feat(init): init
|
@ -0,0 +1,2 @@
|
|||
# Created by .ignore support plugin (hsz.mobi)
|
||||
.idea
|
|
@ -12,15 +12,141 @@
|
|||
<option name="LAST_RESOLUTION" value="IGNORE" />
|
||||
</component>
|
||||
<component name="FileEditorManager">
|
||||
<leaf />
|
||||
<leaf SIDE_TABS_SIZE_LIMIT_KEY="300">
|
||||
<file pinned="false" current-in-tab="true">
|
||||
<entry file="file://$PROJECT_DIR$/recover_version.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="122">
|
||||
<caret line="24" lean-forward="true" selection-start-line="24" selection-end-line="24" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file pinned="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/generator_client_links.js">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="176">
|
||||
<caret line="8" column="29" selection-start-line="8" selection-start-column="29" selection-end-line="8" selection-end-column="29" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file pinned="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/Trojan.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="3366">
|
||||
<caret line="153" column="35" selection-start-line="153" selection-start-column="35" selection-end-line="153" selection-end-column="35" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file pinned="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/config/config_ws_tls.json">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="1034">
|
||||
<caret line="47" column="9" lean-forward="true" selection-start-line="47" selection-start-column="9" selection-end-line="47" selection-end-column="9" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file pinned="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/config/nginx_Flexible.conf">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="533">
|
||||
<caret line="44" column="42" selection-start-line="44" selection-start-column="42" selection-end-line="44" selection-end-column="42" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file pinned="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/README.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="181">
|
||||
<caret line="187" column="22" selection-start-line="187" selection-start-column="22" selection-end-line="187" selection-end-column="22" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file pinned="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/install_new.sh">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="461">
|
||||
<caret line="169" column="1" lean-forward="true" selection-start-line="169" selection-start-column="1" selection-end-line="169" selection-end-column="1" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file pinned="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/.gitignore">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="44">
|
||||
<caret line="2" lean-forward="true" selection-start-line="2" selection-end-line="2" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
</leaf>
|
||||
</component>
|
||||
<component name="FileTemplateManagerImpl">
|
||||
<option name="RECENT_TEMPLATES">
|
||||
<list>
|
||||
<option value="JavaScript File" />
|
||||
</list>
|
||||
</option>
|
||||
</component>
|
||||
<component name="FindInProjectRecents">
|
||||
<findStrings>
|
||||
<find>jerry-ap/v2ray-network</find>
|
||||
<find>if [</find>
|
||||
<find>source</find>
|
||||
<find>nodePath</find>
|
||||
<find>echoType</find>
|
||||
<find>==</find>
|
||||
<find>uninstall</find>
|
||||
<find>GO</find>
|
||||
<find>checkOS</find>
|
||||
<find>centos</find>
|
||||
<find>Ubuntu</find>
|
||||
<find>/etc/nginx/mime.types</find>
|
||||
<find>sed -i</find>
|
||||
<find>更加隐私一些</find>
|
||||
<find>dnsmasq 实现CNAME方式</find>
|
||||
<find>wget</find>
|
||||
<find>zip</find>
|
||||
<find>process.</find>
|
||||
<find>node</find>
|
||||
<find>Docker</find>
|
||||
<find>sed</find>
|
||||
<find>FullFl</find>
|
||||
<find>到这里就配置完成,可以测试是否能上被q的网站,如果可以使用可以测试上方的优化方</find>
|
||||
<find>免费</find>
|
||||
<find>Trajon</find>
|
||||
<find>img</find>
|
||||
<find>&</find>
|
||||
<find>idc.wiki</find>
|
||||
<find>aff=1146</find>
|
||||
<find>CloudFlare</find>
|
||||
<find>aff.</find>
|
||||
</findStrings>
|
||||
<replaceStrings>
|
||||
<replace>mack-a/v2ray-agent</replace>
|
||||
<replace>domain</replace>
|
||||
<replace>$blue</replace>
|
||||
<replace>$skyBlue</replace>
|
||||
<replace>$purple</replace>
|
||||
<replace>${</replace>
|
||||
<replace>"</replace>
|
||||
<replace>V2Ray</replace>
|
||||
<replace>yum -y install</replace>
|
||||
<replace>${echoType}</replace>
|
||||
<replace>.</replace>
|
||||
<replace>.sourceResult=`. /root/.bashrc`</replace>
|
||||
<replace>Trojan</replace>
|
||||
<replace>Cloudflare</replace>
|
||||
<replace>,</replace>
|
||||
</replaceStrings>
|
||||
<dirStrings>
|
||||
<dir>$PROJECT_DIR$</dir>
|
||||
</dirStrings>
|
||||
</component>
|
||||
<component name="Git.Settings">
|
||||
<option name="RECENT_GIT_ROOT_PATH" value="$PROJECT_DIR$" />
|
||||
|
@ -28,12 +154,42 @@
|
|||
<component name="IdeDocumentHistory">
|
||||
<option name="CHANGED_PATHS">
|
||||
<list>
|
||||
<option value="$PROJECT_DIR$/.gitignore" />
|
||||
<option value="$PROJECT_DIR$/test.sh" />
|
||||
<option value="$PROJECT_DIR$/xxx.sh" />
|
||||
<option value="$PROJECT_DIR$/config_ws_tls.json" />
|
||||
<option value="$PROJECT_DIR$/nginx.conf" />
|
||||
<option value="$PROJECT_DIR$/demo.js" />
|
||||
<option value="$PROJECT_DIR$/package-lock.json" />
|
||||
<option value="$PROJECT_DIR$/config/config_ws_tls.json" />
|
||||
<option value="$PROJECT_DIR$/default.md" />
|
||||
<option value="$PROJECT_DIR$/optimize_v2ray.md" />
|
||||
<option value="$PROJECT_DIR$/settings.md" />
|
||||
<option value="$PROJECT_DIR$/install.sh" />
|
||||
<option value="$PROJECT_DIR$/generator_client_links.js" />
|
||||
<option value="$PROJECT_DIR$/optimize_V2Ray.md" />
|
||||
<option value="$PROJECT_DIR$/Dockerfile" />
|
||||
<option value="$PROJECT_DIR$/Docker/Docker.md" />
|
||||
<option value="$PROJECT_DIR$/Flexible.md" />
|
||||
<option value="$PROJECT_DIR$/Trajon.md" />
|
||||
<option value="$PROJECT_DIR$/Trojan.md" />
|
||||
<option value="$PROJECT_DIR$/Cloudflare_Flexible.md" />
|
||||
<option value="$PROJECT_DIR$/Cloudflare_Full.md" />
|
||||
<option value="$PROJECT_DIR$/free_account.md" />
|
||||
<option value="$PROJECT_DIR$/config/nginx.conf" />
|
||||
<option value="$PROJECT_DIR$/traffic_relay.md" />
|
||||
<option value="$PROJECT_DIR$/firewall.md" />
|
||||
<option value="$PROJECT_DIR$/config/nginx_Flexible.conf" />
|
||||
<option value="$PROJECT_DIR$/install_new.sh" />
|
||||
<option value="$PROJECT_DIR$/traffic_relay_tls_ws.md" />
|
||||
<option value="$PROJECT_DIR$/traffic_relay_tcp_vmess.md" />
|
||||
<option value="$PROJECT_DIR$/README.md" />
|
||||
<option value="$PROJECT_DIR$/recover_version.md" />
|
||||
</list>
|
||||
</option>
|
||||
</component>
|
||||
<component name="ProjectFrameBounds" extendedState="6">
|
||||
<option name="x" value="79" />
|
||||
<option name="x" value="47" />
|
||||
<option name="y" value="-697" />
|
||||
<option name="width" value="1280" />
|
||||
<option name="height" value="697" />
|
||||
|
@ -66,7 +222,22 @@
|
|||
<property name="last_opened_file_path" value="$PROJECT_DIR$" />
|
||||
<property name="nodejs_interpreter_path.stuck_in_default_project" value="$USER_HOME$/.nvm/versions/node/v6.10.0/bin/node" />
|
||||
<property name="nodejs_npm_path_reset_for_default_project" value="true" />
|
||||
<property name="settings.editor.selected.configurable" value="Errors" />
|
||||
<property name="restartRequiresConfirmation" value="false" />
|
||||
<property name="settings.editor.selected.configurable" value="preferences.sourceCode" />
|
||||
</component>
|
||||
<component name="RecentsManager">
|
||||
<key name="CopyFile.RECENT_KEYS">
|
||||
<recent name="$PROJECT_DIR$" />
|
||||
<recent name="$PROJECT_DIR$/config" />
|
||||
<recent name="$PROJECT_DIR$/docker" />
|
||||
<recent name="$PROJECT_DIR$/fodder" />
|
||||
</key>
|
||||
<key name="MoveFile.RECENT_KEYS">
|
||||
<recent name="$PROJECT_DIR$/fodder" />
|
||||
<recent name="$PROJECT_DIR$" />
|
||||
<recent name="$PROJECT_DIR$/docker" />
|
||||
<recent name="$PROJECT_DIR$/config" />
|
||||
</key>
|
||||
</component>
|
||||
<component name="RunDashboard">
|
||||
<option name="ruleStates">
|
||||
|
@ -80,6 +251,27 @@
|
|||
</list>
|
||||
</option>
|
||||
</component>
|
||||
<component name="RunManager" selected="Node.js.generator_client_links.js">
|
||||
<configuration name="xxx.sh" type="BashConfigurationType" factoryName="Bash" temporary="true">
|
||||
<module name="v2ray-agent" />
|
||||
<option name="INTERPRETER_OPTIONS" value="bash'" />
|
||||
<option name="INTERPRETER_PATH" value="/usr/bin/env" />
|
||||
<option name="PROJECT_INTERPRETER" value="false" />
|
||||
<option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />
|
||||
<option name="PARENT_ENVS" value="true" />
|
||||
<option name="SCRIPT_NAME" value="$PROJECT_DIR$/xxx.sh" />
|
||||
<option name="PARAMETERS" value="" />
|
||||
<method v="2" />
|
||||
</configuration>
|
||||
<configuration name="generator_client_links.js" type="NodeJSConfigurationType" nameIsGenerated="true" path-to-js-file="$PROJECT_DIR$/generator_client_links.js" working-dir="$PROJECT_DIR$">
|
||||
<method v="2" />
|
||||
</configuration>
|
||||
<recent_temporary>
|
||||
<list>
|
||||
<item itemvalue="Bash.xxx.sh" />
|
||||
</list>
|
||||
</recent_temporary>
|
||||
</component>
|
||||
<component name="SvnConfiguration">
|
||||
<configuration />
|
||||
</component>
|
||||
|
@ -90,47 +282,293 @@
|
|||
<option name="number" value="Default" />
|
||||
<option name="presentableId" value="Default" />
|
||||
<updated>1573007543792</updated>
|
||||
<workItem from="1573007546616" duration="991000" />
|
||||
<workItem from="1573007546616" duration="14861000" />
|
||||
<workItem from="1573105211224" duration="5701000" />
|
||||
<workItem from="1573113873298" duration="13404000" />
|
||||
<workItem from="1574239163078" duration="4391000" />
|
||||
<workItem from="1574734689523" duration="17345000" />
|
||||
<workItem from="1574846421444" duration="1000" />
|
||||
<workItem from="1575276869493" duration="10075000" />
|
||||
<workItem from="1575450848095" duration="28248000" />
|
||||
<workItem from="1575876296267" duration="25021000" />
|
||||
<workItem from="1576051264080" duration="5702000" />
|
||||
<workItem from="1576113491535" duration="29909000" />
|
||||
<workItem from="1576480597093" duration="35230000" />
|
||||
<workItem from="1576749427970" duration="766000" />
|
||||
<workItem from="1576831254361" duration="8019000" />
|
||||
<workItem from="1577177224298" duration="10000" />
|
||||
<workItem from="1577265966108" duration="1069000" />
|
||||
<workItem from="1577411661192" duration="8030000" />
|
||||
<workItem from="1577692937898" duration="934000" />
|
||||
<workItem from="1577785825869" duration="9919000" />
|
||||
<workItem from="1578623603875" duration="661000" />
|
||||
<workItem from="1578634947925" duration="553000" />
|
||||
<workItem from="1578644724979" duration="1173000" />
|
||||
<workItem from="1579052752711" duration="4771000" />
|
||||
<workItem from="1582528631305" duration="4531000" />
|
||||
<workItem from="1582609930611" duration="1395000" />
|
||||
<workItem from="1583137669423" duration="2520000" />
|
||||
<workItem from="1583284796744" duration="528000" />
|
||||
<workItem from="1583478817092" duration="1424000" />
|
||||
<workItem from="1583829102337" duration="1839000" />
|
||||
<workItem from="1584089460784" duration="7216000" />
|
||||
<workItem from="1584430543139" duration="66000" />
|
||||
<workItem from="1586419999097" duration="106000" />
|
||||
<workItem from="1586853572994" duration="4264000" />
|
||||
<workItem from="1587028532486" duration="796000" />
|
||||
<workItem from="1587099320601" duration="3068000" />
|
||||
<workItem from="1587440378186" duration="14318000" />
|
||||
<workItem from="1587542965875" duration="3474000" />
|
||||
<workItem from="1587635162834" duration="2117000" />
|
||||
<workItem from="1587716147640" duration="4802000" />
|
||||
<workItem from="1587882541760" duration="1544000" />
|
||||
<workItem from="1588053192255" duration="388000" />
|
||||
<workItem from="1588215678869" duration="1033000" />
|
||||
<workItem from="1588230286359" duration="6983000" />
|
||||
<workItem from="1589553918080" duration="2376000" />
|
||||
<workItem from="1589632593714" duration="5750000" />
|
||||
<workItem from="1589680663312" duration="837000" />
|
||||
<workItem from="1590119400182" duration="4144000" />
|
||||
</task>
|
||||
<servers />
|
||||
</component>
|
||||
<component name="TimeTrackingManager">
|
||||
<option name="totallyTimeSpent" value="991000" />
|
||||
<option name="totallyTimeSpent" value="301312000" />
|
||||
</component>
|
||||
<component name="ToolWindowManager">
|
||||
<frame x="79" y="-697" width="1280" height="697" extended-state="6" />
|
||||
<editor active="true" />
|
||||
<frame x="47" y="-697" width="1280" height="697" extended-state="6" />
|
||||
<layout>
|
||||
<window_info id="Favorites" side_tool="true" />
|
||||
<window_info active="true" content_ui="combo" id="Project" order="0" visible="true" weight="0.2494043" />
|
||||
<window_info id="Structure" order="1" side_tool="true" weight="0.25" />
|
||||
<window_info anchor="bottom" id="Docker" show_stripe_button="false" />
|
||||
<window_info anchor="bottom" id="Version Control" />
|
||||
<window_info anchor="bottom" id="Terminal" />
|
||||
<window_info anchor="bottom" id="Event Log" side_tool="true" />
|
||||
<window_info content_ui="combo" id="Project" order="0" sideWeight="0.49726775" visible="true" weight="0.15250199" />
|
||||
<window_info id="Structure" order="1" sideWeight="0.5027322" side_tool="true" weight="0.17688513" />
|
||||
<window_info id="Favorites" order="2" side_tool="true" />
|
||||
<window_info anchor="bottom" id="Message" order="0" />
|
||||
<window_info anchor="bottom" id="Find" order="1" />
|
||||
<window_info anchor="bottom" id="Run" order="2" />
|
||||
<window_info anchor="bottom" id="Debug" order="3" weight="0.4" />
|
||||
<window_info anchor="bottom" id="Run" order="2" weight="0.26280993" />
|
||||
<window_info anchor="bottom" id="Debug" order="3" weight="0.29256198" />
|
||||
<window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
|
||||
<window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
|
||||
<window_info anchor="bottom" id="TODO" order="6" />
|
||||
<window_info anchor="bottom" id="Docker" order="7" show_stripe_button="false" />
|
||||
<window_info active="true" anchor="bottom" id="Version Control" order="8" visible="true" weight="0.246281" />
|
||||
<window_info anchor="bottom" id="Terminal" order="9" weight="0.3289256" />
|
||||
<window_info anchor="bottom" id="Event Log" order="10" side_tool="true" weight="0.3289256" />
|
||||
<window_info anchor="bottom" id="Messages" order="11" />
|
||||
<window_info anchor="right" id="Commander" internal_type="SLIDING" order="0" type="SLIDING" weight="0.4" />
|
||||
<window_info anchor="right" id="Ant Build" order="1" weight="0.25" />
|
||||
<window_info anchor="right" content_ui="combo" id="Hierarchy" order="2" weight="0.25" />
|
||||
</layout>
|
||||
<layout-to-restore>
|
||||
<window_info active="true" content_ui="combo" id="Project" order="0" sideWeight="0.49726775" visible="true" weight="0.17688513" />
|
||||
<window_info id="Structure" order="1" sideWeight="0.5027322" side_tool="true" weight="0.17688513" />
|
||||
<window_info id="Favorites" order="2" side_tool="true" />
|
||||
<window_info anchor="bottom" id="Message" order="0" />
|
||||
<window_info anchor="bottom" id="Find" order="1" />
|
||||
<window_info anchor="bottom" id="Run" order="2" weight="0.26280993" />
|
||||
<window_info anchor="bottom" id="Debug" order="3" weight="0.29256198" />
|
||||
<window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
|
||||
<window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
|
||||
<window_info anchor="bottom" id="TODO" order="6" />
|
||||
<window_info anchor="bottom" id="Docker" order="7" show_stripe_button="false" />
|
||||
<window_info anchor="bottom" id="Version Control" order="8" weight="0.3272727" />
|
||||
<window_info anchor="bottom" id="Terminal" order="9" weight="0.3289256" />
|
||||
