Last active
November 22, 2019 13:35
-
-
Save aandrusha/b5d9acd56a7b0fb01b98dcbef875daf3 to your computer and use it in GitHub Desktop.
Compile and run MTProxy with forced random padding patch on new server. For Ubuntu, Debian or other DEB-based distributives.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ "$EUID" -ne 0 ] | |
| then echo "Please run as root!" | |
| exit | |
| fi | |
| #Generate user secret (add SECRET2-SECRET16 to more secrets) | |
| SECRET1=$(head -c 16 /dev/urandom | xxd -ps) | |
| #Install git, clone repo and compile. Remove git fetch and checkout if you don't need forced random padding (key -R in systemd unit) | |
| apt install -y git curl build-essential libssl-dev zlib1g-dev | |
| git clone https://github.com/TelegramMessenger/MTProxy.git | |
| cd MTProxy/ | |
| git fetch origin pull/248/head:forcerandompadding | |
| git checkout forcerandompadding | |
| make && cd objs/bin | |
| mkdir /opt/mtproxy/ | |
| cp mtproto-proxy /opt/mtproxy/ | |
| #Configs | |
| cd /opt/mtproxy/ | |
| curl -s https://core.telegram.org/getProxySecret -o proxy-secret | |
| curl -s https://core.telegram.org/getProxyConfig -o proxy-multi.conf | |
| crontab -l | { cat; echo "0 0 * * * curl -s https://core.telegram.org/getProxyConfig -o /opt/mtproxy/proxy-multi.conf"; } | crontab - | |
| #Logs | |
| touch /var/log/mtproxy.log | |
| chown nobody:nogroup /var/log/mtproxy.log | |
| #systemd unit (add more -S $SECRETN if you generated more than 1 key in first step; add more to -M if you have more then one kernel) | |
| cat <<EOF >> /etc/systemd/system/mtproxy.service | |
| [Unit] | |
| Description=MTProxy | |
| After=network.target | |
| [Service] | |
| Type=simple | |
| WorkingDirectory=/opt/mtproxy | |
| ExecStart=/opt/mtproxy/mtproto-proxy -u nobody -p 8888 -H 443 -R -S $SECRET1 --aes-pwd proxy-secret proxy-multi.conf -M 1 -l /var/log/mtproxy.log | |
| Restart=on-failure | |
| [Install] | |
| WantedBy=multi-user.target | |
| EOF | |
| #Firewall | |
| iptables -A INPUT -i lo -j ACCEPT | |
| iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT | |
| iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT | |
| iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT | |
| iptables -P INPUT DROP | |
| echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections | |
| echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections | |
| sudo apt install -y iptables-persistent | |
| #Start! | |
| systemctl daemon-reload | |
| systemctl restart mtproxy.service | |
| systemctl status mtproxy.service | |
| #Show stats | |
| curl localhost:8888/stats |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment