linuxjoy/sh
3
0
Fork 0
mirror of https://github.com/kejilion/sh.git synced 2025-10-03 23:34:20 +08:00
Code Issues Projects Packages Wiki Activity Actions

🌐 Weekly translation update - 2025-09-28 08:35:44

Browse source
This commit is contained in:
GitHub Action 2025-09-28 08:35:44 +00:00
parent 0041d6d2f9
commit ea18b87cfc
4 changed files with 417 additions and 445 deletions
Download patch file Download diff file Expand all files Collapse all files

215
en/kejilion.sh
View file

@ -1,5 +1,5 @@
#!/bin/bash
sh_v="4.1.5"
sh_v="4.1.6"


gl_hui='\e[37m'
@ -1771,7 +1771,7 @@ check_waf_status() {


check_cf_mode() {
if [ -f "/path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf" ]; then
if [ -f "/etc/fail2ban/action.d/cloudflare-docker.conf" ]; then
CFmessage=" cf模式已开启"
else
CFmessage=""
@ -1985,19 +1985,11 @@ nginx_gzip() {
web_security() {
send_stats "LDNMP environment defense"
while true; do
check_f2b_status
check_waf_status
check_cf_mode
if [ -x "$(command -v fail2ban-client)" ] ; then
clear
remove fail2ban
rm -rf /etc/fail2ban
else
clear
rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf > /dev/null 2>&1
docker exec -it fail2ban fail2ban-client reload > /dev/null 2>&1
docker_name="fail2ban"
check_docker_app
echo -e "Server website defense program${check_docker}${gl_lv}${CFmessage}${waf_status}${gl_bai}"
echo -e "Server website defense program${check_f2b_status}${gl_lv}${CFmessage}${waf_status}${gl_bai}"
echo "------------------------"
echo "1. Install the defense program"
echo "------------------------"
@ -2019,11 +2011,16 @@ web_security() {
case $sub_choice in
1)
f2b_install_sshd
cd /path/to/fail2ban/config/fail2ban/filter.d
cd /etc/fail2ban/filter.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/sh/main/fail2ban-nginx-cc.conf
cd /path/to/fail2ban/config/fail2ban/jail.d/
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-418.conf
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-deny.conf
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-unauthorized.conf
wget ${gh_proxy}https://raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-bad-request.conf

cd /etc/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/nginx-docker-cc.conf
sed -i "/cloudflare/d" /path/to/fail2ban/config/fail2ban/jail.d/nginx-docker-cc.conf
sed -i "/cloudflare/d" /etc/fail2ban/jail.d/nginx-docker-cc.conf
f2b_status
;;
5)
@ -2037,56 +2034,57 @@ web_security() {
local xxx="fail2ban-nginx-cc"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-418"
local xxx="nginx-418"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-bad-request"
local xxx="nginx-bad-request"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-badbots"
local xxx="nginx-badbots"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-botsearch"
local xxx="nginx-botsearch"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-deny"
local xxx="nginx-deny"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-http-auth"
local xxx="nginx-http-auth"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-unauthorized"
local xxx="nginx-unauthorized"
f2b_status_xxx
echo "------------------------"
local xxx="docker-php-url-fopen"
local xxx="php-url-fopen"
f2b_status_xxx
echo "------------------------"

;;

7)
docker exec -it fail2ban fail2ban-client status
fail2ban-client status
;;
8)
tail -f /path/to/fail2ban/config/log/fail2ban/fail2ban.log
tail -f /var/log/fail2ban.log

;;
9)
docker rm -f fail2ban
rm -rf /path/to/fail2ban
remove fail2ban
rm -rf /etc/fail2ban
crontab -l | grep -v "CF-Under-Attack.sh" | crontab - 2>/dev/null
echo "Fail2Ban defense program has been uninstalled"
break
;;

11)
install nano
nano /path/to/fail2ban/config/fail2ban/jail.d/nginx-docker-cc.conf
nano /etc/fail2ban/jail.d/nginx-docker-cc.conf
f2b_status
break
;;

12)
docker exec -it fail2ban fail2ban-client unban --all
fail2ban-client unban --all
;;

21)
@ -2099,14 +2097,14 @@ web_security() {
wget -O /home/web/conf.d/default.conf ${gh_proxy}raw.githubusercontent.com/kejilion/nginx/main/default11.conf
docker exec nginx nginx -s reload

cd /path/to/fail2ban/config/fail2ban/jail.d/
cd /etc/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/nginx-docker-cc.conf

cd /path/to/fail2ban/config/fail2ban/action.d
cd /etc/fail2ban/action.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/cloudflare-docker.conf

sed -i "s/kejilion@outlook.com/$cfuser/g" /path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/APIKEY00000/$cftoken/g" /path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/kejilion@outlook.com/$cfuser/g" /etc/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/APIKEY00000/$cftoken/g" /etc/fail2ban/action.d/cloudflare-docker.conf
f2b_status

echo "Cloudflare mode is configured to view intercept records in the cf background, site-security-events"
@ -2171,7 +2169,6 @@ web_security() {
break
;;
esac
fi
break_end
done
}
@ -3017,52 +3014,30 @@ tmux new -d -s "$base_name-$tmuxd_ID" "$tmuxd"


f2b_status() {
docker exec -it fail2ban fail2ban-client reload
fail2ban-client reload
sleep 3
docker exec -it fail2ban fail2ban-client status
fail2ban-client status
}

f2b_status_xxx() {
docker exec -it fail2ban fail2ban-client status $xxx
fail2ban-client status $xxx
}

check_f2b_status() {
if command -v fail2ban-client >/dev/null 2>&1; then
check_f2b_status="${gl_lv}已安装${gl_bai}"
else
check_f2b_status="${gl_hui}未安装${gl_bai}"
fi
}

f2b_install_sshd() {

docker run -d \
--name=fail2ban \
--net=host \
--cap-add=NET_ADMIN \
--cap-add=NET_RAW \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e VERBOSITY=-vv \
-v /path/to/fail2ban/config:/config \
-v /var/log:/var/log:ro \
-v /home/web/log/nginx/:/remotelogs/nginx:ro \
--restart=always \
lscr.io/linuxserver/fail2ban:latest
docker rm -f fail2ban >/dev/null 2>&1
install fail2ban
start fail2ban
enable fail2ban

sleep 3
if grep -q 'Alpine' /etc/issue; then
cd /path/to/fail2ban/config/fail2ban/filter.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-sshd.conf
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-sshd-ddos.conf
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-ssh.conf
elif command -v dnf &>/dev/null; then
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/centos-ssh.conf
else
install rsyslog
systemctl start rsyslog
systemctl enable rsyslog
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/linux-ssh.conf
systemctl restart rsyslog
fi

rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf
}

f2b_sshd() {
@ -7765,7 +7740,8 @@ linux_Oracle() {

4)
clear
echo "This feature is in the development stage, so stay tuned!"
send_stats "Detective R start script"
bash <(wget -qO- ${gh_proxy}github.com/Yohann0617/oci-helper/releases/latest/download/sh_oci-helper_install.sh)
;;
5)
clear
@ -8384,7 +8360,7 @@ linux_ldnmp() {

docker run -d \
--name bitwarden \
--restart always \
--restart=always \
-p 3280:80 \
-v /home/web/html/$yuming/bitwarden/data:/data \
vaultwarden/server
@ -8405,7 +8381,7 @@ linux_ldnmp() {
install_ssltls
certs_status

docker run -d --name halo --restart always -p 8010:8090 -v /home/web/html/$yuming/.halo2:/root/.halo2 halohub/halo:2
docker run -d --name halo --restart=always -p 8010:8090 -v /home/web/html/$yuming/.halo2:/root/.halo2 halohub/halo:2
duankou=8010
reverse_proxy

@ -8890,7 +8866,7 @@ while true; do
echo -e "${gl_kjlan}93. ${color93}Dufs minimalist static file server${gl_kjlan}94. ${color94}Gopeed high-speed download tool"
echo -e "${gl_kjlan}95. ${color95}paperless document management platform${gl_kjlan}96. ${color96}2FAuth self-hosted two-step validator"
echo -e "${gl_kjlan}97. ${color97}WireGuard networking (server side)${gl_kjlan}98. ${color98}WireGuard networking (client)"
echo -e "${gl_kjlan}99. ${color99}DSM Synology Virtual Machine"
echo -e "${gl_kjlan}99. ${color99}DSM Synology Virtual Machine${gl_kjlan}100. ${color100}Syncthing point-to-point file synchronization tool"
echo -e "${gl_kjlan}------------------------"
echo -e "${gl_kjlan}b. ${gl_bai}Back up all application data${gl_kjlan}r. ${gl_bai}Restore all application data"
echo -e "${gl_kjlan}------------------------"
@ -9499,7 +9475,7 @@ while true; do

docker_rum() {

docker run -d --name looking-glass --restart always -p ${docker_port}:80 wikihostinc/looking-glass-server
docker run -d --name looking-glass --restart=always -p ${docker_port}:80 wikihostinc/looking-glass-server

}

@ -9527,7 +9503,7 @@ while true; do
-p 53:53/tcp \
-p 53:53/udp \
-p ${docker_port}:3000/tcp \
--restart always \
--restart=always \
adguard/adguardhome


@ -9654,7 +9630,7 @@ while true; do
-p ${docker_port}:9000 \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /home/docker/portainer:/data \
--restart always \
--restart=always \
portainer/portainer

}
@ -9678,7 +9654,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/vscode-web:/home/coder/.local/share/code-server --name vscode-web --restart always codercom/code-server
docker run -d -p ${docker_port}:8080 -v /home/docker/vscode-web:/home/coder/.local/share/code-server --name vscode-web --restart=always codercom/code-server

}

@ -9727,7 +9703,7 @@ while true; do

docker_rum() {

docker run -d --name memos -p ${docker_port}:5230 -v /home/docker/memos:/var/opt/memos --restart always ghcr.io/usememos/memos:latest
docker run -d --name memos -p ${docker_port}:5230 -v /home/docker/memos:/var/opt/memos --restart=always ghcr.io/usememos/memos:latest

}

@ -9849,7 +9825,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 --name speedtest --restart always ghcr.io/librespeed/speedtest
docker run -d -p ${docker_port}:8080 --name speedtest --restart=always ghcr.io/librespeed/speedtest

}

@ -9897,7 +9873,7 @@ while true; do

docker run -d \
--name photoprism \
--restart always \
--restart=always \
--security-opt seccomp=unconfined \
--security-opt apparmor=unconfined \
-p ${docker_port}:2342 \
@ -10002,7 +9978,7 @@ while true; do

docker run -d \
--name pingvin-share \
--restart always \
--restart=always \
-p ${docker_port}:3000 \
-v /home/docker/pingvin-share/data:/opt/app/backend/data \
stonith404/pingvin-share
@ -10128,7 +10104,7 @@ while true; do
local docker_img="jrohy/webssh"
local docker_port=8040
docker_rum() {
docker run -d -p ${docker_port}:5032 --restart always --name webssh -e TZ=Asia/Shanghai jrohy/webssh
docker run -d -p ${docker_port}:5032 --restart=always --name webssh -e TZ=Asia/Shanghai jrohy/webssh
}

local docker_describe="简易在线ssh连接工具和sftp工具"
@ -10246,7 +10222,7 @@ while true; do
--name registry \
-v /home/docker/registry:/var/lib/registry \
-e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io \
--restart always \
--restart=always \
registry:2

}
@ -10267,7 +10243,7 @@ while true; do

docker_rum() {

docker run -d --name ghproxy --restart always -p ${docker_port}:8080 -v /home/docker/ghproxy/config:/data/ghproxy/config wjqserver/ghproxy:latest
docker run -d --name ghproxy --restart=always -p ${docker_port}:8080 -v /home/docker/ghproxy/config:/data/ghproxy/config wjqserver/ghproxy:latest

}

@ -10383,7 +10359,7 @@ while true; do

docker_rum() {

docker run -d --restart always -p ${docker_port}:5000 \
docker run -d --restart=always -p ${docker_port}:5000 \
-v /home/docker/datastore:/datastore \
--name changedetection dgtlmoon/changedetection.io:latest

@ -10438,7 +10414,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart always ghcr.io/open-webui/open-webui:ollama
docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart=always ghcr.io/open-webui/open-webui:ollama

}

@ -10490,7 +10466,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart always ghcr.io/open-webui/open-webui:ollama
docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart=always ghcr.io/open-webui/open-webui:ollama

}

@ -10706,7 +10682,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:main
docker run -d -p ${docker_port}:8080 -v /home/docker/open-webui:/app/backend/data --name open-webui --restart=always ghcr.io/open-webui/open-webui:main

}

@ -10750,7 +10726,7 @@ while true; do
chmod -R 777 /home/docker/n8n

docker run -d --name n8n \
--restart always \
--restart=always \
-p ${docker_port}:5678 \
-v /home/docker/n8n:/home/node/.n8n \
-e N8N_HOST=${yuming} \
@ -10924,7 +10900,7 @@ while true; do

docker run -d \
--name bitwarden \
--restart always \
--restart=always \
-p ${docker_port}:80 \
-v /home/docker/bitwarden/data:/data \
vaultwarden/server
@ -12008,7 +11984,7 @@ while true; do
--cap-add SYS_MODULE \
-v /home/docker/wireguard/config:/config \
-v /lib/modules:/lib/modules:ro \
--restart always \
--restart=always \
kjlion/wireguard:alpine

sleep 3
@ -12085,8 +12061,34 @@ while true; do



100|syncthing)

local app_id="100"
local docker_name="syncthing"
local docker_img="syncthing/syncthing:latest"
local docker_port=8100

docker_rum() {
docker run -d \
--name=syncthing \
--hostname=my-syncthing \
--restart=always \
-p ${docker_port}:8384 \
-p 22000:22000/tcp \
-p 22000:22000/udp \
-p 21027:21027/udp \
-v /home/docker/syncthing:/var/syncthing \
syncthing/syncthing:latest
}

local docker_describe="开源的点对点文件同步工具,类似于 Dropbox、Resilio Sync但完全去中心化。"
local docker_url="官网介绍: https://github.com/syncthing/syncthing"
local docker_use=""
local docker_passwd=""
local app_size="1"
docker_app

;;

b)
clear
@ -13029,7 +13031,7 @@ EOF
(crontab -l ; echo "0 0 * * $weekday $newquest") | crontab - > /dev/null 2>&1
;;
3)
read -e -p "Choose when to perform tasks every day? (Hours, 0-23):" hour
read -e -p "Choose what time to perform tasks every day? (Hours, 0-23):" hour
(crontab -l ; echo "0 $hour * * * $newquest") | crontab - > /dev/null 2>&1
;;
4)
@ -13084,7 +13086,7 @@ EOF

;;
2)
read -e -p "Please enter the keywords for parsing content that need to be deleted:" delhost
read -e -p "Please enter the keywords of parsing content that need to be deleted:" delhost
sed -i "/$delhost/d" /etc/hosts
send_stats "Local host parsing and deletion"
;;
@ -13099,17 +13101,9 @@ EOF
root_use
send_stats "ssh defense"
while true; do
if [ -x "$(command -v fail2ban-client)" ] ; then
clear
remove fail2ban
rm -rf /etc/fail2ban
else
clear
rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf > /dev/null 2>&1
docker exec -it fail2ban fail2ban-client reload > /dev/null 2>&1
docker_name="fail2ban"
check_docker_app
echo -e "SSH Defense Program$check_docker"

check_f2b_status
echo -e "SSH Defense Program$check_f2b_status"
echo "fail2ban is an SSH tool to prevent brute force"
echo "Official website introduction:${gh_proxy}github.com/fail2ban/fail2ban"
echo "------------------------"
@ -13125,7 +13119,6 @@ EOF
read -e -p "Please enter your selection:" sub_choice
case $sub_choice in
1)
install_docker
f2b_install_sshd

cd ~
@ -13139,19 +13132,19 @@ EOF
break_end
;;
3)
tail -f /path/to/fail2ban/config/log/fail2ban/fail2ban.log
tail -f /var/log/fail2ban.log
break
;;
9)
docker rm -f fail2ban
rm -rf /path/to/fail2ban
remove fail2ban
rm -rf /etc/fail2ban
echo "Fail2Ban defense program has been uninstalled"
break
;;
*)
break
;;
esac
fi
done
;;


217
jp/kejilion.sh
View file

@ -1,5 +1,5 @@
#!/bin/bash
sh_v="4.1.5"
sh_v="4.1.6"


gl_hui='\e[37m'
@ -1771,7 +1771,7 @@ check_waf_status() {


check_cf_mode() {
if [ -f "/path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf" ]; then
if [ -f "/etc/fail2ban/action.d/cloudflare-docker.conf" ]; then
CFmessage=" cf模式已开启"
else
CFmessage=""
@ -1985,19 +1985,11 @@ nginx_gzip() {
web_security() {
send_stats "LDNMP環境防御"
while true; do
check_f2b_status
check_waf_status
check_cf_mode
if [ -x "$(command -v fail2ban-client)" ] ; then
clear
remove fail2ban
rm -rf /etc/fail2ban
else
clear
rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf > /dev/null 2>&1
docker exec -it fail2ban fail2ban-client reload > /dev/null 2>&1
docker_name="fail2ban"
check_docker_app
echo -e "サーバーWebサイト防衛プログラム${check_docker}${gl_lv}${CFmessage}${waf_status}${gl_bai}"
echo -e "サーバーWebサイト防衛プログラム${check_f2b_status}${gl_lv}${CFmessage}${waf_status}${gl_bai}"
echo "------------------------"
echo "1.防衛プログラムをインストールします"
echo "------------------------"
@ -2019,11 +2011,16 @@ web_security() {
case $sub_choice in
1)
f2b_install_sshd
cd /path/to/fail2ban/config/fail2ban/filter.d
cd /etc/fail2ban/filter.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/sh/main/fail2ban-nginx-cc.conf
cd /path/to/fail2ban/config/fail2ban/jail.d/
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-418.conf
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-deny.conf
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-unauthorized.conf
wget ${gh_proxy}https://raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-bad-request.conf

cd /etc/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/nginx-docker-cc.conf
sed -i "/cloudflare/d" /path/to/fail2ban/config/fail2ban/jail.d/nginx-docker-cc.conf
sed -i "/cloudflare/d" /etc/fail2ban/jail.d/nginx-docker-cc.conf
f2b_status
;;
5)
@ -2037,56 +2034,57 @@ web_security() {
local xxx="fail2ban-nginx-cc"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-418"
local xxx="nginx-418"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-bad-request"
local xxx="nginx-bad-request"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-badbots"
local xxx="nginx-badbots"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-botsearch"
local xxx="nginx-botsearch"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-deny"
local xxx="nginx-deny"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-http-auth"
local xxx="nginx-http-auth"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-unauthorized"
local xxx="nginx-unauthorized"
f2b_status_xxx
echo "------------------------"
local xxx="docker-php-url-fopen"
local xxx="php-url-fopen"
f2b_status_xxx
echo "------------------------"

;;

7)
docker exec -it fail2ban fail2ban-client status
fail2ban-client status
;;
8)
tail -f /path/to/fail2ban/config/log/fail2ban/fail2ban.log
tail -f /var/log/fail2ban.log

;;
9)
docker rm -f fail2ban
rm -rf /path/to/fail2ban
remove fail2ban
rm -rf /etc/fail2ban
crontab -l | grep -v "CF-Under-Attack.sh" | crontab - 2>/dev/null
echo "Fail2Ban防衛プログラムがアンインストールされています"
break
;;

11)
install nano
nano /path/to/fail2ban/config/fail2ban/jail.d/nginx-docker-cc.conf
nano /etc/fail2ban/jail.d/nginx-docker-cc.conf
f2b_status
break
;;

12)
docker exec -it fail2ban fail2ban-client unban --all
fail2ban-client unban --all
;;

21)
@ -2099,14 +2097,14 @@ web_security() {
wget -O /home/web/conf.d/default.conf ${gh_proxy}raw.githubusercontent.com/kejilion/nginx/main/default11.conf
docker exec nginx nginx -s reload

cd /path/to/fail2ban/config/fail2ban/jail.d/
cd /etc/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/nginx-docker-cc.conf

cd /path/to/fail2ban/config/fail2ban/action.d
cd /etc/fail2ban/action.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/cloudflare-docker.conf

sed -i "s/kejilion@outlook.com/$cfuser/g" /path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/APIKEY00000/$cftoken/g" /path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/kejilion@outlook.com/$cfuser/g" /etc/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/APIKEY00000/$cftoken/g" /etc/fail2ban/action.d/cloudflare-docker.conf
f2b_status

echo "CloudFlareモードは、CFバックグラウンド、サイトセキュリティイベントでインターセプトレコードを表示するように構成されています"
@ -2171,7 +2169,6 @@ web_security() {
break
;;
esac
fi
break_end
done
}
@ -3017,52 +3014,30 @@ tmux new -d -s "$base_name-$tmuxd_ID" "$tmuxd"


f2b_status() {
docker exec -it fail2ban fail2ban-client reload
fail2ban-client reload
sleep 3
docker exec -it fail2ban fail2ban-client status
fail2ban-client status
}

f2b_status_xxx() {
docker exec -it fail2ban fail2ban-client status $xxx
fail2ban-client status $xxx
}

check_f2b_status() {
if command -v fail2ban-client >/dev/null 2>&1; then
check_f2b_status="${gl_lv}已安装${gl_bai}"
else
check_f2b_status="${gl_hui}未安装${gl_bai}"
fi
}

f2b_install_sshd() {

docker run -d \
--name=fail2ban \
--net=host \
--cap-add=NET_ADMIN \
--cap-add=NET_RAW \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e VERBOSITY=-vv \
-v /path/to/fail2ban/config:/config \
-v /var/log:/var/log:ro \
-v /home/web/log/nginx/:/remotelogs/nginx:ro \
--restart=always \
lscr.io/linuxserver/fail2ban:latest
docker rm -f fail2ban >/dev/null 2>&1
install fail2ban
start fail2ban
enable fail2ban

sleep 3
if grep -q 'Alpine' /etc/issue; then
cd /path/to/fail2ban/config/fail2ban/filter.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-sshd.conf
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-sshd-ddos.conf
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-ssh.conf
elif command -v dnf &>/dev/null; then
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/centos-ssh.conf
else
install rsyslog
systemctl start rsyslog
systemctl enable rsyslog
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/linux-ssh.conf
systemctl restart rsyslog
fi

rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf
}

f2b_sshd() {
@ -7765,7 +7740,8 @@ linux_Oracle() {

4)
clear
echo "この機能は開発段階にあるので、お楽しみに!"
send_stats "探偵r開始スクリプト"
bash <(wget -qO- ${gh_proxy}github.com/Yohann0617/oci-helper/releases/latest/download/sh_oci-helper_install.sh)
;;
5)
clear
@ -8384,7 +8360,7 @@ linux_ldnmp() {

docker run -d \
--name bitwarden \
--restart always \
--restart=always \
-p 3280:80 \
-v /home/web/html/$yuming/bitwarden/data:/data \
vaultwarden/server
@ -8405,7 +8381,7 @@ linux_ldnmp() {
install_ssltls
certs_status

docker run -d --name halo --restart always -p 8010:8090 -v /home/web/html/$yuming/.halo2:/root/.halo2 halohub/halo:2
docker run -d --name halo --restart=always -p 8010:8090 -v /home/web/html/$yuming/.halo2:/root/.halo2 halohub/halo:2
duankou=8010
reverse_proxy

@ -8890,7 +8866,7 @@ while true; do
echo -e "${gl_kjlan}93. ${color93}DUFS Minimalist Static File Server${gl_kjlan}94. ${color94}ゴープ高速ダウンロードツール"
echo -e "${gl_kjlan}95. ${color95}ペーパーレスドキュメント管理プラットフォーム${gl_kjlan}96. ${color96}2Fauth自己ホストの2段階検証装置"
echo -e "${gl_kjlan}97. ${color97}ワイヤガードネットワーキング(サーバー側)${gl_kjlan}98. ${color98}ワイヤガードネットワーキング(クライアント)"
echo -e "${gl_kjlan}99. ${color99}DSM Synology仮想マシン"
echo -e "${gl_kjlan}99. ${color99}DSM Synology仮想マシン${gl_kjlan}100. ${color100}同期ポイントツーポイントファイル同期ツール"
echo -e "${gl_kjlan}------------------------"
echo -e "${gl_kjlan}b. ${gl_bai}すべてのアプリケーションデータをバックアップします${gl_kjlan}r. ${gl_bai}すべてのアプリケーションデータを復元します"
echo -e "${gl_kjlan}------------------------"
@ -9499,7 +9475,7 @@ while true; do

docker_rum() {

docker run -d --name looking-glass --restart always -p ${docker_port}:80 wikihostinc/looking-glass-server
docker run -d --name looking-glass --restart=always -p ${docker_port}:80 wikihostinc/looking-glass-server

}

@ -9527,7 +9503,7 @@ while true; do
-p 53:53/tcp \
-p 53:53/udp \
-p ${docker_port}:3000/tcp \
--restart always \
--restart=always \
adguard/adguardhome


@ -9654,7 +9630,7 @@ while true; do
-p ${docker_port}:9000 \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /home/docker/portainer:/data \
--restart always \
--restart=always \
portainer/portainer

}
@ -9678,7 +9654,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/vscode-web:/home/coder/.local/share/code-server --name vscode-web --restart always codercom/code-server
docker run -d -p ${docker_port}:8080 -v /home/docker/vscode-web:/home/coder/.local/share/code-server --name vscode-web --restart=always codercom/code-server

}

@ -9727,7 +9703,7 @@ while true; do

docker_rum() {

docker run -d --name memos -p ${docker_port}:5230 -v /home/docker/memos:/var/opt/memos --restart always ghcr.io/usememos/memos:latest
docker run -d --name memos -p ${docker_port}:5230 -v /home/docker/memos:/var/opt/memos --restart=always ghcr.io/usememos/memos:latest

}

@ -9849,7 +9825,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 --name speedtest --restart always ghcr.io/librespeed/speedtest
docker run -d -p ${docker_port}:8080 --name speedtest --restart=always ghcr.io/librespeed/speedtest

}

@ -9897,7 +9873,7 @@ while true; do

docker run -d \
--name photoprism \
--restart always \
--restart=always \
--security-opt seccomp=unconfined \
--security-opt apparmor=unconfined \
-p ${docker_port}:2342 \
@ -10002,7 +9978,7 @@ while true; do

docker run -d \
--name pingvin-share \
--restart always \
--restart=always \
-p ${docker_port}:3000 \
-v /home/docker/pingvin-share/data:/opt/app/backend/data \
stonith404/pingvin-share
@ -10128,7 +10104,7 @@ while true; do
local docker_img="jrohy/webssh"
local docker_port=8040
docker_rum() {
docker run -d -p ${docker_port}:5032 --restart always --name webssh -e TZ=Asia/Shanghai jrohy/webssh
docker run -d -p ${docker_port}:5032 --restart=always --name webssh -e TZ=Asia/Shanghai jrohy/webssh
}

local docker_describe="简易在线ssh连接工具和sftp工具"
@ -10246,7 +10222,7 @@ while true; do
--name registry \
-v /home/docker/registry:/var/lib/registry \
-e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io \
--restart always \
--restart=always \
registry:2

}
@ -10267,7 +10243,7 @@ while true; do

docker_rum() {

docker run -d --name ghproxy --restart always -p ${docker_port}:8080 -v /home/docker/ghproxy/config:/data/ghproxy/config wjqserver/ghproxy:latest
docker run -d --name ghproxy --restart=always -p ${docker_port}:8080 -v /home/docker/ghproxy/config:/data/ghproxy/config wjqserver/ghproxy:latest

}

@ -10383,7 +10359,7 @@ while true; do

docker_rum() {

docker run -d --restart always -p ${docker_port}:5000 \
docker run -d --restart=always -p ${docker_port}:5000 \
-v /home/docker/datastore:/datastore \
--name changedetection dgtlmoon/changedetection.io:latest

@ -10438,7 +10414,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart always ghcr.io/open-webui/open-webui:ollama
docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart=always ghcr.io/open-webui/open-webui:ollama

}

@ -10490,7 +10466,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart always ghcr.io/open-webui/open-webui:ollama
docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart=always ghcr.io/open-webui/open-webui:ollama

}

@ -10706,7 +10682,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:main
docker run -d -p ${docker_port}:8080 -v /home/docker/open-webui:/app/backend/data --name open-webui --restart=always ghcr.io/open-webui/open-webui:main

}

@ -10750,7 +10726,7 @@ while true; do
chmod -R 777 /home/docker/n8n

docker run -d --name n8n \
--restart always \
--restart=always \
-p ${docker_port}:5678 \
-v /home/docker/n8n:/home/node/.n8n \
-e N8N_HOST=${yuming} \
@ -10924,7 +10900,7 @@ while true; do

docker run -d \
--name bitwarden \
--restart always \
--restart=always \
-p ${docker_port}:80 \
-v /home/docker/bitwarden/data:/data \
vaultwarden/server
@ -12008,7 +11984,7 @@ while true; do
--cap-add SYS_MODULE \
-v /home/docker/wireguard/config:/config \
-v /lib/modules:/lib/modules:ro \
--restart always \
--restart=always \
kjlion/wireguard:alpine

sleep 3
@ -12085,8 +12061,34 @@ while true; do



100|syncthing)

local app_id="100"
local docker_name="syncthing"
local docker_img="syncthing/syncthing:latest"
local docker_port=8100

docker_rum() {
docker run -d \
--name=syncthing \
--hostname=my-syncthing \
--restart=always \
-p ${docker_port}:8384 \
-p 22000:22000/tcp \
-p 22000:22000/udp \
-p 21027:21027/udp \
-v /home/docker/syncthing:/var/syncthing \
syncthing/syncthing:latest
}

local docker_describe="开源的点对点文件同步工具,类似于 Dropbox、Resilio Sync但完全去中心化。"
local docker_url="官网介绍: https://github.com/syncthing/syncthing"
local docker_use=""
local docker_passwd=""
local app_size="1"
docker_app

;;

b)
clear
@ -12924,7 +12926,7 @@ EOF
local current_hostname=$(uname -n)
echo -e "現在のホスト名:${gl_huang}$current_hostname${gl_bai}"
echo "------------------------"
read -e -p "新しいホスト名を入力してください出口に0を入力してください" new_hostname
read -e -p "新しいホスト名を入力してください0を入力して終了してください" new_hostname
if [ -n "$new_hostname" ] && [ "$new_hostname" != "0" ]; then
if [ -f /etc/alpine-release ]; then
# Alpine
@ -13029,7 +13031,7 @@ EOF
(crontab -l ; echo "0 0 * * $weekday $newquest") | crontab - > /dev/null 2>&1
;;
3)
read -e -p "毎日タスクを実行する時期を選択しますか? 時間、0-23" hour
read -e -p "毎日タスクを実行する時間を選択しますか? 時間、0-23" hour
(crontab -l ; echo "0 $hour * * * $newquest") | crontab - > /dev/null 2>&1
;;
4)
@ -13084,7 +13086,7 @@ EOF

;;
2)
read -e -p "削除する必要があるコンテンツを解析するために、キーワードを入力してください。" delhost
read -e -p "削除する必要があるコンテンツの解析のキーワードを入力してください。" delhost
sed -i "/$delhost/d" /etc/hosts
send_stats "ローカルホストの解析と削除"
;;
@ -13099,17 +13101,9 @@ EOF
root_use
send_stats "SSH防御"
while true; do
if [ -x "$(command -v fail2ban-client)" ] ; then
clear
remove fail2ban
rm -rf /etc/fail2ban
else
clear
rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf > /dev/null 2>&1
docker exec -it fail2ban fail2ban-client reload > /dev/null 2>&1
docker_name="fail2ban"
check_docker_app
echo -e "SSH防衛プログラム$check_docker"

check_f2b_status
echo -e "SSH防衛プログラム$check_f2b_status"
echo "Fail2banは、ブルートフォースを防ぐためのSSHツールです"
echo "公式ウェブサイトの紹介:${gh_proxy}github.com/fail2ban/fail2ban"
echo "------------------------"
@ -13125,7 +13119,6 @@ EOF
read -e -p "選択を入力してください:" sub_choice
case $sub_choice in
1)
install_docker
f2b_install_sshd

cd ~
@ -13139,19 +13132,19 @@ EOF
break_end
;;
3)
tail -f /path/to/fail2ban/config/log/fail2ban/fail2ban.log
tail -f /var/log/fail2ban.log
break
;;
9)
docker rm -f fail2ban
rm -rf /path/to/fail2ban
remove fail2ban
rm -rf /etc/fail2ban
echo "Fail2Ban防衛プログラムがアンインストールされています"
break
;;
*)
break
;;
esac
fi
done
;;


217
kr/kejilion.sh
View file

@ -1,5 +1,5 @@
#!/bin/bash
sh_v="4.1.5"
sh_v="4.1.6"


gl_hui='\e[37m'
@ -1771,7 +1771,7 @@ check_waf_status() {


check_cf_mode() {
if [ -f "/path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf" ]; then
if [ -f "/etc/fail2ban/action.d/cloudflare-docker.conf" ]; then
CFmessage=" cf模式已开启"
else
CFmessage=""
@ -1985,19 +1985,11 @@ nginx_gzip() {
web_security() {
send_stats "LDNMP 환경 방어"
while true; do
check_f2b_status
check_waf_status
check_cf_mode
if [ -x "$(command -v fail2ban-client)" ] ; then
clear
remove fail2ban
rm -rf /etc/fail2ban
else
clear
rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf > /dev/null 2>&1
docker exec -it fail2ban fail2ban-client reload > /dev/null 2>&1
docker_name="fail2ban"
check_docker_app
echo -e "서버 웹 사이트 방어 프로그램${check_docker}${gl_lv}${CFmessage}${waf_status}${gl_bai}"
echo -e "서버 웹 사이트 방어 프로그램${check_f2b_status}${gl_lv}${CFmessage}${waf_status}${gl_bai}"
echo "------------------------"
echo "1. 방어 프로그램을 설치하십시오"
echo "------------------------"
@ -2019,11 +2011,16 @@ web_security() {
case $sub_choice in
1)
f2b_install_sshd
cd /path/to/fail2ban/config/fail2ban/filter.d
cd /etc/fail2ban/filter.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/sh/main/fail2ban-nginx-cc.conf
cd /path/to/fail2ban/config/fail2ban/jail.d/
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-418.conf
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-deny.conf
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-unauthorized.conf
wget ${gh_proxy}https://raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-bad-request.conf

cd /etc/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/nginx-docker-cc.conf
sed -i "/cloudflare/d" /path/to/fail2ban/config/fail2ban/jail.d/nginx-docker-cc.conf
sed -i "/cloudflare/d" /etc/fail2ban/jail.d/nginx-docker-cc.conf
f2b_status
;;
5)
@ -2037,56 +2034,57 @@ web_security() {
local xxx="fail2ban-nginx-cc"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-418"
local xxx="nginx-418"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-bad-request"
local xxx="nginx-bad-request"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-badbots"
local xxx="nginx-badbots"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-botsearch"
local xxx="nginx-botsearch"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-deny"
local xxx="nginx-deny"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-http-auth"
local xxx="nginx-http-auth"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-unauthorized"
local xxx="nginx-unauthorized"
f2b_status_xxx
echo "------------------------"
local xxx="docker-php-url-fopen"
local xxx="php-url-fopen"
f2b_status_xxx
echo "------------------------"

;;

7)
docker exec -it fail2ban fail2ban-client status
fail2ban-client status
;;
8)
tail -f /path/to/fail2ban/config/log/fail2ban/fail2ban.log
tail -f /var/log/fail2ban.log

;;
9)
docker rm -f fail2ban
rm -rf /path/to/fail2ban
remove fail2ban
rm -rf /etc/fail2ban
crontab -l | grep -v "CF-Under-Attack.sh" | crontab - 2>/dev/null
echo "Fail2ban 방어 프로그램은 제거되었습니다"
break
;;

11)
install nano
nano /path/to/fail2ban/config/fail2ban/jail.d/nginx-docker-cc.conf
nano /etc/fail2ban/jail.d/nginx-docker-cc.conf
f2b_status
break
;;

12)
docker exec -it fail2ban fail2ban-client unban --all
fail2ban-client unban --all
;;

21)
@ -2099,14 +2097,14 @@ web_security() {
wget -O /home/web/conf.d/default.conf ${gh_proxy}raw.githubusercontent.com/kejilion/nginx/main/default11.conf
docker exec nginx nginx -s reload

cd /path/to/fail2ban/config/fail2ban/jail.d/
cd /etc/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/nginx-docker-cc.conf

cd /path/to/fail2ban/config/fail2ban/action.d
cd /etc/fail2ban/action.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/cloudflare-docker.conf

sed -i "s/kejilion@outlook.com/$cfuser/g" /path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/APIKEY00000/$cftoken/g" /path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/kejilion@outlook.com/$cfuser/g" /etc/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/APIKEY00000/$cftoken/g" /etc/fail2ban/action.d/cloudflare-docker.conf
f2b_status

echo "CloudFlare 모드는 CF 배경, Site-Security-Events에서 인터셉트 레코드를 보도록 구성됩니다."
@ -2171,7 +2169,6 @@ web_security() {
break
;;
esac
fi
break_end
done
}
@ -3017,52 +3014,30 @@ tmux new -d -s "$base_name-$tmuxd_ID" "$tmuxd"


f2b_status() {
docker exec -it fail2ban fail2ban-client reload
fail2ban-client reload
sleep 3
docker exec -it fail2ban fail2ban-client status
fail2ban-client status
}

f2b_status_xxx() {
docker exec -it fail2ban fail2ban-client status $xxx
fail2ban-client status $xxx
}

check_f2b_status() {
if command -v fail2ban-client >/dev/null 2>&1; then
check_f2b_status="${gl_lv}已安装${gl_bai}"
else
check_f2b_status="${gl_hui}未安装${gl_bai}"
fi
}

f2b_install_sshd() {

docker run -d \
--name=fail2ban \
--net=host \
--cap-add=NET_ADMIN \
--cap-add=NET_RAW \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e VERBOSITY=-vv \
-v /path/to/fail2ban/config:/config \
-v /var/log:/var/log:ro \
-v /home/web/log/nginx/:/remotelogs/nginx:ro \
--restart=always \
lscr.io/linuxserver/fail2ban:latest
docker rm -f fail2ban >/dev/null 2>&1
install fail2ban
start fail2ban
enable fail2ban

sleep 3
if grep -q 'Alpine' /etc/issue; then
cd /path/to/fail2ban/config/fail2ban/filter.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-sshd.conf
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-sshd-ddos.conf
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-ssh.conf
elif command -v dnf &>/dev/null; then
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/centos-ssh.conf
else
install rsyslog
systemctl start rsyslog
systemctl enable rsyslog
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/linux-ssh.conf
systemctl restart rsyslog
fi

rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf
}

f2b_sshd() {
@ -7765,7 +7740,8 @@ linux_Oracle() {

4)
clear
echo "이 기능은 개발 단계에 있으므로 계속 지켜봐 주시기 바랍니다!"
send_stats "형사 R 스크립트 시작"
bash <(wget -qO- ${gh_proxy}github.com/Yohann0617/oci-helper/releases/latest/download/sh_oci-helper_install.sh)
;;
5)
clear
@ -8384,7 +8360,7 @@ linux_ldnmp() {

docker run -d \
--name bitwarden \
--restart always \
--restart=always \
-p 3280:80 \
-v /home/web/html/$yuming/bitwarden/data:/data \
vaultwarden/server
@ -8405,7 +8381,7 @@ linux_ldnmp() {
install_ssltls
certs_status

docker run -d --name halo --restart always -p 8010:8090 -v /home/web/html/$yuming/.halo2:/root/.halo2 halohub/halo:2
docker run -d --name halo --restart=always -p 8010:8090 -v /home/web/html/$yuming/.halo2:/root/.halo2 halohub/halo:2
duankou=8010
reverse_proxy

@ -8890,7 +8866,7 @@ while true; do
echo -e "${gl_kjlan}93. ${color93}DUFS 미니멀리스트 정적 파일 서버${gl_kjlan}94. ${color94}고속 다운로드 도구"
echo -e "${gl_kjlan}95. ${color95}종이없는 문서 관리 플랫폼${gl_kjlan}96. ${color96}2FAUTH 자체 호스팅 2 단계 유효성 검사기"
echo -e "${gl_kjlan}97. ${color97}와이어 가드 네트워킹 (서버 측)${gl_kjlan}98. ${color98}와이어 가드 네트워킹 (클라이언트)"
echo -e "${gl_kjlan}99. ${color99}DSM Synology Virtual Machine"
echo -e "${gl_kjlan}99. ${color99}DSM Synology Virtual Machine${gl_kjlan}100. ${color100}동기화 지점 간 파일 동기화 도구"
echo -e "${gl_kjlan}------------------------"
echo -e "${gl_kjlan}b. ${gl_bai}모든 응용 프로그램 데이터를 백업합니다${gl_kjlan}r. ${gl_bai}모든 응용 프로그램 데이터를 복원하십시오"
echo -e "${gl_kjlan}------------------------"
@ -9499,7 +9475,7 @@ while true; do

docker_rum() {

docker run -d --name looking-glass --restart always -p ${docker_port}:80 wikihostinc/looking-glass-server
docker run -d --name looking-glass --restart=always -p ${docker_port}:80 wikihostinc/looking-glass-server

}

@ -9527,7 +9503,7 @@ while true; do
-p 53:53/tcp \
-p 53:53/udp \
-p ${docker_port}:3000/tcp \
--restart always \
--restart=always \
adguard/adguardhome


@ -9654,7 +9630,7 @@ while true; do
-p ${docker_port}:9000 \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /home/docker/portainer:/data \
--restart always \
--restart=always \
portainer/portainer

}
@ -9678,7 +9654,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/vscode-web:/home/coder/.local/share/code-server --name vscode-web --restart always codercom/code-server
docker run -d -p ${docker_port}:8080 -v /home/docker/vscode-web:/home/coder/.local/share/code-server --name vscode-web --restart=always codercom/code-server

}

@ -9727,7 +9703,7 @@ while true; do

docker_rum() {

docker run -d --name memos -p ${docker_port}:5230 -v /home/docker/memos:/var/opt/memos --restart always ghcr.io/usememos/memos:latest
docker run -d --name memos -p ${docker_port}:5230 -v /home/docker/memos:/var/opt/memos --restart=always ghcr.io/usememos/memos:latest

}

@ -9849,7 +9825,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 --name speedtest --restart always ghcr.io/librespeed/speedtest
docker run -d -p ${docker_port}:8080 --name speedtest --restart=always ghcr.io/librespeed/speedtest

}

@ -9897,7 +9873,7 @@ while true; do

docker run -d \
--name photoprism \
--restart always \
--restart=always \
--security-opt seccomp=unconfined \
--security-opt apparmor=unconfined \
-p ${docker_port}:2342 \
@ -10002,7 +9978,7 @@ while true; do

docker run -d \
--name pingvin-share \
--restart always \
--restart=always \
-p ${docker_port}:3000 \
-v /home/docker/pingvin-share/data:/opt/app/backend/data \
stonith404/pingvin-share
@ -10128,7 +10104,7 @@ while true; do
local docker_img="jrohy/webssh"
local docker_port=8040
docker_rum() {
docker run -d -p ${docker_port}:5032 --restart always --name webssh -e TZ=Asia/Shanghai jrohy/webssh
docker run -d -p ${docker_port}:5032 --restart=always --name webssh -e TZ=Asia/Shanghai jrohy/webssh
}

local docker_describe="简易在线ssh连接工具和sftp工具"
@ -10246,7 +10222,7 @@ while true; do
--name registry \
-v /home/docker/registry:/var/lib/registry \
-e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io \
--restart always \
--restart=always \
registry:2

}
@ -10267,7 +10243,7 @@ while true; do

docker_rum() {

docker run -d --name ghproxy --restart always -p ${docker_port}:8080 -v /home/docker/ghproxy/config:/data/ghproxy/config wjqserver/ghproxy:latest
docker run -d --name ghproxy --restart=always -p ${docker_port}:8080 -v /home/docker/ghproxy/config:/data/ghproxy/config wjqserver/ghproxy:latest

}

@ -10383,7 +10359,7 @@ while true; do

docker_rum() {

docker run -d --restart always -p ${docker_port}:5000 \
docker run -d --restart=always -p ${docker_port}:5000 \
-v /home/docker/datastore:/datastore \
--name changedetection dgtlmoon/changedetection.io:latest

@ -10438,7 +10414,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart always ghcr.io/open-webui/open-webui:ollama
docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart=always ghcr.io/open-webui/open-webui:ollama

}

@ -10490,7 +10466,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart always ghcr.io/open-webui/open-webui:ollama
docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart=always ghcr.io/open-webui/open-webui:ollama

}

@ -10706,7 +10682,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:main
docker run -d -p ${docker_port}:8080 -v /home/docker/open-webui:/app/backend/data --name open-webui --restart=always ghcr.io/open-webui/open-webui:main

}

@ -10750,7 +10726,7 @@ while true; do
chmod -R 777 /home/docker/n8n

docker run -d --name n8n \
--restart always \
--restart=always \
-p ${docker_port}:5678 \
-v /home/docker/n8n:/home/node/.n8n \
-e N8N_HOST=${yuming} \
@ -10924,7 +10900,7 @@ while true; do

docker run -d \
--name bitwarden \
--restart always \
--restart=always \
-p ${docker_port}:80 \
-v /home/docker/bitwarden/data:/data \
vaultwarden/server
@ -12008,7 +11984,7 @@ while true; do
--cap-add SYS_MODULE \
-v /home/docker/wireguard/config:/config \
-v /lib/modules:/lib/modules:ro \
--restart always \
--restart=always \
kjlion/wireguard:alpine

sleep 3
@ -12085,8 +12061,34 @@ while true; do



100|syncthing)

local app_id="100"
local docker_name="syncthing"
local docker_img="syncthing/syncthing:latest"
local docker_port=8100

docker_rum() {
docker run -d \
--name=syncthing \
--hostname=my-syncthing \
--restart=always \
-p ${docker_port}:8384 \
-p 22000:22000/tcp \
-p 22000:22000/udp \
-p 21027:21027/udp \
-v /home/docker/syncthing:/var/syncthing \
syncthing/syncthing:latest
}

local docker_describe="开源的点对点文件同步工具,类似于 Dropbox、Resilio Sync但完全去中心化。"
local docker_url="官网介绍: https://github.com/syncthing/syncthing"
local docker_use=""
local docker_passwd=""
local app_size="1"
docker_app

;;

b)
clear
@ -13029,7 +13031,7 @@ EOF
(crontab -l ; echo "0 0 * * $weekday $newquest") | crontab - > /dev/null 2>&1
;;
3)
read -e -p "매일 작업을 수행 할시기를 선택 하시겠습니까? (시간, 0-23) :" hour
read -e -p "매일 작업을 수행 할 시간을 선택하십시오. (시간, 0-23) :" hour
(crontab -l ; echo "0 $hour * * * $newquest") | crontab - > /dev/null 2>&1
;;
4)
@ -13084,7 +13086,7 @@ EOF

;;
2)
read -e -p "삭제 해야하는 콘텐츠를 구문 분석하기위한 키워드를 입력하십시오." delhost
read -e -p "삭제 해야하는 구문 분석 컨텐츠의 키워드를 입력하십시오." delhost
sed -i "/$delhost/d" /etc/hosts
send_stats "로컬 호스트 구문 분석 및 삭제"
;;
@ -13099,17 +13101,9 @@ EOF
root_use
send_stats "SSH 방어"
while true; do
if [ -x "$(command -v fail2ban-client)" ] ; then
clear
remove fail2ban
rm -rf /etc/fail2ban
else
clear
rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf > /dev/null 2>&1
docker exec -it fail2ban fail2ban-client reload > /dev/null 2>&1
docker_name="fail2ban"
check_docker_app
echo -e "SSH 방어 프로그램$check_docker"

check_f2b_status
echo -e "SSH 방어 프로그램$check_f2b_status"
echo "FAIL2BAN은 무자비한 힘을 방지하는 SSH 도구입니다"
echo "공식 웹 사이트 소개 :${gh_proxy}github.com/fail2ban/fail2ban"
echo "------------------------"
@ -13125,7 +13119,6 @@ EOF
read -e -p "선택을 입력하십시오 :" sub_choice
case $sub_choice in
1)
install_docker
f2b_install_sshd

cd ~
@ -13139,19 +13132,19 @@ EOF
break_end
;;
3)
tail -f /path/to/fail2ban/config/log/fail2ban/fail2ban.log
tail -f /var/log/fail2ban.log
break
;;
9)
docker rm -f fail2ban
rm -rf /path/to/fail2ban
remove fail2ban
rm -rf /etc/fail2ban
echo "Fail2ban 방어 프로그램은 제거되었습니다"
break
;;
*)
break
;;
esac
fi
done
;;

@ -13743,7 +13736,7 @@ linux_file() {

# -r 옵션을 사용하여 디렉토리를 재귀 적으로 복사하십시오
cp -r "$src_path" "$dest_path" && echo "파일 또는 디렉토리가 복사되었습니다$dest_path" || echo "파일이나 디렉토리를 복사하지 못했습니다"
send_stats "파일 또는 디렉토리를 복사하십시오"
send_stats "파일 또는 디렉토리를 복사합니다"
;;



213
tw/kejilion.sh
View file

@ -1,5 +1,5 @@
#!/bin/bash
sh_v="4.1.5"
sh_v="4.1.6"


gl_hui='\e[37m'
@ -1771,7 +1771,7 @@ check_waf_status() {


check_cf_mode() {
if [ -f "/path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf" ]; then
if [ -f "/etc/fail2ban/action.d/cloudflare-docker.conf" ]; then
CFmessage=" cf模式已开启"
else
CFmessage=""
@ -1985,19 +1985,11 @@ nginx_gzip() {
web_security() {
send_stats "LDNMP環境防禦"
while true; do
check_f2b_status
check_waf_status
check_cf_mode
if [ -x "$(command -v fail2ban-client)" ] ; then
clear
remove fail2ban
rm -rf /etc/fail2ban
else
clear
rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf > /dev/null 2>&1
docker exec -it fail2ban fail2ban-client reload > /dev/null 2>&1
docker_name="fail2ban"
check_docker_app
echo -e "服務器網站防禦程序${check_docker}${gl_lv}${CFmessage}${waf_status}${gl_bai}"
echo -e "服務器網站防禦程序${check_f2b_status}${gl_lv}${CFmessage}${waf_status}${gl_bai}"
echo "------------------------"
echo "1. 安裝防禦程序"
echo "------------------------"
@ -2019,11 +2011,16 @@ web_security() {
case $sub_choice in
1)
f2b_install_sshd
cd /path/to/fail2ban/config/fail2ban/filter.d
cd /etc/fail2ban/filter.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/sh/main/fail2ban-nginx-cc.conf
cd /path/to/fail2ban/config/fail2ban/jail.d/
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-418.conf
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-deny.conf
wget ${gh_proxy}raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-unauthorized.conf
wget ${gh_proxy}https://raw.githubusercontent.com/linuxserver/fail2ban-confs/master/filter.d/nginx-bad-request.conf

cd /etc/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/nginx-docker-cc.conf
sed -i "/cloudflare/d" /path/to/fail2ban/config/fail2ban/jail.d/nginx-docker-cc.conf
sed -i "/cloudflare/d" /etc/fail2ban/jail.d/nginx-docker-cc.conf
f2b_status
;;
5)
@ -2037,56 +2034,57 @@ web_security() {
local xxx="fail2ban-nginx-cc"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-418"
local xxx="nginx-418"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-bad-request"
local xxx="nginx-bad-request"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-badbots"
local xxx="nginx-badbots"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-botsearch"
local xxx="nginx-botsearch"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-deny"
local xxx="nginx-deny"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-http-auth"
local xxx="nginx-http-auth"
f2b_status_xxx
echo "------------------------"
local xxx="docker-nginx-unauthorized"
local xxx="nginx-unauthorized"
f2b_status_xxx
echo "------------------------"
local xxx="docker-php-url-fopen"
local xxx="php-url-fopen"
f2b_status_xxx
echo "------------------------"

;;

7)
docker exec -it fail2ban fail2ban-client status
fail2ban-client status
;;
8)
tail -f /path/to/fail2ban/config/log/fail2ban/fail2ban.log
tail -f /var/log/fail2ban.log

;;
9)
docker rm -f fail2ban
rm -rf /path/to/fail2ban
remove fail2ban
rm -rf /etc/fail2ban
crontab -l | grep -v "CF-Under-Attack.sh" | crontab - 2>/dev/null
echo "Fail2Ban防禦程序已卸載"
break
;;

11)
install nano
nano /path/to/fail2ban/config/fail2ban/jail.d/nginx-docker-cc.conf
nano /etc/fail2ban/jail.d/nginx-docker-cc.conf
f2b_status
break
;;

12)
docker exec -it fail2ban fail2ban-client unban --all
fail2ban-client unban --all
;;

21)
@ -2099,14 +2097,14 @@ web_security() {
wget -O /home/web/conf.d/default.conf ${gh_proxy}raw.githubusercontent.com/kejilion/nginx/main/default11.conf
docker exec nginx nginx -s reload

cd /path/to/fail2ban/config/fail2ban/jail.d/
cd /etc/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/nginx-docker-cc.conf

cd /path/to/fail2ban/config/fail2ban/action.d
cd /etc/fail2ban/action.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/cloudflare-docker.conf

sed -i "s/kejilion@outlook.com/$cfuser/g" /path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/APIKEY00000/$cftoken/g" /path/to/fail2ban/config/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/kejilion@outlook.com/$cfuser/g" /etc/fail2ban/action.d/cloudflare-docker.conf
sed -i "s/APIKEY00000/$cftoken/g" /etc/fail2ban/action.d/cloudflare-docker.conf
f2b_status

echo "已配置cloudflare模式可在cf後台站點-安全性-事件中查看攔截記錄"
@ -2171,7 +2169,6 @@ web_security() {
break
;;
esac
fi
break_end
done
}
@ -3017,52 +3014,30 @@ tmux new -d -s "$base_name-$tmuxd_ID" "$tmuxd"


f2b_status() {
docker exec -it fail2ban fail2ban-client reload
fail2ban-client reload
sleep 3
docker exec -it fail2ban fail2ban-client status
fail2ban-client status
}

f2b_status_xxx() {
docker exec -it fail2ban fail2ban-client status $xxx
fail2ban-client status $xxx
}

check_f2b_status() {
if command -v fail2ban-client >/dev/null 2>&1; then
check_f2b_status="${gl_lv}已安装${gl_bai}"
else
check_f2b_status="${gl_hui}未安装${gl_bai}"
fi
}

f2b_install_sshd() {

docker run -d \
--name=fail2ban \
--net=host \
--cap-add=NET_ADMIN \
--cap-add=NET_RAW \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-e VERBOSITY=-vv \
-v /path/to/fail2ban/config:/config \
-v /var/log:/var/log:ro \
-v /home/web/log/nginx/:/remotelogs/nginx:ro \
--restart=always \
lscr.io/linuxserver/fail2ban:latest
docker rm -f fail2ban >/dev/null 2>&1
install fail2ban
start fail2ban
enable fail2ban

sleep 3
if grep -q 'Alpine' /etc/issue; then
cd /path/to/fail2ban/config/fail2ban/filter.d
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-sshd.conf
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-sshd-ddos.conf
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/alpine-ssh.conf
elif command -v dnf &>/dev/null; then
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/centos-ssh.conf
else
install rsyslog
systemctl start rsyslog
systemctl enable rsyslog
cd /path/to/fail2ban/config/fail2ban/jail.d/
curl -sS -O ${gh_proxy}raw.githubusercontent.com/kejilion/config/main/fail2ban/linux-ssh.conf
systemctl restart rsyslog
fi

rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf
}

f2b_sshd() {
@ -7765,7 +7740,8 @@ linux_Oracle() {

4)
clear
echo "該功能處於開發階段,敬請期待!"
send_stats "R探長開機腳本"
bash <(wget -qO- ${gh_proxy}github.com/Yohann0617/oci-helper/releases/latest/download/sh_oci-helper_install.sh)
;;
5)
clear
@ -8384,7 +8360,7 @@ linux_ldnmp() {

docker run -d \
--name bitwarden \
--restart always \
--restart=always \
-p 3280:80 \
-v /home/web/html/$yuming/bitwarden/data:/data \
vaultwarden/server
@ -8405,7 +8381,7 @@ linux_ldnmp() {
install_ssltls
certs_status

docker run -d --name halo --restart always -p 8010:8090 -v /home/web/html/$yuming/.halo2:/root/.halo2 halohub/halo:2
docker run -d --name halo --restart=always -p 8010:8090 -v /home/web/html/$yuming/.halo2:/root/.halo2 halohub/halo:2
duankou=8010
reverse_proxy

