server/v2ray-server/deploy_v2ray+ss_to_vps

#!/bin/sh

self="$(curl https://raw.githubusercontent.com/zw963/deployment_bash/v0.5.3/deploy_start.sh)" && eval "$self"

export target=$1

function postinstall () {
    set -u
    cat <<HEREDOC > router/v2ray/opt/etc/v2ray.json
// server 部署完成后，自动生成适用于 router 的 v2ray 脚本。
// 记得替换 NEWUUID 为实际生成的数值。
// 然后运行 ./v2ray+dnsmasq+dnscrypt2 admin@router.asus.com 部署到路由器。
{
    "inbounds": [
        {
            "protocol": "dokodemo-door",
            "port": 1080, // 监听端口
            "sniffing": {
                "enabled": true,
                "destOverride": ["http", "tls"]
            },
            "settings": {
                "network": "tcp,udp",
                "followRedirect": true // 这里要为 true 才能接受来自 iptables 的流量
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "vmess", // 出口协议
            "settings": {
                "vnext": [
                    {
                        "address": "${targetip}",
                        "port": 22334,
                        "users": [
                            {
                                "id": "NEWUUID",  // 用户 ID，必须与服务器端配置相同
                                "alterId": 64 // 此处的值也应当与服务器相同
                            }
                        ]
                    }
                ]
            }
        }
    ]
}
HEREDOC
}

if grep -qs -e 'set_yours_password_here' server/v2ray-server/server.json; then
    echo 'v2ray server served as a shadowsocks server too.'
    echo "You must set shadowsocks server password in \`server/v2ray-server/server.json'!"
    exit
fi

copy server/v2ray-server/server.json /etc/v2ray/config.json

deploy_start

# Following code is execute on remote VPS

wget https://install.direct/go.sh
bash go.sh

uuid=$(uuidgen)

replace_string 'NEWUUID' "${uuid}" /etc/v2ray/config.json

cat <<'HEREDOC' > /etc/sysctl.d/99-shadowsocks.conf
fs.file-max=51200

net.core.rmem_max=67108864
net.core.wmem_max=67108864
net.core.netdev_max_backlog=250000
net.core.somaxconn=4096

net.ipv4.tcp_syncookies=1
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_keepalive_time=1200
net.ipv4.ip_local_port_range=10000 65000
net.ipv4.tcp_max_syn_backlog=8192
net.ipv4.tcp_max_tw_buckets=5000
net.ipv4.tcp_mem=25600 51200 102400
net.ipv4.tcp_rmem=4096 87380 67108864
net.ipv4.tcp_wmem=4096 65536 67108864
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_congestion_control=hybla

# 开启内核 fastopen, Linux 3.7 以上支持, 3.13 才默认开启.
# 等价于 echo 3 > /proc/sys/net/ipv4/tcp_fastopen
net.ipv4.tcp_fastopen=3
HEREDOC

if kernel_version_greater_than 4.9; then
    modprobe tcp_bbr && lsmod | grep bbr
    echo "net.core.default_qdisc=fq" >> /etc/sysctl.d/99-shadowsocks.conf
    echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.d/99-shadowsocks.conf
fi

sysctl -p > /dev/null

# test bbr is enabled
# sysctl net.ipv4.tcp_available_congestion_control |grep bbr
# sysctl -n net.ipv4.tcp_congestion_control |grep bbr

mkdir -p /var/log/v2ray

if [[ -e /etc/redhat-release && $(cat /etc/redhat-release) =~ CentOS ]]; then
    systemctl enable v2ray
    systemctl restart v2ray
    systemctl status v2ray
elif [[ $(cat /etc/issue) =~ Ubuntu|Mint|Deepin ]]; then
    systemctl enable v2ray
    systemctl restart v2ray
    systemctl status v2ray
fi

v2ray_port=$(cat /etc/v2ray/config.json |grep '"inbounds"' -A10 |grep '"protocol" *: *"vmess"' -A3 |grep '"port"' |grep -o '[0-9]*')
ss_port=$(cat /etc/v2ray/config.json |grep '"inbounds"' -A20 |grep '"protocol" *: *"shadowsocks"' -A3 |grep '"port"' |grep -o '[0-9]*')
expose_port $v2ray_port
expose_port $ss_port

ss_encrypt_method=$(cat /etc/v2ray/config.json |grep '"inbounds"' -A30 |grep '"protocol" *: *"shadowsocks"' -A10 |grep '"method"'|cut -d':' -f2|cut -d'"' -f2)
ss_password=$(cat /etc/v2ray/config.json |grep '"inbounds"' -A30 |grep '"protocol" *: *"shadowsocks"' -A10 |grep '"password"'|cut -d':' -f2|cut -d'"' -f2)

echo "Your's server ip: [0m[33m${targetip}[0m"
echo "Your's v2ray port: [0m[33m${v2ray_port}[0m"
echo "Please replace [0m[33mNEWUUID[0m in router/v2ray/opt/etc/v2ray.json with [0m[33m${uuid}[0m before deploy on router."
echo
echo "Your's shadowsocks port: [0m[33m${ss_port}[0m"
echo "Your's shadowsocks encrypt method: [0m[33m${ss_encrypt_method}[0m"
echo "Your's shadowsocks password: [0m[33m${ss_password}[0m"