-
Notifications
You must be signed in to change notification settings - Fork 50
Expand file tree
/
Copy pathinstall_native.sh
More file actions
631 lines (518 loc) · 21.4 KB
/
install_native.sh
File metadata and controls
631 lines (518 loc) · 21.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
#!/bin/sh
# --- 颜色定义 ---
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
CYAN='\033[0;36m'
NC='\033[0m'
# --- 辅助函数 ---
info() { printf "${GREEN}[INFO] %s${NC}\n" "$1"; }
warn() { printf "${YELLOW}[WARN] %s${NC}\n" "$1"; }
error() { printf "${RED}[ERROR] %s${NC}\n" "$1"; }
# 注册清理函数:脚本退出或中断时自动清理临时文件
cleanup() {
rm -f /tmp/icmp9_ap_list.txt /tmp/icmp9_regions.json /tmp/icmp9_endpoints.txt /tmp/icmp9_old_endpoints.txt
}
trap cleanup EXIT
# --- 0. Root 检查 ---
if [ "$(id -u)" != "0" ]; then
error "❌ 请使用 Root 用户运行此脚本!(输入 'sudo -i' 切换)"
exit 1
fi
printf "${GREEN}=============================================${NC}\n"
printf "${GREEN} ICMP9 全球落地聚合节点部署脚本 (原生系统直装版) ${NC}\n"
printf "${GREEN} 支持 Debian / Ubuntu / Alpine. ${NC}\n"
printf "${GREEN}=============================================${NC}\n"
# --- 风险提示与用户确认 ---
printf "\n${RED} ⚠️ 警告 ⚠️ ${NC}\n"
printf "${RED}!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!${NC}\n"
printf "${YELLOW}1. 本脚本将修改VPS配置的Nginx,Xray,Cloudflared原有服务,原配置会失效;${NC}\n"
printf "${YELLOW}2. 建议在纯净系统或专用服务器上运行;${NC}\n"
printf "${YELLOW}3. 作者不对因使用本脚本造成的任何数据丢失负责。${NC}\n"
printf "${RED}!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!${NC}\n"
printf "\n您是否已知晓上述风险并确认继续安装? [y/N]: "
read -r CONFIRM
case "$CONFIRM" in
[yY][eE][sS]|[yY])
printf "${GREEN}>>> 用户已确认,继续执行安装...${NC}\n"
;;
*)
printf "${RED}>>> 用户取消安装,脚本退出。${NC}\n"
exit 1
;;
esac
# --- 1. 系统检测与依赖安装 ---
info "🔍 正在检测系统环境..."
OS_TYPE="unknown"
if [ -f /etc/alpine-release ]; then
OS_TYPE="alpine"
# Alpine 依赖安装
info "📦 检测到 Alpine Linux,正在安装依赖..."
ulimit -n 65535
apk update
apk add --no-cache bash wget curl unzip nano nginx libqrencode-tools jq
rc-update add nginx default
elif [ -f /etc/os-release ]; then
. /etc/os-release
if [ "$ID" = "debian" ] || [ "$ID" = "ubuntu" ]; then
OS_TYPE="debian"
# Debian/Ubuntu 依赖安装
info "📦 检测到 Debian/Ubuntu,正在安装依赖..."
ulimit -n 65535
apt-get update
apt-get install -y wget curl unzip nano nginx qrencode jq
fi
fi
if [ "$OS_TYPE" = "unknown" ]; then
error "❌ 不支持的操作系统!仅支持 Debian, Ubuntu 或 Alpine。"
exit 1
fi
# ----------------------------------------------------------------
# 1. ICMP9 API 连通性预检测
# ----------------------------------------------------------------
# 1.1 检查 ICMP9 网络接入点列表 API (核心前置检测)
info "📡 正在检查 ICMP9 可用网络接入点 API 连接状态..."
AP_URL="https://icmp9.b.4.8.f.0.7.4.0.1.0.0.2.ip6.arpa/endpoints.php"
AP_CODE=$(curl -s -o /dev/null -w "%{http_code}" --max-time 10 -A "Mozilla/5.0" "$AP_URL")
if [ "$AP_CODE" = "200" ]; then
info "✅ ICMP9 可用网络接入点 API 连接正常..."
else
error "❌ ICMP9 可用网络接入点 API 连接检查未通过!"
error "⛔️ 脚本已停止运行。"
exit 1
fi
# 1.2 检查 ICMP9 可用落地节点 API
info "📡 正在检查 ICMP9 可用落地节点 API 连接状态..."
ONLINE_URL="https://api.icmp9.com/online.php"
ONLINE_CODE=$(curl -s -o /dev/null -w "%{http_code}" --max-time 10 -A "Mozilla/5.0" "$ONLINE_URL")
if [ "$ONLINE_CODE" = "200" ]; then
info "✅ 可用落地节点 API 连接正常,准备开始部署..."
else
error "❌ 可用落地节点 API 连接检查未通过!"
error "⛔️ 脚本已停止运行。"
exit 1
fi
# --- 2. 核心组件安装 ---
WORK_DIR="/root/icmp9"
mkdir -p "${WORK_DIR}/config" "${WORK_DIR}/subscribe" "${WORK_DIR}/xray"
cd "${WORK_DIR}" || exit
# 架构判断
ARCH_RAW=$(uname -m)
case "${ARCH_RAW}" in
aarch64 | arm64) ARCH="arm64-v8a"; CF_ARCH="arm64" ;;
x86_64 | amd64) ARCH="64"; CF_ARCH="amd64" ;;
*) error "❌ 不支持的 CPU 架构: ${ARCH_RAW}"; exit 1 ;;
esac
# --- 3. 用户配置输入 ---
printf "\n${YELLOW}>>> 请输入配置参数 <<<${NC}\n"
# === 加载历史配置 ===
ENV_FILE="/root/icmp9/icmp9.env"
SKIP_INPUTS=false
if [ -f "$ENV_FILE" ]; then
# 加载环境变量
. "$ENV_FILE"
# 提取旧配置中的地区节点变量,保存到临时文件以便复用
# grep 提取所有 ICMP9_TUNNEL_ENDPOINT_ 开头的行,并排除默认的 ICMP9_TUNNEL_ENDPOINT
grep "^ICMP9_TUNNEL_ENDPOINT_" "$ENV_FILE" | grep -v "^ICMP9_TUNNEL_ENDPOINT=" > /tmp/icmp9_old_endpoints.txt
DEFAULT_API_KEY="$ICMP9_API_KEY"
DEFAULT_MODE="$ICMP9_TUNNEL_MODE"
DEFAULT_TOKEN="$ICMP9_CLOUDFLARED_TOKEN"
DEFAULT_DOMAIN="$ICMP9_CLOUDFLARED_DOMAIN"
DEFAULT_IPV6="$ICMP9_IPV6_ONLY"
DEFAULT_CDN="$ICMP9_CDN_DOMAIN"
DEFAULT_PORT="$ICMP9_START_PORT"
DEFAULT_TAG="$ICMP9_NODE_TAG"
printf "${GREEN}>>> 检测到历史配置文件 ($ENV_FILE) <<<${NC}\n"
printf "API_KEY: ${CYAN}%s${NC}\n" "${DEFAULT_API_KEY:-未设置}"
if [ -s /tmp/icmp9_old_endpoints.txt ]; then
printf "网络接入点: ${CYAN}列表如下:${NC}\n"
while read -r line; do
printf " ${CYAN}%s${NC}\n" "$line"
done < /tmp/icmp9_old_endpoints.txt
else
printf "网络接入点: ${YELLOW}未检测到网络接入点配置${NC}\n"
fi
printf "隧道模式: ${CYAN}%s${NC}\n" "${DEFAULT_MODE:-temp}"
if [ "$DEFAULT_MODE" = "fixed" ]; then
printf "隧道域名: ${CYAN}%s${NC}\n" "$DEFAULT_DOMAIN"
printf "隧道Token: ${CYAN}%s${NC}\n" "${DEFAULT_TOKEN:0:5}..."
fi
printf "优选IP或域名: ${CYAN}%s${NC}\n" "${DEFAULT_CDN:-icook.tw}"
printf "xray起始端口: ${CYAN}%s${NC}\n" "${DEFAULT_PORT:-39001}"
printf "节点标识: ${CYAN}%s${NC}\n" "${DEFAULT_TAG:-ICMP9}"
printf "\n是否直接使用上述配置? [Y/n] (默认: Y): "
read -r USE_SAVED_CONFIG
USE_SAVED_CONFIG=${USE_SAVED_CONFIG:-Y}
if [[ "$USE_SAVED_CONFIG" =~ ^[yY] ]]; then
info ">>> 已加载历史配置,跳过手动输入。"
API_KEY="$DEFAULT_API_KEY"
TUNNEL_MODE="$DEFAULT_MODE"
CLOUDFLARED_DOMAIN="$DEFAULT_DOMAIN"
TOKEN="$DEFAULT_TOKEN"
IPV6_ONLY="$DEFAULT_IPV6"
CDN_DOMAIN="$DEFAULT_CDN"
START_PORT="$DEFAULT_PORT"
NODE_TAG="$DEFAULT_TAG"
# 将旧的 endpoint 变量内容“搬运”到新的动态变量文件中
if [ -s /tmp/icmp9_old_endpoints.txt ]; then
cat /tmp/icmp9_old_endpoints.txt > /tmp/icmp9_endpoints.txt
# 重新 export 变量 (确保当前环境可用)
while read -r line; do
if [ -n "$line" ]; then
export "$line"
fi
done < /tmp/icmp9_old_endpoints.txt
fi
SKIP_INPUTS=true
fi
fi
# === 手动输入部分 ===
if [ "$SKIP_INPUTS" = "false" ]; then
# 1. API_KEY 输入
while [ -z "$API_KEY" ]; do
if [ -n "$DEFAULT_API_KEY" ]; then
printf "1. 请输入 ICMP9_API_KEY [默认: %s]: " "$DEFAULT_API_KEY"
read -r INPUT_KEY
API_KEY="${INPUT_KEY:-$DEFAULT_API_KEY}"
else
printf "1. 请输入 ICMP9_API_KEY (UUID格式, 必填): "
read -r API_KEY
fi
done
# ICMP9 网络接入点选择
printf "\n2. 请选择 ICMP9 网络接入点:\n"
info "📥 正在获取ICMP9最新网络接入点列表..."
# 获取数据
AP_JSON=$(curl -s --max-time 15 "$AP_URL")
if [ -z "$AP_JSON" ]; then
error "❌ 获取网络接入点数据为空!"
error "⛔️ 脚本已停止运行。"
exit 1
fi
# 预处理:将 regions 数组提取为单行 JSON
echo "$AP_JSON" | jq -c '.data.regions[]' > /tmp/icmp9_regions.json
if [ ! -s /tmp/icmp9_regions.json ]; then
error "❌ 未找到任何网络接入点区域数据!请检查 API 返回结构。"
error "⛔️ 脚本已停止运行。"
exit 1
fi
# 清理并初始化临时环境变量文件
rm -f /tmp/icmp9_endpoints.txt
touch /tmp/icmp9_endpoints.txt
# 遍历每个区域对象
while read -r REGION_JSON; do
# 提取区域元数据
REGION_CODE=$(echo "$REGION_JSON" | jq -r '.code' | tr '[:lower:]' '[:upper:]')
REGION_NAME=$(echo "$REGION_JSON" | jq -r '.name')
# 提取该区域下的 endpoints
NODES=$(echo "$REGION_JSON" | jq -r '.endpoints[] | "\(.name)|\(.domain)"')
if [ -z "$NODES" ]; then continue; fi
printf "\n ${CYAN}>>> 处理区域: %s ...${NC}\n" "$REGION_NAME"
# 统计节点数量
NODE_COUNT=$(echo "$NODES" | wc -l)
SELECTED_DOMAIN=""
SELECTED_NAME=""
# === 智能分支 ===
if [ "$NODE_COUNT" -eq 1 ]; then
