301 lines
7.8 KiB
Bash
301 lines
7.8 KiB
Bash
USERID=a4100ea3-d5bc-4dd6-b02a-a55321fb0bcc
|
|
USERNAME=username#
|
|
PASSWORD=password#
|
|
yum install -y ntpdate
|
|
yum install -y vim
|
|
yum install -y wget
|
|
ntpdate time.nist.gov
|
|
ntpdate time.nuri.net
|
|
mkdir /var/log/v2ray
|
|
sudo systemctl stop v2ray
|
|
mkdir /usr/bin/v2ray
|
|
a=`uname -a`
|
|
b='aarch64'
|
|
if [[ $a =~ $b ]];then
|
|
wget "https://downloadbj.kuajingvs.com/kuajingvs-ypc/1.0.6/arm/v2ray" -O /usr/bin/v2ray/v2ray
|
|
wget "https://downloadbj.kuajingvs.com/kuajingvs-ypc/1.0.6/arm/v2ctl" -O /usr/bin/v2ray/v2ctl
|
|
else
|
|
wget "https://downloadbj.kuajingvs.com/kuajingvs-ypc/1.0.6/x86/v2ray" -O /usr/bin/v2ray/v2ray
|
|
wget "https://downloadbj.kuajingvs.com/kuajingvs-ypc/1.0.6/x86/v2ctl" -O /usr/bin/v2ray/v2ctl
|
|
fi
|
|
chmod +x /usr/bin/v2ray/v2ray
|
|
chmod +x /usr/bin/v2ray/v2ctl
|
|
|
|
cat > /etc/systemd/system/v2ray.service <<EOF
|
|
[Unit]
|
|
Description=YPC Service
|
|
After=network.target
|
|
Wants=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
PIDFile=/run/v2ray.pid
|
|
#ExecStart=/usr/bin/v2ray/v2ray -config /etc/v2ray/config.json
|
|
ExecStart=/usr/bin/env v2ray.vmess.aead.forced=false /usr/bin/v2ray/v2ray -config /etc/v2ray/config.json
|
|
Restart=on-failure
|
|
RestartPreventExitStatus=23
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
mkdir /etc/v2ray
|
|
cat > /etc/v2ray/config.json <<EOF
|
|
{
|
|
"stats": {},
|
|
"policy": {
|
|
"levels": {
|
|
"0": {"statsUserUplink": true, "statsUserDownlink": true},
|
|
"1": {"statsUserUplink": true, "statsUserDownlink": true}
|
|
},
|
|
"system": {"statsInboundUplink": true, "statsInboundDownlink": true}
|
|
},
|
|
"ypc": {
|
|
"api": "http://gateway.kuajingvs.com/cloud",
|
|
"websocket": "ws://127.0.0.1:3000/ws/ypc",
|
|
"domainStats": {"cycle": 3600}
|
|
},
|
|
"dns": {
|
|
"hosts": {},
|
|
"domainStrategy": "UseIP",
|
|
"servers": []
|
|
},
|
|
"api": {
|
|
"services": ["HandlerService", "RemoteAuthService", "DnsService"],
|
|
"tag": "api"
|
|
},
|
|
"inboundDetour": [{
|
|
"listen": "0.0.0.0",
|
|
"port": 10085,
|
|
"protocol": "dokodemo-door",
|
|
"settings": {
|
|
"address": "0.0.0.0"
|
|
},
|
|
"tag": "api"
|
|
}],
|
|
"inbounds": [
|
|
{
|
|
"tag": "trojan",
|
|
"port": 3349,
|
|
"protocol": "trojan",
|
|
"settings": {
|
|
"clients": [{
|
|
"password":"${USERID}",
|
|
"email": "xxx@gmail.com"
|
|
}]
|
|
},
|
|
"streamSettings": {
|
|
"network": "tcp",
|
|
"tcpSettings": {
|
|
"autoTls": true
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"tag": "socks",
|
|
"port": 3359,
|
|
"protocol": "socks",
|
|
"settings": {
|
|
"auth": "password",
|
|
"accounts": [{
|
|
"user": "${USERNAME}",
|
|
"pass": "${PASSWORD}"
|
|
}],
|
|
"udp": false
|
|
},
|
|
"streamSettings": {
|
|
"network": "tcp",
|
|
"tcpSettings": {
|
|
"autoTls": true
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"tag": "vless",
|
|
"port": 3369,
|
|
"protocol": "vless",
|
|
"settings": {
|
|
"clients": [{
|
|
"id":"${USERID}",
|
|
"level": 0,
|
|
"email": "xxxx@example.com"
|
|
}],
|
|
"decryption": "none"
|
|
},
|
|
"streamSettings": {
|
|
"network": "tcp",
|
|
"tcpSettings": {
|
|
"autoTls": true
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"tag": "http",
|
|
"port": 3379,
|
|
"protocol": "http",
|
|
"settings": {
|
|
"timeout": 0,
|
|
"accounts": [{
|
|
"user": "${USERNAME}",
|
|
"pass": "${PASSWORD}"
|
|
}],
|
|
"allowTransparent": false,
|
|
"userLevel": 0
|
|
}
|
|
},
|
|
{
|
|
"tag": "vmess",
|
|
"port": 3399,
|
|
"protocol": "vmess",
|
|
"settings": {
|
|
"clients": [{
|
|
"alterId": 64,
|
|
"id":"${USERID}",
|
|
"level": 1
|
|
}]
|
|
},
|
|
"streamSettings": {
|
|
"network": "tcp",
|
|
"tcpSettings": {
|
|
"autoTls": true
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"outbounds": [{
|
|
"protocol": "freedom",
|
|
"settings": {
|
|
"domainStrategy": "UseIP"
|
|
}
|
|
},
|
|
{
|
|
"protocol": "blackhole",
|
|
"settings": {},
|
|
"tag": "blocked"
|
|
}
|
|
],
|
|
"routing": {
|
|
"settings": {
|
|
"domainStrategy": "UseIP",
|
|
"strategy": "rules",
|
|
"rules": [{
|
|
"type": "field",
|
|
"inboundTag": [
|
|
"api"
|
|
],
|
|
"outboundTag": "api"
|
|
}]
|
|
},
|
|
"rules": [{
|
|
"domain": [
|
|
"xxx"
|
|
],
|
|
"outboundTag": "blocked",
|
|
"type": "field"
|
|
}]
|
|
},
|
|
"log": {
|
|
"access": "/var/log/v2ray/access.log",
|
|
"loglevel": "debug"
|
|
}
|
|
}
|
|
EOF
|
|
systemctl daemon-reload
|
|
systemctl start v2ray
|
|
systemctl restart v2ray
|
|
systemctl status v2ray
|
|
|
|
sysctl -w net.ipv4.tcp_window_scaling=0
|
|
sysctl -w net.ipv4.ip_default_ttl=128
|
|
sysctl -w net.ipv4.tcp_timestamps=0
|
|
echo "1484" > /sys/class/net/eth0/mtu
|
|
# 永久更改
|
|
cat >> /etc/sysctl.conf <<EOF
|
|
net.ipv4.tcp_window_scaling=0
|
|
net.ipv4.ip_default_ttl=128
|
|
net.ipv4.tcp_timestamps=0
|
|
EOF
|
|
|
|
cat >> /etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF
|
|
MTU=1484
|
|
EOF
|
|
|
|
if [ ! -d ~/.ssh ]; then
|
|
mkdir ~/.ssh
|
|
fi
|
|
|
|
cat > ~/.ssh/authorized_keys <<EOF
|
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDee1pS2exRGzMNa+WGqZXoaOkUmOrvlatIu3C0jNVbfiqZpGRAJlvazpQJZcWw9hWy5uYkHsXbfKUIk8jpiaRdRoXS1odlyE1pdtCn1SFmfe0ZZmRE2oQoy7ALkW3OPmOAMcuUqC018Q7FOYl/MW+I8ypee0mT0C8ZS6eQsttlQLCVcrt3un0H8M2VDnzq8stSA0qV/qHYTGAY/ACYEI+j8QInmU2g9podef9NB93pM0AJadkiMLih0fmSUedE4ilLERNyBPWWeossW2h+oW7LO9UpxMrQ4DRpLvtBnwAUSNbx7z4+x8WfZjljwP5XLmdc4Oqr9L3HTiNZp0CO4w0b root@jenkins.kuajingvs.com
|
|
EOF
|
|
|
|
chmod 600 ~/.ssh/authorized_keys
|
|
|
|
rm -rf /usr/bin/mqtt-kjvs
|
|
rm -f /etc/systemd/system/kvmqtt.service
|
|
rm -rf /usr/bin/ymqc
|
|
mkdir /usr/bin/ymqc
|
|
lddversion=`ldd --version`
|
|
lddver='2.17'
|
|
a=`uname -a`
|
|
b='aarch64'
|
|
if [[ $lddversion =~ $lddver ]]; then
|
|
if [[ $a =~ $b ]];then
|
|
wget "https://downloadbj.kuajingvs.com/arm/ymqclient_arm_20230329" -O /usr/bin/ymqc/ymqc
|
|
else
|
|
wget "https://downloadbj.kuajingvs.com/x86/ymqclient_x86_low_20230329" -O /usr/bin/ymqc/ymqc
|
|
fi
|
|
else
|
|
if [[ $a =~ $b ]];then
|
|
wget "https://downloadbj.kuajingvs.com/arm/ymqclient_arm_20230329" -O /usr/bin/ymqc/ymqc
|
|
else
|
|
wget "https://downloadbj.kuajingvs.com/x86/ymqclient_x86_20230329" -O /usr/bin/ymqc/ymqc
|
|
fi
|
|
fi
|
|
chmod +x /usr/bin/ymqc/ymqc
|
|
cat > /usr/bin/ymqc/config.json <<EOF
|
|
{
|
|
"brand": {
|
|
"name": "server",
|
|
"version": "1.0.0",
|
|
"port": 3000
|
|
},
|
|
"push_server": {
|
|
"url": "http://gateway.kuajingvs.com/paas-push-core",
|
|
"app_key": "kuajingvs",
|
|
"app_secret": "048fa409",
|
|
"group": "global_proxy"
|
|
}
|
|
}
|
|
EOF
|
|
|
|
cat > /etc/systemd/system/ymqclient.service <<EOF
|
|
[Unit]
|
|
Description=YMQ Client Service
|
|
After=network.target
|
|
Wants=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=root
|
|
Group=root
|
|
PIDFile=/run/ymqclient.pid
|
|
ExecStart=/usr/bin/ymqc/ymqc -c /usr/bin/ymqc/config.json
|
|
WorkingDirectory=/usr/bin/ymqc
|
|
Restart=always
|
|
RestartPreventExitStatus=23
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
systemctl daemon-reload
|
|
systemctl start ymqclient.service
|
|
systemctl enable ymqclient.service
|
|
systemctl status ymqclient.service
|
|
systemctl restart ymqclient.service
|
|
systemctl status ymqclient.service
|
|
systemctl restart v2ray
|
|
systemctl enable v2ray
|
|
systemctl status v2ray
|
|
systemctl stop firewalld
|
|
systemctl disable firewalld
|