#!/bin/bash DIR=`dirname $0` DIR="$(cd $DIR; pwd)" XCONF=/tmp/server-xray.json usage() { echo "server-xray " echo " --ltx [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]]" echo " --ltt [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]]" echo " --lttw [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath" echo " --ltpw [p=443,]u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath" echo " --lttg [p=443,]d=domain.com,u=id[:level[:email]],s=/svcpath" echo " --ltpg [p=443,]u=id[:level[:email]],s=/svcpath" echo " --mtt [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]]" echo " --mttw [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath" echo " --mtpw [p=443,]u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath" echo " --ttt [p=443,]d=domain.com,u=psw[:level[:email]][,f=[fb-host]:fb-port:[fb-path]]" echo " --tttw [p=443,]d=domain.com,u=psw[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath" echo " --ttpw [p=443,]u=psw[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath" # echo " --ssa [port=443,]user=password1:method1[,user=password2:method2]" # echo " --sst [port=443,]user=passwd,method=xxxx" echo " --ng-opt [p=443,]d=domain.com" echo " --ng-proxy [h=127.0.0.1,]p=8443,l=location,n=ws|grpc" echo " -k|--hook [Optional] DDNS update or notifing URL to be hit" echo " -r|--request-domain [Optional] Domain name to request for letsencrypt cert" echo " -c|--cert-path [Optional] Reading TLS certs from folder //" echo " -i|--stdin [Optional] Read config from stdin instead of auto generation" echo " -d|--debug [Optional] Start in debug mode with verbose output" } TEMP=`getopt -o k:r:c:di --long hook:,request-domain:,cert-path:,ltx:,ltt:,lttw:,ltpw:,mtt:,mttw:,mtpw:,ttt:,tttw:,ttpw:,lttg:,ltpg:,ssa:,sst:,ng-opt:,ng-proxy:,stdin,debug -n "$0" -- $@` if [ $? != 0 ] ; then usage; exit 1 ; fi eval set -- "$TEMP" while true ; do case "$1" in -k|--hook) HOOKURL+=("$2") shift 2 ;; -r|--request-domain) CERTDOMAIN+=("$2") shift 2 ;; -c|--cert-path) CERTPATH+=("$2") shift 2 ;; -i|--stdin) STDINCONF=1 shift 1 ;; -d|--debug) DEBUG=1 shift 1 ;; --ltx|--ltt|--lttw|--ltpw|--lttg|--ltpg|--mtt|--mttw|--mtpw|--ttt|--tttw|--ttpw) if [ "$1" = "--lttg" ]; then NGINX=1; fi SVC=`echo $1|tr -d '\-\-'` SVCMD+=("${DIR}server-${SVC}.sh $2") shift 2 ;; --ng-opt) NGOPT=$2 shift 2 ;; --ng-proxy) NGPROXY+=("$2") shift 2 ;; --) shift break ;; *) echo "Get: $1" usage; exit 1 ;; esac done if [ -n "${HOOKURL}" ]; then for URL in "${HOOKURL[@]}" do echo "curl -sSL $URL" curl -sSL "$URL" echo done echo "Wait 10s for hook updates..." sleep 10 fi if [ -n "${CERTDOMAIN}" ]; then for DOMAIN in "${CERTDOMAIN[@]}" do TRY=0 while [ ! -f "/root/.acme.sh/${DOMAIN}/fullchain.cer" ] || [ ! -f "/root/.acme.sh/${DOMAIN}/${DOMAIN}.key" ] do echo "Requesting TLS cert for ${DOMAIN} ..." /root/.acme.sh/acme.sh --issue --standalone -d ${DOMAIN} ((TRY++)) if [ "${TRY}" -ge 3 ]; then echo "Requesting TLS cert for ${DOMAIN} failed. Check log please." exit 3 fi echo "Wait 10 seconds before checking cert again..." sleep 10 done done fi echo '{"log":{"loglevel":"warning"}, "inbounds":[], "outbounds":[{"protocol":"freedom"}]}' |jq .|sponge $XCONF xopt="xconf=$XCONF" CERTPATH+=("/root/.acme.sh") for cp in "${CERTPATH[@]}" do xopt="$xopt,certpath=$cp" done if [ -n "${SVCMD}" ]; then for svcmd in "${SVCMD[@]}" do svcmd="$svcmd,$xopt" $svcmd if [[ $? -ne 0 ]]; then echo echo "Command failed: $svcmd" exit 1 fi done if [ "${DEBUG}" = "1" ]; then cat $XCONF |jq '.log.loglevel |="debug"' |sponge $XCONF echo cat $XCONF echo fi if [ -n "${NGOPT}" ]; then ngcmd="${DIR}server-nginx.sh --ng-opt ${NGOPT},$xopt" for ngproxy in "${NGPROXY[@]}" do ngcmd="${ngcmd} --ng-proxy ${ngproxy}" done $ngcmd nginx; fi exec /usr/local/bin/xray -c $XCONF else if [ "${STDINCONF}" = "1" ]; then exec /usr/local/bin/xray else usage exit 1 fi fi