# 情况A: 只有一个节点 -> 自动选择
SELECTED_NAME=$(echo "$NODES" | cut -d '|' -f 1)
SELECTED_DOMAIN=$(echo "$NODES" | cut -d '|' -f 2)
printf " ✅ 仅发现一个活跃节点,已自动选择: %s\n" "$SELECTED_NAME"
else
# 情况B: 多个节点 -> 弹出菜单供用户选择
printf " ⚠️ 存在 %s 个活跃节点,请手动指定:\n" "$NODE_COUNT"
echo "$NODES" > /tmp/icmp9_ap_list.txt
i=1
while IFS='|' read -r NAME DOMAIN; do
printf " [%d] %s\n" "$i" "$NAME"
i=$((i+1))
done < /tmp/icmp9_ap_list.txt
TOTAL_COUNT=$((i-1))
while [ -z "$SELECTED_DOMAIN" ]; do
printf " 请选择 [1-%d]: " "$TOTAL_COUNT"
# 强制从终端读取输入
read -r SEL < /dev/tty
case "$SEL" in
''|*[!0-9]*)
warn "输入无效,请重新输入"
;;
*)
if [ "$SEL" -ge 1 ] && [ "$SEL" -le "$TOTAL_COUNT" ]; then
LINE=$(sed -n "${SEL}p" /tmp/icmp9_ap_list.txt)
SELECTED_NAME=$(echo "$LINE" | cut -d '|' -f 1)
SELECTED_DOMAIN=$(echo "$LINE" | cut -d '|' -f 2)
printf " -> 已手动设置: %s\n" "$SELECTED_NAME"
else
warn "选项超出范围"
fi
;;
esac
done
rm -f /tmp/icmp9_ap_list.txt
fi
# === 变量生成 ===
ENV_VAR_NAME="ICMP9_TUNNEL_ENDPOINT_${REGION_CODE}"
ENV_VAR_NAME=$(echo "$ENV_VAR_NAME" | tr ' ' '_')
# 1. 导出变量
export "${ENV_VAR_NAME}=${SELECTED_DOMAIN}"
# 2. 写入临时文件
echo "${ENV_VAR_NAME}=\"${SELECTED_DOMAIN}\"" >> /tmp/icmp9_endpoints.txt
done < /tmp/icmp9_regions.json
if [ ! -s /tmp/icmp9_endpoints.txt ]; then
error "❌ 未能成功配置任何接入点!"
exit 1
fi
info "✅ 所有区域接入点配置完成。"
# ------------------------------------
# 3. 隧道模式
# 根据历史配置决定模式选择的默认值
DEFAULT_MODE_INDEX="1"
[ "$DEFAULT_MODE" = "fixed" ] && DEFAULT_MODE_INDEX="2"
printf "\n3. 请选择 Cloudflare 隧道模式:\n"
printf " [1] 临时隧道 (随机域名,无需配置)\n"
printf " [2] 固定隧道 (需要自备域名和Token)\n"
printf " 请选择 [1/2] (默认: %s): " "$DEFAULT_MODE_INDEX"
read -r MODE_INPUT
MODE_INPUT=${MODE_INPUT:-$DEFAULT_MODE_INDEX}
if [ "$MODE_INPUT" = "2" ]; then
TUNNEL_MODE="fixed"
# 如果历史配置是 temp 模式,切换到 fixed 时清空默认值
if [ "$DEFAULT_MODE" = "temp" ]; then
DEFAULT_DOMAIN=""
DEFAULT_TOKEN=""
fi
# 域名输入 (带默认值)
while [ -z "$CLOUDFLARED_DOMAIN" ]; do
if [ -n "$DEFAULT_DOMAIN" ]; then
printf " -> 请输入绑定域名 [默认: %s]: " "$DEFAULT_DOMAIN"
read -r INPUT_DOMAIN
CLOUDFLARED_DOMAIN="${INPUT_DOMAIN:-$DEFAULT_DOMAIN}"
else
printf " -> 请输入绑定域名 (CLOUDFLARED_DOMAIN) (必填): "
read -r CLOUDFLARED_DOMAIN
fi
done
# Token 输入
while [ -z "$TOKEN" ]; do
if [ -n "$DEFAULT_TOKEN" ]; then
MASKED_TOKEN="${DEFAULT_TOKEN:0:5}......"
