#!/bin/bash # 脚本出现错误时立即退出 set -e # 检查是否以 root 权限运行 if [ "$(id -u)" -ne 0 ]; then echo "错误:此脚本需要以 root 权限运行。" exit 1 fi # 定义变量 (可选,但方便维护) HYSTERIA_VERSION="v2.6.2" HYSTERIA_BINARY_NAME="hysteria-linux-amd64" #HYSTERIA_DOWNLOAD_URL="https://github.com/apernet/hysteria/releases/download/app/${HYSTERIA_VERSION}/${HYSTERIA_BINARY_NAME}" # 如果上面的地址下载慢,可以切换到 gh-proxy HYSTERIA_DOWNLOAD_URL="https://gh-proxy.com/github.com/apernet/hysteria/releases/download/app/${HYSTERIA_VERSION}/${HYSTERIA_BINARY_NAME}" HYSTERIA_INSTALL_SCRIPT_URL="https://get.hy2.sh/" HYSTERIA_CONFIG_DIR="/etc/hysteria" HYSTERIA_KEY_FILE="${HYSTERIA_CONFIG_DIR}/server.key" HYSTERIA_CERT_FILE="${HYSTERIA_CONFIG_DIR}/server.crt" HYSTERIA_CERT_SUBJ="/CN=bing.com" # 你可以按需修改这个CN CONFIG_DOWNLOAD_URL="http://23.27.28.64:8080/config.yaml" LOCAL_CONFIG_FILE="config.yaml" # 下载的配置文件名 HYSTERIA_SERVER_CONFIG_FILE="${HYSTERIA_CONFIG_DIR}/config.yaml" SYSCTL_CONF_FILE="/etc/sysctl.conf" PRIORITY_CONF_DIR="/etc/systemd/system/hysteria-server.service.d" PRIORITY_CONF_FILE="${PRIORITY_CONF_DIR}/priority.conf" # --- 函数定义 --- check_and_install_deps() { echo "===== 0. 检查并安装依赖 =====" REQUIRED_CMDS=("curl" "wget" "openssl") PACKAGES_TO_INSTALL="curl wget openssl cron ca-certificates" NEEDS_INSTALL=false for cmd in "${REQUIRED_CMDS[@]}"; do if ! command -v "$cmd" &> /dev/null; then echo "检测到必需的命令 '$cmd' 未安装。" NEEDS_INSTALL=true break fi done if [ "$NEEDS_INSTALL" = true ]; then echo "正在更新软件包列表并安装必需的软件包..." apt-get update apt-get install -y ${PACKAGES_TO_INSTALL} echo "依赖安装完成。" else echo "所有必需的依赖项均已安装。" fi } # --- 脚本主流程 --- check_and_install_deps echo echo "===== 1. 下载 Hysteria 二进制文件 =====" wget --no-check-certificate -O "${HYSTERIA_BINARY_NAME}" "${HYSTERIA_DOWNLOAD_URL}" if [ ! -f "${HYSTERIA_BINARY_NAME}" ]; then echo "错误:下载 Hysteria 二进制文件失败。" exit 1 fi chmod +x "${HYSTERIA_BINARY_NAME}" echo "Hysteria 二进制文件下载并设置可执行权限完成。" echo echo "===== 2. 使用官方脚本安装 Hysteria (本地模式) =====" bash <(curl -fsSL "${HYSTERIA_INSTALL_SCRIPT_URL}") --local "./${HYSTERIA_BINARY_NAME}" echo "Hysteria 安装完成。" echo echo "===== 3. 生成自签名证书和密钥 =====" mkdir -p "${HYSTERIA_CONFIG_DIR}" openssl req -x509 -nodes -newkey ec:<(openssl ecparam -name prime256v1) \ -keyout "${HYSTERIA_KEY_FILE}" \ -out "${HYSTERIA_CERT_FILE}" \ -subj "${HYSTERIA_CERT_SUBJ}" \ -days 36500 if [ ! -f "${HYSTERIA_KEY_FILE}" ] || [ ! -f "${HYSTERIA_CERT_FILE}" ]; then echo "错误:生成证书或密钥失败。" exit 1 fi echo "等待 hysteria 用户/组创建..." sleep 2 if id "hysteria" &>/dev/null; then chown hysteria:hysteria "${HYSTERIA_KEY_FILE}" chown hysteria:hysteria "${HYSTERIA_CERT_FILE}" echo "证书和密钥所有权已设置为 hysteria 用户。" else echo "警告:hysteria 用户不存在,无法设置证书所有权。请手动检查。" fi echo echo "===== 4. 下载并复制配置文件 =====" wget -O "${LOCAL_CONFIG_FILE}" "${CONFIG_DOWNLOAD_URL}" if [ ! -f "${LOCAL_CONFIG_FILE}" ]; then echo "错误:下载配置文件失败。" exit 1 fi cp -f "${LOCAL_CONFIG_FILE}" "${HYSTERIA_SERVER_CONFIG_FILE}" echo "配置文件已复制到 ${HYSTERIA_SERVER_CONFIG_FILE}" echo echo "===== 5. 优化内核网络参数 =====" # 临时生效 sysctl -w net.core.rmem_max=16777216 sysctl -w net.core.wmem_max=16777216 echo "内核网络参数已临时设置。" # 持久化,避免重复写入 if ! grep -q "net.core.rmem_max=16777216" "${SYSCTL_CONF_FILE}"; then echo "net.core.rmem_max=16777216" >> "${SYSCTL_CONF_FILE}" echo "已将 rmem_max 配置写入 ${SYSCTL_CONF_FILE}" fi if ! grep -q "net.core.wmem_max=16777216" "${SYSCTL_CONF_FILE}"; then echo "net.core.wmem_max=16777216" >> "${SYSCTL_CONF_FILE}" echo "已将 wmem_max 配置写入 ${SYSCTL_CONF_FILE}" fi echo echo "===== 6. 优化服务优先级 =====" mkdir -p "${PRIORITY_CONF_DIR}" cat > "${PRIORITY_CONF_FILE}" </dev/null | grep -qF -- "restart hysteria-server.service"; then echo "定时重启任务已存在,无需重复添加。" else # 添加新任务 (crontab -l 2>/dev/null; echo "${CRON_JOB}") | crontab - if [ $? -eq 0 ]; then echo "已成功添加定时重启任务:'${CRON_JOB}'" echo "任务执行日志将记录在 ${LOG_FILE}" else echo "错误:添加定时任务失败。" fi fi fi echo echo "===== 清理下载的临时文件 =====" rm -f "./${HYSTERIA_BINARY_NAME}" rm -f "./${LOCAL_CONFIG_FILE}" echo "临时文件已清理。" echo echo "Hysteria 安装和优化配置脚本执行完毕。"