mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2025-08-30 14:56:17 +00:00
Remove Sudo from x-ui.sh
we checked for root at begin of script, also with this we can now use the script inside docker
This commit is contained in:
parent
4627b44e6f
commit
62762c54ce
1 changed files with 34 additions and 34 deletions
68
x-ui.sh
68
x-ui.sh
|
@ -305,13 +305,13 @@ enable_bbr() {
|
||||||
# Check the OS and install necessary packages
|
# Check the OS and install necessary packages
|
||||||
case "${release}" in
|
case "${release}" in
|
||||||
ubuntu|debian)
|
ubuntu|debian)
|
||||||
sudo apt-get update && sudo apt-get install -yqq --no-install-recommends ca-certificates
|
apt-get update && apt-get install -yqq --no-install-recommends ca-certificates
|
||||||
;;
|
;;
|
||||||
centos)
|
centos)
|
||||||
sudo yum -y update && sudo yum -y install ca-certificates
|
yum -y update && yum -y install ca-certificates
|
||||||
;;
|
;;
|
||||||
fedora)
|
fedora)
|
||||||
sudo dnf -y update && sudo dnf -y install ca-certificates
|
dnf -y update && dnf -y install ca-certificates
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
|
echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
|
||||||
|
@ -320,11 +320,11 @@ enable_bbr() {
|
||||||
esac
|
esac
|
||||||
|
|
||||||
# Enable BBR
|
# Enable BBR
|
||||||
echo "net.core.default_qdisc=fq" | sudo tee -a /etc/sysctl.conf
|
echo "net.core.default_qdisc=fq" | tee -a /etc/sysctl.conf
|
||||||
echo "net.ipv4.tcp_congestion_control=bbr" | sudo tee -a /etc/sysctl.conf
|
echo "net.ipv4.tcp_congestion_control=bbr" | tee -a /etc/sysctl.conf
|
||||||
|
|
||||||
# Apply changes
|
# Apply changes
|
||||||
sudo sysctl -p
|
sysctl -p
|
||||||
|
|
||||||
# Verify that BBR is enabled
|
# Verify that BBR is enabled
|
||||||
if [[ $(sysctl net.ipv4.tcp_congestion_control | awk '{print $3}') == "bbr" ]]; then
|
if [[ $(sysctl net.ipv4.tcp_congestion_control | awk '{print $3}') == "bbr" ]]; then
|
||||||
|
@ -444,24 +444,24 @@ show_xray_status() {
|
||||||
open_ports() {
|
open_ports() {
|
||||||
if ! command -v ufw &>/dev/null; then
|
if ! command -v ufw &>/dev/null; then
|
||||||
echo "ufw firewall is not installed. Installing now..."
|
echo "ufw firewall is not installed. Installing now..."
|
||||||
sudo apt-get update
|
apt-get update
|
||||||
sudo apt-get install -y ufw
|
apt-get install -y ufw
|
||||||
else
|
else
|
||||||
echo "ufw firewall is already installed"
|
echo "ufw firewall is already installed"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Check if the firewall is inactive
|
# Check if the firewall is inactive
|
||||||
if sudo ufw status | grep -q "Status: active"; then
|
if ufw status | grep -q "Status: active"; then
|
||||||
echo "firewall is already active"
|
echo "firewall is already active"
|
||||||
else
|
else
|
||||||
# Open the necessary ports
|
# Open the necessary ports
|
||||||
sudo ufw allow ssh
|
ufw allow ssh
|
||||||
sudo ufw allow http
|
ufw allow http
|
||||||
sudo ufw allow https
|
ufw allow https
|
||||||
sudo ufw allow 2053/tcp
|
ufw allow 2053/tcp
|
||||||
|
|
||||||
# Enable the firewall
|
# Enable the firewall
|
||||||
sudo ufw --force enable
|
ufw --force enable
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Prompt the user to enter a list of ports
|
# Prompt the user to enter a list of ports
|
||||||
|
@ -482,15 +482,15 @@ open_ports() {
|
||||||
end_port=$(echo $port | cut -d'-' -f2)
|
end_port=$(echo $port | cut -d'-' -f2)
|
||||||
# Loop through the range and open each port
|
# Loop through the range and open each port
|
||||||
for ((i = start_port; i <= end_port; i++)); do
|
for ((i = start_port; i <= end_port; i++)); do
|
||||||
sudo ufw allow $i
|
ufw allow $i
|
||||||
done
|
done
|
||||||
else
|
else
|
||||||
sudo ufw allow "$port"
|
ufw allow "$port"
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
# Confirm that the ports are open
|
# Confirm that the ports are open
|
||||||
sudo ufw status | grep $ports
|
ufw status | grep $ports
|
||||||
}
|
}
|
||||||
|
|
||||||
update_geo() {
|
update_geo() {
|
||||||
|
@ -694,8 +694,8 @@ run_speedtest() {
|
||||||
echo "Error: Package manager not found. You may need to install Speedtest manually."
|
echo "Error: Package manager not found. You may need to install Speedtest manually."
|
||||||
return 1
|
return 1
|
||||||
else
|
else
|
||||||
curl -s $speedtest_install_script | sudo bash
|
curl -s $speedtest_install_script | bash
|
||||||
sudo $pkg_manager install -y speedtest
|
$pkg_manager install -y speedtest
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -718,14 +718,14 @@ findtime=100
|
||||||
bantime=${bantime}m
|
bantime=${bantime}m
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
sudo cat << EOF > /etc/fail2ban/filter.d/3x-ipl.conf
|
cat << EOF > /etc/fail2ban/filter.d/3x-ipl.conf
|
||||||
[Definition]
|
[Definition]
|
||||||
datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
|
datepattern = ^%%Y/%%m/%%d %%H:%%M:%%S
|
||||||
failregex = \[LIMIT_IP\]\s*Email\s*=\s*<F-USER>.+</F-USER>\s*\|\|\s*SRC\s*=\s*<ADDR>
|
failregex = \[LIMIT_IP\]\s*Email\s*=\s*<F-USER>.+</F-USER>\s*\|\|\s*SRC\s*=\s*<ADDR>
|
||||||
ignoreregex =
|
ignoreregex =
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
sudo cat << EOF > /etc/fail2ban/action.d/3x-ipl.conf
|
cat << EOF > /etc/fail2ban/action.d/3x-ipl.conf
|
||||||
[INCLUDES]
|
[INCLUDES]
|
||||||
before = iptables-common.conf
|
before = iptables-common.conf
|
||||||
|
|
||||||
|
@ -789,7 +789,7 @@ iplimit_main() {
|
||||||
read -rp "Please enter new Ban Duration in Minutes [default 5]: " NUM
|
read -rp "Please enter new Ban Duration in Minutes [default 5]: " NUM
|
||||||
if [[ $NUM =~ ^[0-9]+$ ]]; then
|
if [[ $NUM =~ ^[0-9]+$ ]]; then
|
||||||
create_iplimit_jail ${NUM}
|
create_iplimit_jail ${NUM}
|
||||||
sudo systemctl restart fail2ban
|
systemctl restart fail2ban
|
||||||
else
|
else
|
||||||
echo -e "${red}${NUM} is not a number! Please, try again.${plain}"
|
echo -e "${red}${NUM} is not a number! Please, try again.${plain}"
|
||||||
fi
|
fi
|
||||||
|
@ -827,11 +827,11 @@ install_iplimit() {
|
||||||
# Check the OS and install necessary packages
|
# Check the OS and install necessary packages
|
||||||
case "${release}" in
|
case "${release}" in
|
||||||
ubuntu|debian)
|
ubuntu|debian)
|
||||||
sudo apt update && sudo apt install fail2ban -y ;;
|
apt update && apt install fail2ban -y ;;
|
||||||
centos)
|
centos)
|
||||||
sudo yum -y update && sudo yum -y install fail2ban ;;
|
yum -y update && yum -y install fail2ban ;;
|
||||||
fedora)
|
fedora)
|
||||||
sudo dnf -y update && sudo dnf -y install fail2ban ;;
|
dnf -y update && dnf -y install fail2ban ;;
|
||||||
*)
|
*)
|
||||||
echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
|
echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
|
||||||
exit 1 ;;
|
exit 1 ;;
|
||||||
|
@ -861,12 +861,12 @@ install_iplimit() {
|
||||||
create_iplimit_jails
|
create_iplimit_jails
|
||||||
|
|
||||||
# Launching fail2ban
|
# Launching fail2ban
|
||||||
if ! sudo systemctl is-active --quiet fail2ban; then
|
if ! systemctl is-active --quiet fail2ban; then
|
||||||
sudo systemctl start fail2ban
|
systemctl start fail2ban
|
||||||
else
|
else
|
||||||
systemctl restart fail2ban
|
systemctl restart fail2ban
|
||||||
fi
|
fi
|
||||||
sudo systemctl enable fail2ban
|
systemctl enable fail2ban
|
||||||
|
|
||||||
echo -e "${green}IP Limit installed and configured successfully!${plain}\n"
|
echo -e "${green}IP Limit installed and configured successfully!${plain}\n"
|
||||||
before_show_menu
|
before_show_menu
|
||||||
|
@ -882,22 +882,22 @@ remove_iplimit(){
|
||||||
rm -f /etc/fail2ban/filter.d/3x-ipl.conf
|
rm -f /etc/fail2ban/filter.d/3x-ipl.conf
|
||||||
rm -f /etc/fail2ban/action.d/3x-ipl.conf
|
rm -f /etc/fail2ban/action.d/3x-ipl.conf
|
||||||
rm -f /etc/fail2ban/jail.d/3x-ipl.conf
|
rm -f /etc/fail2ban/jail.d/3x-ipl.conf
|
||||||
sudo systemctl restart fail2ban
|
systemctl restart fail2ban
|
||||||
echo -e "${green}IP Limit removed successfully!${plain}\n"
|
echo -e "${green}IP Limit removed successfully!${plain}\n"
|
||||||
before_show_menu ;;
|
before_show_menu ;;
|
||||||
2)
|
2)
|
||||||
rm -f /etc/fail2ban/filter.d/3x-ipl.conf
|
rm -f /etc/fail2ban/filter.d/3x-ipl.conf
|
||||||
rm -f /etc/fail2ban/action.d/3x-ipl.conf
|
rm -f /etc/fail2ban/action.d/3x-ipl.conf
|
||||||
rm -f /etc/fail2ban/jail.d/3x-ipl.conf
|
rm -f /etc/fail2ban/jail.d/3x-ipl.conf
|
||||||
sudo systemctl stop fail2ban
|
systemctl stop fail2ban
|
||||||
sudo systemctl disable fail2ban
|
systemctl disable fail2ban
|
||||||
case "${release}" in
|
case "${release}" in
|
||||||
ubuntu|debian)
|
ubuntu|debian)
|
||||||
sudo apt remove fail2ban -y ;;
|
apt remove fail2ban -y ;;
|
||||||
centos)
|
centos)
|
||||||
sudo yum -y remove fail2ban ;;
|
yum -y remove fail2ban ;;
|
||||||
fedora)
|
fedora)
|
||||||
sudo dnf -y remove fail2ban ;;
|
dnf -y remove fail2ban ;;
|
||||||
*)
|
*)
|
||||||
echo -e "${red}Unsupported operating system. Please uninstall Fail2ban manually.${plain}\n"
|
echo -e "${red}Unsupported operating system. Please uninstall Fail2ban manually.${plain}\n"
|
||||||
exit 1 ;;
|
exit 1 ;;
|
||||||
|
|
Loading…
Reference in a new issue