Somewhat smart automation script to install shadowsocks on major cloud providers (AWS, DigitalOcean, etc...)
#cloud-config | |
# Write a skeleton config file to be replaced by a random password | |
# Skeleton config file is: | |
#{ | |
# "server_port":8000, | |
# "local_port":1080, | |
# "password":"__PASSWORD__", | |
# "timeout":600, | |
# "method":"chacha20" | |
#} | |
write_files: | |
- encoding: b64 | |
content: ewogICAgInNlcnZlcl9wb3J0Ijo4MDAwLAogICAgImxvY2FsX3BvcnQiOjEwODAsCiAgICAicGFzc3dvcmQiOiJfX1BBU1NXT1JEX18iLAogICAgInRpbWVvdXQiOjYwMCwKICAgICJtZXRob2QiOiJjaGFjaGEyMCIKfQo= | |
path: /tmp/config.json | |
owner: root:root | |
permission: 0600 | |
# add a non-root user just for ssh connectivity (can sudo) | |
users: | |
- name: _YOURUSERNAMEHERE_ | |
ssh-authorized-keys: | |
- _YOURSSHPUBLICKEYHERE_ | |
sudo: ALL=(ALL) NOPASSWD:ALL | |
groups: users, admin | |
gecos: _YOURFULLNAMEHERE_ | |
shell: /bin/bash | |
# Disable root login (Since you now have a user to login) | |
disable_root: 1 | |
# Do the latest package upgrades (yum or apt) | |
package_update: true | |
# Install the needed OS packages | |
packages: | |
- python-pip | |
- python-m2crypto | |
- build-essential | |
# Script to download and run the server | |
runcmd: | |
# Create the temp installation folder | |
- mkdir -p /tmp/ss/libsodium | |
# Download libsodium and compile and install | |
- wget -O /tmp/ss/libsodium/libsodium.tgz https://github.com/jedisct1/libsodium/releases/download/1.0.16/libsodium-1.0.16.tar.gz | |
- cd /tmp/ss/libsodium | |
- tar xf libsodium.tgz | |
- cd libsodium-1.0.16 | |
- ./configure | |
- make | |
- make install | |
- ldconfig | |
# Install shadowsocks python libs and binaries | |
- pip install shadowsocks | |
# Create a random password and write it to /tmp/password | |
- cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 > /tmp/password | |
# Replace The __PASSWORD__ in the template with the random pass | |
- sed 's/__PASSWORD__/'`cat /tmp/password`'/g' /tmp/config.json > /root/ssconfig.json | |
# Start the shadowsocks server with the config | |
- ssserver -c /root/ssconfig.json -d start | |
# Clean up | |
- rm -Rf /tmp/ss /tmp/password /tmp/config.json |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment