一、概述
v2ray 可以实现网络流量代理,v2ray不同版本配置有些差别,网上有些一键安装工具,但是不同版本的配置不一样,可能会导致跑不起来。本文从github选择4.23.3版本手动安装(当前版本已经到5.1.0)。
二、 安装v2ray
wget https://github.com/v2fly/v2ray-core/releases/download/v4.23.3/v2ray-linux-64.zip
unzip v2ray-linux-64.zip
cd v2ray
rm -fr v2ray-linux-64.zip
cp config.json config.json_bak
vim config.json
nohup ./v2ray run &
config.json 内容
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "warning"
},
"inbounds": [
{
"port":端口号用于nginx反向代理,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "用户标识",
"level": 1,
"alterId": 64
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path":"反向代理的地址"
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
}
}
//include_ss
//include_socks
//include_mtproto
//include_in_config
//
],
"outbounds": [
{
"protocol": "freedom",
"settings": {
"domainStrategy": "UseIP"
},
"tag": "direct"
},
{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
},
{
"protocol": "mtproto",
"settings": {},
"tag": "tg-out"
}
//include_out_config
//
],
"dns": {
"servers": [
"https+local://cloudflare-dns.com/dns-query",
"1.1.1.1",
"1.0.0.1",
"8.8.8.8",
"8.8.4.4",
"localhost"
]
},
"routing": {
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"ip": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.0.0.0/24",
"192.0.2.0/24",
"192.168.0.0/16",
"198.18.0.0/15",
"198.51.100.0/24",
"203.0.113.0/24",
"::1/128",
"fc00::/7",
"fe80::/10"
],
"outboundTag": "blocked"
},
{
"type": "field",
"inboundTag": ["tg-in"],
"outboundTag": "tg-out"
}
,
{
"type": "field",
"domain": [
"domain:epochtimes.com",
"domain:epochtimes.com.tw",
"domain:epochtimes.fr",
"domain:epochtimes.de",
"domain:epochtimes.jp",
"domain:epochtimes.ru",
"domain:epochtimes.co.il",
"domain:epochtimes.co.kr",
"domain:epochtimes-romania.com",
"domain:erabaru.net",
"domain:lagranepoca.com",
"domain:theepochtimes.com",
"domain:ntdtv.com",
"domain:ntd.tv",
"domain:ntdtv-dc.com",
"domain:ntdtv.com.tw",
"domain:minghui.org",
"domain:renminbao.com",
"domain:dafahao.com",
"domain:dongtaiwang.com",
"domain:falundafa.org",
"domain:wujieliulan.com",
"domain:ninecommentaries.com",
"domain:shenyun.com"
],
"outboundTag": "blocked"
} ,
{
"type": "field",
"protocol": [
"bittorrent"
],
"outboundTag": "blocked"
}
//include_ban_ad
//include_rules
//
]
},
"transport": {
"kcpSettings": {
"uplinkCapacity": 100,
"downlinkCapacity": 100,
"congestion": true
}
}
}
配置文件只有三处需要修改:
port
端口号用于nginx反向代理 , 在nginx配置, 这个端口v2ray客户端不用配置id
用户标识, 在v2ray客户端配置, 通过client配置支持多用户, 分配不同的id即可path
反向代理的地址, 需要在nginx配置, 详情见 四、配置反向代理
三、 安装openresty
yum install pcre-devel openssl-devel gcc curl
wget https://openresty.org/download/openresty-1.21.4.1.tar.gz
tar xvf openresty-1.21.4.1.tar.gz
cd openresty-1.21.4.1
./configure --with-luajit \
--without-http_redis2_module \
--with-http_iconv_module \
--with-http_v2_module
四、 配置反向代理
server {
listen 80;
server_name 域名;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
server_name 域名;
root /usr/local/openresty/nginx/html;
ssl_certificate /usr/local/openresty/nginx/conf/ssl/证书;
ssl_certificate_key /usr/local/openresty/nginx/conf/ssl/证书key;
index index.html;
location 反向代理地址 {
proxy_redirect off;
proxy_pass http://127.0.0.1:反向代理端口;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
}
配置文件只有四处需要修改:
server_name
域名ssl_certificate、ssl_certificate_key
https证书,可以通过https://freessl.cn/申请免费证书,且支持自动更新location
反向代理的地址,与v2ray配置一致proxy_pass
代理的地址端口号,与v2ray配置一致