diff --git a/debian9-x86_64.sh b/debian9-x86_64.sh index 84ef712..231325a 100644 --- a/debian9-x86_64.sh +++ b/debian9-x86_64.sh @@ -27,6 +27,7 @@ UBOND=${UBOND:-no} UBOND_PASS=${UBOND_PASS:-$(head -c 32 /dev/urandom | base64 -w0)} OPENVPN=${OPENVPN:-yes} DSVPN=${DSVPN:-yes} +WIREGUARD=${WIREGUARD:-yes} SOURCES=${SOURCES:-yes} NOINTERNET=${NOINTERNET:-no} SPEEDTEST=${SPEEDTEST:-no} @@ -36,20 +37,28 @@ KERNEL_VERSION="5.4.100" KERNEL_PACKAGE_VERSION="1.18+9d3f35b" KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_${KERNEL_PACKAGE_VERSION}" GLORYTUN_UDP_VERSION="32267e86a6da05b285bb3bf2b136c105dc0af4bb" +GLORYTUN_UDP_BINARY_VERSION="0.3.4-4" +GLORYTUN_TCP_BINARY_VERSION="0.0.35-3" #MLVPN_VERSION="8f9720978b28c1954f9f229525333547283316d2" MLVPN_VERSION="f45cec350a6879b8b020143a78134a022b5df2a7" +MLVPN_BINARY_VERSION="3.0.0+20180903.git.8f97209" UBOND_VERSION="672100fb57913ffd29caad63517e145a5974b078" OBFS_VERSION="486bebd9208539058e57e23a12f23103016e09b4" -OMR_ADMIN_VERSION="376322a61dc53e671e7e3c7eaaf6645c0537a9d3" +OBFS_BINARY_VERSION="0.0.5-1" +OMR_ADMIN_VERSION="6404f52ef4e285ae5760c363bc9d6f682f6d9099" +OMR_ADMIN_BINARY_VERSION="0.3+20210304" DSVPN_VERSION="3b99d2ef6c02b2ef68b5784bec8adfdd55b29b1a" +DSVPN_BINARY_VERSION="0.1.4-2" V2RAY_VERSION="4.34.0" V2RAY_PLUGIN_VERSION="v1.4.3" EASYRSA_VERSION="3.0.6" -SHADOWSOCKS_VERSION="38871da8baf5cfa400983dcdf918397e48655203" +SHADOWSOCKS_VERSION="cadf278d476d0e5679c3e67390b271276a8dc54a" +SHADOWSOCKS_BINARY_VERSION="3.3.5-1" DEFAULT_USER="openmptcprouter" VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com)} VPSPATH="server-test" VPSURL="https://www.openmptcprouter.com/" +REPO="repo.openmptcprouter.com" OMR_VERSION="0.1025-test" @@ -78,7 +87,7 @@ elif [ "$ID" = "ubuntu" ] && [ "$VERSION_ID" != "18.04" ] && [ "$VERSION_ID" != echo "This script only work with Ubuntu 18.04, 19.04 or 20.04" exit 1 elif [ "$ID" != "debian" ] && [ "$ID" != "ubuntu" ]; then - echo "This script only work with Ubuntu 18.04, Ubuntu 19.04, Debian Stretch (9.x) or Debian Buster (10.x)" + echo "This script only work with Ubuntu 18.04, Ubuntu 19.04, Ubutun 20.04, Debian Stretch (9.x) or Debian Buster (10.x)" exit 1 fi @@ -158,17 +167,14 @@ if [ "$ID" = "ubuntu" ] && [ "$VERSION_ID" = "18.04" ] && [ "$UPDATE_OS" = "yes" fi # Add OpenMPTCProuter repo echo "Add OpenMPTCProuter repo..." -echo 'deb [arch=amd64] https://repo.openmptcprouter.com stretch main' > /etc/apt/sources.list.d/openmptcprouter.list +echo "deb [arch=amd64] https://${REPO} stretch main" > /etc/apt/sources.list.d/openmptcprouter.list cat <> /etc/apt/sources.list.d/buster-backports.list +wget -O - http://${REPO}/openmptcprouter.gpg.key | apt-key add - #apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 379CE192D401AB61 if [ "$ID" = "debian" ]; then @@ -176,6 +182,8 @@ if [ "$ID" = "debian" ]; then #echo 'deb http://dl.bintray.com/cpaasch/deb jessie main' >> /etc/apt/sources.list echo 'deb http://deb.debian.org/debian stretch-backports main' > /etc/apt/sources.list.d/stretch-backports.list fi + # Add buster-backports repo + echo 'deb http://deb.debian.org/debian buster-backports main' > /etc/apt/sources.list.d/buster-backports.list elif [ "$ID" = "ubuntu" ]; then echo 'deb http://archive.ubuntu.com/ubuntu bionic-backports main' > /etc/apt/sources.list.d/bionic-backports.list echo 'deb http://archive.ubuntu.com/ubuntu bionic universe' > /etc/apt/sources.list.d/bionic-universe.list @@ -302,7 +310,7 @@ if [ "$SOURCES" = "yes" ]; then #rm -rf /tmp/shadowsocks-libev-${SHADOWSOCKS_VERSION} rm -rf /tmp/shadowsocks-libev else - apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-shadowsocks-libev + apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-shadowsocks-libev=${SHADOWSOCKS_BINARY_VERSION} fi # Load OLIA Congestion module at boot time @@ -421,27 +429,28 @@ if [ "$OMR_ADMIN" = "yes" ]; then cp /tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION}/omr-admin-config.json /etc/openmptcprouter-vps-admin/ cp /tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION}/omr-admin.py /usr/local/bin/ cd /etc/openmptcprouter-vps-admin - sed -i "s:openmptcptouter:${DEFAULT_USER}:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json fi - openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout key.pem -out cert.pem -subj "/C=US/ST=Oregon/L=Portland/O=OpenMPTCProuterVPS/OU=Org/CN=www.openmptcprouter.vps" - sed -i "s:AdminMySecretKey:$OMR_ADMIN_PASS_ADMIN:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json - sed -i "s:MySecretKey:$OMR_ADMIN_PASS:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json - [ "$NOINTERNET" = "yes" ] && { - sed -i 's/"port": 65500,/"port": 65500,\n "internet": false,/' /etc/openmptcprouter-vps-admin/omr-admin-config.json - } - chmod u+x /usr/local/bin/omr-admin.py - #[ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /usr/local/bin/omr-admin.py - [ "$(ip -6 a)" != "" ] && { - systemctl enable omr-admin-ipv6.service - } - systemctl enable omr-admin.service rm -rf /tmp/tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION} else - apt-get -y install omr-vps-admin - OMR_ADMIN_PASS=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].openmptcprouter.user_password | tr -d "\n") - OMR_ADMIN_PASS_ADMIN=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].admin.user_password | tr -d "\n") + apt-get -y install omr-vps-admin=${OMR_ADMIN_BINARY_VERSION} + #OMR_ADMIN_PASS=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].openmptcprouter.user_password | tr -d "\n") + #OMR_ADMIN_PASS_ADMIN=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].admin.user_password | tr -d "\n") fi - + if [ ! -f /etc/openmptcprouter-vps-admin/key.pem ]; then + openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout key.pem -out cert.pem -subj "/C=US/ST=Oregon/L=Portland/O=OpenMPTCProuterVPS/OU=Org/CN=www.openmptcprouter.vps" + fi + sed -i "s:openmptcptouter:${DEFAULT_USER}:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json + sed -i "s:AdminMySecretKey:$OMR_ADMIN_PASS_ADMIN:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json + sed -i "s:MySecretKey:$OMR_ADMIN_PASS:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json + [ "$NOINTERNET" = "yes" ] && { + sed -i 's/"port": 65500,/"port": 65500,\n "internet": false,/' /etc/openmptcprouter-vps-admin/omr-admin-config.json + } + chmod u+x /usr/local/bin/omr-admin.py + #[ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /usr/local/bin/omr-admin.py + [ "$(ip -6 a)" != "" ] && { + systemctl enable omr-admin-ipv6.service + } + systemctl enable omr-admin.service fi # Get shadowsocks optimization @@ -531,7 +540,7 @@ if [ "$OBFS" = "yes" ]; then cd /tmp rm -rf /tmp/simple-obfs else - apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-simple-obfs + apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-simple-obfs=${OBFS_BINARY_VERSION} fi #sed -i 's%"mptcp": true%"mptcp": true,\n"plugin": "/usr/local/bin/obfs-server",\n"plugin_opts": "obfs=http;mptcp;fast-open;t=400"%' /etc/shadowsocks-libev/config.json fi @@ -626,7 +635,7 @@ if [ "$MLVPN" = "yes" ]; then cd /tmp rm -rf /tmp/mlvpn else - apt-get -y -o Dpkg::Options::="--force-overwrite" install mlvpn + apt-get -y -o Dpkg::Options::="--force-overwrite" install mlvpn=${MLVPN_BINARY_VERSION} fi if [ "$LOCALFILES" = "no" ]; then wget -O /lib/systemd/network/mlvpn.network ${VPSURL}${VPSPATH}/mlvpn.network @@ -718,7 +727,7 @@ if [ "$WIREGUARD" = "yes" ]; then echo "Install WireGuard" rm -f /var/lib/dpkg/lock rm -f /var/lib/dpkg/lock-frontend - apt-get --no-install-recommends -y wireguard-tools + apt-get -y install wireguard-tools --no-install-recommends if [ ! -f /etc/wireguard/wg0.conf ]; then cd /etc/wireguard umask 077; wg genkey | tee vpn-server-private.key | wg pubkey > vpn-server-public.key @@ -895,9 +904,11 @@ if [ "$SOURCES" = "yes" ]; then cd /tmp rm -rf /tmp/glorytun-udp else - apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-glorytun + apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-glorytun=${GLORYTUN_UDP_BINARY_VERSION} GLORYTUN_PASS="$(cat /etc/glorytun-udp/tun0.key | tr -d '\n')" fi +[ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /etc/glorytun-udp/tun0 + # Add chrony for time sync apt-get install -y chrony @@ -939,7 +950,7 @@ if [ "$DSVPN" = "yes" ]; then cd /tmp rm -rf /tmp/dsvpn else - apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-dsvpn + apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-dsvpn=${DSVPN_BINARY_VERSION} DSVPN_PASS=$(cat /etc/dsvpn/dsvpn0.key | tr -d "\n") fi fi @@ -987,9 +998,9 @@ if [ "$SOURCES" = "yes" ]; then cd /tmp rm -rf /tmp/glorytun-0.0.35 else - apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-glorytun-tcp + apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-glorytun-tcp=${GLORYTUN_TCP_BINARY_VERSION} fi - +[ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /etc/glorytun-tcp/tun0 # Load tun module at boot time