admin/vps-management-bot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename to hkt.sh

Browse Source
This commit is contained in:
mango
2026-03-21 01:10:53 +08:00
parent 76a263d0f9
commit 8f1171fe99
6676 changed files with 1724268 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

202
projects/vps/bbr-blast-smooth-en.sh Normal file
View File

@@ -0,0 +1,202 @@
#!/bin/bash
# BBR Blast Smooth v2 - Auto-detect OS/Memory Smart Tuning
# Supports Debian 11/12/13, Ubuntu 20.04/22.04/24.04
# Auto-adjust buffer size based on memory
set -e
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
echo -e "${BLUE}========================================${NC}"
echo -e "${BLUE} BBR Blast Smooth v2 Smart Tuning${NC}"
echo -e "${BLUE}========================================${NC}"
echo ""
# Detect OS
detect_os() {
if [ -f /etc/os-release ]; then
. /etc/os-release
OS=$ID
VER=$VERSION_ID
else
echo -e "${RED}[X] Cannot detect OS${NC}"
exit 1
fi
case "$OS" in
debian)
if [[ "$VER" =~ ^(11|12|13)$ ]]; then
echo -e "${GREEN}[OK] Detected Debian $VER${NC}"
else
echo -e "${RED}[X] Only Debian 11/12/13 supported${NC}"
exit 1
fi
;;
ubuntu)
if [[ "$VER" =~ ^(20.04|22.04|24.04)$ ]]; then
echo -e "${GREEN}[OK] Detected Ubuntu $VER${NC}"
else
echo -e "${RED}[X] Only Ubuntu 20.04/22.04/24.04 supported${NC}"
exit 1
fi
;;
*)
echo -e "${RED}[X] Unsupported OS: $OS${NC}"
exit 1
;;
esac
}
# Detect memory and set params
detect_memory() {
TOTAL_MEM=$(free -m | awk '/^Mem:/{print $2}')
echo -e "${GREEN}[OK] Memory: ${TOTAL_MEM}MB${NC}"
if [ "$TOTAL_MEM" -lt 512 ]; then
PROFILE="micro"
RMEM_MAX=8388608
WMEM_MAX=8388608
TCP_RMEM="4096 32768 8388608"
TCP_WMEM="4096 32768 8388608"
echo -e "${YELLOW}-> Using Micro profile (8MB buffer)${NC}"
elif [ "$TOTAL_MEM" -lt 1024 ]; then
PROFILE="small"
RMEM_MAX=16777216
WMEM_MAX=16777216
TCP_RMEM="4096 65536 16777216"
TCP_WMEM="4096 65536 16777216"
echo -e "${YELLOW}-> Using Small profile (16MB buffer)${NC}"
elif [ "$TOTAL_MEM" -lt 2048 ]; then
PROFILE="medium"
RMEM_MAX=33554432
WMEM_MAX=33554432
TCP_RMEM="4096 87380 33554432"
TCP_WMEM="4096 65536 33554432"
echo -e "${YELLOW}-> Using Medium profile (32MB buffer)${NC}"
elif [ "$TOTAL_MEM" -lt 4096 ]; then
PROFILE="large"
RMEM_MAX=67108864
WMEM_MAX=67108864
TCP_RMEM="4096 87380 67108864"
TCP_WMEM="4096 65536 67108864"
echo -e "${YELLOW}-> Using Large profile (64MB buffer)${NC}"
else
PROFILE="xlarge"
RMEM_MAX=134217728
WMEM_MAX=134217728
TCP_RMEM="4096 87380 134217728"
TCP_WMEM="4096 65536 134217728"
echo -e "${YELLOW}-> Using XLarge profile (128MB buffer)${NC}"
fi
}
# Enable BBR
enable_bbr() {
echo ""
echo -e "${BLUE}==> Enabling BBR${NC}"
modprobe tcp_bbr 2>/dev/null || true
echo "tcp_bbr" > /etc/modules-load.d/bbr.conf
echo -e "${GREEN}[OK] BBR module loaded${NC}"
}
# Backup config
backup_config() {
if [ -f /etc/sysctl.conf ]; then
cp /etc/sysctl.conf /etc/sysctl.conf.bak.$(date +%Y%m%d%H%M%S)
echo -e "${GREEN}[OK] Config backed up${NC}"
fi
}
# Apply config
apply_config() {
echo ""
echo -e "${BLUE}==> Writing config (Profile: $PROFILE)${NC}"
sed -i '/# === BBR Blast Smooth/,/# === END BBR/d' /etc/sysctl.conf 2>/dev/null || true
cat >> /etc/sysctl.conf <<SYSCTL
# === BBR Blast Smooth v2 (Profile: $PROFILE) ===
# OS: $OS $VER | Memory: ${TOTAL_MEM}MB
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
net.core.rmem_max=$RMEM_MAX
net.core.wmem_max=$WMEM_MAX
net.ipv4.tcp_rmem=$TCP_RMEM
net.ipv4.tcp_wmem=$TCP_WMEM
net.ipv4.tcp_fin_timeout=8
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_timestamps=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_no_metrics_save=1
net.core.somaxconn=65535
net.ipv4.tcp_max_syn_backlog=65535
net.ipv4.tcp_fastopen=3
# === END BBR ===
SYSCTL
echo -e "${GREEN}[OK] Config written${NC}"
}
# Reload config
reload_config() {
echo ""
echo -e "${BLUE}==> Applying config${NC}"
sysctl -p >/dev/null 2>&1
echo -e "${GREEN}[OK] Config applied${NC}"
}
# Verify
verify() {
echo ""
echo -e "${BLUE}==> Verifying${NC}"
CC=$(sysctl -n net.ipv4.tcp_congestion_control 2>/dev/null)
QDISC=$(sysctl -n net.core.default_qdisc 2>/dev/null)
if [ "$CC" = "bbr" ] && [ "$QDISC" = "fq" ]; then
echo -e "${GREEN}[OK] Congestion: $CC${NC}"
echo -e "${GREEN}[OK] Qdisc: $QDISC${NC}"
else
echo -e "${RED}[!] May need reboot${NC}"
fi
}
# Summary
summary() {
echo ""
echo -e "${BLUE}========================================${NC}"
echo -e "${GREEN}[DONE] BBR Blast Smooth v2 Complete!${NC}"
echo -e "${BLUE}========================================${NC}"
echo -e "OS: $OS $VER"
echo -e "Memory: ${TOTAL_MEM}MB"
echo -e "Profile: $PROFILE"
echo -e "Buffer: $(($RMEM_MAX/1024/1024))MB"
echo ""
}
# Main
main() {
detect_os
detect_memory
enable_bbr
backup_config
apply_config
reload_config
verify
summary
}
main

196
projects/vps/bbr-blast-smooth-v2.sh Normal file
View File

@@ -0,0 +1,196 @@
#!/bin/bash
# BBR Blast Smooth v2 - 自动识别系统/内存智能调优版
# 支持 Debian 11/12/13, Ubuntu 20.04/22.04/24.04
# 根据内存大小自动调整缓冲区参数 🚀
set -e
# 颜色输出
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
echo -e "${BLUE}========================================${NC}"
echo -e "${BLUE} BBR Blast Smooth v2 智能调优版${NC}"
echo -e "${BLUE}========================================${NC}"
echo ""
# 检测系统
detect_os() {
if [ -f /etc/os-release ]; then
. /etc/os-release
OS=$ID
VER=$VERSION_ID
else
echo -e "${RED}❌ 无法识别系统${NC}"
exit 1
fi
case "$OS" in
debian)
if [[ "$VER" =~ ^(11|12|13)$ ]]; then
echo -e "${GREEN}✓ 检测到 Debian $VER${NC}"
else
echo -e "${RED}❌ 仅支持 Debian 11/12/13${NC}"
exit 1
fi
;;
ubuntu)
if [[ "$VER" =~ ^(20.04|22.04|24.04)$ ]]; then
echo -e "${GREEN}✓ 检测到 Ubuntu $VER${NC}"
else
echo -e "${RED}❌ 仅支持 Ubuntu 20.04/22.04/24.04${NC}"
exit 1
fi
;;
*)
echo -e "${RED}❌ 不支持的系统: $OS${NC}"
exit 1
;;
esac
}
# 检测内存并设置参数
detect_memory() {
# 获取总内存 (MB)
TOTAL_MEM=$(free -m | awk '/^Mem:/{print $2}')
echo -e "${GREEN}✓ 检测到内存: ${TOTAL_MEM}MB${NC}"
# 缓冲区 = 内存的 1/8最小 8MB最大 256MB
BUF_MB=$(( TOTAL_MEM / 8 ))
[ "$BUF_MB" -lt 8 ] && BUF_MB=8
[ "$BUF_MB" -gt 256 ] && BUF_MB=256
BUF_BYTES=$(( BUF_MB * 1024 * 1024 ))
if [ "$TOTAL_MEM" -lt 512 ]; then
PROFILE="micro"
echo -e "${YELLOW}→ 使用 Micro 配置 (极小内存优化)${NC}"
elif [ "$TOTAL_MEM" -lt 1024 ]; then
PROFILE="small"
echo -e "${YELLOW}→ 使用 Small 配置 (小内存优化)${NC}"
elif [ "$TOTAL_MEM" -lt 2048 ]; then
PROFILE="medium"
echo -e "${YELLOW}→ 使用 Medium 配置 (中等内存)${NC}"
elif [ "$TOTAL_MEM" -lt 4096 ]; then
PROFILE="large"
echo -e "${YELLOW}→ 使用 Large 配置 (大内存)${NC}"
else
PROFILE="xlarge"
echo -e "${YELLOW}→ 使用 XLarge 配置 (超大内存)${NC}"
fi
RMEM_MAX=$BUF_BYTES
WMEM_MAX=$BUF_BYTES
TCP_RMEM="4096 87380 $BUF_BYTES"
TCP_WMEM="4096 65536 $BUF_BYTES"
echo -e "${YELLOW}→ 缓冲区: ${BUF_MB}MB${NC}"
}
# 启用 BBR
enable_bbr() {
echo ""
echo -e "${BLUE}==> 启用 BBR${NC}"
modprobe tcp_bbr 2>/dev/null || true
echo "tcp_bbr" > /etc/modules-load.d/bbr.conf
echo -e "${GREEN}✓ BBR 模块已加载${NC}"
}
# 备份原配置
backup_config() {
if [ -f /etc/sysctl.conf ]; then
cp /etc/sysctl.conf /etc/sysctl.conf.bak.$(date +%Y%m%d%H%M%S)
echo -e "${GREEN}✓ 已备份原配置${NC}"
fi
}
# 写入优化参数
apply_config() {
echo ""
echo -e "${BLUE}==> 写入优化参数 (Profile: $PROFILE)${NC}"
# 移除旧的 BBR 配置
sed -i '/# === BBR Blast Smooth/,/# === END BBR/d' /etc/sysctl.conf 2>/dev/null || true
cat >> /etc/sysctl.conf <<SYSCTL
# === BBR Blast Smooth v2 (Profile: $PROFILE) ===
# 系统: $OS $VER | 内存: ${TOTAL_MEM}MB | 缓冲: ${BUF_MB}MB
# 生成时间: $(date '+%Y-%m-%d %H:%M:%S')
# BBR 拥塞控制
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
# 缓冲区 (内存/8 自动计算)
net.core.rmem_max=$RMEM_MAX
net.core.wmem_max=$WMEM_MAX
net.ipv4.tcp_rmem=$TCP_RMEM
net.ipv4.tcp_wmem=$TCP_WMEM
# 短连接 & 延迟优化
net.ipv4.tcp_fin_timeout=8
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_timestamps=1
net.ipv4.tcp_sack=1
# 避免保存历史 RTT保持突发灵活
net.ipv4.tcp_no_metrics_save=1
# === END BBR ===
SYSCTL
echo -e "${GREEN}✓ 配置已写入${NC}"
}
# 应用配置
reload_config() {
echo ""
echo -e "${BLUE}==> 应用配置${NC}"
sysctl -p >/dev/null 2>&1
echo -e "${GREEN}✓ 配置已生效${NC}"
}
# 验证结果
verify() {
echo ""
echo -e "${BLUE}==> 验证配置${NC}"
CC=$(sysctl -n net.ipv4.tcp_congestion_control 2>/dev/null)
QDISC=$(sysctl -n net.core.default_qdisc 2>/dev/null)
if [ "$CC" = "bbr" ] && [ "$QDISC" = "fq" ]; then
echo -e "${GREEN}✓ 拥塞控制: $CC${NC}"
echo -e "${GREEN}✓ 队列算法: $QDISC${NC}"
else
echo -e "${RED}⚠ 配置可能未完全生效,建议重启${NC}"
fi
}
# 显示摘要
summary() {
echo ""
echo -e "${BLUE}========================================${NC}"
echo -e "${GREEN}✅ BBR Blast Smooth v2 配置完成!${NC}"
echo -e "${BLUE}========================================${NC}"
echo -e "系统: $OS $VER"
echo -e "内存: ${TOTAL_MEM}MB"
echo -e "配置: $PROFILE"
echo -e "缓冲: $(($RMEM_MAX/1024/1024))MB"
echo ""
}
# 主流程
main() {
detect_os
detect_memory
enable_bbr
backup_config
apply_config
reload_config
verify
summary
}
main

44
projects/vps/bbr-blast-smooth.sh Normal file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
# BBR Blast Smooth - Debian 12/13 暴力平滑版
# 兼顾突发性能与稳定性 🚀
set -e
# 检查系统版本
if ! grep -q "Debian GNU/Linux 1[23]" /etc/os-release; then
echo "❌ 本脚本仅支持 Debian 12/13"
exit 1
fi
echo "==> 启用 BBR v1 (更稳定)"
modprobe tcp_bbr 2>/dev/null || true
echo "tcp_bbr" > /etc/modules-load.d/bbr.conf
echo "==> 写入 BBR 暴力平滑参数 (永久)"
cat >> /etc/sysctl.conf <<SYSCTL
# === BBR Blast Smooth (平滑暴力版) ===
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
# 大缓冲区 (64MB) - 足够跑满 1G不至于丢包卡顿
net.core.rmem_max=67108864
net.core.wmem_max=67108864
net.ipv4.tcp_rmem=4096 87380 67108864
net.ipv4.tcp_wmem=4096 65536 67108864
# 短连接 & 延迟优化
net.ipv4.tcp_fin_timeout=8
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_timestamps=1
net.ipv4.tcp_sack=1
# 避免保存历史 RTT保持突发灵活
net.ipv4.tcp_no_metrics_save=1
SYSCTL
echo "==> 应用参数"
sysctl -p
echo "✅ 系统已进入 BBR Blast Smooth 模式 (平滑暴力版)"

108
projects/vps/dd-reinstall.sh Normal file
View File

@@ -0,0 +1,108 @@
#!/bin/bash
# DD Reinstall Script - Interactive Debian 13 Reinstaller
# Author: mango082888-bit
set -e
# Colors
RED="\033[0;31m"
GREEN="\033[0;32m"
YELLOW="\033[1;33m"
BLUE="\033[0;34m"
CYAN="\033[0;36m"
NC="\033[0m"
# Default values
DEFAULT_PWD='D6g9vuLrb&Nd&gC6gqcG2EKu4'
DEFAULT_PORT="22"
DEFAULT_TIMEZONE="Asia/Hong_Kong"
DEFAULT_SWAP="1024"
clear
echo -e "${BLUE}========================================${NC}"
echo -e "${BLUE} DD Reinstall - Debian 13 Installer${NC}"
echo -e "${BLUE}========================================${NC}"
echo ""
# Get hostname
echo -e "${CYAN}[1/4] Hostname${NC}"
read -p "Enter hostname: " MYHOST
if [ -z "$MYHOST" ]; then
echo -e "${RED}[X] Hostname cannot be empty${NC}"
exit 1
fi
echo -e "${GREEN}[OK] Hostname: $MYHOST${NC}"
echo ""
# Get password
echo -e "${CYAN}[2/4] Root Password${NC}"
echo -e "${YELLOW}Default: $DEFAULT_PWD${NC}"
read -p "Enter password (press Enter for default): " MYPWD
if [ -z "$MYPWD" ]; then
MYPWD="$DEFAULT_PWD"
echo -e "${GREEN}[OK] Using default password${NC}"
else
echo -e "${GREEN}[OK] Using custom password${NC}"
fi
echo ""
# Get SSH port
echo -e "${CYAN}[3/4] SSH Port${NC}"
echo -e "${YELLOW}Default: $DEFAULT_PORT${NC}"
read -p "Enter SSH port (press Enter for default): " MYPORT
if [ -z "$MYPORT" ]; then
MYPORT="$DEFAULT_PORT"
fi
echo -e "${GREEN}[OK] SSH Port: $MYPORT${NC}"
echo ""
# Get timezone
echo -e "${CYAN}[4/4] Timezone${NC}"
echo -e "${YELLOW}Default: $DEFAULT_TIMEZONE${NC}"
read -p "Enter timezone (press Enter for default): " MYTZ
if [ -z "$MYTZ" ]; then
MYTZ="$DEFAULT_TIMEZONE"
fi
echo -e "${GREEN}[OK] Timezone: $MYTZ${NC}"
echo ""
# Summary
echo -e "${BLUE}========================================${NC}"
echo -e "${BLUE} Configuration Summary${NC}"
echo -e "${BLUE}========================================${NC}"
echo -e "System: ${GREEN}Debian 13${NC}"
echo -e "Hostname: ${GREEN}$MYHOST${NC}"
echo -e "Password: ${GREEN}(set)${NC}"
echo -e "SSH Port: ${GREEN}$MYPORT${NC}"
echo -e "Timezone: ${GREEN}$MYTZ${NC}"
echo -e "Swap: ${GREEN}${DEFAULT_SWAP}MB${NC}"
echo -e "BBR: ${GREEN}Enabled${NC}"
echo -e "${BLUE}========================================${NC}"
echo ""
# Confirm
echo -e "${RED}WARNING: This will ERASE all data!${NC}"
read -p "Continue? (y/N): " CONFIRM
if [[ ! "$CONFIRM" =~ ^[Yy]$ ]]; then
echo -e "${YELLOW}[!] Cancelled${NC}"
exit 0
fi
echo ""
echo -e "${BLUE}==> Downloading InstallNET.sh${NC}"
wget --no-check-certificate -qO InstallNET.sh 'https://raw.githubusercontent.com/leitbogioro/Tools/master/Linux_reinstall/InstallNET.sh'
chmod a+x InstallNET.sh
echo -e "${BLUE}==> Starting reinstall...${NC}"
echo -e "${YELLOW}[!] Server will reboot automatically${NC}"
echo ""
bash InstallNET.sh -debian 13 \
-port "$MYPORT" \
-pwd "$MYPWD" \
-hostname "$MYHOST" \
-timezone "$MYTZ" \
-swap "$DEFAULT_SWAP" \
--bbr
reboot

