请注意,本文编写于 2314 天前,最后修改于 1508 天前,其中某些信息可能已经过时。
安装方法参照官方安装
以下只给出WebSocket+TLS+Nginx的配置文件
服务端配置
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
//可能取值 "none" "info" "warning" "error" 其中"debug"记录的数据最多,"error"记录的最少 "none"表示不记录任何内容 默认值为"warning"
"loglevel": "debug"
},
//注"policy"字段需要core≥3.1
"policy": {
"levels": {
"0": {
"uplinkOnly": 0,
"downlinkOnly": 0,
"connIdle": 150,
"handshake": 4
}
}
},
"inbound": {
//默认值为"0.0.0.0"
"listen": "127.0.0.1", //监听ip
"port": 39005, //监听端口
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "7f43b638-dc47-11e7-9296-cec278b6b50a", //自行修改UID
//"level"字段与"policy"字段中的"levels"字段中的对应,默认值:0,注:需要core≥3.1
"level": 1,
"alterId": 64
}
]
},
"streamSettings": {
"network": "ws",
"security": "auto",
"wsSettings": {
"path": "/PATH/",
"headers": {
"Host": "ip.nuei.cn" //自行修改
}
}
}
},
"outbound": {
"protocol": "freedom",
"settings": { }
},
"outboundDetour": [
{
"protocol": "blackhole",
"settings": { },
"tag": "blocked"
}
],
"routing": {
"strategy": "rules",
"settings": {
"rules": [
{
"type": "field",
"ip": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.0.0.0/24",
"192.0.2.0/24",
"192.168.0.0/16",
"198.18.0.0/15",
"198.51.100.0/24",
"203.0.113.0/24",
"::1/128",
"fc00::/7",
"fe80::/10"
],
"outboundTag": "blocked"
}
]
}
}
}
nginx配置
我的nginx是bt面板安装的
server
{
listen 80;
listen 443 ssl http2;
server_name esc.ac.cn;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/esc.ac.cn;
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#error_page 404/404.html;
#HTTP_TO_HTTPS_START
if ($server_port !~ 443){
rewrite ^(/.*)$ https://$host$1 permanent;
}
#HTTP_TO_HTTPS_END
ssl_certificate /etc/letsencrypt/live/esc.ac.cn/fullchain.pem; #自行更改ssl证书目录
ssl_certificate_key /etc/letsencrypt/live/esc.ac.cn/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location /PATH/ #服务端"path": "/PATH/",一样
{
proxy_pass http://127.0.0.1:39005; 反向代理v2ray监听ip和端口
proxy_http_version 1.1;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
#一键申请SSL证书验证目录相关设置
location ~ \.well-known{
allow all;
}
access_log /www/wwwlogs/esc.ac.cn.log;
error_log /www/wwwlogs/esc.ac.cn.error.log;
}
客户端
{
"inbound": {
"port": 1086, //浏览器设置socks代理端口
"listen": "127.0.0.1",//浏览器设置socks代理地址
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true
}
},
"outbound": {
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "esc.ac.cn", //nginx绑定的域名
"port": 443, //nginx监听的端口
"users": [ {
"id": "7f43b638-dc47-11e7-9296-cec27850a", //和服务端一样
"level": 1, //和服务端一样
"alterId": 64 //和服务端一样
} ]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"tlsSettings": {
"serverName": "esc.ac.cn"
},
"wsSettings": {
"path": "/PATH/" //服务端 nginx 客户端必须一样
}
},
"mux": {
"concurrency": 6,
"enabled": true
}
},
"outboundDetour": [
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
}
],
// 注"policy"字段需要core≥3.1
"policy": {
"levels": {
"0": {
"uplinkOnly": 0,
"downlinkOnly": 0,
"connIdle": 150,
"handshake": 4
}
}
},
"routing": {
"strategy": "rules",
"settings": {
"rules": [
{
"type": "field",
"ip": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.0.0.0/24",
"192.0.2.0/24",
"192.168.0.0/16",
"198.18.0.0/15",
"198.51.100.0/24",
"203.0.113.0/24",
"::1/128",
"fc00::/7",
"fe80::/10"
],
"outboundTag": "direct"
}
]
}
}
}