https://www.91yun.org/archives/2079
wget -N –no-check-certificate https://raw.githubusercontent.com/91yun/shadowsocks_install/master/shadowsocksR.sh && bash shadowsocksR.sh
本脚本来源于 teddysun 的一键脚本: https://shadowsocks.be/9.html
感谢 teddysun 大神的一键脚本
2017.02.25 更新
修改了默认协议为 auth_sha1_v4
几个默认配置:
- 默认加密为: chacha20
- 默认协议为: auth_sha1_v4
- 默认混淆为: tls1.2_ticket_auth
有问题欢迎大家及时反馈 . ( 91yun 的官方 TG 群: https://telegram.me/im91yun )
一键脚本的安装
1
|
wget –N —no–check–certificate https://raw.githubusercontent.com/91yun/shadowsocks_install/master/shadowsocksR.sh && bash shadowsocksR.sh
|
本脚本安装完成后,已将 ShadowsocksR 自动加入开机自启动。
卸载方法:
使用 root 用户登录,运行以下命令:
1
|
bash ./shadowsocksR.sh uninstall
|
升级方法:
1
2
|
cd /usr/local/shadowsocks/shadowsocks
git pull
|
使用命令:
启动: /etc/init.d/shadowsocks start
停止: /etc/init.d/shadowsocks stop
重启: /etc/init.d/shadowsocks restart
状态: /etc/init.d/shadowsocks status
配置文件路径: /etc/shadowsocks.json
日志文件路径: /var/log/shadowsocks.log
安装路径: /usr/local/shadowsocks/shadowsoks
多用户配置
如果要多个用户一起使用的话,请写入以下配置( vi /etc/shadowsocks.json ):
多用户的核心是这个配置,把这个配置替代掉 /etc/shadowsocks.json 的相关密码的配置就行了:
“port_password”:{
“80”:”password1″,
“443”:”password2″
},
完整的多用户配置:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
{
“server”:“0.0.0.0”,
“server_ipv6”: “[::]”,
“local_address”:“127.0.0.1”,
“local_port”:1080,
“port_password”:{
“80”:“password1”,
“443”:“password2”
},
“timeout”:300,
“method”:“aes-256-cfb”,
“protocol”: “auth_sha1_compatible”,
“protocol_param”: “”,
“obfs”: “http_simple_compatible”,
“obfs_param”: “”,
“redirect”: “”,
“dns_ipv6”: false,
“fast_open”: false,
“workers”: 1
}
|
如果你想修改配置文件,请参考:
https://github.com/breakwa11/shadowsocks-rss/wiki/Server-Setup
shadowsocksR.sh源码 -新版
#! /bin/bash PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin export PATH #=================================================================# # System Required: CentOS 6,7, Debian, Ubuntu # # Description: One click Install ShadowsocksR Server # # Author: 91yun <https://twitter.com/91yun> # # Thanks: @breakwa11 <https://twitter.com/breakwa11> # # Thanks: @Teddysun <[email protected]> # # Intro: https://www.91yun.org/archives/2079 # #=================================================================# #Current folder cur_dir=`pwd` # Get public IP address IP=$(ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1) if [[ "$IP" = "" ]]; then IP=$(wget -qO- -t1 -T2 ipv4.icanhazip.com) fi # Make sure only root can run our script function rootness(){ if [[ $EUID -ne 0 ]]; then echo "Error:This script must be run as root!" 1>&2 exit 1 fi } # Check OS function checkos(){ if [ -f /etc/redhat-release ];then OS='CentOS' elif [ ! -z "`cat /etc/issue | grep bian`" ];then OS='Debian' elif [ ! -z "`cat /etc/issue | grep Ubuntu`" ];then OS='Ubuntu' else echo "Not support OS, Please reinstall OS and retry!" exit 1 fi } # Get version function getversion(){ if [[ -s /etc/redhat-release ]];then grep -oE "[0-9.]+" /etc/redhat-release else grep -oE "[0-9.]+" /etc/issue fi } # CentOS version function centosversion(){ local code=$1 local version="`getversion`" local main_ver=${version%%.