CENTOS7上部署魔改版后端
1.更新yum源yum update
2.添加epel源yum install -y epel-release
3.安装git等yum install -y git
yum install -y wget
yum install python-setuptools && easy_install
pip
4.安装 libsodium _备注:如果不适用chacha20 方式可以省略此步骤
yum -y groupinstall "Development Tools"
wget https://github.com/jedisct1/libsodium/releases/download/1.0.13/libsodium-1.0.13.tar.gz
tar xf libsodium-1.0.13.tar.gz && cd libsodium-1.0.13
./configure && make -j2 && make install
echo /usr/local/lib > /etc/ld.so.conf.d/usr_local_lib.conf
ldconfig
下载程序源代码并安装依赖
git clone https://github.com/wggwcn/ssr_manyu.git
cd ssr_manyu
yum -y install python-devel
yum -y install libffi-devel
yum -y install openssl-devel
pip install -r requirements.txt
主要编辑 userapiconfig.py ,来解释下里面各项配置的意思
# Config
#节点ID
NODE_ID = 1
#自动化测速,为0不测试,此处以小时为单位,要和 ss-panel 设置的小时数一致
SPEEDTEST = 6
#云安全,自动上报与下载封禁IP,1为开启,0为关闭
CLOUDSAFE = 1
#自动封禁SS密码和加密方式错误的 IP,1为开启,0为关闭
ANTISSATTACK = 0
#是否接受上级下发的命令,如果你要用这个命令,请参考我之前写的东西,公钥放在目录下的 ssshell.asc
AUTOEXEC = 1
多端口单用户设置,看重大更新说明。
MU_SUFFIX = 'zhaoj.in'
多端口单用户设置,看重大更新说明。
MU_REGEX = '%5m%id.%suffix'
#不明觉厉
SERVER_PUB_ADDR = '127.0.0.1' # mujson_mgr need this to generate ssr link
#访问面板方式
`API_INTERFACE = 'glzjinmod' #glzjinmod (数据库方式连接),modwebapi (http api)
#mudb,不要管
MUDB_FILE = 'mudb.json'
# HTTP API 的相关信息,看重大更新说明。
WEBAPI_URL = 'https://zhaoj.in'
WEBAPI_TOKEN = 'glzjin'
# Mysql 数据库连接信息
MYSQL_HOST = '127.0.0.1'
MYSQL_PORT = 3306
MYSQL_USER = 'ss'
MYSQL_PASS = 'ss'
MYSQL_DB = 'shadowsocks'
# 是否启用SSL连接,0为关,1为开
MYSQL_SSL_ENABLE = 0
# 客户端证书目录,请看 https://github.com/glzjin/shadowsocks/wiki/Mysql-SSL%E9%85%8D%E7%BD%AE
MYSQL_SSL_CERT = '/root/shadowsocks/client-cert.pem'
MYSQL_SSL_KEY = '/root/shadowsocks/client-key.pem'
MYSQL_SSL_CA = '/root/shadowsocks/ca.pem'
# API,不用管
API_HOST = '127.0.0.1'
API_PORT = 80
API_PATH = '/mu/v2/'
API_TOKEN = 'abcdef'
API_UPDATE_TIME = 60
# Manager 不用管
MANAGE_PASS = 'ss233333333'
#if you want manage in other server you should set this value to global ip
MANAGE_BIND_IP = '127.0.0.1'
#make sure this port is idle
MANAGE_PORT = 23333
#安全设置,限制在线 IP 数所需,下面这个参数随机设置,并且所有节点需要保持一致。
IP_MD5_SALT = 'randomforsafety'
运行的话,有几种方式。
- python server.py 用于调错的
- /run.sh 无日志后台运行
- /logrun.sh 有日志后台运行
- supervisord
优化
wget https://raw.githubusercontent.com/wggwcn/ssr_manyu/master/centos7/limits.conf -O /etc/security/limits.conf && ulimit -n 51200
wget https://raw.githubusercontent.com/wggwcn/ssr_manyu/master/centos7/sysctl.conf -O /etc/sysctl.conf && sysctl -p
wget https://raw.githubusercontent.com/wggwcn/ssr_manyu/master/centos7/systemd-supervisor.service -O /usr/lib/systemd/system/systemd-supervisor.service
编辑supervisord配置文件
安装supervisor
yum install supervisor python-pip -y
pip install supervisor==3.1
编辑 /etc/supervisord.conf 最后一段改成如下的,以 /root/shadowsocks/ 为例
[program:mu]
command=python /root/ssr_manyu/server.py
directory=/root/ssr_manyu
autorestart=true
startsecs=10
startretries=36
redirect_stderr=true
user=root ; setuid to this UNIX account to run the program
log_stdout=true ; if true, log program stdout (default true)
log_stderr=true ; if true, log program stderr (def false)
logfile=/var/log/mu.log ; child log path, use NONE for none; default AUTO
;logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
;logfile_backups=10 ; # of logfile backups (default 10)
保存
如果想直接下载该文件supervisor的配置文件覆盖
wget https://raw.githubusercontent.com/wggwcn/ssr_manyu/master/centos7/supervisord.conf -O /etc/supervisord.conf
supervisor
启动,停止,自开机命令
设置开机自启systemctl enable systemd-supervisor
启动supervisordsystemctl start systemd-supervisor
查看supervisord运行情况systemctl status systemd-supervisor
安装BBR加速
wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh
chmod +x bbr.sh
./bbr.sh
安装锐速
第一步安装多内核环境包
yum install kernel-firmware grubby dracut-kernel
第二步 重启 并 安装新内核
rpm -ivh http://soft.91yun.org/ISO/Linux/CentOS/kernel/kernel-3.10.0-229.1.2.el7.x86_64.rpm --force
重启服务器 reboot
第三步安装 锐速
wget -N --no-check-certificate https://github.com/91yun/serverspeeder/raw/master/serverspeeder.sh && bash serverspeeder.sh
锐速命令
service serverSpeeder stats 锐速状态
service serverSpeeder start 锐速开启
service serverSpeeder stop 锐速关闭
service serverSpeeder restart 锐速重启