Install shadowsocks di Ubuntu 20.04

Details
Written by: Bayu Aji
Category: OS
Hits: 369

1. Prosedur standard :

sudo apt update && apt upgrade -y
sudo apt install -y snapd

2. install haveged untuk randomness yang lebih baik (opsional)

sudo apt install -y haveged
sudo reboot

3. Install Shadowsocks via snap supaya dapat release aplikasi yang terbaru.

sudo snap install shadowsocks-libev

4. Buat file configuration untuk shadowsocks :

sudo mkdir -p /var/snap/shadowsocks-libev/common/etc/shadowsocks-libev
sudo touch /var/snap/shadowsocks-libev/common/etc/shadowsocks-libev/config.json
sudo vi /var/snap/shadowsocks-libev/common/etc/shadowsocks-libev/config.json

5. Isi file json :

{
   "server":["::0", "0.0.0.0"],
   "mode":"tcp_and_udp",
   "server_port":443,
   "password":"your-secure-password",
   "timeout":60,
   "method":"chacha20-ietf-poly1305",
   "nameserver":"1.1.1.1"
}

6. Buat file untuk systemd service unit

sudo touch /etc/systemd/system/[email protected]
sudo vi /etc/systemd/system/[email protected]

# isi nya :

[Unit]
Description=Shadowsocks-Libev Custom Server Service for %I
Documentation=man:ss-server(1)
After=network-online.target
    
[Service]
Type=simple
ExecStart=/usr/bin/snap run shadowsocks-libev.ss-server -c /var/snap/shadowsocks-libev/common/etc/shadowsocks-libev/%i.json
    
[Install]
WantedBy=multi-user.target

7. Aktifkan shadowsocks

# Aktifkan service
sudo systemctl enable --now shadowsocks-libev-server@config

# Lihat status shadowsocks
sudo systemctl status shadowsocks-libev-server@config

8. Buka firewall

sudo ufw allow 443

9. Pakai QR Code untuk menambah profil di aplikasi shadowsocks : ( Aplikasi Android)

https://shadowsocks.org/en/config/quick-guide.html#qrcode

10. Optimasi kernel + TCP BBR

# Edit sysctl :
sudo vi /etc/sysctl.conf

# Tambahkan :
fs.file-max = 51200
net.core.netdev_max_backlog = 250000
net.core.somaxconn = 4096
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 10000 65000
net.core.netdev_max_backlog = 4096
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_mtu_probing = 1
net.core.rmem_max = 67108864
net.core.wmem_max = 67108864
net.ipv4.tcp_mem = 25600 51200 102400
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr

# Reload sysctl
sudo sysctl -p

# Check TCP BBR :
sudo sysctl net.ipv4.tcp_congestion_control

11. check listening port : (Jika butuh cari port yang terpakai)

sudo lsof -i -P -n | grep LISTEN