搭建自用个人代理
内容引用知乎“起个昵称”的一片文章
首先创建shell脚本
vi sss添加脚本内容如下
#!/usr/bin/env bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
#===================================================================#
# System Required: CentOS 6 or 7 #
# Description: Install Shadowscks-libev server for CentOS 6 or 7 #
# Author: Teddysun <i@teddysun.com>
# Maintainer: https://meethigher.top
# Thanks: @madeye <https://github.com/madeye> #
# Intro: https://teddysun.com/357.html #
#===================================================================#
# Current folder
cur_dir=$(pwd)
libsodium_file='libsodium-1.0.18'
libsodium_url='https://meethigher.top/cloud/download/0/sh/9ba8fa8d0354c8c6f151531125c53bf5'
mbedtls_file='mbedtls-2.16.12'
mbedtls_url='https://meethigher.top/cloud/download/0/sh/af2d337a95ee3cc05d620da6784d21c7'
# Stream Ciphers
ciphers=(
aes-256-gcm
aes-192-gcm
aes-128-gcm
aes-256-ctr
aes-192-ctr
aes-128-ctr
aes-256-cfb
aes-192-cfb
aes-128-cfb
camellia-128-cfb
camellia-192-cfb
camellia-256-cfb
xchacha20-ietf-poly1305
chacha20-ietf-poly1305
chacha20-ietf
chacha20
salsa20
rc4-md5
)
# Color
red='\033[0;31m'
green='\033[0;32m'
yellow='\033[0;33m'
plain='\033[0m'
# Make sure only root can run our script
[[ $EUID -ne 0 ]] && echo -e "[${red}Error${plain}] This script must be run as root!" && exit 1
# Disable selinux
disable_selinux() {
if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
fi
echo "禁用selinux"
}
get_ip() {
local IP=$(ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1)
[ -z "${IP}" ] && IP=$(wget -qO- -t1 -T2 ipv4.icanhazip.com)
[ -z "${IP}" ] && IP=$(wget -qO- -t1 -T2 ipinfo.io/ip)
[ ! -z "${IP}" ] && echo "${IP}" || echo
}
get_ipv6() {
local ipv6=$(wget -qO- -t1 -T2 ipv6.icanhazip.com)
if [ -z "${ipv6}" ]; then
return 1
else
return 0
fi
}
get_char() {
SAVEDSTTY=$(stty -g)
stty -echo
stty cbreak
dd if=/dev/tty bs=1 count=1 2>/dev/null
stty -raw
stty echo
stty "$SAVEDSTTY"
}
get_latest_version() {
ver=$(wget --no-check-certificate -qO- https://api.github.com/repos/shadows-cks/shadows-cks-libev/releases/latest | grep 'tag_name' | cut -d\" -f4)
[ -z "${ver}" ] && echo "Error: Get shadows-cks-libev latest version failed" && exit 1
shadows-cks_libev_ver="shadows-cks-libev-$(echo "${ver}" | sed -e 's/^[a-zA-Z]//g')"
download_link="https://meethigher.top/cloud/download/0/sh/de8f797a7c8fe78a80bb655127e6fe87"
init_script_link="https://meethigher.top/cloud/download/0/sh/08099d74c28d5c40789d6cd0f86dc964"
}
check_installed() {
if [ "$(command -v "$1")" ]; then
return 0
else
return 1
fi
}
check_version() {
check_installed "ss-server"
if [ $? -eq 0 ]; then
installed_ver=$(ss-server -h | grep shadows-cks-libev | cut -d' ' -f2)
get_latest_version
latest_ver=$(echo "${ver}" | sed -e 's/^[a-zA-Z]//g')
if [ "${latest_ver}" == "${installed_ver}" ]; then
return 0
else
return 1
fi
else
return 2
fi
}
print_info() {
clear
echo "#############################################################"
echo "# Install Shadows-cks-libev server for CentOS 6 or 7 #"
echo "# Intro: https://teddysun.com/357.html #"
echo "# Author: Teddysun <i@teddysun.com> #"
echo "# Maintainer: https://meethigher.top #"
echo "# Github: https://github.com/shadows-cks/shadows-cks-libev #"
echo "#############################################################"
echo
}
# Check system
check_sys() {
local checkType=$1
local value=$2
local release=''
local systemPackage=''
if [[ -f /etc/redhat-release ]]; then
release="centos"
systemPackage="yum"
elif grep -Eqi "debian|raspbian" /etc/issue; then
release="debian"
systemPackage="apt"
elif grep -Eqi "ubuntu" /etc/issue; then
release="ubuntu"
systemPackage="apt"
elif grep -Eqi "centos|red hat|redhat" /etc/issue; then
release="centos"
systemPackage="yum"
elif grep -Eqi "debian|raspbian" /proc/version; then
release="debian"
systemPackage="apt"
elif grep -Eqi "ubuntu" /proc/version; then
release="ubuntu"
systemPackage="apt"
elif grep -Eqi "centos|red hat|redhat" /proc/version; then
release="centos"
systemPackage="yum"
fi
if [[ "${checkType}" == "sysRelease" ]]; then
if [ "${value}" == "${release}" ]; then
return 0
else
return 1
fi
elif [[ "${checkType}" == "packageManager" ]]; then
if [ "${value}" == "${systemPackage}" ]; then
return 0
else
return 1
fi
fi
}
version_gt() {
test "$(echo "$@" | tr " " "\n" | sort -V | head -n 1)" != "$1"
}
check_kernel_version() {
local kernel_version=$(uname -r | cut -d- -f1)
if version_gt "${kernel_version}" 3.7.0; then
return 0
else
return 1
fi
}
check_kernel_headers() {
if check_sys packageManager yum; then
if rpm -qa | grep -q headers-$(uname -r); then
return 0
else
return 1
fi
elif check_sys packageManager apt; then
if dpkg -s linux-headers-$(uname -r) >/dev/null 2>&1; then
return 0
else
return 1
fi
fi
return 1
}
# Get version
getversion() {
if [[ -s /etc/redhat-release ]]; then
grep -oE "[0-9.]+" /etc/redhat-release
else
grep -oE "[0-9.]+" /etc/issue
fi
}
# CentOS version
centosversion() {
if check_sys sysRelease centos; then
local code=$1
local version="$(getversion)"
local main_ver=${version%%.*}
if [ "$main_ver" == "$code" ]; then
return 0
else
return 1
fi
else
return 1
fi
}
# Pre-installation settings
pre_install() {
# Check OS system
if check_sys sysRelease centos; then
# Not support CentOS 5
if centosversion 5; then
echo -e "[${red}Error${plain}] Not support CentOS 5, please change to CentOS 6 or 7 and try again."
exit 1
fi
else
echo -e "[${red}Error${plain}] Your OS is not supported to run it, please change OS to CentOS and try again."
exit 1
fi
# Check version
check_version
status=$?
if [ ${status} -eq 0 ]; then
echo -e "[${green}Info${plain}] Latest version ${green}${shadows-cks_libev_ver}${plain} has already been installed, nothing to do..."
exit 0
elif [ ${status} -eq 1 ]; then
echo -e "Installed version: ${red}${installed_ver}${plain}"
echo -e "Latest version: ${red}${latest_ver}${plain}"
echo -e "[${green}Info${plain}] Upgrade shadows-cks libev to latest version..."
ps -ef | grep -v grep | grep -i "ss-server" >/dev/null 2>&1
if [ $? -eq 0 ]; then
/etc/init.d/shadows-cks stop
fi
elif [ ${status} -eq 2 ]; then
print_info
get_latest_version
echo -e "[${green}Info${plain}] Latest version: ${green}${shadows-cks_libev_ver}${plain}"
echo
fi
# Set shadows-cks-libev config password
echo "Please enter password for shadows-cks-libev:"
read -p "(Default password: teddysun.com):" shadows-ckspwd
[ -z "${shadows-ckspwd}" ] && shadows-ckspwd="teddysun.com"
echo
echo "---------------------------"
echo "password = ${shadows-ckspwd}"
echo "---------------------------"
echo
# Set shadows-cks-libev config port
while true; do
dport=$(shuf -i 9000-19999 -n 1)
echo -e "Please enter a port for shadows-cks-libev [1-65535]"
read -p "(Default port: ${dport}):" shadows-cksport
[ -z "$shadows-cksport" ] && shadows-cksport=${dport}
expr "${shadows-cksport}" + 1 &>/dev/null
if [ $? -eq 0 ]; then
if [ "${shadows-cksport}" -ge 1 ] && [ "${shadows-cksport}" -le 65535 ] && [ "${shadows-cksport:0:1}" != 0 ]; then
echo
echo "---------------------------"
echo "port = ${shadows-cksport}"
echo "---------------------------"
echo
break
fi
fi
echo -e "[${red}Error${plain}] Please enter a correct number [1-65535]"
done
# Set shadows-cks config stream ciphers
while true; do
echo -e "Please select stream cipher for shadows-cks-libev:"
for ((i = 1; i <= ${#ciphers[@]}; i++)); do
hint="${ciphers[$i - 1]}"
echo -e "${green}${i}${plain}) ${hint}"
done
read -p "Which cipher you'd select(Default: ${ciphers[0]}):" pick
[ -z "$pick" ] && pick=1
expr ${pick} + 1 &>/dev/null
if [ $? -ne 0 ]; then
echo -e "[${red}Error${plain}] Please enter a number"
continue
fi
if [[ "$pick" -lt 1 || "$pick" -gt ${#ciphers[@]} ]]; then
echo -e "[${red}Error${plain}] Please enter a number between 1 and ${#ciphers[@]}"
continue
fi
shadows-ckscipher=${ciphers[$pick - 1]}
echo
echo "---------------------------"
echo "cipher = ${shadows-ckscipher}"
echo "---------------------------"
echo
break
done
echo
echo "Press any key to start...or press Ctrl+C to cancel"
char=$(get_char)
#Install necessary dependencies
echo -e "[${green}Info${plain}] Checking the EPEL repository..."
if [ ! -f /etc/yum.repos.d/epel.repo ]; then
yum install -y -q epel-release
fi
[ ! -f /etc/yum.repos.d/epel.repo ] && echo -e "[${red}Error${plain}] Install EPEL repository failed, please check it." && exit 1
[ ! "$(command -v yum-config-manager)" ] && yum install -y -q yum-utils
if [ x"$(yum-config-manager epel | grep -w enabled | awk '{print $3}')" != x"True" ]; then
yum-config-manager --enable epel
fi
echo -e "[${green}Info${plain}] Checking the EPEL repository complete..."
echo "正在静默安装安装依赖unzip"
yum install -y -q unzip
echo "正在静默安装安装依赖openssl"
yum install -y -q openssl
echo "正在静默安装安装依赖openssl-devel"
yum install -y -q openssl-devel
echo "正在静默安装安装依赖gettext"
yum install -y -q gettext
echo "正在静默安装安装依赖gcc"
yum install -y -q gcc
echo "正在静默安装安装依赖autoconf"
yum install -y -q autoconf
echo "正在静默安装安装依赖libtool"
yum install -y -q libtool
echo "正在静默安装安装依赖automake"
yum install -y -q automake
echo "正在静默安装安装依赖make"
yum install -y -q make
echo "正在静默安装安装依赖asciidoc"
yum install -y -q asciidoc
echo "正在静默安装安装依赖xmlto"
yum install -y -q xmlto
echo "正在静默安装安装依赖libev-devel"
yum install -y -q libev-devel
echo "正在静默安装安装依赖pcre"
yum install -y -q pcre
echo "正在静默安装安装依赖pcre-devel"
yum install -y -q pcre-devel
echo "正在静默安装安装依赖git"
yum install -y -q git
echo "正在静默安装安装依赖c-ares-devel"
yum install -y -q c-ares-devel
}
download() {
local filename=${1}
local cur_dir=$(pwd)
if [ -s "${filename}" ]; then
echo -e "[${green}Info${plain}] ${filename} [found]"
else
echo -e "[${green}Info${plain}] ${filename} not found, download now..."
