├── .github ├── dependabot.yml └── workflows │ └── docker-publish.yml ├── .gitignore ├── Dockerfile ├── LICENSE └── README.md /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | # Maintain dependencies for GitHub Actions 4 | - package-ecosystem: "github-actions" 5 | directory: "/" 6 | schedule: 7 | interval: "daily" 8 | -------------------------------------------------------------------------------- /.github/workflows/docker-publish.yml: -------------------------------------------------------------------------------- 1 | name: Docker 2 | 3 | on: 4 | push: 5 | branches: 6 | - 'master' 7 | 8 | jobs: 9 | build: 10 | runs-on: ubuntu-latest 11 | steps: 12 | - name: Checkout repository 13 | uses: actions/checkout@v4 14 | 15 | - name: Docker meta 16 | id: meta 17 | uses: docker/metadata-action@v5 18 | with: 19 | images: acrisliu/shadowsocks-libev 20 | tags: | 21 | type=raw,value=latest 22 | 23 | - name: Set up QEMU 24 | uses: docker/setup-qemu-action@v3 25 | 26 | - name: Set up Docker Buildx 27 | uses: docker/setup-buildx-action@v3 28 | 29 | - name: Login to Docker Hub 30 | uses: docker/login-action@v3 31 | with: 32 | username: ${{ secrets.DOCKERHUB_USERNAME }} 33 | password: ${{ secrets.DOCKERHUB_TOKEN }} 34 | 35 | - name: Build and push 36 | uses: docker/build-push-action@v6 37 | with: 38 | platforms: linux/amd64,linux/arm64 39 | push: true 40 | tags: ${{ steps.meta.outputs.tags }} 41 | labels: ${{ steps.meta.outputs.labels }} 42 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | *.iml -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.19-alpine AS golang 2 | 3 | ENV V2RAY_PLUGIN_VERSION v5.1.0 4 | ENV GO111MODULE on 5 | 6 | # Build v2ray-plugin 7 | RUN apk add --no-cache git build-base \ 8 | && mkdir -p /go/src/github.com/teddysun \ 9 | && cd /go/src/github.com/teddysun \ 10 | && git clone https://github.com/teddysun/v2ray-plugin.git \ 11 | && cd v2ray-plugin \ 12 | && git checkout "$V2RAY_PLUGIN_VERSION" \ 13 | && go get -d \ 14 | && go build 15 | 16 | FROM alpine:3.17 17 | 18 | LABEL maintainer="Acris Liu " 19 | 20 | ENV SHADOWSOCKS_LIBEV_VERSION v3.3.5 21 | 22 | # Build shadowsocks-libev 23 | RUN set -ex \ 24 | # Install dependencies 25 | && apk add --no-cache --virtual .build-deps \ 26 | autoconf \ 27 | automake \ 28 | build-base \ 29 | libev-dev \ 30 | libtool \ 31 | linux-headers \ 32 | udns-dev \ 33 | libsodium-dev \ 34 | mbedtls-dev \ 35 | pcre-dev \ 36 | tar \ 37 | udns-dev \ 38 | c-ares-dev \ 39 | git \ 40 | # Build shadowsocks-libev 41 | && mkdir -p /tmp/build-shadowsocks-libev \ 42 | && cd /tmp/build-shadowsocks-libev \ 43 | && git clone https://github.com/shadowsocks/shadowsocks-libev.git \ 44 | && cd shadowsocks-libev \ 45 | && git checkout "$SHADOWSOCKS_LIBEV_VERSION" \ 46 | && git submodule update --init --recursive \ 47 | && ./autogen.sh \ 48 | && ./configure --disable-documentation \ 49 | && make install \ 50 | && ssRunDeps="$( \ 51 | scanelf --needed --nobanner /usr/local/bin/ss-server \ 52 | | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ 53 | | xargs -r apk info --installed \ 54 | | sort -u \ 55 | )" \ 56 | && apk add --no-cache --virtual .ss-rundeps $ssRunDeps \ 57 | && cd / \ 58 | && rm -rf /tmp/build-shadowsocks-libev \ 59 | # Delete dependencies 60 | && apk del .build-deps 61 | 62 | # Copy v2ray-plugin 63 | COPY --from=golang /go/src/github.com/teddysun/v2ray-plugin/v2ray-plugin /usr/local/bin 64 | 65 | # Shadowsocks environment variables 66 | ENV SERVER_PORT 8388 67 | ENV PASSWORD ChangeMe!!! 68 | ENV METHOD chacha20-ietf-poly1305 69 | ENV TIMEOUT 86400 70 | ENV DNS_ADDRS 1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001 71 | ENV ARGS -u 72 | 73 | EXPOSE $SERVER_PORT/tcp $SERVER_PORT/udp 74 | 75 | # Run as nobody 76 | USER nobody 77 | 78 | # Start shadowsocks-libev server 79 | CMD exec ss-server \ 80 | -s 0.0.0.0 \ 81 | -s ::0 \ 82 | -p $SERVER_PORT \ 83 | -k $PASSWORD \ 84 | -m $METHOD \ 85 | -t $TIMEOUT \ 86 | -d $DNS_ADDRS \ 87 | --reuse-port \ 88 | --no-delay \ 89 | $ARGS 90 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2017 Acris Liu 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Shadowsocks-libev Dockerfile 2 | This Dockerfile build an image for [shadowsocks-libev](https://github.com/shadowsocks/shadowsocks-libev/) with [v2ray-plugin](https://github.com/teddysun/v2ray-plugin), based on Alpine Linux. 3 | 4 | **Tags:** 5 | - latest 6 | - shadowsocks-libev: v3.3.5 7 | - v2ray-plugin: v5.1.0 8 | - nightly 9 | - shadowsocks-libev: master branch 10 | - v2ray-plugin: master branch 11 | 12 | 13 | ## Quick Start 14 | 15 | Get the docker image by running the following commands: 16 | 17 | ```bash 18 | docker pull acrisliu/shadowsocks-libev 19 | ``` 20 | 21 | Start an instance: 22 | 23 | ```bash 24 | docker run -d --name=shadowsocks-libev -p 8388:8388/tcp -p 8388:8388/udp --restart=always acrisliu/shadowsocks-libev 25 | ``` 26 | 27 | 28 | ## Setting a specific configration 29 | 30 | You can use environment variables to specific configration. 31 | 32 | For example, start a container with encrypt method `aes-256-gcm` and password `YourPassword`: 33 | 34 | ```bash 35 | docker run -d \ 36 | -e METHOD=aes-256-gcm \ 37 | -e PASSWORD=YourPassword \ 38 | --name=shadowsocks-libev \ 39 | -p 8388:8388/tcp \ 40 | -p 8388:8388/udp \ 41 | --restart=always \ 42 | acrisliu/shadowsocks-libev 43 | ``` 44 | 45 | Available environment variables and default values: 46 | 47 | - `SERVER_PORT`: Port number of your remote server, default value is `8388`. 48 | - `PASSWORD`: Password of your remote server, default value is `ChangeMe!!!`. 49 | - `METHOD`: Encrypt method, default value is `chacha20-ietf-poly1305`. 50 | - `TIMEOUT`: Socket timeout in seconds, default value is `86400`. 51 | - `DNS_ADDRS`: Setup name servers for internal DNS resolver, default value is `1.1.1.1,1.0.0.1`. 52 | - `ARGS`: Additional arguments supported by `ss-server`, default value is `-u`, to enable UDP relay. 53 | 54 | 55 | ## Enable v2ray-plugin 56 | By default, v2ray-plugin is disabled, use `ARGS` environment variable with `--plugin`, `--plugin-opts` arguments to enable it. 57 | 58 | For example, if you want to enable v2ray-plugin with TLS mode and enable UDP relay: 59 | ```sh 60 | docker run -d \ 61 | -e "ARGS=--plugin v2ray-plugin --plugin-opts server;tls;host=yourdomain.com;path=/v2ray;cert=/root/.acme.sh/yourdomain.com/fullchain.cer;key=/root/.acme.sh/yourdomain.com/yourdomain.com.key -u" \ 62 | -e PASSWORD=YourPassword \ 63 | -v /root/.acme.sh:/root/.acme.sh \ 64 | --user root \ 65 | --name=shadowsocks-libev \ 66 | -p 8388:8388/tcp \ 67 | -p 8388:8388/udp \ 68 | --restart=always \ 69 | acrisliu/shadowsocks-libev 70 | ``` 71 | 72 | 73 | **Enable v2ray-plugin with QUIC mode:** 74 | 75 | It is recommended to increase the maximum buffer size by running: 76 | ``` 77 | sysctl -w net.core.rmem_max=2500000 78 | ``` 79 | 80 | This command would increase the maximum receive buffer size to roughly 2.5 MB. 81 | 82 | ```sh 83 | docker run -d \ 84 | -e "ARGS=--plugin v2ray-plugin --plugin-opts server;mode=quic;host=yourdomain.com;path=/v2ray;cert=/root/.acme.sh/yourdomain.com/fullchain.cer;key=/root/.acme.sh/yourdomain.com/yourdomain.com.key" \ 85 | -e PASSWORD=YourPassword \ 86 | -v /root/.acme.sh:/root/.acme.sh \ 87 | --user root \ 88 | --name=shadowsocks-libev \ 89 | -p 8388:8388/tcp \ 90 | -p 8388:8388/udp \ 91 | --restart=always \ 92 | acrisliu/shadowsocks-libev 93 | ``` 94 | 95 | *Attentions: if you want to enable v2ray-plugin QUIC mode, you must disable the UDP relay of ss-server, without `-u` argument in `ARGS`.* 96 | 97 | Remember mount your certs to container, recommend use [acme.sh](acme.sh) to issue certs. 98 | 99 | For more v2ray-plugin configrations please go to [v2ray plugin docs](https://github.com/teddysun/v2ray-plugin/blob/master/README.md) 100 | 101 | 102 | ## With docker-compose 103 | docker-compose.yml: 104 | ```yml 105 | services: 106 | shadowsocks-libev: 107 | container_name: shadowsocks-libev 108 | image: acrisliu/shadowsocks-libev 109 | user: root 110 | ports: 111 | - "8388:8388/tcp" 112 | - "8388:8388/udp" 113 | volumes: 114 | - /root/.acme.sh:/root/.acme.sh:ro 115 | environment: 116 | - PASSWORD=YourPassword 117 | - ARGS=--plugin v2ray-plugin --plugin-opts server;tls;host=yourdomain.com;path=/v2ray;cert=/root/.acme.sh/yourdomain.com/fullchain.cer;key=/root/.acme.sh/yourdomain.com/yourdomain.com.key -u 118 | restart: always 119 | ``` 120 | 121 | 122 | ## How to upgrade 123 | 124 | Just use bellow commands: 125 | 126 | ```bash 127 | # Pull the latest image 128 | docker pull acrisliu/shadowsocks-libev 129 | # Stop and remove old container 130 | docker stop shadowsocks-libev 131 | docker rm shadowsocks-libev 132 | # Start a new container with the latest image 133 | docker run -d \ 134 | -e PASSWORD=YourPassword \ 135 | --name=shadowsocks-libev \ 136 | -p 8388:8388/tcp \ 137 | -p 8388:8388/udp \ 138 | --restart=always \ 139 | acrisliu/shadowsocks-libev 140 | ``` 141 | --------------------------------------------------------------------------------