1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-vps.git synced 2025-03-09 15:50:00 +00:00

Force use of version for binaries, enable wireguard by default

This commit is contained in:
Ycarus (Yannick Chabanois) 2021-03-05 09:10:30 +00:00
parent 795c693d13
commit 3cd9952c69

View file

@ -27,6 +27,7 @@ UBOND=${UBOND:-no}
UBOND_PASS=${UBOND_PASS:-$(head -c 32 /dev/urandom | base64 -w0)} UBOND_PASS=${UBOND_PASS:-$(head -c 32 /dev/urandom | base64 -w0)}
OPENVPN=${OPENVPN:-yes} OPENVPN=${OPENVPN:-yes}
DSVPN=${DSVPN:-yes} DSVPN=${DSVPN:-yes}
WIREGUARD=${WIREGUARD:-yes}
SOURCES=${SOURCES:-yes} SOURCES=${SOURCES:-yes}
NOINTERNET=${NOINTERNET:-no} NOINTERNET=${NOINTERNET:-no}
SPEEDTEST=${SPEEDTEST:-no} SPEEDTEST=${SPEEDTEST:-no}
@ -36,20 +37,28 @@ KERNEL_VERSION="5.4.100"
KERNEL_PACKAGE_VERSION="1.18+9d3f35b" KERNEL_PACKAGE_VERSION="1.18+9d3f35b"
KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_${KERNEL_PACKAGE_VERSION}" KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_${KERNEL_PACKAGE_VERSION}"
GLORYTUN_UDP_VERSION="32267e86a6da05b285bb3bf2b136c105dc0af4bb" GLORYTUN_UDP_VERSION="32267e86a6da05b285bb3bf2b136c105dc0af4bb"
GLORYTUN_UDP_BINARY_VERSION="0.3.4-4"
GLORYTUN_TCP_BINARY_VERSION="0.0.35-3"
#MLVPN_VERSION="8f9720978b28c1954f9f229525333547283316d2" #MLVPN_VERSION="8f9720978b28c1954f9f229525333547283316d2"
MLVPN_VERSION="f45cec350a6879b8b020143a78134a022b5df2a7" MLVPN_VERSION="f45cec350a6879b8b020143a78134a022b5df2a7"
MLVPN_BINARY_VERSION="3.0.0+20180903.git.8f97209"
UBOND_VERSION="672100fb57913ffd29caad63517e145a5974b078" UBOND_VERSION="672100fb57913ffd29caad63517e145a5974b078"
OBFS_VERSION="486bebd9208539058e57e23a12f23103016e09b4" OBFS_VERSION="486bebd9208539058e57e23a12f23103016e09b4"
OMR_ADMIN_VERSION="376322a61dc53e671e7e3c7eaaf6645c0537a9d3" OBFS_BINARY_VERSION="0.0.5-1"
OMR_ADMIN_VERSION="6404f52ef4e285ae5760c363bc9d6f682f6d9099"
OMR_ADMIN_BINARY_VERSION="0.3+20210304"
DSVPN_VERSION="3b99d2ef6c02b2ef68b5784bec8adfdd55b29b1a" DSVPN_VERSION="3b99d2ef6c02b2ef68b5784bec8adfdd55b29b1a"
DSVPN_BINARY_VERSION="0.1.4-2"
V2RAY_VERSION="4.34.0" V2RAY_VERSION="4.34.0"
V2RAY_PLUGIN_VERSION="v1.4.3" V2RAY_PLUGIN_VERSION="v1.4.3"
EASYRSA_VERSION="3.0.6" EASYRSA_VERSION="3.0.6"
SHADOWSOCKS_VERSION="38871da8baf5cfa400983dcdf918397e48655203" SHADOWSOCKS_VERSION="cadf278d476d0e5679c3e67390b271276a8dc54a"
SHADOWSOCKS_BINARY_VERSION="3.3.5-1"
DEFAULT_USER="openmptcprouter" DEFAULT_USER="openmptcprouter"
VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com)} VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com)}
VPSPATH="server-test" VPSPATH="server-test"
VPSURL="https://www.openmptcprouter.com/" VPSURL="https://www.openmptcprouter.com/"
REPO="repo.openmptcprouter.com"
OMR_VERSION="0.1025-test" OMR_VERSION="0.1025-test"
@ -78,7 +87,7 @@ elif [ "$ID" = "ubuntu" ] && [ "$VERSION_ID" != "18.04" ] && [ "$VERSION_ID" !=
echo "This script only work with Ubuntu 18.04, 19.04 or 20.04" echo "This script only work with Ubuntu 18.04, 19.04 or 20.04"
exit 1 exit 1
elif [ "$ID" != "debian" ] && [ "$ID" != "ubuntu" ]; then elif [ "$ID" != "debian" ] && [ "$ID" != "ubuntu" ]; then
echo "This script only work with Ubuntu 18.04, Ubuntu 19.04, Debian Stretch (9.x) or Debian Buster (10.x)" echo "This script only work with Ubuntu 18.04, Ubuntu 19.04, Ubutun 20.04, Debian Stretch (9.x) or Debian Buster (10.x)"
exit 1 exit 1
fi fi
@ -158,17 +167,14 @@ if [ "$ID" = "ubuntu" ] && [ "$VERSION_ID" = "18.04" ] && [ "$UPDATE_OS" = "yes"
fi fi
# Add OpenMPTCProuter repo # Add OpenMPTCProuter repo
echo "Add OpenMPTCProuter repo..." echo "Add OpenMPTCProuter repo..."
echo 'deb [arch=amd64] https://repo.openmptcprouter.com stretch main' > /etc/apt/sources.list.d/openmptcprouter.list echo "deb [arch=amd64] https://${REPO} stretch main" > /etc/apt/sources.list.d/openmptcprouter.list
cat <<EOF | tee /etc/apt/preferences.d/openmptcprouter.pref cat <<EOF | tee /etc/apt/preferences.d/openmptcprouter.pref
Explanation: Prefer OpenMPTCProuter provided packages over the Debian native ones Explanation: Prefer OpenMPTCProuter provided packages over the Debian native ones
Package: * Package: *
Pin: origin repo.openmptcprouter.com Pin: origin ${REPO}
Pin-Priority: 1001 Pin-Priority: 1001
EOF EOF
wget -O - http://repo.openmptcprouter.com/openmptcprouter.gpg.key | apt-key add - wget -O - http://${REPO}/openmptcprouter.gpg.key | apt-key add -
# Add buster-backports repo
echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list.d/buster-backports.list
#apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 379CE192D401AB61 #apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 379CE192D401AB61
if [ "$ID" = "debian" ]; then if [ "$ID" = "debian" ]; then
@ -176,6 +182,8 @@ if [ "$ID" = "debian" ]; then
#echo 'deb http://dl.bintray.com/cpaasch/deb jessie main' >> /etc/apt/sources.list #echo 'deb http://dl.bintray.com/cpaasch/deb jessie main' >> /etc/apt/sources.list
echo 'deb http://deb.debian.org/debian stretch-backports main' > /etc/apt/sources.list.d/stretch-backports.list echo 'deb http://deb.debian.org/debian stretch-backports main' > /etc/apt/sources.list.d/stretch-backports.list
fi fi
# Add buster-backports repo
echo 'deb http://deb.debian.org/debian buster-backports main' > /etc/apt/sources.list.d/buster-backports.list
elif [ "$ID" = "ubuntu" ]; then elif [ "$ID" = "ubuntu" ]; then
echo 'deb http://archive.ubuntu.com/ubuntu bionic-backports main' > /etc/apt/sources.list.d/bionic-backports.list echo 'deb http://archive.ubuntu.com/ubuntu bionic-backports main' > /etc/apt/sources.list.d/bionic-backports.list
echo 'deb http://archive.ubuntu.com/ubuntu bionic universe' > /etc/apt/sources.list.d/bionic-universe.list echo 'deb http://archive.ubuntu.com/ubuntu bionic universe' > /etc/apt/sources.list.d/bionic-universe.list
@ -302,7 +310,7 @@ if [ "$SOURCES" = "yes" ]; then
#rm -rf /tmp/shadowsocks-libev-${SHADOWSOCKS_VERSION} #rm -rf /tmp/shadowsocks-libev-${SHADOWSOCKS_VERSION}
rm -rf /tmp/shadowsocks-libev rm -rf /tmp/shadowsocks-libev
else else
apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-shadowsocks-libev apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-shadowsocks-libev=${SHADOWSOCKS_BINARY_VERSION}
fi fi
# Load OLIA Congestion module at boot time # Load OLIA Congestion module at boot time
@ -421,27 +429,28 @@ if [ "$OMR_ADMIN" = "yes" ]; then
cp /tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION}/omr-admin-config.json /etc/openmptcprouter-vps-admin/ cp /tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION}/omr-admin-config.json /etc/openmptcprouter-vps-admin/
cp /tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION}/omr-admin.py /usr/local/bin/ cp /tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION}/omr-admin.py /usr/local/bin/
cd /etc/openmptcprouter-vps-admin cd /etc/openmptcprouter-vps-admin
sed -i "s:openmptcptouter:${DEFAULT_USER}:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json
fi fi
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout key.pem -out cert.pem -subj "/C=US/ST=Oregon/L=Portland/O=OpenMPTCProuterVPS/OU=Org/CN=www.openmptcprouter.vps"
sed -i "s:AdminMySecretKey:$OMR_ADMIN_PASS_ADMIN:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json
sed -i "s:MySecretKey:$OMR_ADMIN_PASS:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json
[ "$NOINTERNET" = "yes" ] && {
sed -i 's/"port": 65500,/"port": 65500,\n "internet": false,/' /etc/openmptcprouter-vps-admin/omr-admin-config.json
}
chmod u+x /usr/local/bin/omr-admin.py
#[ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /usr/local/bin/omr-admin.py
[ "$(ip -6 a)" != "" ] && {
systemctl enable omr-admin-ipv6.service
}
systemctl enable omr-admin.service
rm -rf /tmp/tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION} rm -rf /tmp/tmp/openmptcprouter-vps-admin-${OMR_ADMIN_VERSION}
else else
apt-get -y install omr-vps-admin apt-get -y install omr-vps-admin=${OMR_ADMIN_BINARY_VERSION}
OMR_ADMIN_PASS=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].openmptcprouter.user_password | tr -d "\n") #OMR_ADMIN_PASS=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].openmptcprouter.user_password | tr -d "\n")
OMR_ADMIN_PASS_ADMIN=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].admin.user_password | tr -d "\n") #OMR_ADMIN_PASS_ADMIN=$(cat /etc/openmptcprouter-vps-admin/omr-admin-config.json | jq -r .users[0].admin.user_password | tr -d "\n")
fi fi
if [ ! -f /etc/openmptcprouter-vps-admin/key.pem ]; then
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout key.pem -out cert.pem -subj "/C=US/ST=Oregon/L=Portland/O=OpenMPTCProuterVPS/OU=Org/CN=www.openmptcprouter.vps"
fi
sed -i "s:openmptcptouter:${DEFAULT_USER}:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json
sed -i "s:AdminMySecretKey:$OMR_ADMIN_PASS_ADMIN:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json
sed -i "s:MySecretKey:$OMR_ADMIN_PASS:g" /etc/openmptcprouter-vps-admin/omr-admin-config.json
[ "$NOINTERNET" = "yes" ] && {
sed -i 's/"port": 65500,/"port": 65500,\n "internet": false,/' /etc/openmptcprouter-vps-admin/omr-admin-config.json
}
chmod u+x /usr/local/bin/omr-admin.py
#[ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /usr/local/bin/omr-admin.py
[ "$(ip -6 a)" != "" ] && {
systemctl enable omr-admin-ipv6.service
}
systemctl enable omr-admin.service
fi fi
# Get shadowsocks optimization # Get shadowsocks optimization
@ -531,7 +540,7 @@ if [ "$OBFS" = "yes" ]; then
cd /tmp cd /tmp
rm -rf /tmp/simple-obfs rm -rf /tmp/simple-obfs
else else
apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-simple-obfs apt-get -y -o Dpkg::Options::="--force-overwrite" install omr-simple-obfs=${OBFS_BINARY_VERSION}
fi fi
#sed -i 's%"mptcp": true%"mptcp": true,\n"plugin": "/usr/local/bin/obfs-server",\n"plugin_opts": "obfs=http;mptcp;fast-open;t=400"%' /etc/shadowsocks-libev/config.json #sed -i 's%"mptcp": true%"mptcp": true,\n"plugin": "/usr/local/bin/obfs-server",\n"plugin_opts": "obfs=http;mptcp;fast-open;t=400"%' /etc/shadowsocks-libev/config.json
fi fi
@ -626,7 +635,7 @@ if [ "$MLVPN" = "yes" ]; then
cd /tmp cd /tmp
rm -rf /tmp/mlvpn rm -rf /tmp/mlvpn
else else
apt-get -y -o Dpkg::Options::="--force-overwrite" install mlvpn apt-get -y -o Dpkg::Options::="--force-overwrite" install mlvpn=${MLVPN_BINARY_VERSION}
fi fi
if [ "$LOCALFILES" = "no" ]; then if [ "$LOCALFILES" = "no" ]; then
wget -O /lib/systemd/network/mlvpn.network ${VPSURL}${VPSPATH}/mlvpn.network wget -O /lib/systemd/network/mlvpn.network ${VPSURL}${VPSPATH}/mlvpn.network
@ -718,7 +727,7 @@ if [ "$WIREGUARD" = "yes" ]; then
echo "Install WireGuard" echo "Install WireGuard"
rm -f /var/lib/dpkg/lock rm -f /var/lib/dpkg/lock
rm -f /var/lib/dpkg/lock-frontend rm -f /var/lib/dpkg/lock-frontend
apt-get --no-install-recommends -y wireguard-tools apt-get -y install wireguard-tools --no-install-recommends
if [ ! -f /etc/wireguard/wg0.conf ]; then if [ ! -f /etc/wireguard/wg0.conf ]; then
cd /etc/wireguard cd /etc/wireguard
umask 077; wg genkey | tee vpn-server-private.key | wg pubkey > vpn-server-public.key umask 077; wg genkey | tee vpn-server-private.key | wg pubkey > vpn-server-public.key
@ -895,9 +904,11 @@ if [ "$SOURCES" = "yes" ]; then
cd /tmp cd /tmp
rm -rf /tmp/glorytun-udp rm -rf /tmp/glorytun-udp
else else
apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-glorytun apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-glorytun=${GLORYTUN_UDP_BINARY_VERSION}
GLORYTUN_PASS="$(cat /etc/glorytun-udp/tun0.key | tr -d '\n')" GLORYTUN_PASS="$(cat /etc/glorytun-udp/tun0.key | tr -d '\n')"
fi fi
[ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /etc/glorytun-udp/tun0
# Add chrony for time sync # Add chrony for time sync
apt-get install -y chrony apt-get install -y chrony
@ -939,7 +950,7 @@ if [ "$DSVPN" = "yes" ]; then
cd /tmp cd /tmp
rm -rf /tmp/dsvpn rm -rf /tmp/dsvpn
else else
apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-dsvpn apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-dsvpn=${DSVPN_BINARY_VERSION}
DSVPN_PASS=$(cat /etc/dsvpn/dsvpn0.key | tr -d "\n") DSVPN_PASS=$(cat /etc/dsvpn/dsvpn0.key | tr -d "\n")
fi fi
fi fi
@ -987,9 +998,9 @@ if [ "$SOURCES" = "yes" ]; then
cd /tmp cd /tmp
rm -rf /tmp/glorytun-0.0.35 rm -rf /tmp/glorytun-0.0.35
else else
apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-glorytun-tcp apt-get -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-overwrite" install omr-glorytun-tcp=${GLORYTUN_TCP_BINARY_VERSION}
fi fi
[ "$(ip -6 a)" != "" ] && sed -i 's/0.0.0.0/::/g' /etc/glorytun-tcp/tun0
# Load tun module at boot time # Load tun module at boot time