wget --no-check-certificate -cq -t3 -T60 -O "${1}" "${2}"
if [ $? -eq 0 ]; then
echo -e "[${green}Info${plain}] ${filename} download completed..."
else
echo -e "[${red}Error${plain}] Failed to download ${filename}, please download it to ${cur_dir} directory manually and try again."
exit 1
fi
fi
}
# Download latest shadows-cks-libev
download_files() {
cd "${cur_dir}" || exit
download "${shadows-cks_libev_ver}.tar.gz" "${download_link}"
download "${libsodium_file}.tar.gz" "${libsodium_url}"
download "${mbedtls_file}.tar.gz" "${mbedtls_url}"
download "/etc/init.d/shadows-cks" "${init_script_link}"
}
install_libsodium() {
if [ ! -f /usr/lib/libsodium.a ]; then
cd "${cur_dir}" || exit
tar zxf ${libsodium_file}.tar.gz
cd ${libsodium_file} || exit
./configure --prefix=/usr && make && make install
if [ $? -ne 0 ]; then
echo -e "[${red}Error${plain}] ${libsodium_file} install failed."
exit 1
fi
else
echo -e "[${green}Info${plain}] ${libsodium_file} already installed."
fi
}
install_mbedtls() {
if [ ! -f /usr/lib/libmbedtls.a ]; then
cd "${cur_dir}" || exit
tar zxf "${mbedtls_file}".tar.gz
cd "${mbedtls_file}" || exit
make SHARED=1 CFLAGS=-fPIC
make DESTDIR=/usr install
if [ $? -ne 0 ]; then
echo -e "[${red}Error${plain}] ${mbedtls_file} install failed."
exit 1
fi
else
echo -e "[${green}Info${plain}] ${mbedtls_file} already installed."
fi
}
# Config shadows-cks
config_shadows-cks() {
local server_value="\"0.0.0.0\""
if get_ipv6; then
server_value="[\"[::0]\",\"0.0.0.0\"]"
fi
if [ ! -d /etc/shadows-cks-libev ]; then
mkdir -p /etc/shadows-cks-libev
fi
cat >/etc/shadows-cks-libev/config.json <<-EOF
{
"server":${server_value},
"server_port":${shadows-cksport},
"password":"${shadows-ckspwd}",
"timeout":300,
"user":"nobody",
"method":"${shadows-ckscipher}",
"fast_open":false,
"nameserver":"1.0.0.1",
"mode":"tcp_and_udp"
}
EOF
}
# Firewall set
firewall_set() {
echo -e "[${green}Info${plain}] firewall set start..."
if centosversion 6; then
/etc/init.d/iptables status >/dev/null 2>&1
if [ $? -eq 0 ]; then
iptables -L -n | grep -i "${shadows-cksport}" >/dev/null 2>&1
if [ $? -ne 0 ]; then
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport "${shadows-cksport}" -j ACCEPT
iptables -I INPUT -m state --state NEW -m udp -p udp --dport "${shadows-cksport}" -j ACCEPT
/etc/init.d/iptables save
/etc/init.d/iptables restart
else
echo -e "[${green}Info${plain}] port ${shadows-cksport} has been set up."
fi
else
echo -e "[${yellow}Warning${plain}] iptables looks like shutdown or not installed, please manually set it if necessary."
fi
elif centosversion 7; then
systemctl status firewalld >/dev/null 2>&1
if [ $? -eq 0 ]; then
default_zone=$(firewall-cmd --get-default-zone)
firewall-cmd --permanent --zone="${default_zone}" --add-port="${shadows-cksport}"/tcp
firewall-cmd --permanent --zone="${default_zone}" --add-port="${shadows-cksport}"/udp
firewall-cmd --reload
else
echo -e "[${yellow}Warning${plain}] firewalld looks like not running or not installed, please enable port ${shadows-cksport} manually if necessary."
fi
fi
echo -e "[${green}Info${plain}] firewall set completed..."
