Created
October 5, 2016 15:06
-
-
Save citrus-lemon/4e868e0b1ec43838eafc0b42d8638d50 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Install Shadowsocks on CentOS 7 | |
echo "Installing Shadowsocks..." | |
random_string() | |
{ | |
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w ${1:-32} | head -n 1 | |
} | |
CONFIG_FILE=/etc/shadowsocks.json | |
SERVICE_FILE=/etc/systemd/system/shadowsocks.service | |
SS_PASSWORD=$(random_string 32) | |
SS_PORT=443 | |
SS_METHOD=aes-256-cfb | |
SS_IP=`ip route get 1 | awk '{print $NF;exit}'` | |
GET_PIP_FILE=/tmp/get-pip.py | |
# install pip | |
curl "https://bootstrap.pypa.io/get-pip.py" -o "${GET_PIP_FILE}" | |
python ${GET_PIP_FILE} | |
# install shadowsocks | |
pip install --upgrade pip | |
pip install shadowsocks | |
# create shadowsocls config | |
cat <<EOF | sudo tee ${CONFIG_FILE} | |
{ | |
"server": ["[::0]","0.0.0.0"], | |
"server_port": ${SS_PORT}, | |
"password": "${SS_PASSWORD}", | |
"method": "${SS_METHOD}" | |
} | |
EOF | |
# create service | |
cat <<EOF | sudo tee ${SERVICE_FILE} | |
[Unit] | |
Description=Shadowsocks | |
[Service] | |
TimeoutStartSec=0 | |
ExecStart=/usr/bin/ssserver -c ${CONFIG_FILE} | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
# start service | |
systemctl enable shadowsocks | |
systemctl start shadowsocks | |
# view service status | |
sleep 5 | |
systemctl status shadowsocks -l | |
# Firewall set | |
firewall_set(){ | |
echo "firewall set start..." | |
systemctl status firewalld > /dev/null 2>&1 | |
if [ $? -eq 0 ]; then | |
firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/tcp | |
firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/udp | |
firewall-cmd --reload | |
else | |
echo "Firewalld looks like not running, try to start..." | |
systemctl start firewalld | |
if [ $? -eq 0 ]; then | |
firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/tcp | |
firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/udp | |
firewall-cmd --reload | |
else | |
echo "WARNING: Try to start firewalld failed. please enable port ${shadowsocksport} manually if necessary." | |
fi | |
fi | |
echo "firewall set completed..." | |
} | |
firewall_set | |
cat <<EOF > ~/shadowsocks.log | |
========================== | |
Congratulations! Shadowsocks has been installed on your system. | |
You shadowsocks connection info: | |
-------------------------------- | |
server: ${SS_IP} | |
server_port: ${SS_PORT} | |
password: ${SS_PASSWORD} | |
method: ${SS_METHOD} | |
-------------------------------- | |
EOF |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment