Initial commit: Ansible role for Hysteria2 VPN server deployment.

Includes install/update/uninstall playbooks, Makefile, vault-based SSH credentials, per-server and global HTML export with QR codes.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Sergey Antropoff
2026-07-01 02:02:58 +03:00
commit f0c78cdeff
28 changed files with 2027 additions and 0 deletions
+42
View File
@@ -0,0 +1,42 @@
---
# Домен сервера (A-запись → IP VPS). Задаётся per-host в inventory.
hysteria2_domain: ""
# Email для ACME / Let's Encrypt
hysteria2_acme_email: ""
# Список имён пользователей VPN (пароли генерируются автоматически)
hysteria2_users: []
# Опционально: фиксированные пароли { username: password }
# Пустое значение или отсутствие ключа — автогенерация через pwgen
hysteria2_password_length: 40
hysteria2_listen_port: 443
hysteria2_upgrade_system: true
hysteria2_configure_firewall: true
hysteria2_masq_dir: /var/www/masq
hysteria2_config_path: /etc/hysteria/config.yaml
hysteria2_service_name: hysteria-server
# Локальный каталог для экспорта URL и QR (на control node)
hysteria2_output_dir: "{{ playbook_dir }}/output"
hysteria2_output_name: "{{ inventory_hostname }}"
# Генерировать PNG QR-коды через qrencode (apt на VPS, fetch на control node)
hysteria2_generate_qr_png: true
hysteria2_qr_png_size: 6
hysteria2_qr_png_margin: 2
hysteria2_qr_png_error_correction: M
# Ждать ACME при первом запуске (отключите при update: make update)
hysteria2_wait_for_acme: true
# Открыть output/index.html в браузере после install/update/export
hysteria2_open_browser: true
# --- uninstall ---
hysteria2_uninstall_remove_config: true
hysteria2_uninstall_remove_masq: true
hysteria2_uninstall_remove_local_output: false
+7
View File
@@ -0,0 +1,7 @@
---
- name: Restart hysteria-server
ansible.builtin.systemd:
name: "{{ hysteria2_service_name }}"
state: restarted
daemon_reload: true
become: true
+18
View File
@@ -0,0 +1,18 @@
---
galaxy_info:
role_name: hysteria2
author: inecs
description: Install Hysteria2 VPN server with masquerade site and export client URLs with QR codes
license: MIT
min_ansible_version: "2.14"
platforms:
- name: Debian
versions:
- bookworm
- bullseye
- name: Ubuntu
versions:
- jammy
- noble
dependencies: []
+69
View File
@@ -0,0 +1,69 @@
---
- name: Create masquerade web directory
ansible.builtin.file:
path: "{{ hysteria2_masq_dir }}"
state: directory
mode: "0755"
- name: Deploy masquerade index.html
ansible.builtin.template:
src: masq/index.html.j2
dest: "{{ hysteria2_masq_dir }}/index.html"
mode: "0644"
notify: Restart hysteria-server
- name: Remove default Hysteria config if present
ansible.builtin.file:
path: "{{ hysteria2_config_path }}"
state: absent
when: not ansible_check_mode
- name: Deploy Hysteria2 server config
ansible.builtin.template:
src: config.yaml.j2
dest: "{{ hysteria2_config_path }}"
mode: "0644"
notify: Restart hysteria-server
- name: Flush handlers before service check
ansible.builtin.meta: flush_handlers
- name: Enable and start hysteria-server
ansible.builtin.systemd:
name: "{{ hysteria2_service_name }}"
enabled: true
state: started
daemon_reload: true
- name: Check if ufw is available and active
ansible.builtin.command: ufw status
register: _hysteria2_ufw_status
changed_when: false
failed_when: false
when: hysteria2_configure_firewall | bool
- name: Allow HTTP and HTTPS in ufw
ansible.builtin.command: "ufw allow {{ item }}"
loop:
- 80/tcp
- 443/tcp
- 443/udp
register: _hysteria2_ufw_allow
changed_when: "'Skipping' not in (_hysteria2_ufw_allow.stdout | default(''))"
failed_when: false
when:
- hysteria2_configure_firewall | bool
- "'active' in (_hysteria2_ufw_status.stdout | default(''))"
- name: Wait for ACME certificate (first start may take several minutes)
ansible.builtin.pause:
seconds: 30
prompt: "Ожидание получения ACME-сертификата для {{ hysteria2_domain }}..."
