v2ray搭建手册

一、概述

v2ray 可以实现网络流量代理,v2ray不同版本配置有些差别,网上有些一键安装工具,但是不同版本的配置不一样,可能会导致跑不起来。本文从github选择4.23.3版本手动安装(当前版本已经到5.1.0)。

二、 安装v2ray

  wget https://github.com/v2fly/v2ray-core/releases/download/v4.23.3/v2ray-linux-64.zip

  unzip v2ray-linux-64.zip

  cd v2ray 

  rm -fr v2ray-linux-64.zip

  cp config.json config.json_bak

  vim config.json

  nohup ./v2ray run &

config.json 内容

{
    "log": {
            "access": "/var/log/v2ray/access.log",
            "error": "/var/log/v2ray/error.log",
            "loglevel": "warning"
    },
    "inbounds": [
            {
                    "port":端口号用于nginx反向代理,
                    "protocol": "vmess",
                    "settings": {
                            "clients": [
                                    {
                                            "id": "用户标识",
                                            "level": 1,
                                            "alterId": 64
                                    }
                            ]
                    },
                    "streamSettings": {
                            "network": "ws",
                            "wsSettings": {
                                    "path":"反向代理的地址"
                            }
                    },
                    "sniffing": {
                            "enabled": true,
                            "destOverride": [
                                    "http",
                                    "tls"
                            ]
                    }
            }
            //include_ss
            //include_socks
            //include_mtproto
            //include_in_config
            //
    ],
    "outbounds": [
            {
                    "protocol": "freedom",
                    "settings": {
                            "domainStrategy": "UseIP"
                    },
                    "tag": "direct"
            },
            {
                    "protocol": "blackhole",
                    "settings": {},
                    "tag": "blocked"
            },
            {
                    "protocol": "mtproto",
                    "settings": {},
                    "tag": "tg-out"
            }
            //include_out_config
            //
    ],
    "dns": {
            "servers": [
                    "https+local://cloudflare-dns.com/dns-query",
                    "1.1.1.1",
                    "1.0.0.1",
                    "8.8.8.8",
                    "8.8.4.4",
                    "localhost"
            ]
    },
    "routing": {
            "domainStrategy": "IPOnDemand",
            "rules": [
                    {
                            "type": "field",
                            "ip": [
                                    "0.0.0.0/8",
                                    "10.0.0.0/8",
                                    "100.64.0.0/10",
                                    "127.0.0.0/8",
                                    "169.254.0.0/16",
                                    "172.16.0.0/12",
                                    "192.0.0.0/24",
                                    "192.0.2.0/24",
                                    "192.168.0.0/16",
                                    "198.18.0.0/15",
                                    "198.51.100.0/24",
                                    "203.0.113.0/24",
                                    "::1/128",
                                    "fc00::/7",
                                    "fe80::/10"
                            ],
                            "outboundTag": "blocked"
                    },
                    {
                            "type": "field",
                            "inboundTag": ["tg-in"],
                            "outboundTag": "tg-out"
                    }
                    ,
                    {
                            "type": "field",
                            "domain": [
                                    "domain:epochtimes.com",
                                    "domain:epochtimes.com.tw",
                                    "domain:epochtimes.fr",
                                    "domain:epochtimes.de",
                                    "domain:epochtimes.jp",
                                    "domain:epochtimes.ru",
                                    "domain:epochtimes.co.il",
                                    "domain:epochtimes.co.kr",
                                    "domain:epochtimes-romania.com",
                                    "domain:erabaru.net",
                                    "domain:lagranepoca.com",
                                    "domain:theepochtimes.com",
                                    "domain:ntdtv.com",
                                    "domain:ntd.tv",
                                    "domain:ntdtv-dc.com",
                                    "domain:ntdtv.com.tw",
                                    "domain:minghui.org",
                                    "domain:renminbao.com",
                                    "domain:dafahao.com",
                                    "domain:dongtaiwang.com",
                                    "domain:falundafa.org",
                                    "domain:wujieliulan.com",
                                    "domain:ninecommentaries.com",
                                    "domain:shenyun.com"
                            ],
                            "outboundTag": "blocked"
                    }                       ,
            {
                "type": "field",
                "protocol": [
                    "bittorrent"
                ],
                "outboundTag": "blocked"
            }
                    //include_ban_ad
                    //include_rules
                    //
            ]
    },
    "transport": {
            "kcpSettings": {
        "uplinkCapacity": 100,
        "downlinkCapacity": 100,
        "congestion": true
    }
    }
} 

配置文件只有三处需要修改:

  1. port
    端口号用于nginx反向代理 , 在nginx配置, 这个端口v2ray客户端不用配置

  2. id
    用户标识, 在v2ray客户端配置, 通过client配置支持多用户, 分配不同的id即可

  3. path
    反向代理的地址, 需要在nginx配置, 详情见 四、配置反向代理

三、 安装openresty

yum install pcre-devel openssl-devel gcc curl
wget https://openresty.org/download/openresty-1.21.4.1.tar.gz
tar xvf openresty-1.21.4.1.tar.gz
cd openresty-1.21.4.1
./configure --with-luajit \
        --without-http_redis2_module \
        --with-http_iconv_module \
        --with-http_v2_module

四、 配置反向代理

server {
    listen 80;
    server_name 域名;
    return 301 https://$server_name$request_uri;
}
server {

    listen 443 ssl http2 default_server;
    server_name 域名;
    root /usr/local/openresty/nginx/html;

    ssl_certificate /usr/local/openresty/nginx/conf/ssl/证书;
    ssl_certificate_key /usr/local/openresty/nginx/conf/ssl/证书key;

    index index.html;

    location 反向代理地址 {
        proxy_redirect off;
        proxy_pass http://127.0.0.1:反向代理端口;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
    }
} 

配置文件只有四处需要修改:

  1. server_name
    域名

  2. ssl_certificate、ssl_certificate_key
    https证书,可以通过https://freessl.cn/申请免费证书,且支持自动更新

  3. location
    反向代理的地址,与v2ray配置一致

  4. proxy_pass
    代理的地址端口号,与v2ray配置一致

添加新评论


Fatal error: Uncaught TypeError: Argument 1 passed to Typecho_Common::exceptionHandle() must be an instance of Exception, instance of Error given in /data/www/blognew/var/Typecho/Common.php:251 Stack trace: #0 [internal function]: Typecho_Common::exceptionHandle(Object(Error)) #1 {main} thrown in /data/www/blognew/var/Typecho/Common.php on line 251