@ -8890,7 +8866,7 @@ while true; do
echo -e "${gl_kjlan}93. ${color93}Dufs極簡靜態文件服務器${gl_kjlan}94. ${color94}Gopeed高速下載工具"
echo -e "${gl_kjlan}95. ${color95}paperless文檔管理平台${gl_kjlan}96. ${color96}2FAuth自託管二步驗證器"
echo -e "${gl_kjlan}97. ${color97}WireGuard組網(服務端)${gl_kjlan}98. ${color98}WireGuard組網(客戶端)"
echo -e "${gl_kjlan}99. ${color99}DSM群暉虛擬機"
echo -e "${gl_kjlan}99. ${color99}DSM群暉虛擬機${gl_kjlan}100. ${color100}Syncthing點對點文件同步工具"
echo -e "${gl_kjlan}------------------------"
echo -e "${gl_kjlan}b. ${gl_bai}備份全部應用數據${gl_kjlan}r. ${gl_bai}還原全部應用數據"
echo -e "${gl_kjlan}------------------------"
@ -9499,7 +9475,7 @@ while true; do

docker_rum() {

docker run -d --name looking-glass --restart always -p ${docker_port}:80 wikihostinc/looking-glass-server
docker run -d --name looking-glass --restart=always -p ${docker_port}:80 wikihostinc/looking-glass-server

}

@ -9527,7 +9503,7 @@ while true; do
-p 53:53/tcp \
-p 53:53/udp \
-p ${docker_port}:3000/tcp \
--restart always \
--restart=always \
adguard/adguardhome


@ -9654,7 +9630,7 @@ while true; do
-p ${docker_port}:9000 \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /home/docker/portainer:/data \
--restart always \
--restart=always \
portainer/portainer

}
@ -9678,7 +9654,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/vscode-web:/home/coder/.local/share/code-server --name vscode-web --restart always codercom/code-server
docker run -d -p ${docker_port}:8080 -v /home/docker/vscode-web:/home/coder/.local/share/code-server --name vscode-web --restart=always codercom/code-server

}

@ -9727,7 +9703,7 @@ while true; do

docker_rum() {

docker run -d --name memos -p ${docker_port}:5230 -v /home/docker/memos:/var/opt/memos --restart always ghcr.io/usememos/memos:latest
docker run -d --name memos -p ${docker_port}:5230 -v /home/docker/memos:/var/opt/memos --restart=always ghcr.io/usememos/memos:latest

}

@ -9849,7 +9825,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 --name speedtest --restart always ghcr.io/librespeed/speedtest
docker run -d -p ${docker_port}:8080 --name speedtest --restart=always ghcr.io/librespeed/speedtest

}

@ -9897,7 +9873,7 @@ while true; do

docker run -d \
--name photoprism \
--restart always \
--restart=always \
--security-opt seccomp=unconfined \
--security-opt apparmor=unconfined \
-p ${docker_port}:2342 \
@ -10002,7 +9978,7 @@ while true; do

docker run -d \
--name pingvin-share \
--restart always \
--restart=always \
-p ${docker_port}:3000 \
-v /home/docker/pingvin-share/data:/opt/app/backend/data \
stonith404/pingvin-share
@ -10128,7 +10104,7 @@ while true; do
local docker_img="jrohy/webssh"
local docker_port=8040
docker_rum() {
docker run -d -p ${docker_port}:5032 --restart always --name webssh -e TZ=Asia/Shanghai jrohy/webssh
docker run -d -p ${docker_port}:5032 --restart=always --name webssh -e TZ=Asia/Shanghai jrohy/webssh
}

local docker_describe="简易在线ssh连接工具和sftp工具"
@ -10246,7 +10222,7 @@ while true; do
--name registry \
-v /home/docker/registry:/var/lib/registry \
-e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io \
--restart always \
--restart=always \
registry:2

}
@ -10267,7 +10243,7 @@ while true; do

docker_rum() {

docker run -d --name ghproxy --restart always -p ${docker_port}:8080 -v /home/docker/ghproxy/config:/data/ghproxy/config wjqserver/ghproxy:latest
docker run -d --name ghproxy --restart=always -p ${docker_port}:8080 -v /home/docker/ghproxy/config:/data/ghproxy/config wjqserver/ghproxy:latest

}

@ -10383,7 +10359,7 @@ while true; do

docker_rum() {

docker run -d --restart always -p ${docker_port}:5000 \
docker run -d --restart=always -p ${docker_port}:5000 \
-v /home/docker/datastore:/datastore \
--name changedetection dgtlmoon/changedetection.io:latest

@ -10438,7 +10414,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart always ghcr.io/open-webui/open-webui:ollama
docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart=always ghcr.io/open-webui/open-webui:ollama

}

@ -10490,7 +10466,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart always ghcr.io/open-webui/open-webui:ollama
docker run -d -p ${docker_port}:8080 -v /home/docker/ollama:/root/.ollama -v /home/docker/ollama/open-webui:/app/backend/data --name ollama --restart=always ghcr.io/open-webui/open-webui:ollama

}

@ -10706,7 +10682,7 @@ while true; do

docker_rum() {

docker run -d -p ${docker_port}:8080 -v /home/docker/open-webui:/app/backend/data --name open-webui --restart always ghcr.io/open-webui/open-webui:main
docker run -d -p ${docker_port}:8080 -v /home/docker/open-webui:/app/backend/data --name open-webui --restart=always ghcr.io/open-webui/open-webui:main

}

@ -10750,7 +10726,7 @@ while true; do
chmod -R 777 /home/docker/n8n

docker run -d --name n8n \
--restart always \
--restart=always \
-p ${docker_port}:5678 \
-v /home/docker/n8n:/home/node/.n8n \
-e N8N_HOST=${yuming} \
@ -10924,7 +10900,7 @@ while true; do

docker run -d \
--name bitwarden \
--restart always \
--restart=always \
-p ${docker_port}:80 \
-v /home/docker/bitwarden/data:/data \
vaultwarden/server
@ -12008,7 +11984,7 @@ while true; do
--cap-add SYS_MODULE \
-v /home/docker/wireguard/config:/config \
-v /lib/modules:/lib/modules:ro \
--restart always \
--restart=always \
kjlion/wireguard:alpine

sleep 3
@ -12085,8 +12061,34 @@ while true; do



100|syncthing)

local app_id="100"
local docker_name="syncthing"
local docker_img="syncthing/syncthing:latest"
local docker_port=8100

docker_rum() {
docker run -d \
--name=syncthing \
--hostname=my-syncthing \
--restart=always \
-p ${docker_port}:8384 \
-p 22000:22000/tcp \
-p 22000:22000/udp \
-p 21027:21027/udp \
-v /home/docker/syncthing:/var/syncthing \
syncthing/syncthing:latest
}

local docker_describe="开源的点对点文件同步工具,类似于 Dropbox、Resilio Sync但完全去中心化。"
local docker_url="官网介绍: https://github.com/syncthing/syncthing"
local docker_use=""
local docker_passwd=""
local app_size="1"
docker_app

;;

b)
clear
@ -13099,17 +13101,9 @@ EOF
root_use
send_stats "ssh防禦"
while true; do
if [ -x "$(command -v fail2ban-client)" ] ; then
clear
remove fail2ban
rm -rf /etc/fail2ban
else
clear
rm -f /path/to/fail2ban/config/fail2ban/jail.d/sshd.conf > /dev/null 2>&1
docker exec -it fail2ban fail2ban-client reload > /dev/null 2>&1
docker_name="fail2ban"
check_docker_app
echo -e "SSH防禦程序$check_docker"

check_f2b_status
echo -e "SSH防禦程序$check_f2b_status"
echo "fail2ban是一個SSH防止暴力破解工具"
echo "官網介紹:${gh_proxy}github.com/fail2ban/fail2ban"
echo "------------------------"
@ -13125,7 +13119,6 @@ EOF
read -e -p "請輸入你的選擇:" sub_choice
case $sub_choice in
1)
install_docker
f2b_install_sshd

cd ~
@ -13139,19 +13132,19 @@ EOF
break_end
;;
3)
tail -f /path/to/fail2ban/config/log/fail2ban/fail2ban.log
tail -f /var/log/fail2ban.log
break
;;
9)
docker rm -f fail2ban
rm -rf /path/to/fail2ban
remove fail2ban
rm -rf /etc/fail2ban
echo "Fail2Ban防禦程序已卸載"
break
;;
*)
break
;;
esac
fi
done
;;

@ -14222,7 +14215,7 @@ echo "阻止IP k zzip 177.5.25.36 |k 阻止IP 177.5.25.36"
echo "命令收藏夾 k fav | k 命令收藏夾"
echo "應用市場管理 k app"
echo "應用編號快捷管理 k app 26 | k app 1panel | k app npm"
echo "顯示系統信息 k info"
echo "顯示系統信息 k info"
}