Last active
October 24, 2017 11:38
-
-
Save Clcanny/b43abaa80ebc032b7e6fbb87b9b4dd8b to your computer and use it in GitHub Desktop.
Shadowsocks配置
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM python:latest | |
ADD shadowsocks.json /home/shadowsocks.json | |
RUN pip install shadowsocks | |
CMD cd /home && ssserver -c shadowsocks.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#/bin/sh | |
sudo apt-get install --assume-yes \ | |
apt-transport-https \ | |
ca-certificates \ | |
curl \ | |
python-software-properties \ | |
software-properties-common | |
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - | |
sudo apt-key fingerprint 0EBFCD88 | |
sudo add-apt-repository \ | |
"deb [arch=amd64] https://download.docker.com/linux/debian \ | |
$(lsb_release -cs) \ | |
stable" | |
deb-src [arch=amd64] https://download.docker.com/linux/debian wheezy stable | |
sudo apt-get update | |
sudo apt-get install -y docker-ce | |
sudo usermod -aG docker $USER | |
sudo service docker restart |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"server": "0.0.0.0", | |
"server_port": 8000, | |
"local_address": "127.0.0.1", | |
"local_port": 1080, | |
"password": "havefunwithshadowsocks", | |
"timeout": 300, | |
"method": "aes-256-cfb", | |
"fast_open": false | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// copy from https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks.sh | |
// 感谢teddysun | |
// ./shadowsocks.sh 2>&1 | tee shadowsocks.log | |
// /etc/init.d/shadowsocks start | |
// /etc/init.d/shadowsocks stop | |
// /etc/init.d/shadowsocks restart | |
// /etc/init.d/shadowsocks status | |
#!/usr/bin/env bash | |
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin | |
export PATH | |
#=================================================================# | |
# System Required: CentOS 6+, Debian 7+, Ubuntu 12+ # | |
# Description: One click Install Shadowsocks-Python server # | |
# Author: Teddysun <i@teddysun.com> # | |
# Thanks: @clowwindy <https://twitter.com/clowwindy> # | |
# Intro: https://teddysun.com/342.html # | |
#=================================================================# | |
clear | |
echo | |
echo "#############################################################" | |
echo "# One click Install Shadowsocks-Python server #" | |
echo "# Intro: https://teddysun.com/342.html #" | |
echo "# Author: Teddysun <i@teddysun.com> #" | |
echo "# Github: https://github.com/shadowsocks/shadowsocks #" | |
echo "#############################################################" | |
echo | |
libsodium_file="libsodium-1.0.15" | |
libsodium_url="https://github.com/jedisct1/libsodium/releases/download/1.0.15/libsodium-1.0.15.tar.gz" | |
# Current folder | |
cur_dir=`pwd` | |
# Stream Ciphers | |
ciphers=( | |
aes-256-gcm | |
aes-192-gcm | |
aes-128-gcm | |
aes-256-ctr | |
aes-192-ctr | |
aes-128-ctr | |
aes-256-cfb | |
aes-192-cfb | |
aes-128-cfb | |
camellia-128-cfb | |
camellia-192-cfb | |
camellia-256-cfb | |
chacha20-ietf-poly1305 | |
chacha20-ietf | |
chacha20 | |
rc4-md5 | |
) | |
# Color | |
red='\033[0;31m' | |
green='\033[0;32m' | |
yellow='\033[0;33m' | |
plain='\033[0m' | |
# Make sure only root can run our script | |
[[ $EUID -ne 0 ]] && echo -e "[${red}Error${plain}] This script must be run as root!" && exit 1 | |
# Disable selinux | |
disable_selinux(){ | |
if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then | |
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config | |
setenforce 0 | |
fi | |
} | |
#Check system | |
check_sys(){ | |
local checkType=$1 | |
local value=$2 | |
local release='' | |
local systemPackage='' | |
if [[ -f /etc/redhat-release ]]; then | |
release="centos" | |
systemPackage="yum" | |
elif cat /etc/issue | grep -Eqi "debian"; then | |
release="debian" | |
systemPackage="apt" | |
elif cat /etc/issue | grep -Eqi "ubuntu"; then | |
release="ubuntu" | |
systemPackage="apt" | |
elif cat /etc/issue | grep -Eqi "centos|red hat|redhat"; then | |
release="centos" | |
systemPackage="yum" | |
elif cat /proc/version | grep -Eqi "debian"; then | |
release="debian" | |
systemPackage="apt" | |
elif cat /proc/version | grep -Eqi "ubuntu"; then | |
release="ubuntu" | |
systemPackage="apt" | |
elif cat /proc/version | grep -Eqi "centos|red hat|redhat"; then | |
release="centos" | |
systemPackage="yum" | |
fi | |
if [[ ${checkType} == "sysRelease" ]]; then | |
if [ "$value" == "$release" ]; then | |
return 0 | |
else | |
return 1 | |
fi | |
elif [[ ${checkType} == "packageManager" ]]; then | |
if [ "$value" == "$systemPackage" ]; then | |
return 0 | |
else | |
return 1 | |
fi | |
fi | |
} | |
# Get version | |
getversion(){ | |
if [[ -s /etc/redhat-release ]]; then | |
grep -oE "[0-9.]+" /etc/redhat-release | |
else | |
grep -oE "[0-9.]+" /etc/issue | |
fi | |
} | |
# CentOS version | |
centosversion(){ | |
if check_sys sysRelease centos; then | |
local code=$1 | |
local version="$(getversion)" | |
local main_ver=${version%%.*} | |
if [ "$main_ver" == "$code" ]; then | |
return 0 | |
else | |
return 1 | |
fi | |
else | |
return 1 | |
fi | |
} | |
# Get public IP address | |
get_ip(){ | |
local IP=$( ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1 ) | |
[ -z ${IP} ] && IP=$( wget -qO- -t1 -T2 ipv4.icanhazip.com ) | |
[ -z ${IP} ] && IP=$( wget -qO- -t1 -T2 ipinfo.io/ip ) | |
[ ! -z ${IP} ] && echo ${IP} || echo | |
} | |
get_char(){ | |
SAVEDSTTY=`stty -g` | |
stty -echo | |
stty cbreak | |
dd if=/dev/tty bs=1 count=1 2> /dev/null | |
stty -raw | |
stty echo | |
stty $SAVEDSTTY | |
} | |
# Pre-installation settings | |
pre_install(){ | |
if check_sys packageManager yum || check_sys packageManager apt; then | |
# Not support CentOS 5 | |
if centosversion 5; then | |
echo -e "$[{red}Error${plain}] Not supported CentOS 5, please change to CentOS 6+/Debian 7+/Ubuntu 12+ and try again." | |
exit 1 | |
fi | |
else | |
echo -e "[${red}Error${plain}] Your OS is not supported. please change OS to CentOS/Debian/Ubuntu and try again." | |
exit 1 | |
fi | |
# Set shadowsocks config password | |
echo "Please input password for shadowsocks-python" | |
read -p "(Default password: teddysun.com):" shadowsockspwd | |
[ -z "${shadowsockspwd}" ] && shadowsockspwd="teddysun.com" | |
echo | |
echo "---------------------------" | |
echo "password = ${shadowsockspwd}" | |
echo "---------------------------" | |
echo | |
# Set shadowsocks config port | |
while true | |
do | |
echo "Please input port for shadowsocks-python [1-65535]" | |
read -p "(Default port: 8989):" shadowsocksport | |
[ -z "$shadowsocksport" ] && shadowsocksport="8989" | |
expr ${shadowsocksport} + 1 &>/dev/null | |
if [ $? -eq 0 ]; then | |
if [ ${shadowsocksport} -ge 1 ] && [ ${shadowsocksport} -le 65535 ]; then | |
echo | |
echo "---------------------------" | |
echo "port = ${shadowsocksport}" | |
echo "---------------------------" | |
echo | |
break | |
else | |
echo -e "[${red}Error${plain}] Input error, please input a number between 1 and 65535" | |
fi | |
else | |
echo -e "[${red}Error${plain}] Input error, please input a number between 1 and 65535" | |
fi | |
done | |
# Set shadowsocks config stream ciphers | |
while true | |
do | |
echo -e "Please select stream cipher for shadowsocks-python:" | |
for ((i=1;i<=${#ciphers[@]};i++ )); do | |
hint="${ciphers[$i-1]}" | |
echo -e "${green}${i}${plain}) ${hint}" | |
done | |
read -p "Which cipher you'd select(Default: ${ciphers[0]}):" pick | |
[ -z "$pick" ] && pick=1 | |
expr ${pick} + 1 &>/dev/null | |
if [ $? -ne 0 ]; then | |
echo -e "[${red}Error${plain}] Input error, please input a number" | |
continue | |
fi | |
if [[ "$pick" -lt 1 || "$pick" -gt ${#ciphers[@]} ]]; then | |
echo -e "[${red}Error${plain}] Input error, please input a number between 1 and ${#ciphers[@]}" | |
continue | |
fi | |
shadowsockscipher=${ciphers[$pick-1]} | |
echo | |
echo "---------------------------" | |
echo "cipher = ${shadowsockscipher}" | |
echo "---------------------------" | |
echo | |
break | |
done | |
echo | |
echo "Press any key to start...or Press Ctrl+C to cancel" | |
char=`get_char` | |
# Install necessary dependencies | |
if check_sys packageManager yum; then | |
yum install -y python python-devel python-setuptools openssl openssl-devel curl wget unzip gcc automake autoconf make libtool | |
elif check_sys packageManager apt; then | |
apt-get -y update | |
apt-get -y install python python-dev python-setuptools openssl libssl-dev curl wget unzip gcc automake autoconf make libtool | |
fi | |
cd ${cur_dir} | |
} | |
# Download files | |
download_files(){ | |
# Download libsodium file | |
if ! wget --no-check-certificate -O ${libsodium_file}.tar.gz ${libsodium_url}; then | |
echo -e "[${red}Error${plain}] Failed to download ${libsodium_file}.tar.gz!" | |
exit 1 | |
fi | |
# Download Shadowsocks file | |
if ! wget --no-check-certificate -O shadowsocks-master.zip https://github.com/shadowsocks/shadowsocks/archive/master.zip; then | |
echo -e "[${red}Error${plain}] Failed to download shadowsocks python file!" | |
exit 1 | |
fi | |
# Download Shadowsocks init script | |
if check_sys packageManager yum; then | |
if ! wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks -O /etc/init.d/shadowsocks; then | |
echo -e "[${red}Error${plain}] Failed to download shadowsocks chkconfig file!" | |
exit 1 | |
fi | |
elif check_sys packageManager apt; then | |
if ! wget --no-check-certificate https://raw.githubusercontent.com/teddysun/shadowsocks_install/master/shadowsocks-debian -O /etc/init.d/shadowsocks; then | |
echo -e "[${red}Error${plain}] Failed to download shadowsocks chkconfig file!" | |
exit 1 | |
fi | |
fi | |
} | |
# Config shadowsocks | |
config_shadowsocks(){ | |
cat > /etc/shadowsocks.json<<-EOF | |
{ | |
"server":"0.0.0.0", | |
"server_port":${shadowsocksport}, | |
"local_address":"127.0.0.1", | |
"local_port":1080, | |
"password":"${shadowsockspwd}", | |
"timeout":300, | |
"method":"${shadowsockscipher}", | |
"fast_open":false | |
} | |
EOF | |
} | |
# Firewall set | |
firewall_set(){ | |
echo -e "[${green}Info${plain}] firewall set start..." | |
if centosversion 6; then | |
/etc/init.d/iptables status > /dev/null 2>&1 | |
if [ $? -eq 0 ]; then | |
iptables -L -n | grep -i ${shadowsocksport} > /dev/null 2>&1 | |
if [ $? -ne 0 ]; then | |
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport ${shadowsocksport} -j ACCEPT | |
iptables -I INPUT -m state --state NEW -m udp -p udp --dport ${shadowsocksport} -j ACCEPT | |
/etc/init.d/iptables save | |
/etc/init.d/iptables restart | |
else | |
echo -e "[${green}Info${plain}] port ${shadowsocksport} has already been set up." | |
fi | |
else | |
echo -e "[${yellow}Warning${plain}] iptables looks like shutdown or not installed, please manually set it if necessary." | |
fi | |
elif centosversion 7; then | |
systemctl status firewalld > /dev/null 2>&1 | |
if [ $? -eq 0 ]; then | |
firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/tcp | |
firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/udp | |
firewall-cmd --reload | |
else | |
echo -e "[${yellow}Warning${plain}] firewalld looks like not running or not installed, please enable port ${shadowsocksport} manually if necessary." | |
fi | |
fi | |
echo -e "[${green}Info${plain}] firewall set completed..." | |
} | |
# Install Shadowsocks | |
install(){ | |
# Install libsodium | |
if [ ! -f /usr/lib/libsodium.a ]; then | |
cd ${cur_dir} | |
tar zxf ${libsodium_file}.tar.gz | |
cd ${libsodium_file} | |
./configure --prefix=/usr && make && make install | |
if [ $? -ne 0 ]; then | |
echo -e "[${red}Error${plain}] libsodium install failed!" | |
install_cleanup | |
exit 1 | |
fi | |
fi | |
ldconfig | |
# Install Shadowsocks | |
cd ${cur_dir} | |
unzip -q shadowsocks-master.zip | |
if [ $? -ne 0 ];then | |
echo -e "[${red}Error${plain}] unzip shadowsocks-master.zip failed! please check unzip command." | |
install_cleanup | |
exit 1 | |
fi | |
cd ${cur_dir}/shadowsocks-master | |
python setup.py install --record /usr/local/shadowsocks_install.log | |
if [ -f /usr/bin/ssserver ] || [ -f /usr/local/bin/ssserver ]; then | |
chmod +x /etc/init.d/shadowsocks | |
if check_sys packageManager yum; then | |
chkconfig --add shadowsocks | |
chkconfig shadowsocks on | |
elif check_sys packageManager apt; then | |
update-rc.d -f shadowsocks defaults | |
fi | |
/etc/init.d/shadowsocks start | |
else | |
echo | |
echo -e "[${red}Error${plain}] Shadowsocks install failed! please visit https://teddysun.com/342.html and contact." | |
install_cleanup | |
exit 1 | |
fi | |
clear | |
echo | |
echo -e "Congratulations, Shadowsocks-python server install completed!" | |
echo -e "Your Server IP : \033[41;37m $(get_ip) \033[0m" | |
echo -e "Your Server Port : \033[41;37m ${shadowsocksport} \033[0m" | |
echo -e "Your Password : \033[41;37m ${shadowsockspwd} \033[0m" | |
echo -e "Your Encryption Method: \033[41;37m ${shadowsockscipher} \033[0m" | |
echo | |
echo "Welcome to visit:https://teddysun.com/342.html" | |
echo "Enjoy it!" | |
echo | |
} | |
# Install cleanup | |
install_cleanup(){ | |
cd ${cur_dir} | |
rm -rf shadowsocks-master.zip shadowsocks-master ${libsodium_file}.tar.gz ${libsodium_file} | |
} | |
# Uninstall Shadowsocks | |
uninstall_shadowsocks(){ | |
printf "Are you sure uninstall Shadowsocks? (y/n) " | |
printf "\n" | |
read -p "(Default: n):" answer | |
[ -z ${answer} ] && answer="n" | |
if [ "${answer}" == "y" ] || [ "${answer}" == "Y" ]; then | |
ps -ef | grep -v grep | grep -i "ssserver" > /dev/null 2>&1 | |
if [ $? -eq 0 ]; then | |
/etc/init.d/shadowsocks stop | |
fi | |
if check_sys packageManager yum; then | |
chkconfig --del shadowsocks | |
elif check_sys packageManager apt; then | |
update-rc.d -f shadowsocks remove | |
fi | |
# delete config file | |
rm -f /etc/shadowsocks.json | |
rm -f /var/run/shadowsocks.pid | |
rm -f /etc/init.d/shadowsocks | |
rm -f /var/log/shadowsocks.log | |
if [ -f /usr/local/shadowsocks_install.log ]; then | |
cat /usr/local/shadowsocks_install.log | xargs rm -rf | |
fi | |
echo "Shadowsocks uninstall success!" | |
else | |
echo | |
echo "uninstall cancelled, nothing to do..." | |
echo | |
fi | |
} | |
# Install Shadowsocks-python | |
install_shadowsocks(){ | |
disable_selinux | |
pre_install | |
download_files | |
config_shadowsocks | |
if check_sys packageManager yum; then | |
firewall_set | |
fi | |
install | |
install_cleanup | |
} | |
# Initialization step | |
action=$1 | |
[ -z $1 ] && action=install | |
case "$action" in | |
install|uninstall) | |
${action}_shadowsocks | |
;; | |
*) | |
echo "Arguments error! [${action}]" | |
echo "Usage: `basename $0` [install|uninstall]" | |
;; | |
esac |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment