Haproxy中转ss(多用户版)流量一键安装脚本

服务器类 cpciti 1146℃

ss,一款优秀的基于各种加密方式的 socks 代理工具,由于晚上高峰时段,电信国际出口缓慢,为了加快速度,故而使用haproxy进行中转加速。

关于脚本

一键安装并配置 haproxy,实现中转 ss 的功能(本脚本基于秋水大神的单用户脚本的基础上修改而成)

中转说明

假设你的本地电脑为 A,haproxy 服务器为 B,Shadowsocks 服务器为 C。A 当然可以直接去连C,但如上所说,往往你的本地网络国际带宽不足,实际上的可用速度并不快。假设 B 是国内某机房的服务器,机房服务器带宽一般来说比你本地网络带宽要大得多。A 连接 B,通过 B 连接 C 中转流量,如此一来,虽然成本有所上升,但却能明显改善网络带宽情况。

系统支持

本脚本支持系统:CentOS,Debian,Ubuntu

安装方法

使用root登录做中转的那台服务器,执行下面的命令:

wget --no-check-certificate https://soft.gaomingsong.com/haproxy/haproxy.sh && bash haproxy.sh

起始端口:指的是你shadowsocks的端口,管理员用的那个端口就是起始端口
结束端口:这个根据你自己的情况设置,脚本默认的是50001-60000,相当于有一万个端口可以中转,对于大多数ss卖家来说应该足够用了
Shadowsocks服务器IP地址:特别注意,这个IP指的是你安装shadowsocks的服务器公网IP地址,不是安装haproxy这台服务器的IP地址,不要弄错了。

卸载方法

#Debian 或 Ubuntu 系统 
apt-get -y remove haproxy 
# 
#CentOS 系统 
yum -y remove haproxy 
# 
#然后删掉haproxy的配置文件目录 
rm -rf /etc/haproxy 

使用命令

# 
启动:/etc/init.d/haproxy start 
# 
停止:/etc/init.d/haproxy stop 
# 
重启:/etc/init.d/haproxy restart 
# 
状态:/etc/init.d/haproxy status 

#! /bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
#=================================================================#
#   System Required:  CentOS, Debian, Ubuntu                      #
#   Description: Install haproxy for Shadowsocks server           #
#   Author: netwboy						  #
#   Intro:  https://www.gaomingsong.com                           #
#=================================================================#

clear
echo ""
echo "#############################################################"
echo "# Install haproxy for Shadowsocks server                    #"
echo "# Intro: https://www.gaomingsong.com/480.html	          #"
echo "# Author: Netwboy					          #"
echo "#############################################################"
echo ""

rootness(){
    if [[ $EUID -ne 0 ]]; then
       echo "Error:This script must be run as root!" 1>&2
       exit 1
    fi
}

checkos(){
    if [[ -f /etc/redhat-release ]];then
        OS=CentOS
    elif cat /etc/issue | grep -q -E -i "debian";then
        OS=Debian
    elif cat /etc/issue | grep -q -E -i "ubuntu";then
        OS=Ubuntu
    elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat";then
        OS=CentOS
    elif cat /proc/version | grep -q -E -i "debian";then
        OS=Debian
    elif cat /proc/version | grep -q -E -i "ubuntu";then
        OS=Ubuntu
    elif cat /proc/version | grep -q -E -i "centos|red hat|redhat";then
        OS=CentOS
    else
        echo "Not supported OS, Please reinstall OS and try again."
        exit 1
    fi
}

disable_selinux(){
    if [ -s /etc/selinux/config ] && grep 'SELINUX=enforcing' /etc/selinux/config; then
        sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
        setenforce 0
    fi
}

valid_ip(){
    local  ip=$1
    local  stat=1
    if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
        OIFS=$IFS
        IFS='.'
        ip=($ip)
        IFS=$OIFS
        [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
        stat=$?
    fi
    return ${stat}
}

get_ip(){
    local IP=$( ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\." | head -n 1 )
    if [ -z ${IP} ]; then
        IP=$( wget -qO- -t1 -T2 ipv4.icanhazip.com )
    fi
    echo ${IP}
}

# Pre-installation settings
function pre_install(){
    # Set haproxy config start port
    while :
    do
    echo -e "Please input start port for haproxy & shadowsocks [1-65535]"
    read -p "(Default start port: 50001):" startport
	[ -z "${startport}" ] && startport="50001"
    expr ${startport} + 0 &>/dev/null
    if [ $? -eq 0 ]; then
        if [ ${startport} -ge 1 ] && [ ${startport} -le 65535 ]; then
            echo ""
            echo "---------------------------"
            echo "start port = ${startport}"
            echo "---------------------------"
            echo ""
            break
        else
            echo "Input error! Please input correct numbers."
        fi
    else
        echo "Input error! Please input correct numbers."
    fi
    done

    # Set haproxy config end port
    while :
    do
    echo -e "Please input end port for haproxy & shadowsocks [1-65535]"
    read -p "(Default end port: 60000):" endport
	[ -z "${endport}" ] && endport="60000"
    expr ${endport} + 0 &>/dev/null
    if [ $? -eq 0 ]; then
        if [ ${endport} -ge 1 ] && [ ${endport} -le 65535 ]; then
            echo ""
            echo "---------------------------"
            echo "end port = ${endport}"
            echo "---------------------------"
            echo ""
            break
        else
            echo "Input error! Please input correct numbers."
        fi
    else
        echo "Input error! Please input correct numbers."
    fi
    done
	
    # Set haproxy config IPv4 address
    while :
    do
    echo -e "Please input your shadowsocks IPv4 address for haproxy"
    read -p "(IPv4 is):" haproxyip
    valid_ip ${haproxyip}
    if [ $? -eq 0 ]; then
        echo ""
        echo "---------------------------"
        echo "IP = ${haproxyip}"
        echo "---------------------------"
        echo ""
        break
    else
        echo "Input error! Please input correct IPv4 address."
    fi
    done

    get_char(){
        SAVEDSTTY=`stty -g`
        stty -echo
        stty cbreak
        dd if=/dev/tty bs=1 count=1 2> /dev/null
        stty -raw
        stty echo
        stty $SAVEDSTTY
    }
    echo ""
    echo "Press any key to start...or Press Ctrl+C to cancel"
    char=`get_char`

}

# Config haproxy
config_haproxy(){
    # Config DNS nameserver
    if ! grep -q "8.8.8.8" /etc/resolv.conf;then
        cp -p /etc/resolv.conf /etc/resolv.conf.bak
        echo "nameserver 223.5.5.5" > /etc/resolv.conf
        echo "nameserver 8.8.8.8" >> /etc/resolv.conf
    fi

    if [ -f /etc/haproxy/haproxy.cfg ];then
        cp -p /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak
    fi

    cat > /etc/haproxy/haproxy.cfg<<-EOF
global
ulimit-n  51200
defaults
log global
mode    tcp
option  dontlognull
timeout connect 1000ms
timeout client 150000ms
timeout server 150000ms
listen status
bind 0.0.0.0:1080
mode http
log global
stats refresh 30s
stats uri /admin?stats
stats realm Private lands
stats auth admin:password
stats hide-version
frontend ssin
bind *:${startport}-${endport}
default_backend ssout
backend ssout
server server1 ${haproxyip} maxconn 204800
EOF
}

install(){
    # Install haproxy
    if [ "${OS}" == 'CentOS' ];then
        yum install -y haproxy
    else
        apt-get -y update
        apt-get install -y haproxy
    fi

    if [ -d /etc/haproxy ]; then
        echo "haproxy install successed."

        echo "Config haproxy start..."
        config_haproxy
        echo "Config haproxy completed..."

        if [ "${OS}" == 'CentOS' ]; then
            chkconfig --add haproxy
            chkconfig haproxy on
        else
            update-rc.d haproxy defaults
        fi

        # Start haproxy
        /etc/init.d/haproxy start
        if [ $? -eq 0 ]; then
            echo "haproxy start success..."
        else
            echo "haproxy start failure..."
        fi
    else
        echo ""
        echo "haproxy install failed."
        exit 1
    fi

    sleep 3
    # restart haproxy
    /etc/init.d/haproxy restart
    # Active Internet connections confirm
    netstat -nxtlp
    echo
    echo "Congratulations, haproxy install completed."
    echo -e "Your haproxy Server start port: \033[41;37m ${startport} \033[0m"
    echo -e "Your haproxy Server end port: \033[41;37m ${endport} \033[0m"
    echo -e "Your Input Shadowsocks IP: \033[41;37m ${haproxyip} \033[0m"
    echo ""
    echo "Welcome to visit:https://www.gaomingsong.com/480.html"
    echo "Enjoy it."
    echo ""
    exit 0
}


# Install haproxy
install_haproxy(){
    checkos
    rootness
    disable_selinux
    pre_install
    install
}

# Initialization step
install_haproxy 2>&1 | tee -a /root/haproxy_for_shadowsocks.log

转载请注明:我的个人学习笔记 » Haproxy中转ss(多用户版)流量一键安装脚本

喜欢 (0)