-
Notifications
You must be signed in to change notification settings - Fork 0
/
autostartup.sh
326 lines (296 loc) · 10.6 KB
/
autostartup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
!/bin/bash
# Define text colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
LGREEN='\033[1;32m' # Light Green
NC='\033[0m' # No Color
# Function to handle errors
handle_error() {
echo -e "${RED}Error: $1${NC}" >&2
exit 1
}
# Function to update the package lists, upgrade installed packages, and clean up
update_system() {
if sudo apt update -y && sudo apt upgrade -y && sudo apt autoclean -y && sudo apt autoremove -y; then
echo -e "${GREEN}System update completed successfully.${NC}"
else
handle_error "Failed to update system."
fi
}
# Function to install sudo and wget
install_utilities() {
if sudo apt install -y sudo wget; then
echo -e "${GREEN}Utilities (sudo and wget) installed successfully.${NC}"
else
handle_error "Failed to install utilities (sudo and wget)."
fi
}
# Function to install Nginx and obtain SSL certificates
install_nginx() {
if sudo apt install nginx -y && sudo apt install snapd -y && sudo snap install core && sudo snap install --classic certbot && sudo ln -s /snap/bin/certbot /usr/bin/certbot && sudo certbot --nginx; then
echo -e "${GREEN}Nginx installed and SSL certificates obtained successfully.${NC}"
else
handle_error "Failed to install Nginx or obtain SSL certificates."
fi
}
# Function to manage Nginx: stop, start, reload, restart
manage_nginx() {
echo -e "${LGREEN}===== Nginx Management =====${NC}"
echo -e " ${YELLOW}1.${NC} Stop Nginx"
echo -e " ${YELLOW}2.${NC} Start Nginx"
echo -e " ${YELLOW}3.${NC} Reload Nginx"
echo -e " ${YELLOW}4.${NC} Restart Nginx"
echo -e " ${YELLOW}5.${NC} Uninstall Nginx"
echo -e " ${YELLOW}0.${NC} Back"
echo -e "${LGREEN}============================${NC}"
read -p "Enter your choice: " nginx_choice
case $nginx_choice in
1) sudo systemctl stop nginx ;;
2) sudo systemctl start nginx ;;
3) sudo systemctl reload nginx ;;
4) sudo systemctl restart nginx ;;
5) uninstall_nginx ;;
0) return ;;
*) handle_error "Invalid choice. Please enter a number between 0 and 5." ;;
esac
echo -e "${GREEN}Nginx action completed successfully.${NC}"
}
# Function to configure Nginx for wildcard SSL
configure_nginx_wildcard_ssl() {
read -p "Enter your domain name (e.g., example.com): " domain_name
if sudo certbot --nginx -d "$domain_name" -d "*.$domain_name"; then
echo -e "${GREEN}Wildcard SSL configured successfully.${NC}"
else
handle_error "Failed to configure wildcard SSL for $domain_name."
fi
}
# Function to install x-ui
install_x_ui() {
if bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh); then
echo -e "${GREEN}x-ui installed successfully.${NC}"
else
handle_error "Failed to install x-ui."
fi
}
# Function to install Telegram MTProto proxy
install_telegram_proxy() {
if curl -L -o mtp_install.sh https://git.io/fj5ru && bash mtp_install.sh; then
echo -e "${GREEN}Telegram MTProto proxy installed successfully.${NC}"
else
handle_error "Failed to install Telegram MTProto proxy."
fi
}
# Function to install OpenVPN and stunnel
install_openvpn() {
if sudo apt install openvpn stunnel4 -y; then
echo -e "${GREEN}OpenVPN and stunnel installed successfully.${NC}"
else
handle_error "Failed to install OpenVPN and stunnel."
fi
}
# Function to install fail2ban
install_fail2ban() {
if sudo apt install fail2ban -y; then
echo -e "${GREEN}fail2ban installed successfully.${NC}"
else
handle_error "Failed to install fail2ban."
fi
}
# Function to create a swap file
create_swap() {
read -p "Choose swap size (512M or 1G): " swap_size
case $swap_size in
512M)
if sudo fallocate -l 512M /swapfile && sudo chmod 600 /swapfile && sudo mkswap /swapfile && sudo swapon /swapfile && echo "/swapfile none swap sw 0 0" | sudo tee -a /etc/fstab; then
echo -e "${GREEN}Swap file created successfully.${NC}"
else
handle_error "Failed to create swap file."
fi
;;
1G)
if sudo fallocate -l 1G /swapfile && sudo chmod 600 /swapfile && sudo mkswap /swapfile && sudo swapon /swapfile && echo "/swapfile none swap sw 0 0" | sudo tee -a /etc/fstab; then
echo -e "${GREEN}Swap file created successfully.${NC}"
else
handle_error "Failed to create swap file."
fi
;;
*)
handle_error "Invalid choice. Please choose either 512M or 1G."