<window_info anchor="bottom" id="Event Log" order="10" side_tool="true" weight="0.3289256" />
|
||||
<window_info anchor="bottom" id="Messages" order="11" />
|
||||
<window_info anchor="right" id="Commander" internal_type="SLIDING" order="0" type="SLIDING" weight="0.4" />
|
||||
<window_info anchor="right" id="Ant Build" order="1" weight="0.25" />
|
||||
<window_info anchor="right" content_ui="combo" id="Hierarchy" order="2" weight="0.25" />
|
||||
</layout-to-restore>
|
||||
</component>
|
||||
<component name="TypeScriptGeneratedFilesManager">
|
||||
<option name="version" value="1" />
|
||||
</component>
|
||||
<component name="UnknownFeatures">
|
||||
<option featureType="com.intellij.fileTypeFactory" implementationName="*.conf" />
|
||||
<option featureType="com.intellij.fileTypeFactory" implementationName="*.md" />
|
||||
</component>
|
||||
<component name="Vcs.Log.History.Properties">
|
||||
<option name="COLUMN_ORDER">
|
||||
<list>
|
||||
<option value="0" />
|
||||
<option value="2" />
|
||||
<option value="3" />
|
||||
<option value="1" />
|
||||
</list>
|
||||
</option>
|
||||
</component>
|
||||
<component name="editorHistoryManager">
|
||||
<entry file="file://$PROJECT_DIR$/fodder/CDN域名解析 CNAME.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/fodder/moeelf添加域名.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/fodder/moeelf添加DNS记录.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/fodder/dnspod添加记录.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/fodder/CloudFlare dnspod解析.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/test.sh" />
|
||||
<entry file="file://$PROJECT_DIR$/node_modules/nginx-conf/src/parser.js" />
|
||||
<entry file="file://$PROJECT_DIR$/node_modules/nginx-conf/src/conf.js" />
|
||||
<entry file="file://$PROJECT_DIR$/node_modules/nginx-conf/index.js" />
|
||||
<entry file="file://$PROJECT_DIR$/package-lock.json" />
|
||||
<entry file="file://$PROJECT_DIR$/nginx.conf" />
|
||||
<entry file="file://$PROJECT_DIR$/config_ws_tls.json" />
|
||||
<entry file="file://$PROJECT_DIR$/xxx.sh" />
|
||||
<entry file="file://$PROJECT_DIR$/updateSSH.sh" />
|
||||
<entry file="file://$PROJECT_DIR$/v2ray.md" />
|
||||
<entry file="file://$PROJECT_DIR$/fodder/一键脚本示例图.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/settings.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="220">
|
||||
<caret line="10" column="23" lean-forward="true" selection-start-line="10" selection-start-column="23" selection-end-line="10" selection-end-column="23" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/ping_tool.sh">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="115">
|
||||
<caret line="115" column="25" lean-forward="true" selection-start-line="115" selection-start-column="25" selection-end-line="115" selection-end-column="25" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/docker/docker-compose.yml" />
|
||||
<entry file="file://$PROJECT_DIR$/Docker/config_ws.json" />
|
||||
<entry file="file://$PROJECT_DIR$/optimize_V2Ray.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="203">
|
||||
<caret line="273" lean-forward="true" selection-start-line="273" selection-end-line="273" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/Dockerfile" />
|
||||
<entry file="file://$PROJECT_DIR$/Docker/Docker.md" />
|
||||
<entry file="file://$PROJECT_DIR$/Docker/nginx.conf" />
|
||||
<entry file="file://$PROJECT_DIR$/Docker/start.sh" />
|
||||
<entry file="file://$PROJECT_DIR$/config/nginx.conf">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="661">
|
||||
<caret line="54" lean-forward="true" selection-start-line="54" selection-end-line="54" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/free_account.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="220">
|
||||
<caret line="10" lean-forward="true" selection-start-line="10" selection-end-line="10" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/Cloudflare_Flexible.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="661">
|
||||
<caret line="104" selection-start-line="104" selection-end-line="125" selection-end-column="14" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/fodder/CloudFlare Trojan V2Ray.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/fodder/idcwiki_traffic.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/fodder/cloudflare_idcwiki.png">
|
||||
<provider selected="true" editor-type-id="images" />
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/Cloudflare_Full.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="833">
|
||||
<caret line="166" column="22" selection-start-line="166" selection-start-column="22" selection-end-line="166" selection-end-column="22" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/traffic_relay_tcp_vmess.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="176">
|
||||
<caret line="8" column="18" lean-forward="true" selection-start-line="8" selection-start-column="18" selection-end-line="8" selection-end-column="18" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/firewall.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="374">
|
||||
<caret line="17" column="35" lean-forward="true" selection-start-line="17" selection-start-column="35" selection-end-line="17" selection-end-column="35" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/install.sh">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="176">
|
||||
<caret line="8" column="13" selection-start-line="8" selection-start-column="13" selection-end-line="8" selection-end-column="13" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/traffic_relay_tls_ws.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="655">
|
||||
<caret line="33" column="9" selection-start-line="33" selection-start-column="9" selection-end-line="33" selection-end-column="9" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/generator_client_links.js">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="176">
|
||||
<caret line="8" column="29" selection-start-line="8" selection-start-column="29" selection-end-line="8" selection-end-column="29" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/Trojan.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="3366">
|
||||
<caret line="153" column="35" selection-start-line="153" selection-start-column="35" selection-end-line="153" selection-end-column="35" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/config/config_ws_tls.json">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="1034">
|
||||
<caret line="47" column="9" lean-forward="true" selection-start-line="47" selection-start-column="9" selection-end-line="47" selection-end-column="9" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/README.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="22">
|
||||
<caret line="1" column="46" lean-forward="true" selection-start-line="1" selection-end-line="1" selection-end-column="46" />
|
||||
<state relative-caret-position="181">
|
||||
<caret line="187" column="22" selection-start-line="187" selection-start-column="22" selection-end-line="187" selection-end-column="22" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/config/nginx_Flexible.conf">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="533">
|
||||
<caret line="44" column="42" selection-start-line="44" selection-start-column="42" selection-end-line="44" selection-end-column="42" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/install_new.sh">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="461">
|
||||
<caret line="169" column="1" lean-forward="true" selection-start-line="169" selection-start-column="1" selection-end-line="169" selection-end-column="1" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/.gitignore">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="44">
|
||||
<caret line="2" lean-forward="true" selection-start-line="2" selection-end-line="2" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/recover_version.md">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state relative-caret-position="122">
|
||||
<caret line="24" lean-forward="true" selection-start-line="24" selection-end-line="24" />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
|
|
|
@ -0,0 +1,126 @@
|
|||
# 目录
|
||||
- [技能点列表](#技能点列表)
|
||||
- [一键脚本](#一键脚本)
|
||||
* [1.自动模式](#1自动模式)
|
||||
* [2.手动模式](#2手动模式)
|
||||
- [1.准备工作](#1准备工作)
|
||||
* [1.注册cloudflare](#1注册cloudflare)
|
||||
* [2.注册godaddy并购买域名](#2注册godaddy并购买域名)
|
||||
* [3.修改godaddy域名的DNS解析](#3修改godaddy域名的dns解析)
|
||||
+ [1.登录cloudflare,添加域名](#1登录cloudflare添加域名)
|
||||
+ [2.选择套餐](#2选择套餐)
|
||||
+ [3.根据提示修改godaddy的dns解析](#3根据提示修改godaddy的dns解析)
|
||||
* [4.增加cloudflare域名解析](#4增加cloudflare域名解析)
|
||||
* [5.修改godaddy SSL/TLS](#5修改godaddy-ssltls)
|
||||
- [2.vps配置Nginx](#2vps配置nginx)
|
||||
* [1.安装Nginx](#1安装Nginx)
|
||||
* [2.nginx配置文件](#2nginx配置文件)
|
||||
- [3.配置v2ray](#3配置v2ray)
|
||||
* [1.安装v2ray](#1安装v2ray)
|
||||
* [2.v2ray配置文件](#v2ray配置文件)
|
||||
* [3.启动v2ray](#3启动v2ray)
|
||||
- [4.客户端](#4客户端)
|
||||
* [1.MacOS](#1macos)
|
||||
* [2.windows](#2windows)
|
||||
|
||||
|
||||
# 技能点列表
|
||||
- [bandwagonhost[Ubuntu、Centos、Debian]链接一](https://bandwagonhost.com)
|
||||
- [bandwagonhost[Ubuntu、Centos、Debian]链接二](https://bwh1.net)【境外vps或者其他vps厂商】
|
||||
- [freenom](https://freenom.com/)【免费域名】
|
||||
- [godaddy](https://www.godaddy.com/)【域名厂商】
|
||||
- [cloudflare](cloudflare.com)【CDN】
|
||||
- [letsencrypt](https://letsencrypt.org/)【HTTPS】
|
||||
- [Nginx](https://www.nginx.com/)【反向代理】
|
||||
- [V2Ray](v2ray.com)【代理工具】
|
||||
|
||||
# 1.准备工作
|
||||
## 1.注册[cloudflare](cloudflare.com)
|
||||
## 2.注册[godaddy](https://www.godaddy.com/)并购买域名或者使用免费域名[freenom](https://freenom.com/)
|
||||
- 这里使用godaddy作为示例
|
||||
- 域名可选择xyz结尾的国际域名,可采用多字符乱码的方式组合域名,(比如wk1c.xyz)首年大概8RMB左右,第二年可以直接买一个新的。
|
||||
|
||||
## 3.修改godaddy域名的DNS解析
|
||||
### 1.登录cloudflare,添加域名
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare.png" width=400>
|
||||
|
||||
### 2.选择套餐
|
||||
- 如果仅仅只享受科学上网功能,选择free即可
|
||||
- 如果需要更好的网络环境、更快的速度,可选择相应的套餐
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_plan.png" width=400>
|
||||
|
||||
### 3.根据提示修改godaddy的dns解析
|
||||
- cloudflare提示界面
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_dns.png" width=400>
|
||||
|
||||
- godaddy DNS管理,根据上面的cloudflare提示界面修改为相应的dns
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/godayddy_dns.png" width=400>
|
||||
|
||||
## 4.增加cloudflare域名解析
|
||||
- 添加域名解析(记录),可以选择二级域名,这样就可以一个月解析到不同的服务器,name填写你要解析的二级域名的host部分,比如ls.example.com 只填写ls即可
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_record_dns.png" width=400>
|
||||
|
||||
## 5.修改godaddy SSL/TLS
|
||||
- 如果vps选择使用https,需要把类型修改为Flexible
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_tls_Flexible.png" width=400>
|
||||
|
||||
# 2.vps配置Nginx
|
||||
## 1.安装Nginx
|
||||
```
|
||||
yum install nginx
|
||||
```
|
||||
## 2.nginx配置文件
|
||||
|
||||
- 1.下载配置文件并替换默认文件
|
||||
```
|
||||
cd /etc/nginx&&rm -rf /etc/nginx/nginx.conf&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx_Flexible.conf&&mv /etc/nginx/nginx_Flexible.conf /etc/nginx/nginx.conf
|
||||
# 如果缺少wget 则执行下面的命令,然后重复上面的命令
|
||||
yum install wget
|
||||
```
|
||||
- 将下载好的文件中关于ls.xxx.xyz的内容都替换成你的二级域名
|
||||
|
||||
# 3.配置v2ray
|
||||
## 1.安装v2ray
|
||||
|
||||
```
|
||||
bash <(curl -L -s https://install.direct/go.sh)
|
||||
```
|
||||
|
||||
## 2.v2ray配置文件
|
||||
|
||||
- 下载config_ws_tls.json
|
||||
```
|
||||
cd&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/config_ws_tls.json
|
||||
```
|
||||
|
||||
- 配置文件的id可以自己生成一个新的,替换即可
|
||||
```
|
||||
/usr/bin/v2ray/v2ctl uuid
|
||||
```
|
||||
|
||||
## 3.启动v2ray
|
||||
```
|
||||
/usr/bin/v2ray/v2ray -config ./config_ws_tls.json&
|
||||
```
|
||||
|
||||
# 4.客户端
|
||||
## 1.MacOS
|
||||
- 下载V2RayU[点我下载](https://github.com/yanue/V2rayU/releases/download/1.4.1/V2rayU.dmg)
|
||||
- 下载后打开,服务器设置,修改address即可
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/v2rayU_服务器配置.png" width=400>
|
||||
|
||||
- pac设置,添加下面的链接并选择使用Pac模式,即可
|
||||
```
|
||||
https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt
|
||||
```
|
||||
|
||||
## 2.windows
|
||||
- 下载v2rayN[点我下载](https://github.com/2dust/v2rayN/releases/download/2.44/v2rayN.zip)
|
||||
- 使用方法 [点我查看](https://github.com/233boy/v2ray/wiki/V2RayN%E4%BD%BF%E7%94%A8%E6%95%99%E7%A8%8B)
|
||||
|
||||
## 3.Android
|
||||
- [v2rayNG](https://github.com/2dust/v2rayNG/releases)
|
||||
|
||||
## 4.ios【需要自行购买或者使用共享账号安装】
|
||||
- Quantumult【推荐使用】
|
||||
- Shadowrocket
|
|
@ -0,0 +1,174 @@
|
|||
# 目录
|
||||
- [技能点列表](#技能点列表)
|
||||
- [一键脚本](#一键脚本)
|
||||
* [1.自动模式](#1自动模式)
|
||||
* [2.手动模式](#2手动模式)
|
||||
- [1.准备工作](#1准备工作)
|
||||
* [1.注册cloudflare](#1注册cloudflare)
|
||||
* [2.注册godaddy并购买域名](#2注册godaddy并购买域名)
|
||||
* [3.修改godaddy域名的DNS解析](#3修改godaddy域名的dns解析)
|
||||
+ [1.登录cloudflare,添加域名](#1登录cloudflare添加域名)
|
||||
+ [2.选择套餐](#2选择套餐)
|
||||
+ [3.根据提示修改godaddy的dns解析](#3根据提示修改godaddy的dns解析)
|
||||
* [4.增加cloudflare域名解析](#4增加cloudflare域名解析)
|
||||
* [5.修改godaddy SSL/TLS](#5修改godaddy-ssltls)
|
||||
- [2.vps配置Nginx、https](#2vps配置nginxhttps)
|
||||
* [1.安装Nginx](#1安装Nginx)
|
||||
* [2.nginx配置文件](#2nginx配置文件)
|
||||
* [3.生成https](#3生成https)
|
||||
- [3.配置v2ray](#3配置v2ray)
|
||||
* [1.安装v2ray](#1安装v2ray)
|
||||
* [2.v2ray配置文件](#v2ray配置文件)
|
||||
* [3.启动v2ray](#3启动v2ray)
|
||||
- [4.客户端](#4客户端)
|
||||
* [1.MacOS](#1macos)
|
||||
* [2.windows](#2windows)
|
||||
|
||||
# 1.准备工作
|
||||
## 1.注册[cloudflare](cloudflare.com)
|
||||
## 2.注册[godaddy](https://www.godaddy.com/)并购买域名或者使用免费域名[freenom](https://freenom.com/)
|
||||
- 这里使用godaddy作为示例
|
||||
- 域名可选择xyz结尾的国际域名,可采用多字符乱码的方式组合域名,(比如wk1c.xyz)首年大概8RMB左右,第二年可以直接买一个新的。
|
||||
|
||||
## 3.修改godaddy域名的DNS解析
|
||||
### 1.登录cloudflare,添加域名
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare.png" width=400>
|
||||
|
||||
### 2.选择套餐
|
||||
- 如果仅仅只享受科学上网功能,选择free即可
|
||||
- 如果需要更好的网络环境、更快的速度,可选择相应的套餐
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_plan.png" width=400>
|
||||
|
||||
### 3.根据提示修改godaddy的dns解析
|
||||
- cloudflare提示界面
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_dns.png" width=400>
|
||||
|
||||
- godaddy DNS管理,根据上面的cloudflare提示界面修改为相应的dns
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/godayddy_dns.png" width=400>
|
||||
|
||||
## 4.增加cloudflare域名解析
|
||||
- 添加域名解析(记录),可以选择二级域名,这样就可以一个月解析到不同的服务器,name填写你要解析的二级域名的host部分,比如ls.example.com 只填写ls即可
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_record_dns.png" width=400>
|
||||
|
||||
## 5.修改godaddy SSL/TLS
|
||||
- 如果vps选择使用https,需要把类型修改为Full
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_tls.png" width=400>
|
||||
|
||||
# 2.vps配置Nginx、https
|
||||
## 1.安装Nginx
|
||||
```
|
||||
yum install nginx
|
||||
```
|
||||
## 2.nginx配置文件
|
||||
|
||||
- 1.下载配置文件并替换默认文件
|
||||
```
|
||||
cd /etc/nginx&&rm -rf /etc/nginx/nginx.conf&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx.conf
|
||||
# 如果缺少wget 则执行下面的命令,然后重复上面的命令
|
||||
yum install wget
|
||||
```
|
||||
- 将下载好的文件中关于ls.xxx.xyz的内容都替换成你的二级域名
|
||||
|
||||
## 3.生成https
|
||||
|
||||
- 1.安装acme.sh
|
||||
```
|
||||
curl https://get.acme.sh | sh
|
||||
% Total % Received % Xferd Average Speed Time Time Time Current
|
||||
Dload Upload Total Spent Left Speed
|
||||
100 671 100 671 0 0 680 0 --:--:-- --:--:-- --:--:-- 679
|
||||
% Total % Received % Xferd Average Speed Time Time Time Current
|
||||
Dload Upload Total Spent Left Speed
|
||||
100 112k 100 112k 0 0 690k 0 --:--:-- --:--:-- --:--:-- 693k
|
||||
[Fri 30 Dec 01:03:32 GMT 2016] Installing from online archive.
|
||||
[Fri 30 Dec 01:03:32 GMT 2016] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Extracting master.tar.gz
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Installing to /home/user/.acme.sh
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Installed to /home/user/.acme.sh/acme.sh
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Installing alias to '/home/user/.profile'
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] OK, Close and reopen your terminal to start using acme.sh
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Installing cron job
|
||||
no crontab for user
|
||||
no crontab for user
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Good, bash is found, so change the shebang to use bash as preferred.
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] OK
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Install success!
|
||||
```
|
||||
|
||||
- 2.生成https证书
|
||||
```
|
||||
# 替换ls.xxx.xyz为自己的域名
|
||||
sudo ~/.acme.sh/acme.sh --issue -d ls.xxx.xyz --standalone -k ec-256
|
||||
|
||||
# 如果提示Please install socat tools first.则执行,安装完成后继续重复执行上面的命令
|
||||
yum install socat
|
||||
```
|
||||
|
||||
- 3.安装证书
|
||||
```
|
||||
# 替换ls.xxx.xyz为自己的域名
|
||||
~/.acme.sh/acme.sh --installcert -d ls.xxx.xyz --fullchainpath /etc/nginx/ls.xxx.xyz.crt --keypath /etc/nginx/ls.xxx.xyz.key --ecc
|
||||
```
|
||||
|
||||
- 4.修改/etc/nginx/nginx.conf
|
||||
```
|
||||
# 将下面这部分前面的#去掉,并将ssl_certificate、ssl_certificate_key修改成自己的路径
|
||||
|
||||
# listen 443 ssl;
|
||||
# ssl_certificate /etc/nginx/ls.xx.xyz.crt;
|
||||
# ssl_certificate_key /etc/nginx/ls.xx.xyz.key;
|
||||
# server_name ls.xx.xyz
|
||||
```
|
||||
|
||||
- 5.每一次生成https证书后有效期只有三个月,需要快过期时更新(剩余七天内可以重新生成)
|
||||
```
|
||||
# 替换ls.xxx.xyz为自己的域名
|
||||
sudo ~/.acme.sh/acme.sh --renew -d ls.xxx.xyz --force --ecc
|
||||
```
|
||||
|
||||
# 3.配置v2ray
|
||||
## 1.安装v2ray
|
||||
|
||||
```
|
||||
bash <(curl -L -s https://install.direct/go.sh)
|
||||
```
|
||||
|
||||
## 2.v2ray配置文件
|
||||
|
||||
- 下载config_ws_tls.json
|
||||
```
|
||||
cd&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/config_ws_tls.json
|
||||
```
|
||||
|
||||
- 配置文件的id可以自己生成一个新的,替换即可
|
||||
```
|
||||
/usr/bin/v2ray/v2ctl uuid
|
||||
```
|
||||
|
||||
## 3.启动v2ray
|
||||
```
|
||||
/usr/bin/v2ray/v2ray -config ./config_ws_tls.json&
|
||||
```
|
||||
|
||||
|
||||
# 4.客户端
|
||||
## 1.MacOS
|
||||
- 下载V2RayU[点我下载](https://github.com/yanue/V2rayU/releases/download/1.4.1/V2rayU.dmg)
|
||||
- 下载后打开,服务器设置,修改address即可
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/v2rayU_服务器配置.png" width=400>
|
||||
|
||||
- pac设置,添加下面的链接并选择使用Pac模式,即可
|
||||
```
|
||||
https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt
|
||||
```
|
||||
|
||||
## 2.windows
|
||||
- 下载v2rayN[点我下载](https://github.com/2dust/v2rayN/releases/download/2.44/v2rayN.zip)
|
||||
- 使用方法 [点我查看](https://github.com/233boy/v2ray/wiki/V2RayN%E4%BD%BF%E7%94%A8%E6%95%99%E7%A8%8B)
|
||||
|
||||
## 3.Android
|
||||
- [v2rayNG](https://github.com/2dust/v2rayNG/releases)
|
||||
|
||||
## 4.ios【需要自行购买或者使用共享账号安装】
|
||||
- Quantumult【推荐使用】
|
||||
- Shadowrocket
|
500
README.md
|
@ -1,355 +1,199 @@
|
|||
# v2ray-network
|
||||
本项目旨在更好的学习新知识,采用CDN+TLS+Nginx+v2ray进行伪装并突破防火墙。
|
||||
# v2ray-agent
|
||||
>我始终相信人是自由的,这是本项目设立的初衷,同时也感谢各种软件的开发者与维护者。
|
||||
>世界就是这样,当你开始思考时,你已经是小部分中的一员了。祝大家使用愉快。
|
||||
|
||||
- 本项目涉及知识点较多请耐心看完,知其然知其所以然。
|
||||
- 此项目分别采用CDN+TLS+Nginx+V2Ray、Trojan进行模拟正常网站并突破防火墙,同时包含优化方法,以及简单的原理讲解。
|
||||
- 极力推荐【[自建教程](#自建教程)】,自建教程可以快速入手并知晓其中的步骤。如遇到不懂以及不理解的可以加入[TG群讨论【对小白尤其友好】](https://t.me/v2rayAgent)。
|
||||
- 优化方案包含对Cloudflare的优化([CNAME优化、DNS优化、断流优化、](#优化方案)),VPS处理性能优化(bbr、bbr plus【阻塞拥堵算法,加快对流量的处理】)、其余设置(开机启动)、docker镜像、防火墙设置。
|
||||
- 同时提供[流量中转教程](#流量转发服务)【大大提高流量传输的速度,减少丢包】、[免费测试账号](#免费账号正常使用点击查看)。
|
||||
- 接下来会提供V2Ray配置生成器、iptables流量转发、Docker镜像、私有Docker仓库、私有git仓库【gitlab】、以及可供部署k8s容器等方面的内容。
|
||||
- 提供免费订阅链接【[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/free_account.md)】【如无法使用可加入TG群反馈】。
|
||||
- 如本项目缺少还未加入或者完善的教程,肯定是群主懒,加入TG群鞭打群主,让群主更有动力。
|
||||
|
||||
## 欢迎加入TG群,共同学习、共同成长。
|
||||
[点击此链接加入电报群](https://t.me/v2rayAgent)
|
||||
* * *
|
||||
# 目录
|
||||
- [技能点列表](#技能点列表)
|
||||
- [自建教程](#自建教程)
|
||||
* [1.V2Ray](#1v2ray)
|
||||
+ [1.方法1](#方法1flexible建议使用该方法)
|
||||
+ [2.方法2](#方法2full)
|
||||
* [2.Trojan](#2trojan)
|
||||
- [流量转发服务](#流量转发服务)
|
||||
* [1.tls+ws](1tlsws点击查看)
|
||||
* [2.tcp+vmess](#2tcpvmess点击查看)
|
||||
- [客户端](#客户端)
|
||||
* [1.windows](#1windows)
|
||||
* [2.Android](#2android)
|
||||
* [2.ios](#3ios需要自行购买或者使用共享账号安装)
|
||||
* [2.Mac](#4mac)
|
||||
- ~~[一键脚本](#一键脚本)~~
|
||||
* [1.自动模式](#1自动模式)
|
||||
* [2.手动模式](#2手动模式)
|
||||
- [防护墙设置](#防火墙设置点击查看)
|
||||
- [免费账号【正常使用】](#免费账号正常使用点击查看)
|
||||
- [备注](#备注)
|
||||
* [1.推荐使用v2ray+CDN的方式](#1推荐使用v2ray-cdn的方式)
|
||||
+ [1.优点](#1优点)
|
||||
+ [2.缺点](#2缺点)
|
||||
+ [3.数据包解析](#3数据包解析)
|
||||
+ [4.建议](#4建议)
|
||||
* [2.速度首选V2Ray TCP方式](#2速度首选v2ray-tcp方式)
|
||||
* [3.本地网络环境不稳定首选mKCP](#3本地网络环境不稳定首选mkcp)
|
||||
* [4.目前不推荐使用ss、ssr](#4目前不推荐使用ss-ssr)
|
||||
- [维护进程[todo List]](#维护进程todo-list)
|
||||
* [1.一键脚本](#1一键脚本)
|
||||
+ [1.自动模式](#1自动模式)
|
||||
+ [2.手动模式](#2手动模式)
|
||||
|
||||
* * *
|
||||
### 优化方案
|
||||
- [优化v2ray【断流、CNAME自选ip、dnsmasq自定义dns实现cname自选ip】](https://github.com/mack-a/v2ray-agent/blob/master/optimize_V2Ray.md)
|
||||
- [其余设置【开机自启、bbr加速】](https://github.com/mack-a/v2ray-agent/blob/master/settings.md)
|
||||
|
||||
# 技能点列表
|
||||
- [bandwagonhost[centos7]链接一](https://bandwagonhost.com)
|
||||
- [bandwagonhost[centos7]链接二](https://bwh1.net)【境外vps或者其他vps厂商】
|
||||
- [cloudflare](cloudflare.com)【CDN】
|
||||
- [cloudcone](https://app.cloudcone.com/?ref=5346)【vps】
|
||||
- [bandwagonhost](https://bandwagonhost.com/aff.php?aff=46893)【vps】
|
||||
- [freenom](https://freenom.com/)【免费域名【注册时最好使用全局代理、ip所在地和注册地一致并且最好使用手机】】
|
||||
- [godaddy](https://www.godaddy.com/)【域名厂商】
|
||||
- [cloudflare](cloudflare.com)【CDN】
|
||||
- [letsencrypt](https://letsencrypt.org/)【HTTPS】
|
||||
- [Nginx](https://www.nginx.com/)【反向代理】
|
||||
- [v2ray](v2ray.com)【代理工具】
|
||||
- [Nginx](https://www.nginx.com/)【域名反向代理】
|
||||
- [V2Ray](v2ray.com)【代理工具】
|
||||
|
||||
# 1.准备工作
|
||||
## 1.注册[cloudflare](cloudflare.com)
|
||||
## 2.注册[godaddy](https://www.godaddy.com/)并购买域名
|
||||
- 域名可选择xyz结尾的国际域名,可采用多字符乱码的方式组合域名,(比如wk1c.xyz)首年大概8RMB左右,第二年可以直接买一个新的。
|
||||
* * *
|
||||
|
||||
## 3.修改godaddy域名的DNS解析
|
||||
### 1.登录cloudflare,添加域名
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare.png" width=400>
|
||||
# 自建教程
|
||||
# 1.V2Ray
|
||||
- ios端建议使用Quantumult,表现要比Trojan好。
|
||||
|
||||
### 2.选择套餐
|
||||
- 如果仅仅只享受科学上网功能,选择free即可
|
||||
- 如果需要更好的网络环境、更快的速度,可选择相应的套餐
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_plan.png" width=400>
|
||||
## 方法1(Flexible)【建议使用该方法】
|
||||
- 只使用CloudFlare的证书
|
||||
- 客户端->CloudFlare使用TLS+vmess加密,CloudFlare->VPS只使用vmess,[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Flexible.md)
|
||||
- 不需要自己维护自己的https证书
|
||||
- 少一步解析证书的过程,速度理论上会快一点
|
||||
|
||||
### 3.根据提示修改godaddy的dns解析
|
||||
- cloudflare提示界面
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_dns.png" width=400>
|
||||
## 方法2(Full)
|
||||
- 需要自己生成https证书,并自己维护,一般使用let's encrypt生成有效期为三个月。
|
||||
- 客户端->CloudFlare使用CLoudFlare TLS+vmess加密,CloudFlare->VPS使用let's encrypt TLS+vmess加密,[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Full.md)
|
||||
- 与方法1不同的是,CloudFlare和VPS通讯时也会使用TLS加密。两个方法安全方面区别不是很大。
|
||||
|
||||
- godaddy DNS管理,根据上面的cloudflare提示界面修改为相应的dns
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/godayddy_dns.png" width=400>
|
||||
# 2.Trojan
|
||||
- 需要自己生成证书
|
||||
- 客户端->使用自己生成的tls加密无其他加密->VPS,[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Trojan.md)
|
||||
- 少一层加密,理论速度会快一些。
|
||||
- 速度取决于VPS的线路。
|
||||
- 需要自己维护证书。
|
||||
- [官方Github](https://github.com/trojan-gfw/trojan)
|
||||
|
||||
## 4.增加cloudflare域名解析
|
||||
- 添加域名解析(记录),可以选择二级域名,这样就可以一个月解析到不同的服务器,name填写你要解析的二级域名的host部分,比如ls.example.com 只填写ls即可
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_record_dns.png" width=400>
|
||||
# 流量转发服务
|
||||
## 1.tls+ws[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/traffic_relay_tls_ws.md)
|
||||
|
||||
## 5.修改godaddy SSL/TLS
|
||||
- 如果vps选择使用https,需要把类型修改为Full
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_tls.png" width=400>
|
||||
## 2.tcp+vmess[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/traffic_relay_tcp_vmess.md)
|
||||
|
||||
# 2.vps配置Nginx、https
|
||||
## 1.安装Nginx
|
||||
# 客户端
|
||||
## 1.windows
|
||||
- [v2rayN](https://github.com/2dust/v2rayN/releases)
|
||||
|
||||
## 2.Android
|
||||
- [v2rayNG](https://github.com/2dust/v2rayNG/releases)
|
||||
|
||||
## 3.ios【需要自行购买或者使用共享账号安装】
|
||||
- Quantumult【推荐使用】
|
||||
- Shadowrocket
|
||||
|
||||
## 4.Mac
|
||||
- [V2rayU](https://github.com/yanue/V2rayU/releases)
|
||||
|
||||
# 一键脚本
|
||||
- <span style='color:red'>执行一键脚本的前提是下面的 【1.准备工作】完成并正确</span>
|
||||
```
|
||||
yum install nginx
|
||||
```
|
||||
## 2.nginx配置文件
|
||||
|
||||
- 1.下载配置文件并替换默认文件
|
||||
```
|
||||
cd /etc/nginx&&rm -rf /etc/nginx/nginx.conf&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx.conf
|
||||
# 如果缺少wget 则执行下面的命令,然后重复上面的命令
|
||||
yum install wget
|
||||
```
|
||||
- 将下载好的文件中关于ls.xxx.xyz的内容都替换成你的二级域名
|
||||
|
||||
## 3.生成https
|
||||
|
||||
- 1.安装acme.sh
|
||||
```
|
||||
curl https://get.acme.sh | sh
|
||||
% Total % Received % Xferd Average Speed Time Time Time Current
|
||||
Dload Upload Total Spent Left Speed
|
||||
100 671 100 671 0 0 680 0 --:--:-- --:--:-- --:--:-- 679
|
||||
% Total % Received % Xferd Average Speed Time Time Time Current
|
||||
Dload Upload Total Spent Left Speed
|
||||
100 112k 100 112k 0 0 690k 0 --:--:-- --:--:-- --:--:-- 693k
|
||||
[Fri 30 Dec 01:03:32 GMT 2016] Installing from online archive.
|
||||
[Fri 30 Dec 01:03:32 GMT 2016] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Extracting master.tar.gz
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Installing to /home/user/.acme.sh
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Installed to /home/user/.acme.sh/acme.sh
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Installing alias to '/home/user/.profile'
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] OK, Close and reopen your terminal to start using acme.sh
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Installing cron job
|
||||
no crontab for user
|
||||
no crontab for user
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Good, bash is found, so change the shebang to use bash as preferred.
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] OK
|
||||
[Fri 30 Dec 01:03:33 GMT 2016] Install success!
|
||||
bash <(curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/install.sh)
|
||||
```
|
||||
|
||||
- 2.生成https证书
|
||||
```
|
||||
# 替换ls.xxx.xyz为自己的域名
|
||||
sudo ~/.acme.sh/acme.sh --issue -d ls.xxx.xyz --standalone -k ec-256
|
||||
## 1.自动模式
|
||||
- 只需要输入域名即可
|
||||
- 仔细检查【1.准备工作】正确
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/一键脚本自动模式.png" width=400>
|
||||
|
||||
# 如果提示Please install socat tools first.则执行,安装完成后继续重复执行上面的命令
|
||||
yum install socat
|
||||
```
|
||||
## 2.手动模式
|
||||
- 可以指定需要执行的内容
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/一键脚本手动模式.png" width=400>
|
||||
|
||||
- 3.安装证书
|
||||
```
|
||||
# 替换ls.xxx.xyz为自己的域名
|
||||
~/.acme.sh/acme.sh --installcert -d ls.xxx.xyz --fullchainpath /etc/nginx/ls.xxx.xyz.crt --keypath /etc/nginx/ls.xxx.xyz.key --ecc
|
||||
```
|
||||
|
||||
- 4.修改/etc/nginx/nginx.conf
|
||||
```
|
||||
# 将下面这部分前面的#去掉,并将ssl_certificate、ssl_certificate_key修改成自己的路径
|
||||
# 防火墙设置[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/firewall.md)
|
||||
# 免费账号【正常使用】[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/free_account.md)
|
||||
# 备注
|
||||
## 1.推荐使用v2ray+CDN的方式
|
||||
### 1.优点
|
||||
- 1.防止境外vps被墙
|
||||
- 2.由于CDN的方式是通过完全模拟正常网站,也可以是说本来就是一个正常的网站,同时又使用正常的CDN厂商(全球最大),有很多的外贸以及国外公司使用,墙一般不敢ban这些ip
|
||||
- 3.可以用于被墙vps的搭建
|
||||
- 4.相对来说更加安全
|
||||
|
||||
# ssl on;
|
||||
# ssl_certificate /etc/nginx/ls.xx.xyz.crt;
|
||||
# ssl_certificate_key /etc/nginx/ls.xx.xyz.key;
|
||||
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
||||
# ssl_prefer_server_ciphers on;
|
||||
```
|
||||
### 2.缺点
|
||||
- 1.配置过程复杂
|
||||
- 2.知识点相对比较多
|
||||
- 3.维护相对复杂
|
||||
- 4.由于CloudFlare不是国内的CDN厂商,速度相对来说慢一些(可以尝试CNAME优化方案[CNAME因为要使用国内的dns,相对于来说有风险]、或者使用自定义dns服务器[分享相对小一些])
|
||||
|
||||
- 5.每一次生成https证书后有效期只有三个月,需要快过期时更新(剩余七天内可以重新生成)
|
||||
```
|
||||
# 替换ls.xxx.xyz为自己的域名
|
||||
sudo ~/.acme.sh/acme.sh --renew -d ls.xxx.xyz --force --ecc
|
||||
```
|
||||
### 3.数据包解析
|
||||
- 1.首先运营商以及GFW获取到的数据包,无法作为中间人进行攻击(中间人可以直接获取到v2ray的加密数据包)
|
||||
- 2.即使获取到数据包之后,还需要对数据包进行解密,所以证书推荐使用第三方的,而不使用官方提供的,用了TLS加密的数据不是说不能解密,而是需要耗费巨大的时间以及运算能力
|
||||
- 3.解密完成后 还需要对v2ray加密的数据进行解密、嗅探等操作
|
||||
- 4.不建议使用不明来历的机场,如果机场主是国内的某些关系户,你用的代理相当于实名翻墙(违法)
|
||||
|
||||
# 3.配置v2ray
|
||||
## 1.安装v2ray
|
||||
### 4.建议
|
||||
- 1.注意隐私保护(今日不同往日)
|
||||
- 2.建议只用做学习以及娱乐使用,不建议发表一些敏感言论(不管是诋毁自己所在的国家,还是诋毁别的国家)
|
||||
- 3.不建议人身攻击(有被起底的先例)
|
||||
|
||||
```
|
||||
bash <(curl -L -s https://install.direct/go.sh)
|
||||
```
|
||||
## 2.速度首选V2Ray TCP方式
|
||||
- 1.本脚本目前不支持(后续可能会添加)
|
||||
|
||||
## 2.v2ray配置文件
|
||||
## 3.本地网络环境不稳定首选mKCP
|
||||
- 1.本脚本目前不支持(后续可能会添加)
|
||||
|
||||
- 下载config_ws_tls.json
|
||||
```
|
||||
cd&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/config_ws_tls.json
|
||||
```
|
||||
## 4.目前不推荐使用ss、ssr
|
||||
|
||||
- 配置文件的id可以自己生成一个新的,替换即可
|
||||
```
|
||||
/usr/bin/v2ray/v2ctl uuid
|
||||
```
|
||||
# 维护进程[todo List]
|
||||
## 1.一键脚本
|
||||
### 1.自动模式
|
||||
- [x] 1.检查系统版本是否为Ubuntu、Centos、Debian
|
||||
- [x] 2.安装工具包
|
||||
- [x] 3.检测nginx是否安装并配置
|
||||
- [x] 4.检测https是否安装并配置
|
||||
- [x] 5.检测V2Ray是否安装并配置
|
||||
- [x] 6.生成vmess、二维码链接
|
||||
- - [x] 1.shadowrocket
|
||||
- - [ ] 2.Quantumult
|
||||
- [x] 7.启动服务并退出脚本
|
||||
- [ ] 8.HTTPS续签
|
||||
- [ ] 9.开机自启动
|
||||
- [ ] 10.面板搭建
|
||||
- - [ ] 1.在线创建、删除、修改账户
|
||||
- - [ ] 2.一键管理Nginx、TLS
|
||||
- - [ ] 3.开机自启动
|
||||
- - [ ] 4.流量控制
|
||||
- - [ ] 5.日志查看
|
||||
- [x] 11.Docker[开箱即用]
|
||||
- [x] 12.自定义DNS服务器替换CNAME优化方案
|
||||
- [ ] 13.k8s+docker一键构建V2Ray Nginx
|
||||
|
||||
## 3.启动v2ray
|
||||
```
|
||||
/usr/bin/v2ray/v2ray -config ./config_ws_tls.json&
|
||||
```
|
||||
### 2.手动模式
|
||||
- [x] 1.检查系统版本是否为Ubuntu、Centos、Debian
|
||||
- [x] 2.安装工具包
|
||||
- [x] 3.检测nginx是否安装并配置
|
||||
- [x] 4.检测https是否安装并配置
|
||||
- [x] 5.检测V2Ray是否安装并配置
|
||||
- [x] 6.启动服务并退出脚本
|
||||
- [x] 7.卸载安装的所有内容
|
||||
- [x] 8.查看配置文件路径
|
||||
- [x] 9.生成Vmess链接
|
||||
- [x] 10.返回主目录
|
||||
- [x] 11.退出脚本
|
||||
|
||||
# 4.客户端
|
||||
## 1.MacOS
|
||||
- 下载V2RayU[点我下载](https://github.com/yanue/V2rayU/releases/download/1.4.1/V2rayU.dmg)
|
||||
- 下载后打开,服务器设置,修改address即可
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/v2rayU_服务器配置.png" width=400>
|
||||
|
||||
- pac设置,添加下面的链接
|
||||
```
|
||||
https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt
|
||||
```
|
||||
|
||||
- 选择使用Pac模式,即可
|
||||
## 2.windows
|
||||
- 下载v2rayN[点我下载](https://github.com/2dust/v2rayN/releases/download/2.44/v2rayN.zip)
|
||||
- 使用方法 [点我查看](https://github.com/233boy/v2ray/wiki/V2RayN%E4%BD%BF%E7%94%A8%E6%95%99%E7%A8%8B)
|
||||
|
||||
<hr/>
|
||||
<h3>到这里就配置完成,可以测试是否能上被q的网站</h3>
|
||||
<hr/>
|
||||
|
||||
# 5.其余设置
|
||||
## 1.开机自启
|
||||
### 1.配置Nginx开机自启
|
||||
- 创建service文件
|
||||
```
|
||||
cd /etc/systemd/system&&touch nginxReboot.service
|
||||
```
|
||||
|
||||
- 将下面内容复制到/etc/systemd/system/nginxReboot.service
|
||||
```
|
||||
[Unit]
|
||||
Description=nginx - high performance web server
|
||||
After=network.target remote-fs.target nss-lookup.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PIDFile=/run/nginx.pid
|
||||
Environment=PATH=/root/.nvm/versions/node/v12.8.1/bin:/usr/bin/v2ray/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
|
||||
ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
|
||||
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
|
||||
ExecReload=/usr/sbin/nginx -s reload
|
||||
ExecStop=/usr/sbin/nginx -s stop
|
||||
ExecQuit=/usr/sbin/nginx -s quit
|
||||
PrivateTmp=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
```
|
||||
|
||||
- 设置开机自启
|
||||
```
|
||||
sudo systemctl enable nginxReboot.service
|
||||
```
|
||||
- 可能出现的错误
|
||||
```
|
||||
# 可能会出现 (13: Permission denied) while connecting to upstream:[nginx]
|
||||
// 解决方法 执行下面的命令
|
||||
setsebool -P httpd_can_network_connect 1
|
||||
```
|
||||
|
||||
### 2.配置v2ray_ws_tls开机自启
|
||||
- 创建service文件
|
||||
```
|
||||
cd /etc/systemd/system&&touch v2ray_ws_tls.service
|
||||
```
|
||||
|
||||
- 将下面内容复制到/etc/systemd/system/v2ray_ws_tls.service
|
||||
```
|
||||
[Unit]
|
||||
Description=V2Ray WS TLS Service
|
||||
After=network.target
|
||||
Wants=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
PIDFile=/run/v2rayWSTLS.pid
|
||||
ExecStart=/usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
|
||||
Restart=on-failure
|
||||
# Don't restart in the case of configuration error
|
||||
RestartPreventExitStatus=23
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
```
|
||||
- 设置开机自启
|
||||
```
|
||||
sudo systemctl enable v2ray_ws_tls.service
|
||||
```
|
||||
### 3.测试开机自启是否成功
|
||||
- 重启vps
|
||||
```
|
||||
reboot
|
||||
```
|
||||
- 重启后查看程序是否正常启动
|
||||
```
|
||||
# 执行下方命令查看v2ray是否启动
|
||||
ps -ef|grep v2ray
|
||||
|
||||
root 4533 1 0 03:03 ? 00:00:00 /usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
|
||||
root 4560 1287 0 03:04 pts/0 00:00:00 grep --color=auto v2ray
|
||||
|
||||
# 执行下方命令查看nginx是否启动,
|
||||
ps -ef|grep nginx
|
||||
``
|
||||
root 762 1 0 02:20 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
|
||||
nginx 763 762 0 02:20 ? 00:00:00 nginx: worker process
|
||||
root 4562 1287 0 03:04 pts/0 00:00:00 grep --color=auto nginx
|
||||
```
|
||||
# 6.异常处理
|
||||
## 1.偶尔断流
|
||||
- 修改cloudflare Firwall Rules->create a Firewall rule
|
||||
- - 设置Field:URI path
|
||||
- - 设置:value:/v2
|
||||
- - Choose an action:Allow
|
||||
|
||||
# 7.开启Centos bbr拥塞控制算法[我的测试机是centos 8]
|
||||
## 1.检查是否安装bbr
|
||||
- 有一些vps会自带bbr模块 比如搬瓦工的某些机器,执行下面命令
|
||||
```
|
||||
lsmod | grep bbr
|
||||
```
|
||||
- 如果输出类似内容则已经开启bbr 到这里就可以结束了
|
||||
```
|
||||
tcp_bbr 20480 28
|
||||
```
|
||||
## 2.yum更新
|
||||
```
|
||||
yum update
|
||||
```
|
||||
## 3.查看系统版本
|
||||
- 执行下面命令
|
||||
```
|
||||
cat /etc/redhat-release
|
||||
```
|
||||
|
||||
- 如果release后面的数字大于7.3即可
|
||||
```
|
||||
CentOS Linux release 7.7.1908 (Core)
|
||||
```
|
||||
## 4.安装elrepo并升级内核
|
||||
- 分别依次执行下面命令
|
||||
```
|
||||
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
|
||||
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
|
||||
yum --enablerepo=elrepo-kernel install kernel-ml -y
|
||||
```
|
||||
- 正常情况下会输出下面内容
|
||||
```
|
||||
Transaction Summary
|
||||
================================================================================
|
||||
Install 1 Package
|
||||
Total download size: 39 M
|
||||
Installed size: 169 M
|
||||
Downloading packages:
|
||||
kernel-ml-4.9.0-1.el7.elrepo.x86_64.rpm | 39 MB 00:00
|
||||
Running transaction check
|
||||
Running transaction test
|
||||
Transaction test succeeded
|
||||
Running transaction
|
||||
Warning: RPMDB altered outside of yum.
|
||||
Installing : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
|
||||
Verifying : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
|
||||
Installed:
|
||||
kernel-ml.x86_64 0:4.9.0-1.el7.elrepo
|
||||
Complete!
|
||||
```
|
||||
## 5.更新grud文件并重启
|
||||
- 依次执行下面的命令,重启后需要等待数秒重新使用ssh连接
|
||||
```
|
||||
egrep ^menuentry /etc/grub2.cfg | cut -f 2 -d \'
|
||||
grub2-set-default 0
|
||||
reboot
|
||||
```
|
||||
## 6.开机后检查内容是否为4.9及以上版本
|
||||
- 执行下面的命令
|
||||
```
|
||||
uname -r
|
||||
```
|
||||
- 输出结果
|
||||
```
|
||||
5.3.7-1.el7.elrepo.x86_64
|
||||
```
|
||||
## 7.开启bbr
|
||||
- 执行下面的命令
|
||||
```
|
||||
vim /etc/sysctl.conf
|
||||
```
|
||||
- 添加如下内容
|
||||
```
|
||||
net.core.default_qdisc = fq
|
||||
net.ipv4.tcp_congestion_control = bbr
|
||||
```
|
||||
- 加载系统参数
|
||||
```
|
||||
sysctl -p
|
||||
```
|
||||
## 8.验证bbr是否开启成功
|
||||
### 测试方法1
|
||||
- 执行下面的命令
|
||||
```
|
||||
sysctl net.ipv4.tcp_available_congestion_control
|
||||
```
|
||||
- 输出下面内容即为成功
|
||||
```
|
||||
net.ipv4.tcp_available_congestion_control = bbr cubic reno
|
||||
```
|
||||
|
||||
### 测试方法2
|
||||
- 执行下面的命令
|
||||
```
|
||||
lsmod | grep bbr
|
||||
```
|
||||
- 输出下面内容即为成功
|
||||
```
|
||||
tcp_bbr 20480 28
|
||||
```
|
||||
## 1.手动搭建
|
||||
- [x] 手动搭建
|
||||
|
|
|
@ -0,0 +1,173 @@
|
|||
- [1.特点](#1特点)
|
||||
- [2.安装](#2安装)
|
||||
* [1.生成TLS证书【Let’s Encrypt】](#1生成tls证书lets-encrypt)
|
||||
+ [主要步骤](#主要步骤)
|
||||
* [2.安装Trojan](#2安装Trojan)
|
||||
+ [1.执行下方命令](#1执行下方命令)
|
||||
+ [2.修改Trojan配置文件](#2修改Trojan配置文件)
|
||||
+ [3.配置文件主要内容说明](#3配置文件主要内容说明)
|
||||
+ [4.详细配置文件说明](#4.详细配置文件说明)
|
||||
- [3.启动](#3启动)
|
||||
- [4.配置与V2Ray并存【并保证网站伪装】【待完善】](#4配置与v2ray并存并保证网站伪装待完善)
|
||||
|
||||
# 1.特点
|
||||
- 1.tls加密数据通过防火墙。
|
||||
- 2.无法使用CloudFlare代理。
|
||||
- 3.Trojan使用C++实现,较其他语言效率高。
|
||||
- 4.客户端少,ios端表现不如V2Ray(Quantumult)。
|
||||
- 5.需要自己维护证书。
|
||||
|
||||
# 2.安装
|
||||
## 1.生成TLS证书【Let’s Encrypt】
|
||||
### 主要步骤
|
||||
- 1.配置DNS解析
|
||||
- 2.安装Nginx
|
||||
- 3.Let’s Encrypt生成证书
|
||||
- 4.参考[此链接](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Full.md#1%E5%87%86%E5%A4%87%E5%B7%A5%E4%BD%9C)中【1.准备工作】和【2.vps配置Nginx、https】。
|
||||
|
||||
## 2.安装Trojan
|
||||
### 1.执行下方命令
|
||||
```
|
||||
sudo bash -c "$(curl -fsSL https://raw.githubusercontent.com/trojan-gfw/trojan-quickstart/master/trojan-quickstart.sh)"
|
||||
```
|
||||
|
||||
### 2.修改Trojan配置文件
|
||||
- 1.文件路径
|
||||
```
|
||||
/usr/local/etc/trojan/config.json
|
||||
```
|
||||
|
||||
- 2.修改证书和密钥
|
||||
```
|
||||
vi /usr/local/etc/trojan/config.json
|
||||
|
||||
# 找到下方两行 修改为自己的存放证书的路径
|
||||
"cert": "/path/to/certificate.crt",
|
||||
"key": "/path/to/private.key",
|
||||
|
||||
# 找到下方位置,有几个用户就要填写几个密码
|
||||
"password":[
|
||||
"7f3a2df1-64e8-48bb-ebf8-3953ed699495",
|
||||
"b2cc18e3-e4b3-eff8-f24c-a4a4f80a9af9"
|
||||
]
|
||||
```
|
||||
|
||||
### 3.配置文件主要内容说明
|
||||
- local_port:监听的端口号,默认443,如果443封禁了,可以更换其余端口。
|
||||
- remote_addr和remote_port:非trojan协议时,将请求转发处理的地址和端口。默认80,80端口可以开放给Nginx来配置个人站点或者伪装其他网址,也可以配置搭配V2Ray,来实现一个VPS多种协议;
|
||||
- password:密码。需要几个填写几个,可以使用v2ctl uuid生成,也可以随便填写,最后一行不可以有逗号。
|
||||
|
||||
### 4.详细配置文件说明
|
||||
- [点此查看](https://trojan-gfw.github.io/trojan/config)
|
||||
|
||||
# 3.启动
|
||||
- 1.开机自启
|
||||
```
|
||||
systemctl enable trojan
|
||||
```
|
||||
|
||||
- 2.启动
|
||||
```
|
||||
systemctl start trojan
|
||||
```
|
||||
|
||||
- 3.关闭
|
||||
```
|
||||
systemctl stop trojan
|
||||
```
|
||||
|
||||
# 4.配置与V2Ray并存【并保证网站伪装】
|
||||
- 1.需要配合CloudFlare
|
||||
- 2.需要使用【方法1】配置V2Ray[点此查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Flexible.md)
|
||||
|
||||
## 1.思路
|
||||
- 1.配置两个不同的二级域名
|
||||
- 2.CloudFlare对V2Ray的二级域名开启Proxy【☁️】
|
||||
- 3.SSL/TLS mode 修改为Fiexible
|
||||
|
||||
## 2.示例
|
||||
### 1.CloudFlare SSL/TLS mode
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_tls_Flexible.png' width=400>
|
||||
|
||||
### 2.CloudFlare DNS Trojan&V2Ray
|
||||
- 1.blog2 指向Trojan的443
|
||||
- 2.blog 则通过CloudFlare指向VPS的80
|
||||
- 3.指向的ip是一样的,一个通过CloudFlare代理一个则不代理。
|
||||
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CloudFlare Trojan V2Ray.png' width=400>
|
||||
|
||||
### 3.Nginx config
|
||||
```
|
||||
# For more information on configuration, see:
|
||||
# * Official English Documentation: http://nginx.org/en/docs/
|
||||
# * Official Russian Documentation: http://nginx.org/ru/docs/
|
||||
|
||||
user nginx;
|
||||
worker_processes auto;
|
||||
error_log /var/log/nginx/error.log;
|
||||
pid /run/nginx.pid;
|
||||
|
||||
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
|
||||
include /usr/share/nginx/modules/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# Load modular configuration files from the /etc/nginx/conf.d directory.
|
||||
# See http://nginx.org/en/docs/ngx_core_module.html#include
|
||||
# for more information.
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
# 这里是你的域名
|
||||
server_name blog.xxx.xyz;
|
||||
root /usr/share/nginx/html;
|
||||
|
||||
location / {
|
||||
|
||||
}
|
||||
location ~ /.well-known {
|
||||
allow all;
|
||||
}
|
||||
# 这里是V2Ray
|
||||
location /main {
|
||||
proxy_redirect off;
|
||||
proxy_pass http://127.0.0.1:31290;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
# proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
error_page 404 /404.html;
|
||||
location = /40x.html {
|
||||
}
|
||||
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
```
|
||||
### 4.Trojan则不用修改
|
|
@ -1,8 +1,8 @@
|
|||
{
|
||||
"log": {
|
||||
"access": "",
|
||||
"error": "",
|
||||
"loglevel": "debug"
|
||||
"access": "/usr/bin/V2RayConfig/V2Ray_access.log",
|
||||
"error": "/usr/bin/V2RayConfig/V2Ray_error.log",
|
||||
"loglevel": "warning"
|
||||
},
|
||||
"stats": {},
|
||||
"api": {
|
||||
|
@ -34,7 +34,7 @@
|
|||
},
|
||||
"inbounds": [
|
||||
{
|
||||
"port": 31290,
|
||||
"port": 31291,
|
||||
"listen": "127.0.0.1",
|
||||
"protocol": "vmess",
|
||||
"settings": {
|
||||
|
@ -43,7 +43,7 @@
|
|||
"id": "a4f7ef9b-6951-2397-098d-bb1e660b3805",
|
||||
"alterId": 64,
|
||||
"level": 1,
|
||||
"email": "xxx_ls_ws_username@v2ray.com"
|
||||
"email": "xxx@v2ray.com"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# * Official English Documentation: http://nginx.org/en/docs/
|
||||
# * Official Russian Documentation: http://nginx.org/ru/docs/
|
||||
|
||||
user nginx;
|
||||
user root;
|
||||
worker_processes auto;
|
||||
error_log /var/log/nginx/error.log;
|
||||
pid /run/nginx.pid;
|
||||
|
@ -27,7 +27,7 @@ http {
|
|||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
# include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# Load modular configuration files from the /etc/nginx/conf.d directory.
|
||||
|
@ -38,7 +38,7 @@ http {
|
|||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name ls.xxx.xyz; # 这里需要修改为你的
|
||||
server_name domain; # 这里需要修改为你的
|
||||
root /usr/share/nginx/html;
|
||||
|
||||
# Load configuration files for the default server block.
|
||||
|
@ -57,32 +57,17 @@ http {
|
|||
location = /50x.html {
|
||||
}
|
||||
}
|
||||
#server {
|
||||
# listen 80;
|
||||
# server_name ls.xxx.xyz;
|
||||
# return 301 https://$host$request_uri;
|
||||
#}
|
||||
server {
|
||||
listen 443 ssl;
|
||||
# ssl_certificate /etc/nginx/ls.xx.xyz.crt;
|
||||
# ssl_certificate_key /etc/nginx/ls.xx.xyz.key;
|
||||
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
||||
# ssl_prefer_server_ciphers on;
|
||||
server_name ls.xxx.xyz; # 这里需要修改
|
||||
# ssl_certificate /etc/nginx/$1.crt;
|
||||
# ssl_certificate_key /etc/nginx/$1.key;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
||||
ssl_prefer_server_ciphers on;
|
||||
server_name $1; # 这里需要修改
|
||||
location / {
|
||||
}
|
||||
location /v2 {
|
||||
proxy_redirect off;
|
||||
proxy_pass http://127.0.0.1:31290;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
# proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
location /alone {proxy_redirect off;proxy_pass http://127.0.0.1:31299;proxy_http_version 1.1;proxy_set_header Upgrade $http_upgrade;proxy_set_header Connection "upgrade";proxy_set_header X-Real-IP $remote_addr;proxy_set_header Host $host;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,71 @@
|
|||
# For more information on configuration, see:
|
||||
# * Official English Documentation: http://nginx.org/en/docs/
|
||||
# * Official Russian Documentation: http://nginx.org/ru/docs/
|
||||
|
||||
user root;
|
||||
worker_processes auto;
|
||||
error_log /var/log/nginx/error.log;
|
||||
pid /run/nginx.pid;
|
||||
|
||||
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
|
||||
include /usr/share/nginx/modules/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
# include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# Load modular configuration files from the /etc/nginx/conf.d directory.
|
||||
# See http://nginx.org/en/docs/ngx_core_module.html#include
|
||||
# for more information.
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name domain; # 这里需要修改为自己的
|
||||
root /usr/share/nginx/html;
|
||||
|
||||
# Load configuration files for the default server block.
|
||||
include /etc/nginx/default.d/*.conf;
|
||||
|
||||
location / {
|
||||
}
|
||||
location ~ /.well-known {
|
||||
allow all;
|
||||
}
|
||||
error_page 404 /404.html;
|
||||
location = /40x.html {
|
||||
}
|
||||
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
}
|
||||
location /v2 {
|
||||
proxy_redirect off;
|
||||
proxy_pass http://127.0.0.1:31291;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
# proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
#!/usr/bin/env bash
|
||||
yum install wget -y
|
||||
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
|
||||
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
|
||||
yum makecache
|
||||
yum update -y
|
|
@ -0,0 +1,131 @@
|
|||
- [1.CentOS7、8 配置及使用firewall](#1centos78-配置及使用firewall)
|
||||
* [1.systemctl是centos7的服务管理工具中主要的工具它融合之前service和chkconfig的功能于一体](#1systemctl是centos7的服务管理工具中主要的工具它融合之前service和chkconfig的功能于一体)
|
||||
* [2.firewalld的基本使用](2firewalld的基本使用)
|
||||
* [3.配置firewalld-cmd](3配置firewalld-cmd)
|
||||
|
||||
# 1.CentOS7、8 配置及使用firewall
|
||||
## 1.systemctl是CentOS7的服务管理工具中主要的工具,它融合之前service和chkconfig的功能于一体。
|
||||
- 启动一个服务
|
||||
```
|
||||
systemctl start firewalld.service
|
||||
```
|
||||
- 关闭一个服务
|
||||
```
|
||||
systemctl stop firewalld.service
|
||||
```
|
||||
- 重启一个服务
|
||||
```
|
||||
systemctl restart firewalld.service
|
||||
```
|
||||
- 显示一个服务的状态
|
||||
```
|
||||
systemctl status firewalld.service
|
||||
```
|
||||
- 在开机时启用一个服务
|
||||
```
|
||||
systemctl enable firewalld.service
|
||||
```
|
||||
- 在开机时禁用一个服务
|
||||
```
|
||||
systemctl disable firewalld.service
|
||||
```
|
||||
- 查看服务是否开机启动
|
||||
```
|
||||
systemctl is-enabled firewalld.service
|
||||
```
|
||||
- 查看已启动的服务列表
|
||||
```
|
||||
systemctl list-unit-files|grep enabled
|
||||
```
|
||||
- 查看启动失败的服务列表
|
||||
```
|
||||
systemctl --failed
|
||||
```
|
||||
|
||||
## 2.firewalld的基本使用
|
||||
- 启动
|
||||
```
|
||||
systemctl start firewalld
|
||||
```
|
||||
- 查看状态
|
||||
```
|
||||
systemctl status firewalld
|
||||
```
|
||||
- 停止
|
||||
```
|
||||
systemctl disable firewalld
|
||||
```
|
||||
- 禁用
|
||||
```
|
||||
systemctl stop firewalld
|
||||
```
|
||||
|
||||
### 3.配置firewalld-cmd
|
||||
- 查看版本
|
||||
```
|
||||
firewall-cmd --version
|
||||
```
|
||||
- 查看帮助
|
||||
```
|
||||
firewall-cmd --help
|
||||
```
|
||||
- 显示状态
|
||||
```
|
||||
firewall-cmd --state
|
||||
```
|
||||
- 查看所有打开的端口
|
||||
```
|
||||
firewall-cmd --zone=public --list-ports
|
||||
```
|
||||
- 更新防火墙规则
|
||||
```
|
||||
firewall-cmd --reload
|
||||
```
|
||||
- 查看区域信息
|
||||
```
|
||||
firewall-cmd --get-active-zones
|
||||
```
|
||||
- 查看指定接口所属区域
|
||||
```
|
||||
firewall-cmd --get-zone-of-interface=eth0
|
||||
```
|
||||
- 拒绝所有包
|
||||
```
|
||||
firewall-cmd --panic-on
|
||||
```
|
||||
- 取消拒绝状态
|
||||
```
|
||||
firewall-cmd --panic-off
|
||||
```
|
||||
- 查看是否拒绝
|
||||
```
|
||||
firewall-cmd --query-panic
|
||||
```
|
||||
- 查看所通过的服务
|
||||
```
|
||||
firewall-cmd --list-services
|
||||
```
|
||||
- 添加一个服务
|
||||
```
|
||||
firewall-cmd --add-service openvpn
|
||||
```
|
||||
- 永久添加一个服务
|
||||
```
|
||||
firewall-cmd --permanent --add-service openvpn
|
||||
```
|
||||
- 开启一个端口
|
||||
```
|
||||
firewall-cmd --zone=public --add-port=80/tcp --permanent (--permanent永久生效,没有此参数重启后失效)
|
||||
```
|
||||
- 重新载入
|
||||
```
|
||||
firewall-cmd --reload
|
||||
```
|
||||
- 查看端口是否开启
|
||||
```
|
||||
firewall-cmd --zone= public --query-port=80/tcp
|
||||
```
|
||||
- 删除开放端口
|
||||
```
|
||||
firewall-cmd --zone= public --remove-port=80/tcp --permanent
|
||||
```
|
After Width: | Height: | Size: 85 KiB |
After Width: | Height: | Size: 268 KiB |
After Width: | Height: | Size: 238 KiB |
After Width: | Height: | Size: 162 KiB |
After Width: | Height: | Size: 416 KiB |
After Width: | Height: | Size: 254 KiB |
After Width: | Height: | Size: 271 KiB |
After Width: | Height: | Size: 204 KiB |
After Width: | Height: | Size: 171 KiB |
After Width: | Height: | Size: 411 KiB |
After Width: | Height: | Size: 73 KiB |
After Width: | Height: | Size: 80 KiB |
After Width: | Height: | Size: 75 KiB |
After Width: | Height: | Size: 74 KiB |
After Width: | Height: | Size: 190 KiB |
After Width: | Height: | Size: 74 KiB |
After Width: | Height: | Size: 62 KiB |
After Width: | Height: | Size: 184 KiB |
After Width: | Height: | Size: 91 KiB |
After Width: | Height: | Size: 181 KiB |
After Width: | Height: | Size: 121 KiB |
|
@ -0,0 +1,10 @@
|
|||
# V2Ray
|
||||
## 1.Shadowrocket&v2rayNG&v2rayN&V2rayU
|
||||
```
|
||||
https://blog.qiu4.ml/sub/subscribe?user=VAMXSPBUSX&type=1
|
||||
```
|
||||
|
||||
## 2.Quantumult
|
||||
```
|
||||
https://blog.qiu4.ml/sub/subscribe?user=VAMXSPBUSX&type=2
|
||||
```
|
|
@ -0,0 +1,94 @@
|
|||
const fs = require('fs');
|
||||
|
||||
/**
|
||||
* 格式化nginx配置
|
||||
* @returns {string[]}
|
||||
*/
|
||||
const formatNginx = (nginxPath) => {
|
||||
let nginxConfig = fs.readFileSync(nginxPath).toString().split('listen');
|
||||
nginxConfig = nginxConfig.map(v => {
|
||||
return v.replace(/(^\s*)/g, '');
|
||||
}).filter(v => {
|
||||
if (v.substring(0, 3) === '443') {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
nginxConfig = nginxConfig.map(v => {
|
||||
v = v.split('\n').map(v => {
|
||||
return v.replace(/(^\s*)/g, '')
|
||||
.replace(/[\;/=]/g, '')
|
||||
.replace(/[\{/=]/g, '')
|
||||
.replace(/[\}/=]/g, '')
|
||||
.replace(/(\s*$)/g, '');
|
||||
}).filter(v => v.includes('server_name') || v.includes('location')).map(v => {
|
||||
v = v.split(' ');
|
||||
if (v[1]) {
|
||||
return v[1];
|
||||
}
|
||||
}).filter(v => v);
|
||||
return v;
|
||||
});
|
||||
return nginxConfig;
|
||||
};
|
||||
/**
|
||||
* 格式化v2ray配置文件
|
||||
*/
|
||||
const formatV2rayConfig = (v2RayPath) => {
|
||||
let nginxConfig = fs.readFileSync(v2RayPath).toString();
|
||||
nginxConfig = JSON.parse(nginxConfig).inbounds;
|
||||
nginxConfig = nginxConfig.map(v => {
|
||||
return {
|
||||
users: v.settings.clients,
|
||||
security: v.streamSettings.security,
|
||||
network: v.streamSettings.network,
|
||||
path: v.streamSettings.wsSettings.path,
|
||||
};
|
||||
});
|
||||
return nginxConfig;
|
||||
};
|
||||
const formatResult = () => {
|
||||
let v2RayPath = null;
|
||||
let nginxPath = null;
|
||||
if (process && process.argv.length === 4) {
|
||||
v2RayPath = process.argv[2];
|
||||
nginxPath = process.argv[3];
|
||||
}
|
||||
if (!v2RayPath || !nginxPath) {
|
||||
console.log('message 参数错误');
|
||||
return;
|
||||
}
|
||||
|
||||
let v2rayResult = formatV2rayConfig(v2RayPath);
|
||||
let nginxResult = formatNginx(nginxPath);
|
||||
let configArr = [];
|
||||
|
||||
v2rayResult.forEach(v => {
|
||||
let item = nginxResult.filter(v2 => {
|
||||
return v2.includes(v.path.replace(/[//=]/g, ''));
|
||||
});
|
||||
item.forEach(v2 => {
|
||||
|
||||
v.users.forEach(v3 => {
|
||||
configArr.push({
|
||||
port: v.network === 'ws' ? 443 : 0,
|
||||
tls: v.network === 'ws' ? 'tls' : false,
|
||||
host: '',
|
||||
type: 'none',
|
||||
path: v.path,
|
||||
net: v.network,
|
||||
add: v2[0],
|
||||
ps: v3.email,
|
||||
aid: v3.level,
|
||||
v: v3.v,
|
||||
id: v3.id,
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
// configArr.push(configArr[0]);
|
||||
configArr = configArr.map(v => {
|
||||
return `vmess://${Buffer.from(JSON.stringify(v)).toString('base64')}`;
|
||||
});
|
||||
console.log(configArr.toString().replace(/,/g,' '));
|
||||
};
|
||||
formatResult();
|
518
install.sh
|
@ -1,64 +1,502 @@
|
|||
#!/usr/bin/env bash
|
||||
export PATH="/usr/bin/:#$PATH"
|
||||
nginxStatus=false
|
||||
v2rayStatus=false
|
||||
httpsStatus=false
|
||||
# todo 先完善正常步骤
|
||||
initNginx(){
|
||||
echo -e '\033[36m 检查Nginx中... \033[0m'
|
||||
export PATH="/usr/bin/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.nvm/versions/node/v10.17.0/bin:$PATH"
|
||||
purple="\033[35m"
|
||||
skyBlue="\033[36m"
|
||||
red="\033[31m"
|
||||
green="\033[32m"
|
||||
yellow="\e[93m"
|
||||
magenta="\e[95m"
|
||||
cyan="\e[96m"
|
||||
none="\e[0m"
|
||||
installType='yum'
|
||||
removeType='yum -y remove'
|
||||
echoType='echo'
|
||||
|
||||
#检查Linux版本
|
||||
check_version(){
|
||||
if [[ -s /etc/redhat-release ]]; then
|
||||
version=`grep -oE "[0-9.]+" /etc/redhat-release | cut -d . -f 1`
|
||||
else
|
||||
version=`grep -oE "[0-9.]+" /etc/issue | cut -d . -f 1`
|
||||
fi
|
||||
bit=`uname -m`
|
||||
if [[ ${bit} = "x86_64" ]]; then
|
||||
bit="x64"
|
||||
else
|
||||
bit="x32"
|
||||
fi
|
||||
}
|
||||
|
||||
installNginx(){
|
||||
## todo 兼容debian
|
||||
${echoType} "${skyBlue}检查Nginx中...${none} "
|
||||
existProcessNginx=`ps -ef|grep nginx|grep -v grep`
|
||||
existNginx=`command -v nginx`
|
||||
if [ -z "$existProcessNginx" ] && [ -z "$existNginx" ]
|
||||
then
|
||||
echo '安装Nginx中,如遇到是否安装输入y'
|
||||
yum update
|
||||
yum install nginx
|
||||
echo '步骤二:Nginx安装成功,执行下一步'
|
||||
installV2Ray
|
||||
${echoType} "${skyBlue}安装Nginx中,如遇到是否安装输入y${none}"
|
||||
${installType} -y install nginx
|
||||
rm -rf /etc/nginx/nginx.conf
|
||||
wget -P /etc/nginx/ https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx.conf
|
||||
${echoType} "${green}步骤二:Nginx安装成功,执行下一步 ${none}"
|
||||
else
|
||||
# todo
|
||||
echo '检查到Nginx存在,是否停止并卸载,输入y/Y确认:'
|
||||
read -e unstallStatus
|
||||
if [[ $unstallStatus -eq "y" || $unstallStatus -eq "Y" ]]
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}检测到已安装Nginx,是否卸载${none}"
|
||||
${echoType} "${red} 1.卸载并重新安装【会把默认的安装目录的内容删除】${none}"
|
||||
${echoType} "${red} 2.跳过并使用已经安装的Nginx以及配置文件【请确认是否是此脚本的配置文件】${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${skyBlue}请选择【数字编号】:${none}"
|
||||
read nginxStatus
|
||||
if [ "${nginxStatus}" = 1 ]
|
||||
then
|
||||
echo '卸载'
|
||||
if [ -n "$existProcessNginx" ]
|
||||
then
|
||||
${echoType} "${purple}Nginx已启动,关闭中...${none}"
|
||||
nginx -s stop
|
||||
fi
|
||||
${echoType} "${skyBlue}卸载Nginx中... ${none}"
|
||||
${removeType} nginx
|
||||
${echoType} "${skyBlue}卸载Nginx完毕,重装中... ${none}"
|
||||
installNginx;
|
||||
else
|
||||
echo '不卸载,停止脚本'
|
||||
echo "不卸载,返回主目录"
|
||||
echo
|
||||
manageFun
|
||||
fi
|
||||
fi
|
||||
}
|
||||
installHttps(){
|
||||
echo 'https'
|
||||
${echoType} "${skyBlue}安装https中,请输入你要生成tls证书的域名${none}"
|
||||
read domain
|
||||
# grep "domain" * -R|awk -F: "{print $1}"|sort|uniq|xargs sed -i "s/domain/$domain/g"
|
||||
# cat /etc/nginx/nginx.conf |grep "domain" * -R|awk -F: "{print $1}"|sort|uniq|xargs sed -i "s/domain/$domain/g"
|
||||
existProcessNginx=`ps -ef|grep nginx|grep -v grep`
|
||||
if [ ! -z "${existProcessNginx}" ]
|
||||
then
|
||||
echo '检测到Nginx正在运行,关闭中...'
|
||||
nginx -s stop
|
||||
fi
|
||||
|
||||
if [ -f "/etc/nginx/nginx.conf" ]
|
||||
then
|
||||
noExistNginxConfigDomain=`cat /etc/nginx/nginx.conf|grep $domain|grep -v grep`
|
||||
if [ ! -z "${noExistNginxConfigDomain}" ]
|
||||
then
|
||||
sed -i "s/$domain/domain/g" `grep $domain -rl /etc/nginx/nginx.conf`
|
||||
fi
|
||||
sed -i "s/domain/$domain/g" `grep domain -rl /etc/nginx/nginx.conf`
|
||||
fi
|
||||
|
||||
uninstallAcmeStatus="false"
|
||||
if [ ! -d "/root/.acme.sh" ]
|
||||
then
|
||||
${echoType} "${skyBlue}安装acme.sh中...${none}"
|
||||
curl https://get.acme.sh | sh
|
||||
sudo ~/.acme.sh/acme.sh --issue -d $domain --standalone -k ec-256
|
||||
else
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}检测到已安装acme.sh,是否卸载${none}"
|
||||
${echoType} "${red} 1.卸载并重新安装【以前生成的TLS证书会被删除,需要重新输入域名】${none}"
|
||||
${echoType} "${red} 2.跳过并使用已经安装的acme.sh${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${skyBlue}请选择【数字编号】:${none}"
|
||||
read acmeStatus
|
||||
if [ "${acmeStatus}" = 1 ]
|
||||
then
|
||||
rm -rf ~/.acme.sh
|
||||
uninstallAcmeStatus="true"
|
||||
else
|
||||
${echoType} "${skyBlue}生成证书中...${none}"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "${uninstallAcmeStatus}" = "true" ]
|
||||
then
|
||||
installHttps
|
||||
else
|
||||
~/.acme.sh/acme.sh --installcert -d $domain --fullchainpath /etc/nginx/$domain.crt --keypath /etc/nginx/$domain.key --ecc
|
||||
sed -i "s/# ssl_certificate/ssl_certificate/g" `grep "# ssl_certificate" -rl /etc/nginx/nginx.conf`
|
||||
sed -i "s/listen 443/listen 443 ssl/g" `grep "listen 443" -rl /etc/nginx/nginx.conf`
|
||||
${echoType} "${green}步骤三:HTTPS执行完毕,请手动确认上方是否有错误,执行下一步${none}"
|
||||
fi
|
||||
}
|
||||
installV2Ray(){
|
||||
echo -e '\033[36m 检查V2Ray中... \033[0m'
|
||||
|
||||
${echoType} "${skyBlue}检查V2Ray中...${none} "
|
||||
existProcessV2Ray=`ps -ef|grep v2ray|grep -v grep`
|
||||
existV2Ray=`command -v v2ray`
|
||||
if [ -z "$existProcessV2Ray" ] && [ -z "$existV2Ray" ] && [ ! -x "/usr/bin/v2ray" ]
|
||||
then
|
||||
${echoType} "${skyBlue}安装V2Ray中... ${none}"
|
||||
wget -P /tmp/V2Ray https://github.com/V2Ray/V2Ray-core/releases/download/v4.21.3/V2Ray-linux-64.zip
|
||||
cd /tmp/V2Ray
|
||||
unzip /tmp/V2Ray/V2Ray-linux-64.zip
|
||||
mv /tmp/V2Ray/v2ray /usr/bin/
|
||||
mv /tmp/V2Ray/v2ctl /usr/bin/
|
||||
mkdir /usr/bin/V2RayConfig
|
||||
wget -P /usr/bin/V2RayConfig https://raw.githubusercontent.com/mack-a/V2Ray-agent/master/config/config_ws_tls.json
|
||||
touch /usr/bin/V2RayConfig/V2Ray_access.log
|
||||
touch /usr/bin/V2RayConfig/V2Ray_error.log
|
||||
${echoType} "${green} 步骤三:V2Ray安装成功,执行下一步"
|
||||
else
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}检测到已安装V2Ray,是否卸载${none}"
|
||||
${echoType} "${red} 1.卸载并重新安装【配置文件会重新生成】${none}"
|
||||
${echoType} "${red} 2.跳过并使用已经安装的V2Ray【请确认Nginx的配置与V2Ray配置相同【端口号、Path】】${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${skyBlue}请选择【数字编号】:${none}"
|
||||
read acmeStatus
|
||||
if [ "${acmeStatus}" -eq 1 ]
|
||||
then
|
||||
rm -rf /tmp/V2Ray
|
||||
rm -rf /usr/bin/v2ray
|
||||
rm -rf /usr/bin/v2ctl
|
||||
rm -rf /usr/bin/V2RayConfig
|
||||
if [ -z `ps -ef|grep v2ray|grep -v grep|awk '{print $2}'` ]
|
||||
then
|
||||
ps -ef|grep v2ray|grep -v grep|awk '{print $2}'|xargs kill -9
|
||||
fi
|
||||
installV2Ray
|
||||
else
|
||||
${echoType} "${green} 忽略V2Ray并继续执行"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
checkOS(){
|
||||
systemVersion=`cat /etc/redhat-release|grep CentOS|awk '{print $1}'`
|
||||
if [ -n "$systemVersion" ] && [ "$systemVersion" == "CentOS" ]
|
||||
if [ -n "$systemVersion" ] && [ "$systemVersion" -eq "CentOS" ]
|
||||
then
|
||||
echo ''
|
||||
echo -e '\033[35m步骤一:系统为CentOS,执行下一步 \033[0m'
|
||||
return 1
|
||||
${echoType} "${green}步骤一:系统为CentOS脚本可执行 ${none} "
|
||||
else
|
||||
echo '目前仅支持Centos'
|
||||
${echoType} "${red}目前仅支持Centos${none}"
|
||||
${echoType} "${red}退出脚本${none}"
|
||||
exit
|
||||
fi
|
||||
}
|
||||
init(){
|
||||
echo -e "\033[35m此脚本会执行以下内容: \033[0m"
|
||||
echo -e "\033[36m 1.检查系统版本是否为CentOS \033[0m"
|
||||
echo -e "\033[36m 2.检测nginx是否安装并配置 \033[0m"
|
||||
echo -e "\033[36m 3.检测https是否安装并配置 \033[0m"
|
||||
echo -e "\033[36m 4.检测V2Ray是否安装并配置 \033[0m"
|
||||
echo -e "\033[35m是否进入手动模式y,键入回车进入自动模式: \033[0m"
|
||||
read -e automatic
|
||||
if [ "$automatic" = "y" ]
|
||||
# 生成vmess链接
|
||||
generatorVmess(){
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}选择要生成vmess的V2Ray配置文件${none}"
|
||||
${echoType} "${green} 1.默认【/usr/bin/V2RayConfig/config_ws_tls.json】${none}"
|
||||
${echoType} "${green} 2.官方默认【/etc/v2ray/config.json】${none}"
|
||||
${echoType} "${green} 3.手动输入${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${skyBlue}请选择【数字编号】:${none}"
|
||||
read V2RayPathSelect
|
||||
V2RayPath="";
|
||||
|
||||
if [ "$V2RayPathSelect" -eq "3" ]
|
||||
then
|
||||
echo '手动模式'
|
||||
else
|
||||
checkOS
|
||||
echo "$?"
