修改打印,修改acme安装缺少组件,新增web和nginx

2024-09-25 00:51:25 +08:00 · 2024-09-25 00:51:25 +08:00 · 71444c16ec
commit 71444c16ec
parent 1dc291725b
9 changed files with 260 additions and 18 deletions
--- a/Config/Other/Language_set.sh
+++ b/Config/Other/Language_set.sh
@ -1,5 +1,6 @@
 #!/bin/bash
 declare lang
+echo "========$(basename $0 .sh)========"
 echo "1.中文"
 echo "2.英文"
 read -p "请输入：" lang
--- a/Config/Other/Reinstall.sh
+++ b/Config/Other/Reinstall.sh
@ -1,6 +1,7 @@
 #!/bin/bash
 declare pick
 declare server
+echo "========$(basename $0 .sh)========"
 echo "请选择下载服务器"
 echo "1.国内服务器"
 echo "2.国外服务器(默认)"
--- a/Config/User/key.sh
+++ b/Config/User/key.sh
@ -1,10 +1,9 @@
 #!/bin/bash
-echo "========key========"
+echo "========$(basename $0 .sh)========"
 echo "1.生成密钥"
 echo "2.安装密钥"
 echo "输入其他返回主页"
 declare pick
-echo "========key========"
 read -p "请输入要选择的命令：" pick

 function open_key() {
--- a/Config/User/ssh.sh
+++ b/Config/User/ssh.sh
@ -1,10 +1,9 @@
 #!/bin/bash
 declare pick
-echo "========ssh========"
+echo "========$(basename $0 .sh)========"
 echo "1.更换ssh端口"
 echo "2.修改ssh登录方式"
 echo "任意输入返回主菜单"
-echo "========ssh========"
 read -p "请输入要使用的功能：" pick

 case $pick in
--- a/Config/User/user.sh
+++ b/Config/User/user.sh
@ -1,13 +1,12 @@
 #!/bin/bash

 declare pick
-echo "========user========"
+echo "========$(basename $0 .sh)========"
 echo "1.新建用户"
 echo "2.查看所有用户"
 echo "3.删除用户"
 echo "4.修改用户密码"
 echo "任意输入返回主菜单"
-echo "========user========"
 read -p "请输入要使用的功能：" pick

 case $pick in
@ -86,18 +85,18 @@ case $pick in
 '4')
  declare password
  declare user_name
-  read -p "请输入需要修改密码的用户" user_name
-  if ! id $user_name;then
+  read -p "请输入需要修改密码的用户：" user_name
+  if ! id $user_name &> /dev/null;then
    echo "系统内没有该用户"
    exit
  fi
-  read -p "请输入${user_name}密码：" password
+  read -p "请输入${user_name}需要修改的密码：" password
  echo "${user_name}:${password}" |chpasswd
  if [[ ${user_name} == "root" ]]; then
      sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
  fi
  sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /etc/ssh/sshd_config
  systemctl restart sshd.service
-  echo "修改成功,用户${user_name}密码为：${password}"
+  echo "修改成功,用户${user_name}的密码为：${password}"
  ;;
 esac
--- a/Config/Other/acme_ssl.sh
+++ b/Config/Other/acme_ssl.sh
@ -1,5 +1,21 @@
 #!/bin/bash

+if ! command -v socat &> /dev/null; then
+    if [[ -f "/usr/bin/apt-get" ]];then
+      apt-get update -y
+      apt-get install socat -y
+    elif [[ -f "/usr/bin/apt" ]];then
+      apt update -y
+      apt install socat -y
+    elif [[ -f "/usr/bin/pacman" ]];then
+      pacman -Syu --noconfirm
+      pacman -Sy --noconfirm socat
+    else
+      echo "socat未安装"
+      exit
+    fi
+fi
+
 if [[ ! -f "${HOME}/.acme.sh/acme.sh" ]];then
  rm -rf ${HOME}/.acme.sh
  declare mail
@ -38,13 +54,20 @@ read -p "请选择验证模式：" pick_mode

 case $pick_mode in
 '1')
-    declare pick_start
+    declare mode
+    if ! command -v nginx &> /dev/null; then
+      mode="nginx"
+    elif ! command -v apache &> /dev/null; then
+      mode="apache"
+    else
+      mode="standalone"
+    fi
    echo "请到服务器将80和443端口开启,将域名解析到本机"
    read -p "解析完成请输入 y：" pick_start
    if [[ ! $pick_start =~ [Yy] ]];then
      exit
    fi
-    eval "${HOME}/.acme.sh/acme.sh --issue $domain_str --standalone"
+    eval "${HOME}/.acme.sh/acme.sh --issue ${domain_str} --${mode}"
  ;;
 '2')
  declare pick=0
--- a/Config/Web/nginx.sh
+++ b/Config/Web/nginx.sh
@ -0,0 +1,200 @@
+#!/bin/bash
+
+if ! command -v nginx &> /dev/null; then
+    if [[ -f "/usr/bin/apt-get" ]];then
+      apt-get update -y
+      apt-get install nginx -y
+    elif [[ -f "/usr/bin/apt" ]];then
+      apt update -y
+      apt install nginx -y
+    elif [[ -f "/usr/bin/pacman" ]];then
+      pacman -Syu --noconfirm
+      pacman -Sy --noconfirm nginx
+    else
+      echo "nginx未安装"
+      exit
+    fi
+fi
+
+declare pick
+echo "========$(basename $0 .sh)========"
+echo "1.新增站点配置文件"
+echo "2.查看已有站点配置文件"
+echo "3.删除站点配置文件"
+read -p "请选择：" pick
+case $pcik in
+'1')
+  declare domain
+  read -p "请输入要绑定的域名多个用 空格 隔开：" domain
+
+  declare ssl_certificate
+  declare ssl_certificate_key
+  declare ssl_domain=${echo "${domain}" | awk '{print $1}'}
+
+  declare ssl_pick=""
+  echo "ssl证书地址"
+  echo "1.立即申请（默认）"
+  echo "2.手动输入"
+  read -p "请选择" pick
+  if [[ $pick == 2 ]]; then
+      echo "证书,默认 ${HOME}/.acme.sh/${ssl_domain}_ecc/fullchain.cer"
+      read -p "请输入证书地址：" ssl_certificate
+      if [[ -z $ssl_certificate ]];then
+        ssl_certificate="${HOME}/.acme.sh/${ssl_domain}_ecc/fullchain.cer"
+      fi
+      echo "密钥,默认 ${HOME}/.acme.sh/${ssl_domain}_ecc/${ssl_domain}.key"
+
+      read -p "请输入密钥地址：" ssl_certificate_key
+      if [[ -z $ssl_certificate_key ]];then
+        ssl_certificate_key="${HOME}/.acme.sh/${ssl_domain}_ecc/${ssl_domain}.key"
+      fi
+  else
+    declare
+    echo "1.acme（默认）"
+    read -p "请输入：" ssl_pick
+    if [[ -z $ssl_pick || $ssl_pick == 1 ]];then
+      ssl_pick=1
+      ssl_certificate="${HOME}/.acme.sh/${ssl_domain}_ecc/fullchain.cer"
+      ssl_certificate_key="${HOME}/.acme.sh/${ssl_domain}_ecc/${ssl_domain}.key"
+    fi
+  fi
+  declare name
+  read -p "请输入配置文件名,默认为网址：" name
+  if [[ -z $name ]]; then
+      name=$ssl_domain
+  fi
+
+  echo "工作方式"
+  echo "1.反向代理（默认）"
+  echo "2.静态文件"
+  read -p "请选择：" pick
+  declare path
+  declare mode_pick
+  if [[ $pick == 2 ]]; then
+    read -p "请输入要代理的站点路径,如果只输入数字代表端口：" path
+    if [[ $path =~ [0-9]+ ]]; then
+        path="http://127.0.0.1:${path}"
+    fi
+    cat >> "/etc/nginx/sites-available/${name}.conf" << EOF
+server {
+    listen 443 ssl http2;  # 监听 443 端口，并启用 HTTP/2
+    server_name ${domain};  # 替换为你的域名
+
+    # SSL 证书配置
+    ssl_certificate ${ssl_certificate};  # 证书文件路径
+    ssl_certificate_key ${ssl_certificate_key};  # 证书密钥文件路径
+    ssl_protocols TLSv1.2 TLSv1.3;  # 使用安全的 TLS 协议版本
+    ssl_ciphers HIGH:!aNULL:!MD5;  # 安全密码套件
+    ssl_prefer_server_ciphers on;
+
+    # 启用 SSL session 缓存和超时设置
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+
+    # 强制使用 HTTPS (HSTS)
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+    # 日志设置
+    access_log /var/log/nginx/example.com_access.log;
+    error_log /var/log/nginx/example.com_error.log;
+
+    # 反向代理到后台应用
+    location / {
+        proxy_pass ${path};  # 反向代理到后端应用服务器
+        proxy_set_header Host \$host;  # 保持原始主机头
+        proxy_set_header X-Real-IP \$remote_addr;  # 传递客户端的真实 IP
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;  # 传递代理链中的 IP
+        proxy_set_header X-Forwarded-Proto \$scheme;  # 传递协议（HTTP 或 HTTPS）
+
+        # 防止后端服务器返回不安全的内容
+        proxy_redirect off;
+
+        # 超时时间配置
+        proxy_connect_timeout 60s;
+        proxy_send_timeout 60s;
+        proxy_read_timeout 60s;
+        send_timeout 60s;
+    }
+
+    # 错误页面配置
+    error_page 502 /502.html;
+    location = /502.html {
+        root /usr/share/nginx/html;  # 错误页面路径
+    }
+}
+
+# HTTP 到 HTTPS 重定向
+server {
+    listen 80;  # 监听 HTTP 80 端口
+    server_name ${domain};  # 替换为你的域名
+
+    # 将所有 HTTP 请求重定向到 HTTPS
+    return 301 https://\$host\$request_uri;
+}
+EOF
+  else
+    read -p "请输入后端服务器的地址" path
+    cat >> "/etc/nginx/sites-available/${name}.conf" << EOF
+server {
+    listen 443 ssl;  # 监听 443 端口并启用 SSL
+    server_name ${domain};  # 替换为你的域名
+
+    # SSL 证书配置
+    ssl_certificate ${ssl_certificate};  # 证书文件路径
+    ssl_certificate_key ${ssl_certificate_key};  # 证书密钥文件路径
+    ssl_protocols TLSv1.2 TLSv1.3;  # 仅使用安全的 TLS 协议版本
+    ssl_ciphers HIGH:!aNULL:!MD5;  # 安全的密码套件
+    ssl_prefer_server_ciphers on;  # 优先使用服务器的密码套件
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+
+    # HTTP/2 支持（可选）
+    listen 443 ssl http2;
+
+    # HSTS（HTTP 严格传输安全）强制浏览器使用 HTTPS
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+    # 静态文件目录
+    root ${path};
+    index index.html index.htm;
+
+    # 日志
+    access_log /var/log/nginx/example.com_access.log;
+    error_log /var/log/nginx/example.com_error.log;
+
+    # 默认处理
+    location / {
+        try_files \$uri \$uri/ =404;
+    }
+
+    # 防止访问隐藏文件（如 .git）
+    location ~ /\. {
+        deny all;
+    }
+
+    # 错误页面配置
+    error_page 404 /404.html;
+    location = /404.html {
+        root /var/www/example.com/html;
+    }
+}
+
+# HTTP 到 HTTPS 重定向
+server {
+    listen 80;  # 监听 80 端口
+    server_name ${domain};
+
+    # 将所有 HTTP 请求重定向到 HTTPS
+    return 301 https://\$host\$request_uri;
+}
+EOF
+  fi
+  case $ssl_pick in
+  1)
+    ./acme
+    ;;
+  esac
+  nginx -s reload
+  echo "配置成功"
+  ;;
+esac
--- a/Menus/Docker.sh
+++ b/Menus/Docker.sh
@ -11,7 +11,7 @@ declare pick_array
 declare pick_number=6
 declare pick

