3

配置v2ray+nginx+ws访问国际网络

 2 years ago
source link: https://blog.leixin.wang/133ac8a5.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

配置v2ray+nginx+ws访问国际网络

发表于 2020-02-12

| 分类于 linux

| 0

| 浏览 次

字数统计: 502

|

阅读时长 ≈ 2

搞之前先贴上官方文档

0x00 准备工作

  1. VPS一台(visa信用卡可以在google cloud撸一年vps)
  2. 申请一年免费证书(可以在阿里云申请免费域名,也可以用Let's Encrypt申请免费证书并自动更新)

0x01 一键安装配置v2ray

bash <(curl -L -s https://install.direct/go.sh)

v2ray配置文件路径/etc/v2ray/conf.json
注:json不支持注释,此处如果复制,需要删除每行#以及后面内容

{
  "inbounds": [{
    "port": 12345,    #修改监听端口
    "listen": "127.0.0.1",  #增加监听地址
    "protocol": "vmess",
    "settings": {
      "clients": [
        {
          "id": "bd034e62-4e0c-40c7-a39b-bac3a750aa96", #用uuidgen生成uuid后修改此处
          "level": 1,
          "alterId": 64
        }
      ]
    }, #ws配置开始
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
        "path": "/ads"  #修改此处的路径并记录,后面在nginx中需要用到
        }
      } #ws配置结束
  }],
  "outbounds": [{
    "protocol": "freedom",
    "settings": {}
  },{
    "protocol": "blackhole",
    "settings": {},
    "tag": "blocked"
  }],
  "routing": {
    "rules": [
      {
        "type": "field",
        "ip": ["geoip:private"],
        "outboundTag": "blocked"
      }
    ]
  }
}

0x02 安装并配置nginx

yum install nginx,在/etc/nginx/conf.d/中增加v2ray.conf文件,内容如下

server { #此server强制80跳转到443
    listen 80;
    server_name www.abc.com;
    rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
    listen       443 ssl;
    server_name  www.abc.com;

ssl_certificate    /etc/nginx/ssl/v2ray.pem;  #域名证书存放路径
    ssl_certificate_key    /etc/nginx/ssl/v2ray.key; #域名key存放路径
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    error_page 497  https://$host$request_uri;

location = /ads {  #此处location为v2ray中配置的path
       proxy_pass       http://127.0.0.1:12345;
       proxy_redirect             off;
       proxy_http_version         1.1;
       proxy_set_header Upgrade   $http_upgrade;
       proxy_set_header Connection "upgrade";
       proxy_set_header Host      $http_host;
    }

# 优化操作1 将除了ads以外的请求重定向到百度,也可以重定向到其他域名,如个人博客之类的
    location / {
       rewrite .* https://www.baidu.com/ permanent;
    }
}
  • 优化操作2 隐藏nginx版本号
    /etc/nginx/nginx.confhttp段增加server_tokens off;

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK