| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156 |
- #!/bin/bash
- #
- # By EvoTeamMalaysia
- # ==================================================
- # initialisasi var
- export DEBIAN_FRONTEND=noninteractive
- OS=`uname -m`;
- MYIP=$(wget -qO- https://icanhazip.com);
- MYIP2="s/xxxxxxxxx/$MYIP/g";
- ANU=$(ip -o $ANU -4 route show to default | awk '{print $5}');
- # Install OpenVPN dan Easy-RSA
- apt install openvpn easy-rsa unzip -y
- apt install openssl iptables iptables-persistent -y
- mkdir -p /etc/openvpn/server/easy-rsa/
- cd /etc/openvpn/
- wget https://raw.githubusercontent.com/EvoTeamMalaysia/AutoScript/main/vpn.zip
- unzip vpn.zip
- rm -f vpn.zip
- chown -R root:root /etc/openvpn/server/easy-rsa/
- cd
- mkdir -p /usr/lib/openvpn/
- cp /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so /usr/lib/openvpn/openvpn-plugin-auth-pam.so
- # nano /etc/default/openvpn
- sed -i 's/#AUTOSTART="all"/AUTOSTART="all"/g' /etc/default/openvpn
- # restart openvpn dan cek status openvpn
- systemctl enable --now openvpn-server@server-tcp-1194
- systemctl enable --now openvpn-server@server-udp-2200
- /etc/init.d/openvpn restart
- /etc/init.d/openvpn status
- # aktifkan ip4 forwarding
- echo 1 > /proc/sys/net/ipv4/ip_forward
- sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
- # Buat config client TCP 1194
- cat > /etc/openvpn/client-tcp-1194.ovpn <<-END
- ########## SELAMAT DATANG ############
- ########## OKKAY KAYYO VPN ###########
- client
- dev tun
- proto tcp
- remote xxxxxxxxx 1194
- resolv-retry infinite
- route-method exe
- nobind
- persist-key
- persist-tun
- auth-user-pass
- comp-lzo
- verb 3
- END
- sed -i $MYIP2 /etc/openvpn/client-tcp-1194.ovpn;
- # Buat config client UDP 2200
- cat > /etc/openvpn/client-udp-2200.ovpn <<-END
- ########## SELAMAT DATANG ###########
- ########## EvoTeam VPN ##########
- client
- dev tun
- proto udp
- remote xxxxxxxxx 2200
- resolv-retry infinite
- route-method exe
- nobind
- persist-key
- persist-tun
- auth-user-pass
- comp-lzo
- verb 3
- END
- sed -i $MYIP2 /etc/openvpn/client-udp-2200.ovpn;
- # Buat config client SSL
- cat > /etc/openvpn/client-tcp-ssl.ovpn <<-END
- ########## SELAMAT DATANG ############
- ########## EvoTeam VPN ###########
- client
- dev tun
- proto tcp
- remote xxxxxxxxx 442
- resolv-retry infinite
- route-method exe
- nobind
- persist-key
- persist-tun
- auth-user-pass
- comp-lzo
- verb 3
- END
- sed -i $MYIP2 /etc/openvpn/client-tcp-ssl.ovpn;
- cd
- # pada tulisan xxx ganti dengan alamat ip address VPS anda
- /etc/init.d/openvpn restart
- # masukkan certificatenya ke dalam config client TCP 1194
- echo '<ca>' >> /etc/openvpn/client-tcp-1194.ovpn
- cat /etc/openvpn/server/ca.crt >> /etc/openvpn/client-tcp-1194.ovpn
- echo '</ca>' >> /etc/openvpn/client-tcp-1194.ovpn
- echo '<key>' >> /etc/openvpn/client-tcp-1194.ovpn
- cat /etc/openvpn/server/server.key >> /etc/openvpn/client-tcp-1194.ovpn
- echo '</key>' >> /etc/openvpn/client-tcp-1194.ovpn
- # Copy config OpenVPN client ke home directory root agar mudah didownload ( TCP 1194 )
- cp /etc/openvpn/client-tcp-1194.ovpn /home/vps/public_html/client-tcp-1194.ovpn
- # masukkan certificatenya ke dalam config client UDP 2200
- echo '<ca>' >> /etc/openvpn/client-udp-2200.ovpn
- cat /etc/openvpn/server/ca.crt >> /etc/openvpn/client-udp-2200.ovpn
- echo '</ca>' >> /etc/openvpn/client-udp-2200.ovpn
- echo '<key>' >> /etc/openvpn/client-udp-2200.ovpn
- cat /etc/openvpn/server/server.key >> /etc/openvpn/client-udp-2200.ovpn
- echo '</key>' >> /etc/openvpn/client-udp-2200.ovpn
- # Copy config OpenVPN client ke home directory root agar mudah didownload ( UDP 2200 )
- cp /etc/openvpn/client-udp-2200.ovpn /home/vps/public_html/client-udp-2200.ovpn
- # masukkan certificatenya ke dalam config client SSL
- echo '<ca>' >> /etc/openvpn/client-tcp-ssl.ovpn
- cat /etc/openvpn/server/ca.crt >> /etc/openvpn/client-tcp-ssl.ovpn
- echo '</ca>' >> /etc/openvpn/client-tcp-ssl.ovpn
- # Copy config OpenVPN client ke home directory root agar mudah didownload ( SSL )
- cp /etc/openvpn/client-tcp-ssl.ovpn /home/vps/public_html/client-tcp-ssl.ovpn
- #firewall untuk memperbolehkan akses UDP dan akses jalur TCP
- iptables -t nat -I POSTROUTING -s 10.6.0.0/24 -o $ANU -j MASQUERADE
- iptables -t nat -I POSTROUTING -s 10.7.0.0/24 -o $ANU -j MASQUERADE
- iptables-save > /etc/iptables.up.rules
- chmod +x /etc/iptables.up.rules
- iptables-restore -t < /etc/iptables.up.rules
- netfilter-persistent save
- netfilter-persistent reload
- # Restart service openvpn
- systemctl enable openvpn
- systemctl start openvpn
- /etc/init.d/openvpn restart
- # Delete script
- history -c
- rm -f /root/vpn.sh
|