when: hysteria2_wait_for_acme | default(true) | bool
- name: Verify hysteria-server is running
ansible.builtin.command:
cmd: "systemctl is-active {{ hysteria2_service_name }}"
register: _hysteria2_service_active
changed_when: false
failed_when: _hysteria2_service_active.stdout != 'active'
+63
View File
@@ -0,0 +1,63 @@
---
- name: Create local output directory for this server
ansible.builtin.file:
path: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}"
state: directory
mode: "0700"
delegate_to: localhost
become: false
- name: Initialize export users list
ansible.builtin.set_fact:
hysteria2_export_users: []
- name: Install qrencode on server for PNG QR export
ansible.builtin.apt:
name: qrencode
state: present
update_cache: false
when: hysteria2_generate_qr_png | bool
- name: Build client share data for each user
ansible.builtin.include_tasks: share_user.yml
loop: "{{ hysteria2_resolved_users }}"
loop_control:
loop_var: hysteria2_current_user
label: "{{ hysteria2_current_user.name }}"
- name: Save server summary locally
ansible.builtin.copy:
dest: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/server-info.yml"
mode: "0600"
content: |
server: {{ hysteria2_output_name }}
domain: {{ hysteria2_domain }}
port: {{ hysteria2_listen_port }}
users:
{% for user in hysteria2_export_users %}
- name: {{ user.name }}
password: "{{ user.password }}"
url: "{{ user.url }}"
has_png: {{ user.has_png | bool | lower }}
url_file: {{ user.name }}.url
qr_png: {{ user.name }}.png
html: index.html
{% endfor %}
delegate_to: localhost
become: false
- name: Generate HTML summary page
ansible.builtin.template:
src: export/index.html.j2
dest: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/index.html"
mode: "0644"
vars:
generated_at: "{{ ansible_date_time.date }} {{ ansible_date_time.time }}"
delegate_to: localhost
become: false
- name: Show export location
ansible.builtin.debug:
msg: >-
Клиентские URL, QR и index.html сохранены в
{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/
+90
View File
@@ -0,0 +1,90 @@
---
- name: Ensure output root directory exists
ansible.builtin.file:
path: "{{ hysteria2_output_dir }}"
state: directory
mode: "0700"
become: false
- name: Find server-info.yml in output directories
ansible.builtin.find:
paths: "{{ hysteria2_output_dir }}"
patterns: server-info.yml
recurse: true
register: _hysteria2_server_info_files
become: false
- name: Load server metadata from output
ansible.builtin.slurp:
src: "{{ item.path }}"
loop: "{{ _hysteria2_server_info_files.files | default([]) }}"
register: _hysteria2_server_info_raw
when: _hysteria2_server_info_files.matched | default(0) | int > 0
become: false
- name: Build global servers list
ansible.builtin.set_fact:
hysteria2_global_servers: "{{ hysteria2_global_servers | default([]) + [ _entry ] }}"
loop: "{{ _hysteria2_server_info_raw.results | default([]) }}"
when: not item.skipped | default(false)
vars:
_info: "{{ item.content | b64decode | from_yaml }}"
_entry:
name: "{{ _info.server }}"
domain: "{{ _info.domain }}"
port: "{{ _info.port }}"
dir: "{{ item.item.path | dirname | basename }}"
users: "{{ _info.users }}"
become: false
- name: Sort global servers by name
ansible.builtin.set_fact:
hysteria2_global_servers: "{{ hysteria2_global_servers | sort(attribute='name') }}"
when: hysteria2_global_servers | default([]) | length > 0
become: false
- name: Generate global HTML index
ansible.builtin.template:
src: export/global-index.html.j2
dest: "{{ hysteria2_output_dir }}/index.html"
mode: "0644"
vars:
generated_at: "{{ ansible_date_time.date }} {{ ansible_date_time.time }}"
total_users: "{{ hysteria2_global_servers | map(attribute='users') | map('length') | sum }}"
when: hysteria2_global_servers | default([]) | length > 0
become: false
- name: Open global index in default browser (macOS)
ansible.builtin.command:
cmd: open "{{ hysteria2_output_dir }}/index.html"
when:
- hysteria2_open_browser | bool
- hysteria2_global_servers | default([]) | length > 0
- ansible_system == 'Darwin'
changed_when: false
become: false
- name: Open global index in default browser (Linux)
ansible.builtin.command:
cmd: xdg-open "{{ hysteria2_output_dir }}/index.html"
when:
- hysteria2_open_browser | bool
- hysteria2_global_servers | default([]) | length > 0
- ansible_system == 'Linux'
changed_when: false
become: false
failed_when: false
- name: Show global index location
ansible.builtin.debug:
msg: >-
Общий каталог: {{ hysteria2_output_dir }}/index.html
({% if hysteria2_open_browser | bool and hysteria2_global_servers | default([]) | length > 0 %}открыт в браузере{% else %}откройте вручную{% endif %})
when: hysteria2_global_servers | default([]) | length > 0
become: false
- name: Skip global index when no servers exported
ansible.builtin.debug:
msg: "Глобальный index.html не создан — нет server-info.yml в {{ hysteria2_output_dir }}/"
when: hysteria2_global_servers | default([]) | length == 0
become: false
+37
View File
@@ -0,0 +1,37 @@
---
- name: Update system and install dependencies
when: hysteria2_upgrade_system | bool
block:
- name: apt update
ansible.builtin.apt:
update_cache: true
cache_valid_time: 3600
- name: apt upgrade
ansible.builtin.apt:
upgrade: dist
- name: Install curl, micro, pwgen and qrencode
ansible.builtin.apt:
name: "{{ _hysteria2_apt_packages }}"
state: present
update_cache: "{{ not (hysteria2_upgrade_system | bool) }}"
