5685b869dc
Add empty short_id, SpiderX in share links, and post-keygen render reminder so server config stays in sync with .env. Co-authored-by: Cursor <cursoragent@cursor.com>
76 lines
2.7 KiB
Bash
76 lines
2.7 KiB
Bash
#!/usr/bin/env bash
|
|
# 生成 Reality 密钥;若 .env 无面板密码则一并生成
|
|
set -euo pipefail
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
ROOT_DIR="$(dirname "$SCRIPT_DIR")"
|
|
ENV_FILE="${ROOT_DIR}/.env"
|
|
|
|
if ! command -v sing-box &>/dev/null; then
|
|
echo "sing-box 未安装,使用临时下载..." >&2
|
|
TMP="$(mktemp -d)"
|
|
ARCH="$(uname -m)"
|
|
case "$ARCH" in
|
|
x86_64) SB_ARCH="amd64" ;;
|
|
aarch64) SB_ARCH="arm64" ;;
|
|
*) echo "不支持的架构: $ARCH" >&2; exit 1 ;;
|
|
esac
|
|
curl -fsSL "https://github.com/SagerNet/sing-box/releases/download/v1.11.0/sing-box-1.11.0-linux-${SB_ARCH}.tar.gz" \
|
|
| tar -xz -C "$TMP" --strip-components=1
|
|
SB="$TMP/sing-box"
|
|
else
|
|
SB="sing-box"
|
|
fi
|
|
|
|
KEYPAIR="$("$SB" generate reality-keypair)"
|
|
REALITY_PRIVATE_KEY="$(echo "$KEYPAIR" | grep 'PrivateKey:' | awk '{print $2}')"
|
|
REALITY_PUBLIC_KEY="$(echo "$KEYPAIR" | grep 'PublicKey:' | awk '{print $2}')"
|
|
REALITY_SHORT_ID="$("$SB" generate rand --hex 8)"
|
|
|
|
GENERATE_PANEL_PASSWORD=1
|
|
if [[ -f "$ENV_FILE" ]] && grep -q "^PANEL_PASSWORD=.\+" "$ENV_FILE" 2>/dev/null; then
|
|
GENERATE_PANEL_PASSWORD=0
|
|
PANEL_PASSWORD="$(grep "^PANEL_PASSWORD=" "$ENV_FILE" | cut -d= -f2-)"
|
|
fi
|
|
if (( GENERATE_PANEL_PASSWORD )); then
|
|
PANEL_PASSWORD="$("$SB" generate rand --base64 32 | tr -d '/+=' | head -c 20)"
|
|
fi
|
|
|
|
echo "========== 生成的密钥 =========="
|
|
echo "REALITY_PRIVATE_KEY: $REALITY_PRIVATE_KEY"
|
|
echo "REALITY_PUBLIC_KEY: $REALITY_PUBLIC_KEY"
|
|
echo "REALITY_SHORT_ID: $REALITY_SHORT_ID"
|
|
if (( GENERATE_PANEL_PASSWORD )); then
|
|
echo "PANEL_PASSWORD: $PANEL_PASSWORD"
|
|
else
|
|
echo "PANEL_PASSWORD: (保留 .env 中已有密码,未重新生成)"
|
|
fi
|
|
echo "================================"
|
|
|
|
if [[ -f "$ENV_FILE" ]]; then
|
|
for var in REALITY_PRIVATE_KEY REALITY_PUBLIC_KEY REALITY_SHORT_ID; do
|
|
val="${!var}"
|
|
if grep -q "^${var}=" "$ENV_FILE" 2>/dev/null; then
|
|
sed -i "s|^${var}=.*|${var}=${val}|" "$ENV_FILE"
|
|
else
|
|
echo "${var}=${val}" >> "$ENV_FILE"
|
|
fi
|
|
done
|
|
if (( GENERATE_PANEL_PASSWORD )); then
|
|
if grep -q "^PANEL_PASSWORD=" "$ENV_FILE" 2>/dev/null; then
|
|
sed -i "s|^PANEL_PASSWORD=.*|PANEL_PASSWORD=${PANEL_PASSWORD}|" "$ENV_FILE"
|
|
else
|
|
echo "PANEL_PASSWORD=${PANEL_PASSWORD}" >> "$ENV_FILE"
|
|
fi
|
|
fi
|
|
if ! grep -q "^PANEL_USERNAME=" "$ENV_FILE" 2>/dev/null; then
|
|
echo "PANEL_USERNAME=dekun" >> "$ENV_FILE"
|
|
fi
|
|
echo "已写入 $ENV_FILE"
|
|
echo ""
|
|
echo "重要: 密钥已变更,必须重新生成 sing-box 配置并重启:"
|
|
echo " python3 ${ROOT_DIR}/scripts/render-server.py && systemctl restart sing-box"
|
|
else
|
|
echo "提示: 先复制 .env.example 为 .env 并填写 VPS_IP、DOMAIN 等,再重新运行本脚本" >&2
|
|
fi
|