Last active
September 23, 2022 10:44
-
-
Save m3rryqold/8d2331121965f81f3863f8e4e026d006 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# setup Pritunl startup script | |
cat << Parent_EOF > setup-pritunl.sh | |
#! /bin/bash | |
sudo tee /etc/apt/sources.list.d/pritunl.list << EOF | |
deb http://repo.pritunl.com/stable/apt focal main | |
EOF | |
# Import signing key from keyserver | |
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com --recv 7568D9BB55FF9E5287D586017AE645C0CF8E292A | |
# Alternative import from download if keyserver offline | |
# curl https://raw.githubusercontent.com/pritunl/pgp/master/pritunl_repo_pub.asc | sudo apt-key add - | |
sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list << EOF | |
deb https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse | |
EOF | |
wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add - | |
sudo apt update | |
# WireGuard server support | |
sudo apt -y install wireguard wireguard-tools | |
# Disable firewall | |
sudo ufw disable | |
sudo apt -y install pritunl mongodb-org | |
sudo systemctl enable mongod pritunl | |
sudo systemctl start mongod pritunl | |
# change default port to 8443 if 443 in use | |
sudo sed -i 's/ 443/ 8443/' /etc/pritunl.conf | |
# start pritunl | |
sudo pritunl | |
Parent_EOF | |
# create instance template | |
gcloud compute instance-templates create pritunl-template \ | |
--machine-type n2-standard-2 \ | |
--boot-disk-size 100GB \ | |
--metadata-from-file=startup-script=setup-pritunl.sh | |
# create target pool | |
gcloud compute target-pools create pritunl-pool --region us-central1 | |
# create managed instance groups | |
gcloud compute instance-groups managed create pritunl-group \ | |
--base-instance-name pritunl \ | |
--size 1 \ | |
--template pritunl-template \ | |
--target-pool pritunl-pool \ | |
--region us-central1 | |
# Configure External IP, Forwarding Rules and Network Load Balancer for both UDP/TCP | |
gcloud compute addresses create vpn-network-lb --region=us-central1 | |
# for TCP | |
gcloud compute backend-services create vpn-backend-tcp \ | |
--protocol TCP \ | |
--health-checks vpn-health-check \ | |
--health-checks-region us-central1 \ | |
--region us-central1 | |
gcloud compute forwarding-rules create vpn-tcp-frontend \ | |
--region=us-central1 \ | |
--load-balancing-scheme=EXTERNAL \ | |
--backend-service=vpn-backend-tcp \ | |
--backend-service-region=us-central1 \ | |
--ip-protocol=TCP \ | |
--address=vpn-network-lb \ | |
--ports=443 | |
# for UDP | |
gcloud compute backend-services create vpn-backend-udp \ | |
--protocol UDP \ | |
--health-checks vpn-health-check \ | |
--health-checks-region us-central1 \ | |
--region us-central1 | |
gcloud compute forwarding-rules create vpn-udp-frontend \ | |
--region=us-central1 \ | |
--load-balancing-scheme=EXTERNAL \ | |
--backend-service=vpn-backend-udp \ | |
--backend-service-region=us-central1 \ | |
--ip-protocol=UDP \ | |
--address=vpn-network-lb \ | |
--ports=19708 |
Timtech4u
commented
Sep 20, 2022
•
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment