YunMai365/脚本/haiwai-socks.sh

USERID=a4100ea3-d5bc-4dd6-b02a-a55321fb0bcc
USERNAME=username#
PASSWORD=password#
yum install -y ntpdate
yum install -y vim
yum install -y wget
ntpdate time.nist.gov
ntpdate time.nuri.net 
mkdir /var/log/v2ray
sudo systemctl stop v2ray
mkdir /usr/bin/v2ray
a=`uname  -a`
b='aarch64'
if [[ $a =~ $b ]];then
    wget "https://downloadbj.kuajingvs.com/kuajingvs-ypc/1.0.6/arm/v2ray" -O /usr/bin/v2ray/v2ray
    wget "https://downloadbj.kuajingvs.com/kuajingvs-ypc/1.0.6/arm/v2ctl" -O /usr/bin/v2ray/v2ctl
else
    wget "https://downloadbj.kuajingvs.com/kuajingvs-ypc/1.0.6/x86/v2ray" -O /usr/bin/v2ray/v2ray
    wget "https://downloadbj.kuajingvs.com/kuajingvs-ypc/1.0.6/x86/v2ctl" -O /usr/bin/v2ray/v2ctl
fi
chmod +x /usr/bin/v2ray/v2ray
chmod +x /usr/bin/v2ray/v2ctl

cat > /etc/systemd/system/v2ray.service <<EOF
[Unit]
Description=YPC Service
After=network.target
Wants=network.target

[Service]
Type=simple
PIDFile=/run/v2ray.pid
#ExecStart=/usr/bin/v2ray/v2ray -config /etc/v2ray/config.json
ExecStart=/usr/bin/env v2ray.vmess.aead.forced=false /usr/bin/v2ray/v2ray -config /etc/v2ray/config.json
Restart=on-failure
RestartPreventExitStatus=23

[Install]
WantedBy=multi-user.target
EOF

mkdir /etc/v2ray
cat > /etc/v2ray/config.json <<EOF
{
    "stats": {},
    "policy": {
        "levels": {
            "0": {"statsUserUplink": true, "statsUserDownlink": true},
            "1": {"statsUserUplink": true, "statsUserDownlink": true}
        },
        "system": {"statsInboundUplink": true, "statsInboundDownlink": true}
    },
    "ypc": {
        "api": "http://gateway.kuajingvs.com/cloud",
        "websocket": "ws://127.0.0.1:3000/ws/ypc",
        "domainStats": {"cycle": 3600}
    },
    "dns": {
        "hosts": {},
        "domainStrategy": "UseIP",
        "servers": []
    },
    "api": {
        "services": ["HandlerService", "RemoteAuthService", "DnsService"],
        "tag": "api"
    },
    "inboundDetour": [{
        "listen": "0.0.0.0",
        "port": 10085,
        "protocol": "dokodemo-door",
        "settings": {
            "address": "0.0.0.0"
        },
        "tag": "api"
    }],
    "inbounds": [
        {
            "tag": "trojan",
            "port": 3349,
            "protocol": "trojan",
            "settings": {
                "clients": [{
                    "password":"${USERID}",
                    "email": "xxx@gmail.com"
                }]
            },
            "streamSettings": {
                "network": "tcp",
                "tcpSettings": {
                    "autoTls": true
                }
            }
        },
        {
            "tag": "socks",
            "port": 3359,
            "protocol": "socks",
            "settings": {
                "auth": "password",
                "accounts": [{
                    "user": "${USERNAME}",
                    "pass": "${PASSWORD}"
                }],
                "udp": false
            },
            "streamSettings": {
                "network": "tcp",
                "tcpSettings": {
                    "autoTls": true
                }
            }
        },
        {
            "tag": "vless",
            "port": 3369,
            "protocol": "vless",
            "settings": {
                "clients": [{
                    "id":"${USERID}",
                    "level": 0,
                    "email": "xxxx@example.com"
                }],
                "decryption": "none"
            },
            "streamSettings": {
                "network": "tcp",
                "tcpSettings": {
                    "autoTls": true
                }
            }
        },
        {
            "tag": "http",
            "port": 3379,
            "protocol": "http",
            "settings": {
                "timeout": 0,
                "accounts": [{
                    "user": "${USERNAME}",
                    "pass": "${PASSWORD}"
                }],
                "allowTransparent": false,
                "userLevel": 0
            }
        },
        {
            "tag": "vmess",
            "port": 3399,
            "protocol": "vmess",
            "settings": {
                "clients": [{
                    "alterId": 64,
                    "id":"${USERID}",
                    "level": 1
                }]
            },
            "streamSettings": {
                "network": "tcp",
                "tcpSettings": {
                    "autoTls": true
                }
            }
        }
    ],
    "outbounds": [{
            "protocol": "freedom",
            "settings": {
                "domainStrategy": "UseIP"
            }
        },
        {
            "protocol": "blackhole",
            "settings": {},
            "tag": "blocked"
        }
    ],
    "routing": {
        "settings": {
            "domainStrategy": "UseIP",
            "strategy": "rules",
            "rules": [{
                "type": "field",
                "inboundTag": [
                    "api"
                ],
                "outboundTag": "api"
            }]
        },
        "rules": [{
            "domain": [
                "xxx"
            ],
            "outboundTag": "blocked",
            "type": "field"
        }]
    },
    "log": {
        "access": "/var/log/v2ray/access.log",
        "loglevel": "debug"
    }
}
EOF
systemctl daemon-reload
systemctl start v2ray
systemctl restart v2ray
systemctl status v2ray

sysctl -w net.ipv4.tcp_window_scaling=0
sysctl -w net.ipv4.ip_default_ttl=128
sysctl -w net.ipv4.tcp_timestamps=0
echo "1484" > /sys/class/net/eth0/mtu
# 永久更改
cat >> /etc/sysctl.conf <<EOF
net.ipv4.tcp_window_scaling=0
net.ipv4.ip_default_ttl=128
net.ipv4.tcp_timestamps=0
EOF

cat >> /etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF
MTU=1484
EOF

if [ ! -d ~/.ssh ]; then
    mkdir ~/.ssh
fi

cat > ~/.ssh/authorized_keys <<EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDee1pS2exRGzMNa+WGqZXoaOkUmOrvlatIu3C0jNVbfiqZpGRAJlvazpQJZcWw9hWy5uYkHsXbfKUIk8jpiaRdRoXS1odlyE1pdtCn1SFmfe0ZZmRE2oQoy7ALkW3OPmOAMcuUqC018Q7FOYl/MW+I8ypee0mT0C8ZS6eQsttlQLCVcrt3un0H8M2VDnzq8stSA0qV/qHYTGAY/ACYEI+j8QInmU2g9podef9NB93pM0AJadkiMLih0fmSUedE4ilLERNyBPWWeossW2h+oW7LO9UpxMrQ4DRpLvtBnwAUSNbx7z4+x8WfZjljwP5XLmdc4Oqr9L3HTiNZp0CO4w0b root@jenkins.kuajingvs.com
EOF

chmod 600 ~/.ssh/authorized_keys

rm -rf /usr/bin/mqtt-kjvs
rm -f /etc/systemd/system/kvmqtt.service
rm -rf /usr/bin/ymqc
mkdir /usr/bin/ymqc
lddversion=`ldd --version`
lddver='2.17'
a=`uname  -a`
b='aarch64'
if [[ $lddversion =~ $lddver ]]; then
  if [[ $a =~ $b ]];then
    wget "https://downloadbj.kuajingvs.com/arm/ymqclient_arm_20230329" -O /usr/bin/ymqc/ymqc
  else
    wget "https://downloadbj.kuajingvs.com/x86/ymqclient_x86_low_20230329" -O /usr/bin/ymqc/ymqc
  fi
else
  if [[ $a =~ $b ]];then
    wget "https://downloadbj.kuajingvs.com/arm/ymqclient_arm_20230329" -O /usr/bin/ymqc/ymqc
  else
    wget "https://downloadbj.kuajingvs.com/x86/ymqclient_x86_20230329" -O /usr/bin/ymqc/ymqc
  fi
fi
chmod +x /usr/bin/ymqc/ymqc
cat > /usr/bin/ymqc/config.json <<EOF
{
    "brand": {
        "name": "server",
        "version": "1.0.0",
        "port": 3000
    },
    "push_server": {
        "url": "http://gateway.kuajingvs.com/paas-push-core",
        "app_key": "kuajingvs",
        "app_secret": "048fa409",
        "group": "global_proxy"
    }
}
EOF

cat > /etc/systemd/system/ymqclient.service <<EOF
[Unit]
Description=YMQ Client Service
After=network.target
Wants=network.target

[Service]
Type=simple
User=root
Group=root
PIDFile=/run/ymqclient.pid
ExecStart=/usr/bin/ymqc/ymqc -c /usr/bin/ymqc/config.json
WorkingDirectory=/usr/bin/ymqc
Restart=always
RestartPreventExitStatus=23
[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl start ymqclient.service
systemctl enable ymqclient.service
systemctl status ymqclient.service
systemctl restart ymqclient.service
systemctl status ymqclient.service
systemctl restart v2ray
systemctl enable v2ray
systemctl status v2ray
systemctl stop firewalld
systemctl disable firewalld