install_ss.yaml

## install_ss.yaml
#cloud-config

# Write a skeleton config file to be replaced by a random password
# Skeleton config file is:
#{
#    "server_port":8000,
#    "local_port":1080,
#    "password":"__PASSWORD__",
#    "timeout":600,
#    "method":"chacha20"
#}
write_files:
  - encoding: b64
    content: ewogICAgInNlcnZlcl9wb3J0Ijo4MDAwLAogICAgImxvY2FsX3BvcnQiOjEwODAsCiAgICAicGFzc3dvcmQiOiJfX1BBU1NXT1JEX18iLAogICAgInRpbWVvdXQiOjYwMCwKICAgICJtZXRob2QiOiJjaGFjaGEyMCIKfQo=
    path: /tmp/config.json
    owner: root:root
    permission: 0600
# add a non-root user just for ssh connectivity (can sudo)
users:
  - name: _YOURUSERNAMEHERE_
    ssh-authorized-keys:
      - _YOURSSHPUBLICKEYHERE_
    sudo: ALL=(ALL) NOPASSWD:ALL
    groups: users, admin
    gecos: _YOURFULLNAMEHERE_
    shell: /bin/bash

# Disable root login (Since you now have a user to login)
disable_root: 1

# Do the latest package upgrades (yum or apt)
package_update: true

# Install the needed OS packages
packages:
  - python-pip
  - python-m2crypto
  - build-essential

# Script to download and run the server
runcmd:
# Create the temp installation folder
  - mkdir -p /tmp/ss/libsodium
# Download libsodium and compile and install
  - wget -O /tmp/ss/libsodium/libsodium.tgz https://github.com/jedisct1/libsodium/releases/download/1.0.16/libsodium-1.0.16.tar.gz
  - cd /tmp/ss/libsodium
  - tar xf libsodium.tgz
  - cd libsodium-1.0.16
  - ./configure
  - make
  - make install
  - ldconfig
# Install shadowsocks python libs and binaries
  - pip install shadowsocks
# Create a random password and write it to /tmp/password
  - cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 > /tmp/password
# Replace The __PASSWORD__ in the template with the random pass
  - sed 's/__PASSWORD__/'`cat /tmp/password`'/g' /tmp/config.json > /root/ssconfig.json
# Start the shadowsocks server with the config
  - ssserver -c /root/ssconfig.json -d start
# Clean up
  - rm -Rf /tmp/ss /tmp/password /tmp/config.json