Add -u parameter (#4)

This commit is contained in:
kirin10000 2020-12-19 16:52:52 +08:00 committed by GitHub
parent b682380819
commit a6d8b49f2a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -45,8 +45,8 @@ systemd_cat_config() {
} }
check_if_running_as_root() { check_if_running_as_root() {
# If you want to run as another user, please modify $UID to be owned by this user # If you want to run as another user, please modify $EUID to be owned by this user
if [[ "$UID" -ne '0' ]]; then if [[ "$EUID" -ne '0' ]]; then
echo "error: You must run this script as root!" echo "error: You must run this script as root!"
exit 1 exit 1
fi fi
@ -185,6 +185,13 @@ judgment_parameters() {
PROXY="$2" PROXY="$2"
shift shift
;; ;;
'-u' | '--install-user')
if [[ -z "${2:?error: Please specify the install user.}" ]]; then
exit 1
fi
INSTALL_USER="$2"
break
;;
*) *)
echo "$0: unknown option -- -" echo "$0: unknown option -- -"
exit 1 exit 1
@ -194,6 +201,25 @@ judgment_parameters() {
done done
} }
check_install_user() {
if [[ -z "$INSTALL_USER" ]]; then
if [[ -f '/usr/local/bin/xray' ]]; then
INSTALL_USER="$(grep '^[ '$'\t]*User[ '$'\t]*=' /etc/systemd/system/xray.service | tail -n 1 | awk -F = '{print $2}' | awk '{print $1}')"
if [[ -z "$INSTALL_USER" ]]; then
INSTALL_USER='root'
fi
else
INSTALL_USER='nobody'
fi
fi
if ! id $INSTALL_USER 2&>1 >/dev/null; then
echo "the user '$INSTALL_USER' is not effective"
exit 1
fi
INSTALL_USER_UID="$(id -u $INSTALL_USER)"
INSTALL_USER_GID="$(id -g $INSTALL_USER)"
}
install_software() { install_software() {
package_name="$1" package_name="$1"
file_to_detect="$2" file_to_detect="$2"
@ -343,50 +369,50 @@ install_xray() {
# Used to store Xray log files # Used to store Xray log files
if [[ ! -d '/var/log/xray/' ]]; then if [[ ! -d '/var/log/xray/' ]]; then
if id nobody | grep -qw 'nogroup'; then install -d -m 700 -o $INSTALL_USER_UID -g $INSTALL_USER_GID /var/log/xray/
install -d -m 700 -o nobody -g nogroup /var/log/xray/ install -m 600 -o $INSTALL_USER_UID -g $INSTALL_USER_GID /dev/null /var/log/xray/access.log
install -m 600 -o nobody -g nogroup /dev/null /var/log/xray/access.log install -m 600 -o $INSTALL_USER_UID -g $INSTALL_USER_GID /dev/null /var/log/xray/error.log
install -m 600 -o nobody -g nogroup /dev/null /var/log/xray/error.log
else
install -d -m 700 -o nobody -g nobody /var/log/xray/
install -m 600 -o nobody -g nobody /dev/null /var/log/xray/access.log
install -m 600 -o nobody -g nobody /dev/null /var/log/xray/error.log
fi
LOG='1' LOG='1'
else
chown -R $INSTALL_USER_UID:$INSTALL_USER_GID /var/log/xray/
fi fi
} }
install_startup_service_file() { install_startup_service_file() {
mkdir -p '/etc/systemd/system/xray.service.d' mkdir -p '/etc/systemd/system/xray.service.d'
mkdir -p '/etc/systemd/system/xray@.service.d/' mkdir -p '/etc/systemd/system/xray@.service.d/'
echo '[Unit] cat > /etc/systemd/system/xray.service << EOF
[Unit]
Description=Xray Service Description=Xray Service
Documentation=https://github.com/xtls Documentation=https://github.com/xtls
After=network.target nss-lookup.target After=network.target nss-lookup.target
[Service] [Service]
User=nobody User=$INSTALL_USER
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
NoNewPrivileges=true NoNewPrivileges=true
ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/config.json ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/config.json
[Install] [Install]
WantedBy=multi-user.target' > /etc/systemd/system/xray.service WantedBy=multi-user.target
echo '[Unit] EOF
cat > /etc/systemd/system/xray@.service <<EOF
[Unit]
Description=Xray Service Description=Xray Service
Documentation=https://github.com/xtls Documentation=https://github.com/xtls
After=network.target nss-lookup.target After=network.target nss-lookup.target
[Service] [Service]
User=nobody User=$INSTALL_USER
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
NoNewPrivileges=true NoNewPrivileges=true
ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/%i.json ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/%i.json
[Install] [Install]
WantedBy=multi-user.target' > /etc/systemd/system/xray@.service WantedBy=multi-user.target
EOF
if [[ -n "$JSONS_PATH" ]]; then if [[ -n "$JSONS_PATH" ]]; then
"rm" '/etc/systemd/system/xray.service.d/10-donot_touch_single_conf.conf' \ "rm" '/etc/systemd/system/xray.service.d/10-donot_touch_single_conf.conf' \
'/etc/systemd/system/xray@.service.d/10-donot_touch_single_conf.conf' '/etc/systemd/system/xray@.service.d/10-donot_touch_single_conf.conf'
@ -516,6 +542,7 @@ show_help() {
echo ' -h, --help Show help' echo ' -h, --help Show help'
echo ' -l, --local Install Xray from a local file' echo ' -l, --local Install Xray from a local file'
echo ' -p, --proxy Download through a proxy server, e.g., -p http://127.0.0.1:8118 or -p socks5://127.0.0.1:1080' echo ' -p, --proxy Download through a proxy server, e.g., -p http://127.0.0.1:8118 or -p socks5://127.0.0.1:1080'
echo ' -u, --install-user Install Xray in specified user, e.g, -u root'
exit 0 exit 0
} }
@ -523,6 +550,7 @@ main() {
check_if_running_as_root check_if_running_as_root
identify_the_operating_system_and_architecture identify_the_operating_system_and_architecture
judgment_parameters "$@" judgment_parameters "$@"
check_install_user
install_software "$package_provide_tput" 'tput' install_software "$package_provide_tput" 'tput'
red=$(tput setaf 1) red=$(tput setaf 1)