From ae9b925d97e12a4eb40d86f160b498829876fbfb Mon Sep 17 00:00:00 2001 From: rizal180499 Date: Tue, 7 Feb 2017 23:03:24 +0700 Subject: [PATCH] Create debian7-32.sh --- debian7-32.sh | 241 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 241 insertions(+) create mode 100644 debian7-32.sh diff --git a/debian7-32.sh b/debian7-32.sh new file mode 100644 index 0000000..d8c36ef --- /dev/null +++ b/debian7-32.sh @@ -0,0 +1,241 @@ +#!/bin/bash + +# go to root +cd + +# disable ipv6 +echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6 +sed -i '$ i\echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6' /etc/rc.local + +# install wget and curl +apt-get update;apt-get -y install wget curl; + +# set time GMT +7 +ln -fs /usr/share/zoneinfo/Asia/Jakarta /etc/localtime + +# set locale +sed -i 's/AcceptEnv/#AcceptEnv/g' /etc/ssh/sshd_config +service ssh restart + +# set repo +wget -O /etc/apt/sources.list "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/sources.list.debian7" +wget "http://www.dotdeb.org/dotdeb.gpg" +cat dotdeb.gpg | apt-key add -;rm dotdeb.gpg + +# remove unused +apt-get -y --purge remove samba*; +apt-get -y --purge remove apache2*; +apt-get -y --purge remove sendmail*; +apt-get -y --purge remove bind9*; + +# update +apt-get update; apt-get -y upgrade; + +# install webserver +apt-get -y install nginx php5-fpm php5-cli + +# install essential package +apt-get -y install bmon iftop htop nmap axel nano iptables traceroute sysv-rc-conf dnsutils bc nethogs openvpn vnstat less screen psmisc apt-file whois ptunnel ngrep mtr git zsh mrtg snmp snmpd snmp-mibs-downloader unzip unrar rsyslog debsums rkhunter +apt-get -y install build-essential + +# disable exim +service exim4 stop +sysv-rc-conf exim4 off + +# update apt-file +apt-file update + +# setting vnstat +vnstat -u -i venet0 +service vnstat restart + +# install screenfetch +cd +touch screenfetch-dev +wget -O screenfetch-dev "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/screenfetch-dev" +mv screenfetch-dev /usr/bin/screenfetch +chmod +x /usr/bin/screenfetch +echo "clear" >> .profile +echo "screenfetch" >> .profile + +# install webserver +cd +rm /etc/nginx/sites-enabled/default +rm /etc/nginx/sites-available/default +wget -O /etc/nginx/nginx.conf "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/nginx.conf" +mkdir -p /home/vps/public_html +echo "
Setup by Rizal Hidayat | 081515292117
" > /home/vps/public_html/index.html +echo "" > /home/vps/public_html/info.php +wget -O /etc/nginx/conf.d/vps.conf "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/vps.conf" +sed -i 's/listen = \/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g' /etc/php5/fpm/pool.d/www.conf +service php5-fpm restart +service nginx restart + +# install openvpn +wget -O /etc/openvpn/openvpn.tar "https://raw.github.com/arieonline/autoscript/master/conf/openvpn-debian.tar" +cd /etc/openvpn/ +tar xf openvpn.tar +wget -O /etc/openvpn/1194.conf "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/1194.conf" +service openvpn restart +sysctl -w net.ipv4.ip_forward=1 +sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf +wget -O /etc/iptables.up.rules "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/iptables.up.rules" +sed -i '$ i\iptables-restore < /etc/iptables.up.rules' /etc/rc.local +MYIP=`curl -s ifconfig.me`; +MYIP2="s/xxxxxxxxx/$MYIP/g"; +sed -i $MYIP2 /etc/iptables.up.rules; +iptables-restore < /etc/iptables.up.rules +service openvpn restart + +#konfigurasi openvpn +cd /etc/openvpn/ +wget -O /etc/openvpn/1194-client.ovpn "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/client-1194.conf" +sed -i $MYIP2 /etc/openvpn/1194-client.ovpn; +PASS=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 15 | head -n 1`; +useradd -M -s /bin/false soned +echo "soned:$PASS" | chpasswd +echo "soned" > pass.txt +echo "$PASS" >> pass.txt +tar cf client.tar 1194-client.ovpn pass.txt +cp client.tar /home/vps/public_html/ + +# install badvpn +wget -O /usr/bin/badvpn-udpgw "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/badvpn-udpgw" +sed -i '$ i\screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300' /etc/rc.local +chmod +x /usr/bin/badvpn-udpgw +screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300 + +# install mrtg +wget -O /etc/snmp/snmpd.conf "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/snmpd.conf" +wget -O /root/mrtg-mem.sh "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/mrtg-mem.sh" +chmod +x /root/mrtg-mem.sh +cd /etc/snmp/ +sed -i 's/TRAPDRUN=no/TRAPDRUN=yes/g' /etc/default/snmpd +service snmpd restart +snmpwalk -v 1 -c public localhost 1.3.6.1.4.1.2021.10.1.3.1 +mkdir -p /home/vps/public_html/mrtg +cfgmaker --zero-speed 100000000 --global 'WorkDir: /home/vps/public_html/mrtg' --output /etc/mrtg.cfg public@localhost +curl "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/mrtg.conf" >> /etc/mrtg.cfg +sed -i 's/WorkDir: \/var\/www\/mrtg/# WorkDir: \/var\/www\/mrtg/g' /etc/mrtg.cfg +sed -i 's/# Options\[_\]: growright, bits/Options\[_\]: growright/g' /etc/mrtg.cfg +indexmaker --output=/home/vps/public_html/mrtg/index.html /etc/mrtg.cfg +if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi +if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi +if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ]; then mkdir -p /var/log/mrtg ; env LANG=C /usr/bin/mrtg /etc/mrtg.cfg 2>&1 | tee -a /var/log/mrtg/mrtg.log ; fi +cd + +# setting port ssh +sed -i '/Port 22/a Port 143' /etc/ssh/sshd_config +sed -i 's/Port 22/Port 22/g' /etc/ssh/sshd_config +service ssh restart + +# install dropbear +apt-get -y install dropbear +sed -i 's/NO_START=1/NO_START=0/g' /etc/default/dropbear +sed -i 's/DROPBEAR_PORT=22/DROPBEAR_PORT=443/g' /etc/default/dropbear +sed -i 's/DROPBEAR_EXTRA_ARGS=/DROPBEAR_EXTRA_ARGS="-p 109 -p 110"/g' /etc/default/dropbear +echo "/bin/false" >> /etc/shells +service ssh restart +service dropbear restart + +# install vnstat gui +cd /home/vps/public_html/ +wget http://www.sqweek.com/sqweek/files/vnstat_php_frontend-1.5.1.tar.gz +tar xf vnstat_php_frontend-1.5.1.tar.gz +rm vnstat_php_frontend-1.5.1.tar.gz +mv vnstat_php_frontend-1.5.1 vnstat +cd vnstat +sed -i 's/eth0/venet0/g' config.php +sed -i "s/\$iface_list = array('venet0', 'sixxs');/\$iface_list = array('venet0');/g" config.php +sed -i "s/\$language = 'nl';/\$language = 'en';/g" config.php +sed -i 's/Internal/Internet/g' config.php +sed -i '/SixXS IPv6/d' config.php +cd + +# install fail2ban +apt-get -y install fail2ban;service fail2ban restart + +#install squid3 +apt-get -y install squid3 +wget -O /etc/squid3/squid.conf "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/squid3.conf" +sed -i $MYIP2 /etc/squid3/squid.conf; +service squid3 restart + +# install webmin +cd +wget "http://prdownloads.sourceforge.net/webadmin/webmin_1.670_all.deb" +dpkg --install webmin_1.670_all.deb; +apt-get -y -f install; +rm /root/webmin_1.670_all.deb +service webmin restart +service vnstat restart + +# downlaod script +cd +wget -O speedtest_cli.py "https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py" +wget -O bench-network.sh "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/bench-network.sh" +wget "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/monssh" +wget "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/user-list" +wget "https://raw.githubusercontent.com/rizal180499/Auto-Installer-VPS/master/conf/menu" + +# finalisasi +chown -R www-data:www-data /home/vps/public_html +service nginx start +service php-fpm start +service vnstat restart +service openvpn restart +service snmpd restart +service ssh restart +service dropbear restart +service fail2ban restart +service squid3 restart +service webmin restart + +# info +clear +echo "SoneD InjectoR | 081515292117" | tee log-install.txt +echo "===============================================" | tee -a log-install.txt +echo "" | tee -a log-install.txt +echo "Service" | tee -a log-install.txt +echo "-------" | tee -a log-install.txt +echo "OpenVPN : TCP 1194 (client config : http://$MYIP/client.tar)" | tee -a log-install.txt +echo "OpenSSH : 22, 143" | tee -a log-install.txt +echo "Dropbear : 109, 110, 443" | tee -a log-install.txt +echo "Squid3 : 8080 (limit to IP SSH)" | tee -a log-install.txt +echo "badvpn : badvpn-udpgw port 7300" | tee -a log-install.txt +echo "" | tee -a log-install.txt +echo "Tools" | tee -a log-install.txt +echo "-----" | tee -a log-install.txt +echo "axel" | tee -a log-install.txt +echo "bmon" | tee -a log-install.txt +echo "htop" | tee -a log-install.txt +echo "iftop" | tee -a log-install.txt +echo "mtr" | tee -a log-install.txt +echo "nethogs" | tee -a log-install.txt +echo "" | tee -a log-install.txt +echo "Script" | tee -a log-install.txt +echo "------" | tee -a log-install.txt +echo "screenfetch" | tee -a log-install.txt +echo "./ps_mem.py" | tee -a log-install.txt +echo "./speedtest_cli.py --share" | tee -a log-install.txt +echo "./bench-network.sh" | tee -a log-install.txt +echo "" | tee -a log-install.txt +echo "Account Default (utk SSH dan VPN)" | tee -a log-install.txt +echo "---------------" | tee -a log-install.txt +echo "User : soned" | tee -a log-install.txt +echo "Password : qweasd" | tee -a log-install.txt +echo "" | tee -a log-install.txt +echo "Fitur lain" | tee -a log-install.txt +echo "----------" | tee -a log-install.txt +echo "Webmin : https://$MYIP:10000/" | tee -a log-install.txt +echo "vnstat : http://$MYIP/vnstat/" | tee -a log-install.txt +echo "MRTG : http://$MYIP/mrtg/" | tee -a log-install.txt +echo "Timezone : Asia/Jakarta" | tee -a log-install.txt +echo "Fail2Ban : [on]" | tee -a log-install.txt +echo "IPv6 : [off]" | tee -a log-install.txt +echo "" | tee -a log-install.txt +echo "Log Installasi --> /root/log-install.txt" | tee -a log-install.txt +echo "" | tee -a log-install.txt +echo "SILAHKAN REBOOT VPS ANDA !" | tee -a log-install.txt +echo "" | tee -a log-install.txt +echo "===============================================" | tee -a log-install.txt