|
||||
${echoType} "${skyBlue}请输入配置文件路径:${none}"
|
||||
read V2RayPath
|
||||
fi
|
||||
}
|
||||
case $V2RayPathSelect in
|
||||
1)
|
||||
V2RayPath="/usr/bin/V2RayConfig/config_ws_tls.json"
|
||||
;;
|
||||
2)
|
||||
V2RayPath="/etc/v2ray/config.json"
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ -z "${V2RayPath}" ]
|
||||
then
|
||||
${echoType} ${red}"V2Ray配置文件读取失败,请检查路径"${none}
|
||||
init
|
||||
else
|
||||
# 读取nginx配置文件
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}选择要生成vmess的Nginx配置文件路径${none}"
|
||||
${echoType} "${green} 1.CDN【默认读取/etc/nginx/nginx.conf】${none}"
|
||||
${echoType} "${green} 2.手动输入Nginx配置文件路径${none}"
|
||||
${echoType} "${green} 3.非CDN${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${skyBlue}请选择【数字编号】:${none}"
|
||||
read NginxPathSelect
|
||||
|
||||
if [ "$NginxPathSelect" -eq "2" ]
|
||||
then
|
||||
${echoType} "${skyBlue}请输入Nginx配置文件路径:${none}"
|
||||
read NginxPath
|
||||
fi
|
||||
|
||||
case $NginxPathSelect in
|
||||
1)
|
||||
NginxPath="/etc/nginx/nginx.conf"
|
||||
;;
|
||||
esac
|
||||
if [ -z "${NginxPath}" ]
|
||||
then
|
||||
${echoType} ${red}"Nginx配置文件读取失败,请检查路径"${none}
|
||||
init
|
||||
fi
|
||||
# 执行node生成vmess链接
|
||||
nodePath='/root/.nvm/versions/node/v10.17.0/bin/node'
|
||||
if [ ! -x "/root/.nvm/versions/node/v10.17.0/bin/node" ]
|
||||
then
|
||||
${echoType} ${red}"安装工具包中..."${none}
|
||||
installTools
|
||||
fi
|
||||
echo
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}V2Ray配置文件路径:${none}"
|
||||
${echoType} "${green} ${V2RayPath}${none}"
|
||||
${echoType} "${purple}Nginx配置文件路径:${none}"
|
||||
${echoType} "${green} ${NginxPath}${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
echo
|
||||
vmessResult=`curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/generator_client_links.js | ${nodePath} - "${V2RayPath}" "${NginxPath}"`
|
||||
|
||||
${echoType} "${green}===============================${none}"
|
||||
echo
|
||||
eval $(echo "$vmessResult" |awk '{split($0,vmess," ");for(i in vmess) print "lenArr["i"]="vmess[i]}')
|
||||
for value in ${lenArr[*]}
|
||||
do
|
||||
${echoType} "${purple}客户端链接:${none}"
|
||||
${echoType} "${skyBlue} $value${none}"
|
||||
echo
|
||||
${echoType} "${purple}二维码:${none}"
|
||||
echo $value | qrencode -s 10 -m 1 -t UTF8
|
||||
echo
|
||||
done
|
||||
${echoType} "${green}===============================${none}"
|
||||
echo
|
||||
# curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/generator_client_links.js | /root/.nvm/versions/node/v10.17.0/bin/node - "/usr/bin/V2RayConfig/config_ws_tls.json" "/etc/nginx/nginx.conf"
|
||||
fi
|
||||
}
|
||||
startServer(){
|
||||
${echoType} "${green}启动服务${none}"
|
||||
nginx
|
||||
/usr/bin/v2ray -config /usr/bin/V2RayConfig/config_ws_tls.json &
|
||||
echo "启动完毕"
|
||||
}
|
||||
installTools(){
|
||||
existProcessWget=`ps -ef|grep wget|grep -v grep`
|
||||
existWget=`command -v wget`
|
||||
${installType} -y update
|
||||
if [ -z "$existProcessWget" ] && [ -z "$existWget" ]
|
||||
then
|
||||
${echoType} "${skyBlue}安装wget中...${none}"
|
||||
${installType} -y install wget
|
||||
else
|
||||
echo
|
||||
fi
|
||||
existUnzip=`command -v unzip`
|
||||
if [ -z "$existUnzip" ]
|
||||
then
|
||||
${echoType} "${skyBlue}安装zip中...${none}"
|
||||
${installType} -y install unzip
|
||||
fi
|
||||
existSocat=`command -v socat`
|
||||
if [ -z "$existSocat" ]
|
||||
then
|
||||
${echoType} "${skyBlue}安装socat中...${none}"
|
||||
${installType} -y install socat
|
||||
fi
|
||||
existJq=`command -v jq`
|
||||
if [ -z "$existJq" ]
|
||||
then
|
||||
${echoType} ${skyBlue}安装jq中...${none}
|
||||
${installType} -y install jq
|
||||
fi
|
||||
# existNode=`/root/.nvm/versions/node/v10.17.0/bin`
|
||||
if [ ! -x "/root/.nvm/versions/node/v10.17.0/bin/node" ]
|
||||
then
|
||||
${echoType} ${skyBlue}安装nvm中...${none}
|
||||
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.1/install.sh | bash
|
||||
${echoType} ${skyBlue}安装Node.js中...${none}
|
||||
. /root/.nvm/nvm.sh
|
||||
nvm install v10.17.0
|
||||
fi
|
||||
existQrencode=`command -v qrencode`
|
||||
if [ -z "$existQrencode" ]
|
||||
then
|
||||
${echoType} ${skyBlue}安装qrencode中...${none}
|
||||
${installType} -y install qrencode
|
||||
fi
|
||||
}
|
||||
unInstall(){
|
||||
nginx -s stop
|
||||
rm -rf ~/.acme.sh
|
||||
${removeType} nginx
|
||||
rm -rf /tmp/V2Ray
|
||||
rm -rf /usr/bin/v2ray
|
||||
rm -rf /usr/bin/v2ctl
|
||||
rm -rf /usr/bin/V2RayConfig
|
||||
rm -rf /etc/nginx
|
||||
rm -rf /root/.nvm
|
||||
ps -ef|grep v2ray|grep -v grep|awk '{print $2}'|xargs kill -9
|
||||
if [[ "${release}" -eq "ubuntu" || "${release}" -eq "debian" ]]
|
||||
then
|
||||
sed -i 's/. "\/root\/.acme.sh\/acme.sh.env"//g' `grep '. "/root/.acme.sh/acme.sh.env"' -rl /root/.bashrc`
|
||||
fi
|
||||
. /root/.bashrc
|
||||
}
|
||||
configPath(){
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${red}路径如下${none}"
|
||||
${echoType} "${green} 1.v2ray${none}"
|
||||
${echoType} "${skyBlue} 1./usr/bin/v2ray 【V2Ray 程序】${none}"
|
||||
${echoType} "${skyBlue} 2./usr/bin/v2ctl 【V2Ray 工具】${none}"
|
||||
${echoType} "${skyBlue} 3./usr/bin/V2RayConfig 【V2Ray配置文件,配置文件、log文件】${none}"
|
||||
${echoType} "${green} 2.Nginx${none}"
|
||||
${echoType} "${skyBlue} 1./usr/sbin/nginx 【Nginx 程序】${none}"
|
||||
${echoType} "${skyBlue} 2./etc/nginx/nginx.conf 【Nginx 配置文件】${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
echo
|
||||
}
|
||||
manageFun(){
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}手动模式功能点目录:${none}"
|
||||
${echoType} "${skyBlue} 1.检查系统版本是否为CentOS${none}"
|
||||
${echoType} "${skyBlue} 2.安装工具包${none}"
|
||||
${echoType} "${skyBlue} 3.检测nginx是否安装并配置${none}"
|
||||
${echoType} "${skyBlue} 4.检测https是否安装并配置${none}"
|
||||
${echoType} "${skyBlue} 5.检测V2Ray是否安装并配置${none}"
|
||||
${echoType} "${skyBlue} 6.启动服务并退出脚本${none}"
|
||||
${echoType} "${skyBlue} 7.卸载安装的所有内容${none}"
|
||||
${echoType} "${skyBlue} 8.查看配置文件路径${none}"
|
||||
${echoType} "${skyBlue} 9.生成Vmess、二维码链接${none}"
|
||||
${echoType} "${skyBlue} 10.返回主目录${none}"
|
||||
${echoType} "${red} 11.退出脚本${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${skyBlue}请输入要执行的功能【数字编号】:${none}"
|
||||
read funType
|
||||
echo
|
||||
case $funType in
|
||||
1)
|
||||
# checkOS
|
||||
;;
|
||||
2)
|
||||
installTools
|
||||
;;
|
||||
3)
|
||||
installNginx
|
||||
;;
|
||||
4)
|
||||
${echoType} "${red}此步骤依赖【3.检测nginx是否安装并配置】${none}"
|
||||
installHttps
|
||||
;;
|
||||
5)
|
||||
installV2Ray
|
||||
;;
|
||||
6)
|
||||
startServer
|
||||
;;
|
||||
7)
|
||||
unInstall
|
||||
;;
|
||||
8)
|
||||
configPath
|
||||
;;
|
||||
9)
|
||||
generatorVmess
|
||||
;;
|
||||
10)
|
||||
init
|
||||
;;
|
||||
11)
|
||||
exit
|
||||
;;
|
||||
esac
|
||||
manageFun
|
||||
}
|
||||
automationFun(){
|
||||
case $1 in
|
||||
1)
|
||||
# checkOS
|
||||
installTools
|
||||
automationFun 2
|
||||
;;
|
||||
2)
|
||||
installNginx
|
||||
automationFun 3
|
||||
;;
|
||||
3)
|
||||
installHttps
|
||||
automationFun 4
|
||||
;;
|
||||
4)
|
||||
installV2Ray
|
||||
automationFun 5
|
||||
;;
|
||||
5)
|
||||
generatorVmess
|
||||
automationFun 6
|
||||
;;
|
||||
6)
|
||||
startServer
|
||||
exit
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
init(){
|
||||
${echoType} "${purple}目前此脚本支持Ubuntu、Centos、Debian${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}支持两种模式:${none}"
|
||||
${echoType} "${red} 1.自动模式${none}"
|
||||
${echoType} "${red} 2.手动模式${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${skyBlue}请选择【数字编号】:${none}"
|
||||
read automatic
|
||||
if [ "${automatic}" = 1 ]
|
||||
then
|
||||
${echoType} "${purple}===============================${none}"
|
||||
${echoType} "${purple}自动模式会执行以下内容:${none}"
|
||||
${echoType} "${skyBlue} 1.检查系统版本是否为Ubuntu、Centos、Debian${none}"
|
||||
${echoType} "${skyBlue} 2.安装工具包${none}"
|
||||
${echoType} "${skyBlue} 3.检测nginx是否安装并配置${none}"
|
||||
${echoType} "${skyBlue} 4.检测https是否安装并配置${none}"
|
||||
${echoType} "${skyBlue} 5.检测V2Ray是否安装并配置${none}"
|
||||
${echoType} "${skyBlue} 6.生成vmess、二维码链接${none}"
|
||||
${echoType} "${skyBlue} 7.启动服务并退出脚本${none}"
|
||||
${echoType} "${purple}===============================${none}"
|
||||
automationFun 1
|
||||
elif [ "${automatic}" = 2 ]
|
||||
then
|
||||
manageFun
|
||||
fi
|
||||
}
|
||||
# 检查系统
|
||||
|
||||
checkSystem(){
|
||||
if [ -f /etc/redhat-release ]; then
|
||||
release="centos"
|
||||
installType='yum'
|
||||
echoType='echo -e'
|
||||
removeType='yum -y remove'
|
||||
elif cat /etc/issue | grep -q -E -i "debian"; then
|
||||
release="debian"
|
||||
installType='apt'
|
||||
echoType='echo -e'
|
||||
removeType='apt -y autoremove'
|
||||
elif cat /etc/issue | grep -q -E -i "ubuntu"; then
|
||||
release="ubuntu"
|
||||
installType='apt'
|
||||
echoType='echo -e'
|
||||
removeType='apt -y autoremove'
|
||||
elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then
|
||||
release="centos"
|
||||
installType='yum'
|
||||
echoType='echo -e'
|
||||
removeType='yum -y remove'
|
||||
elif cat /proc/version | grep -q -E -i "debian"; then
|
||||
release="debian"
|
||||
installType='apt'
|
||||
removeType='apt -y autoremove'
|
||||
echoType='echo -e'
|
||||
elif cat /proc/version | grep -q -E -i "ubuntu"; then
|
||||
release="ubuntu"
|
||||
installType='apt'
|
||||
removeType='apt -y autoremove'
|
||||
echoType='echo -e'
|
||||
elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then
|
||||
release="centos"
|
||||
installType='yum'
|
||||
removeType='yum -y remove'
|
||||
echoType='echo -e'
|
||||
fi
|
||||
}
|
||||
checkSystem
|
||||
[ ${release} != "debian" ] && [ ${release} != "ubuntu" ] && [ ${release} != "centos" ] && ${echoType} "${Error} 本脚本不支持当前系统 ${release} !" && exit 1
|
||||
init
|
||||
|
|
|
@ -0,0 +1,262 @@
|
|||
#!/usr/bin/env bash
|
||||
purple="\033[35m" # 紫色
|
||||
skyBlue="\033[36m" # 天蓝色
|
||||
red="\033[31m" # 红色
|
||||
green="\033[32m" # 绿色
|
||||
yellow="\e[93m" # 黄色
|
||||
magenta="\e[95m" # 红酒色
|
||||
cyan="\e[96m" # 蓝绿色
|
||||
none="\e[0m" # 无
|
||||
installType='yum -y install'
|
||||
remove='yum -y remove'
|
||||
upgrade="yum -y update"
|
||||
echoType='echo -e'
|
||||
|
||||
# echo颜色方法
|
||||
echoContent(){
|
||||
case $1 in
|
||||
"red")
|
||||
color=${red}
|
||||
;;
|
||||
"skyBlue")
|
||||
color=${skyBlue}
|
||||
;;
|
||||
"green")
|
||||
color=${green}
|
||||
;;
|
||||
"cyan")
|
||||
color=${cyan}
|
||||
;;
|
||||
"magenta")
|
||||
color=${magenta}
|
||||
;;
|
||||
"skyBlue")
|
||||
color=${skyBlue}
|
||||
;;
|
||||
|
||||
esac
|
||||
${echoType} ${color}"$2"
|
||||
}
|
||||
|
||||
# 安装工具包
|
||||
installTools(){
|
||||
echo "export LC_ALL=en_US.UTF-8" >> /etc/profile
|
||||
source /etc/profile
|
||||
echoContent skyBlue "删除Nginx、V2Ray、TLS"
|
||||
if [[ ! -z `find /usr/sbin/ -name nginx` ]]
|
||||
then
|
||||
if [[ ! -z `ps -ef|grep nginx|grep -v grep` ]]
|
||||
then
|
||||
nginx -s stop
|
||||
fi
|
||||
removeLog=`yum remove nginx -y`
|
||||
fi
|
||||
if [[ ! -z `cat /root/.bashrc|grep -n acme` ]]
|
||||
then
|
||||
acmeBashrcLine=`cat /root/.bashrc|grep -n acme|awk -F "[:]" '{print $1}'|head -1`
|
||||
echo ${acmeBashrcLine}
|
||||
sed -i "${acmeBashrcLine}d" /root/.bashrc
|
||||
fi
|
||||
rm -rf ~/.acme.sh > /dev/null
|
||||
echoContent skyBlue "删除完成"
|
||||
|
||||
echoContent skyBlue "检查、安装工具包:"
|
||||
|
||||
echoContent skyBlue "更新中"
|
||||
${upgrade} > /dev/null
|
||||
echoContent skyBlue "更新完毕"
|
||||
|
||||
echoContent skyBlue " 检查、安装wget--->"
|
||||
progressTool wget
|
||||
|
||||
echoContent skyBlue " 检查、安装unzip--->"
|
||||
progressTool unzip
|
||||
|
||||
echoContent skyBlue " 检查、安装qrencode--->"
|
||||
progressTool qrencode
|
||||
|
||||
echoContent skyBlue " 检查、安装socat--->"
|
||||
progressTool socat
|
||||
|
||||
echoContent skyBlue " 检查、安装crontabs--->"
|
||||
progressTool crontabs
|
||||
|
||||
# echoContent skyBlue " 检查、安装bind-utils--->"
|
||||
# progressTool bind-utils
|
||||
# 关闭防火墙
|
||||
|
||||
}
|
||||
# 安装Nginx tls证书
|
||||
installNginx(){
|
||||
echoContent skyBlue "检查、安装Nginx、TLS:"
|
||||
echoContent skyBlue " 请输入要配置的域名 例如:worker.v2ray-agent.com --->"
|
||||
read domain
|
||||
if [[ -z ${domain} ]]
|
||||
then
|
||||
echoContent skyBlue " 域名不可为空--->"
|
||||
installNginx
|
||||
else
|
||||
# 安装nginx
|
||||
echoContent skyBlue " 检查、安装Nginx--->"
|
||||
progressTool nginx
|
||||
|
||||
# 修改配置
|
||||
echoContent skyBlue " 修改配置文件--->"
|
||||
installLine=`cat /etc/nginx/nginx.conf|grep -n root|awk -F "[:]" '{print $1+1}'|head -1`
|
||||
echo ${installLine}
|
||||
sed -i "${installLine}i location ~ /.well-known {allow all;}" /etc/nginx/nginx.conf
|
||||
installLine=`expr ${installLine} + 1`
|
||||
sed -i "${installLine}i location /test {return 200 'fjkvymb6len';}" /etc/nginx/nginx.conf
|
||||
|
||||
# 启动nginx
|
||||
nginx
|
||||
|
||||
# 测试nginx
|
||||
echoContent skyBlue " 检查Nginx是否正常访问--->"
|
||||
# ${domain}
|
||||
domainResult=`curl -s ${domain}/test|grep fjkvymb6len`
|
||||
if [[ ! -z ${domainResult} ]]
|
||||
then
|
||||
echoContent skyBlue " Nginx访问成功--->"
|
||||
nginx -s stop
|
||||
installTLS ${domain}
|
||||
else
|
||||
echoContent skyBlue " 无法正常访问服务器,请检查域名的DNS解析是否正确--->"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
# 安装TLS
|
||||
installTLS(){
|
||||
echoContent skyBlue " 生成TLS证书--->"
|
||||
echoContent skyBlue " 安装acme--->"
|
||||
curl -s https://get.acme.sh | sh
|
||||
echoContent skyBlue " acme安装完毕--->"
|
||||
sudo ~/.acme.sh/acme.sh --issue -d $1 --standalone -k ec-256
|
||||
~/.acme.sh/acme.sh --installcert -d $1 --fullchainpath /etc/nginx/$1.crt --keypath /etc/nginx/$1.key --ecc
|
||||
if [[ -z `cat /etc/nginx/$1.crt` ]]
|
||||
then
|
||||
echoContent skyBlue " TLS安装失败,请检查acme日志--->"
|
||||
exit 0
|
||||
elif [[ -z `cat /etc/nginx/$1.key` ]]
|
||||
then
|
||||
echoContent skyBlue " TLS安装失败,请检查acme日志--->"
|
||||
exit 0
|
||||
fi
|
||||
echoContent skyBlue " TLS安装成功--->"
|
||||
}
|
||||
# V2Ray
|
||||
installV2Ray(){
|
||||
echoContent skyBlue " 安装V2Ray--->"
|
||||
|
||||
}
|
||||
installV2RayService(){
|
||||
|
||||
Description=V2Ray - A unified platform for anti-censorship
|
||||
Documentation=https://v2ray.com https://guide.v2fly.org
|
||||
After=network.target nss-lookup.target
|
||||
Wants=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=root
|
||||
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
|
||||
NoNewPrivileges=yes
|
||||
ExecStart=/usr/bin/v2ray/v2ray -config /etc/v2ray/config.json
|
||||
Restart=on-failure
|
||||
RestartPreventExitStatus=23
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
}
|
||||
# 查看dns解析ip
|
||||
checkDNS(){
|
||||
echo '' > /tmp/pingLog
|
||||
ping -c 3 $1 >> /tmp/pingLog
|
||||
serverStatus=`ping -c 3 $1|head -1|awk -F "[service]" '{print $1}'`
|
||||
pingLog=`ping -c 3 $1|tail -n 5|head -1|awk -F "[ ]" '{print $4 $7}'`
|
||||
echoContent skyBlue "DNS解析ip:"${pingLog}
|
||||
}
|
||||
# 查看本机ip
|
||||
checkDomainIP(){
|
||||
currentIP=`curl -s ifconfig.me|awk '{print}'`
|
||||
echoContent skyBlue ${currentIP}
|
||||
}
|
||||
progressTool(){
|
||||
${installType} $1 > /dev/null &
|
||||
#
|
||||
i=0
|
||||
toolName=$1
|
||||
sp='/-\|'
|
||||
n=${#sp}
|
||||
printf ' '
|
||||
sleep 0.1
|
||||
if [[ "${toolName}" = "crontabs" ]]
|
||||
then
|
||||
toolName="crontab"
|
||||
fi
|
||||
while true; do
|
||||
status=`command -v ${toolName}`
|
||||
if [[ -z ${status} ]]
|
||||
then
|
||||
printf '\b%s' "${sp:i++%n:1}"
|
||||
else
|
||||
break;
|
||||
fi
|
||||
sleep 0.1
|
||||
done
|
||||
sleep 1
|
||||
}
|
||||
|
||||
init(){
|
||||
echoContent skyBlue "==============================="
|
||||
echoContent skyBlue "欢迎使用v2ray-agent,Cloudflare+WS+TLS+Nginx自动化脚本,如有使用问题欢迎加入TG群【https://t.me/v2rayAgent】,Github【https://github.com/mack-a/v2ray-agent】"
|
||||
echoContent skyBlue "注意事项:"
|
||||
echoContent skyBlue " 1.脚本适合新机器,会删除、卸载已经安装的应用,包括V2Ray、Nginx、TLS证书"
|
||||
echoContent skyBlue " 2.脚本会检查并安装工具包"
|
||||
echoContent skyBlue " 3.会自动关闭防火墙"
|
||||
echoContent skyBlue "==============================="
|
||||
installTools
|
||||
installNginx
|
||||
}
|
||||
checkSystem(){
|
||||
if [ -f /etc/redhat-release ]; then
|
||||
release="centos"
|
||||
installTool='yum -y'
|
||||
echoType='echo -e'
|
||||
removeType='yum -y remove'
|
||||
elif cat /etc/issue | grep -q -E -i "debian"; then
|
||||
release="debian"
|
||||
installTools='apt'
|
||||
echoType='echo -e'
|
||||
removeType='apt -y autoremove'
|
||||
elif cat /etc/issue | grep -q -E -i "ubuntu"; then
|
||||
release="ubuntu"
|
||||
installTools='apt'
|
||||
echoType='echo -e'
|
||||
removeType='apt -y autoremove'
|
||||
elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then
|
||||
release="centos"
|
||||
installTools='yum'
|
||||
echoType='echo -e'
|
||||
removeType='yum -y remove'
|
||||
elif cat /proc/version | grep -q -E -i "debian"; then
|
||||
release="debian"
|
||||
installTools='apt'
|
||||
removeType='apt -y autoremove'
|
||||
echoType='echo -e'
|
||||
elif cat /proc/version | grep -q -E -i "ubuntu"; then
|
||||
release="ubuntu"
|
||||
installTools='apt'
|
||||
removeType='apt -y autoremove'
|
||||
echoType='echo -e'
|
||||
elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then
|
||||
release="centos"
|
||||
installTools='yum'
|
||||
removeType='yum -y remove'
|
||||
echoType='echo -e'
|
||||
fi
|
||||
}
|
||||
#checkSystem
|
||||
#[ ${release} != "debian" ] && [ ${release} != "ubuntu" ] && [ ${release} != "centos" ] && ${echoType} "${Error} 本脚本不支持当前系统 ${release} !" && exit 1
|
||||
init
|
||||
#progressTool
|
|
@ -0,0 +1,284 @@
|
|||
* * *
|
||||
- [1.偶尔断流](#1偶尔断流)
|
||||
- [2.更换中国大陆地区CDN](#2更换中国大陆地区cdn)
|
||||
* [1.腾讯CDN[月免费10GB]](#1腾讯cdn月免费10gb)
|
||||
+ [1.准备工作](#1准备工作)
|
||||
+ [2.点击此链接,配置腾讯云CDN](#2点击此链接配置腾讯云cdn)
|
||||
- [1.配置域名【域名管理-添加域名】](#1配置域名域名管理-添加域名)
|
||||
- [2.配置HTTPS证书](#2配置https证书)
|
||||
- [3.回源配置](#3回源配置)
|
||||
- [4.增加域名解析CNAME值](#4增加域名解析cname值)
|
||||
- [3.cloudflare CNAME自选ip优化方案](#3cloudflare-cname自选ip优化方案)
|
||||
* [1.准备工作](#1准备工作-1)
|
||||
+ [1.免费的智能DNS解析](#1免费的智能dns解析)
|
||||
+ [2.CloudFlare Partner平台(合作伙伴)](#2cloudflare-partner平台合作伙伴)
|
||||
+ [3.CloudFlare账号](#3cloudflare账号)
|
||||
* [2.修改DNS解析【这里使用的是dnspod】](#2修改dns解析这里使用的是dnspod)
|
||||
* [3.注册dnspod) 【腾讯】](#3注册dnspod-腾讯)
|
||||
* [4.添加域名](#4添加域名)
|
||||
* [5.登入CloudFlare Partner平台](#5登入cloudflare-partner平台)
|
||||
* [6.登入dnspod](#6登入dnspod)
|
||||
* [7.验证是否添加成功](#7验证是否添加成功)
|
||||
* [8.自定义CloudFlare ip【示例】](#8自定义cloudflare-ip示例)
|
||||
* [9.原理解析](#9原理解析)
|
||||
* [10.最优ip选择](#10最优ip选择)
|
||||
+ [1.联通](#1联通)
|
||||
+ [2.移动](#2移动)
|
||||
+ [3.hk直连](3hk直连)
|
||||
+ [4.自动化脚本测试线路](#4自动化脚本测试线路)
|
||||
- [4.dnsmasq 实现CNAME方式](#4dnsmasq-实现cname方式)
|
||||
* [1.准备工作](#1准备工作)
|
||||
* [2.安装](#2安装)
|
||||
* [3.修改配置文件](#3修改配置文件)
|
||||
* [4.重启dnsmasq](#4重启dnsmasq)
|
||||
* [5.测试&使用](#5测试使用)
|
||||
* * *
|
||||
|
||||
# 1.偶尔断流
|
||||
- 修改cloudflare Firwall Rules->create a Firewall rule
|
||||
- - 设置Field:URI path
|
||||
// 这里的/v2 是你的v2ray的path
|
||||
- - 设置:value:/v2
|
||||
- - Choose an action:Allow
|
||||
|
||||
# 2.更换中国大陆地区CDN
|
||||
- 只是更换CDN其余配置内容不变
|
||||
## 1.腾讯CDN[月免费10GB]
|
||||
### 1.准备工作
|
||||
- 1.域名【需要大陆备案】
|
||||
- 2.HTTPS证书【备案的域名的证书,可以使用上方的脚本生成】
|
||||
### 2.[点击此链接,配置腾讯云CDN](https://console.cloud.tencent.com/cdn/access)
|
||||
#### 1.配置域名【域名管理-添加域名】
|
||||
- 1.域名填写备案过的域名(你要加速的域名)
|
||||
- 2.源站类型-填写自有源站
|
||||
- 3.源站设置填写你的vps ip
|
||||
- 4.加速类型选择流媒体点播加速
|
||||
- 5.关闭过滤参数
|
||||
- 6.等待部署完成
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/腾讯CDN示例图01.png' width=400/>
|
||||
|
||||
#### 2.配置HTTPS证书
|
||||
- 1.点击配置好的域名-高级设置-HTTPS配置
|
||||
- 2.证书内容-填写上方生成证书的结尾为 .crt文件里面的全部内容
|
||||
- 3.私钥内容-填写上方生成证书结尾为 .key文件里面的全部内容
|
||||
- 4.回源方式-协议跟随
|
||||
|
||||
#### 3.回源配置
|
||||
- 1.点击配置好的域名-回源配置-取消掉Range回源
|
||||
|
||||
#### 4.增加域名解析CNAME值
|
||||
- 1.我这里用的是阿里云的云解析DNS
|
||||
- 2.记录类型为CNAME
|
||||
- 3.主机记录则是你要配置的三级域名(国际规范)例如:test.xxx.com 这里填test
|
||||
- 4.解析线路默认即可
|
||||
- 5.记录值填写 腾讯CDN-点击域名-基本配置-CNAME值
|
||||
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CDN域名解析 CNAME.png' width=400/>
|
||||
|
||||
# 3.cloudflare CNAME自选ip优化方案
|
||||
## 1.准备工作
|
||||
### 1.免费的智能DNS解析
|
||||
- 1.[dnspod](https://www.dnspod.cn/)
|
||||
- 2.[cloudxns](https://www.cloudxns.net/)
|
||||
- 3.[dns.la](https://www.dns.la/)
|
||||
- 4.[dns.com](https://www.dns.com/)
|
||||
|
||||
### 2.CloudFlare Partner平台(合作伙伴)
|
||||
- 1.[笨牛](http://cdn.bnxb.com/)
|
||||
- 2.[萌精灵](https://cdn.moeelf.com/)
|
||||
- 3.[自建(教程)](https://www.331u.com/461.html)
|
||||
|
||||
### 3.CloudFlare账号
|
||||
- 使用上述第三方CloudFlare Partner时需要使用CloudFlare的账号密码
|
||||
- 建议新建CloudFlare账号,与自己常用的账号区分(防止第三方平台保存密码并用于其他用途)
|
||||
- 上述推荐是各大教程推荐,风险自担。也可以自行申请CloudFlare Partner并自行搭建
|
||||
|
||||
## 2.修改DNS解析【这里使用的是dnspod】
|
||||
- 修改域名注册商中的Nameservers改为以下两个
|
||||
```
|
||||
f1g1ns1.dnspod.net
|
||||
f1g1ns2.dnspod.net
|
||||
```
|
||||
|
||||
## 3.注册[dnspod](https://www.dnspod.cn/) 【腾讯】
|
||||
## 4.添加域名
|
||||
- 添加完域名后需要等待修改的Nameserver生效
|
||||
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/dnspod添加域名.png' width=500/>
|
||||
|
||||
## 5.登入CloudFlare Partner平台
|
||||
- 1.[萌精灵](https://cdn.moeelf.com/)【本教程使用】
|
||||
- 2.添加域名
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/moeelf添加域名.png' width=400/>
|
||||
|
||||
- 3.添加解析记录
|
||||
- 记录名---填写你要配置的二级域名【严格来说是三级域名】
|
||||
- 记录类型为---CNAME
|
||||
- 记录内容为回源地址(服务器的真实ip),CloudFlare只支持网址,不支持直接ip。
|
||||
- CDN---开启
|
||||
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/moeelf添加DNS记录.png' width=400/>
|
||||
|
||||
- 记录内容中的xxx.xxx替换成自己域名的部分【例如:你的域名是www.example.com,替换成cf.test.example.com】,提交后进入管理中心会出现下图
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/moeelfDNS管理.png' width=500/>
|
||||
|
||||
## 6.登入[dnspod](https://www.dnspod.cn/)
|
||||
- DNS管理->我的域名->添加记录
|
||||
- 这里添加CNAME的意义在于防止CloudFlare翻车【CloudFlare不允许使用ip接入,只允许CNAME】
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/dnspod添加记录.png' width=500/>
|
||||
|
||||
## 7.验证是否添加成功
|
||||
- 1.登录[CloudFlare](https://cloudflare.com)
|
||||
- 2.点击域名->SSL/TLS->Edge Certificates【参考下图】如果存在则添加正确
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CloudFlare SSLTLS示例图.png' width=500/>
|
||||
|
||||
## 8.自定义CloudFlare ip【示例】
|
||||
- 新添加的记录为类型为A、线路类型是联通、记录值是CloudFlare的ip【多播】
|
||||
- 这里可以添加不同的线路类型来针对不同的网络环境。
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/dnspod添加记录自定义ip.png' width=500/>
|
||||
|
||||
## 9.原理解析
|
||||
- 使用CloudFlare DNS【默认】
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CloudFlare默认解析.png' width=500/>
|
||||
|
||||
- 使用dnspod智能解析
|
||||
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CloudFlare dnspod解析.png' width=1000/>
|
||||
|
||||
## 10.最优ip选择
|
||||
### 1.联通
|
||||
```
|
||||
104.23.240.0-104.23.243.254
|
||||
```
|
||||
|
||||
### 2.移动
|
||||
```
|
||||
1.0.0.0-1.0.0.254
|
||||
1.1.1.0-1.1.1.254
|
||||
104.16.80.0-104.16.95.255
|
||||
104.16.175.255-104.16.191.255
|
||||
```
|
||||
|
||||
### 3.hk直连
|
||||
- 移动用此ip段比较好
|
||||
- hk gcp服务器 ping值大约在40ms左右,回源大约在300ms,但是丢包率达到40%(晚高峰)
|
||||
```
|
||||
104.16.0.0-104.16.79.255
|
||||
104.16.96.0-104.16.175.254
|
||||
104.16.192.0-104.16.207.255
|
||||
```
|
||||
|
||||
### 4.电信
|
||||
```
|
||||
162.159.208.4-162.159.208.103
|
||||
162.159.209.4-162.159.209.103
|
||||
162.159.210.4-162.159.210.103
|
||||
162.159.211.4-162.159.211.103
|
||||
104.16.160.*
|
||||
```
|
||||
|
||||
### 5.自动化脚本测试线路
|
||||
- 1.利用ping命令测试(每个ip只测试一次,延迟仅供参考)
|
||||
- 2.此脚本仅支持Mac、Centos【暂不支持Windows以及其余系统,后续可能会添加】
|
||||
```
|
||||
bash <(curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/ping_tool.sh)
|
||||
```
|
||||
### 6.本人使用
|
||||
- 联通
|
||||
```
|
||||
104.23.240.5 152ms
|
||||
```
|
||||
- 移动
|
||||
```
|
||||
104.16.192.0 40ms 【丢包严重】
|
||||
104.24.105.3 100ms 【不丢包】
|
||||
```
|
||||
- 电信
|
||||
```
|
||||
手里没有电信网络可用上面的ip自行尝试
|
||||
```
|
||||
|
||||
# 4.dnsmasq 实现CNAME方式
|
||||
- 更加隐私一些 只适用于CDN方式
|
||||
- 使用自定义DNS服务,类似于本地配置hosts文件
|
||||
- 需要配置不同的二级域名(三级域名)来进行解析
|
||||
|
||||
## 1.准备工作
|
||||
- 需要一台中国大陆的服务器【最好,但是国外的可以用。但是会拖慢DNS解析的速度】
|
||||
- 防火墙需要开放53端口
|
||||
|
||||
## 2.安装
|
||||
- 1.Centos/RHEL
|
||||
```
|
||||
yum -y install dnsmasq
|
||||
```
|
||||
|
||||
- 2.Ubuntu/Debian
|
||||
```
|
||||
apt-get install dnsmasq
|
||||
```
|
||||
|
||||
## 3.修改配置文件
|
||||
```
|
||||
# 不使用/etc/hosts
|
||||
no-hosts
|
||||
|
||||
# server为上游DNS服务器
|
||||
# 同时查询配置的DNS服务器,哪一个快使用哪一个
|
||||
all-servers
|
||||
server=223.5.5.5
|
||||
server=8.8.8.8
|
||||
|
||||
# cn域名通过114解析
|
||||
server=/cn/114.114.114.114
|
||||
|
||||
# 一下都是实现hosts文件功能 挑选一种即可
|
||||
# 添加hosts文件,用来实现类似于hosts文件的功能
|
||||
# addn-hosts=/etc/dnsmasq.hosts
|
||||
|
||||
# 指定域名解析到特定ip中【下面填写自己的域名】
|
||||
# 同理Nginx也需要修改
|
||||
# 如果不是泛域名证书,还需要重新配置新加入的域名证书
|
||||
address=/mobile.xxx.com/39.156.69.100
|
||||
address=/unicom.xxx.com/39.156.69.101
|
||||
|
||||
# 泛域名解析
|
||||
# address=/baidu.com/39.156.110.100
|
||||
```
|
||||
|
||||
## 4.重启dnsmasq
|
||||
```
|
||||
systemctl restart dnsmasq
|
||||
```
|
||||
## 5.测试&使用
|
||||
- 1.测试
|
||||
```
|
||||
# xx.xx.xx.xx为配置dnsmasq服务的ip
|
||||
# mobile.xxx.com 后面为自己的域名
|
||||
➜ ~ dig @xx.xx.xx.xx mobile.xxx.com
|
||||
|
||||
; <<>> DiG 9.10.6 <<>> @xx.xx.xx.xx mobile.xxx.com
|
||||
; (1 server found)
|
||||
;; global options: +cmd
|
||||
;; Got answer:
|
||||
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43056
|
||||
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
|
||||
|
||||
;; OPT PSEUDOSECTION:
|
||||
; EDNS: version: 0, flags:; udp: 4096
|
||||
;; QUESTION SECTION:
|
||||
;mobile.xxx.com. IN A
|
||||
|
||||
# 下面是结果,如果和自己配置的一样则正确
|
||||
;; ANSWER SECTION:
|
||||
mobile.xxx.com. 0 IN A 198.41.214.162
|
||||
|
||||
;; Query time: 42 msec
|
||||
;; SERVER: xx.xx.xx.xx#53(xx.xx.xx.xx)
|
||||
;; WHEN: Mon Dec 23 16:30:29 CST 2019
|
||||
;; MSG SIZE rcvd: 70
|
||||
```
|
||||
|
||||
- 2.使用
|
||||
```
|
||||
需要手动修改自己本地的客户端的DNS配置,各终端请自行Google
|
||||
```
|
|
@ -0,0 +1,157 @@
|
|||
#!/usr/bin/env bash
|
||||
purple="\033[35m"
|
||||
skyBlue="\033[36m"
|
||||
red="\033[31m"
|
||||
green="\033[32m"
|
||||
yellow="\e[93m"
|
||||
magenta="\e[95m"
|
||||
cyan="\e[96m"
|
||||
none="\033[0m"
|
||||
# 联通 104.23.240.0-104.23.243.254
|
||||
# 北方联通 较快节点
|
||||
# 152ms--- 104.23.240.45 104.23.241.132 104.23.242.84 104.23.243.9
|
||||
|
||||
# 移动 104.16.0.0-79.255 104.16.96.0-175.254 104.16.192.0-207.255
|
||||
ChinaUnicom=("104.23.240.0-104.23.243.254")
|
||||
ChinaMobile=("1.0.0.0-1.0.0.254" "1.1.1.0-1.1.1.254" "104.16.80.0-104.16.95.255" "104.16.175.255-104.16.191.255")
|
||||
hkDirect=("104.16.0.0-104.16.79.255" "104.16.96.0-104.16.175.254" "104.16.192.0-104.16.207.255")
|
||||
|
||||
|
||||
# 测试延迟
|
||||
testPing(){
|
||||
echo "\n"${skyBlue}第$5次检测中....${none}${red}请等待${none}"\n"
|
||||
# 计算ip段
|
||||
ip11=`echo $1|awk '{print $1}'`
|
||||
ip12=`echo $1|awk '{print $2}'`
|
||||
ip21=`echo $2|awk '{print $1}'`
|
||||
ip22=`echo $2|awk '{print $2}'`
|
||||
ip31=`echo $3|awk '{print $1}'`
|
||||
ip32=`echo $3|awk '{print $2}'`
|
||||
ip41=`echo $4|awk '{print $1}'`
|
||||
ip42=`echo $4|awk '{print $2}'`
|
||||
index=0
|
||||
for ((i1=$ip11;i1<=$ip12;i1++))
|
||||
do
|
||||
for ((i2=$ip21;i2<=$ip22;i2++))
|
||||
do
|
||||
for ((i3=$ip31;i3<=$ip32;i3++))
|
||||
do
|
||||
for ((i4=$ip41;i4<=$ip42;i4++))
|
||||
do
|
||||
ip="${i1}.${i2}.${i3}.${i4}"
|
||||
status=`ping -c 1 -W 1000 "${ip}"|awk '{print $7}'|awk 'BEGIN{FS="="} {print $2}'|awk 'BEGIN{FS="."} {print $1}'`
|
||||
ipArr[$index]="${ip} ${status} ms"
|
||||
|
||||
if [ "${ipArr[$index]}" == "${ip} ms" ]
|
||||
then
|
||||
ipArr[$index]="${ip} 9999 ms"
|
||||
fi
|
||||
echo ${skyBlue}".\c"{none}
|
||||
# echo ${skyBlue}${ipArr[$index]}${none}
|
||||
let "index++"
|
||||
done
|
||||
done
|
||||
done
|
||||
done
|
||||
echo ${skyBlue}"请等待"${none}
|
||||
min="1.1.1.1 1000 ms"
|
||||
indexLength=${#ipArr[@]}
|
||||
index=0
|
||||
while(( $index< $indexLength))
|
||||
do
|
||||
latency=`echo ${ipArr[$index]}|awk '{print $2}'`
|
||||
latency2=`echo $min|awk '{print $2}'`
|
||||
|
||||
if [[ ! -z $latency && ! -z $latency2 ]]
|
||||
then
|
||||
if [ $latency -lt $latency2 ]
|
||||
then
|
||||
min="${ipArr[$index]}"
|
||||
fi
|
||||
else
|
||||
echo '异常数据'
|
||||
fi
|
||||
let "index++"
|
||||
done
|
||||
echo "${skyBlue}\n一共检测到${indexLength}个ip,第$5段ip区间最优ip为:${none}"${green}$min${none}
|
||||
}
|
||||
manageFun(){
|
||||
case $1 in
|
||||
1)
|
||||
echo ${skyBlue}"要检测的ip段为:104.23.240.0-104.23.243.254"${none}
|
||||
ipList=()
|
||||
for ((i=0;i<${#ChinaUnicom[*]};i++))
|
||||
do
|
||||
ip01=`echo ${ChinaUnicom[$i]}|awk -F "[-]" '{print $1}'`
|
||||
ip02=`echo ${ChinaUnicom[$i]}|awk -F "[-]" '{print $2}'`