}
# Install Shadows-cks-libev
install_shadows-cks() {
install_libsodium
install_mbedtls
ldconfig
cd "${cur_dir}" || exit
tar zxf "${shadows-cks_libev_ver}".tar.gz
cd "${shadows-cks_libev_ver}" || exit
./configure --disable-documentation
make && make install
if [ $? -eq 0 ]; then
chmod +x /etc/init.d/shadows-cks
chkconfig --add shadows-cks
chkconfig shadows-cks on
# Start shadows-cks
/etc/init.d/shadows-cks start
if [ $? -eq 0 ]; then
echo -e "[${green}Info${plain}] Shadows-cks-libev start success!"
else
echo -e "[${yellow}Warning${plain}] Shadows-cks-libev start failure!"
fi
else
echo
echo -e "[${red}Error${plain}] Shadows-cks-libev install failed. please visit https://teddysun.com/357.html and contact."
exit 1
fi
cd "${cur_dir}" || exit
rm -rf "${shadows-cks_libev_ver}" "${shadows-cks_libev_ver}".tar.gz
rm -rf ${libsodium_file} ${libsodium_file}.tar.gz
rm -rf "${mbedtls_file}" "${mbedtls_file}".tar.gz
clear
echo
echo -e "Congratulations, Shadows-cks-libev server install completed!"
echo -e "Your Server IP : \033[41;37m $(get_ip) \033[0m"
echo -e "Your Server Port : \033[41;37m ${shadows-cksport} \033[0m"
echo -e "Your Password : \033[41;37m ${shadows-ckspwd} \033[0m"
echo -e "Your Encryption Method: \033[41;37m ${shadows-ckscipher} \033[0m"
echo
echo "Welcome to visit:https://teddysun.com/357.html"
echo "Enjoy it!"
echo
}
# Install Shadows-cks-libev
install_shadows-cks_libev() {
disable_selinux
pre_install
download_files
config_shadows-cks
firewall_set
install_shadows-cks
}
# Uninstall Shadows-cks-libev
uninstall_shadows-cks_libev() {
clear
print_info
printf "Are you sure uninstall Shadows-cks-libev? (y/n)"
printf "\n"
read -p "(Default: n):" answer
[ -z "${answer}" ] && answer="n"
if [ "${answer}" == "y" ] || [ "${answer}" == "Y" ]; then
ps -ef | grep -v grep | grep -i "ss-server" >/dev/null 2>&1
if [ $? -eq 0 ]; then
/etc/init.d/shadows-cks stop
fi
chkconfig --del shadows-cks
rm -fr /etc/shadows-cks-libev
rm -f /usr/local/bin/ss-local
rm -f /usr/local/bin/ss-tunnel
rm -f /usr/local/bin/ss-server
rm -f /usr/local/bin/ss-manager
rm -f /usr/local/bin/ss-redir
rm -f /usr/local/bin/ss-nat
rm -f /usr/local/lib/libshadows-cks-libev.a
rm -f /usr/local/lib/libshadows-cks-libev.la
rm -f /usr/local/include/shadows-cks.h
rm -f /usr/local/lib/pkgconfig/shadows-cks-libev.pc
rm -f /usr/local/share/man/man1/ss-local.1
rm -f /usr/local/share/man/man1/ss-tunnel.1
rm -f /usr/local/share/man/man1/ss-server.1
rm -f /usr/local/share/man/man1/ss-manager.1
rm -f /usr/local/share/man/man1/ss-redir.1
rm -f /usr/local/share/man/man1/ss-nat.1
rm -f /usr/local/share/man/man8/shadows-cks-libev.8
rm -fr /usr/local/share/doc/shadows-cks-libev
rm -f /etc/init.d/shadows-cks
echo "Shadows-cks-libev uninstall success!"
else
echo
echo "uninstall cancelled, nothing to do..."
echo
fi
}
# Initialization step
action=$1
[ -z "$1" ] && action=install
case "$action" in
install | uninstall)
${action}_shadows-cks_libev
;;
*)
echo "Arguments error! [${action}]"
echo "Usage: $(basename "$0") [install|uninstall]"
;;
esac安装脚本
sh sss install
浙公网安备 33010602011771号