mirror of
https://github.com/Ysurac/openmptcprouter-vps.git
synced 2025-03-09 15:50:00 +00:00
Update script to latest kernel and set chacha20 for ShadowSocks
This commit is contained in:
Ycarus (Yannick Chabanois)
parent
5db722da02
commit
0a711370c5
2 changed files with 20 additions and 11 deletions
|
|
@ -4,8 +4,8 @@
|
||||||
"local_port":1081,
|
"local_port":1081,
|
||||||
"mode":"tcp_and_udp",
|
"mode":"tcp_and_udp",
|
||||||
"key":"MySecretKey",
|
"key":"MySecretKey",
|
||||||
"timeout":400,
|
"timeout":600,
|
||||||
"method":"aes-256-cfb",
|
"method":"chacha20",
|
||||||
"verbose":0,
|
"verbose":0,
|
||||||
"prefer_ipv6": false,
|
"prefer_ipv6": false,
|
||||||
"fast_open": true,
|
"fast_open": true,
|
||||||
|
|
|
||||||
|
|
@ -30,21 +30,21 @@ apt-get -y install dirmngr patch
|
||||||
#echo 'deb http://dl.bintray.com/cpaasch/deb jessie main' >> /etc/apt/sources.list
|
#echo 'deb http://dl.bintray.com/cpaasch/deb jessie main' >> /etc/apt/sources.list
|
||||||
echo 'deb http://deb.debian.org/debian stretch-backports main' > /etc/apt/sources.list.d/stretch-backports.list
|
echo 'deb http://deb.debian.org/debian stretch-backports main' > /etc/apt/sources.list.d/stretch-backports.list
|
||||||
apt-get update
|
apt-get update
|
||||||
wget -O /tmp/linux-image-4.14.41-mptcp-5723e3d.amd64.deb https://www.openmptcprouter.com/kernel/linux-image-4.14.41-mptcp-5723e3d.amd64.deb
|
wget -O /tmp/linux-image-4.14.41-mptcp-80b661f.amd64.deb https://www.openmptcprouter.com/kernel/linux-image-4.14.41-mptcp-80b661f.amd64.deb
|
||||||
wget -O /tmp/linux-headers-4.14.41-mptcp-5723e3d.amd64.deb https://www.openmptcprouter.com/kernel/linux-headers-4.14.41-mptcp-5723e3d.amd64.deb
|
wget -O /tmp/linux-headers-4.14.41-mptcp-80b661f.amd64.deb https://www.openmptcprouter.com/kernel/linux-headers-4.14.41-mptcp-80b661f.amd64.deb
|
||||||
# Rename bzImage to vmlinuz, needed when custom kernel was used
|
# Rename bzImage to vmlinuz, needed when custom kernel was used
|
||||||
cd /boot
|
cd /boot
|
||||||
apt-get -y install rename
|
apt-get -y install rename
|
||||||
rename 's/^bzImage/vmlinuz/s' * >/dev/null 2>&1
|
rename 's/^bzImage/vmlinuz/s' * >/dev/null 2>&1
|
||||||
#apt-get -y install linux-mptcp
|
#apt-get -y install linux-mptcp
|
||||||
dpkg -E -i /tmp/linux-image-4.14.41-mptcp-5723e3d.amd64.deb
|
dpkg -E -i /tmp/linux-image-4.14.41-mptcp-80b661f.amd64.deb
|
||||||
dpkg -E -i /tmp/linux-headers-4.14.41-mptcp-5723e3d.amd64.deb
|
dpkg -E -i /tmp/linux-headers-4.14.41-mptcp-80b661f.amd64.deb
|
||||||
|
|
||||||
# Check if mptcp kernel is grub default kernel
|
# Check if mptcp kernel is grub default kernel
|
||||||
echo "Set MPTCP kernel as grub default..."
|
echo "Set MPTCP kernel as grub default..."
|
||||||
wget -O /tmp/update-grub.sh https://www.openmptcprouter.com/server/update-grub.sh
|
wget -O /tmp/update-grub.sh https://www.openmptcprouter.com/server/update-grub.sh
|
||||||
cd /tmp
|
cd /tmp
|
||||||
bash update-grub.sh 4.14.41-mptcp
|
bash update-grub.sh 4.14.41-mptcp-80b661f
|
||||||
|
|
||||||
#apt -t stretch-backports -y install shadowsocks-libev
|
#apt -t stretch-backports -y install shadowsocks-libev
|
||||||
## Compile Shadowsocks
|
## Compile Shadowsocks
|
||||||
|
|
@ -67,6 +67,10 @@ rm -rf /tmp/shadowsocks-libev-3.2.0
|
||||||
if ! grep -q olia /etc/modules ; then
|
if ! grep -q olia /etc/modules ; then
|
||||||
echo mptcp_olia >> /etc/modules
|
echo mptcp_olia >> /etc/modules
|
||||||
fi
|
fi
|
||||||
|
# Load BBR Congestion module at boot time
|
||||||
|
if ! grep -q bbr /etc/modules ; then
|
||||||
|
echo tcp_bbr >> /etc/modules
|
||||||
|
fi
|
||||||
|
|
||||||
# Get shadowsocks optimization
|
# Get shadowsocks optimization
|
||||||
wget -O /etc/sysctl.d/90-shadowsocks.conf https://www.openmptcprouter.com/server/shadowsocks.conf
|
wget -O /etc/sysctl.d/90-shadowsocks.conf https://www.openmptcprouter.com/server/shadowsocks.conf
|
||||||
|
|
@ -77,6 +81,7 @@ if [ "$update" = "0" ]; then
|
||||||
SHADOWSOCKS_PASS_JSON=$(echo $SHADOWSOCKS_PASS | sed 's/+/-/g; s/\//_/g;')
|
SHADOWSOCKS_PASS_JSON=$(echo $SHADOWSOCKS_PASS | sed 's/+/-/g; s/\//_/g;')
|
||||||
sed -i "s:MySecretKey:$SHADOWSOCKS_PASS_JSON:g" /etc/shadowsocks-libev/config.json
|
sed -i "s:MySecretKey:$SHADOWSOCKS_PASS_JSON:g" /etc/shadowsocks-libev/config.json
|
||||||
fi
|
fi
|
||||||
|
sed -i 's:aes-256-cfb:chacha20:g' /etc/shadowsocks-libev/config.json
|
||||||
#sed -i 's:json:json --mptcp:g' /lib/systemd/system/shadowsocks-libev-server@.service
|
#sed -i 's:json:json --mptcp:g' /lib/systemd/system/shadowsocks-libev-server@.service
|
||||||
systemctl disable shadowsocks-libev
|
systemctl disable shadowsocks-libev
|
||||||
systemctl enable shadowsocks-libev-server@config.service
|
systemctl enable shadowsocks-libev-server@config.service
|
||||||
|
|
@ -252,9 +257,9 @@ fi
|
||||||
|
|
||||||
# Add OpenMPTCProuter VPS script version to /etc/motd
|
# Add OpenMPTCProuter VPS script version to /etc/motd
|
||||||
if grep --quiet 'OpenMPTCProuter VPS' /etc/motd; then
|
if grep --quiet 'OpenMPTCProuter VPS' /etc/motd; then
|
||||||
sed -i 's:< OpenMPTCProuter VPS [0-9]*\.[0-9]* >:< OpenMPCTProuter VPS 0.41 >:' /etc/motd
|
sed -i 's:< OpenMPTCProuter VPS [0-9]*\.[0-9]* >:< OpenMPCTProuter VPS 0.42 >:' /etc/motd
|
||||||
else
|
else
|
||||||
echo '< OpenMPTCProuter VPS 0.41 >' >> /etc/motd
|
echo '< OpenMPTCProuter VPS 0.42 >' >> /etc/motd
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$update" = "0" ]; then
|
if [ "$update" = "0" ]; then
|
||||||
|
|
@ -263,7 +268,7 @@ if [ "$update" = "0" ]; then
|
||||||
echo 'OpenMPTCProuter VPS is now configured !'
|
echo 'OpenMPTCProuter VPS is now configured !'
|
||||||
echo 'SSH port: 65222 (instead of port 22)'
|
echo 'SSH port: 65222 (instead of port 22)'
|
||||||
echo 'Shadowsocks port: 65101'
|
echo 'Shadowsocks port: 65101'
|
||||||
echo 'Shadowsocks encryption: aes-256-cfb'
|
echo 'Shadowsocks encryption: chacha20'
|
||||||
echo 'Your shadowsocks key: '
|
echo 'Your shadowsocks key: '
|
||||||
echo $SHADOWSOCKS_PASS
|
echo $SHADOWSOCKS_PASS
|
||||||
echo 'Glorytun port: 65001'
|
echo 'Glorytun port: 65001'
|
||||||
|
|
@ -283,7 +288,7 @@ if [ "$update" = "0" ]; then
|
||||||
cat > /root/openmptcprouter_config.txt <<-EOF
|
cat > /root/openmptcprouter_config.txt <<-EOF
|
||||||
SSH port: 65222 (instead of port 22)
|
SSH port: 65222 (instead of port 22)
|
||||||
Shadowsocks port: 65101
|
Shadowsocks port: 65101
|
||||||
Shadowsocks encryption: aes-256-cfb
|
Shadowsocks encryption: chacha20
|
||||||
Your shadowsocks key:
|
Your shadowsocks key:
|
||||||
${SHADOWSOCKS_PASS}
|
${SHADOWSOCKS_PASS}
|
||||||
Glorytun port: 65001
|
Glorytun port: 65001
|
||||||
|
|
@ -298,6 +303,7 @@ else
|
||||||
echo '===================================================================================='
|
echo '===================================================================================='
|
||||||
echo 'OpenMPTCProuter VPS is now updated !'
|
echo 'OpenMPTCProuter VPS is now updated !'
|
||||||
echo 'Keys are not changed, shorewall rules files preserved'
|
echo 'Keys are not changed, shorewall rules files preserved'
|
||||||
|
echo 'You need OpenMPTCProuter >= 0.30'
|
||||||
echo '===================================================================================='
|
echo '===================================================================================='
|
||||||
echo 'Restarting systemd network...'
|
echo 'Restarting systemd network...'
|
||||||
systemctl -q restart systemd-networkd
|
systemctl -q restart systemd-networkd
|
||||||
|
|
@ -324,4 +330,7 @@ else
|
||||||
systemctl -q restart shorewall
|
systemctl -q restart shorewall
|
||||||
systemctl -q restart shorewall6
|
systemctl -q restart shorewall6
|
||||||
echo 'done'
|
echo 'done'
|
||||||
|
echo 'Apply latest sysctl...'
|
||||||
|
sysctl -p /etc/sysctl.d/90-shadowsocks.conf > /dev/null 2>&1
|
||||||
|
echo 'done'
|
||||||
fi
|
fi
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue