Debian-kvm.sh

#!/bin/bash

# go to root
cd

# disable ipv6
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
sed -i '$ i\echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6' /etc/rc.local

# install wget and curl
apt-get update
apt-get -y install wget curl

# Change to Time GMT+8
ln -fs /usr/share/zoneinfo/Asia/Philippines /etc/localtime

# set locale
sed -i 's/AcceptEnv/#AcceptEnv/g' /etc/ssh/sshd_config
service ssh restart

# remove unused
apt-get -y --purge remove samba*;
apt-get -y --purge remove apache2*;
apt-get -y --purge remove sendmail*;
apt-get -y --purge remove bind9*;

# update
apt-get update 
apt-get -y upgrade

# install webserver
apt-get -y install nginx php5-fpm php5-cli

# install essential package
apt-get -y install nmap nano iptables sysv-rc-conf openvpn vnstat apt-file
apt-get -y install libexpat1-dev libxml-parser-perl
apt-get -y install build-essential

# disable exim
service exim4 stop
sysv-rc-conf exim4 off

# update apt-file
apt-file update

# Setting Vnstat
vnstat -u -i eth0
chown -R vnstat:vnstat /var/lib/vnstat
service vnstat restart

# install screenfetch
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/screenfetch-dev
mv screenfetch-dev /usr/bin/screenfetch
chmod +x /usr/bin/screenfetch
echo "clear" >> .profile
echo "screenfetch" >> .profile

# Install Web Server
cd
rm /etc/nginx/sites-enabled/default
rm /etc/nginx/sites-available/default
wget -O /etc/nginx/nginx.conf "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/nginx.conf"
mkdir -p /home/vps/public_html
echo "<pre>Setup by Jelson</pre>" > /home/vps/public_html/index.html
echo "<?php phpinfo(); ?>" > /home/vps/public_html/info.php
wget -O /etc/nginx/conf.d/vps.conf "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/vps.conf"
sed -i 's/listen = \/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g' /etc/php5/fpm/pool.d/www.conf
service php5-fpm restart
service nginx restart

# install openvpn
wget -O /etc/openvpn/openvpn.tar "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/openvpn-debian.tar"
cd /etc/openvpn/
tar xf openvpn.tar
wget -O /etc/openvpn/1194.conf "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/1194.conf"
service openvpn restart
service openvpn restart
sysctl -w net.ipv4.ip_forward=1
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
wget -O /etc/iptables.up.rules "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/iptables.up.rules"
sed -i '$ i\iptables-restore < /etc/iptables.up.rules' /etc/rc.local
MYIP=`ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0' | grep -v '192.168'`;
MYIP2="s/xxxxxxxxx/$MYIP/g";
sed -i 's/port 1194/port 6500/g' /etc/openvpn/1194.conf
sed -i 's/proto tcp/proto udp/g' /etc/openvpn/1194.conf
sed -i $MYIP2 /etc/iptables.up.rules;
iptables-restore < /etc/iptables.up.rules
service openvpn restart
iptables -t nat -I POSTROUTING -s 192.168.100.0/24 -o eth0 -j MASQUERADE
iptables-save > /etc/iptables_yg_baru_dibikin.conf
wget -O /etc/network/if-up.d/iptables "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/iptables"
chmod +x /etc/network/if-up.d/iptables
service openvpn restart


# configure openvpn client config
cd /etc/openvpn/
wget -O /etc/openvpn/client-1194.ovpn "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/client-1194.conf"
sed -i $MYIP2 /etc/openvpn/client-1194.ovpn;
sed -i 's/proto tcp/proto udp/g' /etc/openvpn/client-1194.ovpn
sed -i 's/1194/6500/g' /etc/openvpn/client-1194.ovpn
NAME=`uname -n`.`awk '/^domain/ {print $2}' /etc/resolv.conf`;
mv /etc/openvpn/client-1194.ovpn /etc/openvpn/$NAME.ovpn
useradd -M -s /bin/false test1
echo "test1:test1" | chpasswd
tar cf client.tar $NAME.ovpn
cp client.tar /home/vps/public_html/
cd

# setting port ssh
sed -i '/Port 22/a Port 143' /etc/ssh/sshd_config
sed -i 's/Port 22/Port  22/g' /etc/ssh/sshd_config
service ssh restart

# install dropbear
apt-get -y install dropbear
sed -i 's/NO_START=1/NO_START=0/g' /etc/default/dropbear
sed -i 's/DROPBEAR_PORT=22/DROPBEAR_PORT=443/g' /etc/default/dropbear
sed -i 's/DROPBEAR_EXTRA_ARGS=/DROPBEAR_EXTRA_ARGS="-p 109 -p 110"/g' /etc/default/dropbear
echo "/bin/false" >> /etc/shells
service ssh restart
service dropbear restart

# install vnstat gui
cd /home/vps/public_html/
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/vnstat_php_frontend-1.5.1.tar.gz
tar xf vnstat_php_frontend-1.5.1.tar.gz
rm vnstat_php_frontend-1.5.1.tar.gz
mv vnstat_php_frontend-1.5.1 vnstat
cd vnstat
sed -i "s/\$iface_list = array('eth0', 'sixxs');/\$iface_list = array('eth0');/g" config.php
sed -i "s/\$language = 'nl';/\$language = 'en';/g" config.php
sed -i 's/Internal/Internet/g' config.php
sed -i '/SixXS IPv6/d' config.php
sed -i "s/\$locale = 'en_US.UTF-8';/\$locale = 'en_US.UTF+8';/g" config.php
cd

# install fail2ban
apt-get -y install fail2ban;
service fail2ban restart

# install squid3
apt-get -y install squid3
wget -O /etc/squid3/squid.conf "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/squid.conf"
sed -i $MYIP2 /etc/squid3/squid.conf;
service squid3 restart


# install webmin
 cd
 wget -O webmin-current.deb "http://www.webmin.com/download/deb/webmin-current.deb"
 dpkg -i --force-all webmin-current.deb;
 apt-get -y -f install;
 rm /root/webmin-current.deb
 service webmin restart
 service vnstat restart
#cd /root
#wget http://www.webmin.com/jcameron-key.asc
#apt-key add jcameron-key.asc
#echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list
#echo "deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib" >> /etc/apt/sources.list
 apt-get update
 apt-get -y install webmin
 sed -i 's/ssl=1/ssl=0/g' /etc/webmin/miniserv.conf
 service webmin restart
 service vnstat restart

# Install Dos Deflate
apt-get -y install dnsutils dsniff
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/ddos-deflate-master.zip
unzip ddos-deflate-master.zip
cd ddos-deflate-master
./install.sh
cd

# Install SSH autokick
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/Autokick-debian.sh
bash Autokick-debian.sh

#Install Menu for OpenVPN
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/menu
mv ./menu /usr/local/bin/menu
chmod +x /usr/local/bin/menu
download script
#cd
#wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/install-premiumscript.sh -O - -o /dev/null|sh


wget -O refresh "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/refresh.sh"
wget -O speedtest "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/speedtest_cli.py"
wget -O about "https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/about.sh"
chmod +x refresh
chmod +x speedtest
chmod +x about

# User Status
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/status
chmod +x status

# Restart Service
chown -R www-data:www-data /home/vps/public_html
service nginx start
service php-fpm start
service vnstat restart
service openvpn restart
service ssh restart
service dropbear restart
service fail2ban restart
service squid3 restart
service webmin restart

#ocs_panel
cd
wget https://raw.githubusercontent.com/roymark/roymark.gutierrez/master/OCS-Panel.sh
chmod +x OCS-Panel.sh
bash OCS-Panel.sh


# info
clear
echo "Command by Roy Mark Gutierrez"
echo "OpenVPN  : TCP 1194 (client config : http://$MYIP:80/client.tar)"
echo "OpenSSH  : 22, 143"
echo "Dropbear : 109, 110, 443"
echo "Squid3   : 8080 (limit to IP SSH)"
echo ""
echo "----------"
echo "Webmin   : http://$MYIP:10000/"
echo "vnstat   : http://$MYIP:80/vnstat/"
echo "Timezone : Asia/Philippines"
echo "Fail2Ban : [on]"
echo "IPv6     : [off]"
echo "Status   : please type ./status to check user status"
echo ""
echo "Please Reboot your VPS !"
echo "Thank You!. DOne..."
echo ""
echo "==============================================="