-echo "========Docker========"
+echo "========$(basename $0 .sh)========"
 echo "1.换源"
 echo "2.清除所有未使用镜像"
 echo "-----一键搭建软件-----"
@ -22,7 +22,6 @@ for i in "${path_script}/Config/${file_name}"/*;do
 done
 echo "-----一键搭建软件-----"
 echo "任意输入返回主菜单"
-echo "========Docker========"
 read -p "请输入要使用的功能：" pick

 clear
@ -42,9 +41,9 @@ if [[ $pick == '1' ]];then
    read -p "请输入要选择的镜像,也可直接输入镜像网站：" img_pick
    if [[ -z $img_pick ]];then
      declare url='https://docker.m.daocloud.io'
-    elif [[ $img_pick =~ ^[http] ]];then
+    elif [[ $img_pick =~ [\w\.]+ ]];then
      declare url=$img_pick
-    elif [[ ${img_pick} -le 0 || ${img_pick} -ge ${!img_dick[*]} ]];then
+    elif [[ ${img_pick} =~ [1-${!img_dick[*]}]  ]];then
      img_pick=${img_number[$img_pick]}
      declare url=${img_dick[$img_pick]}
    else
@ -52,13 +51,13 @@ if [[ $pick == '1' ]];then
      exit
    fi
    echo "{\"registry-mirrors\": [\"${url}\"]}" > "/etc/docker/daemon.json"
-    systemctl restart docker 2>> /dev/null|| echo "docker 重启失败"
+    systemctl restart docker 2>> /dev/null|| echo "docker 重启失败"&&exit
    echo "换源成功"

 elif [[ $pick == '2' ]];then
  docker system prune -af
  echo "清理完成"
-elif [[ "${pick}" -gt "$((${pick_number}-${#pick_array[*]}))" && "${pick}" -le "${pick_number}" ]];then
+elif [[ "${pick}" =~ [${pick_number}-${#pick_array[*]}] ]];then
    declare file_path
    read -p "请输入软件储存位置,默认 /var/www/${pick_array[${pick}]} ："  file_path
    if [[ -z ${file_path}  ]];then
--- a/Menus/Web.sh
+++ b/Menus/Web.sh
@ -0,0 +1,21 @@
+#!/bin/bash
+
+declare path_script=$1
+declare file_name=$(basename $0 .sh)
+
+declare print_array
+declare print_number=0
+declare pick
+
+echo "========Web========"
+for i in "${path_script}/Config/${file_name}"/*;do
+    print_number=$((print_number + 1))
+    print_array[$print_number]=$(awk -F '.' '{print $1}' <<< "$(basename $i)")
+    echo "${print_number}.${print_array[$print_number]}"
+done
+echo "========Web========"
+read -p "请输入要使用的功能：" pick
+
+if [[ "${pick}" =~ [1-${#print_array[*]}] ]];then
+  bash "${path_script}/Config/${file_name}/${print_array[${pick}]}.sh"
+fi