printf " -> 请输入 Cloudflare Tunnel Token [默认: %s]: " "$MASKED_TOKEN"
read -r INPUT_TOKEN
TOKEN="${INPUT_TOKEN:-$DEFAULT_TOKEN}"
else
printf " -> 请输入 Cloudflare Tunnel Token (必填): "
read -r TOKEN
fi
done
else
TUNNEL_MODE="temp"
CLOUDFLARED_DOMAIN=""
TOKEN=""
info " -> 已选择临时隧道"
fi
# 4. VPS是否IPv6 Only
DEFAULT_IPV6_VAL="${DEFAULT_IPV6:-False}"
printf "\n4. VPS是否IPv6 Only (True/False) [默认: %s]: " "$DEFAULT_IPV6_VAL"
read -r IPV6_INPUT
IPV6_INPUT=${IPV6_INPUT:-$DEFAULT_IPV6_VAL}
IPV6_ONLY=$(echo "${IPV6_INPUT}" | tr '[:upper:]' '[:lower:]')
# 5. Cloudflare CDN优选IP或域名
DEFAULT_CDN_VAL="${DEFAULT_CDN:-icook.tw}"
printf "5. 请输入Cloudflare CDN优选IP或域名 [默认: %s]: " "$DEFAULT_CDN_VAL"
read -r CDN_INPUT
CDN_DOMAIN=${CDN_INPUT:-$DEFAULT_CDN_VAL}
# 6. Xray监听起始端口
DEFAULT_PORT_VAL="${DEFAULT_PORT:-39001}"
printf "6. 请输入Xray监听起始端口 [默认: %s]: " "$DEFAULT_PORT_VAL"
read -r PORT_INPUT
START_PORT=${PORT_INPUT:-$DEFAULT_PORT_VAL}
# 7. 节点标识
DEFAULT_TAG_VAL="${DEFAULT_TAG:-ICMP9}"
printf "7. 请输入节点标识 [默认: %s]: " "$DEFAULT_TAG_VAL"
read -r NODE_TAG_INPUT
NODE_TAG=${NODE_TAG_INPUT:-$DEFAULT_TAG_VAL}
fi
# --- 4. 安装二进制文件 ---
install_xray() {
local version="v24.11.30"
local install_path="$WORK_DIR/xray"
local download_url="https://o0o.net2ftp.pp.ua/https://github.com/XTLS/Xray-core/releases/download/${version}/Xray-linux-${ARCH}.zip"
if [ -f "$install_path/xray" ]; then echo "ℹ️ Xray 已安装"; return; fi
echo "⬇️ 下载 Xray..."
wget -q -O "Xray.zip" "$download_url" || { echo "❌ Xray 下载失败"; exit 1; }
unzip -qo "Xray.zip" -d "$install_path"
chmod +x "$install_path/xray"
rm -f "Xray.zip"
}
install_cloudflared() {
local version="2025.11.1"
local install_path="/usr/bin/cloudflared"
local url="https://o0o.net2ftp.pp.ua/https://github.com/cloudflare/cloudflared/releases/download/${version}/cloudflared-linux-${CF_ARCH}"
if [ -f "$install_path" ]; then echo "ℹ️ Cloudflared 已安装"; return; fi
echo "⬇️ 下载 Cloudflared..."
wget -q -O "$install_path" "$url" || { echo "❌ Cloudflared 下载失败"; exit 1; }
chmod +x "$install_path"
}
ICMP9="/usr/bin/icmp9"
install_icmp9() {
local url="https://o0o.net2ftp.pp.ua/https://github.com/nap0o/icmp9.com/releases/download/latest/icmp9-native-${OS_TYPE}-${CF_ARCH}"
echo "⬇️ 正在下载/更新 icmp9..."
wget -q -O "$ICMP9" "$url" || { echo "❌ icmp9 下载失败"; exit 1; }
chmod +x "$ICMP9"
}
info "📦 正在安装/更新核心组件..."
install_xray
install_cloudflared
install_icmp9
# --- 5. 如果临时隧道,先启动以获取域名 ---
if [ "$TUNNEL_MODE" = "temp" ]; then
info "🚀 正在优先启动临时隧道以获取分配的域名..."
# 清理旧进程
if pgrep -f "cloudflared tunnel --url" > /dev/null; then
pkill -f "cloudflared tunnel --url"
sleep 2
pkill -9 -f "cloudflared tunnel --url" 2>/dev/null
fi
# 清理日志
rm -f /tmp/cloudflared.log
touch /tmp/cloudflared.log
# Cloudflared 服务监听端口
CLOUDFLARED_PORT=58080
# 计算 Edge IP 选项
EDGE_IP_OPT="auto"
if echo "$IPV6_ONLY" | grep -iq "true"; then
EDGE_IP_OPT="6"
fi
# 启动 Cloudflared (使用 58080 端口,后续 Nginx 会监听这个端口)
nohup /usr/bin/cloudflared tunnel --url http://localhost:${CLOUDFLARED_PORT} --no-autoupdate --edge-ip-version ${EDGE_IP_OPT}> /tmp/cloudflared.log 2>&1 &
CF_PID=$!
info "⏳ 正在等待 Cloudflare 分配域名 (超时 60s)..."
TIMEOUT=60
INTERVAL=2
ELAPSED=0
FOUND_URL=""
while [ $ELAPSED -lt $TIMEOUT ]; do
# 提取域名 (去重并去除 https:// 前缀)
FOUND_URL=$(grep -oE "https://[a-zA-Z0-9-]+\.trycloudflare\.com" /tmp/cloudflared.log | head -n 1 | sed 's/https:\/\///')
if [ -n "$FOUND_URL" ]; then
break
fi
if ! kill -0 "$CF_PID" 2>/dev/null; then
error "❌ Cloudflared 进程意外退出!请检查 /tmp/cloudflared.log"
exit 1
fi
sleep $INTERVAL
ELAPSED=$((ELAPSED + INTERVAL))
done
if [ -n "$FOUND_URL" ]; then
CLOUDFLARED_DOMAIN="$FOUND_URL"
info "✅ 成功获取临时域名: $CLOUDFLARED_DOMAIN"
else
error "❌ 获取临时域名失败/超时,请检查网络或日志。"
exit 1
fi
fi
# --- 6. 导出环境变量并生成配置 ---
info "📝 正在生成配置文件..."
export ICMP9_OS_TYPE="$OS_TYPE"
export ICMP9_API_KEY="$API_KEY"
export ICMP9_CLOUDFLARED_TOKEN="$TOKEN"
export ICMP9_CLOUDFLARED_DOMAIN="$CLOUDFLARED_DOMAIN"
export ICMP9_IPV6_ONLY="$IPV6_ONLY"
export ICMP9_CDN_DOMAIN="$CDN_DOMAIN"
export ICMP9_START_PORT="$START_PORT"
export ICMP9_NODE_TAG="$NODE_TAG"
export ICMP9_TUNNEL_MODE="$TUNNEL_MODE"
# 写入环境文件以便持久化或调试
cat > "$ENV_FILE" <<EOF
ICMP9_OS_TYPE="$OS_TYPE"
ICMP9_API_KEY="$API_KEY"
ICMP9_CLOUDFLARED_TOKEN="$TOKEN"
ICMP9_CLOUDFLARED_DOMAIN="$CLOUDFLARED_DOMAIN"
ICMP9_IPV6_ONLY="$IPV6_ONLY"
ICMP9_CDN_DOMAIN="$CDN_DOMAIN"
ICMP9_START_PORT="$START_PORT"
ICMP9_NODE_TAG="$NODE_TAG"
ICMP9_TUNNEL_MODE="$TUNNEL_MODE"
EOF
# 将动态生成的地区接入点变量追加到 env 文件
if [ -f /tmp/icmp9_endpoints.txt ]; then
cat /tmp/icmp9_endpoints.txt >> "$ENV_FILE"
fi
chmod 600 "$ENV_FILE"
# 调用 icmp9 二进制生成 Nginx/Xray 配置
if [ -f "$ICMP9" ]; then
"$ICMP9"
else
error "❌ 找不到 icmp9 二进制文件"
exit 1
fi
# --- 7. 部署服务文件与启动 ---
info "🚀 正在部署并启动服务..."
# 1. 部署通用配置文件
if [ -f "${WORK_DIR}/config/nginx.conf" ]; then
mv "${WORK_DIR}/config/nginx.conf" /etc/nginx/nginx.conf
else
error "❌ Nginx 配置文件生成失败"
exit 1
fi
if [ -f "${WORK_DIR}/config/xray.json" ]; then
mkdir -p "${WORK_DIR}/xray"
mv "${WORK_DIR}/config/xray.json" "${WORK_DIR}/xray/xray.json"
else
error "❌ Xray 配置文件生成失败"
exit 1
fi
# 2. 根据系统类型部署服务
if [ "$OS_TYPE" = "alpine" ]; then
# --- Alpine (OpenRC) ---
if [ -f "${WORK_DIR}/config/xray.service" ]; then
mv "${WORK_DIR}/config/xray.service" /etc/init.d/xray
chmod +x /etc/init.d/xray
mkdir -p /run/nginx
chown nginx:nginx /run/nginx 2>/dev/null
rc-update add xray default
rc-service xray restart
fi
# 只有固定隧道才配置服务文件,临时隧道已经在上面 nohup 跑起来了
if [ "$TUNNEL_MODE" = "fixed" ]; then
if [ -f "${WORK_DIR}/config/cloudflared.service" ]; then
mv "${WORK_DIR}/config/cloudflared.service" /etc/init.d/cloudflared
chmod +x /etc/init.d/cloudflared
rc-update add cloudflared default
rc-service cloudflared restart
fi
fi
nginx -t && rc-service nginx restart
else
# --- Debian/Ubuntu (Systemd) ---
if [ -f "${WORK_DIR}/config/xray.service" ]; then
mv "${WORK_DIR}/config/xray.service" /etc/systemd/system/xray.service
systemctl enable xray
fi
if [ "$TUNNEL_MODE" = "fixed" ]; then
if [ -f "${WORK_DIR}/config/cloudflared.service" ]; then
mv "${WORK_DIR}/config/cloudflared.service" /etc/systemd/system/cloudflared.service
systemctl enable cloudflared
fi
fi
systemctl daemon-reload
systemctl restart xray
[ "$TUNNEL_MODE" = "fixed" ] && systemctl restart cloudflared
nginx -t && systemctl restart nginx
fi
rm -rf "${WORK_DIR}/config"
# --- 8. 输出结果 ---
SUBSCRIBE_URL="https://${CLOUDFLARED_DOMAIN}/${API_KEY}"
printf "\n${GREEN}✅ 部署完成${NC}\n"
printf "\n${GREEN}✈️ 节点订阅地址:${NC}\n"
printf "${YELLOW}%s${NC}\n\n" "$SUBSCRIBE_URL"
if command -v qrencode >/dev/null 2>&1; then
printf "${GREEN}📱 正在生成节点订阅二维码...${NC}\n"
qrencode -t ANSIUTF8 -m 1 -l H "${SUBSCRIBE_URL}" || {
printf "\n${YELLOW}⚠️ 二维码生成失败${NC}\n"
}
fi
if [ "$TUNNEL_MODE" = "temp" ]; then
printf "\n${CYAN}ℹ️ 提示: 临时隧道已在后台运行,重启VPS后域名会变化,需要重新运行脚本获取新订阅地址。${NC}\n\n"
fi