安装
记录下V2Ray的使用。
网址
https://www.v2ray.com/
https://github.com/v2ray/v2ray-core
日期校准
时间误差要在90秒之内。
$ date -R
Wed, 25 Sep 2019 11:05:39 -0400
如果时间不准确,可以使用 date --set 修改时间.
$ sudo date --set = "2017-01-22 16:16:23"
Sun 22 Jan 16:16:23 GMT 2017
如果服务器架构是 OpenVZ,那么使用上面的命令有可能修改不了时间,需要发工单联系 VPS 提供商的客服。
安装脚本获取
$ bash <(curl -L -s https://install.direct/go.sh)
或者通过 wget
$ wget https://install.direct/go.sh
如果没有 wget,安装 wget
$ yum -y install wget
安装 V2Ray
$ sudo bash go.sh
安装后再次执行,脚本会升级 V2Ray 程序
$ sudo systemctl start v2ray
$ sudo systemctl restart v2ray
$ sudo systemctl stop v2ray
$ sudo systemctl status v2ray
配置相关
配置讲解、配置含义官网已经有足够的解释了。
本处仅记录 WebSocket + TLS + Web 结合 Cloudflare 的方式,此处 Web 使用的为 Nginx 。
因为我恰好有一个被 ban 了 ip 的 VPS ,其中已经安装过 nginx 以及申请过了证书,有一个闲置域名且已经使用了 Cloudflare 。
Cloudflare
没什么好说的,设置好 ANAME,CNAME 随意,域名设置使用 Cloudflare 的 DNS。
SSL 设置为 Full (strict) 。
服务端配置
your_domain、your_path、your_port、your_id 根据实际情况填写。
nginx 配置
略去证书申请、acme.sh 的使用。
default.conf
server {
listen 443 ssl;
server_name your_domain;
ssl on;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
ssl_trusted_certificate /etc/nginx/ssl/cert.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location /your_path {
proxy_redirect off;
proxy_pass http://127.0.0.1:your_port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# 与下方 proxy_set_header Host $host; 重复,保留一个即可
# proxy_set_header Host $http_host;
# Show real ip in v2ray access.log
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
V2Ray
config.json
{
"inbounds": [
{
"port": your_port,
"listen": "127.0.0.1",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "your_id",
"alterId": 64
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/your_path"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}
客户端配置
config.json
{
"inbounds": [
{
"port": 1080,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": false
}
}
],
"outbounds": [
{
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "your_domain",
"port": 443,
"users": [
{
"id": "your_id",
"alterId": 64
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"wsSettings": {
"path": "/your_path"
}
}
},
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
},
{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}
],
"routing": {
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"ip": [
"geoip:private"
],
"outboundTag": "direct"
},
{
"type": "field",
"domain": [
"geosite:category-ads"
],
"outboundTag": "blocked"
}
]
}
}