centos7升级内核，安装docker-ce

digital-ocean.md

安装CentOS 7.x，升级内核

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm
yum --disablerepo="*" --enablerepo="elrepo-kernel" list available
yum --enablerepo=elrepo-kernel install -y kernel-ml

# 若出错，则运行以下命令
#grub2-mkconfig -o /boot/grub2/grub-efi.cfg
awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
# awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2-efi.cfg

grub2-set-default 0
grub2-editenv list

安装相关工具，配置环境

rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7Server
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum install -y nmon net-tools yum-utils dstat

# 设置系统时间为中国时区并启用NTP同步
yum install -y ntp 
systemctl enable ntpd 
systemctl start ntpd 
timedatectl set-timezone Asia/Shanghai 
timedatectl set-ntp yes 
ntpq -p 

# 禁用firewalld
systemctl status firewalld
systemctl stop firewalld
systemctl disable firewalld

#禁用selinux
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

安装docker-ce

yum install -y yum-utils
# yum-config-manager --add-repo https://mirrors.ustc.edu.cn/docker-ce/linux/centos/docker-ce.repo
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum makecache fast
yum install -y docker-ce

# 以普通用户运行
usermod -aG docker ${USER}

systemctl enable docker
systemctl start docker

systemctl daemon-reload
systemctl restart docker

curl -L https://github.com/docker/compose/releases/download/1.26.0/run.sh > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

安装声卡驱动

# configure 5 capture/playback interfaces
echo "options snd-aloop enable=1,1,1,1,1 index=0,1,2,3,4" > /etc/modprobe.d/alsa-loopback.conf
# setup autoload the module
echo "snd_aloop" > /etc/modules-load.d/snd_aloop.conf
# load the module
modprobe snd-aloop
# check that the module is loaded
lsmod | grep snd_aloop

安装启动ss

docker run -dt --rm --name ss -p 16443:443 mritd/shadowsocks:3.1.3 -s "-s 0.0.0.0 -p 443 -m rc4-md5 -k  root123 --fast-open"

# ss-access-key
https://shadowsocks.org/en/config/quick-guide.html
Plain:(INPUT) ss://rc4-md5:root123@165.227.42.138:16443
Encoded:(OUTPUT) ss://cmM0LW1kNTpyb290MTIzQDE2NS4yMjcuNDIuMTM4OjE2NDQz#example-server

安装trojan

server安装

1. 下载caddy+trojan

git clone https://github.com/FaithPatrick/trojan-caddy-docker-compose.git

2. 完成dns继续，并按文档修改配置文件
3. 启动docker-compose

client安装

1. 下载官网客户端：

https://github.com/trojan-gfw/trojan/releases

2. 修改配置文件config.json的参数： "remote_addr"、"password"两项参数

3. 启动客户端

4. 在firefox+chrome安装SwitchOmega，设置代理

SwitchOmega设置

1. proxy中设置本地Socks5代理
2. auto switch中添加规则列表，格式AutoProxy，网址：https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt

安装youtube-dl、ffmpeg

yum install epel-release -y
rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
yum install ffmpeg ffmpeg-devel youtube-dl -y

OR
wget https://yt-dl.org/downloads/latest/youtube-dl -O /usr/local/bin/youtube-dl

升级BBR

# 开启BBR
echo "net.core.default_qdisc = fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control = bbr" >> /etc/sysctl.conf
sysctl -p

# 验证BBR已开启
sysctl net.ipv4.tcp_available_congestion_control
sysctl net.ipv4.tcp_congestion_control

lsmod | grep tcp_bbr

下载mac客户端：
wget https://github.com/trojan-gfw/trojan/releases/download/v1.15.1/trojan-1.15.1-macos.zip