proxmox-utils/shadow/templates/root/update-shadowsocks.sh

#!/usr/bin/bash
#
# NOTE: re-run this if the IP/PORT change...
#
# XXX should this be a makefile???

ENDPOINT=${ENDPOINT}
ENDPOINT_PORT=${ENDPOINT_PORT}
ENCRYPTION=aes-256-gcm


# get the current IP...
HOST_IP=$(ip addr show dev lan \
	| grep 'inet ' \
	| cut -d ' ' -f 6 \
	| cut -d '/' -f 1)


USER=shadowsocks
SCRIPT=shadowsocks
SERVER_CONFIG=shadowsocks-server.config
CLIENT_CONFIG=shadowsocks-client.config


# System and dependencies...

if ! which ssserver > /dev/null ; then
	#setup-apkrepos -cf
	# add edge repos...
	sed \
		-e '/v3\.\d*/{p;s|v3\.\d*|edge|}' \
		-i /etc/apk/repositories
	apk update
	apk add shadowsocks-rust libqrencode
fi

# user...
if ! [ -e /home/$USER ] ; then
	adduser -D -s /sbin/nologin $USER
fi


# Configuration/scripts...

cd /home/$USER


# get/generate password...
if [ -e /home/$USER/$SERVER_CONFIG ] ; then
	PASSWD=$(cat /home/$USER/$SERVER_CONFIG \
		| grep password \
		| cut -d '"' -f 4)
else
	PASSWD=$(ssservice genkey -m "$ENCRYPTION")
fi


# /home/$USER/$SERVER_CONFIG
cat > $SERVER_CONFIG << EOF
{
	"server": "${HOST_IP}",
	"server_port": 8388,
	"password": "${PASSWD}",
	"method": "${ENCRYPTION}"
}
EOF
chown $USER:$USER $SERVER_CONFIG
chmod 600 $SERVER_CONFIG


# /home/$USER/$CLIENT_CONFIG
cat > $CLIENT_CONFIG << EOF
{
	"server": "$ENDPOINT",
	"server_port": $ENDPOINT_PORT,
	"password": "${PASSWD}",
	"method": "${ENCRYPTION}"
	"local_address": "127.0.0.1",
    "local_port": 1080
}
EOF
chown $USER:$USER $SERVER_CONFIG
chmod 600 $SERVER_CONFIG

# Print profile QRCode...
PROFILE="ss://$PASSWD@$ENDPOINT:$ENDPOINT_PORT#shadow @ $ENDPOINT"
echo "# Profile:"
qrencode -t UTF8 "$PROFILE"
echo "$PROFILE"
echo


# /home/$USER/$SCRIPT
cat > $SCRIPT << EOF
#!/sbin/openrc-run

command="ssserver"
command_args="-c /home/$USER/$SERVER_CONFIG"
command_user=$USER

pidfile="/run/\$SVCNAME.pid"
command_background=true

# Debug
#output_log="/home/$USER/\$SVCNAME.log"
#error_log="/home/$USER/\$SVCNAME.err"

depend() {
	need net
}
EOF
chown $USER:$USER $SCRIPT
chmod +x $SCRIPT


# Setup the service...

ln -s /home/$USER/$SCRIPT /etc/init.d/$SCRIPT
if ! [ -e /etc/runlevels/default/$SCRIPT ] ; then
	rc-update add $SCRIPT default
fi
rc-service $SCRIPT restart


# vim:set ts=4 sw=4 :
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00			`#!/usr/bin/bash`
			`#`
			`# NOTE: re-run this if the IP/PORT change...`
			`#`
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00			`# XXX should this be a makefile???`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`ENDPOINT=${ENDPOINT}`
			`ENDPOINT_PORT=${ENDPOINT_PORT}`
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00			`ENCRYPTION=aes-256-gcm`

added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00			`# get the current IP...`
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`HOST_IP=$(ip addr show dev lan \`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00			`\| grep 'inet ' \`
			`\| cut -d ' ' -f 6 \`
			`\| cut -d '/' -f 1)`
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00
			`USER=shadowsocks`
			`SCRIPT=shadowsocks`
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`SERVER_CONFIG=shadowsocks-server.config`
			`CLIENT_CONFIG=shadowsocks-client.config`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00

			`# System and dependencies...`

			`if ! which ssserver > /dev/null ; then`
			`#setup-apkrepos -cf`
			`# add edge repos...`
			`sed \`
			`-e '/v3\.\d/{p;s\|v3\.\d\|edge\|}' \`
			`-i /etc/apk/repositories`
			`apk update`
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00			`apk add shadowsocks-rust libqrencode`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00			`fi`

			`# user...`
			`if ! [ -e /home/$USER ] ; then`
			`adduser -D -s /sbin/nologin $USER`
			`fi`



			`# Configuration/scripts...`

			`cd /home/$USER`


			`# get/generate password...`
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`if [ -e /home/$USER/$SERVER_CONFIG ] ; then`
			`PASSWD=$(cat /home/$USER/$SERVER_CONFIG \`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00			`\| grep password \`
			`\| cut -d '"' -f 4)`
			`else`
			`PASSWD=$(ssservice genkey -m "$ENCRYPTION")`
			`fi`


added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`# /home/$USER/$SERVER_CONFIG`
			`cat > $SERVER_CONFIG << EOF`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00			`{`
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`"server": "${HOST_IP}",`
			`"server_port": 8388,`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00			`"password": "${PASSWD}",`
			`"method": "${ENCRYPTION}"`
			`}`
			`EOF`
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`chown $USER:$USER $SERVER_CONFIG`
			`chmod 600 $SERVER_CONFIG`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`# /home/$USER/$CLIENT_CONFIG`
			`cat > $CLIENT_CONFIG << EOF`
			`{`
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00			`"server": "$ENDPOINT",`
			`"server_port": $ENDPOINT_PORT,`
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`"password": "${PASSWD}",`
			`"method": "${ENCRYPTION}"`
			`"local_address": "127.0.0.1",`
			`"local_port": 1080`
			`}`
			`EOF`
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00			`chown $USER:$USER $SERVER_CONFIG`
			`chmod 600 $SERVER_CONFIG`

			`# Print profile QRCode...`
minor tweak... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 15:17:09 +03:00			`PROFILE="ss://$PASSWD@$ENDPOINT:$ENDPOINT_PORT#shadow @ $ENDPOINT"`
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00			`echo "# Profile:"`
minor tweak... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 15:17:09 +03:00			`qrencode -t UTF8 "$PROFILE"`
			`echo "$PROFILE"`
			`echo`
cleanup... needs more testing.. Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-31 14:28:17 +03:00
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00
			`# /home/$USER/$SCRIPT`
			`cat > $SCRIPT << EOF`
			`#!/sbin/openrc-run`

			`command="ssserver"`
added user config... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-27 17:39:44 +03:00			`command_args="-c /home/$USER/$SERVER_CONFIG"`
added shadowsocks proxy server... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2024-03-26 14:04:43 +03:00			`command_user=$USER`

			`pidfile="/run/\$SVCNAME.pid"`
			`command_background=true`

			`# Debug`
			`#output_log="/home/$USER/\$SVCNAME.log"`
			`#error_log="/home/$USER/\$SVCNAME.err"`

			`depend() {`
			`need net`
			`}`
			`EOF`
			`chown $USER:$USER $SCRIPT`
			`chmod +x $SCRIPT`



			`# Setup the service...`

			`ln -s /home/$USER/$SCRIPT /etc/init.d/$SCRIPT`
			`if ! [ -e /etc/runlevels/default/$SCRIPT ] ; then`
			`rc-update add $SCRIPT default`
			`fi`
			`rc-service $SCRIPT restart`



			`# vim:set ts=4 sw=4 :`