;;
esac
}
# Function to change SSH port
change_ssh_port() {
read -p "Enter the new SSH port: " new_ssh_port
if sudo sed -i "s/#Port 22/Port $new_ssh_port/g" /etc/ssh/sshd_config && sudo systemctl restart ssh; then
echo -e "${GREEN}SSH port changed successfully.${NC}"
else
handle_error "Failed to change SSH port."
fi
}
# Function to add a cron job to reboot the system every 2 days
schedule_reboot() {
if (crontab -l ; echo "0 0 */2 * * sudo /sbin/reboot") | crontab -; then
echo -e "${GREEN}Scheduled system reboot every 2 days.${NC}"
else
handle_error "Failed to schedule system reboot."
fi
}
# Function to optimize VPS for x-ui proxy
optimize_vps_for_x_ui_proxy() {
if sudo nano /etc/sysctl.conf && cat <<EOF >> /etc/sysctl.conf
# Increase TCP buffer sizes
net.core.rmem_default = 262144
net.core.rmem_max = 16777216
net.core.wmem_default = 262144
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15
# Turn on window scaling which can enlarge the transfer window.
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack=1
# Enable timestamps as defined in RFC1323.
net.ipv4.tcp_timestamps = 1
# Increase TCP max buffer size
net.ipv4.tcp_mem = 16777216 16777216 16777216
# Security Enhancements
#net.ipv4.conf.default.rp_filter = 1
# Optimize ARP Cache
net.ipv4.neigh.default.gc_stale_time = 120
# Increase Maximum Port Range
net.ipv4.ip_local_port_range = 1024 65000
net.core.somaxconn = 65535
net.ipv4.tcp_max_syn_backlog = 65535
#net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
vm.swappiness=65
# Memory Management for 512mb ram 512swap 5to10% total ram
vm.dirty_ratio = 5
vm.dirty_background_ratio = 3
EOF
sudo sysctl -p; then
echo -e "${GREEN}VPS optimized for x-ui proxy successfully.${NC}"
else
handle_error "Failed to optimize VPS for x-ui proxy."
fi
}
# Function for firewall management
firewall_management() {
while true; do
echo -e "${LGREEN}===== Firewall Management =====${NC}"
echo -e " ${YELLOW}1.${NC} View open ports"
echo -e " ${YELLOW}2.${NC} Add port(s)"
echo -e " ${YELLOW}3.${NC} Delete port(s)"
echo -e " ${YELLOW}4.${NC} Enable/Disable UFW"
echo -e " ${YELLOW}0.${NC} Back"
echo -e "${LGREEN}===============================${NC}"
read -p "Enter your choice: " firewall_choice
case $firewall_choice in
1) view_open_ports ;;
2) add_ports ;;
3) delete_ports ;;
4) enable_disable_ufw ;;
0) break ;;
*) handle_error "Invalid choice. Please enter a number between 0 and 4." ;;
esac
done
}
# Function to view open ports
view_open_ports() {
sudo netstat -tuln
}
# Function to add ports
add_ports() {
read -p "Enter port(s) to add (comma-separated): " ports
IFS=',' read -r -a port_array <<< "$ports"
for port in "${port_array[@]}"; do
if sudo ufw allow "$port"; then
echo -e "${GREEN}Port $port added successfully.${NC}"
else
handle_error "Failed to add port $port."
fi
done
}
# Function to delete ports
delete_ports() {
read -p "Enter port(s) to delete (comma-separated): " ports
IFS=',' read -r -a port_array <<< "$ports"
for port in "${port_array[@]}"; do
if sudo ufw delete allow "$port"; then
echo -e "${GREEN}Port $port deleted successfully.${NC}"
else
handle_error "Failed to delete port $port."
fi
done
}
# Function to enable/disable UFW
enable_disable_ufw() {
read -p "Enable or Disable UFW? (enable/disable): " ufw_choice
case $ufw_choice in
enable)
if sudo ufw enable; then
echo -e "${GREEN}UFW enabled successfully.${NC}"
else
handle_error "Failed to enable UFW."
fi
;;
disable)
if sudo ufw disable; then
echo -e "${GREEN}UFW disabled successfully.${NC}"
else
handle_error "Failed to disable UFW."
fi
;;
*)
handle_error "Invalid choice. Please enter 'enable' or 'disable'."
;;
esac
}
# Function to display menu
display_menu() {
echo -e "${LGREEN}========== Menu ==========${NC}"
echo -e " ${YELLOW}1.${NC} Update system"
echo -e " ${YELLOW}2.${NC} Install utilities (sudo and wget)"
echo -e " ${YELLOW}3.${NC} Install Nginx and obtain SSL certificates"
echo -e " ${YELLOW}4.${NC} Manage Nginx"
echo -e " ${YELLOW}5.${NC} Configure Nginx for wildcard SSL"
echo -e " ${YELLOW}6.${NC} Install x-ui"
echo -e " ${YELLOW}7.${NC} Install Telegram MTProto proxy"
echo -e " ${YELLOW}8.${NC} Install OpenVPN and stunnel"
echo -e " ${YELLOW}9.${NC} Install fail2ban"
echo -e " ${YELLOW}10.${NC} Create swap file"
echo -e " ${YELLOW}11.${NC} Change SSH port"
echo -e " ${YELLOW}12.${NC} Schedule system reboot every 2 days"
echo -e " ${YELLOW}13.${NC} Optimize VPS for x-ui proxy"
echo -e " ${YELLOW}14.${NC} Firewall Management"
echo -e " ${YELLOW}0.${NC} Exit"
echo -e "${LGREEN}==========================${NC}"
}
# Main script
while true; do
display_menu
read -p "Enter your choice: " choice
case $choice in
1) update_system ;;
2) install_utilities ;;
3) install_nginx ;;
4) manage_nginx ;;
5) configure_nginx_wildcard_ssl ;;
6) install_x_ui ;;
7) install_telegram_proxy ;;
8) install_openvpn ;;
9) install_fail2ban ;;
10) create_swap ;;
11) change_ssh_port ;;
12) schedule_reboot ;;
13) optimize_vps_for_x_ui_proxy ;;
14) firewall_management ;;
0) echo -e "${LGREEN}Exiting...${NC}"; break ;;
*) handle_error "Invalid choice. Please enter a number between 0 and 14." ;;
esac
done