commit

Adhidarma Hadiwinoto
Showing 2 changed files with 131 additions and 0 deletions Side-by-side Diff
centos-after-install.sh
vpnc-setup.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+echo
+echo ================
+echo Tektrans - Finnet AD2MT post OS install script
+echo ================
+echo
+
+read -p 'IP PeerVPN: ' ippeervpn < /dev/tty
+if [ -z "$ippeervpn" ]; then
+	echo "Invalid peervpn ip";
+	exit
+fi
+
+set -x
+
+sudo useradd komodo
+sudo usermod -a -G dialout komodo
+
+sudo yum -y install epel-release
+sudo yum -y install vim-enhanced wget nodejs nmap traceroute net-tools telnet minicom iperf htop
+sudo yum -y groupinstall "Development Tools"
+sudo yum -y update 
+sudo npm install -g nodemon
+sudo npm install -g mocha
+
+mkdir src
+cd ~src
+wget https://peervpn.net/files/peervpn-0-044-linux-x86.tar.gz
+tar xzf peervpn-0-044-linux-x86.tar.gz
+cd peervpn-0-044
+sudo install peervpn /usr/local/sbin/
+sudo mkdir /etc/peervpn
+sudo rm -f /etc/peervpn/tektrans.conf
+sudo tee /etc/peervpn/tektrans.conf << EOF
+networkname Tektrans
+psk fc905de75a79a346abc58c256f950a7d3d015e99
+enabletunneling yes
+enablerelay yes
+interface pvpntektrans
+initpeers 122.248.38.20 7010 128.199.161.36 7003
+EOF
+
+echo ifconfig4 $ippeervpn/24 | sudo tee -a /etc/peervpn/tektrans.conf
+
+sudo tee /etc/systemd/system/peervpn@.service << EOF
+[Unit]
+Description=PeerVPN Node (%i)
+After=syslog.target network.target
+ConditionPathExists=/etc/peervpn/%i.conf
+
+[Service]
+Type=simple
+ExecStart=/usr/local/sbin/peervpn /etc/peervpn/%i.conf
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+sudo systemctl daemon-reload
+sudo systemctl enable peervpn@tektrans
@@ -0,0 +1,70 @@
+#!/bin/bash
+
+echo
+echo ================
+echo Tektrans - Finnet AD2MT VPNC configurator
+echo ================
+echo
+
+read -p 'VPNC username: ' vpncuser < /dev/tty
+if [ -z "$vpncuser" ]; then
+	echo "Invalid vpnc user";
+	exit
+fi
+
+read -p 'VPNC password: ' vpncpass < /dev/tty
+if [ -z "$vpncpass" ]; then
+	echo "Invalid vpnc password";
+	exit
+fi
+
+read -p 'IPSEC secret: ' ipsecsecret < /dev/tty
+if [ -z "$ipsecsecret" ]; then
+	echo "Invalid ipssec secret";
+	exit
+fi
+
+
+set -x
+
+sudo tee /etc/systemd/system/vpnc@.service << EOF
+[Unit]
+Description=VPNC Client %i
+After=syslog.target network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/sbin/vpnc --no-detach --ifname tun-%i %i
+Restart=always
+User=root
+Group=root
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+sudo tee /etc/vpnc/ad2mt.conf << EOF
+IPSec gateway vpn.finnet.co.id
+IPSec ID ad2mt
+Domain WORKGROUP
+Vendor cisco
+NAT Traversal Mode natt
+IKE DH Group dh2
+Perfect Forward Secrecy server
+Local Addr 0.0.0.0
+Local Port 500
+Cisco UDP Encapsulation Port 10000
+DPD idle timeout (our side) 300
+IKE Authmode psk
+IPSEC target network 0.0.0.0/0.0.0.0
+EOF
+
+echo Xauth username $vpncuser | sudo tee -a /etc/vpnc/ad2mt.conf
+echo Xauth password $vpncpass | sudo tee -a /etc/vpnc/ad2mt.conf
+echo IPSec secret $ipsecsecret | sudo tee -a /etc/vpnc/ad2mt.conf
+
+sudo systemctl daemon-reload
+sudo systemctl enable vpnc@ad2mt
+
+echo
+cat /etc/vpnc/ad2mt.conf
...	...	@@ -0,0 +1,61 @@
	1	+#!/bin/bash
	2	+
	3	+echo
	4	+echo ================
	5	+echo Tektrans - Finnet AD2MT post OS install script
	6	+echo ================
	7	+echo
	8	+
	9	+read -p 'IP PeerVPN: ' ippeervpn < /dev/tty
	10	+if [ -z "$ippeervpn" ]; then
	11	+ echo "Invalid peervpn ip";
	12	+ exit
	13	+fi
	14	+
	15	+set -x
	16	+
	17	+sudo useradd komodo
	18	+sudo usermod -a -G dialout komodo
	19	+
	20	+sudo yum -y install epel-release
	21	+sudo yum -y install vim-enhanced wget nodejs nmap traceroute net-tools telnet minicom iperf htop
	22	+sudo yum -y groupinstall "Development Tools"
	23	+sudo yum -y update
	24	+sudo npm install -g nodemon
	25	+sudo npm install -g mocha
	26	+
	27	+mkdir src
	28	+cd ~src
	29	+wget https://peervpn.net/files/peervpn-0-044-linux-x86.tar.gz
	30	+tar xzf peervpn-0-044-linux-x86.tar.gz
	31	+cd peervpn-0-044
	32	+sudo install peervpn /usr/local/sbin/
	33	+sudo mkdir /etc/peervpn
	34	+sudo rm -f /etc/peervpn/tektrans.conf
	35	+sudo tee /etc/peervpn/tektrans.conf << EOF
	36	+networkname Tektrans
	37	+psk fc905de75a79a346abc58c256f950a7d3d015e99
	38	+enabletunneling yes
	39	+enablerelay yes
	40	+interface pvpntektrans
	41	+initpeers 122.248.38.20 7010 128.199.161.36 7003
	42	+EOF
	43	+
	44	+echo ifconfig4 $ippeervpn/24 \| sudo tee -a /etc/peervpn/tektrans.conf
	45	+
	46	+sudo tee /etc/systemd/system/peervpn@.service << EOF
	47	+[Unit]
	48	+Description=PeerVPN Node (%i)
	49	+After=syslog.target network.target
	50	+ConditionPathExists=/etc/peervpn/%i.conf
	51	+
	52	+[Service]
	53	+Type=simple
	54	+ExecStart=/usr/local/sbin/peervpn /etc/peervpn/%i.conf
	55	+
	56	+[Install]
	57	+WantedBy=multi-user.target
	58	+EOF
	59	+
	60	+sudo systemctl daemon-reload
	61	+sudo systemctl enable peervpn@tektrans
...	...	@@ -0,0 +1,70 @@
	1	+#!/bin/bash
	2	+
	3	+echo
	4	+echo ================
	5	+echo Tektrans - Finnet AD2MT VPNC configurator
	6	+echo ================
	7	+echo
	8	+
	9	+read -p 'VPNC username: ' vpncuser < /dev/tty
	10	+if [ -z "$vpncuser" ]; then
	11	+ echo "Invalid vpnc user";
	12	+ exit
	13	+fi
	14	+
	15	+read -p 'VPNC password: ' vpncpass < /dev/tty
	16	+if [ -z "$vpncpass" ]; then
	17	+ echo "Invalid vpnc password";
	18	+ exit
	19	+fi
	20	+
	21	+read -p 'IPSEC secret: ' ipsecsecret < /dev/tty
	22	+if [ -z "$ipsecsecret" ]; then
	23	+ echo "Invalid ipssec secret";
	24	+ exit
	25	+fi
	26	+
	27	+
	28	+set -x
	29	+
	30	+sudo tee /etc/systemd/system/vpnc@.service << EOF
	31	+[Unit]
	32	+Description=VPNC Client %i
	33	+After=syslog.target network.target
	34	+
	35	+[Service]
	36	+Type=simple
	37	+ExecStart=/usr/sbin/vpnc --no-detach --ifname tun-%i %i
	38	+Restart=always
	39	+User=root
	40	+Group=root
	41	+
	42	+[Install]
	43	+WantedBy=multi-user.target
	44	+EOF
	45	+
	46	+sudo tee /etc/vpnc/ad2mt.conf << EOF
	47	+IPSec gateway vpn.finnet.co.id
	48	+IPSec ID ad2mt
	49	+Domain WORKGROUP
	50	+Vendor cisco
	51	+NAT Traversal Mode natt
	52	+IKE DH Group dh2
	53	+Perfect Forward Secrecy server
	54	+Local Addr 0.0.0.0
	55	+Local Port 500
	56	+Cisco UDP Encapsulation Port 10000
	57	+DPD idle timeout (our side) 300
	58	+IKE Authmode psk
	59	+IPSEC target network 0.0.0.0/0.0.0.0
	60	+EOF
	61	+
	62	+echo Xauth username $vpncuser \| sudo tee -a /etc/vpnc/ad2mt.conf
	63	+echo Xauth password $vpncpass \| sudo tee -a /etc/vpnc/ad2mt.conf
	64	+echo IPSec secret $ipsecsecret \| sudo tee -a /etc/vpnc/ad2mt.conf
	65	+
	66	+sudo systemctl daemon-reload
	67	+sudo systemctl enable vpnc@ad2mt
	68	+
	69	+echo
	70	+cat /etc/vpnc/ad2mt.conf