├── Dockerfile
└── README.md


/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM alpine:3.7
 2 | 
 3 | MAINTAINER Tommy Lau <tommy@gen-new.com>
 4 | 
 5 | RUN buildDeps=" \
 6 | 		asciidoc \
 7 | 		build-base \
 8 | 		c-ares-dev \
 9 | 		curl \
10 | 		libev-dev \
11 | 		libsodium-dev \
12 | 		linux-headers \
13 | 		mbedtls-dev \
14 | 		pcre-dev \
15 | 		tar \
16 | 		xmlto \
17 | 	"; \
18 | 	set -x \
19 | 	&& apk add --update --virtual .build-deps $buildDeps \
20 | 	&& SS_VERSION=`curl "https://github.com/shadowsocks/shadowsocks-libev/releases/latest" | sed -n 's/^.*tag\/v\(.*\)".*/\1/p'` \
21 | 	&& curl -SL "https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$SS_VERSION/shadowsocks-libev-$SS_VERSION.tar.gz" -o ss.tar.gz \
22 | 	&& mkdir -p /usr/src/ss \
23 | 	&& tar -xf ss.tar.gz -C /usr/src/ss --strip-components=1 \
24 | 	&& rm ss.tar.gz \
25 | 	&& cd /usr/src/ss \
26 | 	&& ./configure --disable-documentation \
27 | 	&& make install \
28 | 	&& cd / \
29 | 	&& rm -fr /usr/src/ss \
30 | 	&& runDeps="$( \
31 | 		scanelf --needed --nobanner /usr/local/bin/ss-* \
32 | 			| awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \
33 | 			| xargs -r apk info --installed \
34 | 			| sort -u \
35 | 		)" \
36 | 	&& apk add --virtual .run-deps $runDeps \
37 | 	&& apk del .build-deps \
38 | 	&& rm -rf /var/cache/apk/*
39 | 
40 | ENTRYPOINT ["/usr/local/bin/ss-server"]
41 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # docker-shadowsocks
 2 | 
 3 | docker-shadowsocks is a Shadowsocks boxed in a Docker image built by [Tommy Lau](http://tommy.net.cn/).
 4 | 
 5 | ## Update on July 16, 2016
 6 | 
 7 | From now on, the [Alpine Linux](https://hub.docker.com/_/alpine/) will be used as the base image. The docker image size has been dramatically reduced from around 200MB to only 16MB! The old image used Debian package, and the new one is compiled from the source, so it will alwasy be updated to the latest version of [Shadowsocks-libev](https://github.com/shadowsocks/shadowsocks-libev).
 8 | 
 9 | > NOTICE: You have to use Docker version 1.9.0 or later to support Alpine, DO NOT UPDATE the image if your Docker version is older than 1.9.0
10 | 
11 | ## What is Shadowsocks?
12 | 
13 | [Shadowsocks](http://shadowsocks.org/) is a fast tunnel proxy that helps you bypass firewalls.
14 | 
15 | ## What's included?
16 | 
17 | The latest shadowsocks-libev from official release and nothing more.
18 | 
19 | ## How to use this image
20 | 
21 | Get the docker image by running the following commands:
22 | 
23 | ```bash
24 | docker pull tommylau/shadowsocks
25 | ```
26 | 
27 | Start an ocserv instance:
28 | 
29 | ```bash
30 | docker run  --name=[name] -p [port]:[port] -d tommylau/shadowsocks -s 0.0.0.0 -p [port] -k [password] -m [method]
31 | ```
32 | 
33 | - `name` is used to identify the containers (optional)
34 | - `port` is the port you want the server to listen.
35 | - `password` is the password
36 | - `method` is the encrypt method
37 | 
38 | For a real world example with encrypt method `rc4-md5` with password `Passw0rd` on port `8338`:
39 | 
40 | ```bash
41 | docker run --name=ss -p 8388:8388 -d tommylau/shadowsocks -s 0.0.0.0 -p 8388 -k Passw0rd -m rc4-md5
42 | ```
43 | 
44 | ## Command line arguments for shadowsocks-libev
45 | 
46 | ```
47 |   usage:
48 | 
49 |     ss-[local|redir|server|tunnel]
50 | 
51 |        -s <server_host>           host name or ip address of your remote server
52 | 
53 |        -p <server_port>           port number of your remote server
54 | 
55 |        -l <local_port>            port number of your local server
56 | 
57 |        -k <password>              password of your remote server
58 | 
59 |        [-m <encrypt_method>]      encrypt method: table, rc4, rc4-md5,
60 |                                   aes-128-cfb, aes-192-cfb, aes-256-cfb,
61 |                                   bf-cfb, camellia-128-cfb, camellia-192-cfb,
62 |                                   camellia-256-cfb, cast5-cfb, des-cfb, idea-cfb,
63 |                                   rc2-cfb, seed-cfb, salsa20 and chacha20
64 | 
65 |        [-f <pid_file>]            the file path to store pid
66 | 
67 |        [-t <timeout>]             socket timeout in seconds
68 | 
69 |        [-c <config_file>]         the path to config file
70 | 
71 |        [-i <interface>]           network interface to bind,
72 |                                   not available in redir mode
73 | 
74 |        [-b <local_address>]       local address to bind,
75 |                                   not available in server mode
76 | 
77 |        [-u]                       enable udprelay mode,
78 |                                   not available in redir mode
79 | 
80 |        [-L <addr>:<port>]         specify destination server address and port
81 |                                   for local port forwarding,
82 |                                   only available in tunnel mode
83 | 
84 |        [-d <addr>]                setup name servers for internal DNS resolver,
85 |                                   only available in server mode
86 | 
87 |        [--fast-open]              enable TCP fast open,
88 |                                   only available on Linux kernel > 3.7.0
89 | 
90 |        [--acl <acl_file>]         config file of ACL (Access Control List)
91 |                                   only available in local mode
92 | 
93 |        [-v]                       verbose mode
94 | ```
95 | 


--------------------------------------------------------------------------------