1 Dependencies and environment configuration
1.1 Upgrade yum
$ yum update
1.2 Install screen
$ yum install screen
Details about screen
: http://www.vpser.net/manage/screen.html
1.3 Install wget
wget
It is a tool for downloading files under Linux. Here we use it to download the lnmp one-click installation package later. The way to install wget is:
$ yum -y install wget
1.4 Install LNMP
- New screen:
screen -S lnmp
- Download and execute the
LNMP
installation package: http://lnmp.org/install.html
1.5 Install Python, Python-setuptools and pip
- Python is already built-in in CentOS, so there is no need to install it;
- Install Python-setuptools and pip:
$ yum install python-setuptools && easy_install pip
2 Install Shadowsocks
This part is about how to install the single-user version of Shadowsocks. If you want to install the multi-user version of Shadowsocks, you can skip this part and skip to Part 3 directly.
2.1 Install Shadowsocks
$ pip install shadowsocks
2.2 Create Shadowsocks configuration file
$ vi /etc/shadowsocks.json
2.3 Start Shadowsocks
$ ssserver -p 8000 -k password -m rc4-md5 -d start
2.4 Stop Shadowsocks
$ sudo ssserver -d stop
2.5 Check Shadowsocks logs
$ sudo less /var/log/shadowsocks.log
2.6 Start Shadowsocks with a configuration file
$ ssserver -c /etc/shadowsocks.json -d start
$ ssserver -c /etc/shadowsocks.json -d stop
3 Configure ss-panel
The detailed steps of this part of the installation can be referred to:
- https://prinzeugen.net/build-shadowsocks-sharing-site-with-ss-panel/
- https://sspanel.xyz/docs/intro/installation
3.1 Download ss-panel source code
In the site root directory:
$ git clone https://github.com/orvice/ss-panel.git
The directory structure after clone needs to ensure that the /public
directory is in the root directory of the site. $ mv ss-panel/{.,}* ./
The subdirectory contents can be moved to the current directory using the command in the root directory.
3.2 Server Configuration
root /home/www/ss-panel/public;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
Remember to restart the nginx service after editing.
3.3 Install Composer and execute
- Download and install Composer in the root directory:
% curl -sS https://getcomposer.org/installer | php
- Make Composer globally callable:
% mv composer.phar /usr/local/bin/composer
Once the global call is set up, Composer can be used later by simply running a composer
command without typing php composer.phar
.
After installing and configuring Composer, execute it in the root directory:
$ php composer install
3.4 Create database and import
Create the ss-panel database in Mysql and import it in the root directory db.sql
.
3.5 Configuring the .env file
Execute in the root directory $ cp .env.example .env
, .env.example
rename a copy to .env
, and then modify the database and other configurations in it.
In the .env
file, you need to modify the muKey
field to any string (preferably only contains ASCII characters), and the backend needs to use this muKey:
muKey = 'api_key_just_for_test'
3.6 Set storage directory permissions
chmod -R 777 storage
3.7 Configure administrator account
$ php xcat createAdmin
4 department shadowsocks-manyuser
4.1 Download shadowsocks-manyuser
$ git clone https://github.com/fsgmhoward/shadowsocks-py-mu.git
After clone, the shadowsocks
subdirectory is what we need, and the outside is setup.py
related files.
4.2 Placement shadowsocks-manyuser
Enter the shadowsocks
directory and config_example.py
copy a copy to config.py
:
$ cp config_example.py config.py
Modify the contents of lines 15 and 29~31:
# 启用 MultiUser API
API_ENABLED = True
# 就是在你的站点地址后面加个 /mu
API_URL = 'http://ss.prinzeugen.net/mu'
# 还记得上面在 .env 中填写的 muKey 吗?把它填在这里
API_PASS = 'api_key_just_for_test'
Since it is used Mu API
to communicate with the front end, do not modify config.py
any configuration about the database.
4.3 Running the ss-manyuser service
$ python servers.py
ss-panel
The ports assigned to newly registered users are the port number of the user with id-1 + 1. For example, the port of the admin user (uid is 1) is 12450, then the port of the new user registered later will be 12451, and 12452 will be incremented.
4.4 Firewall Configuration
$ iptables -I INPUT -p tcp -m tcp --dport 端口号 -j ACCEPT
$ iptables-save
If registration is open, iptables needs to be configured like this:
# 注意是半角冒号,意为允许 12450 及以上的端口
# 也可以指定 12450:15550 这样的范围
$ iptables -I INPUT -p tcp -m tcp --dport 12450: -j ACCEPT
/etc/sysconfig/iptables
You need to edit the file if you want firewall rules to be written to the system to prevent reconfiguration after every reboot .
5 Configure supervisor
monitoring ss-manyuser
5.1 Installation supervisor
$ easy_install supervisor
5.2 Initialize the supervisor configuration file
$ echo_supervisord_conf > /etc/supervisord.conf
5.3 Configure supervisor to monitor ss-manyuser running
[program:ss-manyuser]
command = python /root/shadowsocks-py-mu/shadowsocks/servers.py
user = root
autostart = true
autorestart = true
- command is the running command of ss;
- user is the user who executed the command;
- autostart and autoresart refer to automatic start and automatic restart;
5.4 Running the supervisor
运行的时候使用-c指定配置文件
supervisord -c /etc/supervisord.conf
如果不指定配置文件
supervisord
则配置文件会依次在下面的文件夹中寻找
$CWD/supervisord.conf
$CWD/etc/supervisord.conf
# /etc/supervisord.conf
The state of shadowsock-manyuser can be managed by the following commands
$ supervisorctl {start|stop|restart} ss-manyuser
5.5 Update configuration file
$ supervisorctl update //更新配置文件
$ killall -HUP supervisord //重启 supervisor 服务以加载配置
5.6 Add supervisor to startup process
$ vi /etc/rc.local
supervisord -c /etc/supervisord.conf
或
supervisord
5.7 View system processes
- View all processes:
$ ps -ef
- View progress by filtering keywords:
$ ps -ef | grep keyword