-
-
Save catinsnowright/4607413eef633591f9a563ce32503eaa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Install Shadowsocks on CentOS 7 | |
echo "Installing Shadowsocks..." | |
random-string() | |
{ | |
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-32} | head -n 1 | |
} | |
SS_IP=`ip route get 1 | awk '{print $NF;exit}'` | |
SS_PORT=8050 | |
SS_PASSWORD=$(random-string 32) | |
SS_METHOD=aes-256-gcm #or camellia-256-cfb | |
# Install deps | |
echo "\nInstalling Dependencies" | |
yum install epel-release -y | |
yum install gcc gettext autoconf libtool automake make pcre-devel asciidoc xmlto udns-devel libev-devel -y | |
## Install shadowsocks-libev | |
echo "\nInstalling shadowsocks-libev" | |
wget -N --no-check-certificate https://copr.fedorainfracloud.org/coprs/librehat/shadowsocks/repo/epel-7/librehat-shadowsocks-epel-7.repo | |
cp librehat-shadowsocks-epel-7.repo /etc/yum.repos.d/ | |
yum update | |
yum install shadowsocks-libev | |
# Create shadowsocks config file | |
echo "\nCreating shadowsocks config file" | |
cat <<EOF > /etc/shadowsocks.json | |
{ | |
"server": "0.0.0.0", | |
"server_port": ${SS_PORT}, | |
"password": "${SS_PASSWORD}", | |
"method": "${SS_METHOD}", | |
"local_address": "127.0.0.1", | |
"local_port":1080, | |
"timeout":300, | |
"fast_open": false, | |
"workers": 1 | |
} | |
EOF | |
## Add system service on CentOS7 | |
echo "\nCreating system service" | |
cat <<EOF > /etc/systemd/system/shadowsocks.service | |
[Unit] | |
Description=Shadowsocks Server Service | |
After=syslog.target network.target auditd.service | |
[Service] | |
Type=simple | |
User=nobody | |
TimeoutStartSec=0 | |
ExecStart=/usr/bin/ss-server -c /etc/shadowsocks.json | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
systemctl enable shadowsocks | |
cd /usr/lib64 | |
ls | grep mbed | |
ln -sf libmbedcrypto.so.3 libmbedcrypto.so.2 | |
## Start service | |
echo "\nStarting shadowsock system service" | |
systemctl stop shadowsocks | |
systemctl start shadowsocks | |
# View service status | |
echo "\nChecking shadowsock system service status" | |
sleep 5 | |
systemctl status shadowsocks -l | |
## Add service on CentOS7 firewall | |
echo "\nCreating shadowsock firewalld service" | |
cat <<EOF > /etc/firewalld/services/shadowsocks.xml | |
<?xml version="1.0" encoding="utf-8"?> | |
<service> | |
<short>shadowsocks</short> | |
<description>Enable Shadowsocks on ${SS_PORT}/tcp.</description> | |
<port protocol="tcp" port="${SS_PORT}"/> | |
</service> | |
EOF | |
firewall-cmd --permanent --zone=public --add-service=shadowsocks | |
# or if you don't want to use service, try: | |
# firewall-cmd --zone=public --add-port=${SS_PORT}/tcp --permanent | |
## Reload firewall to apply | |
firewall-cmd --reload | |
echo "\n================================" | |
echo "" | |
echo "Congratulations! Shadowsocks has been installed on your system." | |
echo "Your shadowsocks connection info:" | |
echo "--------------------------------" | |
echo "server: ${SS_IP}" | |
echo "server_port: ${SS_PORT}" | |
echo "password: ${SS_PASSWORD}" | |
echo "method: ${SS_METHOD}" | |
echo "Dont forget to reapply firewall" | |
echo "--------------------------------" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment