VPS上一键安装安装VPN脚本

前天在smartvps.cn买了一台VPS，总体用着还不错，我在上边装了个VPN，现写成了个脚本，给大家参考。

 

#README

#please reset your IP ADDRESS,then put the lzo-2.06.tar.gz，openvpn-########2.2.2.tar.gz， install.sh in /root,then sh install.sh

yum groupinstall "Development tools"  -y

yum install -y openssl openssl-devel automake pkgconfig iptables

cd /root

tar zxvf lzo-2.06.tar.gz

cd ./lzo-2.06

./configure

make

make check

make install

cd ../

 

cd /root

tar zxvf openvpn-2.2.2.tar.gz

cd openvpn-2.2.2

./configure –with-lzo-headers=/usr/local/include \

 –with-lzo-lib=/usr/local/lib  \

–with-ssl-headers=/usr/include/openssl  \

–with-ssl-lib=/usr/lib

make

make install

cd ../

 

mkdir /etc/openvpn

cp -r /root/openvpn-2.2.2/easy-rsa/ /etc/openvpn

cp /etc/openvpn/easy-rsa/2.0/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/2.0/openssl.cnf

 

sed -i 's/KEY_COUNTRY="US"/KEY_COUNTRY="CN"/g' /etc/openvpn/easy-rsa/2.0/vars

sed -i 's/export KEY_PROVINCE="CA"/export KEY_PROVINCE="BJ"/g' /etc/openvpn/easy-rsa/2.0/vars

sed -i 's/KEY_CITY="SanFrancisco"/KEY_CITY="BJ"/g' /etc/openvpn/easy-rsa/2.0/vars

sed -i 's/KEY_ORG="Fort-Funston"/KEY_ORG="fbii"/g' /etc/openvpn/easy-rsa/2.0/vars

sed -i 's/KEY_EMAIL="me@myhost.mydomain"/KEY_EMAIL="syuanwei@126.com"/g' /etc/openvpn/easy-rsa/2.0/vars

 

cd /etc/openvpn/easy-rsa/2.0/

source ./vars

./clean-all

./build-ca

./build-key-server server

./build-key client1

./build-key client2

./build-key client3

./build-key client4

./build-key client5

./build-key client6

./build-key client7

./build-key client8

./build-key client9

./build-key client10

./build-dh

 

echo "local 36.54.3.38" >> /usr/local/etc/server.conf

echo "port 1194" >>/usr/local/etc/server.conf

echo "proto udp" >> /usr/local/etc/server.conf

echo "dev tun"  >> /usr/local/etc/server.conf

echo "ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt" >> /usr/local/etc/server.conf

echo "cert /etc/openvpn/easy-rsa/2.0/keys/server.crt" >> /usr/local/etc/server.conf

echo "key /etc/openvpn/easy-rsa/2.0/keys/server.key" >> /usr/local/etc/server.conf

echo "dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem" >> /usr/local/etc/server.conf

echo "server 10.8.0.0 255.255.255.0" >> /usr/local/etc/server.conf

echo "client-to-client" >> /usr/local/etc/server.conf

echo "keepalive 10 120" >> /usr/local/etc/server.conf

echo "comp-lzo" >> /usr/local/etc/server.conf

echo "persist-key" >> /usr/local/etc/server.conf

echo "persist-tun" >> /usr/local/etc/server.conf

echo "status /etc/openvpn/easy-rsa/2.0/keys/openvpn-status.log" >> /usr/local/etc/server.conf

echo "verb 4" >> /usr/local/etc/server.conf

echo "push "dhcp-option DNS 202.106.196.115"" >> /usr/local/etc/server.conf

echo "push "dhcp-option DNS 8.8.8.8"" >> /usr/local/etc/server.conf

 

echo "client" >> /usr/local/etc/client1.conf

echo "dev tun" >> /usr/local/etc/client1.conf

echo "proto udp" >> /usr/local/etc/client1.conf

echo "remote 36.54.3.38 1194"  >> /usr/local/etc/client1.conf

echo "persist-key" >> /usr/local/etc/client1.conf

echo "persist-tun" >> /usr/local/etc/client1.conf

echo "ca ca.crt" >> /usr/local/etc/client1.conf

echo "ns-cert-type server" >> /usr/local/etc/client1.conf

echo "comp-lzo" >> /usr/local/etc/client1.conf

echo "verb 3" >> /usr/local/etc/client1.conf

echo "redirect-gateway def1" >> /usr/local/etc/client1.conf

echo "route-method exe" >> /usr/local/etc/client1.conf

echo "route-delay 2" >> /usr/local/etc/client1.conf

echo "cert client1.crt" >>  /usr/local/etc/client1.conf       

echo "key client1.key" >>  /usr/local/etc/client1.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client2.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client3.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client4.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client5.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client6.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client7.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client8.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client9.conf

cp  /usr/local/etc/client1.conf  /usr/local/etc/client10.conf

sed -i 's/key client1.key/key client2.key/g' /usr/local/etc/client2.conf

sed -i 's/cert client1.crt/cert client2.crt/g' /usr/local/etc/client2.conf

sed -i 's/key client1.key/key client3.key/g' /usr/local/etc/client3.conf

sed -i 's/cert client1.crt/cert client3.crt/g' /usr/local/etc/client3.conf

sed -i 's/key client1.key/key client4.key/g' /usr/local/etc/client4.conf

sed -i 's/cert client1.crt/cert client4.crt/g' /usr/local/etc/client4.conf

sed -i 's/key client1.key/key client5.key/g' /usr/local/etc/client5.conf

sed -i 's/cert client1.crt/cert client5.crt/g' /usr/local/etc/client5.conf

sed -i 's/key client1.key/key client6.key/g' /usr/local/etc/client6.conf

sed -i 's/cert client1.crt/cert client6.crt/g' /usr/local/etc/client6.conf

sed -i 's/key client1.key/key client7.key/g' /usr/local/etc/client7.conf

sed -i 's/cert client1.crt/cert client7.crt/g' /usr/local/etc/client7.conf

sed -i 's/key client1.key/key client8.key/g' /usr/local/etc/client8.conf

sed -i 's/cert client1.crt/cert client8.crt/g' /usr/local/etc/client8.conf

sed -i 's/key client1.key/key client9.key/g' /usr/local/etc/client9.conf

sed -i 's/cert client1.crt/cert client9.crt/g' /usr/local/etc/client9.conf

sed -i 's/key client1.key/key client10.key/g' /usr/local/etc/client10.conf

sed -i 's/cert client1.crt/cert client10.crt/g' /usr/local/etc/client10.conf

 

sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf

sysctl -p

/etc/init.d/iptables restart

iptables -t nat -I POSTROUTING -s 10.8.0.0/24 -j SNAT –to-source 36.54.3.38

service iptables save

service iptables restart

echo "/usr/local/sbin/openvpn –config /usr/local/etc/server.conf &" >> /etc/rc.local

/usr/local/sbin/openvpn –config /usr/local/etc/server.conf &