[VPN]v2ray部署WebSocket+TLS+Web(Nginx),并且一键部署BBR加速
安装环境:Centos7.3
安装可能会用到的软件包:
yum -y install wget vim gcc openssl-devel pcre-devel zlib-devel gcc gcc-c++ autoconf automake
下载会用到的工具:
wget https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/tcp.sh wget https://install.direct/go.sh wget http://nginx.org/download/nginx-1.16.1.tar.gz
运行脚本开始安装v2ray:
bash go.sh
运行脚本安装BBR加速:
bash tcp.sh
脚本运行界面如下,先输入2按回车,安装BBRplus,安装完成后需要重启,重启后再次运行脚本输入7启动。(感谢提供:94ish.me)
TCP加速 一键安装管理脚本 [v1.3.2] -- 就是爱生活 | 94ish.me -- 0. 升级脚本 ————————————内核管理———————————— 1. 安装 BBR/BBR魔改版内核 2. 安装 BBRplus版内核 3. 安装 Lotserver(锐速)内核 ————————————加速管理———————————— 4. 使用BBR加速 5. 使用BBR魔改版加速 6. 使用暴力BBR魔改版加速(不支持部分系统) 7. 使用BBRplus版加速 8. 使用Lotserver(锐速)加速 ————————————杂项管理———————————— 9. 卸载全部加速 10. 系统配置优化 11. 退出脚本 ———————————————————————————————— 当前状态: 已安装 BBRplus 加速内核 , BBRplus启动成功 请输入数字 [0-11]:
编写v2ray配置文件:
{
"inbounds": [
{
"port": 12345, //指定本地访问端口
"listen":"127.0.0.1", //可访问此端口的地址,这里填写本地地址
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "c2609674-36e6-409f-973d-f458cb058ec6", //填写任意UUID
"alterId": 64 //额外ID
}
]
},
"streamSettings": {
"network": "ws", //传输协议
"wsSettings": {
"path": "/teddyou" //指定path路径,一会需要与Nginx匹配。
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}启动服务:
systemctl restart v2ray.service
安装NGINX参考:https://teddyou.com/?id=76(做到编译并安装安装完成即可)
修改Nginx配置文件,在http {}中加入以下代码:
配置文件路径:/usr/local/nginx/conf/nginx.conf
server {
listen 443 ssl; //定义https的访问端口
ssl on;
ssl_certificate /usr/local/nginx/ssl/1_ssl.iouuy.com_bundle.crt; //填写SSL证书crt文件路径
ssl_certificate_key /usr/local/nginx/ssl/2_ssl.iouuy.com.key; //填写SSL证书key文件路径
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name 123.com; //使用注册并绑定的域名
location /teddyou { //修改为自己的path路径
proxy_redirect off;
proxy_pass http://127.0.0.1:12345; //填写v2ray配置文件中指定的路径
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}启动服务:
/usr/local/nginx/sbin/nginx
客户端配置示例:
{
"dns": {
"servers": [
"8.8.8.8" //指定DNS服务器
]
},
"inbounds": [
{
"listen": "127.0.0.1", //本地代理
"port": 1090, //本地代理端口
"protocol": "socks", //本地代理协议
"settings": {
"auth": "noauth",
"udp": true,
"userLevel": 8
},
"sniffing": {
"destOverride": [
"http",
"tls"
],
"enabled": true
},
"tag": "socks"
},
{
"listen": "127.0.0.1",
"port": 10809,
"protocol": "http",
"settings": {
"userLevel": 8
},
"tag": "http"
}
],
"log": {
"loglevel": "warning"
},
"outbounds": [
{
"mux": {
"enabled": false
},
"protocol": "vmess", //v2ray协议
"settings": {
"vnext": [
{
"address": "12.12.12.12", //远程代理服务器IP
"port": 443, //远程代理服务器端口
"users": [
{
"alterId": 64, //额外ID
"id": "67f6084a-d57f-4bd4-bb51-b124ebc3727d", //UUID认证
"level": 8,
"security": "none"
}
]
}
]
},
"streamSettings": {
"network": "ws", //传输协议
"security": "tls", //底层传输安全,https
"tlssettings": {
"allowInsecure": true,
"serverName": "123.com" //远程服务器域名,伪装域名
},
"wssettings": {
"connectionReuse": true,
"headers": {
"Host": "123.com" //远程服务器域名,伪装域名
},
"path": "/teddyou" //主机path路径
}
},
"tag": "proxy"
},
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
},
{
"protocol": "blackhole",
"settings": {
"response": {
"type": "http" //伪装类型
}
},
"tag": "block"
}
],
"policy": {
"levels": {
"8": {
"connIdle": 300,
"downlinkOnly": 1,
"handshake": 4,
"uplinkOnly": 1
}
},
"system": {
"statsInboundUplink": true,
"statsInboundDownlink": true
}
},
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": []
},
"stats": {}
}
发表评论