sshcentos6

#!/bin/bash # initialisasi var OS=uname -m; MYIP=ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1' | grep -v '127.0.0.2'; MYIP2="s/xxxxxxxxx/$MYIP/g"; # go to root cd # set locale sed -i 's/AcceptEnv/#AcceptEnv/g' /etc/ssh/sshd_config service sshd restart # disable ipv6 echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6 sed -i '$ i\echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6' /etc/rc.local sed -i '$ i\echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6' /etc/rc.d/rc.local # install wget and curl yum -y install wget curl # setting repo wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm rpm -Uvh epel-release-6-8.noarch.rpm rpm -Uvh remi-release-6.rpm if [ "$OS" == "x86_64" ]; then wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm rpm -Uvh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm else wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm rpm -Uvh rpmforge-release-0.5.3-1.el6.rf.i686.rpm fi sed -i 's/enabled = 1/enabled = 0/g' /etc/yum.repos.d/rpmforge.repo sed -i -e "/^[remi]/,/^[.]/ s|^(enabled[ ]=[ ]0)|enabled=1|" /etc/yum.repos.d/remi.repo rm -f .rpm # remove unused yum -y remove sendmail; yum -y remove httpd; yum -y remove cyrus-sasl # update yum -y update # install webserver yum -y install nginx php-fpm php-cli service nginx restart service php-fpm restart chkconfig nginx on chkconfig php-fpm on # install essential package yum -y install rrdtool screen iftop htop nmap bc nethogs openvpn vnstat ngrep mtr git zsh mrtg unrar rsyslog rkhunter mrtg net-snmp net-snmp-utils expect nano bind-utils yum -y groupinstall 'Development Tools' yum -y install cmake yum -y --enablerepo=rpmforge install axel sslh ptunnel unrar # matiin exim service exim stop chkconfig exim off # setting vnstat vnstat -u -i venet0 echo "MAILTO=root" > /etc/cron.d/vnstat echo "/5 * * * * root /usr/sbin/vnstat.cron" >> /etc/cron.d/vnstat sed -i 's/eth0/venet0/g' /etc/sysconfig/vnstat service vnstat restart chkconfig vnstat on # install screenfetch cd wget https://github.com/KittyKatt/screenFetch/raw/master/screenfetch-dev mv screenfetch-dev /usr/bin/screenfetch chmod +x /usr/bin/screenfetch echo "clear" >> .bash_profile echo "screenfetch" >> .bash_profile # install webserver cd wget -O /etc/nginx/nginx.conf "https://raw.github.com/arieonline/autoscript/master/conf/nginx.conf" sed -i 's/www-data/nginx/g' /etc/nginx/nginx.conf mkdir -p /home/vps/public_html echo "<pre>Setup by KangArie | JualSSH.com | @arieonline | 7946F434</pre>" > /home/vps/public_html/index.html echo "<?php phpinfo(); ?>" > /home/vps/public_html/info.php rm /etc/nginx/conf.d/ wget -O /etc/nginx/conf.d/vps.conf "https://raw.github.com/arieonline/autoscript/master/conf/vps.conf" sed -i 's/apache/nginx/g' /etc/php-fpm.d/www.conf chmod -R +rx /home/vps service php-fpm restart service nginx restart # install openvpn wget -O /etc/openvpn/openvpn.tar "https://raw.github.com/arieonline/autoscript/master/conf/openvpn-debian.tar" cd /etc/openvpn/ tar xf openvpn.tar wget -O /etc/openvpn/1194.conf "https://raw.github.com/arieonline/autoscript/master/conf/1194-centos.conf" if [ "$OS" == "x86_64" ]; then wget -O /etc/openvpn/1194.conf "https://raw.github.com/arieonline/autoscript/master/conf/1194-centos64.conf" fi wget -O /etc/iptables.up.rules "https://raw.github.com/arieonline/autoscript/master/conf/iptables.up.rules" sed -i '$ i\iptables-restore < /etc/iptables.up.rules' /etc/rc.local sed -i '$ i\iptables-restore < /etc/iptables.up.rules' /etc/rc.d/rc.local sed -i $MYIP2 /etc/iptables.up.rules; iptables-restore < /etc/iptables.up.rules sysctl -w net.ipv4.ip_forward=1 sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf service openvpn restart chkconfig openvpn on cd # configure openvpn client config cd /etc/openvpn/ wget -O /etc/openvpn/1194-client.ovpn "https://raw.github.com/arieonline/autoscript/master/conf/1194-client.conf" sed -i $MYIP2 /etc/openvpn/1194-client.ovpn; PASS=cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 15 | head -n 1; useradd -M -s /bin/false KangArie echo "KangArie:$PASS" | chpasswd echo "username" > pass.txt echo "password" >> pass.txt tar cf client.tar 1194-client.ovpn pass.txt cp client.tar /home/vps/public_html/ cd # install badvpn wget -O /usr/bin/badvpn-udpgw "https://raw.github.com/arieonline/autoscript/master/conf/badvpn-udpgw" if [ "$OS" == "x86_64" ]; then wget -O /usr/bin/badvpn-udpgw "https://raw.github.com/arieonline/autoscript/master/conf/badvpn-udpgw64" fi sed -i '$ i\screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300' /etc/rc.local sed -i '$ i\screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300' /etc/rc.d/rc.local chmod +x /usr/bin/badvpn-udpgw screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300 # install mrtg cd /etc/snmp/ wget -O /etc/snmp/snmpd.conf "https://raw.github.com/arieonline/autoscript/master/conf/snmpd.conf" wget -O /root/mrtg-mem.sh "https://raw.github.com/arieonline/autoscript/master/conf/mrtg-mem.sh" chmod +x /root/mrtg-mem.sh service snmpd restart chkconfig snmpd on snmpwalk -v 1 -c public localhost | tail mkdir -p /home/vps/public_html/mrtg cfgmaker --zero-speed 100000000 --global 'WorkDir: /home/vps/public_html/mrtg' --output /etc/mrtg/mrtg.cfg public@localhost curl "https://raw.github.com/arieonline/autoscript/master/conf/mrtg.conf" >> /etc/mrtg/mrtg.cfg sed -i 's/WorkDir: /var/www/mrtg/# WorkDir: /var/www/mrtg/g' /etc/mrtg/mrtg.cfg sed -i 's/# Options[]: growright, bits/Options[]: growright/g' /etc/mrtg/mrtg.cfg indexmaker --output=/home/vps/public_html/mrtg/index.html /etc/mrtg/mrtg.cfg echo "0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg" > /etc/cron.d/mrtg LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg cd # setting port ssh sed -i '/Port 22/a Port 143' /etc/ssh/sshd_config sed -i 's/#Port 22/Port 22/g' /etc/ssh/sshd_config service sshd restart chkconfig sshd on # install dropbear yum -y install dropbear echo "OPTIONS="-p 109 -p 110 -p 443"" > /etc/sysconfig/dropbear echo "/bin/false" >> /etc/shells service dropbear restart chkconfig dropbear on # install vnstat gui cd /home/vps/public_html/ wget http://www.sqweek.com/sqweek/files/vnstat_php_frontend-1.5.1.tar.gz tar xf vnstat_php_frontend-1.5.1.tar.gz rm vnstat_php_frontend-1.5.1.tar.gz mv vnstat_php_frontend-1.5.1 vnstat cd vnstat sed -i 's/eth0/venet0/g' config.php sed -i "s/$iface_list = array('venet0', 'sixxs');/$iface_list = array('venet0');/g" config.php sed -i "s/$language = 'nl';/$language = 'en';/g" config.php sed -i 's/Internal/Internet/g' config.php sed -i '/SixXS IPv6/d' config.php cd # install fail2ban yum -y install fail2ban service fail2ban restart chkconfig fail2ban on # install squid yum -y install squid wget -O /etc/squid/squid.conf "https://raw.github.com/arieonline/autoscript/master/conf/squid-centos.conf" sed -i $MYIP2 /etc/squid/squid.conf; service squid restart chkconfig squid on # install webmin cd wget http://prdownloads.sourceforge.net/webadmin/webmin-1.670-1.noarch.rpm rpm -i webmin-1.670-1.noarch.rpm; rm webmin-1.670-1.noarch.rpm service webmin restart chkconfig webmin on # pasang bmon if [ "$OS" == "x86_64" ]; then wget -O /usr/bin/bmon "https://raw.github.com/arieonline/autoscript/master/conf/bmon64" else wget -O /usr/bin/bmon "https://raw.github.com/arieonline/autoscript/master/conf/bmon" fi chmod +x /usr/bin/bmon # downlaod script cd wget -O speedtest_cli.py "https://raw.github.com/sivel/speedtest-cli/master/speedtest_cli.py" wget -O bench-network.sh "https://raw.github.com/arieonline/autoscript/master/conf/bench-network.sh" wget -O ps_mem.py "https://raw.github.com/pixelb/ps_mem/master/ps_mem.py" wget -O limit.sh "https://raw.github.com/arieonline/autoscript/master/conf/limit.sh" curl http://script.jualssh.com/user-login.sh > user-login.sh curl http://script.jualssh.com/user-expire.sh > user-expire.sh curl http://script.jualssh.com/user-limit.sh > user-limit.sh echo "0 0 * * * root /root/user-expire.sh" > /etc/cron.d/user-expire sed -i '$ i\screen -AmdS limit /root/limit.sh' /etc/rc.local sed -i '$ i\screen -AmdS limit /root/limit.sh' /etc/rc.d/rc.local chmod +x bench-network.sh chmod +x speedtest_cli.py chmod +x ps_mem.py chmod +x user-login.sh chmod +x user-expire.sh chmod +x user-limit.sh chmod +x limit.sh # cron service crond start chkconfig crond on # set time GMT +7 ln -fs /usr/share/zoneinfo/Asia/Jakarta /etc/localtime # finalisasi chown -R nginx:nginx /home/vps/public_html service nginx start service php-fpm start service vnstat restart service openvpn restart service snmpd restart service sshd restart service dropbear restart service fail2ban restart service squid restart service webmin restart service crond start chkconfig crond on # info clear echo "JualSSH.com | @arieonline | KangArie | 7946F434" | tee log-install.txt echo "===============================================" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "Service" | tee -a log-install.txt echo "-------" | tee -a log-install.txt echo "OpenVPN : TCP 1194 (client config : http://$MYIP/client.tar)" | tee -a log-install.txt echo "OpenSSH : 22, 143" | tee -a log-install.txt echo "Dropbear : 109, 110, 443" | tee -a log-install.txt echo "Squid3 : 8080 (limit to IP SSH)" | tee -a log-install.txt echo "badvpn : badvpn-udpgw port 7300" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "Tools" | tee -a log-install.txt echo "-----" | tee -a log-install.txt echo "axel" | tee -a log-install.txt echo "bmon" | tee -a log-install.txt echo "htop" | tee -a log-install.txt echo "iftop" | tee -a log-install.txt echo "mtr" | tee -a log-install.txt echo "nethogs" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "Script" | tee -a log-install.txt echo "------" | tee -a log-install.txt echo "screenfetch" | tee -a log-install.txt echo "./ps_mem.py" | tee -a log-install.txt echo "./speedtest_cli.py --share" | tee -a log-install.txt echo "./bench-network.sh" | tee -a log-install.txt echo "./user-login.sh" | tee -a log-install.txt echo "./user-expire.sh" | tee -a log-install.txt echo "./user-limit.sh 2" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "Account Default (utk SSH dan VPN)" | tee -a log-install.txt echo "---------------" | tee -a log-install.txt echo "User : KangArie" | tee -a log-install.txt echo "Password : $PASS" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "Fitur lain" | tee -a log-install.txt echo "----------" | tee -a log-install.txt echo "Webmin : http://$MYIP:10000/" | tee -a log-install.txt echo "vnstat : http://$MYIP/vnstat/" | tee -a log-install.txt echo "MRTG : http://$MYIP/mrtg/" | tee -a log-install.txt echo "Timezone : Asia/Jakarta" | tee -a log-install.txt echo "Fail2Ban : [on]" | tee -a log-install.txt echo "IPv6 : [off]" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "Log Installasi --> /root/log-install.txt" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "SILAHKAN REBOOT VPS ANDA !" | tee -a log-install.txt echo "" | tee -a log-install.txt echo "===============================================" | tee -a log-install.txt