digitalocean主机使用心得

决定申请一个海外的主机来搭建个vpn,主要是用来满足自己科学上网的目的需要,而且还可以把自己的主机迁到上面,一举两得。本来打算用linode的,有美10刀的套餐,但在网上对比了下,用digitalocean才5美刀一个月,性价比高。而且注册digitalocean还赠送10美刀。512内存,20G SSD硬盘,100G带宽。申请了一个digitalocean 账号,绑定信用卡,用visa和mastercard的信用卡都可以,如果没有信用卡还可以用paypal来支付,paypal现在可以绑定银联卡,不用担心充值的问题,好像听说财付通还有一个海外的联运卡可以支付,但我没试过。支付成功后,会有一个促销码,利用这个促销码,可以得到$10充入你的账户。成功后就可以购买主机了。选择$5套餐,在创建主机的时候,有一个选机房的,具说机房选洛杉矶的速度最快,我选的就是洛杉矶的,结果速度也还是比我想象中的要慢,终端打字都有延迟。选择完参数后,主机就创建成功了,但不会马上扣费,digitalocean是按小时扣费的,一天大概扣1块钱。创建成功,得到主机ip和登录凭证,接下来可以用终端登录你的主机了,可以开始装vpn。也可以装shadowsocket,还可以用ssh代理上网,总之是可以FQ了,这里提供一个利用海外主机科学上网的方案,很简单的实现了FQ。因为主机只有512的内存,跑了vpn,nginx,php,mysql,git等主要软件后,还剩余有300M左右的内存。用了一个星期,下面是我对digitalocean的使用心得:便宜没得说的,连通过vpn连接有时会断线,特别是网络不好的时候特别频繁,甚至会连不上。连上后FQ的速度还可以,看youtube只能看标清,看高清就有点蛋疼了。用google,facebook,twitter基本可以满足。最后,也是最重要的一点,总算有自己的一个稳定的FQ工具了。反正在主机上ping google的时候是40毫秒。毕竟,一个月30块的主机,你还能要求它什么呢。附上一个一键安装vpn的脚本,包括PPTP和 L2TP