*} if [ $main_ver == $code ];then return 0 else return 1 fi } # Disable selinux function disable_selinux(){ if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config setenforce 0 fi } # Pre-installation settings function pre_install(){ # Not support CentOS 5 if centosversion 5; then echo "Not support CentOS 5, please change OS to CentOS 6+/Debian 7+/Ubuntu 12+ and retry." exit 1 fi # Set ShadowsocksR config password echo "Please input password for ShadowsocksR:" read -p "(Default password: www.91yun.org):" shadowsockspwd [ -z "$shadowsockspwd" ] && shadowsockspwd="www.91yun.org" echo echo "---------------------------" echo "password = $shadowsockspwd" echo "---------------------------" echo # Set ShadowsocksR config port while true do echo -e "Please input port for ShadowsocksR [1-65535]:" read -p "(Default port: 8989):" shadowsocksport [ -z "$shadowsocksport" ] && shadowsocksport="8989" expr $shadowsocksport + 0 &>/dev/null if [ $? -eq 0 ]; then if [ $shadowsocksport -ge 1 ] && [ $shadowsocksport -le 65535 ]; then echo echo "---------------------------" echo "port = $shadowsocksport" echo "---------------------------" echo break else echo "Input error! Please input correct number." fi else echo "Input error! Please input correct number." fi done get_char(){ SAVEDSTTY=`stty -g` stty -echo stty cbreak dd if=/dev/tty bs=1 count=1 2> /dev/null stty -raw stty echo stty $SAVEDSTTY } echo echo "Press any key to start...or Press Ctrl+C to cancel" char=`get_char` # Install necessary dependencies if [ "$OS" == 'CentOS' ]; then yum install -y wget unzip openssl-devel gcc swig python python-devel python-setuptools autoconf libtool libevent git ntpdate yum install -y m2crypto automake make curl curl-devel zlib-devel perl perl-devel cpio expat-devel gettext-devel else apt-get -y update apt-get -y install python python-dev python-pip python-m2crypto curl wget unzip gcc swig automake make perl cpio build-essential git ntpdate fi cd $cur_dir } # Download files function download_files(){ # Download libsodium file if ! wget --no-check-certificate -O libsodium-1.0.10.tar.gz https://github.com/jedisct1/libsodium/releases/download/1.0.10/libsodium-1.0.10.tar.gz; then echo "Failed to download libsodium file!" exit 1 fi # Download ShadowsocksR file # if ! wget --no-check-certificate -O manyuser.zip https://github.com/breakwa11/shadowsocks/archive/manyuser.zip; then # echo "Failed to download ShadowsocksR file!" # exit 1 # fi # Download ShadowsocksR chkconfig file if [ "$OS" == 'CentOS' ]; then if ! wget --no-check-certificate https://raw.githubusercontent.com/91yun/shadowsocks_install/master/shadowsocksR -O /etc/init.d/shadowsocks; then echo "Failed to download ShadowsocksR chkconfig file!" exit 1 fi else if ! wget --no-check-certificate https://raw.githubusercontent.com/91yun/shadowsocks_install/master/shadowsocksR-debian -O /etc/init.d/shadowsocks; then echo "Failed to download ShadowsocksR chkconfig file!" exit 1 fi fi } # firewall set function firewall_set(){ echo "firewall set start..." if centosversion 6; then /etc/init.d/iptables status > /dev/null 2>&1 if [ $? -eq 0 ]; then iptables -L -n | grep '${shadowsocksport}' | grep 'ACCEPT' > /dev/null 2>&1 if [ $? -ne 0 ]; then iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport ${shadowsocksport} -j ACCEPT iptables -I INPUT -m state --state NEW -m udp -p udp --dport ${shadowsocksport} -j ACCEPT /etc/init.d/iptables save /etc/init.d/iptables restart else echo "port ${shadowsocksport} has been set up." fi else echo "WARNING: iptables looks like shutdown or not installed, please manually set it if necessary." fi elif centosversion 7; then systemctl status firewalld > /dev/null 2>&1 if [ $? -eq 0 ];then firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/tcp firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/udp firewall-cmd --reload else /etc/init.d/iptables status > /dev/null 2>&1 if [ $? -eq 0 ]; then iptables -L -n | grep '${shadowsocksport}' | grep 'ACCEPT' > /dev/null 2>&1 if [ $? -ne 0 ]; then iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport ${shadowsocksport} -j ACCEPT iptables -I INPUT -m state --state NEW -m udp -p udp --dport ${shadowsocksport} -j ACCEPT /etc/init.d/iptables save /etc/init.d/iptables restart else echo "port ${shadowsocksport} has been set up." fi else echo "WARNING: firewall like shutdown or not installed, please manually set it if necessary." fi fi fi echo "firewall set completed..." } # Config ShadowsocksR function config_shadowsocks(){ cat > /etc/shadowsocks.json<<-EOF { "server": "0.0.0.0", "server_ipv6": "::", "server_port": ${shadowsocksport}, "local_address": "127.0.0.1", "local_port": 1081, "password": "${shadowsockspwd}", "timeout": 120, "udp_timeout": 60, "method": "chacha20", "protocol": "auth_sha1_v4_compatible", "protocol_param": "", "obfs": "tls1.2_ticket_auth_compatible", "obfs_param": "", "dns_ipv6": false, "connect_verbose_info": 1, "redirect": "", "fast_open": false, "workers": 1 } EOF } # Install ShadowsocksR function install_ss(){ # Install libsodium tar zxf libsodium-1.0.10.tar.gz cd $cur_dir/libsodium-1.0.10 ./configure && make && make install echo "/usr/local/lib" > /etc/ld.so.conf.d/local.conf ldconfig # Install ShadowsocksR cd $cur_dir # unzip -q manyuser.zip # mv shadowsocks-manyuser/shadowsocks /usr/local/ git clone https://github.com/shadowsocksr/shadowsocksr.git /usr/local/shadowsocks if [ -f /usr/local/shadowsocks/server.py ]; then chmod +x /etc/init.d/shadowsocks # Add run on system start up if [ "$OS" == 'CentOS' ]; then chkconfig --add shadowsocks chkconfig shadowsocks on else update-rc.d -f shadowsocks defaults fi # Run ShadowsocksR in the background /etc/init.d/shadowsocks start clear echo echo "Congratulations, ShadowsocksR install completed!" echo -e "Server IP: \033[41;37m ${IP} \033[0m" echo -e "Server Port: \033[41;37m ${shadowsocksport} \033[0m" echo -e "Password: \033[41;37m ${shadowsockspwd} \033[0m" echo -e "Protocol: \033[41;37m auth_sha1_v4 \033[0m" echo -e "obfs: \033[41;37m tls1.2_ticket_auth \033[0m" echo -e "Encryption Method: \033[41;37m chacha20 \033[0m" echo "Welcome to visit:https://www.91yun.org/archives/2079" echo "If you want to change protocol & obfs, reference URL:" echo "https://github.com/breakwa11/shadowsocks-rss/wiki/Server-Setup" echo echo "Enjoy it!" echo else echo "Shadowsocks install failed!" install_cleanup exit 1 fi } # Install cleanup function install_cleanup(){ cd $cur_dir rm -f manyuser.zip rm -rf shadowsocks-manyuser rm -f libsodium-1.0.10.tar.gz rm -rf libsodium-1.0.10 } # Uninstall ShadowsocksR function uninstall_shadowsocks(){ printf "Are you sure uninstall ShadowsocksR? (y/n) " printf "\n" read -p "(Default: n):" answer if [ -z $answer ]; then answer="n" fi if [ "$answer" = "y" ]; then /etc/init.d/shadowsocks status > /dev/null 2>&1 if [ $? -eq 0 ]; then /etc/init.d/shadowsocks stop fi checkos if [ "$OS" == 'CentOS' ]; then chkconfig --del shadowsocks else update-rc.d -f shadowsocks remove fi rm -f /etc/shadowsocks.json rm -f /etc/init.d/shadowsocks rm -rf /usr/local/shadowsocks echo "ShadowsocksR uninstall success!" else echo "uninstall cancelled, Nothing to do" fi } # Install ShadowsocksR function install_shadowsocks(){ checkos rootness disable_selinux pre_install download_files config_shadowsocks install_ss if [ "$OS" == 'CentOS' ]; then firewall_set > /dev/null 2>&1 fi #check_datetime install_cleanup } # Initialization step action=$1 [ -z $1 ] && action=install case "$action" in install) install_shadowsocks ;; uninstall) uninstall_shadowsocks ;; *) echo "Arguments error! [${action} ]" echo "Usage: `basename $0` {install|uninstall}" ;; esac
shadowsocksR.sh源码-旧版兼容官方SS客户端,IOS兼容
#! /bin/bash PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin export PATH #=================================================================# # System Required: CentOS 6,7, Debian, Ubuntu # # Description: One click Install ShadowsocksR Server # # Author: 91yun <https://twitter.com/91yun> # # Thanks: @breakwa11 <https://twitter.com/breakwa11> # # Thanks: @Teddysun <[email protected]> # # Intro: https://www.91yun.org/archives/2079 # #=================================================================# clear echo echo #Current folder cur_dir=`pwd` # Get public IP address IP=$(ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1) if [[ "$IP" = "" ]]; then IP=$(wget -qO- -t1 -T2 ipv4.icanhazip.com) fi # Make sure only root can run our script function rootness(){ if [[ $EUID -ne 0 ]]; then echo "Error:This script must be run as root!" 1>&2 exit 1 fi } # Check OS function checkos(){ if [ -f /etc/redhat-release ];then OS='CentOS' elif [ ! -z "`cat /etc/issue | grep bian`" ];then OS='Debian' elif [ ! -z "`cat /etc/issue | grep Ubuntu`" ];then OS='Ubuntu' else echo "Not support OS, Please reinstall OS and retry!" exit 1 fi } # Get version function getversion(){ if [[ -s /etc/redhat-release ]];then grep -oE "[0-9.]+" /etc/redhat-release else grep -oE "[0-9.]+" /etc/issue fi } # CentOS version function centosversion(){ local code=$1 local version="`getversion`" local main_ver=${version%%.*} if [ $main_ver == $code ];then return 0 else return 1 fi } # Disable selinux function disable_selinux(){ if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config setenforce 0 fi } # Pre-installation settings function pre_install(){ # Not support CentOS 5 if centosversion 5; then echo "Not support CentOS 5, please change OS to CentOS 6+/Debian 7+/Ubuntu 12+ and retry." exit 1 fi # Set ShadowsocksR config password echo "Please input password for ShadowsocksR:" read -p "(Default password: www.91yun.org):" shadowsockspwd [ -z "$shadowsockspwd" ] && shadowsockspwd="www.91yun.org" echo echo "---------------------------" echo "password = $shadowsockspwd" echo "---------------------------" echo # Set ShadowsocksR config port while true do echo -e "Please input port for ShadowsocksR [1-65535]:" read -p "(Default port: 8989):" shadowsocksport [ -z "$shadowsocksport" ] && shadowsocksport="8989" expr $shadowsocksport + 0 &>/dev/null if [ $? -eq 0 ]; then if [ $shadowsocksport -ge 1 ] && [ $shadowsocksport -le 65535 ]; then echo echo "---------------------------" echo "port = $shadowsocksport" echo "---------------------------" echo break else echo "Input error! Please input correct number." fi else echo "Input error! Please input correct number." fi done get_char(){ SAVEDSTTY=`stty -g` stty -echo stty cbreak dd if=/dev/tty bs=1 count=1 2> /dev/null stty -raw stty echo stty $SAVEDSTTY } echo echo "Press any key to start...or Press Ctrl+C to cancel" char=`get_char` # Install necessary dependencies if [ "$OS" == 'CentOS' ]; then yum install -y wget unzip openssl-devel gcc swig python python-devel python-setuptools autoconf libtool libevent git ntpdate yum install -y m2crypto automake make curl curl-devel zlib-devel perl perl-devel cpio expat-devel gettext-devel else apt-get -y update apt-get -y install python python-dev python-pip python-m2crypto curl wget unzip gcc swig automake make perl cpio build-essential git ntpdate fi cd $cur_dir } # Download files function download_files(){ # Download libsodium file if ! wget --no-check-certificate -O libsodium-1.0.10.tar.gz https://github.com/jedisct1/libsodium/releases/download/1.0.10/libsodium-1.0.10.tar.gz; then echo "Failed to download libsodium file!" exit 1 fi # Download ShadowsocksR file # if ! wget --no-check-certificate -O manyuser.zip https://github.com/breakwa11/shadowsocks/archive/manyuser.zip; then # echo "Failed to download ShadowsocksR file!" # exit 1 # fi # Download ShadowsocksR chkconfig file if [ "$OS" == 'CentOS' ]; then if ! wget --no-check-certificate https://raw.githubusercontent.com/91yun/shadowsocks_install/master/shadowsocksR -O /etc/init.d/shadowsocks; then echo "Failed to download ShadowsocksR chkconfig file!" exit 1 fi else if ! wget --no-check-certificate https://raw.githubusercontent.com/91yun/shadowsocks_install/master/shadowsocksR-debian -O /etc/init.d/shadowsocks; then echo "Failed to download ShadowsocksR chkconfig file!" exit 1 fi fi } # firewall set function firewall_set(){ echo "firewall set start..." if centosversion 6; then /etc/init.d/iptables status > /dev/null 2>&1 if [ $? -eq 0 ]; then iptables -L -n | grep '${shadowsocksport}' | grep 'ACCEPT' > /dev/null 2>&1 if [ $? -ne 0 ]; then iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport ${shadowsocksport} -j ACCEPT iptables -I INPUT -m state --state NEW -m udp -p udp --dport ${shadowsocksport} -j ACCEPT /etc/init.d/iptables save /etc/init.d/iptables restart else echo "port ${shadowsocksport} has been set up." fi else echo "WARNING: iptables looks like shutdown or not installed, please manually set it if necessary." fi elif centosversion 7; then systemctl status firewalld > /dev/null 2>&1 if [ $? -eq 0 ];then firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/tcp firewall-cmd --permanent --zone=public --add-port=${shadowsocksport}/udp firewall-cmd --reload else /etc/init.d/iptables status > /dev/null 2>&1 if [ $? -eq 0 ]; then iptables -L -n | grep '${shadowsocksport}' | grep 'ACCEPT' > /dev/null 2>&1 if [ $? -ne 0 ]; then iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport ${shadowsocksport} -j ACCEPT iptables -I INPUT -m state --state NEW -m udp -p udp --dport ${shadowsocksport} -j ACCEPT /etc/init.d/iptables save /etc/init.d/iptables restart else echo "port ${shadowsocksport} has been set up." fi else echo "WARNING: firewall like shutdown or not installed, please manually set it if necessary." fi fi fi echo "firewall set completed..." } # Config ShadowsocksR function config_shadowsocks(){ cat > /etc/shadowsocks.json<<-EOF { "server": "0.0.0.0", "server_ipv6": "::", "server_port": ${shadowsocksport}, "local_address": "127.0.0.1", "local_port": 1081, "password": "${shadowsockspwd}", "timeout": 120, "udp_timeout": 60, "method": "chacha20", "protocol": "verify_sha1_compatible", "protocol_param": "", "obfs": "tls1.2_ticket_auth_compatible", "obfs_param": "", "dns_ipv6": false, "connect_verbose_info": 1, "redirect": "", "fast_open": false, "workers": 1 } EOF } # Install ShadowsocksR function install_ss(){ # Install libsodium tar zxf libsodium-1.0.10.tar.gz cd $cur_dir/libsodium-1.0.10 ./configure && make && make install echo "/usr/local/lib" > /etc/ld.so.conf.d/local.conf ldconfig # Install ShadowsocksR cd $cur_dir # unzip -q manyuser.zip # mv shadowsocks-manyuser/shadowsocks /usr/local/ git clone https://github.com/shadowsocksr/shadowsocksr.git /usr/local/shadowsocks if [ -f /usr/local/shadowsocks/server.py ]; then chmod +x /etc/init.d/shadowsocks # Add run on system start up if [ "$OS" == 'CentOS' ]; then chkconfig --add shadowsocks chkconfig shadowsocks on else update-rc.d -f shadowsocks defaults fi # Run ShadowsocksR in the background /etc/init.d/shadowsocks start clear echo echo "Congratulations, ShadowsocksR install completed!" echo -e "Server IP: \033[41;37m ${IP} \033[0m" echo -e "Server Port: \033[41;37m ${shadowsocksport} \033[0m" echo -e "Password: \033[41;37m ${shadowsockspwd} \033[0m" echo -e "Protocol(鍗忚): \033[41;37m verify_sha1(鍘熺増ss瀹㈡埛绔渶瑕佸嬀閫変竴娆℃€ч獙璇�) \033[0m" echo -e "obfs(娣锋穯): \033[41;37m tls1.2_ticket_auth \033[0m" echo -e "Encryption Method(鍔犲瘑鏂规硶): \033[41;37m chacha20 \033[0m" echo "Welcome to visit:https://www.91yun.org/archives/2079" echo "If you want to change protocol & obfs, reference URL:" echo "https://github.com/breakwa11/shadowsocks-rss/wiki/Server-Setup" echo echo "Enjoy it!" echo else echo "Shadowsocks install failed!" install_cleanup exit 1 fi } #鏀规垚鍖椾含鏃堕棿 # function check_datetime(){ # rm -rf /etc/localtime # ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime # ntpdate time.windows.com # } # Install cleanup function install_cleanup(){ cd $cur_dir rm -f manyuser.zip rm -rf shadowsocks-manyuser rm -f libsodium-1.0.10.tar.gz rm -rf libsodium-1.0.10 } # Uninstall ShadowsocksR function uninstall_shadowsocks(){ printf "Are you sure uninstall ShadowsocksR? (y/n) " printf "\n" read -p "(Default: n):" answer if [ -z $answer ]; then answer="n" fi if [ "$answer" = "y" ]; then /etc/init.d/shadowsocks status > /dev/null 2>&1 if [ $? -eq 0 ]; then /etc/init.d/shadowsocks stop fi checkos if [ "$OS" == 'CentOS' ]; then chkconfig --del shadowsocks else update-rc.d -f shadowsocks remove fi rm -f /etc/shadowsocks.json rm -f /etc/init.d/shadowsocks rm -rf /usr/local/shadowsocks echo "ShadowsocksR uninstall success!" else echo "uninstall cancelled, Nothing to do" fi } # Install ShadowsocksR function install_shadowsocks(){ checkos rootness disable_selinux pre_install download_files config_shadowsocks install_ss if [ "$OS" == 'CentOS' ]; then firewall_set > /dev/null 2>&1 fi #check_datetime install_cleanup } # Initialization step action=$1 [ -z $1 ] && action=install case "$action" in install) install_shadowsocks ;; uninstall) uninstall_shadowsocks ;; *) echo "Arguments error! [${action} ]" echo "Usage: `basename $0` {install|uninstall}" ;; esac