魔法教学

VLESS配置

概述

• 采用 VLESS + WS + TLS
• 原文链接：https://hexsen.com/v2ray-baotavlesswstlsnginxcdn.html

步骤

1. 为网站添加SSL证书，并勾选强制HTTPS
2. 修改网站配置文件：点击配置文件，找到#SSL-END并在其下面添加如下代码：

//cs是你自己ws的path，可以修改
location /cs
{
  proxy_pass http://127.0.0.1:你的端口号，端口号自定
  proxy_redirect off;
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_set_header Host $http_host;
  proxy_read_timeout 300s;
}

4. 开启防火墙端口或者直接关闭防火墙

5. 安装v2ray最新官方脚本

curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh
curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-dat-release.sh

7. 安装和更新V2Ray

bash install-release.sh

9. 安装geoip.dat和geosite.dat

bash install-dat-release.sh

11. 生成UUID：https://1024tools.com/uuid

12. 进入 /usr/local/etc/v2ray/目录，编辑config.json文件

{
  "log": {
    "access": "/var/log/v2ray/access.log",
    "error": "/var/log/v2ray/error.log",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "port":你的端口,
      "listen": "127.0.0.1",
      "tag": "VLESS-in",
      "protocol": "VLESS",
      "settings": {
        "clients": [
          {
            "id":"你的 UUID",
            "alterId": 0
          }
        ],
        "decryption": "none"
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path":"/cs" //若没有修改过配置文件中的pach，这里就是cs
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": { },
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "settings": { },
      "tag": "blocked"
    }
  ],
  "dns": {
    "servers": [
      "https+local://1.1.1.1/dns-query",
      "1.1.1.1",
      "1.0.0.1",
      "8.8.8.8",
      "8.8.4.4",
      "localhost"
    ]
  },
  "routing": {
    "domainStrategy": "AsIs",
    "rules": [
      {
        "type": "field",
        "inboundTag": [
          "VLESS-in"
        ],
        "outboundTag": "direct"
      }
    ]
  }
}

14. 设置开机启动

systemctl enable v2ray
systemctl start v2ray

Trojan-Go配置

步骤

1. 为网站添加SSL证书，并勾选强制HTTPS

2. 下载文件

3. 修改server.json

   {
       "run_type": "server",
       "local_addr": "0.0.0.0",
       "local_port": 连接Trojan的端口,
       "remote_addr": "网站域名",
       "remote_port": Web端口,
       "password": [
           "密码"
       ],
       "ssl": {
           "cert": "/www/server/panel/vhost/cert/网站域名/fullchain.pem",
           "key": "/www/server/panel/vhost/cert/网站域名/privkey.pem",
           "sni": "网站域名",
           "fallback_addr": "网站域名",
           "fallback_port": Web端口
       },
       "router": {
           "enabled": true,
           "block": [
               "geoip:private"
           ],
           "geoip": "/opt/trojan-go/geoip.dat",
           "geosite": "/opt/trojan-go/geosite.dat"
       }
   }

4. 设置服务

   vim /etc/systemd/system/trojan-go.service

   [Unit]
   Description=Trojan-Go
   After=network.target nss-lookup.target
   Wants=network-online.target
   
   [Service]
   Type=simple
   User=root
   ExecStart=/opt/trojan-go/trojan-go -config /opt/trojan-go/server.json
   Restart=on-failure
   RestartSec=5
   
   [Install]
   WantedBy=multi-user.target

5. 设置开机启动

   systemctl enable trojan-go.service
   systemctl start trojan-go.service