/
Debian-kvm.sh
242 lines (208 loc) · 7.83 KB
/
Debian-kvm.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
#!/bin/bash
# go to root
cd
# disable ipv6
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
sed -i '$ i\echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6' /etc/rc.local
# install wget and curl
apt-get update
apt-get -y install wget curl
# Change to Time GMT+8
ln -fs /usr/share/zoneinfo/Asia/Philippines /etc/localtime
# set locale
sed -i 's/AcceptEnv/#AcceptEnv/g' /etc/ssh/sshd_config
service ssh restart
# remove unused
apt-get -y --purge remove samba*;
apt-get -y --purge remove apache2*;
apt-get -y --purge remove sendmail*;
apt-get -y --purge remove bind9*;
# update
apt-get update
apt-get -y upgrade
# install webserver
apt-get -y install nginx php5-fpm php5-cli
# install essential package
apt-get -y install nmap nano iptables sysv-rc-conf openvpn vnstat apt-file
apt-get -y install libexpat1-dev libxml-parser-perl
apt-get -y install build-essential
# disable exim
service exim4 stop
sysv-rc-conf exim4 off
# update apt-file
apt-file update
# Setting Vnstat
vnstat -u -i eth0
chown -R vnstat:vnstat /var/lib/vnstat
service vnstat restart
# install screenfetch
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/screenfetch-dev
mv screenfetch-dev /usr/bin/screenfetch
chmod +x /usr/bin/screenfetch
echo "clear" >> .profile
echo "screenfetch" >> .profile
# Install Web Server
cd
rm /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default
wget -O /etc/nginx/nginx.conf "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/nginx.conf"
mkdir -p /home/vps/public_html
echo "<pre>Setup by Jelson</pre>" > /home/vps/public_html/index.html
echo "<?php phpinfo(); ?>" > /home/vps/public_html/info.php
wget -O /etc/nginx/conf.d/vps.conf "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/vps.conf"
sed -i 's/listen = \/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g' /etc/php5/fpm/pool.d/www.conf
service php5-fpm restart
service nginx restart
# install openvpn
wget -O /etc/openvpn/openvpn.tar "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/openvpn-debian.tar"
cd /etc/openvpn/
tar xf openvpn.tar
wget -O /etc/openvpn/1194.conf "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/1194.conf"
service openvpn restart
service openvpn restart
sysctl -w net.ipv4.ip_forward=1
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
wget -O /etc/iptables.up.rules "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/iptables.up.rules"
sed -i '$ i\iptables-restore < /etc/iptables.up.rules' /etc/rc.local
MYIP=`ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0' | grep -v '192.168'`;
MYIP2="s/xxxxxxxxx/$MYIP/g";
sed -i 's/port 1194/port 6500/g' /etc/openvpn/1194.conf
sed -i 's/proto tcp/proto udp/g' /etc/openvpn/1194.conf
sed -i $MYIP2 /etc/iptables.up.rules;
iptables-restore < /etc/iptables.up.rules
service openvpn restart
iptables -t nat -I POSTROUTING -s 192.168.100.0/24 -o eth0 -j MASQUERADE
iptables-save > /etc/iptables_yg_baru_dibikin.conf
wget -O /etc/network/if-up.d/iptables "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/iptables"
chmod +x /etc/network/if-up.d/iptables
service openvpn restart
# configure openvpn client config
cd /etc/openvpn/
wget -O /etc/openvpn/client-1194.ovpn "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/client-1194.conf"
sed -i $MYIP2 /etc/openvpn/client-1194.ovpn;
sed -i 's/proto tcp/proto udp/g' /etc/openvpn/client-1194.ovpn
sed -i 's/1194/6500/g' /etc/openvpn/client-1194.ovpn
NAME=`uname -n`.`awk '/^domain/ {print $2}' /etc/resolv.conf`;
mv /etc/openvpn/client-1194.ovpn /etc/openvpn/$NAME.ovpn
useradd -M -s /bin/false test1
echo "test1:test1" | chpasswd
tar cf client.tar $NAME.ovpn
cp client.tar /home/vps/public_html/
cd
# setting port ssh
sed -i '/Port 22/a Port 143' /etc/ssh/sshd_config
sed -i 's/Port 22/Port 22/g' /etc/ssh/sshd_config
service ssh restart
# install dropbear
apt-get -y install dropbear
sed -i 's/NO_START=1/NO_START=0/g' /etc/default/dropbear
sed -i 's/DROPBEAR_PORT=22/DROPBEAR_PORT=443/g' /etc/default/dropbear
sed -i 's/DROPBEAR_EXTRA_ARGS=/DROPBEAR_EXTRA_ARGS="-p 109 -p 110"/g' /etc/default/dropbear
echo "/bin/false" >> /etc/shells
service ssh restart
service dropbear restart
# install vnstat gui
cd /home/vps/public_html/
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/vnstat_php_frontend-1.5.1.tar.gz
tar xf vnstat_php_frontend-1.5.1.tar.gz
rm vnstat_php_frontend-1.5.1.tar.gz
mv vnstat_php_frontend-1.5.1 vnstat
cd vnstat
sed -i "s/\$iface_list = array('eth0', 'sixxs');/\$iface_list = array('eth0');/g" config.php
sed -i "s/\$language = 'nl';/\$language = 'en';/g" config.php
sed -i 's/Internal/Internet/g' config.php
sed -i '/SixXS IPv6/d' config.php
sed -i "s/\$locale = 'en_US.UTF-8';/\$locale = 'en_US.UTF+8';/g" config.php
cd
# install fail2ban
apt-get -y install fail2ban;
service fail2ban restart
# install squid3
apt-get -y install squid3
wget -O /etc/squid3/squid.conf "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/squid.conf"
sed -i $MYIP2 /etc/squid3/squid.conf;
service squid3 restart
# install webmin
cd
wget -O webmin-current.deb "http://www.webmin.com/download/deb/webmin-current.deb"
dpkg -i --force-all webmin-current.deb;
apt-get -y -f install;
rm /root/webmin-current.deb
service webmin restart
service vnstat restart
#cd /root
#wget http://www.webmin.com/jcameron-key.asc
#apt-key add jcameron-key.asc
#echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list
#echo "deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib" >> /etc/apt/sources.list
apt-get update
apt-get -y install webmin
sed -i 's/ssl=1/ssl=0/g' /etc/webmin/miniserv.conf
service webmin restart
service vnstat restart
# Install Dos Deflate
apt-get -y install dnsutils dsniff
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/ddos-deflate-master.zip
unzip ddos-deflate-master.zip
cd ddos-deflate-master
./install.sh
cd
# Install SSH autokick
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/Autokick-debian.sh
bash Autokick-debian.sh
#Install Menu for OpenVPN
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/menu
mv ./menu /usr/local/bin/menu
chmod +x /usr/local/bin/menu
download script
#cd
#wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/install-premiumscript.sh -O - -o /dev/null|sh
wget -O refresh "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/refresh.sh"
wget -O speedtest "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/speedtest_cli.py"
wget -O about "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/about.sh"
chmod +x refresh
chmod +x speedtest
chmod +x about
# User Status
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/status
chmod +x status
# Restart Service
chown -R www-data:www-data /home/vps/public_html
service nginx start
service php-fpm start
service vnstat restart
service openvpn restart
service ssh restart
service dropbear restart
service fail2ban restart
service squid3 restart
service webmin restart
#ocs_panel
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/OCS-Panel.sh
chmod +x OCS-Panel.sh
bash OCS-Panel.sh
# info
clear
echo "Command by Roy Mark Gutierrez"
echo "OpenVPN : TCP 1194 (client config : http://$MYIP:80/client.tar)"
echo "OpenSSH : 22, 143"
echo "Dropbear : 109, 110, 443"
echo "Squid3 : 8080 (limit to IP SSH)"
echo ""
echo "----------"
echo "Webmin : http://$MYIP:10000/"
echo "vnstat : http://$MYIP:80/vnstat/"
echo "Timezone : Asia/Philippines"
echo "Fail2Ban : [on]"
echo "IPv6 : [off]"
echo "Status : please type ./status to check user status"
echo ""
echo "Please Reboot your VPS !"
echo "Thank You!. DOne..."
echo ""
echo "==============================================="