From 4b5a1ef51f888f192ee2ed59902189fdeff01315 Mon Sep 17 00:00:00 2001 From: Sergey Antropoff Date: Wed, 1 Jul 2026 13:28:00 +0300 Subject: [PATCH] =?UTF-8?q?=D0=9F=D0=BE=D0=BB=D0=BD=D0=B0=D1=8F=20=D0=BE?= =?UTF-8?q?=D1=87=D0=B8=D1=81=D1=82=D0=BA=D0=B0=20=D0=BF=D1=80=D0=B8=20uni?= =?UTF-8?q?nstall:=20VPS=20=D0=B8=20output//?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Скрипт --remove снимает только бинарник и systemd; Ansible дочищает конфиг, пользователя, ufw, пакеты и всегда удаляет локальную папку экспорта. --- README.md | 17 ++++--- roles/hysteria2/defaults/main.yml | 5 -- roles/hysteria2/defaults/uninstall.yml | 8 +-- roles/hysteria2/tasks/uninstall.yml | 67 +++++++++++++++++++------- 4 files changed, 61 insertions(+), 36 deletions(-) diff --git a/README.md b/README.md index 72f3d6c..6c70a6e 100644 --- a/README.md +++ b/README.md @@ -83,7 +83,6 @@ make install LIMIT=vps-de make update LIMIT=vps-nl make export make uninstall LIMIT=vps-de -make uninstall LIMIT=vps-de EXTRA_VARS='hysteria2_uninstall_remove_local_output=false' make update EXTRA_VARS='hysteria2_force_export=true' # перевыпустить URL/QR для всех make install EXTRA_VARS='hysteria2_open_browser=false' make update EXTRA_VARS='hysteria2_wait_for_acme=false' @@ -280,17 +279,20 @@ hysteria2_obfs_password: "{{ vault_hysteria2_obfs_passwords[inventory_hostname] ## `make uninstall` — полная очистка -На **VPS** удаляется: +На **VPS** (официальный `install_server.sh --remove` + дочистка Ansible): -- сервис и бинарник Hysteria2; +- бинарник `/usr/local/bin/hysteria` и unit-файлы systemd; - `/etc/hysteria/` (конфиг и ACME); -- пользователь `hysteria` и его home; +- `/var/lib/hysteria` и пользователь `hysteria`; +- symlink'и `multi-user.target.wants/hysteria-server*`; +- временные `/tmp/hysteria-client-*.yaml`; - правила ufw: `443/tcp`, `443/udp` (порт из `hysteria2_listen_port`); - пакеты `curl`, `micro`, `qrencode`. -На **control node**: `output//` и пересборка `output/index.html`. +На **control node**: -Сохранить локальный экспорт: `EXTRA_VARS='hysteria2_uninstall_remove_local_output=false'`. +- удаляется `output/<имя_сервера>/`; +- пересобирается общий `output/index.html`. --- @@ -383,8 +385,7 @@ ASCII QR — `hysteria share --qr` → `user.qr.txt`. | `hysteria2_generate_qr_png` | group | PNG QR через `qrencode` | | `hysteria2_wait_for_acme` | group | Пауза при первом ACME | | `hysteria2_open_browser` | group | Открыть `output/index.html` после экспорта | -| `hysteria2_uninstall_remove_local_output` | group | Удалить `output//` при uninstall (`true`) | -| `hysteria2_uninstall_rebuild_global_index` | group | Пересобрать `output/index.html` (`true`) | +| `hysteria2_uninstall_rebuild_global_index` | group | Пересобрать `output/index.html` после uninstall (`true`) | | `vault_ssh_passwords` | vault | SSH-пароли root | | `vault_hysteria2_user_passwords` | vault | VPN-пароли по серверам | | `vault_hysteria2_obfs_passwords` | vault | obfs-пароли по серверам | diff --git a/roles/hysteria2/defaults/main.yml b/roles/hysteria2/defaults/main.yml index 839537f..4bc2ee0 100644 --- a/roles/hysteria2/defaults/main.yml +++ b/roles/hysteria2/defaults/main.yml @@ -48,12 +48,7 @@ hysteria2_force_export: false # --- uninstall (см. также defaults/uninstall.yml) --- hysteria2_system_user: hysteria -hysteria2_uninstall_remove_config: true hysteria2_uninstall_remove_masq: false -hysteria2_uninstall_remove_system_user: true -hysteria2_uninstall_remove_packages: true -hysteria2_uninstall_remove_firewall_rules: true -hysteria2_uninstall_remove_local_output: true hysteria2_uninstall_rebuild_global_index: true hysteria2_uninstall_ufw_rules: - "{{ hysteria2_listen_port }}/tcp" diff --git a/roles/hysteria2/defaults/uninstall.yml b/roles/hysteria2/defaults/uninstall.yml index 71af7d5..26e3fc5 100644 --- a/roles/hysteria2/defaults/uninstall.yml +++ b/roles/hysteria2/defaults/uninstall.yml @@ -2,13 +2,9 @@ # Системный пользователь Hysteria (создаётся install_server.sh) hysteria2_system_user: hysteria -# --- uninstall (Salamander: без masq, порты 443/tcp+udp) --- -hysteria2_uninstall_remove_config: true +# --- uninstall (Salamander: без masq, порты listen_port/tcp+udp) --- +# install_server.sh --remove: бинарник + systemd; остальное — задачи uninstall.yml hysteria2_uninstall_remove_masq: false -hysteria2_uninstall_remove_system_user: true -hysteria2_uninstall_remove_packages: true -hysteria2_uninstall_remove_firewall_rules: true -hysteria2_uninstall_remove_local_output: true hysteria2_uninstall_rebuild_global_index: true hysteria2_uninstall_ufw_rules: - "{{ hysteria2_listen_port }}/tcp" diff --git a/roles/hysteria2/tasks/uninstall.yml b/roles/hysteria2/tasks/uninstall.yml index 2ed5d4b..d36850f 100644 --- a/roles/hysteria2/tasks/uninstall.yml +++ b/roles/hysteria2/tasks/uninstall.yml @@ -1,12 +1,12 @@ --- -- name: Stop and disable hysteria-server +- name: Stop and disable hysteria-server before removal ansible.builtin.systemd: name: "{{ hysteria2_service_name }}" enabled: false state: stopped failed_when: false -- name: Copy Hysteria2 install script to server for removal +- name: Copy Hysteria2 install script to server ansible.builtin.copy: src: "{{ hysteria2_install_script_name }}" dest: "{{ hysteria2_install_script_remote_path }}" @@ -19,18 +19,60 @@ changed_when: _hysteria2_remove.rc == 0 failed_when: false +- name: Show official script removal output + ansible.builtin.debug: + msg: "{{ _hysteria2_remove.stdout_lines | default(['install_server.sh --remove: no output']) }}" + when: _hysteria2_remove.stdout_lines is defined + - name: Remove Hysteria2 configuration and ACME data ansible.builtin.file: - path: "{{ hysteria2_config_path | dirname }}" + path: "{{ item }}" state: absent - when: hysteria2_uninstall_remove_config | default(true) | bool + loop: + - "{{ hysteria2_config_path | dirname }}" + - "/var/lib/{{ hysteria2_system_user | default('hysteria') }}" + +- name: Remove enabled hysteria-server systemd symlink + ansible.builtin.file: + path: /etc/systemd/system/multi-user.target.wants/hysteria-server.service + state: absent + failed_when: false + +- name: Find enabled hysteria-server@ systemd symlinks + ansible.builtin.find: + paths: /etc/systemd/system/multi-user.target.wants + patterns: hysteria-server@*.service + file_type: file + register: _hysteria2_systemd_instance_wants + failed_when: false + +- name: Remove enabled hysteria-server@ systemd symlinks + ansible.builtin.file: + path: "{{ item.path }}" + state: absent + loop: "{{ _hysteria2_systemd_instance_wants.files | default([]) }}" + failed_when: false - name: Remove Hysteria system user and home directory ansible.builtin.user: name: "{{ hysteria2_system_user | default('hysteria') }}" state: absent remove: true - when: hysteria2_uninstall_remove_system_user | default(true) | bool + failed_when: false + +- name: Find temporary Hysteria client configs on server + ansible.builtin.find: + paths: /tmp + patterns: hysteria-client-*.yaml + file_type: file + register: _hysteria2_tmp_client_configs + failed_when: false + +- name: Remove temporary Hysteria client configs on server + ansible.builtin.file: + path: "{{ item.path }}" + state: absent + loop: "{{ _hysteria2_tmp_client_configs.files | default([]) }}" failed_when: false - name: Check if ufw is available and active @@ -38,7 +80,6 @@ register: _hysteria2_ufw_status changed_when: false failed_when: false - when: hysteria2_uninstall_remove_firewall_rules | default(true) | bool - name: Remove firewall rules added during install ansible.builtin.command: "ufw delete allow {{ item }}" @@ -49,9 +90,7 @@ and 'Could not delete' not in (_hysteria2_ufw_delete.stdout | default('')) and 'Could not find' not in (_hysteria2_ufw_delete.stderr | default('')) failed_when: false - when: - - hysteria2_uninstall_remove_firewall_rules | default(true) | bool - - "'active' in (_hysteria2_ufw_status.stdout | default(''))" + when: "'active' in (_hysteria2_ufw_status.stdout | default(''))" - name: Remove packages installed for Hysteria2 ansible.builtin.apt: @@ -65,7 +104,6 @@ ['curl', 'micro'] + (['qrencode'] if hysteria2_generate_qr_png | default(true) | bool else []) }} - when: hysteria2_uninstall_remove_packages | default(true) | bool - name: Remove copied install script from server ansible.builtin.file: @@ -76,23 +114,18 @@ ansible.builtin.systemd: daemon_reload: true -- name: Remove local exported client files +- name: Remove local output directory for this server ansible.builtin.file: path: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}" state: absent delegate_to: localhost become: false - when: hysteria2_uninstall_remove_local_output | default(true) | bool - name: Show uninstall result ansible.builtin.debug: msg: >- Hysteria2 (Salamander) полностью удалён с {{ inventory_hostname }}. - {% if hysteria2_uninstall_remove_local_output | default(true) | bool %} - Локальные URL/QR в {{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/ удалены. + Локальная папка {{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/ удалена. {% if hysteria2_uninstall_rebuild_global_index | default(true) | bool %} Глобальный {{ hysteria2_output_dir }}/index.html будет пересобран. {% endif %} - {% else %} - Локальные URL/QR в {{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/ сохранены. - {% endif %}