vars:
_hysteria2_apt_packages: >-
{{
['curl', 'micro', 'pwgen']
+ (['qrencode'] if hysteria2_generate_qr_png | bool else [])
}}
- name: Install Hysteria2 via official script
ansible.builtin.shell:
cmd: bash <(curl -fsSL https://get.hy2.sh/)
executable: /bin/bash
args:
creates: /usr/local/bin/hysteria
register: _hysteria2_install
- name: Show Hysteria2 install result
ansible.builtin.debug:
msg: "{{ _hysteria2_install.stdout_lines | default(['Hysteria2 already installed']) }}"
when: _hysteria2_install.stdout_lines is defined
+28
View File
@@ -0,0 +1,28 @@
---
- name: Install Hysteria2
ansible.builtin.import_tasks: validate.yml
tags: [install, update, export]
- name: Resolve VPN users
ansible.builtin.import_tasks: users.yml
tags: [install, update, export]
- name: Install packages and Hysteria2 binary
ansible.builtin.import_tasks: install.yml
tags: [install]
- name: Configure Hysteria2 server
ansible.builtin.import_tasks: configure.yml
tags: [install, update]
- name: Update Hysteria2 binary
ansible.builtin.import_tasks: update.yml
tags: [update]
- name: Export client URLs and QR codes
ansible.builtin.import_tasks: export.yml
tags: [install, update, export]
- name: Uninstall Hysteria2
ansible.builtin.import_tasks: uninstall.yml
tags: [never, uninstall]
+114
View File
@@ -0,0 +1,114 @@
---
- name: Create temporary client config on server
ansible.builtin.template:
src: client.yaml.j2
dest: "/tmp/hysteria-client-{{ hysteria2_current_user.name }}.yaml"
mode: "0600"
- name: Get hysteria2:// URL via hysteria share
ansible.builtin.command:
cmd: >-
hysteria share
-c /tmp/hysteria-client-{{ hysteria2_current_user.name }}.yaml
register: _hysteria2_share_url
changed_when: false
- name: Normalize share URL
ansible.builtin.set_fact:
_hysteria2_client_url: "{{ _hysteria2_share_url.stdout | trim | regex_replace('^hy2://', 'hysteria2://') }}"
- name: Save URL to local file
ansible.builtin.copy:
dest: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/{{ hysteria2_current_user.name }}.url"
mode: "0600"
content: "{{ _hysteria2_client_url }}\n"
delegate_to: localhost
become: false
- name: Save user info text file
ansible.builtin.copy:
dest: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/{{ hysteria2_current_user.name }}.txt"
mode: "0600"
content: |
Server: {{ hysteria2_output_name }}
Domain: {{ hysteria2_domain }}:{{ hysteria2_listen_port }}
User: {{ hysteria2_current_user.name }}
Password: {{ hysteria2_current_user.password }}
URL:
{{ _hysteria2_client_url }}
delegate_to: localhost
become: false
- name: Get ASCII QR code from hysteria share
ansible.builtin.command:
cmd: >-
hysteria share
-c /tmp/hysteria-client-{{ hysteria2_current_user.name }}.yaml
--qr
register: _hysteria2_share_qr
changed_when: false
- name: Save ASCII QR to local file
ansible.builtin.copy:
dest: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/{{ hysteria2_current_user.name }}.qr.txt"
mode: "0600"
content: |
{{ _hysteria2_share_qr.stdout }}
URL: {{ _hysteria2_client_url }}
delegate_to: localhost
become: false
- name: Generate PNG QR code with qrencode on server
when: hysteria2_generate_qr_png | bool
block:
- name: Write PNG QR code on server
ansible.builtin.command:
argv:
- qrencode
- -o
- "/tmp/{{ hysteria2_current_user.name }}.png"
- -s
- "{{ hysteria2_qr_png_size | string }}"
- -m
- "{{ hysteria2_qr_png_margin | string }}"
- -l
- "{{ hysteria2_qr_png_error_correction }}"
- "{{ _hysteria2_client_url }}"
changed_when: true
- name: Fetch PNG QR to control node
ansible.builtin.fetch:
src: "/tmp/{{ hysteria2_current_user.name }}.png"
dest: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/"
flat: true
- name: Set permissions on local PNG QR
ansible.builtin.file:
path: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/{{ hysteria2_current_user.name }}.png"
mode: "0600"
delegate_to: localhost
become: false
- name: Remove temporary PNG QR on server
ansible.builtin.file:
path: "/tmp/{{ hysteria2_current_user.name }}.png"
state: absent
- name: Register user export data for HTML page
ansible.builtin.set_fact:
hysteria2_export_users: >-
{{
hysteria2_export_users | default([]) + [{
'name': hysteria2_current_user.name,
'password': hysteria2_current_user.password,
'url': _hysteria2_client_url,
'has_png': hysteria2_generate_qr_png | bool
}]
}}
- name: Remove temporary client config from server
ansible.builtin.file:
path: "/tmp/hysteria-client-{{ hysteria2_current_user.name }}.yaml"
state: absent
+46
View File
@@ -0,0 +1,46 @@
---
- name: Stop and disable hysteria-server
ansible.builtin.systemd:
name: "{{ hysteria2_service_name }}"
enabled: false
state: stopped
failed_when: false
- name: Remove Hysteria2 via official script
ansible.builtin.shell:
cmd: bash <(curl -fsSL https://get.hy2.sh/) --remove
executable: /bin/bash
register: _hysteria2_remove
failed_when: false
- name: Remove Hysteria2 configuration directory
ansible.builtin.file:
path: "{{ hysteria2_config_path | dirname }}"
state: absent
when: hysteria2_uninstall_remove_config | bool
- name: Remove masquerade web directory
ansible.builtin.file:
path: "{{ hysteria2_masq_dir }}"
state: absent
when: hysteria2_uninstall_remove_masq | bool
- name: Reload systemd after uninstall
ansible.builtin.systemd:
daemon_reload: true
- name: Show uninstall result
ansible.builtin.debug:
msg: >-
Hysteria2 удалён с {{ inventory_hostname }}.
{% if not hysteria2_uninstall_remove_local_output | bool %}
Локальные URL/QR в {{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/ сохранены.
{% endif %}
- name: Remove local exported client files
ansible.builtin.file:
path: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}"
state: absent
delegate_to: localhost
become: false
when: hysteria2_uninstall_remove_local_output | bool
+11
View File
@@ -0,0 +1,11 @@
---
- name: Update Hysteria2 binary via official script
ansible.builtin.shell:
cmd: bash <(curl -fsSL https://get.hy2.sh/)
executable: /bin/bash
register: _hysteria2_update
notify: Restart hysteria-server
- name: Show Hysteria2 update result
ansible.builtin.debug:
msg: "{{ _hysteria2_update.stdout_lines | default([]) }}"
+102
View File
@@ -0,0 +1,102 @@
---
- name: Check for saved passwords from previous install
ansible.builtin.stat:
path: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/server-info.yml"
register: _hysteria2_saved_info
delegate_to: localhost
become: false
tags:
- install
- update
- export
- name: Load saved user passwords from local export
when: _hysteria2_saved_info.stat.exists
block:
- name: Read server-info.yml
ansible.builtin.slurp:
path: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/server-info.yml"
register: _hysteria2_saved_info_raw
delegate_to: localhost
become: false
- name: Parse saved passwords into lookup dict
ansible.builtin.set_fact:
_hysteria2_saved_passwords: >-
{{
dict(
(_hysteria2_saved_info_raw.content | b64decode | from_yaml).users
| map(attribute='name')
| zip(
(_hysteria2_saved_info_raw.content | b64decode | from_yaml).users
| map(attribute='password')
)
)
}}
tags:
- install
- update
- export
- name: Resolve user list with optional fixed passwords
ansible.builtin.set_fact:
hysteria2_resolved_users: "{{ hysteria2_resolved_users | default([]) + [ _entry ] }}"
vars:
_username: "{{ item if item is string else item.name }}"
_password: >-
{{
(
item.password if item is mapping
) | default('', true)
}}
_entry:
name: "{{ _username }}"
password: "{{ _password }}"
loop: "{{ hysteria2_users }}"
loop_control:
label: "{{ item if item is string else item.name }}"
tags:
- install
- update
- export
- name: Generate missing user passwords with pwgen
ansible.builtin.command:
cmd: "pwgen -s {{ hysteria2_password_length }} 1"
register: _hysteria2_pwgen
changed_when: false
when: item.password | length == 0
loop: "{{ hysteria2_resolved_users }}"
loop_control:
label: "{{ item.name }}"
index_var: _hysteria2_user_idx
tags:
- install
- update
- export
- name: Apply generated passwords
ansible.builtin.set_fact:
hysteria2_resolved_users: "{{ hysteria2_resolved_users | default([]) + [ _entry ] }}"
vars:
_generated: >-
{{
_hysteria2_pwgen.results[_hysteria2_user_idx].stdout | default('')
if (
item.password | length == 0
and not (_hysteria2_pwgen.results[_hysteria2_user_idx].skipped | default(false))
)
else item.password
}}
_entry:
name: "{{ item.name }}"
password: "{{ _generated }}"
loop: "{{ hysteria2_resolved_users }}"
loop_control:
label: "{{ item.name }}"
index_var: _hysteria2_user_idx
when: _hysteria2_pwgen is defined
tags:
- install
- update
- export
+17
View File
@@ -0,0 +1,17 @@
---
- name: Validate required variables
ansible.builtin.assert:
that:
- hysteria2_domain | length > 0
- hysteria2_acme_email | length > 0
- hysteria2_users | length > 0
fail_msg: |
Задайте для каждого хоста:
hysteria2_domain — домен с A-записью на IP сервера
hysteria2_users — список имён пользователей, например [my, friend]
И в group_vars/all.yml:
hysteria2_acme_email — email для Let's Encrypt
tags:
- install
- update
- export
+3
View File
@@ -0,0 +1,3 @@
server: {{ hysteria2_domain }}:{{ hysteria2_listen_port }}
auth: {{ hysteria2_current_user.name }}:{{ hysteria2_current_user.password }}
+22
View File
@@ -0,0 +1,22 @@
listen: 0.0.0.0:{{ hysteria2_listen_port }}
acme:
type: http
domains:
- {{ hysteria2_domain }}
email: {{ hysteria2_acme_email }}
auth:
type: userpass
userpass:
{% for user in hysteria2_resolved_users %}
{{ user.name }}: "{{ user.password }}"
{% endfor %}
masquerade:
type: file
file:
dir: {{ hysteria2_masq_dir }}
listenHTTP: :80
listenHTTPS: :{{ hysteria2_listen_port }}
forceHTTPS: true
@@ -0,0 +1,389 @@
<!DOCTYPE html>
<html lang="ru">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Hysteria2 — все серверы</title>
<style>
:root {
color-scheme: light dark;
--bg: #0b0f14;
--bg-soft: #121820;
--bg-card: #161d27;
--bg-input: #0d1117;
--border: #2a3544;
--text: #e6edf3;
