Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Install softether vpn server on ubuntu 16.04+
#!/usr/local/env bash
# Register vultr.com with free credit https://www.vultr.com/?ref=8221367-4F
# Create vps with 5usd price
# Tested on Ubuntu 18.04, Debian 10.0
# How to...
# 1. Save this file as softether-installer.sh
# 2. chmod +x softether-installer.sh
# 3. Run bash file
# > ./softether-installer.sh
# Or just
# > bash softether-installer.sh
# 4. Init config vpnserver
# > /usr/local/vpnserver/vpncmd
# Enter into local server/hub config
# > ServerPasswordSet {yourPassword}
# Then use SoftEther VPN Server Manager to mange your server
# If you have own certificate can load into vpnserver by
# > /usr/local/vpnserver/vpncmd \
# localhost:5555 \
# /SERVER \
# /PASSWORD:"${VPN_PWD}" \
# /CMD ServerCertSet \
# /LOADCERT:/etc/ssl/private/${fullcahin}.pem \
# /LOADKEY:/etc/ssl/private/${privkey}.pem
if [ "$(whoami)" != "root" ]; then
SUDO=sudo
fi
# Update system
${SUDO} apt-get update && ${SUDO} apt-get -y upgrade
# Get build tools
${SUDO} apt-get -y install build-essential wget curl gcc make wget tzdata git libreadline-dev libncurses-dev libssl-dev zlib1g-dev
# Define softether version
VER=$(curl -s https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/ | egrep -o '(v[0-9]).*(linux-x64-64bit.tar.gz)' | grep vpnserver | head -1)
#VER=$(curl -s https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/ | egrep -o '(v[0-9]).*(linux-x64-64bit.tar.gz)' | grep vpnserver | grep rtm | head -1)
# Get softether source
wget "https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/${VER}" -O /tmp/softether-vpnserver.tar.gz
# Stop service
${SUDO} systemctl stop vpnserver
# Extract softether source
${SUDO} tar -xzvf /tmp/softether-vpnserver.tar.gz -C /usr/local/
# Remove unused file
${SUDO} rm /tmp/softether-vpnserver.tar.gz
# Move to source directory
cd /usr/local/vpnserver
# Workaround for 18.04+
#${SUDO} sed -i 's|OPTIONS=-O2|OPTIONS=-no-pie -O2|' Makefile
# Build softether
./configure
${SUDO} make i_read_and_agree_the_license_agreement
# Change file permission
${SUDO} chmod 0600 * && ${SUDO} chmod +x vpnserver && ${SUDO} chmod +x vpncmd
# Link binary files
#${SUDO} ln -sf /usr/local/vpnserver/vpnserver /usr/local/bin/vpnserver
#${SUDO} ln -sf /usr/local/vpnserver/vpncmd /usr/local/bin/vpncmd
# Add systemd service
${SUDO} bash -c 'cat <<EOF >/lib/systemd/system/vpnserver.service
[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/usr/local/vpnserver/do_not_run
[Service]
Type=forking
EnvironmentFile=-/usr/local/vpnserver
ExecStart=/usr/local/vpnserver/vpnserver start
ExecStop=/usr/local/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure
# Hardening
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyDirectories=/
ReadWriteDirectories=-/usr/local/vpnserver
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID
[Install]
WantedBy=multi-user.target
EOF'
# Act as router
echo "net.ipv4.ip_forward = 1" | ${SUDO} tee -a /etc/sysctl.conf
# Tune Kernel
echo "net.ipv4.ip_local_port_range = 1024 65535" | ${SUDO} tee -a /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control = bbr" | ${SUDO} tee -a /etc/sysctl.conf
echo "net.core.default_qdisc = fq" | ${SUDO} tee -a /etc/sysctl.conf
${SUDO} sysctl --system
# Reload service
${SUDO} systemctl daemon-reload
# Enable service
${SUDO} systemctl enable vpnserver
# Start service
${SUDO} systemctl restart vpnserver
exit 0
@bujidaa

This comment has been minimized.

Copy link

@bujidaa bujidaa commented Apr 21, 2018

"-bash: sudo: command not found" could you please tell me how to solve this problem?

@dasSolli

This comment has been minimized.

Copy link

@dasSolli dasSolli commented May 8, 2018

Hy bujidaa

.) Make a new file
nano install

.) Copy and Paste the script in it
.) Save the file
STRG+X Y (Enter)

.) Change permissions
chmod 777 install

.) Open File
./install

I hope it will help
Have Fun

@klawx3

This comment has been minimized.

Copy link

@klawx3 klawx3 commented Jun 4, 2018

softether_installer.sh: 12: softether_installer.sh: Syntax error: redirection unexpected
on ubuntu 18.04

@bouroo

This comment has been minimized.

Copy link
Owner Author

@bouroo bouroo commented Aug 5, 2018

@klawx3 I'll looking to this problem

@Akonova1enko

This comment has been minimized.

Copy link

@Akonova1enko Akonova1enko commented Oct 25, 2018

-- Alert: SoftEther VPN Kernel --
Fatal Error: The file "hamcore.se2" is missing or broken.
Please check hamcore.se2.

@vnpnlz

This comment has been minimized.

Copy link

@vnpnlz vnpnlz commented Nov 29, 2018

Anyone here successfully made this softether running on Ubuntu 18.04+?

@amanjuman

This comment has been minimized.

Copy link

@amanjuman amanjuman commented Nov 30, 2018

Not working on Ubuntu 18.04 x64. Can you make it working on 18.04?

@amanjuman

This comment has been minimized.

Copy link

@amanjuman amanjuman commented Nov 30, 2018

-bash: ./se.sh: /usr/local/env: bad interpreter: No such file or directory

@0bo

This comment has been minimized.

Copy link

@0bo 0bo commented Dec 4, 2018

-bash: ./se.sh: /usr/local/env: bad interpreter: No such file or directory

this works well for me , try make that directory?

@bouroo

This comment has been minimized.

Copy link
Owner Author

@bouroo bouroo commented Jan 3, 2019

Anyone here successfully made this softether running on Ubuntu 18.04+?
Not working on Ubuntu 18.04 x64. Can you make it working on 18.04?

I've been tested. It's work well on Ubuntu 18.10 and Debian 9.6

@pmout

This comment has been minimized.

Copy link

@pmout pmout commented Apr 4, 2019

It works perfect in Ubuntu 18.04.2 LTS. Thanks.
(Anyone know if there is an equivalent script for softether client?)

@dimasahmad

This comment has been minimized.

Copy link

@dimasahmad dimasahmad commented May 1, 2019

I think you should edit line 79
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID

@mikeevans82

This comment has been minimized.

Copy link

@mikeevans82 mikeevans82 commented Nov 12, 2019

Thanks for this script! I have a few notes on the comments and issues I had.

@Akonova1enko: If you see "Fatal Error: The file "hamcore.se2" is missing or broken." its probably because you are running vpncmd without elevated permissions. Use a root account or sudo.

@amanjuman: If you see "/usr/local/env: bad interpreter: No such file or directory" you need to specify the correct path to env at line one in the script. I'm not sure how this is working for other Ubuntu users. On 18.04 Server I updated the path to /usr/bin/env.

For me /usr/local/env was missing on 18.04 Desktop, 18.04 Server, 19.04 Desktop, and 19.10 Desktop.

@bouroo: I got permission denied on line 59 when running without the sudo command. Replacing it with this fixed it for me:
${SUDO} bash -c 'cat > /lib/systemd/system/vpnserver.service' << EOF

@bouroo

This comment has been minimized.

Copy link
Owner Author

@bouroo bouroo commented Nov 12, 2019

@mikeevans82 thx, just fixed that line.

@mikeevans82

This comment has been minimized.

Copy link

@mikeevans82 mikeevans82 commented Nov 14, 2019

@bouroo I tested your edit on line 59 and it still produces a "permission denied" error for me when running as a normal user. I believe the problem is that ">" is interpreted by the current bash shell, which is not being elevated by sudo. In your script, bash needs to be elevated to create a file in /lib/... but your sudo command is being applied to cat instead. In my solution "sudo bash -c" runs the command with an elevated(super user) bash process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment