2020年最新V2RAY+WS+TLS+NGinx搭建教程

发表于 | |

2020年最新V2RAY+WS+TLS+NGinx搭建教程

准备工具:VPS一台;系统CentOS7+;域名1个;(CloudFlare非必须)
1:设置谷歌云XSHELL连接:

1
2
sudo -i
vi /etc/ssh/sshd_config

将下面两项参数进行修改:

修改PermitRootLogin,将no改为为yes;

修改passwordAuthentication,将no改为yes
然后
设置Root登陆密码,输入以下命令

1
passwd root

密码设置成功后,重启sshd服务

1
service sshd restart

然后采用XSHELL进行VPS连接。
2:安装V2ray最新版本, V2Fly项目地址
本视频采用采用CentOS7演示

1
2
3
4
yum makecache
yum install curl
curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh 
curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-dat-release.sh

安装和更新V2ray、安裝最新發行的 geoip.dat 和 geosite.dat

1
bash install-release.sh && bash install-dat-release.sh

3:编辑V2ray配置文件

1
vi /usr/local/etc/v2ray/config.json

配置文件如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
{
  "inbounds": [
    {
      "port": 1112,
      "listen":"127.0.0.1",//只监听 127.0.0.1,避免除本机外的机器探测到开放了 1112 端口
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "UUID",
            "alterId": 64
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
        "path": "/ray"
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
    }
  ]
}

UUID获取网址

4:申请SSL证书,安装 acme.sh:

1
2
3
yum update && yum install curl -y && yum install cron -y && yum install socat -y
curl https://get.acme.sh | sh
source ~/.bashrc

申请证书:

1
bash ~/.acme.sh/acme.sh --issue -d 域名 --alpn -k ec-256

安装证书到指定路径:

1
mkdir /etc/v2ray && sudo ~/.acme.sh/acme.sh --installcert -d 域名 --fullchainpath /etc/v2ray/v2ray.crt --keypath /etc/v2ray/v2ray.key --ecc

给证书赋予权限

1
chmod 644 /etc/v2ray/v2ray.key

[SSL证书效果查询网址](https://www.ssllabs.com/ssltest/index.html)
5:设置V2ray重启|状态检查|开机自启

1
2
3
systemctl restart v2ray
systemctl status v2ray
systemctl enable v2ray

6:Nginx 安装:

1
yum install nginx -y

7:设置Nginx配置文件

1
vi /etc/nginx/conf.d/v2ray.conf

Nginx配置文件如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
server {
  listen 443 ssl;
  listen [::]:443 ssl;
  
  ssl_certificate       /etc/v2ray/v2ray.crt;
  ssl_certificate_key   /etc/v2ray/v2ray.key;
  ssl_session_timeout 1d;
  ssl_session_cache shared:MozSSL:10m;
  ssl_session_tickets off;
  root /usr/share/nginx/html;

  ssl_protocols         TLSv1.2 TLSv1.3;
  ssl_ciphers           ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
  ssl_prefer_server_ciphers off;
  
  server_name           ce.nxcam.tk;
  location /ray { # 与 V2Ray 配置中的 path 保持一致
    if ($http_upgrade != "websocket") { # WebSocket协商失败时返回404
        return 404;
    }
    proxy_redirect off;
    proxy_pass http://127.0.0.1:1112; # 假设WebSocket监听在环回地址的1112端口上;须与V2ray配置端口一致
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    # Show real IP in v2ray access.log
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

8:设置NGinx开机启动等相关命令

1
2
3
4
systemctl enable nginx.service
systemctl restart nginx.service
systemctl status nginx
systemctl start nginx.service

9:证书自动更新设置:

1
2
3
crontab -e

44 3 * * * source ~/.bash_profile && ~/.acme.sh/acme.sh --issue -d 域名 --standalone --pre-hook "/nginx/nginx/sbin/nginx -s stop" --post-hook "/nginx/nginx/sbin/nginx" > /dev/null

10:Nginx伪装网页设置:
进入以下目录

1
cd /usr/share/nginx/html

利用XFTP上传下载好的网页模板即可;模板下载地址

10:最后要运行一下

1
setsebool -P httpd_can_network_connect 1

否则无法正常FQ

TG交流群

支付宝收款签约

年付81元G口VPS

SiemensTutorials

VTURAY网络加速

亚马逊测评资源网|

美国住宅动态