魔法教学

VLESS配置

VLESS + WS + TLS

  1. 为网站添加SSL证书,并勾选强制HTTPS

  2. 修改网站配置文件:点击配置文件,找到#SSL-END并在其下面添加如下代码:

1
2
3
4
5
6
7
8
9
10
11
//cs是你自己ws的path,可以修改
location /cs
{
  proxy_pass http://127.0.0.1:你的端口号,端口号自定
  proxy_redirect off;
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_set_header Host $http_host;
  proxy_read_timeout 300s;
}

  1. 开启防火墙端口或者直接关闭防火墙

  2. 安装v2ray最新官方脚本

1
2
curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh
curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-dat-release.sh
  1. 安装和更新V2Ray
1
bash install-release.sh
  1. 安装geoip.dat和geosite.dat
1
bash install-dat-release.sh

  1. 生成UUID:https://1024tools.com/uuid

  2. 进入 /usr/local/etc/v2ray/目录,编辑config.json文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
{
  "log": {
    "access": "/var/log/v2ray/access.log",
    "error": "/var/log/v2ray/error.log",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "port":你的端口,
      "listen": "127.0.0.1",
      "tag": "VLESS-in",
      "protocol": "VLESS",
      "settings": {
        "clients": [
          {
            "id":"你的 UUID",
            "alterId": 0
          }
        ],
        "decryption": "none"
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path":"/cs" //若没有修改过配置文件中的pach,这里就是cs
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": { },
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "settings": { },
      "tag": "blocked"
    }
  ],
  "dns": {
    "servers": [
      "https+local://1.1.1.1/dns-query",
      "1.1.1.1",
      "1.0.0.1",
      "8.8.8.8",
      "8.8.4.4",
      "localhost"
    ]
  },
  "routing": {
    "domainStrategy": "AsIs",
    "rules": [
      {
        "type": "field",
        "inboundTag": [
          "VLESS-in"
        ],
        "outboundTag": "direct"
      }
    ]
  }
}
  1. 设置开机启动
1
2
systemctl enable v2ray
systemctl start v2ray

VLESS + VISION + REALITY

  1. 下载xray

  2. 编辑配置文件

1
vim /usr/local/etc/xray/config.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
{

    "log": {

        "loglevel": "warning"

    },

    "routing": {

        "domainStrategy": "IPIfNonMatch",

        "rules": [

            {

                "type": "field",

                "ip": [

                    "geoip:cn"

                ],

                "outboundTag": "block"

            },

            {

                "type": "field",

                "ip": ["geoip:private"],

                "outboundTag": "block"

            },

            {

                "type": "field",

                "protocol": ["bittorrent"],

                "outboundTag": "block"

            }

        ]

    },

    "inbounds": [

        {

            "listen": "0.0.0.0",

            "port": 10000,

            "protocol": "vless",

            "settings": {

                "clients": [

                    {

                        "id": 可使用xray uuid生成,

                        "flow": "xtls-rprx-vision"

                    }

                ],

                "decryption": "none"

            },

            "streamSettings": {

                "network": "tcp",

                "security": "reality",

                "realitySettings": {

                    "show": false,

                    "dest": 回落域名,必须带端口, 

                    "serverNames": [

                        回落域名 

                    ],

                    "privateKey": 可使用xray x25519生成, 

                    "shortIds": [

                        ""

                    ],

                    "fingerprint": "chrome"

                }

            },

            "sniffing": {

                "enabled": true,

                "destOverride": [

                    "http",

                    "tls",

                    "quic"

                ]

            }

        }

    ],

    "outbounds": [

        {

            "protocol": "freedom",

            "tag": "direct"

        },

        {

            "protocol": "blackhole",

            "tag": "block"

        }

    ]

}
  1. 启动
1
2
systemctl enable xray
systemctl start xray

Trojan-Go配置

  1. 为网站添加SSL证书,并勾选强制HTTPS

  2. 下载文件

  3. 修改server.json

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    {
        "run_type": "server",
        "local_addr": "0.0.0.0",
        "local_port": 连接Trojan的端口,
        "remote_addr": "网站域名",
        "remote_port": Web端口,
        "password": [
            "密码"
        ],
        "ssl": {
            "cert": "/www/server/panel/vhost/cert/网站域名/fullchain.pem",
            "key": "/www/server/panel/vhost/cert/网站域名/privkey.pem",
            "sni": "网站域名",
            "fallback_addr": "网站域名",
            "fallback_port": Web端口
        },
        "router": {
            "enabled": true,
            "block": [
                "geoip:private"
            ],
            "geoip": "/opt/trojan-go/geoip.dat",
            "geosite": "/opt/trojan-go/geosite.dat"
        }
    }

  4. 设置服务

    1
    vim /etc/systemd/system/trojan-go.service
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    [Unit]
    Description=Trojan-Go
    After=network.target nss-lookup.target
    Wants=network-online.target

    [Service]
    Type=simple
    User=root
    ExecStart=/opt/trojan-go/trojan-go -config /opt/trojan-go/server.json
    Restart=on-failure
    RestartSec=5

    [Install]
    WantedBy=multi-user.target

  5. 设置开机启动

    1
    2
    systemctl enable trojan-go.service
    systemctl start trojan-go.service