复制代码
#!/bin/bashclearif [ $(id -u) != "0" ]; then    printf "Error: You must be root to run this tool!\n"    exit 1fihost_ip=`ifconfig eth0 | awk '/inet addr/ {print $2}' | awk -F ':' '{print $2}'`cur_dir=`pwd`read -p "(Please input PSK: )" pskif [ "$psk" = "" ]; then        psk="fuck高墙"firead -p "Enter vpn username: " usernameif [ "$username" = "" ];then        username="vpn"firead -p "Enter vpn password: " userpswif [ "$userpsw" = "" ];then        userpsw="vpn"ficlearget_char(){SAVEDSTTY=`stty -g`stty -echostty cbreakdd if=/dev/tty bs=1 count=1 2> /dev/nullstty -rawstty echostty $SAVEDSTTY}echo ""echo "ServerIP:"echo "$host_ip"echo ""echo "PSK:"echo "$psk"echo ""echo "VPN Account:"echo "$username"echo ""echo "Account Password:"echo "$userpsw"echo ""echo "Press any key to start..."char=`get_char`clearyum -y updateyum remove  -y pptpd pppyum install -y make gcc gmp-devel bison flex libpcap-devel ppp lsof perl iptablesyum install -y libpcap gcc-c++ logrotate tar cpio pam tcp_wrapperswget http://fastlnmp.googlecode.com/files/dkms-2.0.17.5-1.noarch.rpmwget http://fastlnmp.googlecode.com/files/kernel_ppp_mppe-1.0.2-3dkms.noarch.rpmwget http://fastlnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.i386.rpmrpm -ivh dkms-2.0.17.5-1.noarch.rpmrpm -ivh kernel_ppp_mppe-1.0.2-3dkms.noarch.rpmrpm -qa kernel_ppp_mpperpm -ivh pptpd-1.3.4-1.rhel5.1.i386.rpmwget http://www.openswan.org/download/openswan-2.6.34.tar.gztar zxvf openswan-2.6.34.tar.gzcd openswan-2.6.34/make programs installcd ../cat > /etc/ipsec.conf <<EOFversion 2.0config setup    nat_traversal=yes    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12    oe=off    protostack=netkeyconn L2TP-PSK-NAT    rightsubnet=vhost:%priv    also=L2TP-PSK-noNATconn L2TP-PSK-noNAT    authby=secret    pfs=no    auto=add    keyingtries=3    rekey=no    ikelifetime=8h    keylife=1h    type=transport    left=$host_ip    leftprotoport=17/1701    right=%any    rightprotoport=17/%anyEOFcat > /etc/ipsec.secrets <<EOF$host_ip %any: PSK "$psk"EOFfor each in /proc/sys/net/ipv4/conf/*doecho 0 > $each/accept_redirectsecho 0 > $each/send_redirectsdoneecho 1 > /proc/sys/net/core/xfrm_larval_dropiptables --table nat --append POSTROUTING -o eth0 --jump MASQUERADEservice iptables saveservice iptables restartchkconfig iptables onsed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.confsysctl -p/etc/init.d/ipsec restartipsec verifycd $cur_dirwget http://downloads.sourceforge.net/project/rp-l2tp/rp-l2tp/0.4/rp-l2tp-0.4.tar.gztar zxvf rp-l2tp-0.4.tar.gzcd rp-l2tp-0.4./configuremakecp handlers/l2tp-control /usr/local/sbin/mkdir /var/run/xl2tpd/ln -s /usr/local/sbin/l2tp-control /var/run/xl2tpd/l2tp-controlcd $cur_dirwget  http://fastlnmp.googlecode.com/files/xl2tpd-1.2.8.tartar zxvf xl2tpd-1.2.8.tarcd xl2tpd-1.2.8make installcd ..mkdir -p /etc/xl2tpdtouch /etc/xl2tpd/xl2tpd.confcat >> /etc/xl2tpd/xl2tpd.conf <<EOF[global]ipsec saref = yes[lns default]ip range = 10.85.91.10-10.85.91.254local ip = 10.85.91.1refuse chap = yesrefuse pap = yesrequire authentication = yesppp debug = yespppoptfile = /etc/ppp/options.xl2tpdlength bit = yesEOFtouch /etc/ppp/options.xl2tpdcat >> /etc/ppp/options.xl2tpd <<EOFrequire-mschap-v2ms-dns 8.8.8.8ms-dns 8.8.4.4asyncmap 0authcrtsctslockhide-passwordmodemdebugname l2tpdproxyarplcp-echo-interval 30lcp-echo-failure 4EOFmknod /dev/ppp c 108 0echo "localip 10.85.92.1" >> /etc/pptpd.confecho "remoteip 10.85.92.10-254" >> /etc/pptpd.confecho "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpdecho "ms-dns 8.8.4.4" >> /etc/ppp/options.pptpdchkconfig pptpd onservice pptpd restartecho "$username l2tpd $userpsw *" >> /etc/ppp/chap-secretsecho "$username pptpd $userpsw *" >> /etc/ppp/chap-secrets/usr/local/sbin/xl2tpdcat >> /etc/rc.local <<EOFmknod /dev/ppp c 108 0for each in /proc/sys/net/ipv4/conf/*do        echo 0 > \$each/accept_redirects        echo 0 > \$each/send_redirectsdoneecho 1 > /proc/sys/net/core/xfrm_larval_drop/etc/init.d/ipsec restart/usr/local/sbin/xl2tpdEOFclearipsec verifyprintf "if there are no [FAILED] above, then you canconnect to your L2TP&PPTP VPN Server with the defaultuser/pass below:ServerIP:$host_ipusername:$usernamepassword:$userpswPSK:$psk (for L2TP VPN)"

发表评论