-
Notifications
You must be signed in to change notification settings - Fork 23
Expand file tree
/
Copy pathinstall.sh
More file actions
260 lines (218 loc) · 7.57 KB
/
install.sh
File metadata and controls
260 lines (218 loc) · 7.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
#!/bin/bash
# Colors
GREEN="\033[1;32m"
YELLOW="\033[1;33m"
CYAN="\033[1;36m"
RED="\033[1;31m"
BLUE="\033[1;34m"
RESET="\033[0m"
BOLD="\033[1m"
GRAY="\033[1;30m"
print_task() {
echo -ne "${GRAY}•${RESET} $1..."
}
print_done() {
echo -e "\r${GREEN}✓${RESET} $1 "
}
print_fail() {
echo -e "\r${RED}✗${RESET} $1 "
exit 1
}
run_silent() {
local msg="$1"
local cmd="$2"
print_task "$msg"
bash -c "$cmd" &>/tmp/zivpn_install.log
if [ $? -eq 0 ]; then
print_done "$msg"
else
print_fail "$msg (Check /tmp/zivpn_install.log)"
fi
}
clear
echo -e "${BOLD}ZiVPN UDP Installer${RESET}"
echo -e "${GRAY}AutoFTbot Edition${RESET}"
echo ""
if [[ "$(uname -s)" != "Linux" ]] || [[ "$(uname -m)" != "x86_64" ]]; then
print_fail "System not supported (Linux AMD64 only)"
fi
if [ -f /usr/local/bin/zivpn ]; then
echo -e "${YELLOW}! ZiVPN detected. Reinstalling...${RESET}"
systemctl stop zivpn.service &>/dev/null
systemctl stop zivpn-api.service &>/dev/null
systemctl stop zivpn-bot.service &>/dev/null
fi
run_silent "Updating system" "sudo apt-get update"
run_silent "Setting Timezone" "sudo timedatectl set-timezone Asia/Jakarta"
if ! command -v go &> /dev/null; then
run_silent "Installing dependencies" "sudo apt-get install -y golang git net-tools"
else
print_done "Dependencies ready"
fi
echo ""
echo -ne "${BOLD}Domain Configuration${RESET}\n"
while true; do
read -p "Enter Domain: " domain
if [[ -n "$domain" ]]; then
break
fi
done
echo ""
echo -ne "${BOLD}API Key Configuration${RESET}\n"
generated_key=$(openssl rand -hex 16)
echo -e "Generated Key: ${CYAN}$generated_key${RESET}"
read -p "Enter API Key (Press Enter to use generated): " input_key
if [[ -z "$input_key" ]]; then
api_key="$generated_key"
else
api_key="$input_key"
fi
echo -e "Using Key: ${GREEN}$api_key${RESET}"
echo ""
systemctl stop zivpn.service &>/dev/null
run_silent "Downloading Core" "wget -q https://github.com/zahidbd2/udp-zivpn/releases/download/udp-zivpn_1.4.9/udp-zivpn-linux-amd64 -O /usr/local/bin/zivpn && chmod +x /usr/local/bin/zivpn"
mkdir -p /etc/zivpn
echo "$domain" > /etc/zivpn/domain
echo "$api_key" > /etc/zivpn/apikey
run_silent "Configuring" "wget -q https://raw.githubusercontent.com/AutoFTbot/ZiVPN/main/config.json -O /etc/zivpn/config.json"
run_silent "Generating SSL" "openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj '/C=ID/ST=Jawa Barat/L=Bandung/O=AutoFTbot/OU=IT Department/CN=$domain' -keyout /etc/zivpn/zivpn.key -out /etc/zivpn/zivpn.crt"
# Find a free API port
print_task "Finding available API Port"
API_PORT=8080
while netstat -tuln | grep -q ":$API_PORT "; do
((API_PORT++))
done
echo "$API_PORT" > /etc/zivpn/api_port
print_done "API Port selected: ${CYAN}$API_PORT${RESET}"
cat >> /etc/sysctl.conf <<END
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr
net.ipv4.ip_forward=1
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.core.rmem_default=16777216
net.core.wmem_default=16777216
net.core.optmem_max=65536
net.core.somaxconn=65535
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_wmem=4096 65536 16777216
net.ipv4.tcp_fastopen=3
fs.file-max=1000000
net.core.netdev_max_backlog=16384
net.ipv4.udp_mem=65536 131072 262144
net.ipv4.udp_rmem_min=8192
net.ipv4.udp_wmem_min=8192
END
sysctl -p &>/dev/null
cat <<EOF > /etc/systemd/system/zivpn.service
[Unit]
Description=ZIVPN UDP VPN Server
After=network.target
[Service]
Type=simple
User=root
WorkingDirectory=/etc/zivpn
ExecStart=/usr/local/bin/zivpn server -c /etc/zivpn/config.json
Restart=always
RestartSec=3
LimitNOFILE=65535
Environment=ZIVPN_LOG_LEVEL=info
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target
EOF
mkdir -p /etc/zivpn/api
run_silent "Setting up API" "wget -q https://raw.githubusercontent.com/AutoFTbot/ZiVPN/main/zivpn-api.go -O /etc/zivpn/api/zivpn-api.go && wget -q https://raw.githubusercontent.com/AutoFTbot/ZiVPN/main/go.mod -O /etc/zivpn/api/go.mod"
cd /etc/zivpn/api
if go build -o zivpn-api zivpn-api.go &>/dev/null; then
print_done "Compiling API"
else
print_fail "Compiling API"
fi
cat <<EOF > /etc/systemd/system/zivpn-api.service
[Unit]
Description=ZiVPN Golang API Service
After=network.target zivpn.service
[Service]
Type=simple
User=root
WorkingDirectory=/etc/zivpn/api
ExecStart=/etc/zivpn/api/zivpn-api
Restart=always
RestartSec=3
[Install]
WantedBy=multi-user.target
EOF
echo ""
echo -ne "${BOLD}Telegram Bot Configuration${RESET}\n"
echo -ne "${GRAY}(Leave empty to skip)${RESET}\n"
read -p "Bot Token: " bot_token
read -p "Admin ID : " admin_id
if [[ -n "$bot_token" ]] && [[ -n "$admin_id" ]]; then
echo ""
echo "Select Bot Type:"
echo "1) Free (Admin Only / Public Mode)"
echo "2) Paid (Pakasir Payment Gateway)"
read -p "Choice [1]: " bot_type
bot_type=${bot_type:-1}
if [[ "$bot_type" == "2" ]]; then
read -p "Pakasir Project Slug: " pakasir_slug
read -p "Pakasir API Key : " pakasir_key
read -p "Daily Price (IDR) : " daily_price
echo "{\"bot_token\": \"$bot_token\", \"admin_id\": $admin_id, \"mode\": \"public\", \"domain\": \"$domain\", \"pakasir_slug\": \"$pakasir_slug\", \"pakasir_api_key\": \"$pakasir_key\", \"daily_price\": $daily_price}" > /etc/zivpn/bot-config.json
bot_file="zivpn-paid-bot.go"
else
read -p "Bot Mode (public/private) [default: private]: " bot_mode
bot_mode=${bot_mode:-private}
echo "{\"bot_token\": \"$bot_token\", \"admin_id\": $admin_id, \"mode\": \"$bot_mode\", \"domain\": \"$domain\"}" > /etc/zivpn/bot-config.json
bot_file="zivpn-bot.go"
fi
run_silent "Downloading Bot" "wget -q https://raw.githubusercontent.com/AutoFTbot/ZiVPN/main/$bot_file -O /etc/zivpn/api/$bot_file"
cd /etc/zivpn/api
run_silent "Downloading Bot Deps" "go get github.com/go-telegram-bot-api/telegram-bot-api/v5"
if go build -o zivpn-bot "$bot_file" &>/dev/null; then
print_done "Compiling Bot"
cat <<EOF > /etc/systemd/system/zivpn-bot.service
[Unit]
Description=ZiVPN Telegram Bot
After=network.target zivpn-api.service
[Service]
Type=simple
User=root
WorkingDirectory=/etc/zivpn/api
ExecStart=/etc/zivpn/api/zivpn-bot
Restart=always
RestartSec=3
[Install]
WantedBy=multi-user.target
EOF
systemctl enable zivpn-bot.service &>/dev/null
systemctl start zivpn-bot.service &>/dev/null
else
print_fail "Compiling Bot"
fi
else
print_task "Skipping Bot Setup"
echo ""
fi
run_silent "Starting Services" "systemctl enable zivpn.service && systemctl start zivpn.service && systemctl enable zivpn-api.service && systemctl start zivpn-api.service"
# Setup Cron for Auto-Expire
echo -e "${YELLOW}Setting up Cron Job for Auto-Expire...${NC}"
cron_cmd="0 0 * * * /usr/bin/curl -s -X POST -H \"X-API-Key: \$(cat /etc/zivpn/apikey)\" http://127.0.0.1:\$(cat /etc/zivpn/api_port)/api/cron/expire >> /var/log/zivpn-cron.log 2>&1"
(crontab -l 2>/dev/null | grep -v "/api/cron/expire"; echo "$cron_cmd") | crontab -
print_done "Cron Job Configured"
iface=$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)
iptables -t nat -A PREROUTING -i "$iface" -p udp --dport 6000:19999 -j DNAT --to-destination :5667 &>/dev/null
ufw allow 6000:19999/udp &>/dev/null
ufw allow 5667/udp &>/dev/null
ufw allow $API_PORT/tcp &>/dev/null
rm -f "$0" install.tmp install.log &>/dev/null
echo ""
echo -e "${BOLD}Installation Complete${RESET}"
echo -e "Domain : ${CYAN}$domain${RESET}"
echo -e "API : ${CYAN}$API_PORT${RESET}"
echo -e "Token : ${CYAN}$api_key${RESET}"
echo -e "Dev : ${CYAN}https://t.me/AutoFTBot${RESET}"
echo ""