114
projects/vps/test-app-scan.sh Executable file
View File

@@ -0,0 +1,114 @@
#!/bin/bash
# 测试VPS快照脚本的应用扫描功能
# 基于 vps-snapshot.sh v3.14 的 detect_apps 函数
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
CYAN='\033[0;36m'
NC='\033[0m'
info() { echo -e "${CYAN}[INFO] $1${NC}"; }
detect_apps() {
info "🔍 扫描已安装的应用..."
echo ""
local apps=()
# Docker
if command -v docker &>/dev/null && docker info &>/dev/null; then
local containers=$(docker ps -q | wc -l)
local images=$(docker images -q | wc -l)
echo -e " ${GREEN}${NC} Docker: $containers 个运行中容器, $images 个镜像"
apps+=("docker")
fi
# Docker Compose
if command -v docker-compose &>/dev/null || docker compose version &>/dev/null 2>&1; then
local compose_files=$(find /opt /root /home -name "docker-compose*.yml" -o -name "compose*.yml" 2>/dev/null | wc -l)
echo -e " ${GREEN}${NC} Docker Compose: $compose_files 个配置文件"
apps+=("compose")
fi
# Nginx
if command -v nginx &>/dev/null || [ -d /etc/nginx ]; then
echo -e " ${GREEN}${NC} Nginx"
apps+=("nginx")
fi
# MySQL/MariaDB
if command -v mysql &>/dev/null || [ -d /var/lib/mysql ]; then
echo -e " ${GREEN}${NC} MySQL/MariaDB"
apps+=("mysql")
fi
# PostgreSQL
if command -v psql &>/dev/null || [ -d /var/lib/postgresql ]; then
echo -e " ${GREEN}${NC} PostgreSQL"
apps+=("postgresql")
fi
# Redis
if command -v redis-cli &>/dev/null || [ -d /var/lib/redis ]; then
echo -e " ${GREEN}${NC} Redis"
apps+=("redis")
fi
# MongoDB
if command -v mongod &>/dev/null || [ -d /var/lib/mongodb ]; then
echo -e " ${GREEN}${NC} MongoDB"
apps+=("mongodb")
fi
# Node.js/NPM
if command -v node &>/dev/null; then
local node_ver=$(node -v 2>/dev/null || echo "unknown")
local npm_global=$(npm list -g --depth=0 2>/dev/null | wc -l)
echo -e " ${GREEN}${NC} Node.js $node_ver ($npm_global 个全局包)"
apps+=("nodejs")
fi
# PM2
if command -v pm2 &>/dev/null; then
local pm2_apps=$(pm2 jlist 2>/dev/null | jq length 2>/dev/null || echo "0")
echo -e " ${GREEN}${NC} PM2: $pm2_apps 个应用"
apps+=("pm2")
fi
# Python/Pip
if command -v python3 &>/dev/null; then
local py_ver=$(python3 --version 2>/dev/null | cut -d' ' -f2)
echo -e " ${GREEN}${NC} Python $py_ver"
apps+=("python")
fi
# PHP
if command -v php &>/dev/null; then
local php_ver=$(php -v 2>/dev/null | head -1 | cut -d' ' -f2)
echo -e " ${GREEN}${NC} PHP $php_ver"
apps+=("php")
fi
# 1Panel
if [ -d /opt/1panel ] || command -v 1pctl &>/dev/null; then
echo -e " ${GREEN}${NC} 1Panel"
apps+=("1panel")
fi
# 宝塔
if [ -d /www/server/panel ]; then
echo -e " ${GREEN}${NC} 宝塔面板"
apps+=("bt")
fi
echo ""
info "检测到的应用: ${apps[*]}"
echo ""
info "应用扫描完成!"
}
# 运行应用扫描
detect_apps

1
projects/vps/vps-snapshot-repo Submodule

Submodule projects/vps/vps-snapshot-repo added at 1d248ecf44

353
projects/vps/vps-snapshot.sh Executable file
View File

@@ -0,0 +1,353 @@
#!/bin/bash
#===============================================================================
# VPS 快照备份脚本 v1.1
# 支持: Ubuntu, Debian, CentOS, Alpine
# 功能: 系统快照 + rsync 远程同步 + Telegram 通知 + 自动清理
# 认证: 支持密码和 SSH 密钥两种方式
#===============================================================================
set -e
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
CONFIG_FILE="/etc/vps-snapshot.conf"
LOG_FILE="/var/log/vps-snapshot.log"
SSH_KEY_PATH="/root/.ssh/vps_snapshot_key"
print_banner() {
echo -e "${BLUE}"
echo "╔═══════════════════════════════════════════════════════════╗"
echo "║ VPS 快照备份脚本 v1.1 ║"
echo "║ 支持 Ubuntu/Debian/CentOS/Alpine ║"
echo "║ 支持密码/SSH密钥认证 ║"
echo "╚═══════════════════════════════════════════════════════════╝"
echo -e "${NC}"
}
log() { echo -e "${GREEN}[$(date '+%Y-%m-%d %H:%M:%S')] $1${NC}"; echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" >> "$LOG_FILE"; }
error() { echo -e "${RED}[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: $1${NC}"; echo "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: $1" >> "$LOG_FILE"; }
warn() { echo -e "${YELLOW}[$(date '+%Y-%m-%d %H:%M:%S')] WARN: $1${NC}"; }
detect_os() {
if [ -f /etc/os-release ]; then . /etc/os-release; echo "$ID"
elif [ -f /etc/redhat-release ]; then echo "centos"
else echo "unknown"; fi
}
install_dependencies() {
local os=$(detect_os)
log "检测到系统: $os"
log "安装依赖包..."
case $os in
ubuntu|debian) apt-get update -qq && apt-get install -y -qq rsync sshpass curl tar gzip openssh-client ;;
centos|rhel|fedora) yum install -y -q rsync sshpass curl tar gzip openssh-clients ;;
alpine) apk add --no-cache rsync sshpass curl tar gzip openssh-client ;;
*) error "不支持的系统: $os"; exit 1 ;;
esac
log "依赖安装完成"
}
generate_ssh_key() {
log "生成 SSH 密钥对..."
if [ -f "$SSH_KEY_PATH" ]; then
warn "密钥已存在: $SSH_KEY_PATH"
read -p "是否覆盖? [y/N]: " overwrite
[[ ! "$overwrite" =~ ^[Yy]$ ]] && return 0
fi
ssh-keygen -t ed25519 -f "$SSH_KEY_PATH" -N "" -C "vps-snapshot-$(hostname)"
chmod 600 "$SSH_KEY_PATH"
log "密钥生成完成: $SSH_KEY_PATH"
}
copy_ssh_key_to_remote() {
log "复制公钥到远程服务器 ${REMOTE_USER}@${REMOTE_IP}..."
sshpass -p "$1" ssh-copy-id -i "${SSH_KEY_PATH}.pub" -o StrictHostKeyChecking=no -p "$REMOTE_PORT" "${REMOTE_USER}@${REMOTE_IP}"
log "公钥复制完成"
}
test_ssh_connection() {
log "测试 SSH 连接..."
if ssh -i "$SSH_KEY_PATH" -o StrictHostKeyChecking=no -o BatchMode=yes -p "$REMOTE_PORT" "${REMOTE_USER}@${REMOTE_IP}" "echo ok" &>/dev/null; then
log "SSH 密钥连接成功 ✓"
return 0
else
error "SSH 密钥连接失败"
return 1
fi
}
interactive_setup() {
print_banner
echo -e "${YELLOW}开始交互式配置...${NC}\n"
read -p "请输入远程服务器 IP: " REMOTE_IP
read -p "请输入 SSH 端口 [22]: " REMOTE_PORT
REMOTE_PORT=${REMOTE_PORT:-22}
read -p "请输入 SSH 用户名 [root]: " REMOTE_USER
REMOTE_USER=${REMOTE_USER:-root}
echo -e "\n${YELLOW}选择认证方式:${NC}"
echo "1) SSH 密钥 (推荐,更安全)"
echo "2) 密码"
read -p "请选择 [1]: " AUTH_TYPE
AUTH_TYPE=${AUTH_TYPE:-1}
if [ "$AUTH_TYPE" = "1" ]; then
setup_ssh_key_auth
else
setup_password_auth
fi
}
setup_ssh_key_auth() {
AUTH_METHOD="key"
REMOTE_PASS=""
echo -e "\n${YELLOW}SSH 密钥认证配置${NC}"
if [ -f "$SSH_KEY_PATH" ]; then
echo "检测到已有密钥: $SSH_KEY_PATH"
read -p "使用现有密钥? [Y/n]: " use_existing
[[ "$use_existing" =~ ^[Nn]$ ]] && generate_ssh_key
else
read -p "是否生成新的 SSH 密钥? [Y/n]: " gen_key
[[ ! "$gen_key" =~ ^[Nn]$ ]] && generate_ssh_key
fi
echo -e "\n需要将公钥复制到远程服务器"
read -s -p "请输入远程服务器密码 (仅用于复制公钥): " temp_pass
echo
copy_ssh_key_to_remote "$temp_pass"
if test_ssh_connection; then
echo -e "${GREEN}密钥认证配置成功!${NC}"
else
error "密钥认证失败"; exit 1
fi
continue_setup
}
setup_password_auth() {
AUTH_METHOD="password"
read -s -p "请输入 SSH 密码: " REMOTE_PASS
echo
continue_setup
}
continue_setup() {
read -p "请输入远程备份目录 [/backup/snapshots]: " REMOTE_DIR
REMOTE_DIR=${REMOTE_DIR:-/backup/snapshots}
read -p "请输入本地快照目录 [/var/snapshots]: " LOCAL_DIR
LOCAL_DIR=${LOCAL_DIR:-/var/snapshots}
read -p "本地保留快照数量 [1]: " LOCAL_KEEP
LOCAL_KEEP=${LOCAL_KEEP:-1}
read -p "远程保留天数 [30]: " REMOTE_KEEP_DAYS
REMOTE_KEEP_DAYS=${REMOTE_KEEP_DAYS:-30}
read -p "是否启用 Telegram 通知? [y/N]: " ENABLE_TG
if [[ "$ENABLE_TG" =~ ^[Yy]$ ]]; then
read -p "请输入 Telegram Bot Token: " TG_BOT_TOKEN
read -p "请输入 Telegram Chat ID: " TG_CHAT_ID
fi
echo -e "\n${YELLOW}选择要备份的内容:${NC}"
echo "1) 完整系统 (排除临时文件)"
echo "2) 仅 /etc /home /root /var/www"
echo "3) 自定义目录"
read -p "请选择 [1]: " BACKUP_TYPE
BACKUP_TYPE=${BACKUP_TYPE:-1}
case $BACKUP_TYPE in
2) BACKUP_DIRS="/etc /home /root /var/www" ;;
3) read -p "请输入要备份的目录 (空格分隔): " BACKUP_DIRS ;;
*) BACKUP_DIRS="/" ;;
esac
save_config
}
save_config() {
log "保存配置到 $CONFIG_FILE"
cat > "$CONFIG_FILE" << CONF
AUTH_METHOD="$AUTH_METHOD"
SSH_KEY_PATH="$SSH_KEY_PATH"
REMOTE_IP="$REMOTE_IP"
REMOTE_PORT="$REMOTE_PORT"
REMOTE_USER="$REMOTE_USER"
REMOTE_PASS="$REMOTE_PASS"
REMOTE_DIR="$REMOTE_DIR"
LOCAL_DIR="$LOCAL_DIR"
LOCAL_KEEP="$LOCAL_KEEP"
REMOTE_KEEP_DAYS="$REMOTE_KEEP_DAYS"
TG_BOT_TOKEN="$TG_BOT_TOKEN"
TG_CHAT_ID="$TG_CHAT_ID"
BACKUP_DIRS="$BACKUP_DIRS"
CONF
chmod 600 "$CONFIG_FILE"
log "配置已保存"
}
load_config() {
[ -f "$CONFIG_FILE" ] && source "$CONFIG_FILE" || { error "配置文件不存在,请先运行: $0 setup"; return 1; }
}
ssh_exec() {
if [ "$AUTH_METHOD" = "key" ]; then
ssh -i "$SSH_KEY_PATH" -o StrictHostKeyChecking=no -p "$REMOTE_PORT" "${REMOTE_USER}@${REMOTE_IP}" "$1"
else
sshpass -p "$REMOTE_PASS" ssh -o StrictHostKeyChecking=no -p "$REMOTE_PORT" "${REMOTE_USER}@${REMOTE_IP}" "$1"
fi
}
send_telegram() {
[ -n "$TG_BOT_TOKEN" ] && [ -n "$TG_CHAT_ID" ] && \
curl -s -X POST "https://api.telegram.org/bot${TG_BOT_TOKEN}/sendMessage" \
-d chat_id="$TG_CHAT_ID" -d text="$1" -d parse_mode="HTML" >/dev/null 2>&1
}
create_snapshot() {
local hostname=$(hostname)
local timestamp=$(date '+%Y%m%d_%H%M%S')
local snapshot_name="${hostname}_${timestamp}.tar.gz"
local snapshot_path="${LOCAL_DIR}/${snapshot_name}"
mkdir -p "$LOCAL_DIR"
log "开始创建快照: $snapshot_name"
send_telegram "🔄 <b>开始备份</b>%0A主机: ${hostname}"
local excludes="--exclude=/proc --exclude=/sys --exclude=/dev"
excludes+=" --exclude=/run --exclude=/tmp --exclude=/mnt"
excludes+=" --exclude=/media --exclude=/lost+found"
