[VPN]v2ray部署WebSocket+TLS+Web(Nginx),并且一键部署BBR加速
安装环境:Centos7.3
安装可能会用到的软件包:
yum -y install wget vim gcc openssl-devel pcre-devel zlib-devel gcc gcc-c++ autoconf automake
下载会用到的工具:
wget https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/tcp.sh wget https://install.direct/go.sh wget http://nginx.org/download/nginx-1.16.1.tar.gz
运行脚本开始安装v2ray:
bash go.sh
运行脚本安装BBR加速:
bash tcp.sh
脚本运行界面如下,先输入2按回车,安装BBRplus,安装完成后需要重启,重启后再次运行脚本输入7启动。(感谢提供:94ish.me)
TCP加速 一键安装管理脚本 [v1.3.2] -- 就是爱生活 | 94ish.me -- 0. 升级脚本 ————————————内核管理———————————— 1. 安装 BBR/BBR魔改版内核 2. 安装 BBRplus版内核 3. 安装 Lotserver(锐速)内核 ————————————加速管理———————————— 4. 使用BBR加速 5. 使用BBR魔改版加速 6. 使用暴力BBR魔改版加速(不支持部分系统) 7. 使用BBRplus版加速 8. 使用Lotserver(锐速)加速 ————————————杂项管理———————————— 9. 卸载全部加速 10. 系统配置优化 11. 退出脚本 ———————————————————————————————— 当前状态: 已安装 BBRplus 加速内核 , BBRplus启动成功 请输入数字 [0-11]:
编写v2ray配置文件:
{ "inbounds": [ { "port": 12345, //指定本地访问端口 "listen":"127.0.0.1", //可访问此端口的地址,这里填写本地地址 "protocol": "vmess", "settings": { "clients": [ { "id": "c2609674-36e6-409f-973d-f458cb058ec6", //填写任意UUID "alterId": 64 //额外ID } ] }, "streamSettings": { "network": "ws", //传输协议 "wsSettings": { "path": "/teddyou" //指定path路径,一会需要与Nginx匹配。 } } } ], "outbounds": [ { "protocol": "freedom", "settings": {} } ] }
启动服务:
systemctl restart v2ray.service
安装NGINX参考:https://teddyou.com/?id=76(做到编译并安装安装完成即可)
修改Nginx配置文件,在http {}中加入以下代码:
配置文件路径:/usr/local/nginx/conf/nginx.conf
server { listen 443 ssl; //定义https的访问端口 ssl on; ssl_certificate /usr/local/nginx/ssl/1_ssl.iouuy.com_bundle.crt; //填写SSL证书crt文件路径 ssl_certificate_key /usr/local/nginx/ssl/2_ssl.iouuy.com.key; //填写SSL证书key文件路径 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; server_name 123.com; //使用注册并绑定的域名 location /teddyou { //修改为自己的path路径 proxy_redirect off; proxy_pass http://127.0.0.1:12345; //填写v2ray配置文件中指定的路径 proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
启动服务:
/usr/local/nginx/sbin/nginx
客户端配置示例:
{ "dns": { "servers": [ "8.8.8.8" //指定DNS服务器 ] }, "inbounds": [ { "listen": "127.0.0.1", //本地代理 "port": 1090, //本地代理端口 "protocol": "socks", //本地代理协议 "settings": { "auth": "noauth", "udp": true, "userLevel": 8 }, "sniffing": { "destOverride": [ "http", "tls" ], "enabled": true }, "tag": "socks" }, { "listen": "127.0.0.1", "port": 10809, "protocol": "http", "settings": { "userLevel": 8 }, "tag": "http" } ], "log": { "loglevel": "warning" }, "outbounds": [ { "mux": { "enabled": false }, "protocol": "vmess", //v2ray协议 "settings": { "vnext": [ { "address": "12.12.12.12", //远程代理服务器IP "port": 443, //远程代理服务器端口 "users": [ { "alterId": 64, //额外ID "id": "67f6084a-d57f-4bd4-bb51-b124ebc3727d", //UUID认证 "level": 8, "security": "none" } ] } ] }, "streamSettings": { "network": "ws", //传输协议 "security": "tls", //底层传输安全,https "tlssettings": { "allowInsecure": true, "serverName": "123.com" //远程服务器域名,伪装域名 }, "wssettings": { "connectionReuse": true, "headers": { "Host": "123.com" //远程服务器域名,伪装域名 }, "path": "/teddyou" //主机path路径 } }, "tag": "proxy" }, { "protocol": "freedom", "settings": {}, "tag": "direct" }, { "protocol": "blackhole", "settings": { "response": { "type": "http" //伪装类型 } }, "tag": "block" } ], "policy": { "levels": { "8": { "connIdle": 300, "downlinkOnly": 1, "handshake": 4, "uplinkOnly": 1 } }, "system": { "statsInboundUplink": true, "statsInboundDownlink": true } }, "routing": { "domainStrategy": "IPIfNonMatch", "rules": [] }, "stats": {} }
发表评论