From c07b2c73d7bd969daf2a59fa17a6297dc8518ff6 Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Sun, 2 Apr 2023 18:12:00 +0330 Subject: [PATCH 01/13] enable firewall + open port + update geo files --- .github/workflows/release.yml | 1 + web/html/xui/setting.html | 4 +- x-ui.sh | 74 +++++++++++++++++++++++++++++++++-- 3 files changed, 73 insertions(+), 6 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7fae989a..5e02540f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,6 +27,7 @@ jobs: rm -f Xray-linux-64.zip geoip.dat geosite.dat wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat wget https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat + wget https://github.com/bootmortis/iran-hosted-domains/releases/latest/download/iran.dat mv xray xray-linux-amd64 cd .. cd .. diff --git a/web/html/xui/setting.html b/web/html/xui/setting.html index 7acab065..6838d8b3 100644 --- a/web/html/xui/setting.html +++ b/web/html/xui/setting.html @@ -345,7 +345,7 @@ if(this.templateSettings != null){ this.templateSettings.routing.rules.forEach(routingRule => { if(routingRule.hasOwnProperty("domain")){ - if (routingRule.domain[0] === "regexp:.+.ir$" && routingRule.outboundTag == "blocked"){ + if ((routingRule.domain[0] === "regexp:.+.ir$" || routingRule.domain[0] === "ext:iran.dat:ir") && routingRule.outboundTag == "blocked") { localdomainFilter = true } } @@ -356,7 +356,7 @@ set: function (newValue) { newTemplateSettings = JSON.parse(this.allSetting.xrayTemplateConfig); if (newValue){ - newTemplateSettings.routing.rules.push(JSON.parse("{\"outboundTag\": \"blocked\",\"domain\": [\"regexp:.+.ir$\"],\"type\": \"field\"}")) + newTemplateSettings.routing.rules.push(JSON.parse("{\"outboundTag\": \"blocked\",\"domain\": [\"regexp:.+.ir$\", \"ext:iran.dat:ir\"],\"type\": \"field\"}")) } else { newTemplateSettings.routing.rules = []; diff --git a/x-ui.sh b/x-ui.sh index 341e8a02..77a11393 100644 --- a/x-ui.sh +++ b/x-ui.sh @@ -454,6 +454,64 @@ ssl_cert_issue() { fi } +open_ports() { + + # Check if the firewall is inactive + if sudo ufw status | grep -q "Status: active"; then + echo "firewall is already active" + else + # Open the necessary ports + sudo ufw allow ssh + sudo ufw allow http + sudo ufw allow https + sudo ufw allow 2053/tcp + + # Enable the firewall + sudo ufw --force enable + fi + + # Prompt the user to enter a list of ports + read -p "Enter the ports you want to open (e.g. 80,443,2053 or range 400-500): " ports + + # Check if the input is valid + if ! [[ $ports =~ ^([0-9]+|[0-9]+-[0-9]+)(,([0-9]+|[0-9]+-[0-9]+))*$ ]]; then + echo "Error: Invalid input. Please enter a comma-separated list of ports or a range of ports (e.g. 80,443,2053 or 400-500)." >&2; exit 1 + fi + + # Open the specified ports using ufw + IFS=',' read -ra PORT_LIST <<< "$ports" + for port in "${PORT_LIST[@]}"; do + if [[ $port == *-* ]]; then + # Split the range into start and end ports + start_port=$(echo $port | cut -d'-' -f1) + end_port=$(echo $port | cut -d'-' -f2) + # Loop through the range and open each port + for ((i=start_port; i<=end_port; i++)); do + sudo ufw allow $i + done + else + sudo ufw allow "$port" + fi + done + + # Confirm that the ports are open + sudo ufw status | grep $ports +} + + + +update_geo(){ + systemctl stop x-ui + cd /usr/local/x-ui/bin + rm -f geoip.dat geosite.dat iran.dat + wget -N https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geoip.dat + wget -N https://github.com/Loyalsoldier/v2ray-rules-dat/releases/latest/download/geosite.dat + wget -N https://github.com/bootmortis/iran-hosted-domains/releases/latest/download/iran.dat + systemctl start x-ui + echo -e "${green}Geosite and Geoip have been updated successfully!${plain}" +before_show_menu +} + install_acme() { cd ~ LOGI "install acme..." @@ -532,8 +590,8 @@ ssl_cert_issue_standalone() { fi #install cert ~/.acme.sh/acme.sh --installcert -d ${domain} --ca-file /root/cert/ca.cer \ - --cert-file /root/cert/${domain}.cer --key-file /root/cert/${domain}.key \ - --fullchain-file /root/cert/fullchain.cer + --cert-file /root/cert/${domain}.cer --key-file /root/cert/privkey.pem \ + --fullchain-file /root/cert/fullchain.pem if [ $? -ne 0 ]; then LOGE "install certs failed,exit" @@ -682,9 +740,11 @@ show_menu() { ———————————————— ${green}15.${plain} Enable BBR ${green}16.${plain} Issuse Certs + ${green}17.${plain} Update Geoip and Geosite + ${green}18.${plain} Enable Firewall and open Ports " show_status - echo && read -p "Please enter your selection [0-16]: " num + echo && read -p "Please enter your selection [0-18]: " num case "${num}" in 0) @@ -738,8 +798,14 @@ show_menu() { 16) ssl_cert_issue ;; + 17) + update_geo + ;; + 18) + open_ports + ;; *) - LOGE "Please enter the correct number [0-16]" + LOGE "Please enter the correct number [0-18]" ;; esac } From e51c59995c9ffacce1f05495cbc3a8cb986923c9 Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Sun, 2 Apr 2023 21:01:08 +0330 Subject: [PATCH 02/13] fixed - multi domain ssl path --- x-ui.sh | 101 ++++++++++++++++++++++++++++++-------------------------- 1 file changed, 55 insertions(+), 46 deletions(-) diff --git a/x-ui.sh b/x-ui.sh index 77a11393..ebda157c 100644 --- a/x-ui.sh +++ b/x-ui.sh @@ -548,14 +548,7 @@ ssl_cert_issue_standalone() { else LOGI "install socat succeed..." fi - #creat a directory for install cert - certPath=/root/cert - if [ ! -d "$certPath" ]; then - mkdir $certPath - else - rm -rf $certPath - mkdir $certPath - fi + #get the domain here,and we need verify it local domain="" read -p "please input your domain:" domain @@ -570,6 +563,16 @@ ssl_cert_issue_standalone() { else LOGI "your domain is ready for issuing cert now..." fi + + #create a directory for install cert + certPath="/root/cert/${domain}" + if [ ! -d "$certPath" ]; then + mkdir -p "$certPath" + else + rm -rf "$certPath" + mkdir -p "$certPath" + fi + #get needed port here local WebPort=80 read -p "please choose which port do you use,default will be 80 port:" WebPort @@ -589,9 +592,9 @@ ssl_cert_issue_standalone() { LOGE "issue certs succeed,installing certs..." fi #install cert - ~/.acme.sh/acme.sh --installcert -d ${domain} --ca-file /root/cert/ca.cer \ - --cert-file /root/cert/${domain}.cer --key-file /root/cert/privkey.pem \ - --fullchain-file /root/cert/fullchain.pem + ~/.acme.sh/acme.sh --installcert -d ${domain} \ + --key-file /root/cert/${domain}/privkey.pem \ + --fullchain-file /root/cert/${domain}/fullchain.pem if [ $? -ne 0 ]; then LOGE "install certs failed,exit" @@ -600,17 +603,18 @@ ssl_cert_issue_standalone() { else LOGI "install certs succeed,enable auto renew..." fi - ~/.acme.sh/acme.sh --upgrade --auto-upgrade - if [ $? -ne 0 ]; then - LOGE "auto renew failed,certs details:" - ls -lah cert - chmod 755 $certPath - exit 1 - else - LOGI "auto renew succeed,certs details:" - ls -lah cert - chmod 755 $certPath - fi + + ~/.acme.sh/acme.sh --upgrade --auto-upgrade + if [ $? -ne 0 ]; then + LOGE "auto renew failed, certs details:" + ls -lah cert/* + chmod 755 $certPath/* + exit 1 + else + LOGI "auto renew succeed, certs details:" + ls -lah cert/* + chmod 755 $certPath/* + fi } @@ -631,13 +635,7 @@ ssl_cert_issue_by_cloudflare() { CF_Domain="" CF_GlobalKey="" CF_AccountEmail="" - certPath=/root/cert - if [ ! -d "$certPath" ]; then - mkdir $certPath - else - rm -rf $certPath - mkdir $certPath - fi + LOGD "please input your domain:" read -p "Input your domain here:" CF_Domain LOGD "your domain is:${CF_Domain},check it..." @@ -651,6 +649,16 @@ ssl_cert_issue_by_cloudflare() { else LOGI "your domain is ready for issuing cert now..." fi + + #create a directory for install cert + certPath="/root/cert/${CF_Domain}" + if [ ! -d "$certPath" ]; then + mkdir -p "$certPath" + else + rm -rf "$certPath" + mkdir -p "$certPath" + fi + LOGD "please inout your cloudflare global API key:" read -p "Input your key here:" CF_GlobalKey LOGD "your cloudflare global API key is:${CF_GlobalKey}" @@ -672,9 +680,10 @@ ssl_cert_issue_by_cloudflare() { else LOGI "Certificate issued Successfully, Installing..." fi - ~/.acme.sh/acme.sh --installcert -d ${CF_Domain} -d *.${CF_Domain} --ca-file /root/cert/ca.cer \ - --cert-file /root/cert/${CF_Domain}.cer --key-file /root/cert/${CF_Domain}.key \ - --fullchain-file /root/cert/fullchain.cer + ~/.acme.sh/acme.sh --installcert -d ${CF_Domain} -d *.${CF_Domain} \ + --key-file /root/cert/${CF_Domain}/privkey.pem \ + --fullchain-file /root/cert/${CF_Domain}/fullchain.pem + if [ $? -ne 0 ]; then LOGE "install cert failed,exit" rm -rf ~/.acme.sh/${CF_Domain} @@ -682,17 +691,17 @@ ssl_cert_issue_by_cloudflare() { else LOGI "Certificate installed Successfully,Turning on automatic updates..." fi - ~/.acme.sh/acme.sh --upgrade --auto-upgrade - if [ $? -ne 0 ]; then - LOGE "Auto update setup Failed, script exiting..." - ls -lah cert - chmod 755 $certPath - exit 1 - else - LOGI "The certificate is installed and auto-renewal is turned on, Specific information is as follows" - ls -lah cert - chmod 755 $certPath - fi + ~/.acme.sh/acme.sh --upgrade --auto-upgrade + if [ $? -ne 0 ]; then + LOGE "auto renew failed, certs details:" + ls -lah cert/* + chmod 755 $certPath/* + exit 1 + else + LOGI "auto renew succeed, certs details:" + ls -lah cert/* + chmod 755 $certPath/* + fi else show_menu fi @@ -739,9 +748,9 @@ show_menu() { ${green}14.${plain} Disabel x-ui On System Startup ———————————————— ${green}15.${plain} Enable BBR - ${green}16.${plain} Issuse Certs - ${green}17.${plain} Update Geoip and Geosite - ${green}18.${plain} Enable Firewall and open Ports + ${green}16.${plain} Apply for an SSL Certificate + ${green}17.${plain} Update Geo Files + ${green}18.${plain} Active Firewall and open ports " show_status echo && read -p "Please enter your selection [0-18]: " num From 838d0c26259c1c647377ef3fc64ac7b1d6ff70c8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 2 Apr 2023 17:39:58 +0000 Subject: [PATCH 03/13] Bump github.com/shirou/gopsutil/v3 from 3.23.2 to 3.23.3 Bumps [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) from 3.23.2 to 3.23.3. - [Release notes](https://github.com/shirou/gopsutil/releases) - [Commits](https://github.com/shirou/gopsutil/compare/v3.23.2...v3.23.3) --- updated-dependencies: - dependency-name: github.com/shirou/gopsutil/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 3 ++- go.sum | 9 ++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 9d29e819..377ffab8 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 github.com/pelletier/go-toml/v2 v2.0.7 github.com/robfig/cron/v3 v3.0.1 - github.com/shirou/gopsutil/v3 v3.23.2 + github.com/shirou/gopsutil/v3 v3.23.3 github.com/xtls/xray-core v1.8.0 go.uber.org/atomic v1.10.0 golang.org/x/text v0.8.0 @@ -47,6 +47,7 @@ require ( github.com/modern-go/reflect2 v1.0.2 // indirect github.com/pires/go-proxyproto v0.6.2 // indirect github.com/power-devops/perfstat v0.0.0-20221212215047-62379fc7944b // indirect + github.com/shoenig/go-m1cpu v0.1.4 // indirect github.com/tklauser/go-sysconf v0.3.11 // indirect github.com/tklauser/numcpus v0.6.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect diff --git a/go.sum b/go.sum index 4122d949..61f0ec46 100644 --- a/go.sum +++ b/go.sum @@ -137,8 +137,12 @@ github.com/sagernet/sing v0.1.7 h1:g4vjr3q8SUlBZSx97Emz5OBfSMBxxW5Q8C2PfdoSo08= github.com/sagernet/sing-shadowsocks v0.1.1 h1:uFK2rlVeD/b1xhDwSMbUI2goWc6fOKxp+ZeKHZq6C9Q= github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c h1:vK2wyt9aWYHHvNLWniwijBu/n4pySypiKRhN32u/JGo= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= -github.com/shirou/gopsutil/v3 v3.23.2 h1:PAWSuiAszn7IhPMBtXsbSCafej7PqUOvY6YywlQUExU= -github.com/shirou/gopsutil/v3 v3.23.2/go.mod h1:gv0aQw33GLo3pG8SiWKiQrbDzbRY1K80RyZJ7V4Th1M= +github.com/shirou/gopsutil/v3 v3.23.3 h1:Syt5vVZXUDXPEXpIBt5ziWsJ4LdSAAxF4l/xZeQgSEE= +github.com/shirou/gopsutil/v3 v3.23.3/go.mod h1:lSBNN6t3+D6W5e5nXTxc8KIMMVxAcS+6IJlffjRRlMU= +github.com/shoenig/go-m1cpu v0.1.4 h1:SZPIgRM2sEF9NJy50mRHu9PKGwxyyTTJIWvCtgVbozs= +github.com/shoenig/go-m1cpu v0.1.4/go.mod h1:Wwvst4LR89UxjeFtLRMrpgRiyY4xPsejnVZym39dbAQ= +github.com/shoenig/test v0.6.3 h1:GVXWJFk9PiOjN0KoJ7VrJGH6uLPnqxR7/fe3HUPfE0c= +github.com/shoenig/test v0.6.3/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= @@ -211,7 +215,6 @@ golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= From 708481251575386a85b876293b591b35835bd11d Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Mon, 3 Apr 2023 02:09:22 +0330 Subject: [PATCH 04/13] iran.dat:other --- web/html/xui/setting.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/html/xui/setting.html b/web/html/xui/setting.html index 6838d8b3..b4a974eb 100644 --- a/web/html/xui/setting.html +++ b/web/html/xui/setting.html @@ -345,7 +345,7 @@ if(this.templateSettings != null){ this.templateSettings.routing.rules.forEach(routingRule => { if(routingRule.hasOwnProperty("domain")){ - if ((routingRule.domain[0] === "regexp:.+.ir$" || routingRule.domain[0] === "ext:iran.dat:ir") && routingRule.outboundTag == "blocked") { + if ((routingRule.domain[0] === "regexp:.+.ir$" || routingRule.domain[0] === "ext:iran.dat:ir" || routingRule.domain[0] === "ext:iran.dat:other") && routingRule.outboundTag == "blocked") { localdomainFilter = true } } @@ -356,13 +356,13 @@ set: function (newValue) { newTemplateSettings = JSON.parse(this.allSetting.xrayTemplateConfig); if (newValue){ - newTemplateSettings.routing.rules.push(JSON.parse("{\"outboundTag\": \"blocked\",\"domain\": [\"regexp:.+.ir$\", \"ext:iran.dat:ir\"],\"type\": \"field\"}")) + newTemplateSettings.routing.rules.push(JSON.parse("{\"outboundTag\": \"blocked\",\"domain\": [\"regexp:.+.ir$\", \"ext:iran.dat:ir\", \"ext:iran.dat:other\"],\"type\": \"field\"}")) } else { newTemplateSettings.routing.rules = []; this.templateSettings.routing.rules.forEach(routingRule => { if (routingRule.hasOwnProperty('domain')){ - if (routingRule.domain[0] === "regexp:.+.ir$" && routingRule.outboundTag == "blocked"){ + if ((routingRule.domain[0] === "regexp:.+.ir$" || routingRule.domain[0] === "ext:iran.dat:ir" || routingRule.domain[0] === "ext:iran.dat:other") && routingRule.outboundTag == "blocked"){ return; } } From 2dd203e174ce207bdd6700eb956ea6cf7baada0d Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Mon, 3 Apr 2023 19:21:37 +0330 Subject: [PATCH 05/13] improve base packages required because the error for fedora --- install.sh | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/install.sh b/install.sh index 0d548e0d..ffaeb370 100644 --- a/install.sh +++ b/install.sh @@ -66,14 +66,33 @@ else echo -e "${red}Failed to check the OS version, please contact the author!${plain}" && exit 1 fi - +# This function installs the base packages required for most scripts install_base() { - if [[ "${release}" == "centos" ]]; then - yum install wget curl tar -y + # Store the package names in a variable for easy modification + local packages="wget curl tar" + + # Check for the package managers and install the packages if they are not already installed + if ! command -v wget >/dev/null 2>&1 || ! command -v curl >/dev/null 2>&1 || ! command -v tar >/dev/null 2>&1; then + if command -v apt >/dev/null 2>&1; then + apt-get update && apt-get install -y $packages + elif command -v dnf >/dev/null 2>&1; then + dnf install -y $packages + elif command -v yum >/dev/null 2>&1; then + yum install -y $packages + else + echo "ERROR: No package managers found. Please install wget, curl, and tar manually." + return 1 + fi + + # Print a confirmation message after the installation is complete + echo "The following packages have been successfully installed: $packages" else - apt install wget curl tar -y + # Print a message confirming that the packages are already installed + echo "The following packages are already installed: $packages" fi } + + #This function will be called when user installed x-ui out of sercurity config_after_install() { echo -e "${yellow}Install/update finished! For security it's recommended to modify panel settings ${plain}" From 7c980343f1f25dd66c7a7081b37ded5ff1be48be Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Mon, 3 Apr 2023 19:22:23 +0330 Subject: [PATCH 06/13] new option - speedtest + google recaptcha --- x-ui.sh | 57 ++++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 42 insertions(+), 15 deletions(-) diff --git a/x-ui.sh b/x-ui.sh index ebda157c..4ab64c3c 100644 --- a/x-ui.sh +++ b/x-ui.sh @@ -677,20 +677,20 @@ ssl_cert_issue_by_cloudflare() { LOGE "issue cert failed,exit" rm -rf ~/.acme.sh/${CF_Domain} exit 1 - else - LOGI "Certificate issued Successfully, Installing..." - fi - ~/.acme.sh/acme.sh --installcert -d ${CF_Domain} -d *.${CF_Domain} \ - --key-file /root/cert/${CF_Domain}/privkey.pem \ - --fullchain-file /root/cert/${CF_Domain}/fullchain.pem + else + LOGI "Certificate issued Successfully, Installing..." + fi + ~/.acme.sh/acme.sh --installcert -d ${CF_Domain} -d *.${CF_Domain} \ + --key-file /root/cert/${CF_Domain}/privkey.pem \ + --fullchain-file /root/cert/${CF_Domain}/fullchain.pem - if [ $? -ne 0 ]; then - LOGE "install cert failed,exit" - rm -rf ~/.acme.sh/${CF_Domain} - exit 1 - else - LOGI "Certificate installed Successfully,Turning on automatic updates..." - fi + if [ $? -ne 0 ]; then + LOGE "install cert failed,exit" + rm -rf ~/.acme.sh/${CF_Domain} + exit 1 + else + LOGI "Certificate installed Successfully,Turning on automatic updates..." + fi ~/.acme.sh/acme.sh --upgrade --auto-upgrade if [ $? -ne 0 ]; then LOGE "auto renew failed, certs details:" @@ -706,6 +706,25 @@ ssl_cert_issue_by_cloudflare() { show_menu fi } +google_recaptcha() { + curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/install_kernel.sh && chmod +x ./install_kernel.sh && ./install_kernel.sh + echo "" + before_show_menu +} + +run_speedtest() { + # Check if Speedtest is already installed + if ! command -v speedtest &> /dev/null; then + # If not installed, install it + sudo apt-get update && sudo apt-get install -y curl + curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash + sudo apt-get install -y speedtest + fi + + # Run Speedtest + speedtest +} + show_usage() { echo "x-ui control menu usages: " @@ -751,9 +770,11 @@ show_menu() { ${green}16.${plain} Apply for an SSL Certificate ${green}17.${plain} Update Geo Files ${green}18.${plain} Active Firewall and open ports + ${green}19.${plain} Fixing Google reCAPTCHA + ${green}20.${plain} Speedtest by Ookla " show_status - echo && read -p "Please enter your selection [0-18]: " num + echo && read -p "Please enter your selection [0-20]: " num case "${num}" in 0) @@ -813,8 +834,14 @@ show_menu() { 18) open_ports ;; + 19) + google_recaptcha + ;; + 20) + run_speedtest + ;; *) - LOGE "Please enter the correct number [0-18]" + LOGE "Please enter the correct number [0-20]" ;; esac } From 472694a611d4458fdb01c6d5abad77134720152a Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Mon, 3 Apr 2023 19:55:30 +0330 Subject: [PATCH 07/13] Add favicon --- web/assets/favicon.ico | Bin 0 -> 15406 bytes web/web.go | 3 +++ 2 files changed, 3 insertions(+) create mode 100644 web/assets/favicon.ico diff --git a/web/assets/favicon.ico b/web/assets/favicon.ico new file mode 100644 index 0000000000000000000000000000000000000000..99b108abfc30fec23bb4f07fb076b114f7cff457 GIT binary patch literal 15406 zcmeI23DB0)7r@^Zr7ZPPviB8bZB$a0RJKNz8OAWOO(ZfHl9YXvQluD5`6v4}#+Gd| zwh^LHh%m)WrA4VoB}#Sw=XZP0o%7u1dA`2)>rG=gGv|HpbMM)n=iYnnx#!+Op;ngAa{8twG)-4n|77B&R%8k$aR}>15NL|~u#rD>P!sMof!u~=dEW)v|UjC{J?SycQ z;7q|aMWjp}ZF$f@8vZA^LD1zOZO}k#f#*qrd3CpTlp3FkyXbdzC!TnsyZ!dtU86>g96SpaEb#oI!}HFaJJ#zR3s4JrO zkv_ZQjyujxnKH%Og8k5)eDcZunV%z%JTlNqoAz(0yWoNg-1_zFJ^dMHoZ;)+w{IW# zTeN5qXp8*V;JSD3?gkGY?Co#XteN}emtWlb@4xS9hYcI%ZU6JnKi#$0UTgVvTzOuU zv}@PSe?Q)z_dxa!Km6dHfBt#*_S!!jJ9fmj|Ip3e*N{=?#Ca0bl6Nk^zPl;ee}^sZjU|o@Z*Q_nP;8}zm6aH zH+TH13}n`1{=l!GV^YTkeXQTPs`;z@CH>=PDh0a<;-AU@jYLLI!Eu691(yo0DKy>A2N|$6=36*(5*HhJMTNtM~QFVym@nX-+lMFZ@>N4`yTvepFVxO z9~4?IbKiaUbz{bi3Ap|C+p8`Yw>50okT!H=jR(d_;O)_)hg-2?Mey&o@WBTkcz+K4 zw%cy&R<2wbnom0Eq#$F!fB~U?`t<3cUii>ufq4?f`F{KD=T@y+6?n4>6DCXu@>l~D zMvWR3>L*T|sMYSa+inZ>MO}7oGFLd!;_ZoBOk#@S4k3Q-?{`g~k zbX~f133QQuT}u+}%oD|0wQ7Yn<`yxe0Qc1K#fvY#*nRlnhpO8DM=_gw@4fdD?L3ShKRzYT=tDPaXjL>Ry~us-wbxQS z#MCjIa>^+wI-^h5@2Y4V{w4D#w&;G=!coH<@SK0x8!ci#;( zu^xFwH*+A+;A1Sr^N%%1VeHtkf$xYTj?ik~U-ReB_s{H|@JCjMDQmnI+AAt5f*cC* z+_m$cd9JeXF$&jTf4$!u>GS26Umoa`zWA@PV#5Fa@y8#^>V^*=9(Wr!ZtNB>UYu&H zUAwl^_oWeE&z?bH(xgd2hS9J7SE~G45NNEArN1A0>@mORBo44}^wCFq9y{*wJ&XnR zi|T`rkueW+{Xu_X{XOu&1Ksbx|87;K%GfA;9v^t%fzbZ=lf;UkG0;e zzw+o~fdkwg!-Z`bXrKoUyNJ!d!K&# zsbBk9^k@=%-EnBt>^^7Ctw6x{LU)ZuW<4^PhTQmONXu-zskcfq) zA$->wl#!JecdO3$pYbqKFvO)&F4cyb?!T-p%oFBn@KM#U16p|EIVM##28|UpW@6pc z^_#M;CF)aatmxmwNS;Jew1r-RWy+I?q!iSanhL>|f;|L>3cevYQ*gQ9`XW-Mjy7nZ zg@=?eGX8Fm47T@21LS{#-~z!?=O8@rB7-~^GXD-}E=nE|oF}+BK1AOa8OUN@BYR6g zEfLyOu)p96LDgOEe`KShi6A=51zknZM8R@=?@hfkI?#pA%>}+eAHhX}Rpog%WmBo` z=t3vDYuXR>g}0yJD#23qmx~_V*nlmi0PhUnGQo1$Qd2qDfGwr;1O2u&zkB?y*n&-) z0^YH!AY(6<;n)MR@4V-pdwd>;vln81&cQfy+F^$sQattR*Y`Ou_FamnpMJWdKGwlr zNNM!HZQHgQ*JBg5Rn-spNalWGuCf=w?iXKt(b+v@*n~)doGSa)0}ePKVHde2@@X*~ zd+f0ZI??Iwy6dh48F{B0Zn#17OxT2NO$74*-<$H0haY~pKU1^$gM^~u1AF?JGiN5= zfj#F{S6vnIkjiKCm!i}6$JD7)wb}nKS+c~PaKZ`pJ+TcNv!JXZeL?Oit54RfS>tZK^;X?iy6v{x&hJ%~mw(Pn8QZG!oO8}e<@N8s|NhXfbj5#S z4I3}DmuF&-1U-51_`6{*dv4CJ8SCuJIjfFg+O%nI_uY37@@~HQ<^&13aL%65$+XtFLx^OADMWA9T<`!7kzRzQ^X~p(n?}**@(ccL_8P zOgpwRU$Gs(M&8uIY{|_tca%T+$5w2{_6orXf(hDfw%NwrefQl~q%Y$;V_Ke{dg`eZ zEqO&tJ9+Zt1P$jXJMX-+tE{XHIYuS8J^Wwn=A58dGt0yWCmFG92x}cMM9BZ$|tU1N_ zjlV1NmpeXIHgdSPV{`4?TVdT(zz_85)hoegWkh9cXJ1`idQaD&K?Aq<-h2CbhmXTo z#*jA#ICsJ3JYcPi{aY3GX`Y}Y`?2}+&p-D*!=4eVP0YVrZn?$b!(!d!UWqaCfIB}~ ze6gJ3v*tKbdUEJJ9sYvYBoA2k>7Ohaj6cra^5C+|F3aT0k|lMTpDBgM5j%4Jm_5JhwbB-)*FM0lQCWej6 zmMu%f1o}*UzPsMyW&zjTAq-PA^LoM2IL7D#M{3DLNu#tNz zv0nC7%a<>O&W5&Xh zPd@4FeIY9&Dr+8?SSX<@&wlPJ#I!tT#XlEbcwvH;m`v}pU@vPlcOBSYS|CPmk-T@B zkWow-yw_fP`SJeSZ@-0CV0^{A zR#&l%%@u;|0oV(q_AlI>wR;W}Fkab<2z@~ACtLl{@onu~VNJE?snC#@Am_rG%%0A| ztFOKqvX_T4YN^pX`D%De|>>9PNVAl|>@e_wdvg}_T8&W&7h$t9_~ zDE<5QPuOGZBiCT}@ABw#5~=(Nu`#)VQh?luy;snxRVz1J_Olka*Up_XwTXMz?8hu{ zpF3j>%*vl&KaiQf!f&u1S-)-dXc?c+U5a>qkY|YFRPF+bzJS~dkVQ;@?7stu zJ=zHpw-Uz^iV5@wA{{zZLwD|x4 literal 0 HcmV?d00001 diff --git a/web/web.go b/web/web.go index 1c692598..b38cb3cd 100644 --- a/web/web.go +++ b/web/web.go @@ -156,6 +156,9 @@ func (s *Server) initRouter() (*gin.Engine, error) { } engine := gin.Default() + + // Add favicon + engine.StaticFile("/favicon.ico", "web/assets/favicon.ico") secret, err := s.settingService.GetSecret() if err != nil { From 8ba46a99baed9d6c7475076e2bf79e757929b241 Mon Sep 17 00:00:00 2001 From: Ho3ein Date: Mon, 3 Apr 2023 19:57:36 +0330 Subject: [PATCH 08/13] v1.1.4 --- config/version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/version b/config/version index 781dcb07..65087b4f 100644 --- a/config/version +++ b/config/version @@ -1 +1 @@ -1.1.3 +1.1.4 From a784a9480691aa4671a07e3bbfc65909713f04a3 Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Mon, 3 Apr 2023 23:19:55 +0330 Subject: [PATCH 09/13] fixed login view - mobile --- web/html/login.html | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/web/html/login.html b/web/html/login.html index 5138f15e..4218793c 100644 --- a/web/html/login.html +++ b/web/html/login.html @@ -63,25 +63,21 @@ - Language : + Language : - + - +    - - - - From 56850165a45184ac2617265be9642b108a8bd5d2 Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Mon, 3 Apr 2023 23:27:55 +0330 Subject: [PATCH 10/13] update example files --- media/enable-traffic+block-IR-IP.txt | 20 +++++++++++++------- media/enable-traffic+block-IR-domain.txt | 10 ++++++---- media/enable-traffic.txt | 5 +++-- 3 files changed, 22 insertions(+), 13 deletions(-) diff --git a/media/enable-traffic+block-IR-IP.txt b/media/enable-traffic+block-IR-IP.txt index b1a1178f..919bef03 100644 --- a/media/enable-traffic+block-IR-IP.txt +++ b/media/enable-traffic+block-IR-IP.txt @@ -1,6 +1,6 @@ { "log": { - "loglevel": "warning", + "loglevel": "warning", "access": "./access.log" }, "api": { @@ -56,17 +56,23 @@ "type": "field" }, { - "ip": [ - "geoip:private", - "geoip:ir" - ], "outboundTag": "blocked", + "protocol": [ + "bittorrent" + ], "type": "field" }, { "outboundTag": "blocked", - "protocol": [ - "bittorrent" + "ip": [ + "geoip:private" + ], + "type": "field" + }, + { + "outboundTag": "blocked", + "ip": [ + "geoip:ir" ], "type": "field" } diff --git a/media/enable-traffic+block-IR-domain.txt b/media/enable-traffic+block-IR-domain.txt index efd548c0..044fed87 100644 --- a/media/enable-traffic+block-IR-domain.txt +++ b/media/enable-traffic+block-IR-domain.txt @@ -55,8 +55,8 @@ "type": "field" }, { - "domain": [ - "regexp:.+.ir$" + "ip": [ + "geoip:private" ], "outboundTag": "blocked", "type": "field" @@ -70,8 +70,10 @@ }, { "outboundTag": "blocked", - "ip": [ - "geoip:private" + "domain": [ + "regexp:.+.ir$", + "ext:iran.dat:ir", + "ext:iran.dat:other" ], "type": "field" } diff --git a/media/enable-traffic.txt b/media/enable-traffic.txt index 0acbd3aa..34e2038f 100644 --- a/media/enable-traffic.txt +++ b/media/enable-traffic.txt @@ -1,6 +1,6 @@ { "log": { - "loglevel": "warning", + "loglevel": "warning", "access": "./access.log" }, "api": { @@ -46,6 +46,7 @@ } }, "routing": { + "domainStrategy": "IPIfNonMatch", "rules": [ { "inboundTag": [ @@ -55,10 +56,10 @@ "type": "field" }, { + "outboundTag": "blocked", "ip": [ "geoip:private" ], - "outboundTag": "blocked", "type": "field" }, { From 72f868506df4d8af7dce7d144ed1559cf27ba8dc Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Mon, 3 Apr 2023 23:28:26 +0330 Subject: [PATCH 11/13] IPIfNonMatch --- web/service/config.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/service/config.json b/web/service/config.json index 5370fcf4..34e2038f 100644 --- a/web/service/config.json +++ b/web/service/config.json @@ -1,9 +1,8 @@ { "log": { - "loglevel": "warning", + "loglevel": "warning", "access": "./access.log" }, - "api": { "services": [ "HandlerService", @@ -47,6 +46,7 @@ } }, "routing": { + "domainStrategy": "IPIfNonMatch", "rules": [ { "inboundTag": [ @@ -56,10 +56,10 @@ "type": "field" }, { + "outboundTag": "blocked", "ip": [ "geoip:private" ], - "outboundTag": "blocked", "type": "field" }, { @@ -72,4 +72,4 @@ ] }, "stats": {} -} +} \ No newline at end of file From 91ebe7008d6e77f3443d9e2d6d2dbe8d88d12d67 Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Mon, 3 Apr 2023 23:46:06 +0330 Subject: [PATCH 12/13] example file domainStrategy just forget domainStrategy here :D --- media/enable-traffic+block-IR-domain.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/media/enable-traffic+block-IR-domain.txt b/media/enable-traffic+block-IR-domain.txt index 044fed87..4fcf3ee7 100644 --- a/media/enable-traffic+block-IR-domain.txt +++ b/media/enable-traffic+block-IR-domain.txt @@ -46,6 +46,7 @@ } }, "routing": { + "domainStrategy": "IPIfNonMatch", "rules": [ { "inboundTag": [ From 0e5de1aec8f3b090fce14638d7e0030ff7b7f40f Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Tue, 4 Apr 2023 00:00:29 +0330 Subject: [PATCH 13/13] speedtest install option --- x-ui.sh | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/x-ui.sh b/x-ui.sh index 4ab64c3c..b2a1f8fa 100644 --- a/x-ui.sh +++ b/x-ui.sh @@ -716,9 +716,26 @@ run_speedtest() { # Check if Speedtest is already installed if ! command -v speedtest &> /dev/null; then # If not installed, install it - sudo apt-get update && sudo apt-get install -y curl - curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash - sudo apt-get install -y speedtest + if command -v dnf &> /dev/null; then + sudo dnf install -y curl + curl -s https://install.speedtest.net/app/cli/install.rpm.sh | sudo bash + sudo dnf install -y speedtest + elif command -v yum &> /dev/null; then + sudo yum install -y curl + curl -s https://install.speedtest.net/app/cli/install.rpm.sh | sudo bash + sudo yum install -y speedtest + elif command -v apt-get &> /dev/null; then + sudo apt-get update && sudo apt-get install -y curl + curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash + sudo apt-get install -y speedtest + elif command -v apt &> /dev/null; then + sudo apt update && sudo apt install -y curl + curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash + sudo apt install -y speedtest + else + echo "Error: Package manager not found. You may need to install Speedtest manually." + return 1 + fi fi # Run Speedtest @@ -726,6 +743,7 @@ run_speedtest() { } + show_usage() { echo "x-ui control menu usages: " echo "------------------------------------------"