#!/bin/bash # ================================================== # --- 0. 基础配置 --- # ================================================== # 解决问题 4:目录路径不再霸道,使用用户目录 BASE_PATH="${HOME}/workspace" NGINX_DIR="$BASE_PATH/nginx" CADDY_DIR="$BASE_PATH/caddy" CADDY_FILE="$CADDY_DIR/Caddyfile" DOCKER_3XUI_DIR="$BASE_PATH/3x-ui" DOCKER_3XUI_CONF="$DOCKER_3XUI_DIR/panel_config.txt" SCRIPT_PATH="/usr/local/bin/web.sh" # 颜色定义 # 解决问题 6:统一变量名,彻底防止“变红”和“乱码” RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[0;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' BOLD='\033[1m' NC='\033[0m' PLAIN='\033[0m' # ================================================== # --- 1. 脚本维护模块 (解决问题 3:检查更新) --- # ================================================== check_update() { printf "${YELLOW}正在同步最新脚本...${NC}\n" curl -sL web.oping.de -o "$SCRIPT_PATH.tmp" if [ $? -eq 0 ]; then mv "$SCRIPT_PATH.tmp" "$SCRIPT_PATH" chmod +x "$SCRIPT_PATH" printf "${GREEN}脚本更新成功!正在重新载入...${NC}\n" sleep 1 exec bash "$SCRIPT_PATH" else printf "${RED}更新失败,请检查网络。${NC}\n" fi } # ================================================== # --- 1. 脚本自下载与快捷命令设置 --- # ================================================== if [[ "$0" != "$SCRIPT_PATH" && "$0" != "web.sh" && "$0" != "./web.sh" ]]; then mkdir -p /usr/local/bin # 修复管道 Bug:不要复制 $0,直接硬性覆盖下载到物理路径 curl -sL "web.oping.de" -o "$SCRIPT_PATH" chmod +x "$SCRIPT_PATH" if [ ! -L /usr/local/bin/w ]; then ln -sf "$SCRIPT_PATH" /usr/local/bin/w echo -e "${GREEN}快捷命令 'w' 已创建。${NC}" fi # 关键:自安装完成后,直接用新路径重启进程,确保运行的是硬盘上的干净版本 exec bash "$SCRIPT_PATH" exit 0 fi # ================================================== # --- 2. Docker 环境部署 --- # ================================================== install_docker() { echo -e "${GREEN}检查 Docker 环境...${NC}" if ! command -v docker &>/dev/null; then # 解决问题 7:安装风险提示 echo -e "${YELLOW}检测到系统未安装 Docker,即将开始自动安装...${NC}" curl -fsSL https://get.docker.com | bash -s docker systemctl start docker systemctl enable docker else echo -e "${GREEN}Docker 已安装。${NC}" fi if ! docker compose version &>/dev/null; then echo -e "${YELLOW}正在安装 Docker Compose 插件...${NC}" mkdir -p /usr/local/lib/docker/cli-plugins/ curl -SL "https://github.com/docker/compose/releases/download/v2.24.5/docker-compose-linux-$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose chmod +x /usr/local/lib/docker/cli-plugins/docker-compose fi } # ================================================== # --- 3. Web 服务功能模块 (Nginx & Caddy) --- # ================================================== write_caddy_yaml() { cat >$CADDY_DIR/docker-compose.yml <$NGINX_DIR/docker-compose.yml <$NGINX_DIR/nginx.conf <$CADDY_DIR/Caddyfile <$CADDY_DIR/Caddyfile </dev/null && echo -e "${GREEN}容器已卸载。${NC}" echo -e "\n${YELLOW}按任意键返回主菜单...${NC}" read -n 1 } uninstall_only_caddy() { read -p "确认卸载独立 Web 模式? (y/n): " confirm [[ "$confirm" == "y" ]] && docker rm -f caddy 2>/dev/null && echo -e "${GREEN}Caddy 已卸载。${NC}" echo -e "\n${YELLOW}按任意键返回主菜单...${NC}" read -n 1 } reload_nginx() { docker exec nginx nginx -t && docker exec nginx nginx -s reload echo -e "\n${YELLOW}按任意键返回主菜单...${NC}" read -n 1 } reload_caddy() { echo -e "${YELLOW}正在尝试热加载 Caddy 配置...${NC}" docker exec caddy caddy reload --config /etc/caddy/Caddyfile echo -e "${YELLOW}当前容器内配置文件内容如下:${NC}" docker exec caddy cat /etc/caddy/Caddyfile echo -e "\n${YELLOW}按任意键返回主菜单...${NC}" read -n 1 } # ================================================== # --- 4. 3x-ui 管理功能模块 --- # ================================================== # ================================================== # --- 4. 域名版 3x-ui 管理 (移植捕获逻辑) --- # ================================================== manage_3xui() { local DOM_CACHE_FILE="/etc/x-ui/panel_domain.txt" local INFO_CACHE="/etc/x-ui/panel_info.txt" for pkg in sqlite3 python3; do if ! command -v "$pkg" &>/dev/null; then echo -e "${YELLOW}正在安装必要依赖 $pkg...${NC}" apt-get update && apt-get install -y "$pkg" || yum install -y "$pkg" fi done while true; do clear echo -e "${GREEN}==============================${NC}" echo -e " 3x-ui 域名版运维管理 " echo -e "${GREEN}==============================${NC}" echo "1. 安装/更新至最新版" echo "2. 选择特定版本安装" echo -e "3. ${YELLOW}修改账号/密码/端口/路径${NC}" echo "4. 绑定域名 (智能适配分流/独立模式)" echo "5. 查询面板登录详情 (含备份)" echo -e "6. ${RED}卸载 3x-ui 面板${NC}" echo "0. 返回上一级菜单" read -p "请输入数字 [0-6]: " xopt case "$xopt" in 1 | 2) local LOG_FILE="/tmp/xui_dom_install.log" local CLEAN_LOG="/tmp/xui_dom_clean.log" if [ "$xopt" == "1" ]; then bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) 2>&1 | tee "$LOG_FILE" else read -p "请输入版本号 (如 v2.6.0): " VER bash <(curl -Ls "https://raw.githubusercontent.com/mhsanaei/3x-ui/$VER/install.sh") "$VER" 2>&1 | tee "$LOG_FILE" fi sed -r "s/\x1B\[([0-9]{1,3}(;[0-9]{1,3})*)?[mGKHF]//g" "$LOG_FILE" | tr -d '\017' >"$CLEAN_LOG" local user=$(grep -ai "Username:" "$CLEAN_LOG" | awk -F': ' '{print $2}' | sed 's/[[:space:]]//g' | tail -n1) local pass=$(grep -ai "Password:" "$CLEAN_LOG" | awk -F': ' '{print $2}' | sed 's/[[:space:]]//g' | tail -n1) local port=$(grep -ai "Port:" "$CLEAN_LOG" | awk -F': ' '{print $2}' | sed 's/[[:space:]]//g' | tail -n1) local path=$(grep -ai "WebBasePath:" "$CLEAN_LOG" | awk -F': ' '{print $2}' | sed 's/[[:space:]]//g' | tail -n1) [ -n "$user" ] && echo "$user|$pass|$port|$path" >"$INFO_CACHE" read -p "是否清空面板 SSL 路径配置以防止 80 端口占用? (y/n): " clear_ssl if [[ "$clear_ssl" == "y" ]]; then sqlite3 /etc/x-ui/x-ui.db "UPDATE settings SET value='' WHERE key IN ('webCertFile', 'webKeyFile');" x-ui restart >/dev/null 2>&1 echo -e "${GREEN}SSL 路径已清空并重启面板。${NC}" fi clear printf "${BLUE}==================================================${PLAIN}\n" printf " ${PURPLE}${BOLD}������ 凭据已捕获并存入缓存${PLAIN}\n" printf "${BLUE}==================================================${PLAIN}\n" printf "${CYAN}用户名: ${BOLD}${user:-未捕获}${PLAIN}\n" printf "${CYAN}密 码: ${GREEN}${BOLD}${pass:-未捕获}${PLAIN}\n" printf "${CYAN}端 口: ${BOLD}${port:-未捕获}${PLAIN}\n" printf "${CYAN}根路径: ${BOLD}/${path#/}${PLAIN}\n" printf "${BLUE}==================================================${PLAIN}\n" rm -f "$LOG_FILE" "$CLEAN_LOG" read -p "按回车继续..." ;; 3) # 新增逻辑:检测是否安装 if [ ! -d "/etc/x-ui" ] || [ ! -f "/etc/x-ui/x-ui.db" ]; then echo -e "${RED}检测到系统未安装 域名版 3x-ui。${NC}" else local OLD_PORT=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webPort';") local OLD_USER=$(sqlite3 /etc/x-ui/x-ui.db "SELECT username FROM users WHERE id=1;") local OLD_PATH=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webBasePath';") local CUR_DOM=$(cat "$DOM_CACHE_FILE" 2>/dev/null) echo -e "${YELLOW}开始修改 (留空不修改):${NC}" read -p "新用户名 (当前: $OLD_USER): " NEW_USER read -p "新密码 (明文): " NEW_PASS read -p "新端口 (当前: $OLD_PORT): " NEW_PORT read -p "新路径 (当前: $OLD_PATH): " NEW_PATH NEW_USER=${NEW_USER:-$OLD_USER} NEW_PORT=${NEW_PORT:-$OLD_PORT} NEW_PATH=${NEW_PATH:-$OLD_PATH} # 执行 3x-ui 内部修改 /usr/local/x-ui/x-ui setting -port "$NEW_PORT" -webBasePath "$NEW_PATH" >/dev/null 2>&1 /usr/local/x-ui/x-ui setting -username "$NEW_USER" -password "${NEW_PASS:-admin}" >/dev/null 2>&1 # 更新本地凭据缓存 echo "$NEW_USER|${NEW_PASS:-admin}|$NEW_PORT|$NEW_PATH" >"$INFO_CACHE" # --- 核心修复:Inode 安全更新 Caddyfile --- if [[ -n "$CUR_DOM" && "$NEW_PORT" != "$OLD_PORT" && -f "$CADDY_FILE" ]]; then echo -e "${YELLOW}检测到已绑定域名 $CUR_DOM,正在同步更新 Caddy 端口映射...${NC}" # 1. 使用重定向覆盖,确保 Inode 不变 local temp_caddy=$(sed "s/reverse_proxy 127.0.0.1:$OLD_PORT/reverse_proxy 127.0.0.1:$NEW_PORT/g" "$CADDY_FILE") echo "$temp_caddy" >"$CADDY_FILE" # 2. 物理同步到容器,防止 cat 看到新数据但容器运行旧数据 docker cp "$CADDY_FILE" caddy:/etc/caddy/Caddyfile >/dev/null 2>&1 reload_caddy fi # 重启面板服务 systemctl restart x-ui >/dev/null 2>&1 /usr/local/x-ui/x-ui restart >/dev/null 2>&1 echo -e "${GREEN}修改成功!面板、缓存及 Caddy 配置已同步更新并重启。${NC}" fi read -p "按回车继续..." ;; 4) # 新增逻辑:检测是否安装 if [ ! -d "/etc/x-ui" ] || [ ! -f "/etc/x-ui/x-ui.db" ]; then echo -e "${RED}检测到系统未安装 域名版 3x-ui。${NC}" else # 1. 实时获取 3x-ui 端口(唯一定位锚点) local PORT=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webPort';") if [ -z "$PORT" ]; then echo -e "${RED}无法读取端口,请确认 3x-ui 已安装。${NC}" read -p "按回车继续..." continue fi read -p "请输入要绑定的域名: " DOM [ -z "$DOM" ] && continue if [ -f "$CADDY_FILE" ]; then # 2. 逻辑校验:检查新域名是否已被其他端口占用 # 匹配域名开头接 { 或 :444 { 的情况 if grep -qE "^${DOM}(:444)? \{" "$CADDY_FILE"; then echo -e "${YELLOW}警告:域名 ${BOLD}$DOM${PLAIN}${YELLOW} 已在 Caddyfile 中存在。${NC}" read -p "是否删除该域名的旧配置并重新绑定到当前端口 $PORT? (y/n): " del_confirm if [[ "$del_confirm" != "y" ]]; then echo -e "${CYAN}操作取消。${NC}" sleep 1 continue fi # 物理删除该域名对应的完整配置块 echo -e "${YELLOW}正在清理旧域名配置块...${NC}" local clean_content=$(awk -v d="$DOM" ' $0 ~ "^"d"(:444)? {" { skip=1; next } skip && $0 ~ "}" { skip=0; next } !skip { print $0 } ' "$CADDY_FILE") echo "$clean_content" >"$CADDY_FILE" fi # 3. 端口锚点查找:精准定位该端口所在的块 local proxy_line_num=$(grep -n "127.0.0.1:$PORT" "$CADDY_FILE" | head -n 1 | cut -d: -f1) local new_header [[ $(grep "https_port 444" "$CADDY_FILE") ]] && new_header="${DOM}:444 {" || new_header="${DOM} {" if [ -n "$proxy_line_num" ]; then echo -e "${YELLOW}端口 $PORT 已有绑定,正在执行精准原地覆盖...${NC}" # 向上锁定起始大括号行 local header_line_num=$(head -n "$proxy_line_num" "$CADDY_FILE" | grep -n "{" | tail -n 1 | cut -d: -f1) # Inode 安全覆盖:直接修改内容并写回,不产生新文件 local temp_content=$(sed "${header_line_num}c\\${new_header}" "$CADDY_FILE") echo "$temp_content" >"$CADDY_FILE" else # 4. 全新端口追加 echo -e "${YELLOW}未发现端口 $PORT 配置,追加新块...${NC}" echo "" >>"$CADDY_FILE" { echo "$new_header" echo " reverse_proxy 127.0.0.1:$PORT" echo "}" } >>"$CADDY_FILE" fi # 5. 【核心修复】强制物理同步:解决宿主机与容器 cat 结果不一致 # 直接把修改好的 host 文件物理拷贝进容器,无视任何挂载同步 Bug docker cp "$CADDY_FILE" caddy:/etc/caddy/Caddyfile >/dev/null 2>&1 # 6. 更新缓存并热重载 echo "$DOM" >"$DOM_CACHE_FILE" reload_caddy echo -e "${GREEN}域名 $DOM 处理成功!配置已强制物理同步并生效。${NC}" else echo -e "${RED}错误:未发现 Caddyfile。${NC}" fi fi read -p "按回车继续..." ;; 5) # 新增逻辑:检测是否安装 if [ ! -d "/etc/x-ui" ] || [ ! -f "/etc/x-ui/x-ui.db" ]; then echo -e "${RED}检测到系统未安装 域名版 3x-ui。${NC}" else echo -e "${YELLOW}--- 登录凭据详情查询 (智能组装) ---${NC}" local server_ip=$(curl -s ipv4.icanhazip.com || curl -s ifconfig.me) local current_dom=$(cat "$DOM_CACHE_FILE" 2>/dev/null) # 优先读取缓存文件中的明文信息 if [ -f "$INFO_CACHE" ]; then IFS='|' read -r u p pt pa <<<"$(cat "$INFO_CACHE")" else # 缓存不存在则从数据库读取(密码无法读取明文) u=$(sqlite3 /etc/x-ui/x-ui.db "SELECT username FROM users WHERE id=1;") p="[数据库已加密/请执行修改]" pt=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webPort';") pa=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webBasePath';") fi # 规范化路径格式 local clean_pa=$(echo "$pa" | sed 's|^/||') # 逻辑判断并输出组装地址 if [ -n "$current_dom" ]; then echo -e "${CYAN}访问地址: ${BOLD}https://$current_dom/$clean_pa${PLAIN}" else echo -e "${CYAN}访问地址: ${BOLD}http://$server_ip:$pt/$clean_pa${PLAIN}" fi echo -e "${GREEN}用户名: $u 密码: $p${NC}" fi read -p "按回车继续..." ;; 6) read -p "确认卸载 3x-ui 面板? (y/n): " confirm if [[ "$confirm" == "y" ]]; then # 核心新增:卸载前先清理 Caddyfile if [ -f "$DOM_CACHE_FILE" ] && [ -f "$CADDY_FILE" ]; then local OLD_DOM=$(cat "$DOM_CACHE_FILE") echo -e "${YELLOW}正在清理 Caddyfile 中的域名配置: $OLD_DOM...${NC}" local clean_content=$(awk -v d="$OLD_DOM" ' $0 ~ "^"d"(:444)? {" { skip=1; next } skip && $0 ~ "}" { skip=0; next } !skip { print $0 } ' "$CADDY_FILE") echo "$clean_content" >"$CADDY_FILE" docker cp "$CADDY_FILE" caddy:/etc/caddy/Caddyfile >/dev/null 2>&1 reload_caddy fi # 执行原本的卸载逻辑 x-ui stop && x-ui uninstall rm -rf /etc/x-ui /usr/local/x-ui /usr/bin/x-ui echo -e "${GREEN}卸载完成并已清理相关域名配置。${NC}" fi ;; 0) return 0 ;; esac done } # docker版3x-ui manage_docker_3xui() { while true; do clear echo -e "${GREEN}==============================${NC}" echo -e " Docker版 3x-ui 管理 " echo -e "${GREEN}==============================${NC}" echo "1. 一键安装 Docker 版 3x-ui" echo "2. 修改用户名、密码、端口、根路径" echo "3. 绑定域名" echo "4. 查询面板信息" echo -e "5. ${RED}一键卸载 Docker 版 3x-ui${NC}" echo "0. 返回上一级菜单" echo -e "${GREEN}==============================${NC}" read -p "请输入数字 [0-5]: " dopt case "$dopt" in 1) if [ "$(docker ps -q -f name=^3x-ui$)" ]; then echo -e "${YELLOW}检测到 Docker 版 3x-ui 已经在运行中,为您查询当前面板信息:${NC}" if [ -f "$DOCKER_3XUI_CONF" ]; then IFS='|' read -r u p pt path dom <<<"$(cat $DOCKER_3XUI_CONF)" formatted_path=$(echo "$path" | sed 's|^/||') echo -e "${YELLOW}--- Docker面板信息 ---${NC}" [ -n "$dom" ] && echo -e "访问地址: https://$dom/$formatted_path" || echo -e "访问地址: http://服务器IP:$pt/$formatted_path" echo -e "用户名: $u 密码: $p" else echo -e "默认用户名: admin 默认密码: admin" fi else echo -e "${YELLOW}正在安装 Docker 版 3x-ui...${NC}" mkdir -p $DOCKER_3XUI_DIR cat >$DOCKER_3XUI_DIR/docker-compose.yml <"$DOCKER_3XUI_CONF" echo -e "${GREEN}安装完成!默认端口: 2053, 用户名密码: admin/admin${NC}" fi ;; 2) if [ -z "$(docker ps -a -q -f name=^3x-ui$)" ]; then echo -e "${RED}检测到尚未安装 Docker 版 3x-ui。${NC}" else local OLD_VALS=$(cat "$DOCKER_3XUI_CONF" 2>/dev/null) IFS='|' read -r old_u old_p old_pt old_path old_dom <<<"$OLD_VALS" old_u=${old_u:-admin} old_p=${old_p:-admin} old_pt=${old_pt:-2053} old_path=${old_path:-/} echo -e "${YELLOW}开始修改 (直接回车留空代表不修改):${NC}" read -p "新用户名 (当前: $old_u): " d_user read -p "新密码 (当前: $old_p): " d_pass read -p "新端口 (当前: $old_pt): " d_port read -p "新根路径 (当前: $old_path): " d_path [[ -z "$d_user" ]] && d_user=$old_u [[ -z "$d_pass" ]] && d_pass=$old_p [[ -z "$d_port" ]] && d_port=$old_pt [[ -z "$d_path" ]] && d_path=$old_path echo -e "${YELLOW}正在进入容器修改配置...${NC}" docker exec 3x-ui /bin/bash -c " /app/x-ui setting -port $d_port >/dev/null 2>&1 /app/x-ui setting -username $d_user -password $d_pass >/dev/null 2>&1 /app/x-ui setting -webBasePath '$d_path' >/dev/null 2>&1 " docker restart 3x-ui # 同步更新 Caddyfile (Inode安全模式) if [[ -n "$old_dom" && "$d_port" != "$old_pt" && -f "$CADDY_FILE" ]]; then echo -e "${YELLOW}检测到已绑定域名,正在同步更新 Caddy 端口...${NC}" local temp_caddy=$(sed "s/127.0.0.1:$old_pt/127.0.0.1:$d_port/g" "$CADDY_FILE") echo "$temp_caddy" >"$CADDY_FILE" docker cp "$CADDY_FILE" caddy:/etc/caddy/Caddyfile >/dev/null 2>&1 reload_caddy fi echo "$d_user|$d_pass|$d_port|$d_path|$old_dom" >"$DOCKER_3XUI_CONF" echo -e "${GREEN}修改成功!面板、缓存及 Caddy 已强制同步。${NC}" fi ;; 3) if [ -z "$(docker ps -a -q -f name=^3x-ui$)" ]; then echo -e "${RED}检测到尚未安装 Docker 版 3x-ui。${NC}" else # 获取当前运行的端口 local cur_info=$(cat "$DOCKER_3XUI_CONF" 2>/dev/null) IFS='|' read -r u p pt path old_dom <<<"$cur_info" local PORT=${pt:-2053} read -p "请输入要绑定的域名: " DOM [ -z "$DOM" ] && continue if [ -f "$CADDY_FILE" ]; then # 1. 域名冲突校验 (检查新域名是否已被其他端口占用) if grep -qE "^${DOM}(:444)? \{" "$CADDY_FILE"; then echo -e "${YELLOW}提示:域名 ${BOLD}$DOM${PLAIN}${YELLOW} 已存在。${NC}" read -p "是否删除该域名的旧配置并覆盖到当前端口 $PORT? (y/n): " dom_confirm if [[ "$dom_confirm" != "y" ]]; then echo -e "${CYAN}已取消。${NC}" sleep 1 continue fi local clean_content=$(awk -v d="$DOM" '$0 ~ "^"d"(:444)? {" {skip=1;next} skip && $0 ~ "}" {skip=0;next} !skip {print $0}' "$CADDY_FILE") echo "$clean_content" >"$CADDY_FILE" fi # 2. 端口锚点查找:精准定位 local proxy_line_num=$(grep -n "127.0.0.1:$PORT" "$CADDY_FILE" | head -n 1 | cut -d: -f1) local new_header [[ $(grep "https_port 444" "$CADDY_FILE") ]] && new_header="${DOM}:444 {" || new_header="${DOM} {" if [ -n "$proxy_line_num" ]; then echo -e "${YELLOW}端口 $PORT 已有绑定,正在精准覆盖域名...${NC}" local header_line_num=$(head -n "$proxy_line_num" "$CADDY_FILE" | grep -n "{" | tail -n 1 | cut -d: -f1) local temp_content=$(sed "${header_line_num}c\\${new_header}" "$CADDY_FILE") echo "$temp_content" >"$CADDY_FILE" else echo -e "${YELLOW}正在追加新配置块...${NC}" echo "" >>"$CADDY_FILE" { echo "$new_header" echo " reverse_proxy 127.0.0.1:$PORT" echo "}" } >>"$CADDY_FILE" fi # 3. 强制物理同步 + 热重载 docker cp "$CADDY_FILE" caddy:/etc/caddy/Caddyfile >/dev/null 2>&1 echo "$u|$p|$PORT|$path|$DOM" >"$DOCKER_3XUI_CONF" reload_caddy echo -e "${GREEN}域名 $DOM 绑定成功并已强制同步生效!${NC}" fi fi ;; 4) # 新增逻辑:检测容器是否存在 if [ -z "$(docker ps -a -q -f name=^3x-ui$)" ]; then echo -e "${RED}检测到尚未安装 Docker 版 3x-ui。${NC}" else if [ -f "$DOCKER_3XUI_CONF" ]; then IFS='|' read -r u p pt path dom <<<"$(cat $DOCKER_3XUI_CONF)" formatted_path=$(echo "$path" | sed 's|^/||') echo -e "${YELLOW}--- Docker面板详情 ---${NC}" [ -n "$dom" ] && echo -e "访问地址: https://$dom/$formatted_path" || echo -e "访问地址: http://服务器IP:$pt/$formatted_path" echo -e "用户名: $u 密码: $p" else echo -e "默认用户名: admin 默认密码: admin" fi fi read -p "按回车继续..." ;; 5) read -p "确认卸载 Docker 版 3x-ui? (y/n): " confirm if [[ "$confirm" == "y" ]]; then # 核心新增:卸载前读取配置并清理 Caddyfile if [ -f "$DOCKER_3XUI_CONF" ] && [ -f "$CADDY_FILE" ]; then IFS='|' read -r u p pt path dom <<<"$(cat $DOCKER_3XUI_CONF)" if [ -n "$dom" ]; then echo -e "${YELLOW}正在同步清理 Caddy 域名配置: $dom...${NC}" local clean_content=$(awk -v d="$dom" ' $0 ~ "^"d"(:444)? {" { skip=1; next } skip && $0 ~ "}" { skip=0; next } !skip { print $0 } ' "$CADDY_FILE") echo "$clean_content" >"$CADDY_FILE" docker cp "$CADDY_FILE" caddy:/etc/caddy/Caddyfile >/dev/null 2>&1 reload_caddy fi fi # 执行原本的 Docker 卸载逻辑 if [ -d "$DOCKER_3XUI_DIR" ]; then cd "$DOCKER_3XUI_DIR" && docker compose down && cd ~ && rm -rf $DOCKER_3XUI_DIR echo -e "${GREEN}Docker版 3x-ui 及相关域名配置已完全移除。${NC}" fi fi read -p "按回车继续..." ;; 0) return 0 ;; esac echo -e "\n${YELLOW}按回车键继续...${NC}" read -p "" done } # ================================================== # --- 5. TCP 深度调优功能模块 --- # ================================================== SYSCTL_OPT="/etc/sysctl.d/99-network-performance.conf" LIMITS_OPT="/etc/security/limits.d/99-network-performance.conf" # 获取当前核心参数状态 get_network_status() { local max_conn=$(sysctl -n net.core.somaxconn) local tcp_mem=$(sysctl -n net.core.rmem_max) local bbr_status=$(sysctl -n net.ipv4.tcp_congestion_control) local file_limits=$(ulimit -n) echo -e " [算法]: $bbr_status | [连接限制]: $max_conn | [缓冲区]: $((tcp_mem / 1024 / 1024))MB | [文件句柄]: $file_limits" } # 1、开启bbr enable_bbr_tune() { echo -e "\n${YELLOW}>>> 正在激活 BBR + FQ 拥塞算法...${NC}" echo "net.core.default_qdisc = fq" >/etc/sysctl.d/10-bbr.conf echo "net.ipv4.tcp_congestion_control = bbr" >>/etc/sysctl.d/10-bbr.conf sysctl --system &>/dev/null echo -e "${GREEN}✅ 成功!当前算法: $(sysctl -n net.ipv4.tcp_congestion_control)${NC}" # sleep 2 read -p "按回车返回..." } smart_tune_tcp_tune() { # 1. 采集调优前状态 local old_bbr=$(sysctl -n net.ipv4.tcp_congestion_control) local old_somax=$(sysctl -n net.core.somaxconn) local old_rmem=$(sysctl -n net.core.rmem_max) local old_file=$(ulimit -n) echo -e "\n${YELLOW}>>> 正在启动系统环境扫描...${NC}" local mem_total_kb=$(grep MemTotal /proc/meminfo | awk '{print $2}') local cpu_count=$(nproc) local buf_bytes=$((mem_total_kb * 5 / 100 * 1024)) # 实时反馈硬件匹配情况 echo -e " - 核心数: ${CYAN}${cpu_count}${NC} | 内存总量: ${CYAN}$((mem_total_kb / 1024))MB${NC}" echo -e " - 动态缓冲区分配: ${CYAN}$((buf_bytes / 1024 / 1024))MB${NC} (基于总内存 5%)" sleep 0.5 echo -e "\n${YELLOW}>>> 正在部署生产级 + 跨境优化内核配置...${NC}" # 写入文件 cat >"$SYSCTL_OPT" </dev/null # 2. 注入高级补丁集输出 (提升专业感) echo -e "${CYAN}>>> 正在注入跨境链路专项优化补丁...${NC}" sleep 0.2 printf " %-30s [ ${GREEN}%s${NC} ]\n" "TCP Low Latency (TTFB)" "已激活" sleep 0.1 printf " %-30s [ ${GREEN}%s${NC} ]\n" "MTU Path Discovery" "已开启" sleep 0.1 printf " %-30s [ ${GREEN}%s${NC} ]\n" "UDP Buffer Expansion" "16KB" sleep 0.1 printf " %-30s [ ${GREEN}%s${NC} ]\n" "MSS Smart Clamp" "待命" # 3. 写入句柄限制 mkdir -p /etc/security/limits.d/ cat >"$LIMITS_OPT" </dev/null; then iptables -t mangle -D POSTROUTING -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 2>/dev/null || true iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu echo -e "${GREEN} ✔ 成功部署 MSS Clamp 智能钳制规则,防止跨境连接超时。${NC}" fi # 5. 调优成果对比展示 echo -e "\n${GREEN}✅ 深度调优完成,性能看板快照:${NC}" draw_line # 假设你脚本里有这个函数画分割线 # 动态对比输出 printf " %-12s: %-15s -> ${GREEN}%-15s${NC}\n" "拥塞算法" "$old_bbr" "bbr" printf " %-12s: %-15s -> ${GREEN}%-15s${NC}\n" "最大连接" "$old_somax" "65535" printf " %-12s: %-15s -> ${GREEN}%-15s${NC}\n" "文件句柄" "$old_file" "1048576" printf " %-12s: %-15s -> ${GREEN}%-15s${NC}\n" "网络缓冲" "$((old_rmem / 1024 / 1024))MB" "$((buf_bytes / 1024 / 1024))MB" echo -e "\n${PURPLE}ℹ 所有配置已持久化至 $SYSCTL_OPT${NC}" echo -e "${PURPLE}ℹ 重启服务器后配置依然生效,回退请使用选项 4${NC}" read -p "按回车返回..." } optimize_nic_tune() { echo -e "\n${YELLOW}>>> 正在执行多核心中断分发 (RSS/RPS) 优化...${NC}" if ! command -v ethtool &>/dev/null; then apt-get update && apt-get install -y ethtool || yum install -y ethtool; fi local interfaces=$(ls /sys/class/net | grep -vE 'lo|docker|veth|virtio|br-') local cpu_count=$(nproc) local rps_cpus=$(printf '%x' $(((1 << cpu_count) - 1))) for eth in $interfaces; do local max_rx=$(ethtool -g "$eth" 2>/dev/null | grep -A 5 "Pre-set maximums" | grep "RX:" | awk '{print $2}') ethtool -G "$eth" rx "${max_rx:-1024}" tx "${max_rx:-1024}" &>/dev/null || true for rps_file in /sys/class/net/$eth/queues/rx-*/rps_cpus; do [ -f "$rps_file" ] && echo "$rps_cpus" >"$rps_file"; done for rfc_file in /sys/class/net/$eth/queues/rx-*/rps_flow_cnt; do [ -f "$rfc_file" ] && echo "4096" >"$rfc_file"; done done sysctl -w net.core.rps_sock_flow_entries=32768 &>/dev/null echo -e "${GREEN}✅ 优化成功!流量已平摊至 $cpu_count 个核心。${NC}" # sleep 3 read -p "按回车返回..." } # 设置 IPv4 优先 set_ipv4_priority() { echo -e "\n${YELLOW}>>> 正在调整系统互联网协议优先级...${NC}" if [ ! -f /etc/gai.conf ]; then # 如果文件不存在,则创建一个包含默认注释的文件 echo "label ::1/128 0" >/etc/gai.conf echo "label ::/0 1" >>/etc/gai.conf echo "label 2002::/16 2" >>/etc/gai.conf echo "label ::/96 3" >>/etc/gai.conf echo "label ::ffff:0:0/96 4" >>/etc/gai.conf echo "precedence ::1/128 50" >>/etc/gai.conf echo "precedence ::/0 40" >>/etc/gai.conf echo "precedence 2002::/16 30" >>/etc/gai.conf echo "precedence ::/96 20" >>/etc/gai.conf echo "precedence ::ffff:0:0/96 10" >>/etc/gai.conf fi # 备份原文件 cp /etc/gai.conf /etc/gai.conf.bak # 核心逻辑:取消这一行的注释,使其优先级最高 (100) # 如果该行不存在则添加,如果存在被注释则取消注释 if grep -q "precedence ::ffff:0:0/96 100" /etc/gai.conf; then sed -i 's/^#precedence ::ffff:0:0\/96 100/precedence ::ffff:0:0\/96 100/' /etc/gai.conf else echo "precedence ::ffff:0:0/96 100" >>/etc/gai.conf fi echo -e "${GREEN}✅ 优化成功!当前系统已设置为 [ IPv4 优先 ]。${NC}" echo -e "${CYAN}ℹ 提示: 此操作可有效解决部分跨境节点 IPv6 路由绕路导致的握手延迟。${NC}" read -p "按回车返回..." } rollback_tcp_tune() { # 清理 sysctl 和 limits rm -f "$SYSCTL_OPT" "$LIMITS_OPT" /etc/sysctl.d/10-bbr.conf # 清理 MSS 钳制规则 if command -v iptables &>/dev/null; then iptables -t mangle -D POSTROUTING -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu 2>/dev/null || true fi local interfaces=$(ls /sys/class/net | grep -vE 'lo|docker|veth|virtio|br-') for eth in $interfaces; do for rps_file in /sys/class/net/$eth/queues/rx-*/rps_cpus; do [ -f "$rps_file" ] && echo "0" >"$rps_file"; done done sysctl --system &>/dev/null echo -e "${GREEN}✅ 回退完成。${NC}" read -p "按回车返回..." } # 最差劲的调节 badest_tcp_tune() { echo -e "\n${YELLOW}>>> 正在对系统进行最差劲的调节...${NC}" read -p "是否要继续?(y/n): " confirm cat </etc/sysctl.conf # 1. 使用传统的 Cubic 拥塞控制 # Cubic 在丢包时会剧烈减速,非常符合你“稳定性差”的要求 net.core.default_qdisc = pfifo_fast net.ipv4.tcp_congestion_control = cubic # 2. 差劲的 TCP 读取缓冲区 # 将最大值限制在 128KB 左右。在高延迟链路(如跨境)下, # TCP 窗口会因为缓冲区太小而无法完全打开,导致大带宽也跑不出速度。 net.ipv4.tcp_rmem = 4096 87380 131072 net.ipv4.tcp_wmem = 4096 16384 131072 # 3. 很差的 UDP 缓冲区 # 仅给 256KB。如果你跑 Hysteria2 或 QUIC 协议, # 只要瞬时流量稍大,内核就会因为装不下而开始丢包。 net.core.rmem_max = 262144 net.core.wmem_max = 262144 # 4. 稳定性差:禁用端口复用 # 这样在高并发请求后,大量端口会卡在 TIME_WAIT 状态无法快速释放, # 导致新连接可能因为“无端口可用”而失败。 net.ipv4.tcp_tw_reuse = 0 # 5. 减小积压队列 # 只要网卡负载稍高,新进来的包就会被排挤掉 net.core.netdev_max_backlog = 128 EOF # 使配置生效 sysctl -p } manage_tcp_tune() { while true; do clear echo -e "${YELLOW}==================================================${NC}" echo -e "${YELLOW} TCP/UDP 网络深度调优与性能看板 ${NC}" echo -e "${YELLOW}==================================================${NC}" echo -e " 1. 设置 IPv4 优先解析 -> [解决 IPv6 绕路导致的握手卡顿]" # 新增 echo -e " 2. 开启 BBR + FQ -> [降低跨境丢包,提升单线程速度]" echo -e " 3. 生产级内核调优 -> [支撑 6w+ 并发连接,防止队列溢出]" echo -e " 4. 网卡多队列均衡 -> [消除单核 CPU 瓶颈,平摊全核负载]" echo -e " 5. 一键回退到默认设置 -> [清理所有独立调优配置文件]" # echo -e " 6. 最差调节 -> [一旦采用,系统性能变得极差]" echo -e " 0. 返回主菜单" echo -e "${YELLOW}--------------------------------------------------${NC}" echo -e "当前状态: 算法:$(sysctl -n net.ipv4.tcp_congestion_control) | 句柄:$(ulimit -n)" echo -e "${YELLOW}--------------------------------------------------${NC}" read -p "请选择数字 [0-4]: " t_opt case "$t_opt" in 1) set_ipv4_priority ;; # 对应新函数 2) enable_bbr_tune ;; 3) smart_tune_tcp_tune ;; 4) optimize_nic_tune ;; 5) rollback_tcp_tune ;; # 6) badest_tcp_tune ;; 0) return 0 ;; esac done } # ================================================== # --- 6. Rsync 文件同步功能模块 --- # ================================================== rsync_tool() { if ! command -v rsync &>/dev/null; then echo -e "${YELLOW}检测到本地缺失 rsync,正在安装...${NC}" if command -v apt-get &>/dev/null; then apt-get update && apt-get install -y rsync elif command -v yum &>/dev/null; then yum install -y rsync fi fi echo -e "\n${GREEN}==============================" echo -e " ▒▒ Rsync 文件同步工具" echo -e "==============================${NC}" read -e -p "请输入源路径 (支持Tab补全): " SRC_PATH SRC_PATH=$(echo "$SRC_PATH" | xargs) if [ -z "$SRC_PATH" ] || [ ! -e "$SRC_PATH" ]; then echo -e "${RED}❌ 路径无效${NC}" return fi read -p "请输入目标主机 IP: " DEST_HOST if [ -z "$DEST_HOST" ]; then echo -e "${RED}❌ IP不能为空${NC}" return fi read -p "请输入目标用户名 (默认 root): " DEST_USER DEST_USER=${DEST_USER:-root} read -e -p "请输入目标目录 (默认 /root): " DEST_DIR DEST_DIR=${DEST_DIR:-/root} read -p "请输入 SSH 端口 (默认 22): " SSH_PORT SSH_PORT=${SSH_PORT:-22} mkdir -p ~/.ssh/sockets SSH_OPTS="-p ${SSH_PORT} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ControlMaster=auto -o ControlPath=~/.ssh/sockets/%r@%h:%p -o ControlPersist=60" echo -e "\n������ 检查远程主机是否具备同步条件..." if ! ssh ${SSH_OPTS} "${DEST_USER}@${DEST_HOST}" "rsync --version" &>/dev/null; then echo -e "${YELLOW}⚠️ 远程主机缺失 rsync,尝试自动安装...${NC}" ssh -t ${SSH_OPTS} "${DEST_USER}@${DEST_HOST}" " if command -v apt-get &>/dev/null; then apt-get update && apt-get install -y rsync elif command -v yum &>/dev/null; then yum install -y rsync elif command -v dnf &>/dev/null; then dnf install -y rsync elif command -v apk &>/dev/null; then apk add rsync else echo '❌ 无法识别包管理器'; exit 1; fi " if [ $? -ne 0 ]; then echo -e "${RED}❌ 自动安装失败!${NC}" return fi echo -e "${GREEN}✅ 远程 rsync 安装成功!${NC}" fi echo -e "\n������ 准备同步..." rsync -avzhP --delete -e "ssh ${SSH_OPTS}" --exclude ".git/" "${SRC_PATH}" "${DEST_USER}@${DEST_HOST}:${DEST_DIR}" if [ $? -eq 0 ]; then echo -e "\n${GREEN}✅ 同步完成!${NC}"; else echo -e "\n${RED}❌ 同步失败。${NC}"; fi echo -e "\n${YELLOW}按任意键返回主菜单...${NC}" read -n 1 } # ================================================== # --- 7. Realm 转发功能模块 (复原 UI 与 逻辑) --- # ================================================== CONF_DIR="/etc/realm" CONF_FILE="/etc/realm/config.toml" REALM_BIN="/usr/bin/realm" draw_line() { printf "${BLUE}==================================================${PLAIN}\n"; } get_block_range() { local target_port=$1 local line_port=$(grep -n "listen = \"0.0.0.0:$target_port\"" "$CONF_FILE" | head -n1 | cut -d: -f1) if [ -z "$line_port" ]; then echo "" return fi local start_line=$(head -n "$line_port" "$CONF_FILE" | grep -n "\[\[endpoints\]\]" | tail -n1 | cut -d: -f1) local end_line_relative=$(tail -n +"$line_port" "$CONF_FILE" | grep -n "remote =" | head -n1 | cut -d: -f1) local end_line=$((line_port + end_line_relative - 1)) echo "${start_line},${end_line}" } # 安装realm install_realm() { clear draw_line printf "${BOLD} 正在准备安装 Realm 环境...${PLAIN}\n" # 1. 优化依赖安装 for cmd in wget tar ss; do if ! command -v $cmd >/dev/null 2>&1; then echo -e "${YELLOW}正在自动安装依赖 $cmd...${NC}" if command -v apt-get >/dev/null 2>&1; then apt-get update && apt-get install -y $cmd elif command -v yum >/dev/null 2>&1; then yum install -y $cmd fi fi done # 2. 内核转发 printf "${CYAN}[1/4]${NC} 开启内核转发...\n" if ! grep -q "net.ipv4.ip_forward = 1" /etc/sysctl.conf; then echo "net.ipv4.ip_forward = 1" >>/etc/sysctl.conf fi sysctl -p >/dev/null 2>&1 # 3. 下载 Realm printf "${CYAN}[2/4]${NC} 下载最新版 Realm...\n" arch=$(uname -m) case "$arch" in x86_64) url="https://github.com/zhboner/realm/releases/latest/download/realm-x86_64-unknown-linux-gnu.tar.gz" ;; aarch64) url="https://github.com/zhboner/realm/releases/latest/download/realm-aarch64-unknown-linux-gnu.tar.gz" ;; *) echo "不支持的架构: $arch" return 1 ;; esac wget -N --no-check-certificate "$url" -O realm.tar.gz tar -xvf realm.tar.gz >/dev/null 2>&1 chmod +x realm && mv -f realm $REALM_BIN rm -f realm.tar.gz # 4. 改进的系统服务配置 printf "${CYAN}[3/4]${NC} 配置系统服务...\n" cat </etc/systemd/system/realm.service [Unit] Description=Realm Service After=network-online.target Wants=network-online.target [Service] Type=simple User=root WorkingDirectory=$CONF_DIR ExecStart=$REALM_BIN -c $CONF_FILE Restart=always RestartSec=5 LimitNOFILE=65535 [Install] WantedBy=multi-user.target EOF # 5. 核心修正:初始化符合 v2 规范的配置文件 printf "${CYAN}[4/4]${NC} 初始化配置文件...\n" mkdir -p $CONF_DIR if [ ! -f "$CONF_FILE" ]; then # 必须包含一个基本的 endpoints 示例,否则 realm 无法启动 cat <$CONF_FILE [network] no_delay = true keepalive = 30 [[endpoints]] listen = "0.0.0.0:10000" remote = "1.2.3.4:20000" EOF fi # 6. 启动并检测 systemctl daemon-reload systemctl enable realm >/dev/null 2>&1 systemctl restart realm sleep 2 # 给服务一点点启动时间再检测 if systemctl is-active --quiet realm; then printf "${GREEN}恭喜!Realm 安装并启动成功。${NC}\n" else printf "${RED}安装失败!${NC} 请尝试手动运行查看报错: $REALM_BIN -c $CONF_FILE\n" fi draw_line printf "按回车键返回..." && read temp } add_forward() { clear draw_line printf "${BOLD} 新增/修改 转发规则${PLAIN}\n" printf "${YELLOW}提示:支持一键输入 (本地端口 落地IP 落地端口 备注)${PLAIN}\n" draw_line printf "请输入: " && read -r input_data set -- $input_data if [ $# -ge 3 ]; then l_port=$1 r_ip=$2 r_port=$3 shift 3 remark="$*" [ -z "$remark" ] && remark="no_remark" else printf "本地监听端口: " && read l_port printf "落地机 IP: " && read r_ip printf "落地机端口: " && read r_port printf "备注说明: " && read -r remark fi range=$(get_block_range "$l_port") [ -n "$range" ] && { printf "检测到端口已存在,正在覆盖修改...\n" sed -i "${range}d" "$CONF_FILE" } cat <>$CONF_FILE [[endpoints]] # $remark listen = "0.0.0.0:$l_port" remote = "$r_ip:$r_port" EOF systemctl restart realm printf "${GREEN}>> 转发处理成功!${NC}\n" printf "按回车键返回..." && read temp } delete_forward() { clear draw_line printf "${BOLD} 当前已配置的转发规则列表${PLAIN}\n" draw_line if [ ! -f "$CONF_FILE" ]; then printf "${RED}配置文件不存在!${NC}\n" else awk '/#/{rem=$0; sub(/^# /,"",rem)} /listen/{lis=$3} /remote/{remt=$3; printf "\033[1;36m备注:\033[0m %-12s \033[1;32m监听:\033[0m %-15s \033[1;33m落地:\033[0m %-15s\n", rem, lis, remt}' $CONF_FILE | sed 's/"//g' fi draw_line printf "请输入要删除的 ${BOLD}本地监听端口${PLAIN} (回车取消): " && read del_port if [ -n "$del_port" ]; then range=$(get_block_range "$del_port") if [ -n "$range" ]; then sed -i "${range}d" "$CONF_FILE" sed -i '/^$/N;/^\n$/D' "$CONF_FILE" systemctl restart realm printf "${GREEN}已成功删除端口 $del_port。${NC}\n" else printf "${RED}未找到该端口。${NC}\n" fi fi printf "按回车键返回..." && read temp } manage_realm() { while true; do clear printf "${BLUE}==================================================${PLAIN}\n" printf " ${PURPLE}${BOLD}Realm 一键管理面板 ${PLAIN}\n" printf "${BLUE}==================================================${PLAIN}\n" printf " ${CYAN}1.${PLAIN} 安装 Realm\n" printf " ${CYAN}2.${PLAIN} 新增/修改 转发 ${YELLOW}(支持一键输入)${PLAIN}\n" printf " ${CYAN}3.${PLAIN} 查看 转发\n" printf " ${CYAN}4.${PLAIN} 删除 转发 ${YELLOW}(精准块定位)${PLAIN}\n" printf " ${RED}5. 卸载 Realm${PLAIN}\n" printf " ${BOLD}0. 返回上一级菜单${PLAIN}\n" draw_line printf "请选择 [0-5]: " && read num case "$num" in 1) install_realm ;; 2) add_forward ;; 3) clear draw_line awk '/#/{rem=$0} /listen/{lis=$3} /remote/{remt=$3; print rem, lis, remt}' $CONF_FILE | sed 's/"//g' draw_line read -p "回车继续..." ;; 4) delete_forward ;; 5) systemctl stop realm rm -rf $REALM_BIN $CONF_DIR /etc/systemd/system/realm.service printf "Realm 已卸载。\n" sleep 1 ;; 0) return 0 ;; *) printf "输入错误" && sleep 1 ;; esac done } # ================================================== # --- 8. 二级菜单管理 (解决菜单调整问题 1 & 2) --- # ================================================== # 首页菜单 2:域名反代管理 manage_web_proxy_menu() { while true; do clear echo -e "${GREEN}==============================${NC}" echo -e " ${PURPLE}${BOLD}域名反代与 Web 管理 ${PLAIN}" echo -e "${GREEN}==============================${NC}" echo "1. 管理组合分流模式 (nginx & caddy)" echo "2. 管理独立 Web 模式 (仅 caddy)" echo -e "${YELLOW}3. 一键刷新 Nginx 配置${NC}" echo -e "${YELLOW}4. 一键刷新 Caddy 配置${NC}" echo "0. 返回上一级菜单" read -p "请输入数字 [0-4]: " wopt case "$wopt" in 1) while true; do clear echo -e "${GREEN}组合分流模式 (nginx & caddy)${NC}" echo "1. 安装组合分流模式" echo -e "${RED}2. 卸载组合分流模式${PLAIN}" echo "0. 返回上一级菜单" read -p "选择: " sw case "$sw" in 1) install_nginx_caddy ;; 2) uninstall_nginx_caddy ;; 0) break ;; esac done ;; 2) while true; do clear echo -e "${GREEN}独立 Web 模式 (caddy)${NC}" echo "1. 安装独立 Caddy 模式" echo -e "${RED}2. 卸载独立 Caddy 模式${PLAIN}" echo "0. 返回上一级菜单" read -p "选择: " sw2 case "$sw2" in 1) install_only_caddy ;; 2) uninstall_only_caddy ;; 0) break ;; esac done ;; 3) reload_nginx ;; 4) reload_caddy ;; 0) return 0 ;; esac done } # --- 4.1 原生版安装逻辑:实时捕获凭据 --- install_native_xui() { local INFO_CACHE="/etc/x-ui/panel_info.txt" if [ -d "/etc/x-ui" ]; then printf "${YELLOW}检测到系统已安装 3x-ui,是否执行更新/重新安装?(y/n): ${PLAIN}" && read -r confirm [[ "$confirm" != "y" ]] && return fi printf "${CYAN}正在调用官方脚本,请根据提示完成交互...${NC}\n" local LOG_FILE="/tmp/xui_install.log" local CLEAN_LOG="/tmp/xui_clean.log" bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh) 2>&1 | tee "$LOG_FILE" # 强力去色捕获 sed -r "s/\x1B\[([0-9]{1,3}(;[0-9]{1,3})*)?[mGKHF]//g" "$LOG_FILE" | tr -d '\017' >"$CLEAN_LOG" local user=$(grep -ai "Username:" "$CLEAN_LOG" | awk -F': ' '{print $2}' | sed 's/[[:space:]]//g' | tail -n1) local pass=$(grep -ai "Password:" "$CLEAN_LOG" | awk -F': ' '{print $2}' | sed 's/[[:space:]]//g' | tail -n1) local port=$(grep -ai "Port:" "$CLEAN_LOG" | awk -F': ' '{print $2}' | sed 's/[[:space:]]//g' | tail -n1) local path=$(grep -ai "WebBasePath:" "$CLEAN_LOG" | awk -F': ' '{print $2}' | sed 's/[[:space:]]//g' | tail -n1) local server_ip=$(curl -s ipv4.icanhazip.com || curl -s ifconfig.me) # 写入缓存文件 [ -n "$user" ] && echo "$user|$pass|$port|$path" >"$INFO_CACHE" clear printf "${BLUE}==================================================${PLAIN}\n" printf " ${PURPLE}${BOLD}������ 3x-ui 原生面板安装/更新完成${PLAIN}\n" printf "${BLUE}==================================================${PLAIN}\n" printf "${CYAN}用户名: ${BOLD}${user:-捕获失败}${PLAIN}\n" printf "${CYAN}密 码: ${GREEN}${BOLD}${pass:-捕获失败}${PLAIN}\n" printf "${CYAN}端 口: ${BOLD}${port:-捕获失败}${PLAIN}\n" printf "${CYAN}根路径: ${BOLD}/${path#/}${PLAIN}\n" printf "${BLUE}--------------------------------------------------${PLAIN}\n" printf "${YELLOW}访问地址: ${BOLD}http://$server_ip:${port:-端口}/$path${PLAIN}\n" printf "${BLUE}==================================================${PLAIN}\n" rm -f "$LOG_FILE" "$CLEAN_LOG" printf "按回车键返回管理菜单..." && read -r temp } # 4.2 原生版3xui管理 (保留所有提醒和括号回显) manage_native_xui_submenu() { local INFO_CACHE="/etc/x-ui/panel_info.txt" for pkg in sqlite3 python3; do if ! command -v "$pkg" &>/dev/null; then echo -e "${YELLOW}正在安装必要依赖 $pkg...${NC}" apt-get update && apt-get install -y "$pkg" || yum install -y "$pkg" fi done while true; do clear printf "${BLUE}==================================================${PLAIN}\n" printf " ${PURPLE}${BOLD}原生 3x-ui 深度管理中心 (无域名)${PLAIN}\n" printf "${BLUE}==================================================${PLAIN}\n" printf " ${CYAN}1.${PLAIN} 安装 / 更新 3x-ui\n" printf " ${CYAN}2.${PLAIN} 查看 登录详情 (含数据库查询)\n" printf " ${CYAN}3.${PLAIN} 修改 账号/密码/端口/路径\n" printf " ${RED}4. 卸载 3x-ui 面板${PLAIN}\n" printf " ${BOLD}0. 返回上一级菜单${PLAIN}\n" draw_line read -p "请选择 [0-4]: " n_opt case "$n_opt" in 1) install_native_xui ;; 2) # 1. 检测是否安装 if [ ! -d "/etc/x-ui" ] || [ ! -f "/etc/x-ui/x-ui.db" ]; then echo -e "${RED}检测到系统未安装 原生版 3x-ui,请先执行安装。${NC}" else echo -e "${YELLOW}--- 登录凭据查询 (智能组装) ---${NC}" local server_ip=$(curl -s ipv4.icanhazip.com || curl -s ifconfig.me) # 2. 优先读取缓存文件中的明文信息 if [ -f "$INFO_CACHE" ]; then IFS='|' read -r u p pt pa <<<"$(cat "$INFO_CACHE")" else # 3. 缓存不存在则从数据库读取(密码由于加密无法显示明文) u=$(sqlite3 /etc/x-ui/x-ui.db "SELECT username FROM users WHERE id=1;") p="[数据库已加密/请执行修改或查看日志]" pt=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webPort';") pa=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webBasePath';") fi # 4. 规范化路径格式并组装 URL local clean_pa=$(echo "$pa" | sed 's|^/||') echo -e "${CYAN}访问地址: ${BOLD}http://$server_ip:$pt/$clean_pa${PLAIN}" echo -e "${GREEN}用户名: $u 密码: $p${NC}" # 可选:保留原有的详细数据库项显示 echo -e "${BLUE}--------------------------------------------------${PLAIN}" sqlite3 /etc/x-ui/x-ui.db "SELECT '数据库账号: ' || username FROM users WHERE id=1;" fi read -p "按回车返回..." ;; 3) # 1. 检测是否安装 if [ ! -d "/etc/x-ui" ] || [ ! -f "/etc/x-ui/x-ui.db" ]; then echo -e "${RED}检测到系统未安装 原生版 3x-ui,请先执行安装。${NC}" else local OLD_PORT=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webPort';") local OLD_USER=$(sqlite3 /etc/x-ui/x-ui.db "SELECT username FROM users WHERE id=1;") local OLD_PATH=$(sqlite3 /etc/x-ui/x-ui.db "SELECT value FROM settings WHERE key='webBasePath';") echo -e "${YELLOW}开始修改 (留空代表不修改):${NC}" read -p "新用户名 (当前: $OLD_USER): " NEW_USER read -p "新密码 (明文): " NEW_PASS read -p "新端口 (当前: $OLD_PORT): " NEW_PORT read -p "新路径 (当前: $OLD_PATH): " NEW_PATH # 增加静默重定向,不显示 Usage [[ -n "$NEW_PORT" && "$NEW_PORT" != "$OLD_PORT" ]] && /usr/local/x-ui/x-ui setting -port "$NEW_PORT" >/dev/null 2>&1 [[ -n "$NEW_PATH" && "$NEW_PATH" != "$OLD_PATH" ]] && /usr/local/x-ui/x-ui setting -webBasePath "$NEW_PATH" >/dev/null 2>&1 if [[ -n "$NEW_USER" && "$NEW_USER" != "$OLD_USER" ]] || [[ -n "$NEW_PASS" ]]; then [[ -z "$NEW_USER" ]] && NEW_USER=$OLD_USER /usr/local/x-ui/x-ui setting -username "$NEW_USER" -password "${NEW_PASS:-admin}" >/dev/null 2>&1 fi # 同步更新缓存 echo "${NEW_USER:-$OLD_USER}|${NEW_PASS:-admin}|${NEW_PORT:-$OLD_PORT}|${NEW_PATH:-$OLD_PATH}" >"$INFO_CACHE" echo -e "${GREEN}设置已成功更改!正在重启面板及 Xray 核心以生效...${NC}" systemctl restart x-ui >/dev/null 2>&1 /usr/local/x-ui/x-ui restart >/dev/null 2>&1 fi read -p "按回车返回..." ;; 4) read -p "确认完全卸载原生 3x-ui 吗?(y/n): " confirm if [[ "$confirm" == "y" ]]; then /usr/local/x-ui/x-ui stop >/dev/null 2>&1 && /usr/local/x-ui/x-ui uninstall >/dev/null 2>&1 rm -rf /etc/x-ui /usr/local/x-ui /usr/bin/x-ui rm -f "$INFO_CACHE" echo -e "${GREEN}卸载完成。${NC}" sleep 1 return fi ;; 0) return ;; esac done } # --- 4.3 3x-ui 综合入口菜单 --- manage_xui_all_menu() { while true; do clear printf "${BLUE}==================================================${PLAIN}\n" printf " ${PURPLE}${BOLD}3x-ui 综合管理面板${PLAIN}\n" printf "${BLUE}==================================================${PLAIN}\n" printf " ${CYAN}1.${PLAIN} 管理 原生版 3x-ui ${YELLOW}(无域名时:选择这个)${PLAIN}\n" printf " ${CYAN}2.${PLAIN} 管理 域名版 3x-ui ${YELLOW}(有域名时:一键脚本版)${PLAIN}\n" printf " ${CYAN}3.${PLAIN} 管理 Docker版3x-ui ${YELLOW}(有域名时: docker版)${PLAIN}\n" printf " ${BOLD}0. 返回首页菜单${PLAIN}\n" draw_line read -p "请输入数字 [0-3]: " xuiopt case "$xuiopt" in 1) manage_native_xui_submenu ;; 2) manage_3xui ;; # 调用你原有的域名管理逻辑 3) manage_docker_3xui ;; # 调用你原有的 Docker 管理逻辑 0) return 0 ;; *) echo -e "${RED}输入错误!${NC}" && sleep 1 ;; esac done } # 首页选项:完全卸载逻辑 uninstall_all_script() { read -p "确认完全卸载本脚本和快捷命令?(y/n): " confirm if [[ "$confirm" == "y" ]]; then rm -f /usr/local/bin/w "$SCRIPT_PATH" echo -e "${GREEN}脚本及其快捷命令已移除。${NC}" exit 0 fi } # IP与网络质量检测 ip_check() { # [新增] 依赖检测与安装 # 检查并安装 curl if ! command -v curl >/dev/null 2>&1; then echo -e "${YELLOW}正在安装必要依赖 curl...${NC}" if command -v apt-get >/dev/null 2>&1; then apt-get update && apt-get install -y curl elif command -v yum >/dev/null 2>&1; then yum install -y curl fi fi while true; do clear printf "${BLUE}==================================================${PLAIN}\n" printf " ${PURPLE}${BOLD}IP与网络质量检测${PLAIN}\n" printf "${BLUE}==================================================${PLAIN}\n" printf " ${CYAN}1.${PLAIN} IP质量检测 ${PLAIN}\n" printf " ${CYAN}2.${PLAIN} 网络线路质量检测 ${PLAIN}\n" printf " ${BOLD}0. 返回首页菜单${PLAIN}\n" draw_line read -p "请输入数字 [0-2]: " xuiopt case "$xuiopt" in 1) clear # 执行测试 bash <(curl -Ls IP.Check.Place) # [修复漏洞] 增加停留提示 echo -e "\n${GREEN}测试已完成。${NC}" read -p "按回车键返回菜单..." ;; 2) clear # 执行测试 bash <(curl -sL Net.Check.Place) # [修复漏洞] 增加停留提示 echo -e "\n${GREEN}测试已完成。${NC}" read -p "按回车键返回菜单..." ;; 0) return 0 ;; *) echo -e "${RED}输入错误!${NC}" && sleep 1 ;; esac done } # ================================================== # --- 9. 主循环菜单 (最终首页结构) --- # ================================================== while true; do clear echo -e "${GREEN}==============================${NC}" echo -e "${GREEN} Web 运维管理综合脚本 ${NC}" echo -e "${GREEN} bash <(curl -sL web.oping.de)${NC}" echo -e "${GREEN} 快捷命令: w ${NC}" echo -e "${GREEN}==============================${NC}" echo -e "1. 一键安装 Docker 环境" echo -e "2. ${YELLOW}域名反代管理中心 (Nginx/Caddy)${NC}" echo -e "3. ${YELLOW}3x-ui 综合管理面板${NC}" echo -e "4. IP与网络质量检测" echo -e "5. Rsync 文件一键同步工具" echo -e "6. TCP 网络深度调优与 BBR" echo -e "7. Realm 端口转发管理面板" echo -e "8. ${CYAN}检查并同步最新版脚本${NC}" echo -e "9. ${RED}一键卸载本脚本及快捷命令${NC}" echo -e "0. 退出脚本" echo -e "${GREEN}==============================${NC}" read -p "请输入数字 [0-8]: " num case "$num" in 1) install_docker echo -e "\n${YELLOW}回车返回...${NC}" read -n 1 ;; 2) manage_web_proxy_menu ;; 3) manage_xui_all_menu ;; 4) ip_check ;; 5) rsync_tool ;; 6) manage_tcp_tune ;; 7) manage_realm ;; 8) check_update ;; 9) uninstall_all_script ;; 0) exit 0 ;; *) echo -e "${RED}非法输入!${NC}" sleep 1 ;; esac done