-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvpssetup.sh
82 lines (71 loc) · 2.2 KB
/
vpssetup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#!/bin/bash
yum install -y epel-release
yum update -y
yum install -y vim tmux zsh git
cat << EOF >> /etc/fstab
#
/dev/xvdb1 /home btrfs ssd,ssd_spread,autodefrag,compress=lzo,subvol=home 0 0
/dev/xvdb1 /home/users btrfs ssd,ssd_spread,autodefrag,compress=lzo,subvol=users 0 0
/dev/xvdb1 /srv btrfs ssd,ssd_spread,autodefrag,compress=lzo,subvol=srv 0 0
EOF
mount /home
mount /home/users
mount /srv
useradd -s/bin/zsh -Gwheel foliage
yum install -y gcc gcc-c++ gcc-objc gcc-objc++ ncurses-devel openssl-devel
yum install -y ppp pptpd
sed -e 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/' -i /etc/sysctl.conf
sysctl -p
cat << EOF >> /etc/ppp/options.pptpd
#
ms-dns 8.8.8.8
ms-dns 8.8.4.4
EOF
cat << EOF >> /etc/pptpd.conf
#
localip 192.168.6.39-42
remoteip 192.168.6.239-242
EOF
cat << EOF >> /etc/ppp/chap-secrets
forvpn * forvpn *
foliage * 72.6.vpn *
jacksieen * x898111x *
EOF
chkconfig pptpd on
service pptpd start
yum install -y mail dovecot postfix
chkconfig dovecot on
chkconfig postfix on
service dovecot start
service postfix start
cat << EOF > /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Wed Oct 8 01:42:12 2014
*nat
:PREROUTING ACCEPT [295:20078]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -j MASQUERADE
COMMIT
# Completed on Wed Oct 8 01:42:12 2014
# Generated by iptables-save v1.4.7 on Wed Oct 8 01:42:12 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [700:105333]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 995 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 465 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 587 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8392 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Wed Oct 8 01:42:12 2014
EOF
service iptables start
chkconfig iptables on