excludes+=" --exclude=${LOCAL_DIR} --exclude=/var/cache"
if [ "$BACKUP_DIRS" = "/" ]; then
tar $excludes -czf "$snapshot_path" / 2>/dev/null || true
else
tar -czf "$snapshot_path" $BACKUP_DIRS 2>/dev/null || true
fi
log "快照创建完成: $snapshot_path ($(du -h "$snapshot_path" | cut -f1))"
echo "$snapshot_path"
}
sync_to_remote() {
local snapshot_path="$1"
log "创建远程目录: $REMOTE_DIR"
ssh_exec "mkdir -p $REMOTE_DIR"
log "开始同步到远程..."
if [ "$AUTH_METHOD" = "key" ]; then
rsync -avz -e "ssh -i $SSH_KEY_PATH -o StrictHostKeyChecking=no -p $REMOTE_PORT" \
"$snapshot_path" "${REMOTE_USER}@${REMOTE_IP}:${REMOTE_DIR}/"
else
sshpass -p "$REMOTE_PASS" rsync -avz \
-e "ssh -o StrictHostKeyChecking=no -p $REMOTE_PORT" \
"$snapshot_path" "${REMOTE_USER}@${REMOTE_IP}:${REMOTE_DIR}/"
fi
log "远程同步完成"
}
cleanup_local() {
log "清理本地快照,保留最新 $LOCAL_KEEP"
cd "$LOCAL_DIR"
ls -1t *.tar.gz 2>/dev/null | tail -n +$((LOCAL_KEEP + 1)) | xargs -r rm -f
}
cleanup_remote() {
log "清理远程超过 $REMOTE_KEEP_DAYS 天的快照"
ssh_exec "find $REMOTE_DIR -name '*.tar.gz' -mtime +$REMOTE_KEEP_DAYS -delete" 2>/dev/null
log "远程清理完成"
}
run_backup() {
load_config || exit 1
local start_time=$(date +%s)
local hostname=$(hostname)
log "========== 开始备份任务 =========="
local snapshot_path=$(create_snapshot)
sync_to_remote "$snapshot_path"
cleanup_local
cleanup_remote
local duration=$(($(date +%s) - start_time))
local size=$(du -h "$snapshot_path" | cut -f1)
log "========== 备份完成 =========="
send_telegram "✅ <b>备份完成</b>%0A主机: ${hostname}%0A大小: ${size}%0A耗时: ${duration}"
}
setup_cron() {
echo -e "${YELLOW}设置定时备份任务${NC}"
echo "1) 每天凌晨 3 点"
echo "2) 每周日凌晨 3 点"
echo "3) 每月 1 号凌晨 3 点"
read -p "请选择 [1]: " choice
case ${choice:-1} in
2) cron_expr="0 3 * * 0" ;;
3) cron_expr="0 3 1 * *" ;;
*) cron_expr="0 3 * * *" ;;
esac
local script_path=$(readlink -f "$0")
(crontab -l 2>/dev/null | grep -v "vps-snapshot"; echo "$cron_expr $script_path run") | crontab -
log "定时任务已设置: $cron_expr"
}
show_status() {
print_banner
if [ -f "$CONFIG_FILE" ]; then
source "$CONFIG_FILE"
echo -e "${GREEN}配置状态:${NC}"
echo " 认证方式: ${AUTH_METHOD}"
echo " 远程服务器: ${REMOTE_USER}@${REMOTE_IP}:${REMOTE_PORT}"
echo " 远程目录: ${REMOTE_DIR}"
echo " 本地目录: ${LOCAL_DIR}"
echo " 本地保留: ${LOCAL_KEEP}"
echo " 远程保留: ${REMOTE_KEEP_DAYS}"
echo " Telegram: $([ -n "$TG_BOT_TOKEN" ] && echo '已配置' || echo '未配置')"
echo -e "\n${GREEN}本地快照:${NC}"
ls -lh "$LOCAL_DIR"/*.tar.gz 2>/dev/null || echo " (无)"
else
echo -e "${RED}未配置,请运行: $0 setup${NC}"
fi
}
show_help() {
print_banner
echo "用法: $0 <命令>"
echo ""
echo "命令:"
echo " setup 交互式配置"
echo " run 执行备份"
echo " install 安装依赖"
echo " cron 设置定时任务"
echo " status 查看配置状态"
echo " help 显示帮助"
}
main() {
[ "$EUID" -ne 0 ] && { error "请使用 root 权限运行"; exit 1; }
touch "$LOG_FILE"
case "${1:-help}" in
setup) install_dependencies; interactive_setup
echo -e "\n${GREEN}配置完成!${NC}"
echo "运行 '$0 run' 执行备份"
echo "运行 '$0 cron' 设置定时任务" ;;
run) run_backup ;;
install) install_dependencies ;;
cron) setup_cron ;;
status) show_status ;;
*) show_help ;;
esac
}
main "$@"

1
projects/vps/vps-tools Submodule

Submodule projects/vps/vps-tools added at 1f65db9ec2