From b0a2ca57a9cf9920555d6882b545fd242d1823bd Mon Sep 17 00:00:00 2001
From: Eric Lagergren <eric@ericlagergren.com>
Date: Wed, 30 Oct 2019 03:07:21 -0700
Subject: [PATCH] add Vultr install script

---
 scripts/vultr/install.sh | 69 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 scripts/vultr/install.sh

diff --git a/scripts/vultr/install.sh b/scripts/vultr/install.sh
new file mode 100644
index 0000000..349a085
--- /dev/null
+++ b/scripts/vultr/install.sh
@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+
+set -x
+
+yum -y update
+
+SERVER="$(hostname)"
+export SERVER
+SERVER_IP="$(ip route get 1 | awk '{print $NF;exit}')"
+export SERVER_IP
+echo "$SERVER"
+echo "$SERVER_IP"
+
+(
+    exec 2>/dev/null
+
+    docker stop dnscrypt-server
+    docker stop watchtower
+    docker rm dnscrypt-server
+    docker rm watchtower
+    docker container prune -f
+    docker volume prune -f
+    docker image prune -f
+
+    yum remove -y firewalld
+    yum remove -y iptables-services
+)
+
+mkdir -p /etc/encrypted-dns/lists
+if [ -d /root/keys ]; then
+    mv /root/keys /etc/encrypted-dns
+fi
+mkdir -p /etc/encrypted-dns/keys
+
+rm -fr /etc/encrypted-dns/keys/short-term
+
+if [ -f /etc/encrypted-dns/keys/secret.key ]; then
+    docker run \
+        --ulimit nofile=90000:90000 \
+        -v /etc/encrypted-dns/keys:/opt/encrypted-dns/etc/keys \
+        -v /etc/encrypted-dns/lists:/opt/encrypted-dns/etc/lists \
+        --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp --net=host \
+        -d jedisct1/dnscrypt-server start
+else
+    docker run \
+        --ulimit nofile=90000:90000 \
+        -v /etc/encrypted-dns/keys:/opt/encrypted-dns/etc/keys \
+        -v /etc/encrypted-dns/lists:/opt/encrypted-dns/etc/lists \
+        --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp --net=host \
+        jedisct1/dnscrypt-server init -N "$SERVER" -E "${SERVER_IP}:443"
+    docker start dnscrypt-server
+fi
+
+cat /etc/encrypted-dns/keys/provider-info.txt
+
+docker update --restart=unless-stopped dnscrypt-server
+
+docker run -d --name watchtower -v /var/run/docker.sock:/var/run/docker.sock v2tec/watchtower dnscrypt-server
+docker update --restart=unless-stopped watchtower
+
+ln -sf /etc/encrypted-dns/keys /root
+
+echo 3 >/proc/sys/vm/drop_caches
+
+if [ ! -L /etc/motd ]; then
+    rm -f /etc/motd
+    ln -s /etc/encrypted-dns/keys/provider-info.txt /etc/motd
+    reboot
+fi