参考页面为 Project V 官方网站 : https://www.v2ray.com/chapter_00/install.html

由于部分原因 v2ray 越来越流行 ,大部分用户已由 ss 迁移到 v2ray ,对于相关配置过程做一个记录。仅用于学习交流

安装 v2ray


下载官方提供的安装脚本 wget https://install.direct/go.sh,执行脚本 bash go.sh 安装 v2ray 。

  • 配置文件 /etc/v2ray/config.json
  • 启动控制 systemctl start|stop|restart v2ray

除了脚本方式安装外,v2ray 还支持以 Docker 的方式运行,共提供两类 Docker Image:

配置 v2ray


V2ray 支持多种传输协议,本文主要介绍 websocket 结合 https 的传输方式。

直接看配置文件 /etc/v2ray/config.json

{
  "inbounds": [{
    "port": 【填写】,               # v2ray 监听端口,自定义
    "listen": "127.0.0.1",        # v2ray 监听本地的端口,用于接收 nginx 转发的请求
    "protocol": "vmess",
    "streamSettings":{
        "network":"ws",           # websocket 传输方式
        "wsSettings":{
          "path":"/v2ray",        # 路径标识,可自定义
          "headers":{}
      }
    },
    "settings": {
      "clients": [
        {
          "id": "【填写】",         # uuid 类似于口令,用于验证客户端。
          "level": 1,
          "alterId": 64
        },

        {
          "id": "【填写】",         # uuid 类似于口令,用于验证客户端。
          "level": 1,
          "alterId": 64
        }
      ]
    }
 },

 # 下面的 port 配置用于 websocket 的传输方式
 {
    "port": 【填写】,               # v2ray 监听端口,自定义
    "protocol": "vmess",
    "streamSettings":{
      "wsSettings":{
        "path":"/",
        "headers":{}
      },
      "network":"ws"
    },
    "settings": {
      "clients": [
        {
          "id": "【填写】",         # uuid 类似于口令,用于验证客户端。
          "level": 1,
          "alterId": 64
        },

        {
          "id": "【填写】",         # uuid 类似于口令,用于验证客户端。
          "level": 1,
          "alterId": 64
        }
      ]
    }
 }],

  "outbounds": [{
    "protocol": "freedom",
    "settings": {}
  },{
    "protocol": "blackhole",
    "settings": {},
    "tag": "blocked"
  }],
  "routing": {
    "rules": [
      {
        "type": "field",
        "ip": ["geoip:private"],
        "outboundTag": "blocked"
      }
    ]
  }
}

配置了两个 websocket 传输方式,第一个用于监听本地 nginx 转发过来的请求,第二个可以直接接收客户端的请求。虽然 v2ray 本身也支持卸载 ssl 证书,因为习惯问题,还是选择使用 nginx 卸载证书。

配置 Nginx


nginx 的编译安装过程比较简单,简单带过。

  • nginx 源码下载 wget https://nginx.org/download/nginx-1.16.1.tar.gz
  • 解压 tar zxvf nginx-1.16.1.tar.gz
  • 编译安装

    yum install -y wget gcc gcc-c++ automake openssl openssl-devel libxml2-devel libxslt-devel perl-devel perl-ExtUtils-Embed libtool zlib zlib-devel pcre pcre-devel patch
    
    cd nginx-1.16.1
    
    ./configure --prefix=/usr/local/nginx --sbin-path=/usr/local/nginx/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --error-log-path=/usr/local/nginx/logs/error.log --http-log-path=/usr/local/nginx/logs/access.log --pid-path=/usr/local/nginx/run/nginx.pid  --lock-path=/usr/local/nginx/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_dav_module --with-http_flv_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_stub_status_module --with-http_sub_module --with-http_random_index_module --with-http_degradation_module --with-http_secure_link_module --with-http_gzip_static_module --with-http_perl_module --with-debug --with-file-aio --with-mail --with-mail_ssl_module --with-stream --with-pcre --with-stream_ssl_preread_module --with-stream_ssl_module
    
    make && make install
    
    mkdir /usr/local/nginx/conf/conf.d

nginx 配置:

  • 安装目录 /usr/local/nginx
  • 配置文件 /usr/local/nginx/conf/nginx.conf

/usr/local/nginx/conf/nginx.conf

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
                      
    access_log  logs/access.log  main;       # 打开access_log
     
    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;
    gzip  on;

    server {
        listen       20080;           # 修改 80 为其他端口
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }

    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
    include conf.d/*.conf;        # 添加一行
}

新建配置文件 vi /usr/local/nginx/conf/conf.d/v2ray.conf

v2ray.conf

server {
  listen  443 ssl http2;
  ssl on;
  ssl_certificate       /usr/local/nginx/cert/【证书】.crt;
  ssl_certificate_key   /usr/local/nginx/cert/【证书】.key;
  ssl_protocols         TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers           HIGH:!aNULL:!MD5;
  server_name           【域名】;
        location /v2ray { # 与 V2Ray 配置中的 path 保持一致
        proxy_redirect off;
        proxy_pass http://127.0.0.1:30080; #假设WebSocket监听在环回地址的10000端口上,与 v2ray 配置文件保持一致
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;

        # Show realip in v2ray access.log
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
}

/usr/local/nginx/ 下启动 Nginx :

  • cd /usr/local/nginx
  • ./sbin/nginx -t 检查配置文件语法
  • ./sbin/nginx

开放防火墙相应端口:

  • firewall-cmd --zone=public --add-port=443/tcp --permanent
  • firewall-cmd --reload

购买搬瓦工(Bandwagon)VPS,觉得教程有用的话可以通过我的邀请链接购买 : https://bandwagonhost.com/aff.php?aff=46068