Installing Shadowsocks-libev Client on Ubuntu Desktop using Ansible

Jul 24, 2022, by Rovshan Mirza

Shadowsocks is a proxy that uses encrypted protocol called SOCKS5, and creates secure and private tunnel for internet access, sort of like VPN. One of the downsides of using a proxy like Shadowsocks is that it will not be system-wide or network-wide out of the box. It will only work in applications where there is support for a proxy connection and you will have to manually configure it in those applications. I use it in my browser and most of the browsers support proxy connections.

In this guide, we are only going to install Shadowsocks client using Ansible on Ubuntu Desktop. You will need to install and configure Shadowsocks server on any VPS first to make this work. I already have a Shadowsocks server set up in my free VPS from Oracle Cloud.

Prerequisites

If you don't have Ubuntu Desktop with Ansible installed on it, you can follow below links to set them up.

• Ubuntu Desktop with Ansible installed (I'm using Virtualbox VM)
• Get familiar with creating and running simple Ansible Playbook locally

1. Create Ansible Playbook

Create ansible-desktop project folder with below subfolders and files.

ansible-desktop
│   local1.yml
│   ansible.cfg
│   inventory
│
└───files
│   │   nyusa.json
│
└───tasks
    │   install_shadowsocks.yml

• ansible-desktop, files and tasks are folders, the rest are files.

ansible.cfg file:

[defaults]
inventory = inventory

inventory file:

[local]
localhost ansible_connection=local

local1.yml file:

---

- hosts: localhost
  connection: local
  become: true

  tasks:
    - include_tasks: tasks/install_shadowsocks.yml

• hosts and connection values are what we defined in inventory file above.
• become:true means that Ansible will run as sudo.
• include_tasks is used to import task files inside tasks folder.

tasks/install_shadowsocks.yml file:

- name: Get list of all services
  service_facts:

- name: Install shadowsocks-libev
  apt:
    name: shadowsocks-libev
  when: "'shadowsocks-libev' not in services"

- name: Stop and disable shadowsocks server
  service: 
    name: shadowsocks-libev.service
    state: stopped
    enabled: no
  when: "'shadowsocks-libev' not in services"

- name: Copy server config JSON file
  copy:
    src: files/nyusa.json
    dest: /etc/shadowsocks-libev/
    owner: root
    group: root
    mode: 0644
  when: "'shadowsocks-libev' not in services"

- name: Start shadowsocks client
  service:
    name: shadowsocks-libev-[email protected]
    state: started
    enabled: yes
  when: "'shadowsocks-libev' not in services"

In tasks/install_shadowsocks.yml task file, we are:

• getting list of all services in our Ubuntu Desktop using service_facts module.
• installing shadowsocks-libev, if the service doesn't exist.
• stopping and disabling Shadowsocks server, because we only need the client.
• copying nyusa.json config file with connection details to our Shadowsocks server. The name of the file can be anything.
• starting Shadowsocks client using config filename, [email protected].

files/nyusa.json file:

{
	"server":"123.456.78.90",
	"mode":"tcp_and_udp",
	"server_port":8388,
	"local_address": "127.0.0.1",
	"local_port":1080,
	"password":"SGE5HDEgYq",
	"timeout":60,
	"method":"chacha20-ietf-poly1305",
	"nameserver":"1.1.1.1"
}

Make sure to update below settings in files/nyusa.json file with settings from Shadowsocks server config file in your VPS.

• server
• server_port
• password
• method
• nameserver: this is an optional setting. 1.1.1.1 is Cloudflare DNS server. You can use Google's DNS server, 8.8.8.8, or any other DNS server you like.

2. Run Ansible Playbook

Run local1.yml Ansible Playbook from Terminal.

sudo ansible-playbook local1.yml

3. Check Shadowsocks Service Status

Now you can check if Shadowsocks client is running using below command.

sudo systemctl status [email protected]

If Active status is showing active (running), then you are all set.

4. Manually Set Proxy Connections In Applications

In Ubuntu Desktop, you can set up proxy connection through GUI, which will only work for applications that use OS proxy connection by default, such as Chrome, Brave, or Chromium browsers. Firefox uses its own proxy settings, which you will need to configure separately.

4.1. Ubuntu Desktop Proxy Connection

1. Open Settings > Network > Network Proxy settings in Ubuntu Desktop.
2. Select Manual and set Socks Host to 127.0.0.1 and Port to 1080.

4.2. Firefox Proxy Connection

1. Open Settings > General > Network Settings > Settings in Firefox browser.
2. Select Manual proxy configuration and then select SOCKS5 v5.
3. Set SOCKS host to 127.0.0.1 and Port to 1080.
4. Check Proxy DNS when using SOCKS v5.
5. Click OK.

Now you can check you IP address opening https://www.iplocation.net.