|
||||
ip11=`echo $ip01|awk -F "[.]" '{print $1}'`
|
||||
ip12=`echo $ip02|awk -F "[.]" '{print $1}'`
|
||||
|
||||
ip21=`echo $ip01|awk -F "[.]" '{print $2}'`
|
||||
ip22=`echo $ip02|awk -F "[.]" '{print $2}'`
|
||||
ip31=`echo $ip01|awk -F "[.]" '{print $3}'`
|
||||
ip32=`echo $ip02|awk -F "[.]" '{print $3}'`
|
||||
ip41=`echo $ip01|awk -F "[.]" '{print $4}'`
|
||||
ip42=`echo $ip02|awk -F "[.]" '{print $4}'`
|
||||
|
||||
index=$i
|
||||
let "index++"
|
||||
testPing "$ip11 $ip12" "$ip21 $ip22" "$ip31 $ip32" "$ip41 $ip42" $index
|
||||
done
|
||||
;;
|
||||
2)
|
||||
echo ${skyBlue}"要检测的ip段为:1.0.0.0-1.0.0.254,1.1.1.0-1.1.1.254,104.16.80.0-104.16.95.255,104.16.175.255-104.16.191.255"${none}
|
||||
for ((i=0;i<${#ChinaMobile[*]};i++))
|
||||
do
|
||||
ip01=`echo ${ChinaMobile[$i]}|awk -F "[-]" '{print $1}'`
|
||||
ip02=`echo ${ChinaMobile[$i]}|awk -F "[-]" '{print $2}'`
|
||||
ip11=`echo $ip01|awk -F "[.]" '{print $1}'`
|
||||
ip12=`echo $ip02|awk -F "[.]" '{print $1}'`
|
||||
|
||||
ip21=`echo $ip01|awk -F "[.]" '{print $2}'`
|
||||
ip22=`echo $ip02|awk -F "[.]" '{print $2}'`
|
||||
ip31=`echo $ip01|awk -F "[.]" '{print $3}'`
|
||||
ip32=`echo $ip02|awk -F "[.]" '{print $3}'`
|
||||
ip41=`echo $ip01|awk -F "[.]" '{print $4}'`
|
||||
ip42=`echo $ip02|awk -F "[.]" '{print $4}'`
|
||||
index=$i
|
||||
let "index++"
|
||||
testPing "$ip11 $ip12" "$ip21 $ip22" "$ip31 $ip32" "$ip41 $ip42" ${index}
|
||||
done
|
||||
;;
|
||||
3)
|
||||
echo ${skyBlue}"要检测的ip段为:104.16.0.0-104.16.79.255,104.16.96.0-104.16.175.254,104.16.192.0-104.16.207.255"${none}
|
||||
for ((i=0;i<${#hkDirect[*]};i++))
|
||||
do
|
||||
ip01=`echo ${hkDirect[$i]}|awk -F "[-]" '{print $1}'`
|
||||
ip02=`echo ${hkDirect[$i]}|awk -F "[-]" '{print $2}'`
|
||||
ip11=`echo $ip01|awk -F "[.]" '{print $1}'`
|
||||
ip12=`echo $ip02|awk -F "[.]" '{print $1}'`
|
||||
|
||||
ip21=`echo $ip01|awk -F "[.]" '{print $2}'`
|
||||
ip22=`echo $ip02|awk -F "[.]" '{print $2}'`
|
||||
ip31=`echo $ip01|awk -F "[.]" '{print $3}'`
|
||||
ip32=`echo $ip02|awk -F "[.]" '{print $3}'`
|
||||
ip41=`echo $ip01|awk -F "[.]" '{print $4}'`
|
||||
ip42=`echo $ip02|awk -F "[.]" '{print $4}'`
|
||||
index=$i
|
||||
let "index++"
|
||||
testPing "$ip11 $ip12" "$ip21 $ip22" "$ip31 $ip32" "$ip41 $ip42" ${index}
|
||||
done
|
||||
;;
|
||||
esac
|
||||
}
|
||||
start(){
|
||||
echo "${purple}测试指定ip段,cloudflare的ip延迟${none}"
|
||||
echo "${purple}===============================${none}"
|
||||
echo "${green} 1.联通${none}"
|
||||
echo "${green} 2.移动${none}"
|
||||
echo "${green} 3.hk直连【适合移动以及服务器在hk的情况】${none}"
|
||||
echo "${purple}===============================${none}"
|
||||
echo "${skyBlue}请选择【数字编号】:${none}"
|
||||
read -e funType
|
||||
manageFun $funType
|
||||
}
|
||||
start
|
||||
# 104.23.240.0-104.23.243.254
|
||||
#testPing "104 104" "23 23" "243 243" "0 100"
|
|
@ -0,0 +1,32 @@
|
|||
# 前言
|
||||
>重新整理下目前的教程以及未来要加入的内容,并给出确切TodoList。
|
||||
|
||||
|
||||
# 1.V2Ray
|
||||
## 1.CDN手动部署
|
||||
- 极适用于被墙的VPS
|
||||
### 1.Cloudflare+V2Ray+WebSocket+Nginx+Web伪装博客【建议使用该方法】
|
||||
- 仅使用Cloudflare的证书
|
||||
- 客户端->Cloudflare使用TLS+Vmess加密,Cloudflare->VPS仅使用Vmess,[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Flexible.md)
|
||||
- 不需要维护TLS证书
|
||||
- 少一步解析证书的过程,速度理论上会快一些
|
||||
|
||||
### 2.Cloudflare+V2Ray+WebSocket+TLS+Nginx+Web伪装博客
|
||||
- 需要TLS,一般使用let's encrypt生成,有效期为三个月。
|
||||
- 客户端->Cloudflare使用Cloudflare TLS+Vmess加密,Cloudflare->VPS使用let's encrypt TLS+Vmess加密,[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Full.md)
|
||||
|
||||
# 2.全自动化一键脚本、博客搭建【博客书写需要熟悉markdown语法】
|
||||
- 2020-5-16 立项,预计完成时间2020-6-16
|
||||
|
||||
## [ ] 脚本编写
|
||||
## [ ] 自动博客搭建【Hexo+Next】
|
||||
- [ ] 1.博客编写
|
||||
- [ ] 2.博客部署【githook、Jekins】
|
||||
|
||||
# 3.V2Ray配置文件生成
|
||||
- 2020-5-16 立项,预计完成时间2020-6-20
|
||||
|
||||
# 4.k8s集群、Docker
|
||||
- 2020-5-16 立项,预计完成时间****
|
||||
- [ ] 私有仓库托管
|
||||
- [ ] k8s集群管理
|
|
@ -0,0 +1,207 @@
|
|||
* * *
|
||||
- [1.开机自启](#1开机自启)
|
||||
* [1.配置Nginx开机自启](#1配置Nginx开机自启)
|
||||
* [2.配置v2ray_ws_tls开机自启](#2配置v2ray_ws_tls开机自启)
|
||||
* [3.测试开机自启是否成功](#3测试开机自启是否成功)
|
||||
- [2.开启Centos bbr拥塞控制算法[我的测试机是centos 7]](#27开启centos-bbr拥塞控制算法我的测试机是centos-7)
|
||||
* [1.检查是否安装bbr](#1检查是否安装bbr)
|
||||
* [2.yum更新](#2yum更新)
|
||||
* [3.查看系统版本](#3查看系统版本)
|
||||
* [4.安装elrepo并升级内核](#4安装elrepo并升级内核)
|
||||
* [5.更新grud文件并重启](#5更新grud文件并重启)
|
||||
* [6.开机后检查内容是否为4.9及以上版本](#6开机后检查内容是否为4.9及以上版本)
|
||||
* [7.开启bbr](#7开启bbr)
|
||||
* [8.验证bbr是否开启成功](#8验证bbr是否开启成功)
|
||||
+ [测试方法1](#测试方法1)
|
||||
+ [测试方法2](#测试方法2)
|
||||
* * *
|
||||
|
||||
# 1.开机自启
|
||||
## 1.配置Nginx开机自启
|
||||
- 创建service文件
|
||||
```
|
||||
cd /etc/systemd/system&&touch nginxReboot.service
|
||||
```
|
||||
|
||||
- 将下面内容复制到/etc/systemd/system/nginxReboot.service
|
||||
```
|
||||
[Unit]
|
||||
Description=nginx - high performance web server
|
||||
After=network.target remote-fs.target nss-lookup.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PIDFile=/run/nginx.pid
|
||||
Environment=PATH=/root/.nvm/versions/node/v12.8.1/bin:/usr/bin/v2ray/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
|
||||
ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
|
||||
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
|
||||
ExecReload=/usr/sbin/nginx -s reload
|
||||
ExecStop=/usr/sbin/nginx -s stop
|
||||
ExecQuit=/usr/sbin/nginx -s quit
|
||||
PrivateTmp=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
```
|
||||
|
||||
- 设置开机自启
|
||||
```
|
||||
sudo systemctl enable nginxReboot.service
|
||||
```
|
||||
- 可能出现的错误
|
||||
```
|
||||
# 可能会出现 (13: Permission denied) while connecting to upstream:[nginx]
|
||||
// 解决方法 执行下面的命令
|
||||
setsebool -P httpd_can_network_connect 1
|
||||
```
|
||||
|
||||
## 2.配置v2ray_ws_tls开机自启
|
||||
- 创建service文件
|
||||
```
|
||||
cd /etc/systemd/system&&touch v2ray_ws_tls.service
|
||||
```
|
||||
|
||||
- 将下面内容复制到/etc/systemd/system/v2ray_ws_tls.service
|
||||
```
|
||||
[Unit]
|
||||
Description=V2Ray WS TLS Service
|
||||
After=network.target
|
||||
Wants=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
PIDFile=/run/v2rayWSTLS.pid
|
||||
ExecStart=/usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
|
||||
Restart=on-failure
|
||||
# Don't restart in the case of configuration error
|
||||
RestartPreventExitStatus=23
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
```
|
||||
- 设置开机自启
|
||||
```
|
||||
sudo systemctl enable v2ray_ws_tls.service
|
||||
```
|
||||
## 3.测试开机自启是否成功
|
||||
- 重启vps
|
||||
```
|
||||
reboot
|
||||
```
|
||||
- 重启后查看程序是否正常启动
|
||||
```
|
||||
# 执行下方命令查看v2ray是否启动
|
||||
ps -ef|grep v2ray
|
||||
|
||||
root 4533 1 0 03:03 ? 00:00:00 /usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
|
||||
root 4560 1287 0 03:04 pts/0 00:00:00 grep --color=auto v2ray
|
||||
|
||||
# 执行下方命令查看nginx是否启动,
|
||||
ps -ef|grep nginx
|
||||
``
|
||||
root 762 1 0 02:20 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
|
||||
nginx 763 762 0 02:20 ? 00:00:00 nginx: worker process
|
||||
root 4562 1287 0 03:04 pts/0 00:00:00 grep --color=auto nginx
|
||||
```
|
||||
# 2.开启Centos bbr拥塞控制算法[我的测试机是centos 7]
|
||||
## 1.检查是否安装bbr
|
||||
- 有一些vps会自带bbr模块 比如搬瓦工的某些机器,执行下面命令
|
||||
```
|
||||
lsmod | grep bbr
|
||||
```
|
||||
- 如果输出类似内容则已经开启bbr 到这里就可以结束了
|
||||
```
|
||||
tcp_bbr 20480 28
|
||||
```
|
||||
## 2.yum更新
|
||||
```
|
||||
yum update
|
||||
```
|
||||
## 3.查看系统版本
|
||||
- 执行下面命令
|
||||
```
|
||||
cat /etc/redhat-release
|
||||
```
|
||||
|
||||
- 如果release后面的数字大于7.3即可
|
||||
```
|
||||
CentOS Linux release 7.7.1908 (Core)
|
||||
```
|
||||
## 4.安装elrepo并升级内核
|
||||
- 分别依次执行下面命令
|
||||
```
|
||||
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
|
||||
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
|
||||
yum --enablerepo=elrepo-kernel install kernel-ml -y
|
||||
```
|
||||
- 正常情况下会输出下面内容
|
||||
```
|
||||
Transaction Summary
|
||||
================================================================================
|
||||
Install 1 Package
|
||||
Total download size: 39 M
|
||||
Installed size: 169 M
|
||||
Downloading packages:
|
||||
kernel-ml-4.9.0-1.el7.elrepo.x86_64.rpm | 39 MB 00:00
|
||||
Running transaction check
|
||||
Running transaction test
|
||||
Transaction test succeeded
|
||||
Running transaction
|
||||
Warning: RPMDB altered outside of yum.
|
||||
Installing : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
|
||||
Verifying : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
|
||||
Installed:
|
||||
kernel-ml.x86_64 0:4.9.0-1.el7.elrepo
|
||||
Complete!
|
||||
```
|
||||
## 5.更新grud文件并重启
|
||||
- 依次执行下面的命令,重启后需要等待数秒重新使用ssh连接
|
||||
```
|
||||
egrep ^menuentry /etc/grub2.cfg | cut -f 2 -d \'
|
||||
grub2-set-default 0
|
||||
reboot
|
||||
```
|
||||
## 6.开机后检查内容是否为4.9及以上版本
|
||||
- 执行下面的命令
|
||||
```
|
||||
uname -r
|
||||
```
|
||||
- 输出结果
|
||||
```
|
||||
5.3.7-1.el7.elrepo.x86_64
|
||||
```
|
||||
## 7.开启bbr
|
||||
- 执行下面的命令
|
||||
```
|
||||
vim /etc/sysctl.conf
|
||||
```
|
||||
- 添加如下内容
|
||||
```
|
||||
net.core.default_qdisc = fq
|
||||
net.ipv4.tcp_congestion_control = bbr
|
||||
```
|
||||
- 加载系统参数
|
||||
```
|
||||
sysctl -p
|
||||
```
|
||||
## 8.验证bbr是否开启成功
|
||||
### 测试方法1
|
||||
- 执行下面的命令
|
||||
```
|
||||
sysctl net.ipv4.tcp_available_congestion_control
|
||||
```
|
||||
- 输出下面内容即为成功
|
||||
```
|
||||
net.ipv4.tcp_available_congestion_control = bbr cubic reno
|
||||
```
|
||||
|
||||
### 测试方法2
|
||||
- 执行下面的命令
|
||||
```
|
||||
lsmod | grep bbr
|
||||
```
|
||||
- 输出下面内容即为成功
|
||||
```
|
||||
tcp_bbr 20480 28
|
||||
```
|
||||
|
|
@ -0,0 +1,52 @@
|
|||
- [1.准备工作](#1准备工作)
|
||||
- [2.购买流量转发服务](#2购买流量转发服务)
|
||||
- [3.配置流量转发服务](#3配置流量转发服务)
|
||||
* [1.配置idc.wiki流量转发](#1配置idcwiki流量转发)
|
||||
- [4.修改客户端](#4修改客户端)
|
||||
- [5节点测试](#5节点测试)
|
||||
* [1.联通](#1联通暂无)
|
||||
* [2.移动](#2移动)
|
||||
* [2.电信](#3电信暂无)
|
||||
|
||||
# 1.准备工作
|
||||
- 1.需要一台没被墙的VPS(IPLC理论上是可以转发流量给被墙的VPS,目前手中没有被墙的VPS,无法进行测试)。
|
||||
- 5.必须保证在不用流量转发服务的情况可以使用tcp vmess科学上网。
|
||||
- 6.购买流量转发服务[点击购买](https://idc.wiki)
|
||||
|
||||
# 2.购买流量转发服务
|
||||
- 1.注册-->[idc.wiki](https://idc.wiki)
|
||||
- 2.注册完成后,服务-->购买新服务-->左侧显示菜单-->左侧列表最下面【流量转发服务】【建议购买150的服务,包含IPLC线路】
|
||||
|
||||
# 3.配置流量转发服务
|
||||
## 1.配置idc.wiki流量转发
|
||||
- 1.服务-->我的产品和服务-->管理产品-->添加普通转发&添加IPLC转发【普通和IPLC设置方式一样,由于IPLC不过墙,这里建议使用IPLC】
|
||||
- 2.配置转发规则,这里只有一个点需要注意下一下【需转发地址,填写自己vps的ip以及tcp vmess的端口。】
|
||||
```
|
||||
# 示例
|
||||
173.82.112.30:37210
|
||||
```
|
||||
- 3.协议为TCP
|
||||
|
||||
# 4.修改客户端
|
||||
- 修改客户端端口部分【端口修改为中转IP的端口,例如上述的12187】
|
||||
- 其余客户端类似,在保证tcp+vmess正常使用的情况下配置流量转发服务,客户端只需要修改地址为转发的IP和端口即可。
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/Quantumult_Setting_vmess.png" width=400>
|
||||
|
||||
# 5.节点测试
|
||||
- 下列测试结果仅供参考
|
||||
## 1.联通
|
||||
|
||||
节点|台湾GCP|洛杉矶
|
||||
-|-|-
|
||||
莞港IPLC tcp_vmess|延迟50ms-100ms,回源100ms-200ms|暂无
|
||||
苏日IPLC tcp_vmess|暂无|延迟100ms-200ms,回源400ms-500ms
|
||||
|
||||
## 2.移动
|
||||
|
||||
节点|台湾GCP|洛杉矶
|
||||
-|-|-
|
||||
莞港IPLC tcp_vmess|延迟50ms-100ms,回源100ms-200ms|暂无
|
||||
苏日IPLC tcp_vmess|暂无|延迟100ms-200ms,回源400ms-500ms
|
||||
|
||||
## 3.电信【暂无】
|
||||
|
|
@ -0,0 +1,80 @@
|
|||
- [1.准备工作](#1准备工作)
|
||||
- [2.购买流量转发服务](#2购买流量转发服务)
|
||||
- [3.配置流量转发服务](#3配置流量转发服务)
|
||||
* [1.配置idc.wiki流量转发](#1配置idcwiki流量转发)
|
||||
* [2.配置&修改DNS解析](#2配置修改dns解析这里示例为cloudflare)
|
||||
- [4.修改客户端](#4修改客户端)
|
||||
- [5节点测试](#5节点测试)
|
||||
* [1.联通](#1联通暂无)
|
||||
* [2.移动](#2移动)
|
||||
* [2.电信](#3电信暂无)
|
||||
|
||||
# 1.准备工作
|
||||
- 1.需要一台没被墙的VPS(IPLC理论上是可以转发流量给被墙的VPS,目前手中没有被墙的VPS,无法进行测试)。
|
||||
- 2.需要域名以及设置DNS解析,建议使用CloudFlare,其余的dns解析也可以。这里转发的是tls+ws流量,如果只是转发tcp vmess流量可以不用域名,但是vps会有被墙的风险,这里不推荐最基础tcp+vmess【如果有需要可以提issues】。
|
||||
- 3.需要生成HTTPS证书,推荐使用通配符证书【通配符证书稍后完善】。
|
||||
- 4.上面三个步骤参考 [点此链接查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Full.md)
|
||||
- 5.必须保证在不用流量转发服务的情况可以使用tls+ws科学上网。
|
||||
- 6.购买流量转发服务[点击购买](https://idc.wiki)
|
||||
|
||||
# 2.购买流量转发服务
|
||||
- 1.注册-->[idc.wiki](https://idc.wiki)
|
||||
- 2.注册完成后,服务-->购买新服务-->左侧显示菜单-->左侧列表最下面【流量转发服务】【建议购买150的服务,包含IPLC线路】
|
||||
|
||||
# 3.配置流量转发服务
|
||||
## 1.配置idc.wiki流量转发
|
||||
- 1.服务-->我的产品和服务-->管理产品-->添加普通转发&添加IPLC转发【普通和IPLC设置方式一样】
|
||||
- 2.配置转发规则,这里只有一个点需要注意下一下【需转发地址,填写自己vps的ip以及https+ws的端口。】
|
||||
```
|
||||
# 示例
|
||||
173.82.112.30:443
|
||||
```
|
||||
- 3.协议为TCP
|
||||
|
||||
## 2.配置&修改DNS解析【这里示例为CloudFlare】
|
||||
- 1.idc.wiki 示例图
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/idcwiki_traffic.png" width=700>
|
||||
|
||||
- 2.修改域名dns解析到中转服务ip
|
||||
```
|
||||
# 1.name是你的二级域名的blog部分【blog.example.com】
|
||||
# 2.content则是上述示例图转发部分的ip
|
||||
```
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_idcwiki.png" width=700>
|
||||
|
||||
# 4.修改客户端
|
||||
- 修改客户端端口部分【端口修改为中转IP的端口,例如上述的12187】
|
||||
- 其余客户端类似,在保证ws+tls正常使用的情况下配置流量转发服务,客户端只需要修改为流量转发IP的端口即可。
|
||||
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/Quantumult_Setting.png" width=400>
|
||||
|
||||
# 5.节点测试
|
||||
- 下列测试结果仅供参考
|
||||
## 1.联通
|
||||
|
||||
节点|台湾GCP|洛杉矶
|
||||
-|-|-
|
||||
苏日IPLC ws_tls|延迟50ms-120ms,回源500ms-800ms|延迟100ms-200ms,回源1000ms-1500ms
|
||||
徐州联通 ws_tls|延迟10ms-50ms,回源1000ms-1500ms|延迟10ms-50ms,回源1000ms-1500ms
|
||||
上海电信 ws_tls|延迟1000ms+,回源2000ms+|延迟1000ms+,回源2000ms+
|
||||
泉州CN2 ws_tls|延迟50ms-150ms,回源500ms-1000ms|延迟200ms+,回源1000ms+
|
||||
绍兴双线[电信-联通出口] ws_tls|延迟200ms+,回源稳定1400ms左右|延迟30ms-40ms,回源3000ms+
|
||||
绍兴双线[联通-联通出口] ws_tls|延迟200ms+,回源稳定1400ms左右|延迟30ms-40ms,回源2000ms+
|
||||
常州三线[电信-联通出口] ws_tls|延迟200ms+,回源稳定1450ms左右|延迟200ms+,回源稳定2000ms+
|
||||
常州三线[联通-联通出口] ws_tls|延迟200ms+,回源稳定1450ms左右|延迟200ms+,回源稳定2000ms+
|
||||
常州三线[移动-联通出口] ws_tls|延迟200ms+,回源稳定1450ms左右|延迟200ms+,回源稳定2000ms+
|
||||
绍兴双线[电信-电信出口] ws_tls|错误|错误
|
||||
绍兴双线[联通-电信出口] ws_tls|延迟100ms以内,回源500ms-1000ms|延迟30ms-40ms,回源3000ms+
|
||||
|
||||
## 2.移动
|
||||
|
||||
节点|台湾GCP|洛杉矶
|
||||
-|-|-
|
||||
莞港IPLC ws_tls|延迟50ms-100ms,回源300ms-500ms|延迟50ms-100ms,回源800ms-1500ms
|
||||
苏日IPLC ws_tls|延迟50ms-120ms,回源500ms-800ms|延迟100ms-200ms,回源1000ms-1500ms
|
||||
莞港IPLC tcp_vmess|延迟50ms-100ms,回源100ms-200ms|暂无
|
||||
苏日IPLC tcp_vmess|暂无|延迟100ms-200ms,回源400ms-500ms
|
||||
上海电信 ws_tls|延迟50ms-100ms,会源500ms-700ms|延迟100ms-200ms,回源2000ms+
|
||||
泉州CN2 ws_tls|延迟50ms-120ms,回源500ms-800ms|延迟100ms-200ms,回源1000ms-1500ms
|
||||
|
||||
## 3.电信【暂无】
|
||||
|