Last active
June 20, 2018 20:20
-
-
Save RafalSladek/2bfb6409496d44d9376d2cb67e6afae7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
USERNAME=zen | |
if [ -z "$(getent passwd $USERNAME)" ]; then | |
useradd -m $USERNAME | |
USERPASS=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w12 | head -n1) | |
echo "$USERNAME:$USERPASS" | chpasswd | |
echo "$USERNAME:$USERPASS" > /tme/$USERNAME | |
HOMEFOLDER=$(sudo -H -u $USERNAME bash -c 'echo $HOME') | |
COINFOLDER="$USERNAME/.zen" | |
mkdir -p $COINFOLDER | |
chown -R $USERNAME: $COINFOLDER >/dev/null | |
else | |
clear | |
echo -e "${RED}User exits. Please enter another username: ${NC}" | |
fi | |
FQDN=mn1.crypto-pool.net | |
echo "export FQDN=$FQDN" >> $HOMEFOLDER/.bashrc | |
sudo apt-get update -y | |
sudo apt-get -y install build-essential software-properties-common apt-transport-https lsb-release dirmngr pwgen ssl-cert git jq ufw curl | |
echo 'deb https://zencashofficial.github.io/repo/ '$(lsb_release -cs)' main' | sudo tee --append /etc/apt/sources.list.d/zen.list | |
gpg --keyserver ha.pool.sks-keyservers.net --recv 219F55740BBF7A1CE368BA45FB7053CE4991B669 | |
gpg --export 219F55740BBF7A1CE368BA45FB7053CE4991B669 | sudo apt-key add - | |
sudo add-apt-repository ppa:certbot/certbot -y | |
sudo apt-get update -y | |
sudo apt-get install zen certbot -y | |
BINARY_FILE=$(which zend) | |
sudo cat << EOF > /etc/systemd/system/$USERNAME.service | |
[Unit] | |
Description=Zend service | |
After=network.target | |
[Service] | |
Type=forking | |
User=$USERNAME | |
Group=$USERNAME | |
WorkingDirectory=$HOMEFOLDER | |
ExecStart=$BINARY_FILE -daemon | |
ExecStop=$BINARY_FILE stop | |
Restart=always | |
PrivateTmp=true | |
TimeoutStopSec=60s | |
TimeoutStartSec=10s | |
StartLimitInterval=120s | |
StartLimitBurst=5 | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
mkdir $HOMEFOLDER/.zen | |
cat <<EOF > $HOMEFOLDER/.zen/zen.conf | |
rpcuser=$(pwgen -s 32 1) | |
rpcpassword=$(pwgen -s 64 1) | |
rpcport=18231 | |
rpcallowip=127.0.0.1 | |
rpcworkqueue=512 | |
server=1 | |
daemon=1 | |
listen=1 | |
txindex=1 | |
logtimestamps=1 | |
### testnet config | |
#testnet=1 | |
EOF | |
sudo sed -i "s/.*PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config | |
sudo sed -i "s/.*PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config | |
sudo sed -i "s/.*ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/g" /etc/ssh/sshd_config | |
sudo systemctl restart sshd | |
sudo ufw default allow outgoing | |
sudo ufw default deny incoming | |
sudo ufw allow ssh/tcp | |
sudo ufw limit ssh/tcp | |
sudo ufw allow http/tcp | |
sudo ufw allow https/tcp | |
sudo ufw allow 9033/tcp | |
sudo ufw logging on | |
sudo ufw -f enable | |
sudo ufw status | |
sudo systemctl enable ufw | |
sudo -u $USERNAME zen-fetch-params | |
sudo -u $USERNAME zend | |
sudo certbot certonly -n --agree-tos --register-unsafely-without-email --standalone -d $FQDN | |
sudo cp /etc/letsencrypt/live/$FQDN/chain.pem /usr/local/share/ca-certificates/chain.crt | |
sudo update-ca-certificates | |
echo "tlscertpath=/etc/letsencrypt/live/$FQDN/cert.pem" >> $HOMEFOLDER/.zen/zen.conf | |
echo "tlskeypath=/etc/letsencrypt/live/$FQDN/privkey.pem" >> $HOMEFOLDER/.zen/zen.conf | |
sudo adduser $USERNAME ssl-cert | |
sudo chown -R root:ssl-cert /etc/letsencrypt/ | |
sudo chmod -R 750 /etc/letsencrypt/ | |
sg ssl-cert -c "bash" | |
sudo -u $USERNAME zen-cli getinfo | |
sudo -u $USERNAME zen-cli zcbenchmark createjoinsplit 1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment