From 2fa965e312ce8600daa5e3c0545b9964ec8a1438 Mon Sep 17 00:00:00 2001 From: yixinglu Date: Wed, 11 Oct 2017 13:36:04 +0800 Subject: [PATCH 1/8] enable bbr and multiple workers --- shadowsocks.json | 15 +++++++++++---- stackscript.sh | 7 +++++++ 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/shadowsocks.json b/shadowsocks.json index 2ceb2bf..43b17ef 100644 --- a/shadowsocks.json +++ b/shadowsocks.json @@ -1,8 +1,15 @@ { - "server":"0.0.0.0", - "server_port":SS_PORT, + "server":"::", + "server_ipv6":"::", + "port_password":{ + "SS_PORT":"SS_PASSWORD", + "SS_LB_PORT":"aes-256-cfb" + }, + "local_address": "127.0.0.1", "local_port":1080, - "password":"SS_PASSWORD", "timeout":300, - "method":"aes-256-cfb" + "method":"aes-256-cfb", + "fast_open": true, + "workers": 2 } + diff --git a/stackscript.sh b/stackscript.sh index 70d60c2..0cc50cf 100644 --- a/stackscript.sh +++ b/stackscript.sh @@ -10,6 +10,7 @@ PORTS_USED="^${PORTS_USED}$" SS_PASSWORD=`dd if=/dev/urandom bs=32 count=1 | md5sum | cut -c-32` SS_PORT=`seq 1025 9000 | grep -v -E "$PORTS_USED" | shuf -n 1` +SS_LB_PORT=$(($SS_PORT + 1)) wget https://raw.githubusercontent.com/shadowsocks/stackscript/master/shadowsocks.json -O /etc/shadowsocks.json wget https://raw.githubusercontent.com/shadowsocks/stackscript/master/shadowsocks.conf -O /etc/supervisor/conf.d/shadowsocks.conf @@ -17,6 +18,7 @@ wget https://raw.githubusercontent.com/shadowsocks/stackscript/master/local.conf sed -i -e s/SS_PASSWORD/$SS_PASSWORD/ /etc/shadowsocks.json sed -i -e s/SS_PORT/$SS_PORT/ /etc/shadowsocks.json +sed -i -e s/SS_LB_PORT/$SS_LB_PORT/ /etc/shadowsocks.json sysctl --system @@ -25,3 +27,8 @@ echo 'ulimit -n 51200' >> /etc/default/supervisor service supervisor start supervisorctl reload + +sysctl net.ipv4.tcp_available_congestion_control +echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf +echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf +sysctl -p From 8d0b91267fe3fd0255c18cb5d2efb5a326ce137d Mon Sep 17 00:00:00 2001 From: yixinglu Date: Wed, 11 Oct 2017 13:48:17 +0800 Subject: [PATCH 2/8] add readme --- README.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..44cef37 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ + +Linode StackScript for Shadowsocks +================================= + +[Automate Deployment with StackScripts](https://www.linode.com/docs/platform/stackscripts) From e052634842fb61acfc9b37ac07a3a07682caf93f Mon Sep 17 00:00:00 2001 From: yixinglu Date: Wed, 11 Oct 2017 13:53:50 +0800 Subject: [PATCH 3/8] fix error --- stackscript.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stackscript.sh b/stackscript.sh index 0cc50cf..17c2e4f 100644 --- a/stackscript.sh +++ b/stackscript.sh @@ -28,7 +28,7 @@ service supervisor start supervisorctl reload -sysctl net.ipv4.tcp_available_congestion_control +# sysctl net.ipv4.tcp_available_congestion_control echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf sysctl -p From 34ac9ebb6707b983ba91f5244c791d3686a4b265 Mon Sep 17 00:00:00 2001 From: yixinglu Date: Wed, 11 Oct 2017 14:02:42 +0800 Subject: [PATCH 4/8] fix repo --- stackscript.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/stackscript.sh b/stackscript.sh index 17c2e4f..5a53be9 100644 --- a/stackscript.sh +++ b/stackscript.sh @@ -12,9 +12,9 @@ SS_PASSWORD=`dd if=/dev/urandom bs=32 count=1 | md5sum | cut -c-32` SS_PORT=`seq 1025 9000 | grep -v -E "$PORTS_USED" | shuf -n 1` SS_LB_PORT=$(($SS_PORT + 1)) -wget https://raw.githubusercontent.com/shadowsocks/stackscript/master/shadowsocks.json -O /etc/shadowsocks.json -wget https://raw.githubusercontent.com/shadowsocks/stackscript/master/shadowsocks.conf -O /etc/supervisor/conf.d/shadowsocks.conf -wget https://raw.githubusercontent.com/shadowsocks/stackscript/master/local.conf -O /etc/sysctl.d/local.conf +wget https://raw.githubusercontent.com/OneContainer/stackscript/master/shadowsocks.json -O /etc/shadowsocks.json +wget https://raw.githubusercontent.com/OneContainer/stackscript/master/shadowsocks.conf -O /etc/supervisor/conf.d/shadowsocks.conf +wget https://raw.githubusercontent.com/OneContainer/stackscript/master/local.conf -O /etc/sysctl.d/local.conf sed -i -e s/SS_PASSWORD/$SS_PASSWORD/ /etc/shadowsocks.json sed -i -e s/SS_PORT/$SS_PORT/ /etc/shadowsocks.json From 2b034672e1af6020343caa1533e273680d4c0a75 Mon Sep 17 00:00:00 2001 From: yixinglu Date: Thu, 12 Oct 2017 11:40:16 +0800 Subject: [PATCH 5/8] add v2ray --- stackscript.sh | 9 +++++ v2ray/config.json | 93 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+) create mode 100644 v2ray/config.json diff --git a/stackscript.sh b/stackscript.sh index 5a53be9..1333c40 100644 --- a/stackscript.sh +++ b/stackscript.sh @@ -20,11 +20,20 @@ sed -i -e s/SS_PASSWORD/$SS_PASSWORD/ /etc/shadowsocks.json sed -i -e s/SS_PORT/$SS_PORT/ /etc/shadowsocks.json sed -i -e s/SS_LB_PORT/$SS_LB_PORT/ /etc/shadowsocks.json +bash <(curl -L -s https://install.direct/go.sh) +wget https://raw.githubusercontent.com/OneContainer/stackscript/master/v2ray/config.json -O /etc/v2ray/config.json + +V2RAY_UUID=`curl -X GET https://www.uuidgenerator.net/ | grep -Po '(?<=^

)[a-z0-9-]+'` + +sed -i -e s/V2RAY_UUID/$V2RAY_UUID/ /etc/v2ray/config.json +sed -i -e s/SS_PORT/$SS_PORT/ /etc/v2ray/config.json + sysctl --system service supervisor stop echo 'ulimit -n 51200' >> /etc/default/supervisor service supervisor start +service v2ray start supervisorctl reload diff --git a/v2ray/config.json b/v2ray/config.json new file mode 100644 index 0000000..f1680af --- /dev/null +++ b/v2ray/config.json @@ -0,0 +1,93 @@ +{ + "log": { + "access": "/var/log/v2ray/access.log", + "error": "/var/log/v2ray/error.log", + "loglevel": "warning" + }, + "inbound": { + "port": SS_PORT, + "protocol": "vmess", + "settings": { + "clients": [ + { + "id": "V2RAY_UUID", + "level": 1, + "alterId": 100 + } + ], + "detour": { + "to": "detour" + } + }, + "streamSettings": { + "network": "tcp", + "tcpSettings": { + "connectionReuse": true, + "header": { + "type": "http" + } + } + } + }, + "outbound": { + "protocol": "freedom", + "settings": {} + }, + "inboundDetour": [ + { + "protocol": "vmess", + "port": "32001-32500", + "tag": "detour", + "settings": {}, + "allocate": { + "strategy": "random", + "concurrency": 10, + "refresh": 5 + }, + "streamSettings": { + "network": "tcp", + "tcpSettings": { + "connectionReuse": true, + "header": { + "type": "http" + } + } + } + } + ], + "outboundDetour": [ + { + "protocol": "blackhole", + "settings": {}, + "tag": "blocked" + } + ], + "routing": { + "strategy": "rules", + "settings": { + "rules": [ + { + "type": "field", + "ip": [ + "0.0.0.0/8", + "10.0.0.0/8", + "100.64.0.0/10", + "127.0.0.0/8", + "169.254.0.0/16", + "172.16.0.0/12", + "192.0.0.0/24", + "192.0.2.0/24", + "192.168.0.0/16", + "198.18.0.0/15", + "198.51.100.0/24", + "203.0.113.0/24", + "::1/128", + "fc00::/7", + "fe80::/10" + ], + "outboundTag": "blocked" + } + ] + } + } +} From 5cba44533dccd83c9d3d00fd9ecc576a096cad43 Mon Sep 17 00:00:00 2001 From: yixinglu Date: Thu, 12 Oct 2017 12:43:11 +0800 Subject: [PATCH 6/8] fix port --- stackscript.sh | 16 ++++++++++++++-- v2ray/config.json | 2 +- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/stackscript.sh b/stackscript.sh index 1333c40..61da2c3 100644 --- a/stackscript.sh +++ b/stackscript.sh @@ -10,7 +10,7 @@ PORTS_USED="^${PORTS_USED}$" SS_PASSWORD=`dd if=/dev/urandom bs=32 count=1 | md5sum | cut -c-32` SS_PORT=`seq 1025 9000 | grep -v -E "$PORTS_USED" | shuf -n 1` -SS_LB_PORT=$(($SS_PORT + 1)) +SS_LB_PORT=`seq 1025 9000 | grep -v -E "$PORTS_USED $SS_PORT" | shuf -n 1` wget https://raw.githubusercontent.com/OneContainer/stackscript/master/shadowsocks.json -O /etc/shadowsocks.json wget https://raw.githubusercontent.com/OneContainer/stackscript/master/shadowsocks.conf -O /etc/supervisor/conf.d/shadowsocks.conf @@ -24,9 +24,10 @@ bash <(curl -L -s https://install.direct/go.sh) wget https://raw.githubusercontent.com/OneContainer/stackscript/master/v2ray/config.json -O /etc/v2ray/config.json V2RAY_UUID=`curl -X GET https://www.uuidgenerator.net/ | grep -Po '(?<=^

)[a-z0-9-]+'` +V2RAY_PORT=`seq 1025 9000 | grep -v -E "$PORTS_USED $SS_PORT $SS_LB_PORT" | shuf -n 1` sed -i -e s/V2RAY_UUID/$V2RAY_UUID/ /etc/v2ray/config.json -sed -i -e s/SS_PORT/$SS_PORT/ /etc/v2ray/config.json +sed -i -e s/V2RAY_PORT/$V2RAY_PORT/ /etc/v2ray/config.json sysctl --system @@ -41,3 +42,14 @@ supervisorctl reload echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf sysctl -p + +echo "*******shadowsocks configuration*******" +echo "Port: $SS_PORT" +echo "Load balance port: $SS_LB_PORT" +echo "Password: $SS_PASSWORD" +echo "*******shadowsocks configuration*******" +echo "" +echo "*******v2ray configuration*******" +echo "Port: $V2RAY_PORT" +echo "UUID: $V2RAY_UUID" +echo "*******v2ray configuration*******" diff --git a/v2ray/config.json b/v2ray/config.json index f1680af..7cba81e 100644 --- a/v2ray/config.json +++ b/v2ray/config.json @@ -5,7 +5,7 @@ "loglevel": "warning" }, "inbound": { - "port": SS_PORT, + "port": V2RAY_PORT, "protocol": "vmess", "settings": { "clients": [ From da1409a51d886813b5d84265ccb83821b23f4441 Mon Sep 17 00:00:00 2001 From: yixinglu Date: Sun, 15 Oct 2017 21:55:00 +0800 Subject: [PATCH 7/8] make curl silent --- stackscript.sh | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/stackscript.sh b/stackscript.sh index 61da2c3..1bbc0f0 100644 --- a/stackscript.sh +++ b/stackscript.sh @@ -23,7 +23,7 @@ sed -i -e s/SS_LB_PORT/$SS_LB_PORT/ /etc/shadowsocks.json bash <(curl -L -s https://install.direct/go.sh) wget https://raw.githubusercontent.com/OneContainer/stackscript/master/v2ray/config.json -O /etc/v2ray/config.json -V2RAY_UUID=`curl -X GET https://www.uuidgenerator.net/ | grep -Po '(?<=^

)[a-z0-9-]+'` +V2RAY_UUID=`curl -s -X GET https://www.uuidgenerator.net/ | grep -Po '(?<=^

)[a-z0-9-]+'` V2RAY_PORT=`seq 1025 9000 | grep -v -E "$PORTS_USED $SS_PORT $SS_LB_PORT" | shuf -n 1` sed -i -e s/V2RAY_UUID/$V2RAY_UUID/ /etc/v2ray/config.json @@ -43,13 +43,10 @@ echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf sysctl -p -echo "*******shadowsocks configuration*******" +echo "\n*******shadowsocks configuration*******" echo "Port: $SS_PORT" echo "Load balance port: $SS_LB_PORT" echo "Password: $SS_PASSWORD" -echo "*******shadowsocks configuration*******" -echo "" -echo "*******v2ray configuration*******" +echo "\n*******v2ray configuration*******" echo "Port: $V2RAY_PORT" echo "UUID: $V2RAY_UUID" -echo "*******v2ray configuration*******" From 1b2ab76f97205a5332edd0d044f6d05f9ce3aa36 Mon Sep 17 00:00:00 2001 From: yixinglu Date: Thu, 23 Nov 2017 02:24:22 +0800 Subject: [PATCH 8/8] update shadowsocks install --- shadowsocks.conf | 2 +- shadowsocks.json | 2 ++ stackscript.sh | 11 +++++++++-- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/shadowsocks.conf b/shadowsocks.conf index a6e7e39..a577402 100644 --- a/shadowsocks.conf +++ b/shadowsocks.conf @@ -1,4 +1,4 @@ [program:shadowsocks] -command=ssserver -c /etc/shadowsocks.json +command=ss-server -c /etc/shadowsocks.json autorestart=true user=nobody diff --git a/shadowsocks.json b/shadowsocks.json index 43b17ef..d26ad5b 100644 --- a/shadowsocks.json +++ b/shadowsocks.json @@ -10,6 +10,8 @@ "timeout":300, "method":"aes-256-cfb", "fast_open": true, + "plugin": "obfs-server", + "plugin-opts": "obfs=http", "workers": 2 } diff --git a/stackscript.sh b/stackscript.sh index 1bbc0f0..ad51922 100644 --- a/stackscript.sh +++ b/stackscript.sh @@ -1,8 +1,15 @@ #!/bin/bash apt-get update -apt-get install -y -qq python-pip python-m2crypto supervisor -pip install shadowsocks +apt-get install software-properties-common -y +add-apt-repository ppa:max-c-lv/shadowsocks-libev -y +apt-get update +apt-get install -y -qq supervisor shadowsocks-libev + +apt-get install --no-install-recommends build-essential autoconf libtool libssl-dev libpcre3-dev libev-dev asciidoc xmlto automake +git clone --recursive https://github.com/shadowsocks/simple-obfs.git +cd simple-obfs && ./autogen.sh +./configure && make && make install PORTS_USED=`netstat -antl |grep LISTEN | awk '{ print $4 }' | cut -d: -f2|sed '/^$/d'|sort` PORTS_USED=`echo $PORTS_USED|sed 's/\s/$\|^/g'`