tor-relay

#!/bin/bash
set -e
#
if [ $UID -ne 0 ]; then
    echo -e $RED"This program must be run as root."$END
    sleep 2
    exit 0
fi
SSH_CONF=/etc/ssh/sshd_config
mv "$SSH_CONF" /etc/ssh/sshd_config.bak
touch "$SSH_CONF"
echo -e "\nSSH port:"
  read SSH_PORT
    if [[ "$SSH_PORT" -ge "1" || "$SSH_PORT" -le "99999" ]]; then
        echo -e "\nPort $SSH_PORT\n" > "$SSH_CONF"
    else
       echo -e "THAT WAS NOT AN ACCEPTABLE PORT!!!! RE-RUN THE SCRIPT AND PUT SOMETHING SENSIBLE HERE BEFORE YOU LOCK YOURSELF OUT!!"
       exit 0
    fi
echo -e "Do you want to add an ssh key? (Y/no)"
  read HAVE_KEY
    if [[ "$HAVE_KEY" = "no" ]]; then
        sleep 1
    else
        echo -e "Please paste your public key (beginning with ssh-rsa)."
          read SSH_KEY
            if [[ -e /"$USER"/.ssh ]]; then
                echo -e "\n"$SSH_KEY"" >> /"$USER"/.ssh/authorized_keys
            else
                mkdir /"$USER"/.ssh/
                echo -e "$SSH_KEY" > /"$USER"/.ssh/authorized_keys
            fi
    fi
echo -e "\nProtocol 2\n\nHostKey /etc/ssh/ssh_host_rsa_key\n\nHostKey /etc/ssh/ssh_host_dsa_key\n\nHostKey /etc/ssh/ssh_host_ecdsa_key\n\nUsePrivilegeSeparation yes\n\nKeyRegenerationInterval 3600\n\nServerKeyBits 1024\n\nSyslogFacility AUTH\n\nLogLevel INFO\n\nLoginGraceTime 120\n\nPermitRootLogin without-password\n\nStrictModes yes\n\nRSAAuthentication yes\n\nPubkeyAuthentication yes\n\nAuthorizedKeysFile /root/.ssh/authorized_keys\n\nIgnoreRhosts yes\n\nHostbasedAuthentication no\n\nRhostsRSAAuthentication no\n\nPermitEmptyPasswords no\n\nChallengeResponseAuthentication no\n\nPasswordAuthentication no\n\nKerberosAuthentication no\n\nGSSAPIAuthentication no\n\nX11Forwarding yes\n\nX11DisplayOffset 10\n\nPrintMotd no\n\nPrintLastLog yes\n\nTCPKeepAlive yes\n\nAcceptEnv LANG LC_*\n\nSubsystem sftp /usr/lib/openssh/sftp-server\n\nCiphers aes256-ctr,aes256-cbc,aes128-ctr,aes128-cbc,3des-cbc\n\nUsePAM no" >> "$SSH_CONF"
chmod 0700 /root/.ssh
chmod 0600 /root/.ssh/*
apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade
apt-get -y install nano screen pwgen sudo ntp ntpdate haveged attr
echo -e "\nhardstatus on\nhardstatus alwayslastline\n$(echo 'hardstatus string "%{.bW}%-w%{.rW}%n %t%{-}%+w %=%{..G} %H %{..Y} %m/%d %C%a "')\n" >> /etc/screenrc
service ntp stop
ntpdate 0.europe.pool.ntp.org
service ntp start
RELEASE="$(lsb_release -c | cut -b 10-)"
echo -e "\ndeb http://deb.torproject.org/torproject.org "$RELEASE" main" >> /etc/apt/sources.list
gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89; gpg --export 886DDD89 | apt-key add -
apt-get update
apt-get -y install deb.torproject.org-keyring
apt-get -y install tor tor-arm obfsproxy unbound tor-geoipdb torsocks
chattr -i /etc/resolv.conf
echo "nameserver 127.0.0.1" > /etc/resolv.conf
chattr +i /etc/resolv.conf
mv /etc/tor/torrc /etc/tor/torrc.bak
touch /etc/tor/torrc
echo -e "\nRelay or bridge?"
  read RELAY
    if [[ "$RELAY" = "relay" ]]; then
        echo -e "Setting up for a relay."
        service tor stop
        mv /etc/tor/torrc /etc/tor/torrc.bak
        echo -e "ORPort 22443\nDirPort 80\nSocksPort 127.0.0.1:9050\nControlPort 127.0.0.1:9051\nExitPolicy reject *:*\nDisableDebuggerAttachment 0" > /etc/tor/torrc
        echo -e "\nNICKNAME?"
        read NICK
        echo -e "\nCONTACT?"
          read CONTACT
        echo -e "Nickname "$NICK"\nContactInfo "$CONTACT"\n" >> /etc/tor/torrc
        echo -e "#\n#\n" >> /etc/tor/torrc
        service tor start

    else
        echo -e "Public or private bridge? (pub/priv)"
          read PUB_PRIV
            if [[ "$PUB_PRIV" = "pub" ]]; then
                service tor stop
                mv /etc/tor/torrc /etc/tor/torrc.bak
                echo -e "ORPort 11443\nExtORPort 22443\nSocksPort 127.0.0.1:9050\nControlPort 127.0.0.1:9051\nExitPolicy reject *:*\nDisableDebuggerAttachment 0\nBridgeRelay 1\nServerTransportPlugin obfs3,scramblesuit exec /usr/bin/obfsproxy managed" > /etc/tor/torrc
                echo -e "\033[1;33m""\nNICKNAME?""\033[0m"
                  read NICK
                echo -e "\nNickname "$NICK"\n" >> /etc/tor/torrc
                echo -e "#\n#\n" >> /etc/tor/torrc
                service tor start
            else
                service tor stop
                mv /etc/tor/torrc /etc/tor/torrc.bak
                echo -e "ORPort11443\nExtORPort 22443\nSocksPort 127.0.0.1:9050\nControlPort 127.0.0.1:9051\nExitPolicy reject *:*\nDisableDebuggerAttachment 0\nBridgeRelay 1\nServerTransportPlugin obfs3,scramblesuit exec /usr/bin/obfsproxy managed\nPublishServerDescriptor 0" > /etc/tor/torrc
                service tor start
            fi
    fi
service ssh restart
echo "Success. Good bye."
exit 0