How to Manually Install the Modified SSR Backend

The SSR server requires Centos 6 (64-bit recommended);

Install the basic components and the SSR backend

yum -y install python-setuptools && easy_install pip
easy_install pip==9.0.3
pip install cymysql speedtest-cli
yum install git
Don’t want to enter it line by line? Enter this instead:
yum -y install python-setuptools && easy_install pip && pip install cymysql speedtest-cli && yum install git

Support for the CHACHA20 encryption method:

If you want to use the standard salsa20, chacha20, or chacha20 IETF algorithms, please install libsodium:

yum -y groupinstall "Development Tools"
wget https://github.com/jedisct1/libsodium/releases/download/1.0.13/libsodium-1.0.13.tar.gz
tar xf libsodium-1.0.13.tar.gz && cd libsodium-1.0.13
./configure && make -j2 && make install
echo /usr/local/lib > /etc/ld.so.conf.d/usr_local_lib.conf
ldconfig
rm -rf /root/libsodium-1.0.13.tar.gz
cd /root
Don’t want to enter it line by line? Enter this below:
yum -y groupinstall "Development Tools" && wget https://github.com/jedisct1/libsodium/releases/download/1.0.13/libsodium-1.0.13.tar.gz && tar xf libsodium-1.0.13.tar.gz && cd libsodium-1.0.13 && ./configure && make -j2 && make install && echo /usr/local/lib > /etc/ld.so.conf.d/usr_local_lib.conf && ldconfig && rm -rf /root/libsodium-1.0.13.tar.gz && cd /root

(If it prompts cannot import name
OrderedDict, you may need to patch the server: third-party plugin
ordereddict easy_install ordereddict )

Download the program source code

git clone -b manyuser https://github.com/glzjin/shadowsocks.git

Enter the Shadowsocks directory and install the dependencies

yum -y install python-devel
yum -y install libffi-devel
yum -y install openssl-devel

For Debian, do not run the command below; just run pip install cymysql

pip install -r requirements.txt

Configure the program

First get your configuration files

cd shadowsocks
cp apiconfig.py userapiconfig.py
cp config.json user-config.json

Edit parameters

Then mainly edit userapiconfig.py; you only need to modify the following 2
major categories

#The node ID must match the ID assigned to the node you added on your website!
NODE_ID = 1
#You must fill this in here: either choose the database or choose httpapi (most people use the database; not sure how to set up httpapi, lol)
API_INTERFACE = 'glzjinmod' #glzjinmod (connect via database), modwebapi (http api)
#MySQL database connection information
MYSQL_HOST = '127.0.0.1'
MYSQL_PORT = 3306
MYSQL_USER = 'ss'
MYSQL_PASS = 'ss'
MYSQL_DB = 'shadowsocks'
MYSQL_UPDATE_TIME = 60
#Although this is optional, it is still recommended to change 127.0.0.1 to this server's IP address
# Manager (ignore this)
MANAGE_PASS = 'ss233333333'
#if you want manage in other server you should set this value to global ip
MANAGE_BIND_IP = '127.0.0.1'
#make sure this port is idle
MANAGE_PORT = 23333

Start Running

At this point, you’re basically done. Next are auto-start and optimization.

Test whether there are any errors on the server side

cd /root/shadowsocks
python server.py

If an error is reported, then take another careful look to see exactly where the problem is.

If the error (1042, u”Can’t get hostname for your address”) appears

In my.cnf, under the [mysqld] section
add

skip-name-resolve

#Access by ignoring the hostname
If after adding it and restarting you still get the prompt 1042, u”Can’t get hostname for your address”, then directly modify hosts, delete everything in hosts, and then enter

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

Let’s optimize it

Edit /etc/security/limits.conf
Add the following at the end

* soft nofile 51200
* hard nofile 51200

Then run the following before starting

ulimit -n 51200

Then edit /etc/sysctl.conf

fs.file-max = 51200
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.core.netdev_max_backlog = 250000
net.core.somaxconn = 4096
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 10000 65000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.ipv4.tcp_mtu_probing = 1

Run sysctl -p to make it take effect.

Here, the configuration of  supervisord  under  centos 6 x64  is used as an example.

rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm --quiet
yum install supervisor python-pip -y
pip install supervisor==3.1
chkconfig supervisord on
wget https://github.com/glzjin/ssshell-jar/raw/master/supervisord.conf -O /etc/supervisord.conf
wget https://github.com/glzjin/ssshell-jar/raw/master/supervisord -O /etc/init.d/supervisord

Edit the last section of  /etc/supervisord.conf  and change it to the following, using /root/shadowsocks/  as an example

[program:mu]
command=python /root/shadowsocks/server.py
directory=/root/shadowsocks
autorestart=true
startsecs=10
startretries=36
redirect_stderr=true
user=root ; setuid to this UNIX account to run the program
log_stdout=true ; if true, log program stdout (default true)
log_stderr=true ; if true, log program stderr (def false)
logfile=/var/log/mu.log ; child log path, use NONE for none; default AUTO
;logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
;logfile_backups=10 ; # of logfile backups (default 10)

Edit /etc/init.d/supervisord and add ulimit -n 51200 between these two lines

echo -n $"Starting supervisord: "
ulimit -n 51200
daemon supervisord -c /etc/supervisord.conf

Then

service supervisord start #start the daemon

Other commands

Speed test

speedtest-cli

Disable the firewall

chkconfig iptables off
service iptables stop

About upgrading

cd shadowsocks
git pull

Supplement:

userapiconfig.py, an explanation of what each configuration item means

# Config

#Node ID

NODE_ID = 1

#Automatic speed testing; set to 0 to disable testing. The unit here is hours, and it should match the number of hours set in ss-panel

SPEEDTEST = 6

#Cloud security; automatically reports and downloads banned IPs. 1 to enable, 0 to disable

CLOUDSAFE = 1

#Automatically ban IPs with incorrect SS passwords or encryption methods. 1 to enable, 0 to disable

ANTISSATTACK = 0

#Whether to accept commands issued by the upstream. If you want to use this command, please refer to what I wrote before. Put the public key in
ssshell.asc
under the directory

AUTOEXEC = 1

Multi-port single-user setting; see the major update notes.

MU_SUFFIX = ‘zhaoj.in’

Multi-port single-user setting; see the major update notes.

MU_REGEX = ‘%5m%id.%suffix’

#Sounds impressive, but unclear

SERVER_PUB_ADDR = ‘127.0.0.1’ # mujson_mgr need this to
generate ssr link

#How to access the panel

API_INTERFACE = ‘glzjinmod’ #glzjinmod
(connect via database), modwebapi (http api)

#mudb, ignore it

MUDB_FILE = ‘mudb.json’

# Information related to the HTTP API, see the major update notes.

WEBAPI_URL = ‘https://zhaoj.in’

WEBAPI_TOKEN = ‘glzjin’

# MySQL database connection information

MYSQL_HOST = ‘127.0.0.1’

MYSQL_PORT = 3306

MYSQL_USER = ‘ss’

MYSQL_PASS = ‘ss’

MYSQL_DB = ‘shadowsocks’

# Whether to enable SSL connection, 0 for off, 1 for on

MYSQL_SSL_ENABLE = 0

# Client certificate directory, see https://github.com/glzjin/shadowsocks/wiki/Mysql-SSL%E9%85%8D%E7%BD%AE

MYSQL_SSL_CERT = ‘/root/shadowsocks/client-cert.pem’

MYSQL_SSL_KEY = ‘/root/shadowsocks/client-key.pem’

MYSQL_SSL_CA = ‘/root/shadowsocks/ca.pem’

# API, ignore it

API_HOST = ‘127.0.0.1’

API_PORT = 80

API_PATH = ‘/mu/v2/’

API_TOKEN = ‘abcdef’

API_UPDATE_TIME = 60

# Manager, ignore it

MANAGE_PASS = ‘ss233333333’

#if you want manage in other server you should set this
value to global ip

MANAGE_BIND_IP = ‘127.0.0.1’

#make sure this port is idle

MANAGE_PORT = 23333

#Security setting, required to limit the number of online IPs.
Set the parameter below randomly, and keep it consistent across all nodes.

IP_MD5_SALT = ‘randomforsafety’

Leave a Comment

Your email address will not be published. Required fields are marked *

中文 EN
🚀

RedGate VPN

免费节点太挤太慢?
升级高速稳定专线

立即体验 →

告别卡顿

RedGate VPN
全球高速节点

免费下载 →
Scroll to Top