Last active
November 27, 2021 00:45
-
-
Save madeye/efd502a64bbb308d2b34ec824f844051 to your computer and use it in GitHub Desktop.
shadowsocks-setup.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/bin/bash +x | |
| if [ $# -ne 1 ] | |
| then | |
| echo "Usage: `basename $0` [password]" | |
| exit 21 | |
| fi | |
| PASSWORD=$1 | |
| echo iptables-persistent iptables-persistent/autosave_v4 boolean false | debconf-set-selections | |
| echo iptables-persistent iptables-persistent/autosave_v6 boolean false | debconf-set-selections | |
| apt-get update | |
| apt-get -qq -y install --no-install-recommends autoconf automake libtool bind9 byobu fish ipset iptables-persistent git build-essential vim iftop supervisor libssl-dev openssl ca-certificates fail2ban asciidoc xmlto apg libpcre3-dev libc-ares-dev | |
| apt-get -qq -y install --no-install-recommends gettext build-essential autoconf libtool libpcre3-dev asciidoc xmlto libev-dev libc-ares-dev automake libmbedtls-dev libsodium-dev | |
| git config --global http.sslVerify false | |
| cd ~ | |
| git clone https://github.com/shadowsocks/shadowsocks-libev | |
| cd shadowsocks-libev | |
| git submodule update --init | |
| ./autogen.sh | |
| ./configure | |
| make -j4 && make install | |
| cat << EOF >> /etc/sysctl.conf | |
| fs.file-max = 51200 | |
| net.core.rmem_max = 67108864 | |
| net.core.wmem_max = 67108864 | |
| net.core.netdev_max_backlog = 250000 | |
| net.core.somaxconn = 4096 | |
| net.ipv4.tcp_syncookies = 1 | |
| net.ipv4.tcp_tw_reuse = 1 | |
| net.ipv4.tcp_tw_recycle = 0 | |
| net.ipv4.tcp_fin_timeout = 30 | |
| net.ipv4.tcp_keepalive_time = 1200 | |
| net.ipv4.ip_local_port_range = 10000 65000 | |
| net.ipv4.tcp_max_syn_backlog = 8192 | |
| net.ipv4.tcp_max_tw_buckets = 5000 | |
| net.ipv4.tcp_fastopen = 3 | |
| net.ipv4.tcp_mem = 25600 51200 204800 | |
| net.ipv4.tcp_rmem = 4096 87380 67108864 | |
| net.ipv4.tcp_wmem = 4096 65536 67108864 | |
| net.ipv4.tcp_mtu_probing = 1 | |
| net.ipv4.neigh.default.gc_thresh1 = 512 | |
| net.ipv4.neigh.default.gc_thresh2 = 1024 | |
| net.ipv4.neigh.default.gc_thresh3 = 2048 | |
| net.netfilter.nf_conntrack_max = 1048576 | |
| net.ipv4.tcp_max_orphans = 65536 | |
| net.ipv4.tcp_orphan_retries = 1 | |
| EOF | |
| cat << EOF >> /etc/default/supervisor | |
| ulimit -n 51200 | |
| EOF | |
| cat << EOF > /etc/supervisor/conf.d/ss.conf | |
| [program:ss-server-1] | |
| command=/usr/local/bin/ss-server -s 0.0.0.0 -p 23 -m rc4-md5 -k $PASSWORD -n 51200 -u | |
| autorestart=true | |
| user=root | |
| [program:ss-server-2] | |
| command=/usr/local/bin/ss-server -s 0.0.0.0 -p 20 -m chacha20 -k $PASSWORD -n 51200 -u | |
| autorestart=true | |
| user=root | |
| EOF | |
| echo "net.core.default_qdisc=fq" | sudo tee --append /etc/sysctl.conf | |
| echo "net.ipv4.tcp_congestion_control=bbr" | sudo tee --append /etc/sysctl.conf | |
| sysctl -p |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment