joywaygamess/server-deploy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加vps-xray部署相关脚本

Browse Source
This commit is contained in:
Joywayer
2026-04-08 15:19:49 +08:00
parent e0d8c09bb9
commit 18949f31ba
5 changed files with 921 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
vps-xray/.env.example Normal file
View File

@@ -0,0 +1,16 @@
# Xray 部署配置模板
# deploy.sh 运行后会自动生成 .env通常无需手动创建
# 如需预配置,复制此文件为 .env 后修改
# 部署模式: reality (推荐) / fast
# XRAY_MODE=reality
# 监听端口(默认 443建议不改
# XRAY_PORT=443
# Reality 伪装目标(留空则自动选择延迟最低的)
# REALITY_DEST=www.microsoft.com
# REALITY_SNI=www.microsoft.com
# 备份目录
# BACKUP_DIR=/var/backups/xray

264
vps-xray/README.md Normal file
View File

@@ -0,0 +1,264 @@
# Xray VPS 部署指南
> 一键部署 Xray 代理,支持 VLESS-Reality抗封锁和 VLESS TCP极速两种模式。无需域名和证书。
## 功能特性
- 两种部署模式可选Reality推荐/ Fast TCP
- 自动安装 Xray + 生成密钥 + 配置防火墙
- BBR 拥塞控制 + TCP 深度调优
- 自动选择延迟最低的 Reality 伪装目标
- 部署完成自动输出 VLESS 分享链接
- 一键备份 / 卸载脚本
## 模式对比
| 特性 | Reality推荐 | Fast TCP |
|------|-----------------|----------|
| **加密** | Reality TLS 1.3 | 无,明文传输 |
| **抗检测** | 伪装为真实 HTTPS 流量 | 极易被 DPI 识别 |
| **需要域名** | 否 | 否 |
| **需要证书** | 否 | 否 |
| **速度** | Vision 流控避免双重加密,差距 < 5% | 裸 TCP 无开销,理论最快 |
| **被封风险** | 极低 | 极高 |
## 技术栈
| 组件 | 说明 |
|------|------|
| Xray | VLESS 代理核心 |
| BBR | TCP 拥塞控制算法 |
| ufw / firewalld | 防火墙 |
## 前置条件
1. 一台境外 Linux VPSDebian 12 推荐)
2. root 权限
3. 服务器 443 端口可从外网访问
### 推荐配置
| 项目 | 最低 | 推荐 |
|------|------|------|
| CPU | 1 核 | 1 核 |
| 内存 | 256 MB | 512 MB |
| 硬盘 | 5 GB | 10 GB |
| 带宽 | 200 Mbps | 1 Gbps |
| 流量 | 500 GB/月 | 1 TB+/月 |
| 位置 | — | 日本 / 新加坡 / 美西 |
## 目录结构
```
vps-xray/
├── deploy.sh # 一键部署脚本
├── backup.sh # 备份脚本
├── uninstall.sh # 完全卸载脚本
├── .env.example # 配置模板
├── README.md # 本文件
├── vps-xray-optimized.md # Reality 方案详细文档
└── vps-xray-fast.md # Fast TCP 方案详细文档
```
服务器上的文件位置:
```
/usr/local/bin/xray # Xray 可执行文件
/usr/local/etc/xray/config.json # Xray 配置文件
/etc/sysctl.d/99-xray-turbo.conf # 网络调优参数
/var/backups/xray/ # 备份文件
```
## 快速部署
### 第一步:上传文件到 VPS
```bash
scp -r vps-xray/ root@<VPS_IP>:/opt/vps-xray
```
### 第二步:登录 VPS 执行部署
```bash
ssh root@<VPS_IP>
cd /opt/vps-xray
# Reality 模式部署(推荐)
bash deploy.sh
# 或者 Fast TCP 模式
bash deploy.sh --mode fast
```
部署完成后会输出:
- 连接参数IP、端口、UUID、密钥等
- VLESS 分享链接(可直接导入客户端)
> **⚠️ 请妥善保存输出的连接信息!密钥仅显示一次。**凭据同时保存在 `/opt/vps-xray/.env` 中。
### 第三步:客户端配置
将部署脚本输出的 `vless://` 链接导入客户端即可:
| 平台 | 推荐客户端 |
|------|-----------|
| Windows | v2rayN6.x+ |
| macOS | V2BOX / NekoRay |
| iOS | Shadowrocket / Streisand |
| Android | v2rayNG |
详细的 Clash Meta / Sing-Box 配置参见 [vps-xray-optimized.md](vps-xray-optimized.md)。
## 日常运维
### 查看状态 / 日志
```bash
systemctl status xray
journalctl -u xray -f
journalctl -u xray --tail 100
```
### 备份
```bash
cd /opt/vps-xray
bash backup.sh
```
备份内容包括:
- Xray 配置文件(`config.json`
- 部署配置(`.env` + 脚本)
- 网络调优参数
备份文件保存在 `/var/backups/xray/`,自动清理 30 天前的旧备份。
### 恢复备份
```bash
# 查看可用备份
ls /var/backups/xray/
# 恢复 Xray 配置
tar xzf /var/backups/xray/xray_config_<日期>.tar.gz -C /usr/local/etc/
# 恢复网络调优
cp /var/backups/xray/sysctl_<日期>.conf /etc/sysctl.d/99-xray-turbo.conf
sysctl --system
# 重启服务
systemctl restart xray
```
### 更新 Xray
```bash
# 备份当前配置
cd /opt/vps-xray && bash backup.sh
# 更新 Xray 核心(配置文件保留)
bash <(curl -fsSL https://raw.githubusercontent.com/XTLS/Xray-install/main/install-release.sh)
# 重启服务
systemctl restart xray
```
### 重启 / 停止
```bash
systemctl restart xray # 重启
systemctl stop xray # 停止
systemctl start xray # 启动
```
### 验证
```bash
# 确认 BBR 启用
sysctl net.ipv4.tcp_congestion_control
# 确认端口监听
ss -tlnp | grep 443
# 测试配置语法
/usr/local/bin/xray run -test -config /usr/local/etc/xray/config.json
```
## 完全卸载
```bash
cd /opt/vps-xray
bash uninstall.sh
```
脚本会**交互式确认**每个危险操作:
| 步骤 | 操作 | 确认方式 |
|------|------|----------|
| 0 | 卸载前备份(可选) | y/N |
| 1 | 停止并禁用 Xray 服务 | 输入 YES |
| 2 | 卸载 Xray 程序 + 删除配置 | 自动 |
| 3 | 移除网络调优配置 | 自动 |
| 4 | 关闭防火墙端口 | 自动 |
| 5 | 删除部署目录 `/opt/vps-xray` | y/N |
**备份目录 `/var/backups/xray/` 始终保留**
## 多用户
在 Xray 配置的 `clients` 数组中添加更多用户:
```bash
vi /usr/local/etc/xray/config.json
```
```json
"clients": [
{ "id": "原始-uuid", "flow": "xtls-rprx-vision" },
{ "id": "新用户-uuid", "flow": "xtls-rprx-vision" }
]
```
生成新 UUID`cat /proc/sys/kernel/random/uuid`
修改后重启:`systemctl restart xray`
## 故障排查
### 客户端连接失败
```bash
# 确认 Xray 运行
systemctl status xray
# 确认端口监听
ss -tlnp | grep 443
# 查看错误日志
journalctl -u xray --tail 50
```
### 速度慢
```bash
# 确认 BBR 启用
sysctl net.ipv4.tcp_congestion_control
# 应输出: net.ipv4.tcp_congestion_control = bbr
# 确认网络调优生效
sysctl net.core.rmem_max
# 应输出: net.core.rmem_max = 16777216
```
### IP 被封
Reality 能大幅降低被封概率,但如果 IP 已被墙:
1. 更换 VPS IP
2. 重新部署:`bash deploy.sh`
## 安全说明
- `PrivateKey` 只存在服务端配置中,切勿泄露
- `PublicKey` 是客户端参数,可公开
- `.env` 文件权限已设为 600仅 root 可读)
- BT 流量已在路由规则中屏蔽,降低 VPS 被投诉风险

62
vps-xray/backup.sh Normal file
View File

@@ -0,0 +1,62 @@
#!/usr/bin/env bash
set -euo pipefail
# ============================================
# Xray 备份脚本
# 备份内容Xray 配置 + .env 凭据 + 网络调优
# 定时执行: crontab -e → 0 3 * * 0 /opt/vps-xray/backup.sh
# ============================================
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "$SCRIPT_DIR"
# 加载配置
if [ -f .env ]; then
sed -i 's/\r$//' .env
set -a; source .env; set +a
fi
BACKUP_DIR="${BACKUP_DIR:-/var/backups/xray}"
DATE=$(date +%Y%m%d_%H%M%S)
KEEP_DAYS=30
log() { echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*"; }
mkdir -p "$BACKUP_DIR"
# 1. 备份 Xray 配置
log "正在备份 Xray 配置..."
