diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 00000000..913ec248 --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,31 @@ +FROM ubuntu:latest + +MAINTAINER Sah Lee + +ENV DEPENDENCIES git-core build-essential autoconf libtool libssl-dev +ENV BASEDIR /tmp/shadowsocks-libev +ENV PORT 8338 + +# Set up building environment +RUN apt-get update \ + && apt-get install -y $DEPENDENCIES + +# Get the latest code, build and install +RUN git clone https://github.com/shadowsocks/shadowsocks-libev.git $BASEDIR +WORKDIR $BASEDIR +RUN ./configure \ + && make \ + && make install + +# Tear down building environment and delete git repository +WORKDIR / +RUN rm -rf $BASEDIR/shadowsocks-libev\ + && apt-get --purge autoremove -y $DEPENDENCIES + +# Port in the config file won't take affect. Instead we'll use 8388. +EXPOSE $PORT + +# Override the host and port in the config file. +ADD entrypoint / +ENTRYPOINT ["/entrypoint"] +CMD ["-h"] diff --git a/docker/README.md b/docker/README.md new file mode 100644 index 00000000..65b156dc --- /dev/null +++ b/docker/README.md @@ -0,0 +1,84 @@ +# Shadowsocks Dockerized + +## About this image + +This image is built to ease the deployment of the Shadowsocks server daemon with Docker. + +For Shadowsocks clients, you want to visit http://shadowsocks.org/en/download/clients.html + +### What is Shadowsocks + +A secure socks5 proxy designed to protect your Internet traffic. + +See http://shadowsocks.org/ + +### What is Docker + +An open platform for distributed applications for developers and sysadmins. + +See https://www.docker.com/ + +## How to use this image + +### Start the daemon for the first time + +```bash +$ docker run --name shadowsocks-app --detach --publish 58338:8338 shadowsocks/shadowsocks-libev -k "5ecret!" +``` + +To see all supported arguments, run + +```bash +$ docker run --rm shadowsocks/shadowsocks-libev --help +``` + +To try the bleeding edge version of Shadowsocks, run with an `unstable` tag + +```bash +$ docker run --name shadowsocks-app --detach --publish 58338:8338 shadowsocks/shadowsocks-libev:unstable -k "5ecret!" +``` + +### Stop the daemon + +```bash +$ docker stop shadowsocks-app +``` + +### Start a stopped daemon + +```bash +$ docker start shadowsocks-app +``` + +### Upgrade + +Simply run a `docker pull` to upgrade the image. + +```bash +$ docker pull shadowsocks/shadowsocks-libev +``` + +### Use in CoreOS + +COMING SOON + +### Use with `fig` + +COMING SOON + +## Limitations + +### JSON Configuration File + +This image doesn't support the JSON configuration at the moment. But I do plan to add the support in the future. So please stay tuned. + +### Specifying Hostname & Port + +Docker containers don't have the power to specify on what hostname or port of the host should the service listen to. These have to be specified using the `--publish` argument of `docker run`. + +See [Docker run reference](https://docs.docker.com/reference/run/#expose-incoming-ports) for more details. + +## References + +* [Shadowsocks - Servers](http://shadowsocks.org/en/download/servers.html) +* [shadowsocks-libev](https://github.com/shadowsocks/shadowsocks-libev/blob/master/README.md) diff --git a/docker/entrypoint b/docker/entrypoint new file mode 100755 index 00000000..275426f3 --- /dev/null +++ b/docker/entrypoint @@ -0,0 +1,99 @@ +#! /bin/bash + +IMAGE_NAME="leesah/shadowsocks-libev" +PORTNUMBER="8338" + +SHADOWSOCKS="/usr/local/bin/ss-server" +HOST="-s 0.0.0.0" +PORT="-p $PORTNUMBER" +JSON="" + +function print_usage { + echo + echo "Usage:" + echo " docker run $IMAGE_NAME [OPTIONS]" + echo + echo "OPTIONS" + echo " -k password of your remote server" + echo + echo " [-m ] encrypt method: table, rc4, rc4-md5" + echo " aes-128-cfb, aes-192-cfb, aes-256-cfb," + echo " bf-cfb, camellia-128-cfb, camellia-192-cfb," + echo " camellia-256-cfb, cast5-cfb, des-cfb, idea-cfb," + echo " rc2-cfb, seed-cfb, salsa20 and chacha20" + echo " [-t ] socket timeout in seconds" + echo " [-c ] config file in json" + echo " [-u] enable udprelay mode" + echo " [-v] verbose mode" + echo + echo " [--fast-open] enable TCP fast open" + echo " [--acl ] config file of ACL \(Access Control List\)" + echo + echo " [-h] print this" + echo +} + +function print_usage_configfile { + echo "Config file is currently not supported by this image." + echo + echo "See https://github.com/leesah/shadowsocks-libev/issues/1 for current progress." + echo +} + +function print_usage_host { + echo "To specify the host on which ss-server should listen, please use" + echo " docker run -p $1::$PORTNUMBER ..." + echo "or" + echo " docker run -p $1::$PORTNUMBER ..." + echo + echo "See manpage of docker-run for more details:" + echo " man docker-run" + echo +} + +function print_usage_port { + echo "To specify the port on which ss-server should listen, please use" + echo " docker run -p $1:$PORTNUMBER ..." + echo +} + +OPTIONS=`getopt -o s:p:k:m:t:c:uvh --long server:,key:,password:,encrypt-method:,timeout:,acl:,server-port:,config-file:,fast-open,help -n "$IMAGE_NAME" -- "$@"` +if [ $? -ne 0 ]; then + print_usage + exit 1 +fi + +eval set -- "$OPTIONS" +while true; do + case "$1" in + -k|--key|--password) PASSWORD="-k $2"; shift 2;; + -m|--encrypt-method) ENCRYPTION="-m $2"; shift 2;; + -t|--timeout) TIMEOUT="-t $2"; shift 2;; + --acl) ACL="--acl $2"; shift 2;; + --fast-open) FAST_OPEN="--fast-open"; shift;; + -u) UDP_RELAY="-u"; shift;; + -v) VERBOSE="-v"; shift;; + --) shift; break;; + + -c|--config-file) print_usage_configfile; exit 128;; + -s|--server) print_usage_host "$2"; exit 128;; + -p|--server-port) print_usage_port "$2"; exit 128;; + -h|--help) print_usage; exit 0;; + + *) + echo "$IMAGE_NAME: unexpected argument: $1" + print_usage + exit 1;; + esac +done + +if [ -z "$HOST" -o -z "$PORT" -o -z "$PASSWORD" ]; then + echo "$IMAGE_NAME: insufficient arguments." + print_usage + exit 1 +fi + +echo "Launching Shadowsocks server..." +echo "To watch the output, run" +echo " docker ps -ql | xargs docker logs -f" +$SHADOWSOCKS $HOST $PORT $PASSWORD $ENCRYPTION $TIMEOUT $UDP_RELAY $VERBOSE $FAST_OPEN $ACL $JSON