dnomd343
/
kms-server
mirror of https://github.com/dnomd343/kms-server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
快速部署的KMS服务
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15 Commits
2 Branches
10 Tags
900 KiB
Tree: 39dca52a35
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '39dca52a35'
${ noResults }
kms-server/README.md

385 lines
9.3 KiB
Raw Normal View History

docs: README.md
3 years ago
# KMS服务器
docs: some adjustment of README.md
3 years ago
快速部署的KMS服务器,提供针对Windows和Office的激活服务,同时内置了各个版本的激活密钥与命令,支持Docker容器化部署,在[Docker Hub](https://hub.docker.com/repository/docker/dnomd343/kms-server)或[Github Package](https://github.com/dnomd343/TProxy/pkgs/container/kms-server)可以查看已构建的镜像。
docs: README.md
3 years ago
## 使用方法
docs: some adjustment of README.md
3 years ago
`kms.343.re` 为例,在成功部署KMS服务以后,你可以通过[网页](https://kms.343.re/)或者命令行获取激活密钥。
docs: README.md
3 years ago
```
# 输出操作说明
shell> curl kms.343.re
# 输出Windows的KMS密钥
shell> curl kms.343.re/win
# 输出Windows Server的KMS密钥
shell> curl kms.343.re/win-server
# 输出Office激活说明
shell> curl kms.343.re/office
```
部署完成后,需要KMS服务的地方填入 `kms.343.re` 即可激活。
## 镜像获取
`kms-server` 可以从多个镜像源拉取,其数据完全相同,国内用户建议首选阿里云镜像。
```
# Docker Hub
shell> docker pull docker.io/dnomd343/kms-server
# Github Package
shell> docker pull ghcr.io/dnomd343/kms-server
# 阿里云个人镜像
shell> docker pull registry.cn-shenzhen.aliyuncs.com/dnomd343/kms-server
```
docs: some adjustment of README.md
3 years ago
镜像对外暴露 `1688/tcp``1689/tcp` 端口,前者用于KMS激活服务,后者用于获取KMS激活密钥。
docs: README.md
3 years ago
## 部署流程
**检查防火墙**
服务器的1688端口必须能接受来自外网的访问,务必检查是否被防火墙拦截。
如果开启了 `firewalld` 防火墙服务,使用以下命令放行1688端口
```
shell> firewall-cmd --zone=public --add-port=1688/tcp --permanent
shell> firewall-cmd --reload
shell> firewall-cmd --list-ports
```
如果开启了 `ufw` 防火墙服务,使用以下命令放行1688端口
```
shell> ufw allow 1688/tcp
shell> ufw status
```
一些云服务商可能会在网页端控制台提供防火墙服务,请在对应页面开放 `1688/tcp` 端口。
### Docker方式(推荐)
**1. 配置Docker环境**
使用以下命令确认Docker环境
```
# 若正常输出则跳过本步
shell> docker --version
···Docker版本信息···
```
使用以下命令安装Docker
```
# RH系
shell> sudo yum update
···
# Debian系
shell> sudo apt update && sudo apt upgrade
···
# 使用Docker官方脚本安装
shell> sudo wget -qO- https://get.docker.com/ | bash
···
# 安装成功后将输出Docker版本信息
shell> docker --version
Docker version ···, build ···
```
**2. 启动KMS服务**
启动容器并映射端口
```
# 映射容器1688与1689端口到宿主机,容器路径可替换为上述其他源
shell> docker run -d --name kms -p 1688:1688 -p 1689:1689 dnomd343/kms-server
# 查看容器状态
shell> docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
···
```
若服务器1689端口未配置防火墙,在浏览器输入 `http://服务器IP:1689/` 即可访问Web主页。
```
# 测试容器是否正常工作
shell> curl 127.0.0.1:1689/win
···不同版本Windows的KMS密钥···
```
**3. 配置反向代理**
docs: some adjustment of README.md
3 years ago
将用于KMS服务的域名DNS解析到当前服务器,这里使用Nginx作为示例,其他Web服务原理类似。
docs: README.md
3 years ago
```
# 进入Nginx配置目录
shell> cd /etc/nginx/conf.d
# 下载配置文件
shell> wget https://raw.githubusercontent.com/dnomd343/kms-server/master/conf/nginx/docker.conf -O kms.conf
# 修改配置文件中域名、证书、端口等信息
shell> vim kms.conf
```
如果你的网络无法正常访问Github,将下述内容写入配置文件亦可。
```
server {
listen 80;
listen [::]:80;
server_name kms.343.re; # 改为自己的域名
location / {
if ($http_user_agent !~* (curl|wget)) {
return 301 https://$server_name$request_uri;
}
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:1689;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name kms.343.re; # 改为自己的域名
ssl_certificate /etc/ssl/certs/343.re/fullchain.pem; # 改为自己的证书
ssl_certificate_key /etc/ssl/certs/343.re/privkey.pem;
gzip on;
gzip_buffers 32 4K;
gzip_comp_level 6;
gzip_min_length 100;
gzip_types application/javascript text/css text/xml;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
location / {
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:1689;
}
}
```
重启Nginx服务
```
shell> nginx -s reload
```
docs: some adjustment of README.md
3 years ago
### 常规方式(不推荐)
docs: README.md
3 years ago
此方式较为繁琐且可能存在版本兼容问题,不熟悉Linux操作的用户建议使用上述Docker方式。
**1. 拉取源码**
首先拉取仓库到服务器上,这里以 `/var/www/kms-server` 为例
```
shell> cd /var/www
shell> git clone https://github.com/dnomd343/kms-server.git
Cloning into 'kms-server'...
···
Unpacking objects: 100% ··· done.
```
**2. 环境检查**
确定你的服务器上有PHP环境,同时有 `curl` 工具
```
shell> php -v
···PHP版本信息···
shell> curl --version
···curl版本信息···
```
确认PHP-FPM正常运行
```
shell> systemctl | grep fpm
php7.3-fpm.service loaded active running The PHP 7.3 FastCGI Process Manager
```
**3. 配置Web服务**
docs: some adjustment of README.md
3 years ago
配置网页服务器代理,需要额外占用除80与443之外的一个端口,默认为 `1689/tcp` ,可按需修改。
docs: README.md
3 years ago
将用于KMS服务的域名DNS解析到当前服务器,这里使用Nginx作为示例,其他Web服务原理类似。
```
# 进入nginx配置目录
shell> cd /etc/nginx/conf.d
# 从代码仓库复制配置文件
shell> cp /var/www/kms-server/conf/nginx/kms.conf ./
# 修改配置文件中域名、证书、端口等信息
shell> vim kms.conf
```
配置文件内容如下
```
server {
listen 80;
listen [::]:80;
server_name kms.343.re; # 改为自己的域名
location / {
if ($http_user_agent !~* (curl|wget)) {
return 301 https://$server_name$request_uri;
}
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:1689;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name kms.343.re; # 改为自己的域名
ssl_certificate /etc/ssl/certs/343.re/fullchain.pem; # 改为自己的证书
ssl_certificate_key /etc/ssl/certs/343.re/privkey.pem;
gzip on;
gzip_buffers 32 4K;
gzip_comp_level 6;
gzip_min_length 100;
gzip_types application/javascript text/css text/xml;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
location / {
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:1689;
}
}
server {
listen 1689;
root /var/www/kms-server;
location / {
set $query_param $query_string;
if ($http_user_agent ~* (curl|wget)) {
set $query_param $query_param&cli=true;
}
include fastcgi_params;
docs: some adjustment of README.md
3 years ago
fastcgi_pass 127.0.0.1:9000; # php-fpm接口
docs: README.md
3 years ago
fastcgi_param QUERY_STRING $query_param;
fastcgi_param SCRIPT_FILENAME /var/www/kms-server/backend/route.php;
}
location /assets {}
}
```
其中PHP-FPM接口在各系统上不同
```
# RH系一般为本地9000端口
shell> netstat -tlnp | grep 9000
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 783/php-fpm: master
# Debian系一般为sock方式
shell> ls /var/run/php/
php7.3-fpm.pid php7.3-fpm.sock
```
对应Nginx配置如下
```
# RH系
fastcgi_pass 127.0.0.1:9000;
# Debian系
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
```
重启Nginx服务
```
shell> nginx -s reload
```
**4. 配置vlmcsd服务**
在vlmcsd的[Github页面](https://github.com/Wind4/vlmcsd/releases)获取最新release包
```
# 下载最新release并解压
shell> wget https://github.com/Wind4/vlmcsd/releases/download/svn1113/binaries.tar.gz
shell> tar xf binaries.tar.gz
# 不同架构主机选择不同文件,以下为常见示例
# x86-64架构
shell> cp binaries/Linux/intel/static/vlmcsd-x64-musl-static /usr/bin/vlmcsd
# x86架构
shell> cp binaries/Linux/intel/static/vlmcsd-x86-musl-static /usr/bin/vlmcsd
# arm架构
shell> cp binaries/Linux/arm/little-endian/static/vlmcsd-armv7el-uclibc-static /usr/bin/vlmcsd
# 确认vlmcsd是否正常
shell> vlmcsd -V
···vlmcsd版本信息···
```
将vlmcsd配置为系统服务
```
shell> cp /var/www/kms-server/conf/vlmcsd.service /etc/systemd/system/
```
`vlmcsd.service` 文件内容如下,可按需要修改
```
[Unit]
Description=KMS Server By vlmcsd
After=network.target
[Service]
Type=forking
PIDFile=/var/run/vlmcsd.pid
ExecStart=/usr/bin/vlmcsd -p /var/run/vlmcsd.pid
ExecStop=/bin/kill -HUP $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
```
载入systemctl服务
```
shell> systemctl daemon-reload
shell> systemctl enable vlmcsd
shell> systemctl start vlmcsd
shell> systemctl status vlmcsd
···
Active: active (running) ···
···
```
## 容器构建
**本地构建**
```
# 克隆仓库
shell> git clone https://github.com/dnomd343/kms-server.git
shell> cd kms-server
# 构建镜像
shell> docker build -t kms-server .
```
**交叉构建**
```
# 构建并推送至Docker Hub
shell> docker buildx build -t dnomd343/kms-server --platform="linux/amd64,linux/arm64,linux/386,linux/arm/v7" https://github.com/dnomd343/kms-server.git#master --push
```
## 许可证
MIT ©2021 [@dnomd343](https://github.com/dnomd343)