gongzili456/gost_vps.init

## gost_vps.init
#!/bin/bash

# Ubuntu 18.04 系统环境
# 1. 安装并开启 BBR 拥塞控制算法
# 2. 安装 Docker CE
# 3. 安装 certbot
# 4. 安装 gost
# 5. 配置自动任务

update_core(){
    echo "更新系统内核"
    sudo apt install -y -qq --install-recommends linux-generic-hwe-18.04
    sudo apt autoremove

    echo "内核更新完成，重新启动机器。。。"
    sudo reboot
}

check_bbr(){
    has_bbr=$(lsmod | grep bbr)

    # 如果已经发现 bbr 进程
    if [ -n "$has_bbr" ] ;then
        echo "TCP BBR 拥塞控制算法已经启动"
    else
        start_bbr
    fi
}

start_bbr(){
    echo "启动 TCP BBR 拥塞控制算法"
    sudo modprobe tcp_bbr
    echo "tcp_bbr" | sudo tee --append /etc/modules-load.d/modules.conf
    echo "net.core.default_qdisc=fq" | sudo tee --append /etc/sysctl.conf
    echo "net.ipv4.tcp_congestion_control=bbr" | sudo tee --append /etc/sysctl.conf
    sudo sysctl -p
    sysctl net.ipv4.tcp_available_congestion_control
    sysctl net.ipv4.tcp_congestion_control
}

install_docker() {
    echo "开始安装 Docker CE"
    curl -fsSL https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
    sudo add-apt-repository \
        "deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu \
        $(lsb_release -cs) \
        stable"
    sudo apt-get update -qq
    sudo apt-get install -y docker-ce
}

install_certbot() {
    echo "开始安装 certbot"
    sudo apt-get update -qq
    sudo apt-get install -y software-properties-common
    sudo add-apt-repository universe
    sudo add-apt-repository ppa:certbot/certbot
    sudo apt-get update -qq
    sudo apt-get install -y certbot
}

create_cert() {
    sudo certbot certonly --standalone -d $1
}

install_gost() {
    DOMAIN=$1
    USER=$2
    PASS=$3
    PORT=443
    BIND_IP=0.0.0.0
    CERT_DIR=/etc/letsencrypt/
    CERT=${CERT_DIR}/live/${DOMAIN}/fullchain.pem
    KEY=${CERT_DIR}/live/${DOMAIN}/privkey.pem

    docker run -d --name gost \
        -v ${CERT_DIR}:${CERT_DIR}:ro \
        --net=host ginuerzh/gost \
        -L "http2://${USER}:${PASS}@${BIND_IP}:${PORT}?cert=${CERT}&key=${KEY}&probe_resist=code:404"
}

create_cront_job(){
    echo "0 0 1 * * /usr/bin/certbot renew --force-renewal" >> /var/spool/cron/crontabs/root
    echo "5 0 1 * * /usr/bin/docker restart gost" >> /var/spool/cron/crontabs/root
}

init(){
    VERSION_CURR=$(uname -r | awk -F '-' '{print $1}')
    VERSION_MIN="4.9.0"

    # 如果内核版本号满足最小要求
    if [ $VERSION_CURR > $VERSION_MIN ]; then
        check_bbr
    else
        update_core
    fi

    install_docker
    install_certbot

    echo "开始生成 SSL 证书"
    read -p "请输入你要使用的域名: " domain

    create_cert $domain

    echo "准备启动 Gost 代理程序，为了安全，需要使用用户名与密码进行认证。"
    read -p "请输入你要使用的用户名: " username
    read -p "请输入你要使用的密码: " password

    install_gost $domain $username $password

    create_cront_job
}

init
	#!/bin/bash

	# Ubuntu 18.04 系统环境
	# 1. 安装并开启 BBR 拥塞控制算法
	# 2. 安装 Docker CE
	# 3. 安装 certbot
	# 4. 安装 gost
	# 5. 配置自动任务

	update_core(){
	echo "更新系统内核"
	sudo apt install -y -qq --install-recommends linux-generic-hwe-18.04
	sudo apt autoremove

	echo "内核更新完成，重新启动机器。。。"
	sudo reboot
	}

	check_bbr(){
	has_bbr=$(lsmod \| grep bbr)

	# 如果已经发现 bbr 进程
	if [ -n "$has_bbr" ] ;then
	echo "TCP BBR 拥塞控制算法已经启动"
	else
	start_bbr
	fi
	}

	start_bbr(){
	echo "启动 TCP BBR 拥塞控制算法"
	sudo modprobe tcp_bbr
	echo "tcp_bbr" \| sudo tee --append /etc/modules-load.d/modules.conf
	echo "net.core.default_qdisc=fq" \| sudo tee --append /etc/sysctl.conf
	echo "net.ipv4.tcp_congestion_control=bbr" \| sudo tee --append /etc/sysctl.conf
	sudo sysctl -p
	sysctl net.ipv4.tcp_available_congestion_control
	sysctl net.ipv4.tcp_congestion_control
	}

	install_docker() {
	echo "开始安装 Docker CE"
	curl -fsSL https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/gpg \| sudo apt-key add -
	sudo add-apt-repository \
	"deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu \
	$(lsb_release -cs) \
	stable"
	sudo apt-get update -qq
	sudo apt-get install -y docker-ce
	}

	install_certbot() {
	echo "开始安装 certbot"
	sudo apt-get update -qq
	sudo apt-get install -y software-properties-common
	sudo add-apt-repository universe
	sudo add-apt-repository ppa:certbot/certbot
	sudo apt-get update -qq
	sudo apt-get install -y certbot
	}

	create_cert() {
	sudo certbot certonly --standalone -d $1
	}

	install_gost() {
	DOMAIN=$1
	USER=$2
	PASS=$3
	PORT=443
	BIND_IP=0.0.0.0
	CERT_DIR=/etc/letsencrypt/
	CERT=${CERT_DIR}/live/${DOMAIN}/fullchain.pem
	KEY=${CERT_DIR}/live/${DOMAIN}/privkey.pem

	docker run -d --name gost \
	-v ${CERT_DIR}:${CERT_DIR}:ro \
	--net=host ginuerzh/gost \
	-L "http2://${USER}:${PASS}@${BIND_IP}:${PORT}?cert=${CERT}&key=${KEY}&probe_resist=code:404"
	}

	create_cront_job(){
	echo "0 0 1 * * /usr/bin/certbot renew --force-renewal" >> /var/spool/cron/crontabs/root
	echo "5 0 1 * * /usr/bin/docker restart gost" >> /var/spool/cron/crontabs/root
	}

	init(){
	VERSION_CURR=$(uname -r \| awk -F '-' '{print $1}')
	VERSION_MIN="4.9.0"

	# 如果内核版本号满足最小要求
	if [ $VERSION_CURR > $VERSION_MIN ]; then
	check_bbr
	else
	update_core
	fi

	install_docker
	install_certbot

	echo "开始生成 SSL 证书"
	read -p "请输入你要使用的域名: " domain

	create_cert $domain

	echo "准备启动 Gost 代理程序，为了安全，需要使用用户名与密码进行认证。"
	read -p "请输入你要使用的用户名: " username
	read -p "请输入你要使用的密码: " password

	install_gost $domain $username $password

	create_cront_job
	}

	init