shadowsocks-libev is a lightweight secured socks5 proxy for embedded devices and low end boxes. It is a port of shadowsocks created by @clowwindy maintained by @madeye and @linusyang.
Docker images are built for quick deployment in various computing cloud providers. For more information on docker and containerization technologies, refer to official document.
Many cloud providers offer docker-ready environments, for instance the CoreOS Droplet in DigitalOcean or the Container-Optimized OS in Google Cloud.
If you need to install docker yourself, follow the official installation guide.
$ docker pull shadowsocks/shadowsocks-libevThis pulls the latest release of shadowsocks-libev.
You can also choose to pull a previous release or to try the bleeding edge build:
$ docker pull shadowsocks/shadowsocks-libev:<tag>
$ docker pull shadowsocks/shadowsocks-libev:edgeA list of supported tags can be found at Docker Hub.
$ docker run -p 8388:8388 -p 8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev:latestThis starts a container of the latest release with all the default settings, which is equivalent to
$ ss-server -s 0.0.0.0 -p 8388 -k "$(hostname)" -m aes-256-cfb -t 300 --fast-open -d 8.8.8.8 -d 8.8.4.4 -uNote: It's the hostname in the container that is used as the password, not that of the host.
In most cases you'll want to change a thing or two, for instance the port which the server listens on. This is done by changing the -p arguments.
Here's an example to start a container that listens on 28388 (both TCP and UDP):
$ docker run -p 28388:8388 -p 28388:8388/udp -d --restart always shadowsocks/shadowsocks-libevAnother thing you may want to change is the password. To change that, you can pass your own password as an environment variable when starting the container.
Here's an example to start a container with 9MLSpPmNt as the password:
$ docker run -e PASSWORD=9MLSpPmNt -p 8388:8388 -p 8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev
⚠️ Click here to generate a strong password to protect your server.
Besides PASSWORD, the image also defines the following environment variables that you can customize:
SERVER_ADDR: the IP/domain to bind to, defaults to0.0.0.0METHOD: encryption method to use, defaults toaes-256-cfbTIMEOUT: defaults to300DNS_ADDR,DNS_ADDR_2: DNS servers to redirect NS lookup requests to, defaults to8.8.8.8and8.8.4.4
Additional arguments supported by ss-server can be passed with the environment variable ARGS, for instance to start in verbose mode:
$ docker run -e ARGS=-v -p 8388:8388 -p 8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev:latestIt is very handy to use docker-compose to manage docker containers. You can download the binary at https://github.com/docker/compose/releases.
This is a sample docker-compose.yml file.
shadowsocks:
image: shadowsocks/shadowsocks-libev
ports:
- "8388:8388"
environment:
- METHOD=aes-256-cfb
- PASSWORD=9MLSpPmNt
restart: alwaysIt is highly recommended that you setup a directory tree to make things easy to manage.
$ mkdir -p ~/fig/shadowsocks/
$ cd ~/fig/shadowsocks/
$ curl -sSLO https://github.com/shadowsocks/shadowsocks-libev/raw/master/docker/alpine/docker-compose.yml
$ docker-compose up -d
$ docker-compose psAt last, download shadowsocks client here. Don't forget to share internet with your friends.
{
"server": "your-vps-ip",
"server_port": 8388,
"local_address": "0.0.0.0",
"local_port": 1080,
"password": "9MLSpPmNt",
"timeout": 600,
"method": "aes-256-cfb"
}