howto Setup server shadowsocks + v2ray plugin

Leave a reply


# Using v2ray+ws+tls+CDN works good, but it kills the battery on android phone.
# For this reason, good to know how to setup shadowsocks + v2ray plugin.

#
# This post shows you how to setup the server.
# We make a unique path, so you can still have regular v2ray on another path.
#
# You need VPS server ubuntu 18.04 or 16.04, we used digitalocean for example
# You need a domain name, either free or cheap 1 $ year (for 1st year, e.g. godaddy)
# You need an account at cloudflare
#
# We will route shadowsocks traffic over TLS https, via cloudflare CDN
# This means the Chinese cannot know your actual server IP, all they
# see a domainname, and a website, which should be boring and very long make them read it all.
# The Chinese cannot block your server IP, and cannot launch a DDOS attack.
#
# A few things you should change and make random.
# 1) the path , below we used abc123. use something random
# 2) shadowsocks password, below we used pass1234, use something random
#
# Ok lets get started.
# Create droplet on digitalocean
# get your IP e.g. 167.71.130.183
#
# In cloudflare
# point your domain to IP
# IMPORTANT turn off all encryption to example.com
# later we will turn it on again after we have https certs
#
# login to digitalocean droplet
#
#
apt-get update
apt-get upgrade -y
apt-get install nginx python-certbot-nginx -y
# Test you can access http://example.com by http (not https)
# Set the server_name and add reverse proxy
nano /etc/nginx/sites-available/default
# Change from
# server_name _;
# to
server_name example.com;
location /abc123 {
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
# Reload data
nginx -s reload
# Add https
# remember press 2 for redirect, the rest doesn't really matter.
certbot --nginx
# IMPORTANT afterwards switch back cloudflare, turn on full encryption
# verify https is working https://example.com
# add plugin
wget --no-check-certificate https://tls.mbed.org/download/mbedtls-2.16.4-gpl.tgz

wget https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/mbedtls-2.16.5.tar.gz
gunzip mbedtls-2.16.5.tar.gz
tar -xvf mbedtls-2.16.5.tar
cp -rf mbedtls-mbedtls-2.16.5/ mbedtls-2.16.5/

wget https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/mbedtls-2.16.5.tar.gz
cp mbedtls-2.16.5.tar.gz mbedtls-2.16.5.gtz

./ubuntu-ss-install.sh
Congratulations, Shadowsocks-libev server install completed
Your Server IP : example.com
Your Server Port : 443
Your Password : pass1234
Your Encryption Method: aes-256-gcm
Your Plugin : v2ray-plugin
Your Plugin options : tls;host=example.com
Enjoy it!
# backup of install script, just for reference, incase 
# github version disappears https://pastebin.com/38UjgNNd
# edit config file, to move the shadowsocks server to 10001 (or whatever internal port you like)
# and change the plugin_opts
nano /etc/shadowsocks-libev/config.json
{
"server":"0.0.0.0",
"server_port":10001,
"password":"pass1234",
"timeout":300,
"method":"aes-256-gcm",
"plugin":"v2ray-plugin",
"plugin_opts":"server;path=/abc123;loglevel=none"
}
# restart shadowsocks server
systemctl restart shadowsocks
systemctl status shadowsocks
# That is it, it works in China.
# And using the shadowsocks app with v2ray plugin, saves the battery.
# Screenshots phone
#
# To configure shadowsocks + v2ray plugin for windows client
# Download v2ray plugin for windows
# https://github.com/shadowsocks/v2ray-plugin/releases
# e.g. v2ray-plugin_windows_386.exe
#
# Open shadowsocks for windows
# Plugin Program C:..path.../v2ray-plugin_windows_386.exe
# Plugin Options path=/abc123;host=example.com;tls
#
comments/help welcome

Leave a comment