow":"xtls-rprx-vision" } ], "decryption":"none", "fallbacks":[ { "dest":3001 }, { "path":"/${WSPATH}-vless", "dest":3002 }, { "path":"/${WSPATH}-vmess", "dest":3003 }, { "path":"/${WSPATH}-trojan", "dest":3004 }, { "path":"/${WSPATH}-shadowsocks", "dest":3005 } ] }, "streamSettings":{ "network":"tcp" } }, { "port":3001, "listen":"127.0.0.1", "protocol":"vless", "settings":{ "clients":[ { "id":"${UUID}" } ], "decryption":"none" }, "streamSettings":{ "network":"ws", "security":"none" } }, { "port":3002, "listen":"127.0.0.1", "protocol":"vless", "settings":{ "clients":[ { "id":"${UUID}", "level":0 } ], "decryption":"none" }, "streamSettings":{ "network":"ws", "security":"none", "wsSettings":{ "path":"/${WSPATH}-vless" } }, "sniffing":{ "enabled":true, "destOverride":[ "http", "tls" ], "metadataOnly":false } }, { "port":3003, "listen":"127.0.0.1", "protocol":"vmess", "settings":{ "clients":[ { "id":"${UUID}", "alterId":0 } ] }, "streamSettings":{ "network":"ws", "wsSettings":{ "path":"/${WSPATH}-vmess" } }, "sniffing":{ "enabled":true, "destOverride":[ "http", "tls" ], "metadataOnly":false } }, { "port":3004, "listen":"127.0.0.1", "protocol":"trojan", "settings":{ "clients":[ { "password":"${UUID}" } ] }, "streamSettings":{ "network":"ws", "security":"none", "wsSettings":{ "path":"/${WSPATH}-trojan" } }, "sniffing":{ "enabled":true, "destOverride":[ "http", "tls" ], "metadataOnly":false } }, { "port":3005, "listen":"127.0.0.1", "protocol":"shadowsocks", "settings":{ "clients":[ { "method":"chacha20-ietf-poly1305", "password":"${UUID}" } ], "decryption":"none" }, "streamSettings":{ "network":"ws", "wsSettings":{ "path":"/${WSPATH}-shadowsocks" } }, "sniffing":{ "enabled":true, "destOverride":[ "http", "tls" ], "metadataOnly":false } } ], "dns":{ "servers":[ "https+local://8.8.8.8/dns-query" ] }, "outbounds":[ { "protocol":"freedom" }, { "tag":"WARP", "protocol":"wireguard", "settings":{ "secretKey":"YFYOAdbw1bKTHlNNi+aEjBM3BO7unuFC5rOkMRAz9XY=", "address":[ "172.16.0.2/32", "2606:4700:110:8a36:df92:102a:9602:fa18/128" ], "peers":[ { "publicKey":"bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=", "allowedIPs":[ "0.0.0.0/0", "::/0" ], "endpoint":"162.159.193.10:2408" } ], "reserved":[78, 135, 76], "mtu":1280 } } ], "routing":{ "domainStrategy":"AsIs", "rules":[ { "type":"field", "domain":[ "domain:openai.com", "domain:ai.com" ], "outboundTag":"WARP" } ] } } EOF } generate_argo() { cat > argo.sh << ABC #!/usr/bin/env bash argo_type() { if [[ -n "\${ARGO_AUTH}" && -n "\${ARGO_DOMAIN}" ]]; then [[ \$ARGO_AUTH =~ TunnelSecret ]] && echo \$ARGO_AUTH > tunnel.json && cat > tunnel.yml << EOF tunnel: \$(cut -d\" -f12 <<< \$ARGO_AUTH) credentials-file: /app/tunnel.json protocol: http2 ingress: - hostname: \$ARGO_DOMAIN service: http://localhost:8080 EOF [ -n "\${SSH_DOMAIN}" ] && cat >> tunnel.yml << EOF - hostname: \$SSH_DOMAIN service: http://localhost:2222 EOF [ -n "\${FTP_DOMAIN}" ] && cat >> tunnel.yml << EOF - hostname: \$FTP_DOMAIN service: http://localhost:3333 EOF cat >> tunnel.yml << EOF originRequest: noTLSVerify: true - service: http_status:404 EOF else ARGO_DOMAIN=\$(cat argo.log | grep -o "info.*https://.*trycloudflare.com" | sed "s@.*https://@@g" | tail -n 1) fi } export_list() { VMESS="{ \"v\": \"2\", \"ps\": \"Argo-Vmess\", \"add\": \"icook.hk\", \"port\": \"443\", \"id\": \"${UUID}\", \"aid\": \"0\", \"scy\": \"none\", \"net\": \"ws\", \"type\": \"none\", \"host\": \"\${ARGO_DOMAIN}\", \"path\": \"/${WSPATH}-vmess?ed=2048\", \"tls\": \"tls\", \"sni\": \"\${ARGO_DOMAIN}\", \"alpn\": \"\" }" cat > list << EOF ******************************************* V2-rayN: ---------------------------- vless://${UUID}@icook.hk:443?encryption=none&security=tls&sni=\${ARGO_DOMAIN}&type=ws&host=\${ARGO_DOMAIN}&path=%2F${WSPATH}-vless?ed=2048#Argo-Vless ---------------------------- vmess://\$(echo \$VMESS | base64 -w0) ---------------------------- trojan://${UUID}@icook.hk:443?security=tls&sni=\${ARGO_DOMAIN}&type=ws&host=\${ARGO_DOMAIN}&path=%2F${WSPATH}-trojan?ed=2048#Argo-Trojan ---------------------------- ss://$(echo "chacha20-ietf-poly1305:${UUID}@icook.hk:443" | base64 -w0)@icook.hk:443#Argo-Shadowsocks 由于该软件导出的链接不全,请自行处理如下: 传输协议: WS , 伪装域名: \${ARGO_DOMAIN} ,路径: /${WSPATH}-shadowsocks?ed=2048 , 传输层安全: tls , sni: \${ARGO_DOMAIN} ******************************************* 小火箭: ---------------------------- vless://${UUID}@icook.hk:443?encryption=none&security=tls&type=ws&host=\${ARGO_DOMAIN}&path=/${WSPATH}-vless?ed=2048&sni=\${ARGO_DOMAIN}#Argo-Vless ---------------------------- vmess://$(echo "none:${UUID}@icook.hk:443" | base64 -w0)?remarks=Argo-Vmess&obfsParam=\${ARGO_DOMAIN}&path=/${WSPATH}-vmess?ed=2048&obfs=websocket&tls=1&peer=\${ARGO_DOMAIN}&alterId=0 ---------------------------- trojan://${UUID}@icook.hk:443?peer=\${ARGO_DOMAIN}&plugin=obfs-local;obfs=websocket;obfs-host=\${ARGO_DOMAIN};obfs-uri=/${WSPATH}-trojan?ed=2048#Argo-Trojan ---------------------------- ss://$(echo "chacha20-ietf-poly1305:${UUID}@icook.hk:443" | base64 -w0)?obfs=wss&obfsParam=\${ARGO_DOMAIN}&path=/${WSPATH}-shadowsocks?ed=2048#Argo-Shadowsocks ******************************************* Clash: ---------------------------- - {name: Argo-Vless, type: vless, server: icook.hk, port: 443, uuid: ${UUID}, tls: true, servername: \${ARGO_DOMAIN}, skip-cert-verify: false, network: ws, ws-opts: {path: /${WSPATH}-vless?ed=2048, headers: { Host: \${ARGO_DOMAIN}}}, udp: true} ---------------------------- - {name: Argo-Vmess, type: vmess, server: icook.hk, port: 443, uuid: ${UUID}, alterId: 0, cipher: none, tls: true, skip-cert-verify: true, network: ws, ws-opts: {path: /${WSPATH}-vmess?ed=2048, headers: {Host: \${ARGO_DOMAIN}}}, udp: true} ---------------------------- - {name: Argo-Trojan, type: trojan, server: icook.hk, port: 443, password: ${UUID}, udp: true, tls: true, sni: \${ARGO_DOMAIN}, skip-cert-verify: false, network: ws, ws-opts: { path: /${WSPATH}-trojan?ed=2048, headers: { Host: \${ARGO_DOMAIN} } } } ---------------------------- - {name: Argo-Shadowsocks, type: ss, server: icook.hk, port: 443, cipher: chacha20-ietf-poly1305, password: ${UUID}, plugin: v2ray-plugin, plugin-opts: { mode: websocket, host: \${ARGO_DOMAIN}, path: /${WSPATH}-shadowsocks?ed=2048, tls: true, skip-cert-verify: false, mux: false } } ******************************************* EOF cat list } argo_type export_list ABC } generate_nezha() { cat > nezha.sh << EOF #!/usr/bin/env bash # 检测是否已运行 check_run() { [[ \$(pgrep -lafx nezha-agent) ]] && echo "哪吒客户端正在运行中" && exit } # 若哪吒三个变量不全,则不安装哪吒客户端 check_variable() { [[ -z "\${NEZHA_SERVER}" || -z "\${NEZHA_PORT}" || -z "\${NEZHA_KEY}" ]] && exit } # 下载最新版本 Nezha Agent download_agent() { if [ ! -e nezha-agent ]; then URL=\$(wget -qO- "https://api.github.com/repos/naiba/nezha/releases/latest" | grep -o "https.*linux_amd64.zip") URL=\${URL:-https://github.com/naiba/nezha/releases/download/v0.14.11/nezha-agent_linux_amd64.zip} wget \${URL} unzip -qod ./ nezha-agent_linux_amd64.zip rm -f nezha-agent_linux_amd64.zip fi } check_run check_variable download_agent EOF } generate_ttyd() { cat > ttyd.sh << EOF #!/usr/bin/env bash # 检测是否已运行 check_run() { [[ \$(pgrep -lafx ttyd) ]] && echo "ttyd 正在运行中" && exit } # 若 ssh argo 域名不设置,则不安装 ttyd check_variable() { [ -z "\${SSH_DOMAIN}" ] && exit } # 下载最新版本 ttyd download_ttyd() { if [ ! -e ttyd ]; then URL=\$(wget -qO- "https://api.github.com/repos/tsl0922/ttyd/releases/latest" | grep -o "https.*x86_64") URL=\${URL:-https://github.com/tsl0922/ttyd/releases/download/1.7.3/ttyd.x86_64} wget -O ttyd \${URL} chmod +x ttyd fi } check_run check_variable download_ttyd EOF } generate_filebrowser () { cat > filebrowser.sh << EOF #!/usr/bin/env bash # 检测是否已运行 check_run() { [[ \$(pgrep -lafx filebrowser) ]] && echo "filebrowser 正在运行中" && exit } # 若 ftp argo 域名不设置,则不安装 filebrowser check_variable() { [ -z "\${FTP_DOMAIN}" ] && exit } # 下载最新版本 filebrowser download_filebrowser() { if [ ! -e filebrowser ]; then URL=\$(wget -qO- "https://api.github.com/repos/filebrowser/filebrowser/releases/latest" | grep -o "https.*linux-amd64.*gz") URL=\${URL:-https://github.com/filebrowser/filebrowser/releases/download/v2.23.0/linux-amd64-filebrowser.tar.gz} wget -O filebrowser.tar.gz \${URL} tar xzvf filebrowser.tar.gz filebrowser rm -f filebrowser.tar.gz chmod +x filebrowser PASSWORD_HASH=\$(./filebrowser hash \$WEB_PASSWORD) sed -i "s#PASSWORD_HASH#\$PASSWORD_HASH#g" ecosystem.config.js fi } check_run check_variable download_filebrowser EOF } # 生成 pm2 配置文件 generate_pm2_file() { if [[ -n "${ARGO_AUTH}" && -n "${ARGO_DOMAIN}" ]]; then [[ $ARGO_AUTH =~ TunnelSecret ]] && ARGO_ARGS="tunnel --edge-ip-version auto --config tunnel.yml run" [[ $ARGO_AUTH =~ ^[A-Z0-9a-z=]{120,250}$ ]] && ARGO_ARGS="tunnel --edge-ip-version auto --protocol http2 run --token ${ARGO_AUTH}" else ARGO_ARGS="tunnel --edge-ip-version auto --no-autoupdate --protocol http2 --logfile argo.log --loglevel info --url http://localhost:8080" fi TLS=${NEZHA_TLS:+'--tls'} cat > ecosystem.config.js << EOF module.exports = { "apps":[ { "name":"web", "script":"/app/web.js run" }, { "name":"argo", "script":"cloudflared", "args":"${ARGO_ARGS}" EOF [[ -n "${NEZHA_SERVER}" && -n "${NEZHA_PORT}" && -n "${NEZHA_KEY}" ]] && cat >> ecosystem.config.js << EOF }, { "name":"nezha", "script":"/app/nezha-agent", "args":"-s ${NEZHA_SERVER}:${NEZHA_PORT} -p ${NEZHA_KEY} ${TLS}" EOF [ -n "${SSH_DOMAIN}" ] && cat >> ecosystem.config.js << EOF }, { "name":"ttyd", "script":"/app/ttyd", "args":"-c ${WEB_USERNAME}:${WEB_PASSWORD} -p 2222 bash" EOF [ -n "${FTP_DOMAIN}" ] && cat >> ecosystem.config.js << EOF }, { "name":"filebrowser", "script":"/app/filebrowser", "args":"--port 3333 --username ${WEB_USERNAME} --password 'PASSWORD_HASH'" EOF cat >> ecosystem.config.js << EOF } ] } EOF } generate_config generate_argo generate_nezha generate_ttyd generate_filebrowser generate_pm2_file [ -e nezha.sh ] && bash nezha.sh [ -e argo.sh ] && bash argo.sh [ -e ttyd.sh ] && bash ttyd.sh [ -e filebrowser.sh ] && bash filebrowser.sh [ -e ecosystem.config.js ] && pm2 start