Update server and install essential package
sudo apt-get update && sudo apt-get -y upgrade sudo apt-get -y install build-essential wget curl
Install SoftEther RTM from source as systemd daemon
#!/usr/bin/env bash
RTM=$(curl http://www.softether-download.com/files/softether/ | grep -o 'v[^"]*e' | grep rtm | tail -1)
IFS='-' read -r -a RTMS <<< "${RTM}"
mkdir -p /tmp/softether
cd /tmp/softether || exit 1
wget "http://www.softether-download.com/files/softether/${RTMS[0]}-${RTMS[1]}-${RTMS[2]}-${RTMS[3]}-${RTMS[4]}/Linux/SoftEther_VPN_Server/64bit_-_Intel_x64_or_AMD64/softether-vpnserver-${RTMS[0]}-${RTMS[1]}-${RTMS[2]}-${RTMS[3]}-linux-x64-64bit.tar.gz"
tar xzf "softether-vpnserver-${RTMS[0]}-${RTMS[1]}-${RTMS[2]}-${RTMS[3]}-linux-x64-64bit.tar.gz"
cd vpnserver
sudo make
cd ..
sudo mv vpnserver /usr/local/
sudo chmod 0600 /usr/local/vpnserver/*
sudo chmod +x /usr/local/vpnserver/vpnserver
sudo chmod +x /usr/local/vpnserver/vpncmd
cat <<EOF >>/lib/systemd/system/vpnserver.service
[Unit]
Description=SoftEther VPN Server
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
[Install]
WantedBy=multi-user.target
EOF
systemctl enable vpnserver.service
systemctl restart vpnserver.service
exit 0
Init first config
cd /usr/local/vpnserver/ sudo ./vpncmd 1 ServerPasswordSet
Installer script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/local/env bash | |
| # Register vultr.com with free credit https://www.vultr.com/?ref=9206731-8H | |
| # Create vps | |
| # Tested on Ubuntu 18.04, Debian 10.0 | |
| # How to… | |
| # 1. Save this file as softether-installer.sh | |
| # 2. chmod +x softether-installer.sh | |
| # 3. Run bash file | |
| # > ./softether-installer.sh | |
| # Or just | |
| # > bash softether-installer.sh | |
| # 4. Init config vpnserver | |
| # > /usr/local/vpnserver/vpncmd | |
| # Enter into local server/hub config | |
| # > ServerPasswordSet {yourPassword} | |
| # Then use SoftEther VPN Server Manager to mange your server | |
| # If you have own certificate can load into vpnserver by | |
| # > /usr/local/vpnserver/vpncmd \ | |
| # localhost:5555 \ | |
| # /SERVER \ | |
| # /PASSWORD:"${VPN_PWD}" \ | |
| # /CMD ServerCertSet \ | |
| # /LOADCERT:/etc/ssl/private/${fullcahin}.pem \ | |
| # /LOADKEY:/etc/ssl/private/${privkey}.pem | |
| if [ "$(whoami)" != "root" ]; then | |
| SUDO=sudo | |
| fi | |
| # Update system | |
| ${SUDO} apt-get update && ${SUDO} apt-get -y upgrade | |
| # Get build tools | |
| ${SUDO} apt-get -y install build-essential wget curl gcc make wget tzdata git libreadline-dev libncurses-dev libssl-dev zlib1g-dev | |
| # Define softether version | |
| VER=$(curl -s https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/ | egrep -o '(v[0-9]).*(linux-x64-64bit.tar.gz)' | grep vpnserver | head -1) | |
| #VER=$(curl -s https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/ | egrep -o '(v[0-9]).*(linux-x64-64bit.tar.gz)' | grep vpnserver | grep rtm | head -1) | |
| # Get softether source | |
| wget "https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/${VER}" -O /tmp/softether-vpnserver.tar.gz | |
| # Stop service | |
| ${SUDO} systemctl stop vpnserver | |
| # Extract softether source | |
| ${SUDO} mv /usr/local/vpnserver /usr/local/vpnserver_bak | |
| ${SUDO} tar -xzvf /tmp/softether-vpnserver.tar.gz -C /usr/local/ | |
| ${SUDO} cat /usr/local/vpnserver_bak/vpn_server.config > /usr/local/vpnserver/vpn_server.config | |
| # Remove unused file | |
| ${SUDO} rm /tmp/softether-vpnserver.tar.gz | |
| # Move to source directory | |
| cd /usr/local/vpnserver | |
| # Workaround for 18.04+ | |
| #${SUDO} sed -i 's|OPTIONS=-O2|OPTIONS=-no-pie -O2|' Makefile | |
| # Build softether | |
| ./configure && make | |
| ${SUDO} make main | |
| # Change file permission | |
| ${SUDO} chmod 0600 * && ${SUDO} chmod +x vpnserver && ${SUDO} chmod +x vpncmd | |
| # Link binary files | |
| #${SUDO} ln -sf /usr/local/vpnserver/vpnserver /usr/local/bin/vpnserver | |
| #${SUDO} ln -sf /usr/local/vpnserver/vpncmd /usr/local/bin/vpncmd | |
| # Add systemd service | |
| ${SUDO} bash -c 'cat <<EOF >/lib/systemd/system/vpnserver.service | |
| [Unit] | |
| Description=SoftEther VPN Server | |
| After=network.target auditd.service | |
| ConditionPathExists=!/usr/local/vpnserver/do_not_run | |
| [Service] | |
| Type=forking | |
| EnvironmentFile=-/usr/local/vpnserver | |
| ExecStart=/usr/local/vpnserver/vpnserver start | |
| ExecStop=/usr/local/vpnserver/vpnserver stop | |
| KillMode=process | |
| Restart=on-failure | |
| # Hardening | |
| PrivateTmp=yes | |
| ProtectHome=yes | |
| ProtectSystem=full | |
| ReadOnlyDirectories=/ | |
| ReadWriteDirectories=-/usr/local/vpnserver | |
| CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID | |
| [Install] | |
| WantedBy=multi-user.target | |
| EOF' | |
| # Act as router | |
| #echo "net.ipv4.ip_forward = 1" | ${SUDO} tee -a /etc/sysctl.conf | |
| # Tune Kernel | |
| #echo "net.ipv4.ip_local_port_range = 1024 65535" | ${SUDO} tee -a /etc/sysctl.conf | |
| #echo "net.ipv4.tcp_congestion_control = bbr" | ${SUDO} tee -a /etc/sysctl.conf | |
| #echo "net.core.default_qdisc = fq" | ${SUDO} tee -a /etc/sysctl.conf | |
| ${SUDO} sysctl –system | |
| # Reload service | |
| ${SUDO} systemctl daemon-reload | |
| # Enable service | |
| ${SUDO} systemctl enable vpnserver | |
| # Start service | |
| ${SUDO} systemctl restart vpnserver | |
| exit 0 |
System administrator at Zercle Technology Co., Ltd.
System admin กากๆ
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
Latest posts by Kawin Viriyaprasopsook (see all)
- Convert flac audio to opus/ogg/mp3 - 2020-12-20
- Workaround systemd resolved not working (127.0.0.53) - 2019-09-23
- Safely remove SATA disk from a running Linux system - 2019-05-24