--muted: #8b949e;
--accent: #58a6ff;
--accent-2: #a371f7;
--accent-soft: rgba(88, 166, 255, 0.12);
--accent-soft-2: rgba(163, 113, 247, 0.12);
--success: #3fb950;
--success-soft: rgba(63, 185, 80, 0.15);
--radius: 14px;
--shadow: 0 12px 40px rgba(0, 0, 0, 0.35);
}
@media (prefers-color-scheme: light) {
:root {
--bg: #eef2f7;
--bg-soft: #f6f8fb;
--bg-card: #ffffff;
--bg-input: #f6f8fa;
--border: #d8dee4;
--text: #1f2328;
--muted: #656d76;
--accent: #0969da;
--accent-2: #8250df;
--accent-soft: rgba(9, 105, 218, 0.08);
--accent-soft-2: rgba(130, 80, 223, 0.08);
--success: #1a7f37;
--success-soft: rgba(26, 127, 55, 0.1);
--shadow: 0 10px 30px rgba(31, 35, 40, 0.08);
}
}
* { box-sizing: border-box; margin: 0; padding: 0; }
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
background: var(--bg);
color: var(--text);
line-height: 1.5;
min-height: 100vh;
}
.hero {
background:
radial-gradient(ellipse 80% 60% at 50% -10%, var(--accent-soft), transparent),
radial-gradient(ellipse 60% 40% at 90% 10%, var(--accent-soft-2), transparent),
var(--bg-soft);
border-bottom: 1px solid var(--border);
padding: 2.5rem 1.5rem 2rem;
text-align: center;
}
.hero h1 {
font-size: clamp(1.75rem, 4vw, 2.25rem);
font-weight: 800;
letter-spacing: -0.03em;
margin-bottom: 0.5rem;
background: linear-gradient(135deg, var(--accent), var(--accent-2));
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
background-clip: text;
}
.hero p { color: var(--muted); font-size: 0.95rem; }
.stats {
display: flex;
justify-content: center;
gap: 1rem;
flex-wrap: wrap;
margin-top: 1.25rem;
}
.stat {
padding: 0.5rem 1rem;
border: 1px solid var(--border);
border-radius: 999px;
background: var(--bg-card);
font-size: 0.85rem;
font-weight: 600;
}
.stat span { color: var(--accent); }
.nav {
position: sticky;
top: 0;
z-index: 50;
display: flex;
gap: 0.5rem;
flex-wrap: wrap;
justify-content: center;
padding: 0.85rem 1rem;
background: color-mix(in srgb, var(--bg-soft) 88%, transparent);
backdrop-filter: blur(10px);
border-bottom: 1px solid var(--border);
}
.nav a {
padding: 0.4rem 0.85rem;
border-radius: 999px;
border: 1px solid var(--border);
background: var(--bg-card);
color: var(--text);
text-decoration: none;
font-size: 0.82rem;
font-weight: 600;
transition: border-color 0.15s, background 0.15s, color 0.15s;
}
.nav a:hover {
border-color: var(--accent);
color: var(--accent);
background: var(--accent-soft);
}
.container {
max-width: 980px;
margin: 0 auto;
padding: 1.5rem 1rem 3rem;
}
.server-section {
scroll-margin-top: 4.5rem;
margin-bottom: 2.5rem;
}
.server-header {
display: flex;
flex-wrap: wrap;
align-items: center;
justify-content: space-between;
gap: 0.75rem;
margin-bottom: 1.25rem;
padding: 1.25rem 1.5rem;
background: var(--bg-card);
border: 1px solid var(--border);
border-radius: var(--radius);
box-shadow: var(--shadow);
border-left: 4px solid var(--accent);
}
.server-header h2 {
font-size: 1.35rem;
font-weight: 700;
}
.server-header .domain {
color: var(--muted);
font-size: 0.9rem;
margin-top: 0.15rem;
}
.server-link {
display: inline-flex;
align-items: center;
gap: 0.35rem;
padding: 0.45rem 0.9rem;
border-radius: 8px;
border: 1px solid var(--border);
background: var(--bg-input);
color: var(--accent);
text-decoration: none;
font-size: 0.82rem;
font-weight: 600;
}
.server-link:hover { background: var(--accent-soft); border-color: var(--accent); }
.users-grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(300px, 1fr));
gap: 1rem;
}
.user-card {
background: var(--bg-card);
border: 1px solid var(--border);
border-radius: var(--radius);
padding: 1.25rem;
box-shadow: var(--shadow);
display: flex;
flex-direction: column;
gap: 0.85rem;
}
.user-card h3 {
font-size: 1.05rem;
display: flex;
align-items: center;
gap: 0.5rem;
}
.user-card h3::before {
content: "";
width: 7px;
height: 7px;
border-radius: 50%;
background: var(--success);
}
.field label {
display: block;
font-size: 0.7rem;
font-weight: 700;
text-transform: uppercase;
letter-spacing: 0.06em;
color: var(--muted);
margin-bottom: 0.35rem;
}
.input-row { display: flex; gap: 0.45rem; }
.input-row input {
flex: 1;
min-width: 0;
padding: 0.55rem 0.75rem;
background: var(--bg-input);
border: 1px solid var(--border);
border-radius: 8px;
color: var(--text);
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
font-size: 0.72rem;
}
.btn-copy {
display: flex;
align-items: center;
justify-content: center;
width: 38px;
flex-shrink: 0;
background: var(--bg-input);
border: 1px solid var(--border);
border-radius: 8px;
color: var(--muted);
cursor: pointer;
transition: color 0.15s, border-color 0.15s, background 0.15s;
}
.btn-copy:hover { color: var(--accent); border-color: var(--accent); background: var(--accent-soft); }
.btn-copy.copied { color: var(--success); border-color: var(--success); background: var(--success-soft); }
.btn-copy svg { width: 16px; height: 16px; }
.qr-block {
text-align: center;
padding: 0.75rem;
background: #fff;
border-radius: 8px;
border: 1px solid var(--border);
}
.qr-block img {
width: 160px;
height: 160px;
image-rendering: pixelated;
}
.files {
display: flex;
flex-wrap: wrap;
gap: 0.4rem;
margin-top: auto;
padding-top: 0.75rem;
border-top: 1px solid var(--border);
}
.files a {
padding: 0.3rem 0.6rem;
border-radius: 6px;
border: 1px solid var(--border);
background: var(--bg-input);
color: var(--accent);
text-decoration: none;
font-size: 0.72rem;
font-weight: 600;
}
.files a:hover { background: var(--accent-soft); border-color: var(--accent); }
footer {
text-align: center;
padding: 1.5rem;
color: var(--muted);
font-size: 0.8rem;
border-top: 1px solid var(--border);
}
.toast {
position: fixed;
bottom: 1.5rem;
left: 50%;
transform: translateX(-50%) translateY(100px);
background: var(--bg-card);
border: 1px solid var(--success);
color: var(--success);
padding: 0.6rem 1.2rem;
border-radius: 999px;
font-size: 0.85rem;
font-weight: 600;
box-shadow: var(--shadow);
opacity: 0;
transition: transform 0.25s, opacity 0.25s;
pointer-events: none;
z-index: 100;
}
.toast.show { transform: translateX(-50%) translateY(0); opacity: 1; }
</style>
</head>
<body>
<header class="hero">
<h1>Hysteria2</h1>
<p>Общий каталог VPN-подключений</p>
<div class="stats">
<div class="stat"><span>{{ hysteria2_global_servers | length }}</span> серверов</div>
<div class="stat"><span>{{ total_users }}</span> пользователей</div>
</div>
</header>
<nav class="nav" aria-label="Серверы">
{% for server in hysteria2_global_servers %}
<a href="#server-{{ server.dir | e }}">{{ server.name | e }}</a>
{% endfor %}
</nav>
<main class="container">
{% for server in hysteria2_global_servers %}
<section class="server-section" id="server-{{ server.dir | e }}">
<div class="server-header">
<div>
<h2>{{ server.name | e }}</h2>
<p class="domain">{{ server.domain | e }}:{{ server.port }}</p>
</div>
<a class="server-link" href="{{ server.dir | e }}/index.html">Страница сервера →</a>
</div>
<div class="users-grid">
{% for user in server.users %}
<article class="user-card">
<h3>{{ user.name | e }}</h3>
<div class="field">
<label for="pwd-{{ server.dir | e }}-{{ loop.index }}">Пароль</label>
<div class="input-row">
<input type="text" id="pwd-{{ server.dir | e }}-{{ loop.index }}" value="{{ user.password | e }}" readonly>
<button type="button" class="btn-copy" onclick="copyField('pwd-{{ server.dir | e }}-{{ loop.index }}', this)" title="Копировать пароль" aria-label="Копировать пароль">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="9" y="9" width="13" height="13" rx="2"/><path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"/></svg>
</button>
</div>
</div>
<div class="field">
<label for="url-{{ server.dir | e }}-{{ loop.index }}">Ссылка</label>
<div class="input-row">
<input type="text" id="url-{{ server.dir | e }}-{{ loop.index }}" value="{{ user.url | e }}" readonly>
<button type="button" class="btn-copy" onclick="copyField('url-{{ server.dir | e }}-{{ loop.index }}', this)" title="Копировать ссылку" aria-label="Копировать ссылку">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="9" y="9" width="13" height="13" rx="2"/><path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"/></svg>
</button>
</div>
</div>
{% if user.has_png | default(false) %}
<div class="qr-block">
<img src="{{ server.dir | e }}/{{ user.name | e }}.png" alt="QR {{ user.name | e }}" width="160" height="160">
</div>
{% endif %}
<nav class="files" aria-label="Файлы">
<a href="{{ server.dir | e }}/{{ user.name | e }}.url" download>.url</a>
<a href="{{ server.dir | e }}/{{ user.name | e }}.txt" download>.txt</a>
{% if user.has_png | default(false) %}
<a href="{{ server.dir | e }}/{{ user.name | e }}.png" download>.png</a>
{% endif %}
<a href="{{ server.dir | e }}/{{ user.name | e }}.qr.txt" download>.qr.txt</a>
</nav>
</article>
{% endfor %}
</div>
</section>
{% endfor %}
</main>
<footer>Сгенерировано Ansible · {{ generated_at | default('') }}</footer>
<div class="toast" id="toast">Скопировано!</div>
<script>
function copyField(id, btn) {
var el = document.getElementById(id);
var text = el.value;
function onSuccess() {
btn.classList.add('copied');
showToast();
setTimeout(function() { btn.classList.remove('copied'); }, 2000);
}
if (navigator.clipboard && navigator.clipboard.writeText) {
navigator.clipboard.writeText(text).then(onSuccess).catch(function() { fallbackCopy(el, onSuccess); });
} else {
fallbackCopy(el, onSuccess);
}
}
function fallbackCopy(el, cb) {
el.select();
el.setSelectionRange(0, 99999);
}
function showToast() {
var t = document.getElementById('toast');
t.classList.add('show');
setTimeout(function() { t.classList.remove('show'); }, 1800);
}
</script>
</body>
</html>
@@ -0,0 +1,314 @@
<!DOCTYPE html>
<html lang="ru">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Hysteria2 — {{ hysteria2_output_name }}</title>
<style>
:root {
color-scheme: light dark;
--bg: #0f1419;
--bg-card: #1a2332;
--bg-input: #0d1117;
--border: #2d3a4f;
--text: #e6edf3;
--muted: #8b949e;
--accent: #58a6ff;
--accent-soft: rgba(88, 166, 255, 0.15);
--success: #3fb950;
--success-soft: rgba(63, 185, 80, 0.15);
--radius: 12px;
--shadow: 0 8px 32px rgba(0, 0, 0, 0.35);
}
@media (prefers-color-scheme: light) {
:root {
--bg: #f0f4f8;
--bg-card: #ffffff;
--bg-input: #f6f8fa;
--border: #d0d7de;
--text: #1f2328;
--muted: #656d76;
--accent: #0969da;
--accent-soft: rgba(9, 105, 218, 0.1);
--success: #1a7f37;
--success-soft: rgba(26, 127, 55, 0.1);
--shadow: 0 8px 24px rgba(31, 35, 40, 0.08);
}
}
* { box-sizing: border-box; margin: 0; padding: 0; }
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
background: var(--bg);
color: var(--text);
line-height: 1.5;
min-height: 100vh;
padding: 2rem 1rem 3rem;
}
.container { max-width: 720px; margin: 0 auto; }
header {
text-align: center;
margin-bottom: 2.5rem;
padding: 2rem 1.5rem;
background: linear-gradient(135deg, var(--accent-soft), transparent);
border: 1px solid var(--border);
border-radius: var(--radius);
box-shadow: var(--shadow);
}
header h1 {
font-size: 1.75rem;
font-weight: 700;
letter-spacing: -0.02em;
margin-bottom: 0.5rem;
}
header .meta {
color: var(--muted);
font-size: 0.9rem;
}
header .meta strong { color: var(--text); font-weight: 600; }
.badge {
display: inline-block;
margin-top: 1rem;
padding: 0.25rem 0.75rem;
background: var(--accent-soft);
color: var(--accent);
border-radius: 999px;
font-size: 0.8rem;
font-weight: 600;
}
.user-card {
background: var(--bg-card);
border: 1px solid var(--border);
border-radius: var(--radius);
box-shadow: var(--shadow);
padding: 1.5rem;
margin-bottom: 1.25rem;
}
.user-card h2 {
font-size: 1.25rem;
margin-bottom: 1rem;
display: flex;
align-items: center;
gap: 0.5rem;
}
.user-card h2::before {
content: "";
width: 8px;
height: 8px;
border-radius: 50%;
background: var(--success);
box-shadow: 0 0 8px var(--success);
}
.field { margin-bottom: 1rem; }
.field label {
display: block;
font-size: 0.75rem;
font-weight: 600;
text-transform: uppercase;
letter-spacing: 0.05em;
color: var(--muted);
margin-bottom: 0.4rem;
}
.input-row {
display: flex;
gap: 0.5rem;
align-items: stretch;
}
.input-row input {
flex: 1;
min-width: 0;
padding: 0.65rem 0.85rem;
background: var(--bg-input);
border: 1px solid var(--border);
border-radius: 8px;
color: var(--text);
font-family: ui-monospace, SFMono-Regular, "SF Mono", Menlo, Consolas, monospace;
font-size: 0.8rem;
}
.input-row input:focus {
outline: none;
border-color: var(--accent);
box-shadow: 0 0 0 3px var(--accent-soft);
}
.btn-copy {
display: flex;
align-items: center;
justify-content: center;
width: 42px;
flex-shrink: 0;
background: var(--bg-input);
border: 1px solid var(--border);
border-radius: 8px;
color: var(--muted);
cursor: pointer;
transition: color 0.15s, border-color 0.15s, background 0.15s;
}
.btn-copy:hover {
color: var(--accent);
border-color: var(--accent);
background: var(--accent-soft);
}
.btn-copy.copied {
color: var(--success);
border-color: var(--success);
background: var(--success-soft);
}
.btn-copy svg { width: 18px; height: 18px; }
.qr-block {
text-align: center;
margin: 1.25rem 0;
padding: 1rem;
background: #fff;
border-radius: 8px;
border: 1px solid var(--border);
}
@media (prefers-color-scheme: dark) {
.qr-block { background: #fff; }
}
.qr-block img {
max-width: 220px;
width: 100%;
height: auto;
image-rendering: pixelated;
}
.files {
display: flex;
flex-wrap: wrap;
gap: 0.5rem;
margin-top: 1rem;
padding-top: 1rem;
border-top: 1px solid var(--border);
}
.files a {
display: inline-flex;
align-items: center;
gap: 0.35rem;
padding: 0.35rem 0.75rem;
background: var(--bg-input);
border: 1px solid var(--border);
border-radius: 6px;
color: var(--accent);
text-decoration: none;
font-size: 0.8rem;
font-weight: 500;
transition: background 0.15s, border-color 0.15s;
}
.files a:hover {
background: var(--accent-soft);
border-color: var(--accent);
}
footer {
text-align: center;
margin-top: 2rem;
color: var(--muted);
font-size: 0.8rem;
}
.toast {
position: fixed;
bottom: 1.5rem;
left: 50%;
transform: translateX(-50%) translateY(100px);
background: var(--bg-card);
border: 1px solid var(--success);
color: var(--success);
padding: 0.6rem 1.2rem;
border-radius: 999px;
font-size: 0.85rem;
font-weight: 600;
box-shadow: var(--shadow);
opacity: 0;
transition: transform 0.25s, opacity 0.25s;
pointer-events: none;
z-index: 100;
}
.toast.show {
transform: translateX(-50%) translateY(0);
opacity: 1;
}
</style>
</head>
<body>
<div class="container">
<header>
<h1>Hysteria2</h1>
<p class="meta">
Сервер: <strong>{{ hysteria2_output_name }}</strong><br>
Домен: <strong>{{ hysteria2_domain }}:{{ hysteria2_listen_port }}</strong>
</p>
<span class="badge">{{ hysteria2_export_users | length }} {{ 'пользователь' if hysteria2_export_users | length == 1 else 'пользователей' }}</span>
</header>
{% for user in hysteria2_export_users %}
<article class="user-card">
<h2>{{ user.name }}</h2>
<div class="field">
<label for="pwd-{{ loop.index }}">Пароль</label>
<div class="input-row">
<input type="text" id="pwd-{{ loop.index }}" value="{{ user.password | e }}" readonly>
<button type="button" class="btn-copy" onclick="copyField('pwd-{{ loop.index }}', this)" title="Копировать пароль" aria-label="Копировать пароль">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><rect x="9" y="9" width="13" height="13" rx="2"/><path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"/></svg>
</button>
</div>
</div>
<div class="field">
<label for="url-{{ loop.index }}">Ссылка подключения</label>
<div class="input-row">
<input type="text" id="url-{{ loop.index }}" value="{{ user.url | e }}" readonly>
<button type="button" class="btn-copy" onclick="copyField('url-{{ loop.index }}', this)" title="Копировать ссылку" aria-label="Копировать ссылку">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><rect x="9" y="9" width="13" height="13" rx="2"/><path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"/></svg>
</button>
</div>
</div>
{% if user.has_png %}
<div class="qr-block">
<img src="{{ user.name | e }}.png" alt="QR-код {{ user.name | e }}" width="220" height="220">
</div>
{% endif %}
<nav class="files" aria-label="Файлы">
<a href="{{ user.name | e }}.url" download>{{ user.name | e }}.url</a>
<a href="{{ user.name | e }}.txt" download>{{ user.name | e }}.txt</a>
{% if user.has_png %}
<a href="{{ user.name | e }}.png" download>{{ user.name | e }}.png</a>
{% endif %}
<a href="{{ user.name | e }}.qr.txt" download>{{ user.name | e }}.qr.txt</a>
</nav>
</article>
{% endfor %}
<footer>
Сгенерировано Ansible · {{ generated_at | default('') }}
</footer>
</div>
<div class="toast" id="toast">Скопировано!</div>
<script>
function copyField(id, btn) {
var el = document.getElementById(id);
var text = el.value;
function onSuccess() {
btn.classList.add('copied');
showToast();
setTimeout(function() { btn.classList.remove('copied'); }, 2000);
}
if (navigator.clipboard && navigator.clipboard.writeText) {
navigator.clipboard.writeText(text).then(onSuccess).catch(function() { fallbackCopy(el, onSuccess); });
} else {
fallbackCopy(el, onSuccess);
}
}
function fallbackCopy(el, cb) {
el.select();
el.setSelectionRange(0, 99999);
}
function showToast() {
var t = document.getElementById('toast');
t.classList.add('show');
setTimeout(function() { t.classList.remove('show'); }, 1800);
}
</script>
</body>
</html>
@@ -0,0 +1,27 @@
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, nginx is successfully installed and working.
Further configuration is required for the web server, reverse proxy,
API gateway, load balancer, content cache, or other features.</p>
<p>For online documentation and support please refer to
<a href="https://nginx.org/">nginx.org</a>.<br/>
To engage with the community please visit
<a href="https://community.nginx.org/">community.nginx.org</a>.<br/>
For enterprise grade support, professional services, additional
security features and capabilities please refer to
<a href="https://f5.com/nginx">f5.com/nginx</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>