Hunter的大杂烩 技术学习笔记

April 22, 2020

install v2ray at centos8

Filed under: 技术话题 — hunter @ 8:28 pm
  1. install dependencies
    1. yum install nginx
    2. yum install wget
  2. open firewall
    1. firewall-cmd –permanent –zone=public –add-port=http/tcp
    2. firewall-cmd –permanent –zone=public –add-port=https/tcp
    3. firewall-cmd –reload

  1. set selinux
    1. setsebool -P httpd_can_network_connect 1
  2.  download
    1. v2ray: wget https://github.com/v2ray/v2ray-core/releases/download/v4.23.1/v2ray-linux-64.zip
    2. acme.sh : wget https://github.com/acmesh-official/acme.sh/archive/master.zip
  3. unzip
  4. config v2ray
  5. {
    “inbounds”: [{
    “listen”: “127.0.0.1”,
    “port”: 10086,
    “protocol”: “vmess”,
    “settings”: {
    “clients”: [
    {
    “id”: “your id”,
    “alterId”: 6
    }
    ]
    },
    “streamSettings”: {
    “network”: “ws”, //采用WebSocket协议
    “wsSettings”: {
    “path”: “/ray” //自定义WS路径,Nginx配置时用
    }
    }
    }],
    “outbounds”: [{
    “protocol”: “freedom”,
    “settings”: {}
    },{
    “protocol”: “blackhole”,
    “settings”: {},
    “tag”: “blocked”
    }],
    “routing”: {
    “rules”: [
    {
    “type”: “field”,
    “ip”: [“geoip:private”],
    “outboundTag”: “blocked”
    }
    ]
    }
    }
  6. config nginx
  7. server {
    listen 443 ssl;
    ssl on;
    ssl_certificate /etc/nginx/cert.d/v2.xxxx_ecc/v2.xiuxi.in.cer; #acme.sh生成的证书路径
    ssl_certificate_key /etc/nginx/cert.d/v2.xxxx_ecc/v2.xiuxi.in.key; #acme.sh生成的证书路径
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!MD5;
    server_name v2.xiuxi.in; #证书绑定的域名
    location /ray { # 与 V2Ray 配置中的 path 保持一致
    proxy_redirect off;
    proxy_pass http://127.0.0.1:10086; # 端口与 V2Ray 配置中的 port 保持一致
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection “upgrade”;
    proxy_set_header Host $host;
    # Show real IP in v2ray access.log
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
    }
  8. set ssl cert
    1. ./acme.sh –issue -d v2.xxxx.in –standalone -k ec-256
    2. mkdir /etc/nginx/cert.d
    3. cp -a  ~/.acme.sh/v2.xxxx_ecc/ /etc/nginx/cert.d/
    4. restorecon -v -R /etc/nginx cert.d/
  9. service nginx start
  10. nohup ./v2ray -config vpoint_vmess_freedom.json &

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress