mptcp/openmptcprouter-vps
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-vps.git synced 2025-02-12 11:21:56 +00:00
Code Issues Releases Wiki Activity

Update do VPS script 0.993

Browse source
This commit is contained in:
Ycarus (Yannick Chabanois) 2019-05-12 02:45:49 +00:00
parent 616cb5c494
commit 5cd78a9401
8 changed files with 59 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
debian9-x86_64-bin.sh
View file

@ -3,8 +3,8 @@ set -e
umask 0022 umask 0022
export LC_ALL=C export LC_ALL=C
rm -f /var/lib/dpkg/lock #rm -f /var/lib/dpkg/lock
rm -f /var/cache/apt/archives/lock #rm -f /var/cache/apt/archives/lock
# Check Linux version # Check Linux version
if test -f /etc/os-release ; then if test -f /etc/os-release ; then
@ -38,11 +38,14 @@ apt-get -y install dirmngr patch rename curl
# Rename bzImage to vmlinuz, needed when custom kernel was used # Rename bzImage to vmlinuz, needed when custom kernel was used
cd /boot cd /boot
rename 's/^bzImage/vmlinuz/s' * >/dev/null 2>&1 rename 's/^bzImage/vmlinuz/s' * >/dev/null 2>&1
rm -f /var/lib/dpkg/lock #rm -f /var/lib/dpkg/lock
rm -f /var/cache/apt/archives/lock #rm -f /var/cache/apt/archives/lock
rm /etc/kernel-img.conf rm -f /etc/kernel-img.conf
echo "Install all" echo "Install all"
DEBIAN_FRONTEND=noninteractive apt-get -y --force-yes -o Dpkg::Options::="--force-overwrite" -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install omr-vps DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::="--force-overwrite" -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" install omr-vps
systemctl -q enable shorewall
systemctl -q enable shorewall6
# Change SSH port to 65222 # Change SSH port to 65222
sed -i 's:#Port 22:Port 65222:g' /etc/ssh/sshd_config sed -i 's:#Port 22:Port 65222:g' /etc/ssh/sshd_config

42
debian9-x86_64.sh
View file

@ -5,21 +5,26 @@ GLORYTUN_PASS=${GLORYTUN_PASS:-$(od -vN "32" -An -tx1 /dev/urandom | tr '[:lowe
NBCPU=${NBCPU:-$(grep -c '^processor' /proc/cpuinfo | tr -d "\n")} NBCPU=${NBCPU:-$(grep -c '^processor' /proc/cpuinfo | tr -d "\n")}
OBFS=${OBFS:-yes} OBFS=${OBFS:-yes}
V2RAY=${V2RAY:-yes} V2RAY=${V2RAY:-yes}
TLS=${TLS:-yes}
OMR_ADMIN=${OMR_ADMIN:-yes} OMR_ADMIN=${OMR_ADMIN:-yes}
OMR_ADMIN_PASS=${OMR_ADMIN_PASS:-$(od -vN "32" -An -tx1 /dev/urandom | tr '[:lower:]' '[:upper:]' | tr -d " \n")} OMR_ADMIN_PASS=${OMR_ADMIN_PASS:-$(od -vN "32" -An -tx1 /dev/urandom | tr '[:lower:]' '[:upper:]' | tr -d " \n")}
MLVPN=${MLVPN:-yes} MLVPN=${MLVPN:-yes}
MLVPN_PASS=${MLVPN_PASS:-$(head -c 32 /dev/urandom | base64 -w0)} MLVPN_PASS=${MLVPN_PASS:-$(head -c 32 /dev/urandom | base64 -w0)}
OPENVPN=${OPENVPN:-yes} OPENVPN=${OPENVPN:-yes}
INTERFACE=${INTERFACE:-$(ip -o -4 route show to default | grep -m 1 -Po '(?<=dev )(\S+)' | tr -d "\n")} INTERFACE=${INTERFACE:-$(ip -o -4 route show to default | grep -m 1 -Po '(?<=dev )(\S+)' | tr -d "\n")}
#KERNEL_VERSION="4.19.36"
KERNEL_VERSION="4.14.110" KERNEL_VERSION="4.14.110"
#KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_1.1+f446ba3"
KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_1.0+4c83d3a" KERNEL_RELEASE="${KERNEL_VERSION}-mptcp_1.0+4c83d3a"
GLORYTUN_UDP_VERSION="db718d59426957eef89357d5b58ae59cae2f8c5d" GLORYTUN_UDP_VERSION="db718d59426957eef89357d5b58ae59cae2f8c5d"
MLVPN_VERSION="8f9720978b28c1954f9f229525333547283316d2" MLVPN_VERSION="8f9720978b28c1954f9f229525333547283316d2"
OBFS_VERSION="5cbfdcc28cdc912852cc3c99e3c7f5603d337805" OBFS_VERSION="5cbfdcc28cdc912852cc3c99e3c7f5603d337805"
OMR_ADMIN_VERSION="d6aa36cace845b6cf3b2fb1c0689eb9d22fd6a51" OMR_ADMIN_VERSION="23177d99d00a9a7e94cd3e1eb63f60e587f92e07"
V2RAY_VERSION="v1.1.0" V2RAY_VERSION="v1.1.0"
SHADOWSOCKS_VERSION="3.2.5" SHADOWSOCKS_VERSION="3.2.5"
OMR_VERSION="0.992" VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 hostname.openmptcprouter.com)}
OMR_VERSION="0.993"
set -e set -e
umask 0022 umask 0022
@ -421,7 +426,6 @@ if systemctl -q is-active omr-6in4.service; then
fi fi
systemctl enable omr.service systemctl enable omr.service
# Change SSH port to 65222 # Change SSH port to 65222
sed -i 's:#Port 22:Port 65222:g' /etc/ssh/sshd_config sed -i 's:#Port 22:Port 65222:g' /etc/ssh/sshd_config
sed -i 's:Port 22:Port 65222:g' /etc/ssh/sshd_config sed -i 's:Port 22:Port 65222:g' /etc/ssh/sshd_config
@ -463,6 +467,30 @@ else
wget -O /etc/shorewall6/snat https://www.openmptcprouter.com/server/shorewall6/snat wget -O /etc/shorewall6/snat https://www.openmptcprouter.com/server/shorewall6/snat
sed -i "s:eth0:$INTERFACE:g" /etc/shorewall6/* sed -i "s:eth0:$INTERFACE:g" /etc/shorewall6/*
fi fi
if [ "$TLS" = "yes" ]; then
VPS_CERT=0
apt-get -y install dnsutils socat
if [ "$VPS_DOMAIN" != "" ] && [ "$(dig +noall +answer $VPS_DOMAIN)" != "" ] && [ "$(ping -c 1 -w 1 $VPS_DOMAIN)" ]; then
if [ ! -f "/root/.acme.sh/$VPS_DOMAIN/$VPS_DOMAIN.cer" ]; then
echo "Generate certificate for V2Ray"
set +e
#[ "$(shorewall status | grep stopped)" = "" ] && shorewall open all all tcp 443
curl https://get.acme.sh | sh
systemctl -q restart shorewall
~/.acme.sh/acme.sh --force --alpn --issue -d $VPS_DOMAIN --pre-hook 'shorewall open all all tcp 443 2>&1 >/dev/null' --post-hook 'shorewall close all all tcp 443 2>&1 >/dev/null' 2>&1 >/dev/null
set -e
# mkdir -p /etc/ssl/v2ray
# ln -f -s /root/.acme.sh/$reverse/$reverse.key /etc/ssl/v2ray/omr.key
# ln -f -s /root/.acme.sh/$reverse/fullchain.cer /etc/ssl/v2ray/omr.cer
#[ "$(shorewall status | grep stopped)" = "" ] && shorewall close all all tcp 443
fi
VPS_CERT=1
else
echo "Not working domain detected..."
fi
fi
# Add OpenMPTCProuter VPS script version to /etc/motd # Add OpenMPTCProuter VPS script version to /etc/motd
if [ -f /etc/motd.head ]; then if [ -f /etc/motd.head ]; then
@ -509,6 +537,10 @@ if [ "$update" = "0" ]; then
echo 'Your MLVPN password: ' echo 'Your MLVPN password: '
echo $MLVPN_PASS echo $MLVPN_PASS
fi fi
if [ "$VPS_CERT" = "0" ]; then
echo 'Not working domain detected, not able to generate certificate for v2ray.'
echo 'You can set VPS_DOMAIN to a working domain if you want a certificate.'
fi
echo '====================================================================================' echo '===================================================================================='
echo 'Keys are also saved in /root/openmptcprouter_config.txt, you are free to remove them' echo 'Keys are also saved in /root/openmptcprouter_config.txt, you are free to remove them'
echo '====================================================================================' echo '===================================================================================='
@ -579,6 +611,10 @@ else
echo '====================================================================================' echo '===================================================================================='
fi fi
fi fi
if [ "$VPS_CERT" = "0" ]; then
echo 'Not working domain detected, not able to generate certificate for v2ray.'
echo 'You can set VPS_DOMAIN to a working domain if you want a certificate.'
fi
echo 'Restarting shorewall...' echo 'Restarting shorewall...'
systemctl -q restart shorewall systemctl -q restart shorewall
systemctl -q restart shorewall6 systemctl -q restart shorewall6

4
omr-service
View file

@ -38,7 +38,7 @@ _ping() {
-c 1 \ -c 1 \
-q -q
) )
[ -n "$ret" ] && echo "$ret" | grep -sq "0% packet loss" && { [ -n "$ret" ] && echo "$ret" | grep -sq " 0% packet loss" && {
return return
} }
false false
@ -112,5 +112,5 @@ $allip_mlvpn"
systemctl -q restart omr-admin systemctl -q restart omr-admin
sleep 10 sleep 10
fi fi
sleep 5 sleep 10
done done

2
omr.service.in
View file

@ -1,6 +1,6 @@
[Unit] [Unit]
Description=OMR Description=OMR
After=network.target network-online.target glorytun-tcp@.service After=network.target network-online.target glorytun-tcp@.service glorytun-udp@.service
[Service] [Service]
Type=simple Type=simple

6
shadowsocks.conf
View file

@ -20,13 +20,13 @@ net.ipv4.tcp_syncookies = 1
# reuse timewait sockets when safe # reuse timewait sockets when safe
net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_reuse = 1
# turn off fast timewait sockets recycling # turn off fast timewait sockets recycling
net.ipv4.tcp_tw_recycle = 0 #net.ipv4.tcp_tw_recycle = 0
# short FIN timeout # short FIN timeout
net.ipv4.tcp_fin_timeout = 40 net.ipv4.tcp_fin_timeout = 60
# short keepalive time # short keepalive time
net.ipv4.tcp_keepalive_time = 7200 net.ipv4.tcp_keepalive_time = 7200
# outbound port range # outbound port range
net.ipv4.ip_local_port_range = 10000 65000 net.ipv4.ip_local_port_range = 9999 65000
# max SYN backlog # max SYN backlog
net.ipv4.tcp_max_syn_backlog = 4096 net.ipv4.tcp_max_syn_backlog = 4096
# max timewait sockets held by system simultaneously # max timewait sockets held by system simultaneously

2
shorewall4/shorewall.conf
View file

@ -232,7 +232,7 @@ SAVE_ARPTABLES=No
SAVE_IPSETS=No SAVE_IPSETS=No
TC_ENABLED=Internal TC_ENABLED=Simple
TC_EXPERT=No TC_EXPERT=No

3
shorewall4/tcinterfaces Normal file
View file

@ -0,0 +1,3 @@
#INTERFACE TYPE IN-BANDWIDTH OUT-BANDWIDTH
$NET_IFACE External
$VPS_IFACE Internal

2
tun0.glorytun
View file

@ -3,4 +3,4 @@ DEV=tun0
SERVER=true SERVER=true
MPTCP=true MPTCP=true
IPV6=true IPV6=true
OPTIONS="chacha20 retry count -1 const 5000000 timeout 40000 keepalive count 5 idle 10 interval 2 buffer-size 32768 multiqueue" OPTIONS="chacha20 retry count -1 const 5000000 timeout 10000 keepalive count 5 idle 10 interval 2 buffer-size 32768 multiqueue"