Shadowsocks-Qt5 AppImage

Applications on Linux tend to be distributed by distributions, managed/packaged by distribution’s package managers. For upstream application developers, one way to ship the software to users is to create binary packages for mainstream Linux distributions. Don’t get me wrong, it is not too difficult, given we’ve now had Launchpad for Ubuntu, Copr for Fedora, OBS for OpenSUSE. Arch Linux has AUR, although that is just recipe collection.

By chance, I’ve seen Krita is shipping their software using AppImage. My attention was drawn over immediately. It looks very promising, given how many upstream apps are packaged in AppImage and how easy-to-use it is. The best part is that AppImage doesn’t require any tools (unlike flatpak which needs OS support). It basically acts similarly to the way how people ship applications on macOS, in bundles! Hence, there you go, my journey to pack Shadowsocks-Qt5 in AppImage.

Since you can easily find well documented procedures in their Wiki pages, I won’t bother logging it step by step but only a few hiccups I got. The tool I’m using is linuxdeployqt along with the vanilla AppImageKit. Both tools are distributed in AppImage format, how convenient! 🙂

As recommended, you should use a relatively old Linux distribution to make your AppImage file as compatible as possible (apps linked against newer GLIBC won’t be able to run with older GLIBC). I’ve chosen Debian Jessie as the host OS which has very similar software suite as Ubuntu Trusty does (so I can use Travis CI in the future to automate AppImage build).

One hiccup I got was a symbol error from libharfbuzz.so, see this issue. After a few days Googling, I found a similar issue which points to freetype and harfbuzz themselves. So I just tried to remove libfreetype.so and libharfbuzz.so from appdir directory, and packed with appimagetool, voila it works! I have to point out that linuxdeployqt will always try to put those necessary libraries into appdir when you use it to pack AppImage. In the end, I had to replace the last step with vanilla appimagetool. In another words, what I did was

linuxdeployqt ./appdir/usr/share/applications/shadowsocks-qt5.desktop -bundle-non-qt-libs
rm -f ./appdir/usr/lib/libharfbuzz.so.0
rm -f ./appdir/usr/lib/libfreetype.so.6
appimagetool ./appdir

An experimental AppImage file has been uploaded to the releases page, please give it try, especially if your Linux distribution doesn’t have Shadowsocks-Qt5 in the repository.

Advertisements

Shadowsocks on RHEL 101

This post is written as a basic guide to install and setup shadowsocks server on Red Hat Enterprise Linux (or its clones such as CentOS). shadowsocks-libev is chosen as the shadowsocks port (implementation) for this guide.

Introduction

Shadowsocks is a beloved lightweight secure proxy procotol that can help you bypass firewalls. It’s incredibly flexible and easy to deploy, setup, or even implement it from scratch. Shadowsocks runs on Windows, Mac, Linux, FreeBSD, Android, iOS and more! It runs on x86, ARM, MIPS and more, from PCs to routers!

The project is open-sourced and hosted on GitHub. Different implementations (shadowsocks port) have different licenses though, their features may vary, especially for non-essential features.

Installation

You don’t need to compile source code yourself. Instead, the recommended way is to install from Copr repository.

  1. Download repo from Shadowsocks Copr.
  2. Put repo file into /etc/yum.repos.d/.
  3. Execute sudo yum update and sudo yum install shadowsocks-libev in terminal.

Server Configuration

Open the configuration file /etc/shadowsocks-libev/config.json (You’ll need root priviledge for this). An example configuration is pasted below:

{
    "server":"0.0.0.0",
    "server_port":8388,
    "local_port":1080,
    "password":"barfoo!",
    "timeout":600,
    "method":"chacha20"
}
  • server: Server listening address
  • server_port: Server listening port
  • local_port: Local listening port (ignored by server)
  • password: Password used for encryption
  • timeout: Maximum idle time for a TCP connection
  • method: Encryption method

Start Service

  • For RHEL 6, execute sudo service shadowsocks-libev start to start.
  • For RHEL 7 or Fedora, execute sudo systemctl start shadowsocks-libev to start.

Client Configuration

There are a lot of shadowsocks clients available on all major platforms. The client’s configuration should be the same as server’s. Well, the server IP is the server’s public IP instead of 0.0.0.0.

You must understand the client is effectively a local SOCKS5 proxy server that forwards data to remote shadowsocks server. In order to complete the proxy channel, you need to set applications’ SOCKS5 proxy server to the client‘s address and port.

A good news is on Android platform, shadowsocks client is more or less like a VPN (easier to setup for tech noobs). You can set it proxy the whole handset, or just proxy certain apps.

Don’t want to type that loooong and full-of-symbols password? Check the Quick Guide to use QR Code to share your configuration (Note: One-time authentication option is not included in QR Code).