From e3b381cafac32b9e70508662f1a96c87da43069a Mon Sep 17 00:00:00 2001 From: "Alex A. Naanou" Date: Tue, 26 Mar 2024 14:04:43 +0300 Subject: [PATCH] added shadowsocks proxy server... Signed-off-by: Alex A. Naanou --- shadow/assets/root/.update-shadowsocks.sh.swp | Bin 0 -> 12288 bytes shadow/assets/root/update-shadowsocks.sh | 100 ++++++++++++++++++ shadow/make.sh | 90 ++++++++++++++++ 3 files changed, 190 insertions(+) create mode 100644 shadow/assets/root/.update-shadowsocks.sh.swp create mode 100644 shadow/assets/root/update-shadowsocks.sh create mode 100755 shadow/make.sh diff --git a/shadow/assets/root/.update-shadowsocks.sh.swp b/shadow/assets/root/.update-shadowsocks.sh.swp new file mode 100644 index 0000000000000000000000000000000000000000..529d6206b3bd2d99e0c8631d0bf60cdfeae92110 GIT binary patch literal 12288 zcmeI2PiP!f9LHa)Vz)K5Sn%NKm)V6)Y-cBF(-70HSkhF3G#j&NB^U{lnYX(`c4vlp zZ#D@@)PrF0&%u)*75^N1@uGN93l&jN!79arCl8)%wTf3S;`hzW{%O(RNvOPm&kp;3 zzxlo2`_Aw8VA;1aa&G1fJyaTHxDGIO=-u75=PpgK*S;NKwdLl9zpe~BU+bf_ogFgk zGig9;Er?dFFbdXN!MYhsuPH3iu-#zIvW4JMSWys2D-K;-ax=Avz*!X~(fC*MXeX_J zR^S!|Vp%gM2H4Rfqa(_aHwNk8eP?fR(qFX#S^=$qRzNGD70?Q31+)TMf&a4tGTgm;5Jmi#t;7CJ&aw= zA$k1&-}(Lj`@M|)20jI!fXm<_I1k#u24}z&I1CPf2f*Fn*Zqv$0Kb55z!h*2yb88J z3@Ts@41xV%AJ_{R_;CR9flJ_H@DcbBya6tNSHR2QB@lwgK@l7Tf8N8`AK+{775EZ- z0p14}!0X_7unL|4<6sPofcwFn;0~}G+}Ow1_uzBz8F&x82-ZLwEP|8Z5ikJ`fa`l1 zy9Ry$-+`;(3itrL1KtL2fj7Z<@B&x_MX(3l1%Af6xDKv?pFr|%Zo}HrDQg9^0$KsB zfL1^&@E<9Vr?%Ic#4$>eqC7@o4Ih(g?#M9(kJ_HYsZgDopP5^rhzn^)lGQwxgE>8M zNw({DJzQS1P2T1>xS2Uvosdt{agq)0v!+j`Agd9yxK%h? zou2QyBoRE{lO?w^hVy7t8pWurfPiZWY%bGI2o)*JfzM-Xo=;zp_Q`z^^-{kAM{At zA^kOd=H+QEMF- zWDt2=C=;im)jqmZT5=z>HpAm$EBms=-8$deE-Ezz8WgvDGM5_1R)i=jja(jkR~(uM zos5y`)Y3()H9V(5ow`SPWAkZSe%x$!_8hf~YzWC)gpQ=N`?>ERu~f43Wt96CS8@`8 zS=tNz7N+*Bn+8~~e#$l%=8)3usf*_F+w`CfOUEIEuJ0X=W~2QXZz+%EI&{1XPU=A5Rb} gQSGBMbC$}DoQCb!x$=kmpcRYAQrpFfjq~(>0W4-Zc>n+a literal 0 HcmV?d00001 diff --git a/shadow/assets/root/update-shadowsocks.sh b/shadow/assets/root/update-shadowsocks.sh new file mode 100644 index 0000000..a75eac1 --- /dev/null +++ b/shadow/assets/root/update-shadowsocks.sh @@ -0,0 +1,100 @@ +#!/usr/bin/bash +# +# NOTE: re-run this if the IP/PORT change... +# + +# get the current IP... +HOST=$(ip addr show dev lan \ + | grep 'inet ' \ + | cut -d ' ' -f 6 \ + | cut -d '/' -f 1) +PORT=5555 +ENCRYPTION=aes-256-gcm + +USER=shadowsocks +SCRIPT=shadowsocks +CONFIG=shadowsocks.config + + +# System and dependencies... + +if ! which ssserver > /dev/null ; then + #setup-apkrepos -cf + # add edge repos... + sed \ + -e '/v3\.\d*/{p;s|v3\.\d*|edge|}' \ + -i /etc/apk/repositories + apk update + apk add shadowsocks-rust +fi + +# user... +if ! [ -e /home/$USER ] ; then + adduser -D -s /sbin/nologin $USER +fi + + + +# Configuration/scripts... + +cd /home/$USER + + +# get/generate password... +if [ -e /home/$USER/$CONFIG ] ; then + PASSWD=$(cat /home/$USER/$CONFIG \ + | grep password \ + | cut -d '"' -f 4) +else + PASSWD=$(ssservice genkey -m "$ENCRYPTION") +fi + + +# /home/$USER/$CONFIG +cat > $CONFIG << EOF +{ + "server": "${HOST}", + "server_port": ${PORT}, + "password": "${PASSWD}", + "method": "${ENCRYPTION}" +} +EOF +chown $USER:$USER $CONFIG +chmod 600 $CONFIG + + +# /home/$USER/$SCRIPT +cat > $SCRIPT << EOF +#!/sbin/openrc-run + +command="ssserver" +command_args="-c /home/$USER/$CONFIG" +command_user=$USER + +pidfile="/run/\$SVCNAME.pid" +command_background=true + +# Debug +#output_log="/home/$USER/\$SVCNAME.log" +#error_log="/home/$USER/\$SVCNAME.err" + +depend() { + need net +} +EOF +chown $USER:$USER $SCRIPT +chmod +x $SCRIPT + + + +# Setup the service... + +ln -s /home/$USER/$SCRIPT /etc/init.d/$SCRIPT +if ! [ -e /etc/runlevels/default/$SCRIPT ] ; then + rc-update add $SCRIPT default +fi +rc-service $SCRIPT restart + + + +# vim:set ts=4 sw=4 : diff --git a/shadow/make.sh b/shadow/make.sh new file mode 100755 index 0000000..6d5882c --- /dev/null +++ b/shadow/make.sh @@ -0,0 +1,90 @@ +#!/usr/bin/bash +#---------------------------------------------------------------------- + +cd $(dirname $0) +PATH=$PATH:$(dirname "$(pwd)") + + +#---------------------------------------------------------------------- + +source ../.pct-helpers + + +#---------------------------------------------------------------------- + +readConfig + + +#---------------------------------------------------------------------- + +DFL_ID=${DFL_ID:=1010} +DFL_CTHOSTNAME=${DFL_CTHOSTNAME:=shadow} + +DFL_CORES=${DFL_CORES:=1} +DFL_RAM=${DFL_RAM:=256} +DFL_SWAP=${DFL_SWAP:=${DFL_RAM}} +DFL_DRIVE=${DFL_DRIVE:=0.5} + +WAN_IP=SKIP +WAN_GATE=SKIP +ADMIN_IP=SKIP +ADMIN_GATE=SKIP +LAN_IP=SKIP +LAN_GATE=SKIP + +REBOOT=${REBOOT:=1} + +readVars + + +USER=shadowsocks + + +#---------------------------------------------------------------------- + +INTERFACES=( + "name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth" +) + +OPTS_STAGE_2="\ + --onboot 1 \ +" + + +#---------------------------------------------------------------------- + +echo "# Building config..." +buildAssets + +echo "# Creating CT..." +pctCreateAlpine $ID "$PASS" + +echo "# Installing dependencies..." +@ lxc-attach $ID -- \ + sed \ + -e '/v3\.\d*/{p;s|v3\.\d*|edge|}' \ + -i /etc/apk/repositories +@ lxc-attach $ID apk add bash logrotate shadowsocks-rust + + +echo "# Copying assets..." +pctPushAssets $ID + + +echo "# Generating/updating config and server script..." +@ lxc-attach $ID bash /root/update-shadowsocks.sh + + +echo "# Post config..." +pctSet $ID "${OPTS_STAGE_2}" $REBOOT +pctSetNotes $ID + +saveLastRunConfig + +showNotes +echo "# Done." + + + +#---------------------------------------------------------------------- +# vim:set ts=4 sw=4 :