if [ -f /usr/local/etc/xray/config.json ]; then
tar czf "${BACKUP_DIR}/xray_config_${DATE}.tar.gz" \
-C /usr/local/etc xray/
log "Xray 配置备份完成: xray_config_${DATE}.tar.gz"
else
log "警告: Xray 配置文件不存在,跳过"
fi
# 2. 备份部署配置(.env + 脚本)
log "正在备份部署配置..."
tar czf "${BACKUP_DIR}/deploy_config_${DATE}.tar.gz" \
-C "$SCRIPT_DIR" \
$(ls .env deploy.sh backup.sh uninstall.sh 2>/dev/null)
log "部署配置备份完成: deploy_config_${DATE}.tar.gz"
# 3. 备份网络调优配置
if [ -f /etc/sysctl.d/99-xray-turbo.conf ]; then
log "正在备份网络调优配置..."
cp /etc/sysctl.d/99-xray-turbo.conf "${BACKUP_DIR}/sysctl_${DATE}.conf"
log "网络调优备份完成: sysctl_${DATE}.conf"
fi
# 4. 清理过期备份
log "清理 ${KEEP_DAYS} 天前的备份..."
deleted=$(find "$BACKUP_DIR" -type f -mtime +${KEEP_DAYS} -print -delete | wc -l)
log "已清理 ${deleted} 个过期文件"
# 5. 输出备份摘要
echo ""
log "===== 备份完成 ====="
log "备份目录: ${BACKUP_DIR}/"
ls -lh "${BACKUP_DIR}/"*"${DATE}"* 2>/dev/null || true
echo ""
log "总备份空间占用: $(du -sh "${BACKUP_DIR}" | cut -f1)"

433
vps-xray/deploy.sh Normal file
View File

@@ -0,0 +1,433 @@
#!/usr/bin/env bash
set -euo pipefail
# ============================================
# Xray VPS 一键部署脚本
# 支持模式reality (VLESS-Reality) / fast (VLESS TCP 无 TLS)
# 适用于 Debian 11+ / Ubuntu 20.04+
# ============================================
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "$SCRIPT_DIR"
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
NC='\033[0m'
log() { echo -e "${GREEN}[INFO]${NC} $*"; }
warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
error() { echo -e "${RED}[ERROR]${NC} $*" >&2; }
step() { echo -e "\n${CYAN}========== $* ==========${NC}"; }
# ===== 使用说明 =====
usage() {
echo "用法: bash deploy.sh [选项]"
echo ""
echo "选项:"
echo " --mode reality VLESS-Reality 模式(默认,推荐,抗封锁)"
echo " --mode fast VLESS TCP 模式(无 TLS极速但易被检测"
echo " -h, --help 显示帮助"
exit 0
}
# ===== 解析参数 =====
MODE="reality"
while [[ $# -gt 0 ]]; do
case $1 in
--mode) MODE="$2"; shift 2 ;;
-h|--help) usage ;;
*) error "未知参数: $1"; usage ;;
esac
done
if [[ "$MODE" != "reality" && "$MODE" != "fast" ]]; then
error "无效模式: $MODE(支持 reality / fast"
exit 1
fi
# ===== 检查 root =====
if [ "$(id -u)" -ne 0 ]; then
error "请使用 root 用户运行: sudo bash deploy.sh"
exit 1
fi
# ===== 加载现有配置(如存在)=====
if [ -f .env ]; then
sed -i 's/\r$//' .env
set -a; source .env; set +a
fi
XRAY_PORT="${XRAY_PORT:-443}"
# ===== 1. 安装 Xray =====
install_xray() {
step "1/5 安装 Xray"
if command -v xray &>/dev/null || [ -x /usr/local/bin/xray ]; then
log "Xray 已安装: $(/usr/local/bin/xray version | head -1)"
log "将更新到最新版本..."
fi
bash <(curl -fsSL https://raw.githubusercontent.com/XTLS/Xray-install/main/install-release.sh)
log "Xray 安装完成: $(/usr/local/bin/xray version | head -1)"
}
# ===== 2. 生成密钥 =====
generate_keys() {
step "2/5 生成密钥"
XRAY_UUID=$(cat /proc/sys/kernel/random/uuid)
log "UUID: ${XRAY_UUID}"
if [ "$MODE" = "reality" ]; then
local keys
keys=$(/usr/local/bin/xray x25519 2>&1)
XRAY_PRIVATE_KEY=$(echo "$keys" | grep -i 'private' | awk -F': ' '{print $2}' | tr -d '[:space:]')
XRAY_PUBLIC_KEY=$(echo "$keys" | grep -i 'public' | awk -F': ' '{print $2}' | tr -d '[:space:]')
XRAY_SHORT_ID=$(openssl rand -hex 8)
if [ -z "$XRAY_PRIVATE_KEY" ] || [ -z "$XRAY_PUBLIC_KEY" ]; then
error "密钥生成失败xray x25519 输出:"
echo "$keys"
exit 1
fi
log "x25519 密钥对已生成"
log "ShortId: ${XRAY_SHORT_ID}"
fi
}
# ===== 3. 选择 Reality 伪装目标 =====
select_reality_dest() {
if [ "$MODE" != "reality" ]; then
return
fi
step "3/5 选择 Reality 伪装目标"
local candidates=("www.microsoft.com" "dl.google.com" "www.apple.com" "www.amazon.com")
REALITY_DEST="${REALITY_DEST:-}"
REALITY_SNI="${REALITY_SNI:-}"
if [ -n "$REALITY_DEST" ] && [ -n "$REALITY_SNI" ]; then
log "使用 .env 中指定的伪装目标: ${REALITY_DEST}"
return
fi
local best_dest="www.microsoft.com"
local best_ms=9999
for site in "${candidates[@]}"; do
local ms
ms=$(curl -so /dev/null -w '%{time_connect}' --max-time 3 "https://${site}" 2>/dev/null \
| awk '{printf "%d", $1*1000}') || true
if [ -n "$ms" ] && [ "$ms" -lt "$best_ms" ] 2>/dev/null; then
best_ms=$ms
best_dest=$site
fi
done
REALITY_DEST="$best_dest"
REALITY_SNI="$best_dest"
log "伪装目标: ${REALITY_DEST} (延迟 ${best_ms}ms)"
}
# ===== 4. 写入 Xray 配置 =====
write_config() {
if [ "$MODE" = "reality" ]; then
write_config_reality
else
write_config_fast
fi
}
write_config_reality() {
step "3/5 写入 Xray 配置 (Reality)"
cat > /usr/local/etc/xray/config.json << EOF
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"listen": "0.0.0.0",
"port": ${XRAY_PORT},
"protocol": "vless",
"settings": {
"clients": [
{
"id": "${XRAY_UUID}",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"show": false,
"dest": "${REALITY_DEST}:443",
"xver": 0,
"serverNames": [
"${REALITY_SNI}"
],
"privateKey": "${XRAY_PRIVATE_KEY}",
"shortIds": [
"${XRAY_SHORT_ID}"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls", "quic"],
"routeOnly": true
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct"
},
{
"protocol": "blackhole",
"tag": "block"
}
],
"routing": {
"rules": [
{
"type": "field",
"outboundTag": "block",
"protocol": ["bittorrent"]
}
]
}
}
EOF
log "配置已写入: /usr/local/etc/xray/config.json"
}
write_config_fast() {
step "3/5 写入 Xray 配置 (Fast TCP)"
cat > /usr/local/etc/xray/config.json << EOF
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"listen": "0.0.0.0",
"port": ${XRAY_PORT},
"protocol": "vless",
"settings": {
"clients": [
{
"id": "${XRAY_UUID}"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "none"
},
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls", "quic"],
"routeOnly": true
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct"
},
{
"protocol": "blackhole",
"tag": "block"
}
],
"routing": {
"rules": [
{
"type": "field",
"outboundTag": "block",
"protocol": ["bittorrent"]
}
]
}
}
EOF
log "配置已写入: /usr/local/etc/xray/config.json"
}
# ===== 5. 防火墙 =====
configure_firewall() {
step "4/5 配置防火墙"
if command -v ufw &>/dev/null; then
ufw allow "${XRAY_PORT}/tcp"
ufw allow 22/tcp
ufw --force enable
log "ufw 已放行端口 ${XRAY_PORT}/tcp"
elif command -v firewall-cmd &>/dev/null; then
firewall-cmd --permanent --add-port="${XRAY_PORT}/tcp"
firewall-cmd --reload
log "firewalld 已放行端口 ${XRAY_PORT}/tcp"
else
warn "未检测到防火墙工具,请手动放行端口 ${XRAY_PORT}/tcp"
fi
}
# ===== 6. BBR + 网络调优 =====
tune_network() {
step "5/5 BBR + 网络调优"
cat > /etc/sysctl.d/99-xray-turbo.conf << 'SYSEOF'
# BBR 拥塞控制
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
# TCP 缓冲区(提升大文件 / 视频流吞吐量)
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_wmem=4096 65536 16777216
# 连接优化
net.ipv4.tcp_fastopen=3
net.ipv4.tcp_slow_start_after_idle=0
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_fin_timeout=15
net.ipv4.tcp_keepalive_time=300
net.ipv4.tcp_keepalive_intvl=30
net.ipv4.tcp_keepalive_probes=5
net.ipv4.tcp_max_tw_buckets=5000
net.ipv4.tcp_max_syn_backlog=8192
net.core.somaxconn=8192
net.core.netdev_max_backlog=8192
SYSEOF
sysctl --system > /dev/null 2>&1
log "BBR 已启用,网络参数已优化"
}
# ===== 7. 启动服务 =====
start_service() {
systemctl daemon-reload
systemctl restart xray
systemctl enable xray
sleep 2
if systemctl is-active --quiet xray; then
log "Xray 服务已启动 ✅"
else
error "Xray 启动失败,请检查: journalctl -u xray -f"
exit 1
fi
}
# ===== 8. 保存配置到 .env =====
save_env() {
cat > "$SCRIPT_DIR/.env" << EOF
# Xray 部署配置(由 deploy.sh 自动生成)
# 生成时间: $(date '+%Y-%m-%d %H:%M:%S')
XRAY_MODE=${MODE}
XRAY_PORT=${XRAY_PORT}
XRAY_UUID=${XRAY_UUID}
EOF
if [ "$MODE" = "reality" ]; then
cat >> "$SCRIPT_DIR/.env" << EOF
XRAY_PRIVATE_KEY=${XRAY_PRIVATE_KEY}
XRAY_PUBLIC_KEY=${XRAY_PUBLIC_KEY}
XRAY_SHORT_ID=${XRAY_SHORT_ID}
REALITY_DEST=${REALITY_DEST}
REALITY_SNI=${REALITY_SNI}
EOF
fi
chmod 600 "$SCRIPT_DIR/.env"
log "配置已保存到 .env权限 600"
}
# ===== 9. 输出连接信息 =====
print_result() {
local server_ip
server_ip=$(curl -s --max-time 5 ipv4.ip.sb || curl -s --max-time 5 ifconfig.me || echo "获取失败")
echo ""
echo "=========================================================="
if [ "$MODE" = "reality" ]; then
echo " Xray VLESS-Reality 部署完成 ✅"
echo "=========================================================="
echo ""
echo " IP : ${server_ip}"
echo " 端口 : ${XRAY_PORT}"
echo " 协议 : VLESS"
echo " UUID : ${XRAY_UUID}"
echo " 流控 : xtls-rprx-vision"
echo " 传输 : tcp"
echo " 安全 : reality"
echo " SNI : ${REALITY_SNI}"
echo " Fingerprint : chrome"
echo " PublicKey : ${XRAY_PUBLIC_KEY}"
echo " ShortId : ${XRAY_SHORT_ID}"
echo ""
echo "=========================================================="
echo ""
echo ">>> VLESS 分享链接(可直接导入客户端):"
echo ""
echo "vless://${XRAY_UUID}@${server_ip}:${XRAY_PORT}?encryption=none&flow=xtls-rprx-vision&security=reality&sni=${REALITY_SNI}&fp=chrome&pbk=${XRAY_PUBLIC_KEY}&sid=${XRAY_SHORT_ID}&type=tcp#VPS-Reality"
else
echo " Xray VLESS TCP 部署完成 ✅"
echo "=========================================================="
echo ""
echo " IP : ${server_ip}"
echo " 端口 : ${XRAY_PORT}"
echo " 协议 : VLESS"
echo " UUID : ${XRAY_UUID}"
echo " 传输 : tcp"
echo " 安全 : none"
fi
echo ""
echo "=========================================================="
echo ""
echo "⚠️ 请妥善保存以上信息!"
echo " 配置文件: /usr/local/etc/xray/config.json"
echo " 凭据备份: ${SCRIPT_DIR}/.env"
echo " 查看日志: journalctl -u xray -f"
echo " 重启服务: systemctl restart xray"
echo "=========================================================="
}
# ===== 主流程 =====
main() {
echo ""
log "部署模式: ${MODE}"
[ "$MODE" = "reality" ] && log "VLESS-Reality推荐抗封锁" || log "VLESS TCP极速无 TLS"
echo ""
install_xray
generate_keys
select_reality_dest
write_config
configure_firewall
tune_network
start_service
save_env
print_result
}
main

146
vps-xray/uninstall.sh Normal file
View File

@@ -0,0 +1,146 @@
#!/usr/bin/env bash
set -euo pipefail
# ============================================
# Xray 卸载脚本
# 停止服务 → 备份 → 清理配置/防火墙/调优
# ============================================
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
cd "$SCRIPT_DIR"
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
log() { echo -e "${GREEN}[INFO]${NC} $*"; }
warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
error() { echo -e "${RED}[ERROR]${NC} $*" >&2; }
# ===== 检查 root =====
if [ "$(id -u)" -ne 0 ]; then
error "请使用 root 用户运行: sudo bash uninstall.sh"
exit 1
fi
# ===== 加载配置 =====
if [ -f .env ]; then
sed -i 's/\r$//' .env
set -a; source .env; set +a
fi
XRAY_PORT="${XRAY_PORT:-443}"
BACKUP_DIR="${BACKUP_DIR:-/var/backups/xray}"
# ===== 确认操作 =====
echo ""
echo -e "${RED}╔══════════════════════════════════════════════════╗${NC}"
echo -e "${RED}║ ⚠ 即将卸载 Xray 及所有配置 ⚠ ║${NC}"
echo -e "${RED}╚══════════════════════════════════════════════════╝${NC}"
echo ""
echo "将执行以下操作:"
echo " 1. 停止并禁用 Xray 服务"
echo " 2. 卸载 Xray 程序"
echo " 3. 删除 Xray 配置文件"
echo " 4. 移除网络调优配置"
echo " 5. 关闭防火墙端口 ${XRAY_PORT}"
echo ""
echo "涉及的目录:"
echo " 配置目录: /usr/local/etc/xray/"
echo " 备份目录: ${BACKUP_DIR}(保留)"
echo " 部署目录: ${SCRIPT_DIR}"
echo ""
echo -e "${YELLOW}备份目录将保留,不会被删除。${NC}"
echo ""
read -r -p "确定要继续卸载吗?输入 YES 确认: " confirm
if [ "$confirm" != "YES" ]; then
log "已取消卸载"
exit 0
fi
# ===== 卸载前备份 =====
echo ""
read -r -p "是否在卸载前执行一次备份?(y/N): " do_backup
if [[ "$do_backup" =~ ^[Yy]$ ]]; then
if [ -f backup.sh ]; then
log "正在执行备份..."
bash backup.sh
log "备份完成"
else
warn "backup.sh 不存在,跳过备份"
fi
fi
# ===== 1. 停止并禁用 Xray 服务 =====
echo ""
log "正在停止 Xray 服务..."
if systemctl is-active --quiet xray 2>/dev/null; then
systemctl stop xray
log "Xray 服务已停止"
else
log "Xray 服务未运行"
fi
systemctl disable xray 2>/dev/null || true
# ===== 2. 卸载 Xray =====
log "正在卸载 Xray..."
if [ -f /usr/local/bin/xray ]; then
# 使用官方卸载方式
bash <(curl -fsSL https://raw.githubusercontent.com/XTLS/Xray-install/main/install-release.sh) --remove 2>/dev/null || true
# 手动清理残留
rm -f /usr/local/bin/xray
rm -rf /usr/local/etc/xray
rm -rf /usr/local/share/xray
rm -f /etc/systemd/system/xray.service
rm -f /etc/systemd/system/xray@.service
systemctl daemon-reload
log "Xray 已卸载"
else
log "Xray 未安装,跳过"
fi
# ===== 3. 移除网络调优配置 =====
log "正在移除网络调优配置..."
if [ -f /etc/sysctl.d/99-xray-turbo.conf ]; then
rm -f /etc/sysctl.d/99-xray-turbo.conf
sysctl --system > /dev/null 2>&1
log "网络调优配置已移除"
else
log "网络调优配置不存在,跳过"
fi
# ===== 4. 关闭防火墙端口 =====
log "正在关闭防火墙端口 ${XRAY_PORT}..."
if command -v ufw &>/dev/null; then
ufw delete allow "${XRAY_PORT}/tcp" 2>/dev/null || true
ufw reload 2>/dev/null || true
log "ufw 已关闭端口 ${XRAY_PORT}/tcp"
elif command -v firewall-cmd &>/dev/null; then
firewall-cmd --permanent --remove-port="${XRAY_PORT}/tcp" 2>/dev/null || true
firewall-cmd --reload 2>/dev/null || true
log "firewalld 已关闭端口 ${XRAY_PORT}/tcp"
else
warn "未检测到防火墙工具,请手动关闭端口 ${XRAY_PORT}/tcp"
fi
# ===== 5. 删除部署目录 =====
echo ""
read -r -p "是否删除部署目录 ${SCRIPT_DIR}(y/N): " del_deploy
if [[ "$del_deploy" =~ ^[Yy]$ ]]; then
cd /opt
rm -rf "$SCRIPT_DIR"
log "已删除部署目录"
else
warn "保留部署目录: ${SCRIPT_DIR}"
fi
# ===== 完成 =====
echo ""
log "Xray 卸载完成"
echo ""
echo "保留的内容:"
echo " 备份目录: ${BACKUP_DIR}"
[[ ! "$del_deploy" =~ ^[Yy]$ ]] && echo " 部署目录: ${SCRIPT_DIR}"
echo ""
echo "如需恢复,请参考 README.md 中的「恢复备份」章节。"