117 lines
3.4 KiB
Bash
117 lines
3.4 KiB
Bash
#!/bin/bash
|
||
set -e
|
||
|
||
echo "======================================"
|
||
echo " ZeroTier AIO 离线快速部署脚本 v2"
|
||
echo " 支持备份恢复 / 新服务器迁移"
|
||
echo "======================================"
|
||
|
||
[ "$EUID" -ne 0 ] && { echo "请用 root 执行"; exit 1; }
|
||
|
||
# 安装依赖
|
||
command -v docker &>/dev/null || {
|
||
apt update -y
|
||
apt install -y docker.io docker-compose-plugin curl
|
||
systemctl enable --now docker
|
||
}
|
||
|
||
# 检查 TUN
|
||
modprobe tun 2>/dev/null || true
|
||
[ -c /dev/net/tun ] || { echo "TUN 不可用"; exit 1; }
|
||
|
||
# 获取公网 IP
|
||
PUBLIC_IP=$(curl -s http://100.100.100.200/latest/meta-data/eipv4 || true)
|
||
[ -z "$PUBLIC_IP" ] && PUBLIC_IP=$(ip -4 addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}' | head -n1)
|
||
[ -z "$PUBLIC_IP" ] && read -p "无法自动获取公网IP,请手动输入: " PUBLIC_IP
|
||
echo "公网 IP: $PUBLIC_IP"
|
||
|
||
INSTALL_DIR="/opt/zerotier-aio"
|
||
mkdir -p "$INSTALL_DIR"
|
||
cd "$INSTALL_DIR"
|
||
|
||
# 如果有备份包,优先恢复
|
||
if ls zerotier-aio-backup*.tar.gz 1>/dev/null 2>&1; then
|
||
echo "检测到备份包,正在恢复..."
|
||
tar -xzf zerotier-aio-backup*.tar.gz -C /opt
|
||
elif ls zerotier-aio-essential*.tar.gz 1>/dev/null 2>&1; then
|
||
tar -xzf zerotier-aio-essential*.tar.gz -C /opt
|
||
fi
|
||
|
||
# 加载镜像(如果 tar 存在)
|
||
[ -f zerotier-aio-zh.tar ] && {
|
||
echo "加载本地镜像..."
|
||
docker load -i zerotier-aio-zh.tar
|
||
}
|
||
|
||
# 生成或使用 docker-compose.yml
|
||
cat > docker-compose.yml <<EOF
|
||
services:
|
||
zerotier-aio:
|
||
image: niliaerith/zerotier-aio-zh:latest
|
||
container_name: zerotier-aio
|
||
restart: unless-stopped
|
||
cap_add: [ALL]
|
||
devices: [/dev/net/tun]
|
||
network_mode: host
|
||
volumes:
|
||
- ./etc:/opt/key-networks/ztncui/etc
|
||
- ./zerotier-one:/var/lib/zerotier-one
|
||
- ./zt-mkworld:/etc/zt-mkworld
|
||
environment:
|
||
- TZ=Asia/Shanghai
|
||
- AUTOGEN_PLANET=0
|
||
- NODE_ENV=production
|
||
- HTTP_PORT=3000
|
||
- HTTP_ALL_INTERFACES=yes
|
||
- ZTNCUI_PASSWD=admin123
|
||
- MYADDR=$PUBLIC_IP
|
||
privileged: true
|
||
EOF
|
||
|
||
# 启动
|
||
docker compose up -d
|
||
sleep 15
|
||
|
||
# 检查 Moon(如果 moons.d 为空则生成)
|
||
MOONS_DIR="./zerotier-one/moons.d"
|
||
if [ ! -d "$MOONS_DIR" ] || [ -z "$(ls -A "$MOONS_DIR")" ]; then
|
||
echo "生成 Moon..."
|
||
docker exec zerotier-aio zerotier-idtool initmoon /var/lib/zerotier-one/identity.public > /tmp/moon.json
|
||
sed -i "s|\"stableEndpoints\": \[\]|\"stableEndpoints\": [\"$PUBLIC_IP/9993\"]|" /tmp/moon.json
|
||
docker exec zerotier-aio bash -c "cd /tmp && zerotier-idtool genmoon moon.json"
|
||
MOON_FILE=$(docker exec zerotier-aio find /tmp -name "*.moon" | head -n1)
|
||
mkdir -p "$MOONS_DIR"
|
||
docker cp "zerotier-aio:$MOON_FILE" "$MOONS_DIR/"
|
||
MOON_ID=$(basename "$MOON_FILE" .moon)
|
||
docker restart zerotier-aio
|
||
else
|
||
MOON_ID=$(ls "$MOONS_DIR"/*.moon | head -n1 | xargs basename | cut -d. -f1)
|
||
fi
|
||
|
||
# 防火墙(ufw)
|
||
command -v ufw &>/dev/null && {
|
||
ufw allow 9993/udp 3000/tcp 3443/tcp
|
||
ufw reload || true
|
||
}
|
||
|
||
cat <<EOF
|
||
|
||
======================================
|
||
部署完成!
|
||
======================================
|
||
|
||
Moon ID: $MOON_ID
|
||
Orbit 命令: sudo zerotier-cli orbit $MOON_ID $MOON_ID
|
||
|
||
Web 界面: http://$PUBLIC_IP:3000
|
||
用户: admin 密码: admin123 (立即修改!)
|
||
|
||
安全组需放行: 9993/udp 3000/tcp 3443/tcp
|
||
|
||
备份建议: tar -czf zerotier-aio-backup-$(date +%Y%m%d).tar.gz /opt/zerotier-aio
|
||
|
||
调试: docker logs zerotier-aio
|
||
docker exec -it zerotier-aio bash
|
||
======================================
|
||
EOF
|