-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathautoscript
More file actions
221 lines (188 loc) · 6.25 KB
/
autoscript
File metadata and controls
221 lines (188 loc) · 6.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
#!/bin/sh
if [[ $EUID -ne 0 ]]; then
echo -e "\e[95mYou must be root to do this.\e[0m" 1>&2
exit 100
fi
apt-get update
apt-get upgrade -y
echo -e "\e[96mInstalling dependancies\e[0m"
apt-get install -y libnss3* libnspr4-dev gyp ninja-build git cmake libz-dev build-essential
apt-get install -y pkg-config cmake-data net-tools libssl-dev dnsutils speedtest-cli psmisc
apt-get install -y dropbear stunnel4
echo -e "\e[96mChecking dropbear is installed\e[0m"
FILE=/etc/default/dropbear
if [ -f "$FILE" ]; then
cp "$FILE" /etc/default/dropbear.bak
rm "$FILE"
fi
echo -e "\e[96mCreating dropbear config\e[0m"
cat >> "$FILE" <<EOL
# disabled because OpenSSH is installed
# change to NO_START=0 to enable Dropbear
NO_START=0
# the TCP port that Dropbear listens on
DROPBEAR_PORT=444
# any additional arguments for Dropbear
DROPBEAR_EXTRA_ARGS="-p 80"
# specify an optional banner file containing a message to be
# sent to clients before they connect, such as "/etc/issue.net"
DROPBEAR_BANNER="/etc/issue.net"
# RSA hostkey file (default: /etc/dropbear/dropbear_rsa_host_key)
#DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key"
# DSS hostkey file (default: /etc/dropbear/dropbear_dss_host_key)
#DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key"
# ECDSA hostkey file (default: /etc/dropbear/dropbear_ecdsa_host_key)
#DROPBEAR_ECDSAKEY="/etc/dropbear/dropbear_ecdsa_host_key"
# Receive window size - this is a tradeoff between memory and
# network performance
DROPBEAR_RECEIVE_WINDOW=65536
EOL
echo -e "\e[96mBackup old dropbear banner\e[0m"
FILE2=/etc/issue.net
if [ -f "$FILE2" ]; then
cp "$FILE2" /etc/issue.net.bak
rm "$FILE2"
fi
echo -e "\e[96mCreating dropbear banner\e[0m"
cat >> "$FILE2" <<EOL
<h4>☆ <font color="#20B2AA">HimaX_LK</font> ☆</h4>
<font color="#8A2BE2">» NO SPAM !!!</font><br>
<font color="#A52A2A">» NO DDOS !!!</font><br>
<font color="#6495ED">» NO HACKING !!!</font><br>
<font color="#008B8B">» NO CARDING !!!</font><br>
<font color="#9932CC">» NO TORRENT !!!</font><br>
<font color="#1E90FF">» NO OVER DOWNLOADING !!!</font><br>
<br>
<b><font color="#FF6347">MaxxA™</font> Auto Script 2.0</b>
<br>
EOL
echo -e "\e[96mStarting dropdear services\e[0m"
/etc/init.d/dropbear start
echo -e "\e[96mChecking stunnel is installed\e[0m"
FILE3=/etc/stunnel/stunnel.conf
if [ -f "$FILE3" ]; then
cp "$FILE3" /etc/stunnel/stunnel.conf.bak
rm "$FILE3"
fi
echo -e "\e[96mCreating stunnel config\e[0m"
cat >> "$FILE3" <<EOL
cert = /etc/stunnel/stunnel.pem
client = no
socket = a:SO_REUSEADDR=1
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
[dropbear]
connect = 444
accept = 443
EOL
echo -e "\e[96mCreating keys\e[0m"
KEYFILE=/etc/stunnel/stunnel.pem
if [ ! -f "$KEYFILE" ]; then
openssl genrsa -out key.pem 2048
openssl req -new -x509 -key key.pem -out cert.pem -days 1095 -subj "/C=AU/ST=./L=./O=./OU=./CN=./emailAddress=."
cat key.pem cert.pem >> /etc/stunnel/stunnel.pem
fi
echo -e "\e[96mEnabling stunnel services\e[0m"
sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/stunnel4
echo -e "\e[96mStarting stunnel services\e[0m"
/etc/init.d/stunnel4 start
echo -e "\e[96mCompile and installing badvpn\e[0m"
if [ ! -d "/root/badvpn/" ]
then
sudo dpkg --configure -a
git clone https://github.com/ambrop72/badvpn.git /root/badvpn
cd /root/badvpn/
cmake /root/badvpn/ -DBUILD_NOTHING_BY_DEFAULT=1 -DBUILD_SERVER=1 -DBUILD_CLIENT=1 -DBUILD_UDPGW=1 -DBUILD_TUN2SOCKS=1 && make
make install
fi
echo -e "\e[96mChecking rc.local is exist\e[0m"
FILE4=/etc/rc.local
if [ -f "$FILE4" ]; then
cp "$FILE4" /etc/rc.local.bak
rm "$FILE4"
fi
echo -e "\e[96mCreating rc.local\e[0m"
cat >> "$FILE4" <<EOL
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
badvpn-udpgw --listen-addr 127.0.0.1:7300 --max-clients 999 --client-socket-sndbuf 1048576
exit 0
EOL
echo -e "\e[96mSetting up permissions for rc.local\e[0m"
chmod +x /etc/rc.local
echo -e "\e[96mInstalling squid\e[0m"
apt-get install -y squid
echo -e "\e[96mChecking squid is installed\e[0m"
FILE5=/etc/squid/squid.conf
if [ -f "$FILE5" ]; then
cp "$FILE5" /etc/squid/squid.conf.bak
rm "$FILE5"
fi
echo -e "\e[96mConfiguring squid\e[0m"
pubip="$(dig +short myip.opendns.com @resolver1.opendns.com)"
cat >> "$FILE5" <<EOL
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl SSH dst ${pubip}
http_access allow SSH
http_access allow manager localhost
http_access deny manager
http_access allow localhost
http_access deny all
http_port 8080
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
EOL
echo -e "\e[96mEnabling ssh password authentication\e[0m"
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
echo -e "\e[96mSetting up banner for ssh\e[0m"
sed -i 's/#Banner none/Banner \/etc\/issue.net/g' /etc/ssh/sshd_config
echo -e "\e[96mRestarting services. Please wait...\e[0m"
/etc/init.d/dropbear restart
/etc/init.d/stunnel4 restart
service squid restart
service ssh restart
myip="$(dig +short myip.opendns.com @resolver1.opendns.com)"
echo " "
echo -e "\e[96mInstallation has been completed!!\e[0m"
echo " "
echo "--------------------------- Configuration Setup Server -------------------------"
echo "--------------- Script from @ultimate_lurker69 | @CHATHURANGA_91 ---------------"
echo " Copyright mAX web™ "
echo " "
echo "Server Information"
echo " - IP address : ${myip}"
echo " - SSH : 22"
echo " - Dropbear : 80"
echo " - Stunnel : 443"
echo " - Badvpn : 7300"
echo " - Squid : 8080/3128"
echo " "
echo -e "\e[95mCreate users and reboot your vps before use.\e[0m"
echo " "