-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathins
86 lines (74 loc) · 2.32 KB
/
ins
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/usr/bin/env bash
#
# Download and run main script
set -e
readonly path='/tmp/y2ai'
readonly ext='.tar.lz4'
url="https://github.com/nedorazrab0/y2ai/releases/download/rolling/\
${path##*/}${ext}"
# systemd
mkdir -p /etc/systemd/{resolved,timesyncd}.conf.d
cat << 'EOF' > /etc/systemd/resolved.conf.d/cust.conf
[Resolve]
DNS=1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
FallbackDNS=8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
Domains=~.
Cache=yes
DNSOverTLS=yes
DNSSEC=true
MulticastDNS=yes
IPv6PrivacyExtensions=yes
EOF
cat << 'EOF' > /etc/systemd/timesyncd.conf.d/ntp.conf
[Time]
NTP=time.cloudflare.com
FallbackNTP=pool.ntp.org
EOF
systemctl restart systemd-{timesyncd,resolved,networkd}
# sysctl
cat << 'EOF' | sysctl -p - || true
kernel.unprivileged_bpf_disabled = 0
net.core.netdev_budget_usecs = 5000
net.core.netdev_budget = 600
net.core.netdev_max_backlog = 65536
net.core.bpf_jit_limit = 1048576000
net.core.default_qdisc = cake
net.core.somaxconn = 8192
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_congestion_control = bbr
net.ipv6.conf.all.accept_redirects = 0
net.ipv6.conf.default.accept_redirects = 0
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
net.ipv4.tcp_rmem = 4096 524288 12582912
net.ipv4.tcp_wmem = 4096 131072 6194136
net.ipv4.udp_rmem_min = 4096
net.ipv4.udp_wmem_min = 4096
EOF
# main
curl -fL -o "${path}${ext}" "${url}"
xxh="$(xxhsum -H2 ${path}${ext} | cut -d ' ' -f1)"
xxhpart="${xxh:0:2}-${xxh:2:3}-${xxh:5:3}--${xxh:8:2}-${xxh:10:3}-${xxh:13:3}"
echo
echo '- XXH128 Part:'
echo " ${xxhpart}"
echo '- Press [Enter] to continue'
read -r ans && unset ans
[[ -d "${path}" ]] && rm -rf "${path}"
mkdir -p "${path}"
lz4 -dc "${path}${ext}" | bsdtar -x -C "${path}"
rm -f "${path}${ext}"
exec bash "${path}/main"