feat(init): init

pull/534/merge
mack-a 2020-05-22 15:30:07 +08:00
parent 40e064b2c8
commit f6a80cfad7
44 changed files with 2981 additions and 415 deletions

2
.gitignore vendored 100644
View File

@ -0,0 +1,2 @@
# Created by .ignore support plugin (hsz.mobi)
.idea

View File

@ -12,15 +12,141 @@
<option name="LAST_RESOLUTION" value="IGNORE" />
</component>
<component name="FileEditorManager">
<leaf />
<leaf SIDE_TABS_SIZE_LIMIT_KEY="300">
<file pinned="false" current-in-tab="true">
<entry file="file://$PROJECT_DIR$/recover_version.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="122">
<caret line="24" lean-forward="true" selection-start-line="24" selection-end-line="24" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/generator_client_links.js">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="176">
<caret line="8" column="29" selection-start-line="8" selection-start-column="29" selection-end-line="8" selection-end-column="29" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/Trojan.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="3366">
<caret line="153" column="35" selection-start-line="153" selection-start-column="35" selection-end-line="153" selection-end-column="35" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/config/config_ws_tls.json">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="1034">
<caret line="47" column="9" lean-forward="true" selection-start-line="47" selection-start-column="9" selection-end-line="47" selection-end-column="9" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/config/nginx_Flexible.conf">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="533">
<caret line="44" column="42" selection-start-line="44" selection-start-column="42" selection-end-line="44" selection-end-column="42" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/README.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="181">
<caret line="187" column="22" selection-start-line="187" selection-start-column="22" selection-end-line="187" selection-end-column="22" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/install_new.sh">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="461">
<caret line="169" column="1" lean-forward="true" selection-start-line="169" selection-start-column="1" selection-end-line="169" selection-end-column="1" />
</state>
</provider>
</entry>
</file>
<file pinned="false" current-in-tab="false">
<entry file="file://$PROJECT_DIR$/.gitignore">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="44">
<caret line="2" lean-forward="true" selection-start-line="2" selection-end-line="2" />
</state>
</provider>
</entry>
</file>
</leaf>
</component>
<component name="FileTemplateManagerImpl">
<option name="RECENT_TEMPLATES">
<list>
<option value="JavaScript File" />
</list>
</option>
</component>
<component name="FindInProjectRecents">
<findStrings>
<find>jerry-ap/v2ray-network</find>
<find>if [</find>
<find>source</find>
<find>nodePath</find>
<find>echoType</find>
<find>==</find>
<find>uninstall</find>
<find>GO</find>
<find>checkOS</find>
<find>centos</find>
<find>Ubuntu</find>
<find>/etc/nginx/mime.types</find>
<find>sed -i</find>
<find>更加隐私一些</find>
<find>dnsmasq 实现CNAME方式</find>
<find>wget</find>
<find>zip</find>
<find>process.</find>
<find>node</find>
<find>Docker</find>
<find>sed</find>
<find>FullFl</find>
<find>到这里就配置完成可以测试是否能上被q的网站,如果可以使用可以测试上方的优化方</find>
<find>免费</find>
<find>Trajon</find>
<find>img</find>
<find>&amp;</find>
<find>idc.wiki</find>
<find>aff=1146</find>
<find>CloudFlare</find>
<find>aff.</find>
</findStrings>
<replaceStrings>
<replace>mack-a/v2ray-agent</replace>
<replace>domain</replace>
<replace>$blue</replace>
<replace>$skyBlue</replace>
<replace>$purple</replace>
<replace>${</replace>
<replace>&quot;</replace>
<replace>V2Ray</replace>
<replace>yum -y install</replace>
<replace>${echoType}</replace>
<replace>.</replace>
<replace>.sourceResult=`. /root/.bashrc`</replace>
<replace>Trojan</replace>
<replace>Cloudflare</replace>
<replace>,</replace>
</replaceStrings>
<dirStrings>
<dir>$PROJECT_DIR$</dir>
</dirStrings>
</component>
<component name="Git.Settings">
<option name="RECENT_GIT_ROOT_PATH" value="$PROJECT_DIR$" />
@ -28,12 +154,42 @@
<component name="IdeDocumentHistory">
<option name="CHANGED_PATHS">
<list>
<option value="$PROJECT_DIR$/.gitignore" />
<option value="$PROJECT_DIR$/test.sh" />
<option value="$PROJECT_DIR$/xxx.sh" />
<option value="$PROJECT_DIR$/config_ws_tls.json" />
<option value="$PROJECT_DIR$/nginx.conf" />
<option value="$PROJECT_DIR$/demo.js" />
<option value="$PROJECT_DIR$/package-lock.json" />
<option value="$PROJECT_DIR$/config/config_ws_tls.json" />
<option value="$PROJECT_DIR$/default.md" />
<option value="$PROJECT_DIR$/optimize_v2ray.md" />
<option value="$PROJECT_DIR$/settings.md" />
<option value="$PROJECT_DIR$/install.sh" />
<option value="$PROJECT_DIR$/generator_client_links.js" />
<option value="$PROJECT_DIR$/optimize_V2Ray.md" />
<option value="$PROJECT_DIR$/Dockerfile" />
<option value="$PROJECT_DIR$/Docker/Docker.md" />
<option value="$PROJECT_DIR$/Flexible.md" />
<option value="$PROJECT_DIR$/Trajon.md" />
<option value="$PROJECT_DIR$/Trojan.md" />
<option value="$PROJECT_DIR$/Cloudflare_Flexible.md" />
<option value="$PROJECT_DIR$/Cloudflare_Full.md" />
<option value="$PROJECT_DIR$/free_account.md" />
<option value="$PROJECT_DIR$/config/nginx.conf" />
<option value="$PROJECT_DIR$/traffic_relay.md" />
<option value="$PROJECT_DIR$/firewall.md" />
<option value="$PROJECT_DIR$/config/nginx_Flexible.conf" />
<option value="$PROJECT_DIR$/install_new.sh" />
<option value="$PROJECT_DIR$/traffic_relay_tls_ws.md" />
<option value="$PROJECT_DIR$/traffic_relay_tcp_vmess.md" />
<option value="$PROJECT_DIR$/README.md" />
<option value="$PROJECT_DIR$/recover_version.md" />
</list>
</option>
</component>
<component name="ProjectFrameBounds" extendedState="6">
<option name="x" value="79" />
<option name="x" value="47" />
<option name="y" value="-697" />
<option name="width" value="1280" />
<option name="height" value="697" />
@ -66,7 +222,22 @@
<property name="last_opened_file_path" value="$PROJECT_DIR$" />
<property name="nodejs_interpreter_path.stuck_in_default_project" value="$USER_HOME$/.nvm/versions/node/v6.10.0/bin/node" />
<property name="nodejs_npm_path_reset_for_default_project" value="true" />
<property name="settings.editor.selected.configurable" value="Errors" />
<property name="restartRequiresConfirmation" value="false" />
<property name="settings.editor.selected.configurable" value="preferences.sourceCode" />
</component>
<component name="RecentsManager">
<key name="CopyFile.RECENT_KEYS">
<recent name="$PROJECT_DIR$" />
<recent name="$PROJECT_DIR$/config" />
<recent name="$PROJECT_DIR$/docker" />
<recent name="$PROJECT_DIR$/fodder" />
</key>
<key name="MoveFile.RECENT_KEYS">
<recent name="$PROJECT_DIR$/fodder" />
<recent name="$PROJECT_DIR$" />
<recent name="$PROJECT_DIR$/docker" />
<recent name="$PROJECT_DIR$/config" />
</key>
</component>
<component name="RunDashboard">
<option name="ruleStates">
@ -80,6 +251,27 @@
</list>
</option>
</component>
<component name="RunManager" selected="Node.js.generator_client_links.js">
<configuration name="xxx.sh" type="BashConfigurationType" factoryName="Bash" temporary="true">
<module name="v2ray-agent" />
<option name="INTERPRETER_OPTIONS" value="bash'" />
<option name="INTERPRETER_PATH" value="/usr/bin/env" />
<option name="PROJECT_INTERPRETER" value="false" />
<option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />
<option name="PARENT_ENVS" value="true" />
<option name="SCRIPT_NAME" value="$PROJECT_DIR$/xxx.sh" />
<option name="PARAMETERS" value="" />
<method v="2" />
</configuration>
<configuration name="generator_client_links.js" type="NodeJSConfigurationType" nameIsGenerated="true" path-to-js-file="$PROJECT_DIR$/generator_client_links.js" working-dir="$PROJECT_DIR$">
<method v="2" />
</configuration>
<recent_temporary>
<list>
<item itemvalue="Bash.xxx.sh" />
</list>
</recent_temporary>
</component>
<component name="SvnConfiguration">
<configuration />
</component>
@ -90,47 +282,293 @@
<option name="number" value="Default" />
<option name="presentableId" value="Default" />
<updated>1573007543792</updated>
<workItem from="1573007546616" duration="991000" />
<workItem from="1573007546616" duration="14861000" />
<workItem from="1573105211224" duration="5701000" />
<workItem from="1573113873298" duration="13404000" />
<workItem from="1574239163078" duration="4391000" />
<workItem from="1574734689523" duration="17345000" />
<workItem from="1574846421444" duration="1000" />
<workItem from="1575276869493" duration="10075000" />
<workItem from="1575450848095" duration="28248000" />
<workItem from="1575876296267" duration="25021000" />
<workItem from="1576051264080" duration="5702000" />
<workItem from="1576113491535" duration="29909000" />
<workItem from="1576480597093" duration="35230000" />
<workItem from="1576749427970" duration="766000" />
<workItem from="1576831254361" duration="8019000" />
<workItem from="1577177224298" duration="10000" />
<workItem from="1577265966108" duration="1069000" />
<workItem from="1577411661192" duration="8030000" />
<workItem from="1577692937898" duration="934000" />
<workItem from="1577785825869" duration="9919000" />
<workItem from="1578623603875" duration="661000" />
<workItem from="1578634947925" duration="553000" />
<workItem from="1578644724979" duration="1173000" />
<workItem from="1579052752711" duration="4771000" />
<workItem from="1582528631305" duration="4531000" />
<workItem from="1582609930611" duration="1395000" />
<workItem from="1583137669423" duration="2520000" />
<workItem from="1583284796744" duration="528000" />
<workItem from="1583478817092" duration="1424000" />
<workItem from="1583829102337" duration="1839000" />
<workItem from="1584089460784" duration="7216000" />
<workItem from="1584430543139" duration="66000" />
<workItem from="1586419999097" duration="106000" />
<workItem from="1586853572994" duration="4264000" />
<workItem from="1587028532486" duration="796000" />
<workItem from="1587099320601" duration="3068000" />
<workItem from="1587440378186" duration="14318000" />
<workItem from="1587542965875" duration="3474000" />
<workItem from="1587635162834" duration="2117000" />
<workItem from="1587716147640" duration="4802000" />
<workItem from="1587882541760" duration="1544000" />
<workItem from="1588053192255" duration="388000" />
<workItem from="1588215678869" duration="1033000" />
<workItem from="1588230286359" duration="6983000" />
<workItem from="1589553918080" duration="2376000" />
<workItem from="1589632593714" duration="5750000" />
<workItem from="1589680663312" duration="837000" />
<workItem from="1590119400182" duration="4144000" />
</task>
<servers />
</component>
<component name="TimeTrackingManager">
<option name="totallyTimeSpent" value="991000" />
<option name="totallyTimeSpent" value="301312000" />
</component>
<component name="ToolWindowManager">
<frame x="79" y="-697" width="1280" height="697" extended-state="6" />
<editor active="true" />
<frame x="47" y="-697" width="1280" height="697" extended-state="6" />
<layout>
<window_info id="Favorites" side_tool="true" />
<window_info active="true" content_ui="combo" id="Project" order="0" visible="true" weight="0.2494043" />
<window_info id="Structure" order="1" side_tool="true" weight="0.25" />
<window_info anchor="bottom" id="Docker" show_stripe_button="false" />
<window_info anchor="bottom" id="Version Control" />
<window_info anchor="bottom" id="Terminal" />
<window_info anchor="bottom" id="Event Log" side_tool="true" />
<window_info content_ui="combo" id="Project" order="0" sideWeight="0.49726775" visible="true" weight="0.15250199" />
<window_info id="Structure" order="1" sideWeight="0.5027322" side_tool="true" weight="0.17688513" />
<window_info id="Favorites" order="2" side_tool="true" />
<window_info anchor="bottom" id="Message" order="0" />
<window_info anchor="bottom" id="Find" order="1" />
<window_info anchor="bottom" id="Run" order="2" />
<window_info anchor="bottom" id="Debug" order="3" weight="0.4" />
<window_info anchor="bottom" id="Run" order="2" weight="0.26280993" />
<window_info anchor="bottom" id="Debug" order="3" weight="0.29256198" />
<window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
<window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
<window_info anchor="bottom" id="TODO" order="6" />
<window_info anchor="bottom" id="Docker" order="7" show_stripe_button="false" />
<window_info active="true" anchor="bottom" id="Version Control" order="8" visible="true" weight="0.246281" />
<window_info anchor="bottom" id="Terminal" order="9" weight="0.3289256" />
<window_info anchor="bottom" id="Event Log" order="10" side_tool="true" weight="0.3289256" />
<window_info anchor="bottom" id="Messages" order="11" />
<window_info anchor="right" id="Commander" internal_type="SLIDING" order="0" type="SLIDING" weight="0.4" />
<window_info anchor="right" id="Ant Build" order="1" weight="0.25" />
<window_info anchor="right" content_ui="combo" id="Hierarchy" order="2" weight="0.25" />
</layout>
<layout-to-restore>
<window_info active="true" content_ui="combo" id="Project" order="0" sideWeight="0.49726775" visible="true" weight="0.17688513" />
<window_info id="Structure" order="1" sideWeight="0.5027322" side_tool="true" weight="0.17688513" />
<window_info id="Favorites" order="2" side_tool="true" />
<window_info anchor="bottom" id="Message" order="0" />
<window_info anchor="bottom" id="Find" order="1" />
<window_info anchor="bottom" id="Run" order="2" weight="0.26280993" />
<window_info anchor="bottom" id="Debug" order="3" weight="0.29256198" />
<window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
<window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
<window_info anchor="bottom" id="TODO" order="6" />
<window_info anchor="bottom" id="Docker" order="7" show_stripe_button="false" />
<window_info anchor="bottom" id="Version Control" order="8" weight="0.3272727" />
<window_info anchor="bottom" id="Terminal" order="9" weight="0.3289256" />
<window_info anchor="bottom" id="Event Log" order="10" side_tool="true" weight="0.3289256" />
<window_info anchor="bottom" id="Messages" order="11" />
<window_info anchor="right" id="Commander" internal_type="SLIDING" order="0" type="SLIDING" weight="0.4" />
<window_info anchor="right" id="Ant Build" order="1" weight="0.25" />
<window_info anchor="right" content_ui="combo" id="Hierarchy" order="2" weight="0.25" />
</layout-to-restore>
</component>
<component name="TypeScriptGeneratedFilesManager">
<option name="version" value="1" />
</component>
<component name="UnknownFeatures">
<option featureType="com.intellij.fileTypeFactory" implementationName="*.conf" />
<option featureType="com.intellij.fileTypeFactory" implementationName="*.md" />
</component>
<component name="Vcs.Log.History.Properties">
<option name="COLUMN_ORDER">
<list>
<option value="0" />
<option value="2" />
<option value="3" />
<option value="1" />
</list>
</option>
</component>
<component name="editorHistoryManager">
<entry file="file://$PROJECT_DIR$/fodder/CDN域名解析 CNAME.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/fodder/moeelf添加域名.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/fodder/moeelf添加DNS记录.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/fodder/dnspod添加记录.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/fodder/CloudFlare dnspod解析.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/test.sh" />
<entry file="file://$PROJECT_DIR$/node_modules/nginx-conf/src/parser.js" />
<entry file="file://$PROJECT_DIR$/node_modules/nginx-conf/src/conf.js" />
<entry file="file://$PROJECT_DIR$/node_modules/nginx-conf/index.js" />
<entry file="file://$PROJECT_DIR$/package-lock.json" />
<entry file="file://$PROJECT_DIR$/nginx.conf" />
<entry file="file://$PROJECT_DIR$/config_ws_tls.json" />
<entry file="file://$PROJECT_DIR$/xxx.sh" />
<entry file="file://$PROJECT_DIR$/updateSSH.sh" />
<entry file="file://$PROJECT_DIR$/v2ray.md" />
<entry file="file://$PROJECT_DIR$/fodder/一键脚本示例图.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/settings.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="220">
<caret line="10" column="23" lean-forward="true" selection-start-line="10" selection-start-column="23" selection-end-line="10" selection-end-column="23" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/ping_tool.sh">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="115">
<caret line="115" column="25" lean-forward="true" selection-start-line="115" selection-start-column="25" selection-end-line="115" selection-end-column="25" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/docker/docker-compose.yml" />
<entry file="file://$PROJECT_DIR$/Docker/config_ws.json" />
<entry file="file://$PROJECT_DIR$/optimize_V2Ray.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="203">
<caret line="273" lean-forward="true" selection-start-line="273" selection-end-line="273" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/Dockerfile" />
<entry file="file://$PROJECT_DIR$/Docker/Docker.md" />
<entry file="file://$PROJECT_DIR$/Docker/nginx.conf" />
<entry file="file://$PROJECT_DIR$/Docker/start.sh" />
<entry file="file://$PROJECT_DIR$/config/nginx.conf">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="661">
<caret line="54" lean-forward="true" selection-start-line="54" selection-end-line="54" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/free_account.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="220">
<caret line="10" lean-forward="true" selection-start-line="10" selection-end-line="10" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/Cloudflare_Flexible.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="661">
<caret line="104" selection-start-line="104" selection-end-line="125" selection-end-column="14" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/fodder/CloudFlare Trojan V2Ray.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/fodder/idcwiki_traffic.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/fodder/cloudflare_idcwiki.png">
<provider selected="true" editor-type-id="images" />
</entry>
<entry file="file://$PROJECT_DIR$/Cloudflare_Full.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="833">
<caret line="166" column="22" selection-start-line="166" selection-start-column="22" selection-end-line="166" selection-end-column="22" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/traffic_relay_tcp_vmess.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="176">
<caret line="8" column="18" lean-forward="true" selection-start-line="8" selection-start-column="18" selection-end-line="8" selection-end-column="18" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/firewall.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="374">
<caret line="17" column="35" lean-forward="true" selection-start-line="17" selection-start-column="35" selection-end-line="17" selection-end-column="35" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/install.sh">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="176">
<caret line="8" column="13" selection-start-line="8" selection-start-column="13" selection-end-line="8" selection-end-column="13" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/traffic_relay_tls_ws.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="655">
<caret line="33" column="9" selection-start-line="33" selection-start-column="9" selection-end-line="33" selection-end-column="9" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/generator_client_links.js">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="176">
<caret line="8" column="29" selection-start-line="8" selection-start-column="29" selection-end-line="8" selection-end-column="29" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/Trojan.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="3366">
<caret line="153" column="35" selection-start-line="153" selection-start-column="35" selection-end-line="153" selection-end-column="35" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/config/config_ws_tls.json">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="1034">
<caret line="47" column="9" lean-forward="true" selection-start-line="47" selection-start-column="9" selection-end-line="47" selection-end-column="9" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/README.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="22">
<caret line="1" column="46" lean-forward="true" selection-start-line="1" selection-end-line="1" selection-end-column="46" />
<state relative-caret-position="181">
<caret line="187" column="22" selection-start-line="187" selection-start-column="22" selection-end-line="187" selection-end-column="22" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/config/nginx_Flexible.conf">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="533">
<caret line="44" column="42" selection-start-line="44" selection-start-column="42" selection-end-line="44" selection-end-column="42" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/install_new.sh">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="461">
<caret line="169" column="1" lean-forward="true" selection-start-line="169" selection-start-column="1" selection-end-line="169" selection-end-column="1" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/.gitignore">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="44">
<caret line="2" lean-forward="true" selection-start-line="2" selection-end-line="2" />
</state>
</provider>
</entry>
<entry file="file://$PROJECT_DIR$/recover_version.md">
<provider selected="true" editor-type-id="text-editor">
<state relative-caret-position="122">
<caret line="24" lean-forward="true" selection-start-line="24" selection-end-line="24" />
</state>
</provider>
</entry>

View File

@ -0,0 +1,126 @@
# 目录
- [技能点列表](#技能点列表)
- [一键脚本](#一键脚本)
* [1.自动模式](#1自动模式)
* [2.手动模式](#2手动模式)
- [1.准备工作](#1准备工作)
* [1.注册cloudflare](#1注册cloudflare)
* [2.注册godaddy并购买域名](#2注册godaddy并购买域名)
* [3.修改godaddy域名的DNS解析](#3修改godaddy域名的dns解析)
+ [1.登录cloudflare添加域名](#1登录cloudflare添加域名)
+ [2.选择套餐](#2选择套餐)
+ [3.根据提示修改godaddy的dns解析](#3根据提示修改godaddy的dns解析)
* [4.增加cloudflare域名解析](#4增加cloudflare域名解析)
* [5.修改godaddy SSL/TLS](#5修改godaddy-ssltls)
- [2.vps配置Nginx](#2vps配置nginx)
* [1.安装Nginx](#1安装Nginx)
* [2.nginx配置文件](#2nginx配置文件)
- [3.配置v2ray](#3配置v2ray)
* [1.安装v2ray](#1安装v2ray)
* [2.v2ray配置文件](#v2ray配置文件)
* [3.启动v2ray](#3启动v2ray)
- [4.客户端](#4客户端)
* [1.MacOS](#1macos)
* [2.windows](#2windows)
# 技能点列表
- [bandwagonhost[Ubuntu、Centos、Debian]链接一](https://bandwagonhost.com)
- [bandwagonhost[Ubuntu、Centos、Debian]链接二](https://bwh1.net)【境外vps或者其他vps厂商】
- [freenom](https://freenom.com/)【免费域名】
- [godaddy](https://www.godaddy.com/)【域名厂商】
- [cloudflare](cloudflare.com)【CDN】
- [letsencrypt](https://letsencrypt.org/)【HTTPS】
- [Nginx](https://www.nginx.com/)【反向代理】
- [V2Ray](v2ray.com)【代理工具】
# 1.准备工作
## 1.注册[cloudflare](cloudflare.com)
## 2.注册[godaddy](https://www.godaddy.com/)并购买域名或者使用免费域名[freenom](https://freenom.com/)
- 这里使用godaddy作为示例
- 域名可选择xyz结尾的国际域名可采用多字符乱码的方式组合域名(比如wk1c.xyz)首年大概8RMB左右第二年可以直接买一个新的。
## 3.修改godaddy域名的DNS解析
### 1.登录cloudflare添加域名
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare.png" width=400>
### 2.选择套餐
- 如果仅仅只享受科学上网功能选择free即可
- 如果需要更好的网络环境、更快的速度,可选择相应的套餐
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_plan.png" width=400>
### 3.根据提示修改godaddy的dns解析
- cloudflare提示界面
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_dns.png" width=400>
- godaddy DNS管理根据上面的cloudflare提示界面修改为相应的dns
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/godayddy_dns.png" width=400>
## 4.增加cloudflare域名解析
- 添加域名解析(记录)可以选择二级域名这样就可以一个月解析到不同的服务器name填写你要解析的二级域名的host部分比如ls.example.com 只填写ls即可
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_record_dns.png" width=400>
## 5.修改godaddy SSL/TLS
- 如果vps选择使用https需要把类型修改为Flexible
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_tls_Flexible.png" width=400>
# 2.vps配置Nginx
## 1.安装Nginx
```
yum install nginx
```
## 2.nginx配置文件
- 1.下载配置文件并替换默认文件
```
cd /etc/nginx&&rm -rf /etc/nginx/nginx.conf&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx_Flexible.conf&&mv /etc/nginx/nginx_Flexible.conf /etc/nginx/nginx.conf
# 如果缺少wget 则执行下面的命令,然后重复上面的命令
yum install wget
```
- 将下载好的文件中关于ls.xxx.xyz的内容都替换成你的二级域名
# 3.配置v2ray
## 1.安装v2ray
```
bash <(curl -L -s https://install.direct/go.sh)
```
## 2.v2ray配置文件
- 下载config_ws_tls.json
```
cd&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/config_ws_tls.json
```
- 配置文件的id可以自己生成一个新的替换即可
```
/usr/bin/v2ray/v2ctl uuid
```
## 3.启动v2ray
```
/usr/bin/v2ray/v2ray -config ./config_ws_tls.json&
```
# 4.客户端
## 1.MacOS
- 下载V2RayU[点我下载](https://github.com/yanue/V2rayU/releases/download/1.4.1/V2rayU.dmg)
- 下载后打开服务器设置修改address即可
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/v2rayU_服务器配置.png" width=400>
- pac设置添加下面的链接并选择使用Pac模式即可
```
https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt
```
## 2.windows
- 下载v2rayN[点我下载](https://github.com/2dust/v2rayN/releases/download/2.44/v2rayN.zip)
- 使用方法 [点我查看](https://github.com/233boy/v2ray/wiki/V2RayN%E4%BD%BF%E7%94%A8%E6%95%99%E7%A8%8B)
## 3.Android
- [v2rayNG](https://github.com/2dust/v2rayNG/releases)
## 4.ios【需要自行购买或者使用共享账号安装】
- Quantumult【推荐使用】
- Shadowrocket

174
Cloudflare_Full.md 100644
View File

@ -0,0 +1,174 @@
# 目录
- [技能点列表](#技能点列表)
- [一键脚本](#一键脚本)
* [1.自动模式](#1自动模式)
* [2.手动模式](#2手动模式)
- [1.准备工作](#1准备工作)
* [1.注册cloudflare](#1注册cloudflare)
* [2.注册godaddy并购买域名](#2注册godaddy并购买域名)
* [3.修改godaddy域名的DNS解析](#3修改godaddy域名的dns解析)
+ [1.登录cloudflare添加域名](#1登录cloudflare添加域名)
+ [2.选择套餐](#2选择套餐)
+ [3.根据提示修改godaddy的dns解析](#3根据提示修改godaddy的dns解析)
* [4.增加cloudflare域名解析](#4增加cloudflare域名解析)
* [5.修改godaddy SSL/TLS](#5修改godaddy-ssltls)
- [2.vps配置Nginx、https](#2vps配置nginxhttps)
* [1.安装Nginx](#1安装Nginx)
* [2.nginx配置文件](#2nginx配置文件)
* [3.生成https](#3生成https)
- [3.配置v2ray](#3配置v2ray)
* [1.安装v2ray](#1安装v2ray)
* [2.v2ray配置文件](#v2ray配置文件)
* [3.启动v2ray](#3启动v2ray)
- [4.客户端](#4客户端)
* [1.MacOS](#1macos)
* [2.windows](#2windows)
# 1.准备工作
## 1.注册[cloudflare](cloudflare.com)
## 2.注册[godaddy](https://www.godaddy.com/)并购买域名或者使用免费域名[freenom](https://freenom.com/)
- 这里使用godaddy作为示例
- 域名可选择xyz结尾的国际域名可采用多字符乱码的方式组合域名(比如wk1c.xyz)首年大概8RMB左右第二年可以直接买一个新的。
## 3.修改godaddy域名的DNS解析
### 1.登录cloudflare添加域名
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare.png" width=400>
### 2.选择套餐
- 如果仅仅只享受科学上网功能选择free即可
- 如果需要更好的网络环境、更快的速度,可选择相应的套餐
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_plan.png" width=400>
### 3.根据提示修改godaddy的dns解析
- cloudflare提示界面
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_dns.png" width=400>
- godaddy DNS管理根据上面的cloudflare提示界面修改为相应的dns
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/godayddy_dns.png" width=400>
## 4.增加cloudflare域名解析
- 添加域名解析(记录)可以选择二级域名这样就可以一个月解析到不同的服务器name填写你要解析的二级域名的host部分比如ls.example.com 只填写ls即可
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_record_dns.png" width=400>
## 5.修改godaddy SSL/TLS
- 如果vps选择使用https需要把类型修改为Full
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_tls.png" width=400>
# 2.vps配置Nginx、https
## 1.安装Nginx
```
yum install nginx
```
## 2.nginx配置文件
- 1.下载配置文件并替换默认文件
```
cd /etc/nginx&&rm -rf /etc/nginx/nginx.conf&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx.conf
# 如果缺少wget 则执行下面的命令,然后重复上面的命令
yum install wget
```
- 将下载好的文件中关于ls.xxx.xyz的内容都替换成你的二级域名
## 3.生成https
- 1.安装acme.sh
```
curl https://get.acme.sh | sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 671 100 671 0 0 680 0 --:--:-- --:--:-- --:--:-- 679
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 112k 100 112k 0 0 690k 0 --:--:-- --:--:-- --:--:-- 693k
[Fri 30 Dec 01:03:32 GMT 2016] Installing from online archive.
[Fri 30 Dec 01:03:32 GMT 2016] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
[Fri 30 Dec 01:03:33 GMT 2016] Extracting master.tar.gz
[Fri 30 Dec 01:03:33 GMT 2016] Installing to /home/user/.acme.sh
[Fri 30 Dec 01:03:33 GMT 2016] Installed to /home/user/.acme.sh/acme.sh
[Fri 30 Dec 01:03:33 GMT 2016] Installing alias to '/home/user/.profile'
[Fri 30 Dec 01:03:33 GMT 2016] OK, Close and reopen your terminal to start using acme.sh
[Fri 30 Dec 01:03:33 GMT 2016] Installing cron job
no crontab for user
no crontab for user
[Fri 30 Dec 01:03:33 GMT 2016] Good, bash is found, so change the shebang to use bash as preferred.
[Fri 30 Dec 01:03:33 GMT 2016] OK
[Fri 30 Dec 01:03:33 GMT 2016] Install success!
```
- 2.生成https证书
```
# 替换ls.xxx.xyz为自己的域名
sudo ~/.acme.sh/acme.sh --issue -d ls.xxx.xyz --standalone -k ec-256
# 如果提示Please install socat tools first.则执行,安装完成后继续重复执行上面的命令
yum install socat
```
- 3.安装证书
```
# 替换ls.xxx.xyz为自己的域名
~/.acme.sh/acme.sh --installcert -d ls.xxx.xyz --fullchainpath /etc/nginx/ls.xxx.xyz.crt --keypath /etc/nginx/ls.xxx.xyz.key --ecc
```
- 4.修改/etc/nginx/nginx.conf
```
# 将下面这部分前面的#去掉并将ssl_certificate、ssl_certificate_key修改成自己的路径
# listen 443 ssl;
# ssl_certificate /etc/nginx/ls.xx.xyz.crt;
# ssl_certificate_key /etc/nginx/ls.xx.xyz.key;
# server_name ls.xx.xyz
```
- 5.每一次生成https证书后有效期只有三个月需要快过期时更新剩余七天内可以重新生成
```
# 替换ls.xxx.xyz为自己的域名
sudo ~/.acme.sh/acme.sh --renew -d ls.xxx.xyz --force --ecc
```
# 3.配置v2ray
## 1.安装v2ray
```
bash <(curl -L -s https://install.direct/go.sh)
```
## 2.v2ray配置文件
- 下载config_ws_tls.json
```
cd&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/config_ws_tls.json
```
- 配置文件的id可以自己生成一个新的替换即可
```
/usr/bin/v2ray/v2ctl uuid
```
## 3.启动v2ray
```
/usr/bin/v2ray/v2ray -config ./config_ws_tls.json&
```
# 4.客户端
## 1.MacOS
- 下载V2RayU[点我下载](https://github.com/yanue/V2rayU/releases/download/1.4.1/V2rayU.dmg)
- 下载后打开服务器设置修改address即可
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/v2rayU_服务器配置.png" width=400>
- pac设置添加下面的链接并选择使用Pac模式即可
```
https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt
```
## 2.windows
- 下载v2rayN[点我下载](https://github.com/2dust/v2rayN/releases/download/2.44/v2rayN.zip)
- 使用方法 [点我查看](https://github.com/233boy/v2ray/wiki/V2RayN%E4%BD%BF%E7%94%A8%E6%95%99%E7%A8%8B)
## 3.Android
- [v2rayNG](https://github.com/2dust/v2rayNG/releases)
## 4.ios【需要自行购买或者使用共享账号安装】
- Quantumult【推荐使用】
- Shadowrocket

500
README.md
View File

@ -1,355 +1,199 @@
# v2ray-network
本项目旨在更好的学习新知识采用CDN+TLS+Nginx+v2ray进行伪装并突破防火墙。
# v2ray-agent
>我始终相信人是自由的,这是本项目设立的初衷,同时也感谢各种软件的开发者与维护者。
>世界就是这样,当你开始思考时,你已经是小部分中的一员了。祝大家使用愉快。
- 本项目涉及知识点较多请耐心看完,知其然知其所以然。
- 此项目分别采用CDN+TLS+Nginx+V2Ray、Trojan进行模拟正常网站并突破防火墙同时包含优化方法以及简单的原理讲解。
- 极力推荐【[自建教程](#自建教程)】,自建教程可以快速入手并知晓其中的步骤。如遇到不懂以及不理解的可以加入[TG群讨论【对小白尤其友好】](https://t.me/v2rayAgent)。
- 优化方案包含对Cloudflare的优化[CNAME优化、DNS优化、断流优化、](#优化方案)VPS处理性能优化bbr、bbr plus【阻塞拥堵算法加快对流量的处理】、其余设置开机启动、docker镜像、防火墙设置。
- 同时提供[流量中转教程](#流量转发服务)【大大提高流量传输的速度,减少丢包】、[免费测试账号](#免费账号正常使用点击查看)。
- 接下来会提供V2Ray配置生成器、iptables流量转发、Docker镜像、私有Docker仓库、私有git仓库【gitlab】、以及可供部署k8s容器等方面的内容。
- 提供免费订阅链接【[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/free_account.md)】【如无法使用可加入TG群反馈】。
- 如本项目缺少还未加入或者完善的教程肯定是群主懒加入TG群鞭打群主让群主更有动力。
## 欢迎加入TG群共同学习、共同成长。
[点击此链接加入电报群](https://t.me/v2rayAgent)
* * *
# 目录
- [技能点列表](#技能点列表)
- [自建教程](#自建教程)
* [1.V2Ray](#1v2ray)
+ [1.方法1](#方法1flexible建议使用该方法)
+ [2.方法2](#方法2full)
* [2.Trojan](#2trojan)
- [流量转发服务](#流量转发服务)
* [1.tls+ws](1tlsws点击查看)
* [2.tcp+vmess](#2tcpvmess点击查看)
- [客户端](#客户端)
* [1.windows](#1windows)
* [2.Android](#2android)
* [2.ios](#3ios需要自行购买或者使用共享账号安装)
* [2.Mac](#4mac)
- ~~[一键脚本](#一键脚本)~~
* [1.自动模式](#1自动模式)
* [2.手动模式](#2手动模式)
- [防护墙设置](#防火墙设置点击查看)
- [免费账号【正常使用】](#免费账号正常使用点击查看)
- [备注](#备注)
* [1.推荐使用v2ray+CDN的方式](#1推荐使用v2ray-cdn的方式)
+ [1.优点](#1优点)
+ [2.缺点](#2缺点)
+ [3.数据包解析](#3数据包解析)
+ [4.建议](#4建议)
* [2.速度首选V2Ray TCP方式](#2速度首选v2ray-tcp方式)
* [3.本地网络环境不稳定首选mKCP](#3本地网络环境不稳定首选mkcp)
* [4.目前不推荐使用ss、ssr](#4目前不推荐使用ss-ssr)
- [维护进程[todo List]](#维护进程todo-list)
* [1.一键脚本](#1一键脚本)
+ [1.自动模式](#1自动模式)
+ [2.手动模式](#2手动模式)
* * *
### 优化方案
- [优化v2ray【断流、CNAME自选ip、dnsmasq自定义dns实现cname自选ip】](https://github.com/mack-a/v2ray-agent/blob/master/optimize_V2Ray.md)
- [其余设置【开机自启、bbr加速】](https://github.com/mack-a/v2ray-agent/blob/master/settings.md)
# 技能点列表
- [bandwagonhost[centos7]链接一](https://bandwagonhost.com)
- [bandwagonhost[centos7]链接二](https://bwh1.net)【境外vps或者其他vps厂商】
- [cloudflare](cloudflare.com)【CDN】
- [cloudcone](https://app.cloudcone.com/?ref=5346)【vps】
- [bandwagonhost](https://bandwagonhost.com/aff.php?aff=46893)【vps
- [freenom](https://freenom.com/)【免费域名【注册时最好使用全局代理、ip所在地和注册地一致并且最好使用手机】
- [godaddy](https://www.godaddy.com/)【域名厂商】
- [cloudflare](cloudflare.com)【CDN】
- [letsencrypt](https://letsencrypt.org/)【HTTPS】
- [Nginx](https://www.nginx.com/)【反向代理】
- [v2ray](v2ray.com)【代理工具】
- [Nginx](https://www.nginx.com/)【域名反向代理】
- [V2Ray](v2ray.com)【代理工具】
# 1.准备工作
## 1.注册[cloudflare](cloudflare.com)
## 2.注册[godaddy](https://www.godaddy.com/)并购买域名
- 域名可选择xyz结尾的国际域名可采用多字符乱码的方式组合域名(比如wk1c.xyz)首年大概8RMB左右第二年可以直接买一个新的。
* * *
## 3.修改godaddy域名的DNS解析
### 1.登录cloudflare添加域名
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare.png" width=400>
# 自建教程
# 1.V2Ray
- ios端建议使用Quantumult表现要比Trojan好。
### 2.选择套餐
- 如果仅仅只享受科学上网功能选择free即可
- 如果需要更好的网络环境、更快的速度,可选择相应的套餐
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_plan.png" width=400>
## 方法1(Flexible)【建议使用该方法】
- 只使用CloudFlare的证书
- 客户端->CloudFlare使用TLS+vmess加密CloudFlare->VPS只使用vmess[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Flexible.md)
- 不需要自己维护自己的https证书
- 少一步解析证书的过程,速度理论上会快一点
### 3.根据提示修改godaddy的dns解析
- cloudflare提示界面
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_dns.png" width=400>
## 方法2(Full)
- 需要自己生成https证书并自己维护一般使用let's encrypt生成有效期为三个月。
- 客户端->CloudFlare使用CLoudFlare TLS+vmess加密CloudFlare->VPS使用let's encrypt TLS+vmess加密[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Full.md)
- 与方法1不同的是CloudFlare和VPS通讯时也会使用TLS加密。两个方法安全方面区别不是很大。
- godaddy DNS管理根据上面的cloudflare提示界面修改为相应的dns
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/godayddy_dns.png" width=400>
# 2.Trojan
- 需要自己生成证书
- 客户端->使用自己生成的tls加密无其他加密->VPS,[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Trojan.md)
- 少一层加密,理论速度会快一些。
- 速度取决于VPS的线路。
- 需要自己维护证书。
- [官方Github](https://github.com/trojan-gfw/trojan)
## 4.增加cloudflare域名解析
- 添加域名解析(记录)可以选择二级域名这样就可以一个月解析到不同的服务器name填写你要解析的二级域名的host部分比如ls.example.com 只填写ls即可
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_record_dns.png" width=400>
# 流量转发服务
## 1.tls+ws[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/traffic_relay_tls_ws.md)
## 5.修改godaddy SSL/TLS
- 如果vps选择使用https需要把类型修改为Full
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_tls.png" width=400>
## 2.tcp+vmess[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/traffic_relay_tcp_vmess.md)
# 2.vps配置Nginx、https
## 1.安装Nginx
# 客户端
## 1.windows
- [v2rayN](https://github.com/2dust/v2rayN/releases)
## 2.Android
- [v2rayNG](https://github.com/2dust/v2rayNG/releases)
## 3.ios【需要自行购买或者使用共享账号安装】
- Quantumult【推荐使用】
- Shadowrocket
## 4.Mac
- [V2rayU](https://github.com/yanue/V2rayU/releases)
# 一键脚本
- <span style='color:red'>执行一键脚本的前提是下面的 【1.准备工作】完成并正确</span>
```
yum install nginx
```
## 2.nginx配置文件
- 1.下载配置文件并替换默认文件
```
cd /etc/nginx&&rm -rf /etc/nginx/nginx.conf&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx.conf
# 如果缺少wget 则执行下面的命令,然后重复上面的命令
yum install wget
```
- 将下载好的文件中关于ls.xxx.xyz的内容都替换成你的二级域名
## 3.生成https
- 1.安装acme.sh
```
curl https://get.acme.sh | sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 671 100 671 0 0 680 0 --:--:-- --:--:-- --:--:-- 679
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 112k 100 112k 0 0 690k 0 --:--:-- --:--:-- --:--:-- 693k
[Fri 30 Dec 01:03:32 GMT 2016] Installing from online archive.
[Fri 30 Dec 01:03:32 GMT 2016] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
[Fri 30 Dec 01:03:33 GMT 2016] Extracting master.tar.gz
[Fri 30 Dec 01:03:33 GMT 2016] Installing to /home/user/.acme.sh
[Fri 30 Dec 01:03:33 GMT 2016] Installed to /home/user/.acme.sh/acme.sh
[Fri 30 Dec 01:03:33 GMT 2016] Installing alias to '/home/user/.profile'
[Fri 30 Dec 01:03:33 GMT 2016] OK, Close and reopen your terminal to start using acme.sh
[Fri 30 Dec 01:03:33 GMT 2016] Installing cron job
no crontab for user
no crontab for user
[Fri 30 Dec 01:03:33 GMT 2016] Good, bash is found, so change the shebang to use bash as preferred.
[Fri 30 Dec 01:03:33 GMT 2016] OK
[Fri 30 Dec 01:03:33 GMT 2016] Install success!
bash <(curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/install.sh)
```
- 2.生成https证书
```
# 替换ls.xxx.xyz为自己的域名
sudo ~/.acme.sh/acme.sh --issue -d ls.xxx.xyz --standalone -k ec-256
## 1.自动模式
- 只需要输入域名即可
- 仔细检查【1.准备工作】正确
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/一键脚本自动模式.png" width=400>
# 如果提示Please install socat tools first.则执行,安装完成后继续重复执行上面的命令
yum install socat
```
## 2.手动模式
- 可以指定需要执行的内容
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/一键脚本手动模式.png" width=400>
- 3.安装证书
```
# 替换ls.xxx.xyz为自己的域名
~/.acme.sh/acme.sh --installcert -d ls.xxx.xyz --fullchainpath /etc/nginx/ls.xxx.xyz.crt --keypath /etc/nginx/ls.xxx.xyz.key --ecc
```
- 4.修改/etc/nginx/nginx.conf
```
# 将下面这部分前面的#去掉并将ssl_certificate、ssl_certificate_key修改成自己的路径
# 防火墙设置[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/firewall.md)
# 免费账号【正常使用】[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/free_account.md)
# 备注
## 1.推荐使用v2ray+CDN的方式
### 1.优点
- 1.防止境外vps被墙
- 2.由于CDN的方式是通过完全模拟正常网站也可以是说本来就是一个正常的网站同时又使用正常的CDN厂商全球最大有很多的外贸以及国外公司使用墙一般不敢ban这些ip
- 3.可以用于被墙vps的搭建
- 4.相对来说更加安全
# ssl on;
# ssl_certificate /etc/nginx/ls.xx.xyz.crt;
# ssl_certificate_key /etc/nginx/ls.xx.xyz.key;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
# ssl_prefer_server_ciphers on;
```
### 2.缺点
- 1.配置过程复杂
- 2.知识点相对比较多
- 3.维护相对复杂
- 4.由于CloudFlare不是国内的CDN厂商速度相对来说慢一些可以尝试CNAME优化方案[CNAME因为要使用国内的dns相对于来说有风险]、或者使用自定义dns服务器[分享相对小一些]
- 5.每一次生成https证书后有效期只有三个月需要快过期时更新剩余七天内可以重新生成
```
# 替换ls.xxx.xyz为自己的域名
sudo ~/.acme.sh/acme.sh --renew -d ls.xxx.xyz --force --ecc
```
### 3.数据包解析
- 1.首先运营商以及GFW获取到的数据包无法作为中间人进行攻击中间人可以直接获取到v2ray的加密数据包
- 2.即使获取到数据包之后还需要对数据包进行解密所以证书推荐使用第三方的而不使用官方提供的用了TLS加密的数据不是说不能解密而是需要耗费巨大的时间以及运算能力
- 3.解密完成后 还需要对v2ray加密的数据进行解密、嗅探等操作
- 4.不建议使用不明来历的机场,如果机场主是国内的某些关系户,你用的代理相当于实名翻墙(违法)
# 3.配置v2ray
## 1.安装v2ray
### 4.建议
- 1.注意隐私保护(今日不同往日)
- 2.建议只用做学习以及娱乐使用,不建议发表一些敏感言论(不管是诋毁自己所在的国家,还是诋毁别的国家)
- 3.不建议人身攻击(有被起底的先例)
```
bash <(curl -L -s https://install.direct/go.sh)
```
## 2.速度首选V2Ray TCP方式
- 1.本脚本目前不支持(后续可能会添加)
## 2.v2ray配置文件
## 3.本地网络环境不稳定首选mKCP
- 1.本脚本目前不支持(后续可能会添加)
- 下载config_ws_tls.json
```
cd&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/config_ws_tls.json
```
## 4.目前不推荐使用ss、ssr
- 配置文件的id可以自己生成一个新的替换即可
```
/usr/bin/v2ray/v2ctl uuid
```
# 维护进程[todo List]
## 1.一键脚本
### 1.自动模式
- [x] 1.检查系统版本是否为Ubuntu、Centos、Debian
- [x] 2.安装工具包
- [x] 3.检测nginx是否安装并配置
- [x] 4.检测https是否安装并配置
- [x] 5.检测V2Ray是否安装并配置
- [x] 6.生成vmess、二维码链接
- - [x] 1.shadowrocket
- - [ ] 2.Quantumult
- [x] 7.启动服务并退出脚本
- [ ] 8.HTTPS续签
- [ ] 9.开机自启动
- [ ] 10.面板搭建
- - [ ] 1.在线创建、删除、修改账户
- - [ ] 2.一键管理Nginx、TLS
- - [ ] 3.开机自启动
- - [ ] 4.流量控制
- - [ ] 5.日志查看
- [x] 11.Docker[开箱即用]
- [x] 12.自定义DNS服务器替换CNAME优化方案
- [ ] 13.k8s+docker一键构建V2Ray Nginx
## 3.启动v2ray
```
/usr/bin/v2ray/v2ray -config ./config_ws_tls.json&
```
### 2.手动模式
- [x] 1.检查系统版本是否为Ubuntu、Centos、Debian
- [x] 2.安装工具包
- [x] 3.检测nginx是否安装并配置
- [x] 4.检测https是否安装并配置
- [x] 5.检测V2Ray是否安装并配置
- [x] 6.启动服务并退出脚本
- [x] 7.卸载安装的所有内容
- [x] 8.查看配置文件路径
- [x] 9.生成Vmess链接
- [x] 10.返回主目录
- [x] 11.退出脚本
# 4.客户端
## 1.MacOS
- 下载V2RayU[点我下载](https://github.com/yanue/V2rayU/releases/download/1.4.1/V2rayU.dmg)
- 下载后打开服务器设置修改address即可
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/v2rayU_服务器配置.png" width=400>
- pac设置添加下面的链接
```
https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt
```
- 选择使用Pac模式即可
## 2.windows
- 下载v2rayN[点我下载](https://github.com/2dust/v2rayN/releases/download/2.44/v2rayN.zip)
- 使用方法 [点我查看](https://github.com/233boy/v2ray/wiki/V2RayN%E4%BD%BF%E7%94%A8%E6%95%99%E7%A8%8B)
<hr/>
<h3>到这里就配置完成可以测试是否能上被q的网站</h3>
<hr/>
# 5.其余设置
## 1.开机自启
### 1.配置Nginx开机自启
- 创建service文件
```
cd /etc/systemd/system&&touch nginxReboot.service
```
- 将下面内容复制到/etc/systemd/system/nginxReboot.service
```
[Unit]
Description=nginx - high performance web server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
Environment=PATH=/root/.nvm/versions/node/v12.8.1/bin:/usr/bin/v2ray/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/usr/sbin/nginx -s reload
ExecStop=/usr/sbin/nginx -s stop
ExecQuit=/usr/sbin/nginx -s quit
PrivateTmp=true
[Install]
WantedBy=multi-user.target
```
- 设置开机自启
```
sudo systemctl enable nginxReboot.service
```
- 可能出现的错误
```
# 可能会出现 (13: Permission denied) while connecting to upstream:[nginx]
// 解决方法 执行下面的命令
setsebool -P httpd_can_network_connect 1
```
### 2.配置v2ray_ws_tls开机自启
- 创建service文件
```
cd /etc/systemd/system&&touch v2ray_ws_tls.service
```
- 将下面内容复制到/etc/systemd/system/v2ray_ws_tls.service
```
[Unit]
Description=V2Ray WS TLS Service
After=network.target
Wants=network.target
[Service]
Type=simple
PIDFile=/run/v2rayWSTLS.pid
ExecStart=/usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
Restart=on-failure
# Don't restart in the case of configuration error
RestartPreventExitStatus=23
[Install]
WantedBy=multi-user.target
```
- 设置开机自启
```
sudo systemctl enable v2ray_ws_tls.service
```
### 3.测试开机自启是否成功
- 重启vps
```
reboot
```
- 重启后查看程序是否正常启动
```
# 执行下方命令查看v2ray是否启动
ps -ef|grep v2ray
root 4533 1 0 03:03 ? 00:00:00 /usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
root 4560 1287 0 03:04 pts/0 00:00:00 grep --color=auto v2ray
# 执行下方命令查看nginx是否启动
ps -ef|grep nginx
``
root 762 1 0 02:20 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 763 762 0 02:20 ? 00:00:00 nginx: worker process
root 4562 1287 0 03:04 pts/0 00:00:00 grep --color=auto nginx
```
# 6.异常处理
## 1.偶尔断流
- 修改cloudflare Firwall Rules->create a Firewall rule
- - 设置Field:URI path
- - 设置value:/v2
- - Choose an action:Allow
# 7.开启Centos bbr拥塞控制算法[我的测试机是centos 8]
## 1.检查是否安装bbr
- 有一些vps会自带bbr模块 比如搬瓦工的某些机器,执行下面命令
```
lsmod | grep bbr
```
- 如果输出类似内容则已经开启bbr 到这里就可以结束了
```
tcp_bbr 20480 28
```
## 2.yum更新
```
yum update
```
## 3.查看系统版本
- 执行下面命令
```
cat /etc/redhat-release
```
- 如果release后面的数字大于7.3即可
```
CentOS Linux release 7.7.1908 (Core)
```
## 4.安装elrepo并升级内核
- 分别依次执行下面命令
```
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum --enablerepo=elrepo-kernel install kernel-ml -y
```
- 正常情况下会输出下面内容
```
Transaction Summary
================================================================================
Install 1 Package
Total download size: 39 M
Installed size: 169 M
Downloading packages:
kernel-ml-4.9.0-1.el7.elrepo.x86_64.rpm | 39 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Installing : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
Verifying : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
Installed:
kernel-ml.x86_64 0:4.9.0-1.el7.elrepo
Complete!
```
## 5.更新grud文件并重启
- 依次执行下面的命令重启后需要等待数秒重新使用ssh连接
```
egrep ^menuentry /etc/grub2.cfg | cut -f 2 -d \'
grub2-set-default 0
reboot
```
## 6.开机后检查内容是否为4.9及以上版本
- 执行下面的命令
```
uname -r
```
- 输出结果
```
5.3.7-1.el7.elrepo.x86_64
```
## 7.开启bbr
- 执行下面的命令
```
vim /etc/sysctl.conf
```
- 添加如下内容
```
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
```
- 加载系统参数
```
sysctl -p
```
## 8.验证bbr是否开启成功
### 测试方法1
- 执行下面的命令
```
sysctl net.ipv4.tcp_available_congestion_control
```
- 输出下面内容即为成功
```
net.ipv4.tcp_available_congestion_control = bbr cubic reno
```
### 测试方法2
- 执行下面的命令
```
lsmod | grep bbr
```
- 输出下面内容即为成功
```
tcp_bbr 20480 28
```
## 1.手动搭建
- [x] 手动搭建

173
Trojan.md 100644
View File

@ -0,0 +1,173 @@
- [1.特点](#1特点)
- [2.安装](#2安装)
* [1.生成TLS证书【Lets Encrypt】](#1生成tls证书lets-encrypt)
+ [主要步骤](#主要步骤)
* [2.安装Trojan](#2安装Trojan)
+ [1.执行下方命令](#1执行下方命令)
+ [2.修改Trojan配置文件](#2修改Trojan配置文件)
+ [3.配置文件主要内容说明](#3配置文件主要内容说明)
+ [4.详细配置文件说明](#4.详细配置文件说明)
- [3.启动](#3启动)
- [4.配置与V2Ray并存【并保证网站伪装】【待完善】](#4配置与v2ray并存并保证网站伪装待完善)
# 1.特点
- 1.tls加密数据通过防火墙。
- 2.无法使用CloudFlare代理。
- 3.Trojan使用C++实现,较其他语言效率高。
- 4.客户端少ios端表现不如V2RayQuantumult
- 5.需要自己维护证书。
# 2.安装
## 1.生成TLS证书【Lets Encrypt】
### 主要步骤
- 1.配置DNS解析
- 2.安装Nginx
- 3.Lets Encrypt生成证书
- 4.参考[此链接](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Full.md#1%E5%87%86%E5%A4%87%E5%B7%A5%E4%BD%9C)中【1.准备工作】和【2.vps配置Nginx、https】。
## 2.安装Trojan
### 1.执行下方命令
```
sudo bash -c "$(curl -fsSL https://raw.githubusercontent.com/trojan-gfw/trojan-quickstart/master/trojan-quickstart.sh)"
```
### 2.修改Trojan配置文件
- 1.文件路径
```
/usr/local/etc/trojan/config.json
```
- 2.修改证书和密钥
```
vi /usr/local/etc/trojan/config.json
# 找到下方两行 修改为自己的存放证书的路径
"cert": "/path/to/certificate.crt",
"key": "/path/to/private.key",
# 找到下方位置,有几个用户就要填写几个密码
"password":[
"7f3a2df1-64e8-48bb-ebf8-3953ed699495",
"b2cc18e3-e4b3-eff8-f24c-a4a4f80a9af9"
]
```
### 3.配置文件主要内容说明
- local_port:监听的端口号默认443如果443封禁了可以更换其余端口。
- remote_addr和remote_port非trojan协议时将请求转发处理的地址和端口。默认8080端口可以开放给Nginx来配置个人站点或者伪装其他网址也可以配置搭配V2Ray来实现一个VPS多种协议
- password密码。需要几个填写几个可以使用v2ctl uuid生成也可以随便填写最后一行不可以有逗号。
### 4.详细配置文件说明
- [点此查看](https://trojan-gfw.github.io/trojan/config)
# 3.启动
- 1.开机自启
```
systemctl enable trojan
```
- 2.启动
```
systemctl start trojan
```
- 3.关闭
```
systemctl stop trojan
```
# 4.配置与V2Ray并存【并保证网站伪装】
- 1.需要配合CloudFlare
- 2.需要使用【方法1】配置V2Ray[点此查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Flexible.md)
## 1.思路
- 1.配置两个不同的二级域名
- 2.CloudFlare对V2Ray的二级域名开启Proxy【☁
- 3.SSL/TLS mode 修改为Fiexible
## 2.示例
### 1.CloudFlare SSL/TLS mode
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_tls_Flexible.png' width=400>
### 2.CloudFlare DNS Trojan&V2Ray
- 1.blog2 指向Trojan的443
- 2.blog 则通过CloudFlare指向VPS的80
- 3.指向的ip是一样的一个通过CloudFlare代理一个则不代理。
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CloudFlare Trojan V2Ray.png' width=400>
### 3.Nginx config
```
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
# 这里是你的域名
server_name blog.xxx.xyz;
root /usr/share/nginx/html;
location / {
}
location ~ /.well-known {
allow all;
}
# 这里是V2Ray
location /main {
proxy_redirect off;
proxy_pass http://127.0.0.1:31290;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
```
### 4.Trojan则不用修改

View File

@ -1,8 +1,8 @@
{
"log": {
"access": "",
"error": "",
"loglevel": "debug"
"access": "/usr/bin/V2RayConfig/V2Ray_access.log",
"error": "/usr/bin/V2RayConfig/V2Ray_error.log",
"loglevel": "warning"
},
"stats": {},
"api": {
@ -34,7 +34,7 @@
},
"inbounds": [
{
"port": 31290,
"port": 31291,
"listen": "127.0.0.1",
"protocol": "vmess",
"settings": {
@ -43,7 +43,7 @@
"id": "a4f7ef9b-6951-2397-098d-bb1e660b3805",
"alterId": 64,
"level": 1,
"email": "xxx_ls_ws_username@v2ray.com"
"email": "xxx@v2ray.com"
}
]
},

View File

@ -2,7 +2,7 @@
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
@ -27,7 +27,7 @@ http {
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
# include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
@ -38,7 +38,7 @@ http {
server {
listen 80;
listen [::]:80;
server_name ls.xxx.xyz; # 这里需要修改为你的
server_name domain; # 这里需要修改为你的
root /usr/share/nginx/html;
# Load configuration files for the default server block.
@ -57,32 +57,17 @@ http {
location = /50x.html {
}
}
#server {
# listen 80;
# server_name ls.xxx.xyz;
# return 301 https://$host$request_uri;
#}
server {
listen 443 ssl;
# ssl_certificate /etc/nginx/ls.xx.xyz.crt;
# ssl_certificate_key /etc/nginx/ls.xx.xyz.key;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
# ssl_prefer_server_ciphers on;
server_name ls.xxx.xyz; # 这里需要修改
# ssl_certificate /etc/nginx/$1.crt;
# ssl_certificate_key /etc/nginx/$1.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
server_name $1; # 这里需要修改
location / {
}
location /v2 {
proxy_redirect off;
proxy_pass http://127.0.0.1:31290;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /alone {proxy_redirect off;proxy_pass http://127.0.0.1:31299;proxy_http_version 1.1;proxy_set_header Upgrade $http_upgrade;proxy_set_header Connection "upgrade";proxy_set_header X-Real-IP $remote_addr;proxy_set_header Host $host;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}
}
}

View File

@ -0,0 +1,71 @@
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
listen [::]:80;
server_name domain; # 这里需要修改为自己的
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
location ~ /.well-known {
allow all;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location /v2 {
proxy_redirect off;
proxy_pass http://127.0.0.1:31291;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}

6
demo.sh 100755
View File

@ -0,0 +1,6 @@
#!/usr/bin/env bash
yum install wget -y
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
yum makecache
yum update -y

131
firewall.md 100644
View File

@ -0,0 +1,131 @@
- [1.CentOS7、8 配置及使用firewall](#1centos78-配置及使用firewall)
* [1.systemctl是centos7的服务管理工具中主要的工具它融合之前service和chkconfig的功能于一体](#1systemctl是centos7的服务管理工具中主要的工具它融合之前service和chkconfig的功能于一体)
* [2.firewalld的基本使用](2firewalld的基本使用)
* [3.配置firewalld-cmd](3配置firewalld-cmd)
# 1.CentOS7、8 配置及使用firewall
## 1.systemctl是CentOS7的服务管理工具中主要的工具它融合之前service和chkconfig的功能于一体。
- 启动一个服务
```
systemctl start firewalld.service
```
- 关闭一个服务
```
systemctl stop firewalld.service
```
- 重启一个服务
```
systemctl restart firewalld.service
```
- 显示一个服务的状态
```
systemctl status firewalld.service
```
- 在开机时启用一个服务
```
systemctl enable firewalld.service
```
- 在开机时禁用一个服务
```
systemctl disable firewalld.service
```
- 查看服务是否开机启动
```
systemctl is-enabled firewalld.service
```
- 查看已启动的服务列表
```
systemctl list-unit-files|grep enabled
```
- 查看启动失败的服务列表
```
systemctl --failed
```
## 2.firewalld的基本使用
- 启动
```
systemctl start firewalld
```
- 查看状态
```
systemctl status firewalld
```
- 停止
```
systemctl disable firewalld
```
- 禁用
```
systemctl stop firewalld
```
### 3.配置firewalld-cmd
- 查看版本
```
firewall-cmd --version
```
- 查看帮助
```
firewall-cmd --help
```
- 显示状态
```
firewall-cmd --state
```
- 查看所有打开的端口
```
firewall-cmd --zone=public --list-ports
```
- 更新防火墙规则
```
firewall-cmd --reload
```
- 查看区域信息
```
firewall-cmd --get-active-zones
```
- 查看指定接口所属区域
```
firewall-cmd --get-zone-of-interface=eth0
```
- 拒绝所有包
```
firewall-cmd --panic-on
```
- 取消拒绝状态
```
firewall-cmd --panic-off
```
- 查看是否拒绝
```
firewall-cmd --query-panic
```
- 查看所通过的服务
```
firewall-cmd --list-services
```
- 添加一个服务
```
firewall-cmd --add-service openvpn
```
- 永久添加一个服务
```
firewall-cmd --permanent --add-service openvpn
```
- 开启一个端口
```
firewall-cmd --zone=public --add-port=80/tcp --permanent --permanent永久生效没有此参数重启后失效
```
- 重新载入
```
firewall-cmd --reload
```
- 查看端口是否开启
```
firewall-cmd --zone= public --query-port=80/tcp
```
- 删除开放端口
```
firewall-cmd --zone= public --remove-port=80/tcp --permanent
```

Binary file not shown.

After

Width:  |  Height:  |  Size: 85 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 268 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 238 KiB

Binary file not shown.

Binary file not shown.

After

Width:  |  Height:  |  Size: 162 KiB

Binary file not shown.

Binary file not shown.

After

Width:  |  Height:  |  Size: 416 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 254 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 271 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 204 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 171 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 411 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 73 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 80 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 75 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 74 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 190 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 74 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 62 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 184 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 91 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 181 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 121 KiB

10
free_account.md 100644
View File

@ -0,0 +1,10 @@
# V2Ray
## 1.Shadowrocket&v2rayNG&v2rayN&V2rayU
```
https://blog.qiu4.ml/sub/subscribe?user=VAMXSPBUSX&type=1
```
## 2.Quantumult
```
https://blog.qiu4.ml/sub/subscribe?user=VAMXSPBUSX&type=2
```

View File

@ -0,0 +1,94 @@
const fs = require('fs');
/**
* 格式化nginx配置
* @returns {string[]}
*/
const formatNginx = (nginxPath) => {
let nginxConfig = fs.readFileSync(nginxPath).toString().split('listen');
nginxConfig = nginxConfig.map(v => {
return v.replace(/(^\s*)/g, '');
}).filter(v => {
if (v.substring(0, 3) === '443') {
return true;
}
});
nginxConfig = nginxConfig.map(v => {
v = v.split('\n').map(v => {
return v.replace(/(^\s*)/g, '')
.replace(/[\;/=]/g, '')
.replace(/[\{/=]/g, '')
.replace(/[\}/=]/g, '')
.replace(/(\s*$)/g, '');
}).filter(v => v.includes('server_name') || v.includes('location')).map(v => {
v = v.split(' ');
if (v[1]) {
return v[1];
}
}).filter(v => v);
return v;
});
return nginxConfig;
};
/**
* 格式化v2ray配置文件
*/
const formatV2rayConfig = (v2RayPath) => {
let nginxConfig = fs.readFileSync(v2RayPath).toString();
nginxConfig = JSON.parse(nginxConfig).inbounds;
nginxConfig = nginxConfig.map(v => {
return {
users: v.settings.clients,
security: v.streamSettings.security,
network: v.streamSettings.network,
path: v.streamSettings.wsSettings.path,
};
});
return nginxConfig;
};
const formatResult = () => {
let v2RayPath = null;
let nginxPath = null;
if (process && process.argv.length === 4) {
v2RayPath = process.argv[2];
nginxPath = process.argv[3];
}
if (!v2RayPath || !nginxPath) {
console.log('message 参数错误');
return;
}
let v2rayResult = formatV2rayConfig(v2RayPath);
let nginxResult = formatNginx(nginxPath);
let configArr = [];
v2rayResult.forEach(v => {
let item = nginxResult.filter(v2 => {
return v2.includes(v.path.replace(/[//=]/g, ''));
});
item.forEach(v2 => {
v.users.forEach(v3 => {
configArr.push({
port: v.network === 'ws' ? 443 : 0,
tls: v.network === 'ws' ? 'tls' : false,
host: '',
type: 'none',
path: v.path,
net: v.network,
add: v2[0],
ps: v3.email,
aid: v3.level,
v: v3.v,
id: v3.id,
});
});
});
});
// configArr.push(configArr[0]);
configArr = configArr.map(v => {
return `vmess://${Buffer.from(JSON.stringify(v)).toString('base64')}`;
});
console.log(configArr.toString().replace(/,/g,' '));
};
formatResult();

View File

@ -1,64 +1,502 @@
#!/usr/bin/env bash
export PATH="/usr/bin/:#$PATH"
nginxStatus=false
v2rayStatus=false
httpsStatus=false
# todo 先完善正常步骤
initNginx(){
echo -e '\033[36m 检查Nginx中... \033[0m'
export PATH="/usr/bin/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.nvm/versions/node/v10.17.0/bin:$PATH"
purple="\033[35m"
skyBlue="\033[36m"
red="\033[31m"
green="\033[32m"
yellow="\e[93m"
magenta="\e[95m"
cyan="\e[96m"
none="\e[0m"
installType='yum'
removeType='yum -y remove'
echoType='echo'
#检查Linux版本
check_version(){
if [[ -s /etc/redhat-release ]]; then
version=`grep -oE "[0-9.]+" /etc/redhat-release | cut -d . -f 1`
else
version=`grep -oE "[0-9.]+" /etc/issue | cut -d . -f 1`
fi
bit=`uname -m`
if [[ ${bit} = "x86_64" ]]; then
bit="x64"
else
bit="x32"
fi
}
installNginx(){
## todo 兼容debian
${echoType} "${skyBlue}检查Nginx中...${none} "
existProcessNginx=`ps -ef|grep nginx|grep -v grep`
existNginx=`command -v nginx`
if [ -z "$existProcessNginx" ] && [ -z "$existNginx" ]
then
echo '安装Nginx中如遇到是否安装输入y'
yum update
yum install nginx
echo '步骤二Nginx安装成功执行下一步'
installV2Ray
${echoType} "${skyBlue}安装Nginx中如遇到是否安装输入y${none}"
${installType} -y install nginx
rm -rf /etc/nginx/nginx.conf
wget -P /etc/nginx/ https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx.conf
${echoType} "${green}步骤二Nginx安装成功执行下一步 ${none}"
else
# todo
echo '检查到Nginx存在是否停止并卸载输入y/Y确认'
read -e unstallStatus
if [[ $unstallStatus -eq "y" || $unstallStatus -eq "Y" ]]
${echoType} "${purple}===============================${none}"
${echoType} "${purple}检测到已安装Nginx是否卸载${none}"
${echoType} "${red} 1.卸载并重新安装【会把默认的安装目录的内容删除】${none}"
${echoType} "${red} 2.跳过并使用已经安装的Nginx以及配置文件【请确认是否是此脚本的配置文件】${none}"
${echoType} "${purple}===============================${none}"
${echoType} "${skyBlue}请选择【数字编号】:${none}"
read nginxStatus
if [ "${nginxStatus}" = 1 ]
then
echo '卸载'
if [ -n "$existProcessNginx" ]
then
${echoType} "${purple}Nginx已启动关闭中...${none}"
nginx -s stop
fi
${echoType} "${skyBlue}卸载Nginx中... ${none}"
${removeType} nginx
${echoType} "${skyBlue}卸载Nginx完毕重装中... ${none}"
installNginx;
else
echo '不卸载,停止脚本'
echo "不卸载,返回主目录"
echo
manageFun
fi
fi
}
installHttps(){
echo 'https'
${echoType} "${skyBlue}安装https中,请输入你要生成tls证书的域名${none}"
read domain
# grep "domain" * -R|awk -F: "{print $1}"|sort|uniq|xargs sed -i "s/domain/$domain/g"
# cat /etc/nginx/nginx.conf |grep "domain" * -R|awk -F: "{print $1}"|sort|uniq|xargs sed -i "s/domain/$domain/g"
existProcessNginx=`ps -ef|grep nginx|grep -v grep`
if [ ! -z "${existProcessNginx}" ]
then
echo '检测到Nginx正在运行关闭中...'
nginx -s stop
fi
if [ -f "/etc/nginx/nginx.conf" ]
then
noExistNginxConfigDomain=`cat /etc/nginx/nginx.conf|grep $domain|grep -v grep`
if [ ! -z "${noExistNginxConfigDomain}" ]
then
sed -i "s/$domain/domain/g" `grep $domain -rl /etc/nginx/nginx.conf`
fi
sed -i "s/domain/$domain/g" `grep domain -rl /etc/nginx/nginx.conf`
fi
uninstallAcmeStatus="false"
if [ ! -d "/root/.acme.sh" ]
then
${echoType} "${skyBlue}安装acme.sh中...${none}"
curl https://get.acme.sh | sh
sudo ~/.acme.sh/acme.sh --issue -d $domain --standalone -k ec-256
else
${echoType} "${purple}===============================${none}"
${echoType} "${purple}检测到已安装acme.sh是否卸载${none}"
${echoType} "${red} 1.卸载并重新安装【以前生成的TLS证书会被删除需要重新输入域名】${none}"
${echoType} "${red} 2.跳过并使用已经安装的acme.sh${none}"
${echoType} "${purple}===============================${none}"
${echoType} "${skyBlue}请选择【数字编号】:${none}"
read acmeStatus
if [ "${acmeStatus}" = 1 ]
then
rm -rf ~/.acme.sh
uninstallAcmeStatus="true"
else
${echoType} "${skyBlue}生成证书中...${none}"
fi
fi
if [ "${uninstallAcmeStatus}" = "true" ]
then
installHttps
else
~/.acme.sh/acme.sh --installcert -d $domain --fullchainpath /etc/nginx/$domain.crt --keypath /etc/nginx/$domain.key --ecc
sed -i "s/# ssl_certificate/ssl_certificate/g" `grep "# ssl_certificate" -rl /etc/nginx/nginx.conf`
sed -i "s/listen 443/listen 443 ssl/g" `grep "listen 443" -rl /etc/nginx/nginx.conf`
${echoType} "${green}步骤三HTTPS执行完毕请手动确认上方是否有错误执行下一步${none}"
fi
}
installV2Ray(){
echo -e '\033[36m 检查V2Ray中... \033[0m'
${echoType} "${skyBlue}检查V2Ray中...${none} "
existProcessV2Ray=`ps -ef|grep v2ray|grep -v grep`
existV2Ray=`command -v v2ray`
if [ -z "$existProcessV2Ray" ] && [ -z "$existV2Ray" ] && [ ! -x "/usr/bin/v2ray" ]
then
${echoType} "${skyBlue}安装V2Ray中... ${none}"
wget -P /tmp/V2Ray https://github.com/V2Ray/V2Ray-core/releases/download/v4.21.3/V2Ray-linux-64.zip
cd /tmp/V2Ray
unzip /tmp/V2Ray/V2Ray-linux-64.zip
mv /tmp/V2Ray/v2ray /usr/bin/
mv /tmp/V2Ray/v2ctl /usr/bin/
mkdir /usr/bin/V2RayConfig
wget -P /usr/bin/V2RayConfig https://raw.githubusercontent.com/mack-a/V2Ray-agent/master/config/config_ws_tls.json
touch /usr/bin/V2RayConfig/V2Ray_access.log
touch /usr/bin/V2RayConfig/V2Ray_error.log
${echoType} "${green} 步骤三V2Ray安装成功执行下一步"
else
${echoType} "${purple}===============================${none}"
${echoType} "${purple}检测到已安装V2Ray是否卸载${none}"
${echoType} "${red} 1.卸载并重新安装【配置文件会重新生成】${none}"
${echoType} "${red} 2.跳过并使用已经安装的V2Ray【请确认Nginx的配置与V2Ray配置相同【端口号、Path】】${none}"
${echoType} "${purple}===============================${none}"
${echoType} "${skyBlue}请选择【数字编号】:${none}"
read acmeStatus
if [ "${acmeStatus}" -eq 1 ]
then
rm -rf /tmp/V2Ray
rm -rf /usr/bin/v2ray
rm -rf /usr/bin/v2ctl
rm -rf /usr/bin/V2RayConfig
if [ -z `ps -ef|grep v2ray|grep -v grep|awk '{print $2}'` ]
then
ps -ef|grep v2ray|grep -v grep|awk '{print $2}'|xargs kill -9
fi
installV2Ray
else
${echoType} "${green} 忽略V2Ray并继续执行"
fi
fi
}
checkOS(){
systemVersion=`cat /etc/redhat-release|grep CentOS|awk '{print $1}'`
if [ -n "$systemVersion" ] && [ "$systemVersion" == "CentOS" ]
if [ -n "$systemVersion" ] && [ "$systemVersion" -eq "CentOS" ]
then
echo ''
echo -e '\033[35m步骤一系统为CentOS执行下一步 \033[0m'
return 1
${echoType} "${green}步骤一系统为CentOS脚本可执行 ${none} "
else
echo '目前仅支持Centos'
${echoType} "${red}目前仅支持Centos${none}"
${echoType} "${red}退出脚本${none}"
exit
fi
}
init(){
echo -e "\033[35m此脚本会执行以下内容: \033[0m"
echo -e "\033[36m 1.检查系统版本是否为CentOS \033[0m"
echo -e "\033[36m 2.检测nginx是否安装并配置 \033[0m"
echo -e "\033[36m 3.检测https是否安装并配置 \033[0m"
echo -e "\033[36m 4.检测V2Ray是否安装并配置 \033[0m"
echo -e "\033[35m是否进入手动模式y键入回车进入自动模式: \033[0m"
read -e automatic
if [ "$automatic" = "y" ]
# 生成vmess链接
generatorVmess(){
${echoType} "${purple}===============================${none}"
${echoType} "${purple}选择要生成vmess的V2Ray配置文件${none}"
${echoType} "${green} 1.默认【/usr/bin/V2RayConfig/config_ws_tls.json】${none}"
${echoType} "${green} 2.官方默认【/etc/v2ray/config.json】${none}"
${echoType} "${green} 3.手动输入${none}"
${echoType} "${purple}===============================${none}"
${echoType} "${skyBlue}请选择【数字编号】:${none}"
read V2RayPathSelect
V2RayPath="";
if [ "$V2RayPathSelect" -eq "3" ]
then
echo '手动模式'
else
checkOS
echo "$?"
${echoType} "${skyBlue}请输入配置文件路径:${none}"
read V2RayPath
fi
}
case $V2RayPathSelect in
1)
V2RayPath="/usr/bin/V2RayConfig/config_ws_tls.json"
;;
2)
V2RayPath="/etc/v2ray/config.json"
;;
esac
if [ -z "${V2RayPath}" ]
then
${echoType} ${red}"V2Ray配置文件读取失败请检查路径"${none}
init
else
# 读取nginx配置文件
${echoType} "${purple}===============================${none}"
${echoType} "${purple}选择要生成vmess的Nginx配置文件路径${none}"
${echoType} "${green} 1.CDN【默认读取/etc/nginx/nginx.conf】${none}"
${echoType} "${green} 2.手动输入Nginx配置文件路径${none}"
${echoType} "${green} 3.非CDN${none}"
${echoType} "${purple}===============================${none}"
${echoType} "${skyBlue}请选择【数字编号】:${none}"
read NginxPathSelect
if [ "$NginxPathSelect" -eq "2" ]
then
${echoType} "${skyBlue}请输入Nginx配置文件路径${none}"
read NginxPath
fi
case $NginxPathSelect in
1)
NginxPath="/etc/nginx/nginx.conf"
;;
esac
if [ -z "${NginxPath}" ]
then
${echoType} ${red}"Nginx配置文件读取失败请检查路径"${none}
init
fi
# 执行node生成vmess链接
nodePath='/root/.nvm/versions/node/v10.17.0/bin/node'
if [ ! -x "/root/.nvm/versions/node/v10.17.0/bin/node" ]
then
${echoType} ${red}"安装工具包中..."${none}
installTools
fi
echo
${echoType} "${purple}===============================${none}"
${echoType} "${purple}V2Ray配置文件路径:${none}"
${echoType} "${green} ${V2RayPath}${none}"
${echoType} "${purple}Nginx配置文件路径:${none}"
${echoType} "${green} ${NginxPath}${none}"
${echoType} "${purple}===============================${none}"
echo
vmessResult=`curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/generator_client_links.js | ${nodePath} - "${V2RayPath}" "${NginxPath}"`
${echoType} "${green}===============================${none}"
echo
eval $(echo "$vmessResult" |awk '{split($0,vmess," ");for(i in vmess) print "lenArr["i"]="vmess[i]}')
for value in ${lenArr[*]}
do
${echoType} "${purple}客户端链接:${none}"
${echoType} "${skyBlue} $value${none}"
echo
${echoType} "${purple}二维码:${none}"
echo $value | qrencode -s 10 -m 1 -t UTF8
echo
done
${echoType} "${green}===============================${none}"
echo
# curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/generator_client_links.js | /root/.nvm/versions/node/v10.17.0/bin/node - "/usr/bin/V2RayConfig/config_ws_tls.json" "/etc/nginx/nginx.conf"
fi
}
startServer(){
${echoType} "${green}启动服务${none}"
nginx
/usr/bin/v2ray -config /usr/bin/V2RayConfig/config_ws_tls.json &
echo "启动完毕"
}
installTools(){
existProcessWget=`ps -ef|grep wget|grep -v grep`
existWget=`command -v wget`
${installType} -y update
if [ -z "$existProcessWget" ] && [ -z "$existWget" ]
then
${echoType} "${skyBlue}安装wget中...${none}"
${installType} -y install wget
else
echo
fi
existUnzip=`command -v unzip`
if [ -z "$existUnzip" ]
then
${echoType} "${skyBlue}安装zip中...${none}"
${installType} -y install unzip
fi
existSocat=`command -v socat`
if [ -z "$existSocat" ]
then
${echoType} "${skyBlue}安装socat中...${none}"
${installType} -y install socat
fi
existJq=`command -v jq`
if [ -z "$existJq" ]
then
${echoType} ${skyBlue}安装jq中...${none}
${installType} -y install jq
fi
# existNode=`/root/.nvm/versions/node/v10.17.0/bin`
if [ ! -x "/root/.nvm/versions/node/v10.17.0/bin/node" ]
then
${echoType} ${skyBlue}安装nvm中...${none}
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.1/install.sh | bash
${echoType} ${skyBlue}安装Node.js中...${none}
. /root/.nvm/nvm.sh
nvm install v10.17.0
fi
existQrencode=`command -v qrencode`
if [ -z "$existQrencode" ]
then
${echoType} ${skyBlue}安装qrencode中...${none}
${installType} -y install qrencode
fi
}
unInstall(){
nginx -s stop
rm -rf ~/.acme.sh
${removeType} nginx
rm -rf /tmp/V2Ray
rm -rf /usr/bin/v2ray
rm -rf /usr/bin/v2ctl
rm -rf /usr/bin/V2RayConfig
rm -rf /etc/nginx
rm -rf /root/.nvm
ps -ef|grep v2ray|grep -v grep|awk '{print $2}'|xargs kill -9
if [[ "${release}" -eq "ubuntu" || "${release}" -eq "debian" ]]
then
sed -i 's/. "\/root\/.acme.sh\/acme.sh.env"//g' `grep '. "/root/.acme.sh/acme.sh.env"' -rl /root/.bashrc`
fi
. /root/.bashrc
}
configPath(){
${echoType} "${purple}===============================${none}"
${echoType} "${red}路径如下${none}"
${echoType} "${green} 1.v2ray${none}"
${echoType} "${skyBlue} 1./usr/bin/v2ray 【V2Ray 程序】${none}"
${echoType} "${skyBlue} 2./usr/bin/v2ctl 【V2Ray 工具】${none}"
${echoType} "${skyBlue} 3./usr/bin/V2RayConfig 【V2Ray配置文件配置文件、log文件】${none}"
${echoType} "${green} 2.Nginx${none}"
${echoType} "${skyBlue} 1./usr/sbin/nginx 【Nginx 程序】${none}"
${echoType} "${skyBlue} 2./etc/nginx/nginx.conf 【Nginx 配置文件】${none}"
${echoType} "${purple}===============================${none}"
echo
}
manageFun(){
${echoType} "${purple}===============================${none}"
${echoType} "${purple}手动模式功能点目录:${none}"
${echoType} "${skyBlue} 1.检查系统版本是否为CentOS${none}"
${echoType} "${skyBlue} 2.安装工具包${none}"
${echoType} "${skyBlue} 3.检测nginx是否安装并配置${none}"
${echoType} "${skyBlue} 4.检测https是否安装并配置${none}"
${echoType} "${skyBlue} 5.检测V2Ray是否安装并配置${none}"
${echoType} "${skyBlue} 6.启动服务并退出脚本${none}"
${echoType} "${skyBlue} 7.卸载安装的所有内容${none}"
${echoType} "${skyBlue} 8.查看配置文件路径${none}"
${echoType} "${skyBlue} 9.生成Vmess、二维码链接${none}"
${echoType} "${skyBlue} 10.返回主目录${none}"
${echoType} "${red} 11.退出脚本${none}"
${echoType} "${purple}===============================${none}"
${echoType} "${skyBlue}请输入要执行的功能【数字编号】:${none}"
read funType
echo
case $funType in
1)
# checkOS
;;
2)
installTools
;;
3)
installNginx
;;
4)
${echoType} "${red}此步骤依赖【3.检测nginx是否安装并配置】${none}"
installHttps
;;
5)
installV2Ray
;;
6)
startServer
;;
7)
unInstall
;;
8)
configPath
;;
9)
generatorVmess
;;
10)
init
;;
11)
exit
;;
esac
manageFun
}
automationFun(){
case $1 in
1)
# checkOS
installTools
automationFun 2
;;
2)
installNginx
automationFun 3
;;
3)
installHttps
automationFun 4
;;
4)
installV2Ray
automationFun 5
;;
5)
generatorVmess
automationFun 6
;;
6)
startServer
exit
;;
esac
}
init(){
${echoType} "${purple}目前此脚本支持Ubuntu、Centos、Debian${none}"
${echoType} "${purple}===============================${none}"
${echoType} "${purple}支持两种模式:${none}"
${echoType} "${red} 1.自动模式${none}"
${echoType} "${red} 2.手动模式${none}"
${echoType} "${purple}===============================${none}"
${echoType} "${skyBlue}请选择【数字编号】:${none}"
read automatic
if [ "${automatic}" = 1 ]
then
${echoType} "${purple}===============================${none}"
${echoType} "${purple}自动模式会执行以下内容:${none}"
${echoType} "${skyBlue} 1.检查系统版本是否为Ubuntu、Centos、Debian${none}"
${echoType} "${skyBlue} 2.安装工具包${none}"
${echoType} "${skyBlue} 3.检测nginx是否安装并配置${none}"
${echoType} "${skyBlue} 4.检测https是否安装并配置${none}"
${echoType} "${skyBlue} 5.检测V2Ray是否安装并配置${none}"
${echoType} "${skyBlue} 6.生成vmess、二维码链接${none}"
${echoType} "${skyBlue} 7.启动服务并退出脚本${none}"
${echoType} "${purple}===============================${none}"
automationFun 1
elif [ "${automatic}" = 2 ]
then
manageFun
fi
}
# 检查系统
checkSystem(){
if [ -f /etc/redhat-release ]; then
release="centos"
installType='yum'
echoType='echo -e'
removeType='yum -y remove'
elif cat /etc/issue | grep -q -E -i "debian"; then
release="debian"
installType='apt'
echoType='echo -e'
removeType='apt -y autoremove'
elif cat /etc/issue | grep -q -E -i "ubuntu"; then
release="ubuntu"
installType='apt'
echoType='echo -e'
removeType='apt -y autoremove'
elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then
release="centos"
installType='yum'
echoType='echo -e'
removeType='yum -y remove'
elif cat /proc/version | grep -q -E -i "debian"; then
release="debian"
installType='apt'
removeType='apt -y autoremove'
echoType='echo -e'
elif cat /proc/version | grep -q -E -i "ubuntu"; then
release="ubuntu"
installType='apt'
removeType='apt -y autoremove'
echoType='echo -e'
elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then
release="centos"
installType='yum'
removeType='yum -y remove'
echoType='echo -e'
fi
}
checkSystem
[ ${release} != "debian" ] && [ ${release} != "ubuntu" ] && [ ${release} != "centos" ] && ${echoType} "${Error} 本脚本不支持当前系统 ${release} !" && exit 1
init

262
install_new.sh 100644
View File

@ -0,0 +1,262 @@
#!/usr/bin/env bash
purple="\033[35m" # 紫色
skyBlue="\033[36m" # 天蓝色
red="\033[31m" # 红色
green="\033[32m" # 绿色
yellow="\e[93m" # 黄色
magenta="\e[95m" # 红酒色
cyan="\e[96m" # 蓝绿色
none="\e[0m" # 无
installType='yum -y install'
remove='yum -y remove'
upgrade="yum -y update"
echoType='echo -e'
# echo颜色方法
echoContent(){
case $1 in
"red")
color=${red}
;;
"skyBlue")
color=${skyBlue}
;;
"green")
color=${green}
;;
"cyan")
color=${cyan}
;;
"magenta")
color=${magenta}
;;
"skyBlue")
color=${skyBlue}
;;
esac
${echoType} ${color}"$2"
}
# 安装工具包
installTools(){
echo "export LC_ALL=en_US.UTF-8" >> /etc/profile
source /etc/profile
echoContent skyBlue "删除Nginx、V2Ray、TLS"
if [[ ! -z `find /usr/sbin/ -name nginx` ]]
then
if [[ ! -z `ps -ef|grep nginx|grep -v grep` ]]
then
nginx -s stop
fi
removeLog=`yum remove nginx -y`
fi
if [[ ! -z `cat /root/.bashrc|grep -n acme` ]]
then
acmeBashrcLine=`cat /root/.bashrc|grep -n acme|awk -F "[:]" '{print $1}'|head -1`
echo ${acmeBashrcLine}
sed -i "${acmeBashrcLine}d" /root/.bashrc
fi
rm -rf ~/.acme.sh > /dev/null
echoContent skyBlue "删除完成"
echoContent skyBlue "检查、安装工具包:"
echoContent skyBlue "更新中"
${upgrade} > /dev/null
echoContent skyBlue "更新完毕"
echoContent skyBlue " 检查、安装wget--->"
progressTool wget
echoContent skyBlue " 检查、安装unzip--->"
progressTool unzip
echoContent skyBlue " 检查、安装qrencode--->"
progressTool qrencode
echoContent skyBlue " 检查、安装socat--->"
progressTool socat
echoContent skyBlue " 检查、安装crontabs--->"
progressTool crontabs
# echoContent skyBlue " 检查、安装bind-utils--->"
# progressTool bind-utils
# 关闭防火墙
}
# 安装Nginx tls证书
installNginx(){
echoContent skyBlue "检查、安装Nginx、TLS"
echoContent skyBlue " 请输入要配置的域名 例如worker.v2ray-agent.com --->"
read domain
if [[ -z ${domain} ]]
then
echoContent skyBlue " 域名不可为空--->"
installNginx
else
# 安装nginx
echoContent skyBlue " 检查、安装Nginx--->"
progressTool nginx
# 修改配置
echoContent skyBlue " 修改配置文件--->"
installLine=`cat /etc/nginx/nginx.conf|grep -n root|awk -F "[:]" '{print $1+1}'|head -1`
echo ${installLine}
sed -i "${installLine}i location ~ /.well-known {allow all;}" /etc/nginx/nginx.conf
installLine=`expr ${installLine} + 1`
sed -i "${installLine}i location /test {return 200 'fjkvymb6len';}" /etc/nginx/nginx.conf
# 启动nginx
nginx
# 测试nginx
echoContent skyBlue " 检查Nginx是否正常访问--->"
# ${domain}
domainResult=`curl -s ${domain}/test|grep fjkvymb6len`
if [[ ! -z ${domainResult} ]]
then
echoContent skyBlue " Nginx访问成功--->"
nginx -s stop
installTLS ${domain}
else
echoContent skyBlue " 无法正常访问服务器请检查域名的DNS解析是否正确--->"
fi
fi
}
# 安装TLS
installTLS(){
echoContent skyBlue " 生成TLS证书--->"
echoContent skyBlue " 安装acme--->"
curl -s https://get.acme.sh | sh
echoContent skyBlue " acme安装完毕--->"
sudo ~/.acme.sh/acme.sh --issue -d $1 --standalone -k ec-256
~/.acme.sh/acme.sh --installcert -d $1 --fullchainpath /etc/nginx/$1.crt --keypath /etc/nginx/$1.key --ecc
if [[ -z `cat /etc/nginx/$1.crt` ]]
then
echoContent skyBlue " TLS安装失败请检查acme日志--->"
exit 0
elif [[ -z `cat /etc/nginx/$1.key` ]]
then
echoContent skyBlue " TLS安装失败请检查acme日志--->"
exit 0
fi
echoContent skyBlue " TLS安装成功--->"
}
# V2Ray
installV2Ray(){
echoContent skyBlue " 安装V2Ray--->"
}
installV2RayService(){
Description=V2Ray - A unified platform for anti-censorship
Documentation=https://v2ray.com https://guide.v2fly.org
After=network.target nss-lookup.target
Wants=network-online.target
[Service]
Type=simple
User=root
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=yes
ExecStart=/usr/bin/v2ray/v2ray -config /etc/v2ray/config.json
Restart=on-failure
RestartPreventExitStatus=23
[Install]
WantedBy=multi-user.target
}
# 查看dns解析ip
checkDNS(){
echo '' > /tmp/pingLog
ping -c 3 $1 >> /tmp/pingLog
serverStatus=`ping -c 3 $1|head -1|awk -F "[service]" '{print $1}'`
pingLog=`ping -c 3 $1|tail -n 5|head -1|awk -F "[ ]" '{print $4 $7}'`
echoContent skyBlue "DNS解析ip:"${pingLog}
}
# 查看本机ip
checkDomainIP(){
currentIP=`curl -s ifconfig.me|awk '{print}'`
echoContent skyBlue ${currentIP}
}
progressTool(){
${installType} $1 > /dev/null &
#
i=0
toolName=$1
sp='/-\|'
n=${#sp}
printf ' '
sleep 0.1
if [[ "${toolName}" = "crontabs" ]]
then
toolName="crontab"
fi
while true; do
status=`command -v ${toolName}`
if [[ -z ${status} ]]
then
printf '\b%s' "${sp:i++%n:1}"
else
break;
fi
sleep 0.1
done
sleep 1
}
init(){
echoContent skyBlue "==============================="
echoContent skyBlue "欢迎使用v2ray-agentCloudflare+WS+TLS+Nginx自动化脚本如有使用问题欢迎加入TG群【https://t.me/v2rayAgent】Github【https://github.com/mack-a/v2ray-agent】"
echoContent skyBlue "注意事项:"
echoContent skyBlue " 1.脚本适合新机器会删除、卸载已经安装的应用包括V2Ray、Nginx、TLS证书"
echoContent skyBlue " 2.脚本会检查并安装工具包"
echoContent skyBlue " 3.会自动关闭防火墙"
echoContent skyBlue "==============================="
installTools
installNginx
}
checkSystem(){
if [ -f /etc/redhat-release ]; then
release="centos"
installTool='yum -y'
echoType='echo -e'
removeType='yum -y remove'
elif cat /etc/issue | grep -q -E -i "debian"; then
release="debian"
installTools='apt'
echoType='echo -e'
removeType='apt -y autoremove'
elif cat /etc/issue | grep -q -E -i "ubuntu"; then
release="ubuntu"
installTools='apt'
echoType='echo -e'
removeType='apt -y autoremove'
elif cat /etc/issue | grep -q -E -i "centos|red hat|redhat"; then
release="centos"
installTools='yum'
echoType='echo -e'
removeType='yum -y remove'
elif cat /proc/version | grep -q -E -i "debian"; then
release="debian"
installTools='apt'
removeType='apt -y autoremove'
echoType='echo -e'
elif cat /proc/version | grep -q -E -i "ubuntu"; then
release="ubuntu"
installTools='apt'
removeType='apt -y autoremove'
echoType='echo -e'
elif cat /proc/version | grep -q -E -i "centos|red hat|redhat"; then
release="centos"
installTools='yum'
removeType='yum -y remove'
echoType='echo -e'
fi
}
#checkSystem
#[ ${release} != "debian" ] && [ ${release} != "ubuntu" ] && [ ${release} != "centos" ] && ${echoType} "${Error} 本脚本不支持当前系统 ${release} !" && exit 1
init
#progressTool

284
optimize_V2Ray.md 100644
View File

@ -0,0 +1,284 @@
* * *
- [1.偶尔断流](#1偶尔断流)
- [2.更换中国大陆地区CDN](#2更换中国大陆地区cdn)
* [1.腾讯CDN[月免费10GB]](#1腾讯cdn月免费10gb)
+ [1.准备工作](#1准备工作)
+ [2.点击此链接配置腾讯云CDN](#2点击此链接配置腾讯云cdn)
- [1.配置域名【域名管理-添加域名】](#1配置域名域名管理-添加域名)
- [2.配置HTTPS证书](#2配置https证书)
- [3.回源配置](#3回源配置)
- [4.增加域名解析CNAME值](#4增加域名解析cname值)
- [3.cloudflare CNAME自选ip优化方案](#3cloudflare-cname自选ip优化方案)
* [1.准备工作](#1准备工作-1)
+ [1.免费的智能DNS解析](#1免费的智能dns解析)
+ [2.CloudFlare Partner平台合作伙伴](#2cloudflare-partner平台合作伙伴)
+ [3.CloudFlare账号](#3cloudflare账号)
* [2.修改DNS解析【这里使用的是dnspod】](#2修改dns解析这里使用的是dnspod)
* [3.注册dnspod) 【腾讯】](#3注册dnspod-腾讯)
* [4.添加域名](#4添加域名)
* [5.登入CloudFlare Partner平台](#5登入cloudflare-partner平台)
* [6.登入dnspod](#6登入dnspod)
* [7.验证是否添加成功](#7验证是否添加成功)
* [8.自定义CloudFlare ip【示例】](#8自定义cloudflare-ip示例)
* [9.原理解析](#9原理解析)
* [10.最优ip选择](#10最优ip选择)
+ [1.联通](#1联通)
+ [2.移动](#2移动)
+ [3.hk直连](3hk直连)
+ [4.自动化脚本测试线路](#4自动化脚本测试线路)
- [4.dnsmasq 实现CNAME方式](#4dnsmasq-实现cname方式)
* [1.准备工作](#1准备工作)
* [2.安装](#2安装)
* [3.修改配置文件](#3修改配置文件)
* [4.重启dnsmasq](#4重启dnsmasq)
* [5.测试&使用](#5测试使用)
* * *
# 1.偶尔断流
- 修改cloudflare Firwall Rules->create a Firewall rule
- - 设置Field:URI path
// 这里的/v2 是你的v2ray的path
- - 设置value:/v2
- - Choose an action:Allow
# 2.更换中国大陆地区CDN
- 只是更换CDN其余配置内容不变
## 1.腾讯CDN[月免费10GB]
### 1.准备工作
- 1.域名【需要大陆备案】
- 2.HTTPS证书【备案的域名的证书可以使用上方的脚本生成】
### 2.[点击此链接配置腾讯云CDN](https://console.cloud.tencent.com/cdn/access)
#### 1.配置域名【域名管理-添加域名】
- 1.域名填写备案过的域名(你要加速的域名)
- 2.源站类型-填写自有源站
- 3.源站设置填写你的vps ip
- 4.加速类型选择流媒体点播加速
- 5.关闭过滤参数
- 6.等待部署完成
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/腾讯CDN示例图01.png' width=400/>
#### 2.配置HTTPS证书
- 1.点击配置好的域名-高级设置-HTTPS配置
- 2.证书内容-填写上方生成证书的结尾为 .crt文件里面的全部内容
- 3.私钥内容-填写上方生成证书结尾为 .key文件里面的全部内容
- 4.回源方式-协议跟随
#### 3.回源配置
- 1.点击配置好的域名-回源配置-取消掉Range回源
#### 4.增加域名解析CNAME值
- 1.我这里用的是阿里云的云解析DNS
- 2.记录类型为CNAME
- 3.主机记录则是你要配置的三级域名(国际规范)例如:test.xxx.com 这里填test
- 4.解析线路默认即可
- 5.记录值填写 腾讯CDN-点击域名-基本配置-CNAME值
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CDN域名解析 CNAME.png' width=400/>
# 3.cloudflare CNAME自选ip优化方案
## 1.准备工作
### 1.免费的智能DNS解析
- 1.[dnspod](https://www.dnspod.cn/)
- 2.[cloudxns](https://www.cloudxns.net/)
- 3.[dns.la](https://www.dns.la/)
- 4.[dns.com](https://www.dns.com/)
### 2.CloudFlare Partner平台合作伙伴
- 1.[笨牛](http://cdn.bnxb.com/)
- 2.[萌精灵](https://cdn.moeelf.com/)
- 3.[自建(教程)](https://www.331u.com/461.html)
### 3.CloudFlare账号
- 使用上述第三方CloudFlare Partner时需要使用CloudFlare的账号密码
- 建议新建CloudFlare账号与自己常用的账号区分防止第三方平台保存密码并用于其他用途
- 上述推荐是各大教程推荐风险自担。也可以自行申请CloudFlare Partner并自行搭建
## 2.修改DNS解析【这里使用的是dnspod】
- 修改域名注册商中的Nameservers改为以下两个
```
f1g1ns1.dnspod.net
f1g1ns2.dnspod.net
```
## 3.注册[dnspod](https://www.dnspod.cn/) 【腾讯】
## 4.添加域名
- 添加完域名后需要等待修改的Nameserver生效
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/dnspod添加域名.png' width=500/>
## 5.登入CloudFlare Partner平台
- 1.[萌精灵](https://cdn.moeelf.com/)【本教程使用】
- 2.添加域名
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/moeelf添加域名.png' width=400/>
- 3.添加解析记录
- 记录名---填写你要配置的二级域名【严格来说是三级域名】
- 记录类型为---CNAME
- 记录内容为回源地址服务器的真实ipCloudFlare只支持网址不支持直接ip。
- CDN---开启
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/moeelf添加DNS记录.png' width=400/>
- 记录内容中的xxx.xxx替换成自己域名的部分【例如你的域名是www.example.com,替换成cf.test.example.com】提交后进入管理中心会出现下图
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/moeelfDNS管理.png' width=500/>
## 6.登入[dnspod](https://www.dnspod.cn/)
- DNS管理->我的域名->添加记录
- 这里添加CNAME的意义在于防止CloudFlare翻车【CloudFlare不允许使用ip接入只允许CNAME】
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/dnspod添加记录.png' width=500/>
## 7.验证是否添加成功
- 1.登录[CloudFlare](https://cloudflare.com)
- 2.点击域名->SSL/TLS->Edge Certificates【参考下图】如果存在则添加正确
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CloudFlare SSLTLS示例图.png' width=500/>
## 8.自定义CloudFlare ip【示例】
- 新添加的记录为类型为A、线路类型是联通、记录值是CloudFlare的ip【多播】
- 这里可以添加不同的线路类型来针对不同的网络环境。
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/dnspod添加记录自定义ip.png' width=500/>
## 9.原理解析
- 使用CloudFlare DNS【默认】
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CloudFlare默认解析.png' width=500/>
- 使用dnspod智能解析
<img src='https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/CloudFlare dnspod解析.png' width=1000/>
## 10.最优ip选择
### 1.联通
```
104.23.240.0-104.23.243.254
```
### 2.移动
```
1.0.0.0-1.0.0.254
1.1.1.0-1.1.1.254
104.16.80.0-104.16.95.255
104.16.175.255-104.16.191.255
```
### 3.hk直连
- 移动用此ip段比较好
- hk gcp服务器 ping值大约在40ms左右回源大约在300ms但是丢包率达到40%(晚高峰)
```
104.16.0.0-104.16.79.255
104.16.96.0-104.16.175.254
104.16.192.0-104.16.207.255
```
### 4.电信
```
162.159.208.4-162.159.208.103
162.159.209.4-162.159.209.103
162.159.210.4-162.159.210.103
162.159.211.4-162.159.211.103
104.16.160.*
```
### 5.自动化脚本测试线路
- 1.利用ping命令测试每个ip只测试一次延迟仅供参考
- 2.此脚本仅支持Mac、Centos【暂不支持Windows以及其余系统后续可能会添加】
```
bash <(curl -L -s https://raw.githubusercontent.com/mack-a/v2ray-agent/master/ping_tool.sh)
```
### 6.本人使用
- 联通
```
104.23.240.5 152ms
```
- 移动
```
104.16.192.0 40ms 【丢包严重】
104.24.105.3 100ms 【不丢包】
```
- 电信
```
手里没有电信网络可用上面的ip自行尝试
```
# 4.dnsmasq 实现CNAME方式
- 更加隐私一些 只适用于CDN方式
- 使用自定义DNS服务类似于本地配置hosts文件
- 需要配置不同的二级域名(三级域名)来进行解析
## 1.准备工作
- 需要一台中国大陆的服务器【最好但是国外的可以用。但是会拖慢DNS解析的速度】
- 防火墙需要开放53端口
## 2.安装
- 1.Centos/RHEL
```
yum -y install dnsmasq
```
- 2.Ubuntu/Debian
```
apt-get install dnsmasq
```
## 3.修改配置文件
```
# 不使用/etc/hosts
no-hosts
# server为上游DNS服务器
# 同时查询配置的DNS服务器哪一个快使用哪一个
all-servers
server=223.5.5.5
server=8.8.8.8
# cn域名通过114解析
server=/cn/114.114.114.114
# 一下都是实现hosts文件功能 挑选一种即可
# 添加hosts文件用来实现类似于hosts文件的功能
# addn-hosts=/etc/dnsmasq.hosts
# 指定域名解析到特定ip中【下面填写自己的域名】
# 同理Nginx也需要修改
# 如果不是泛域名证书,还需要重新配置新加入的域名证书
address=/mobile.xxx.com/39.156.69.100
address=/unicom.xxx.com/39.156.69.101
# 泛域名解析
# address=/baidu.com/39.156.110.100
```
## 4.重启dnsmasq
```
systemctl restart dnsmasq
```
## 5.测试&使用
- 1.测试
```
# xx.xx.xx.xx为配置dnsmasq服务的ip
# mobile.xxx.com 后面为自己的域名
➜ ~ dig @xx.xx.xx.xx mobile.xxx.com
; <<>> DiG 9.10.6 <<>> @xx.xx.xx.xx mobile.xxx.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43056
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mobile.xxx.com. IN A
# 下面是结果,如果和自己配置的一样则正确
;; ANSWER SECTION:
mobile.xxx.com. 0 IN A 198.41.214.162
;; Query time: 42 msec
;; SERVER: xx.xx.xx.xx#53(xx.xx.xx.xx)
;; WHEN: Mon Dec 23 16:30:29 CST 2019
;; MSG SIZE rcvd: 70
```
- 2.使用
```
需要手动修改自己本地的客户端的DNS配置各终端请自行Google
```

157
ping_tool.sh 100755
View File

@ -0,0 +1,157 @@
#!/usr/bin/env bash
purple="\033[35m"
skyBlue="\033[36m"
red="\033[31m"
green="\033[32m"
yellow="\e[93m"
magenta="\e[95m"
cyan="\e[96m"
none="\033[0m"
# 联通 104.23.240.0-104.23.243.254
# 北方联通 较快节点
# 152ms--- 104.23.240.45 104.23.241.132 104.23.242.84 104.23.243.9
# 移动 104.16.0.0-79.255 104.16.96.0-175.254 104.16.192.0-207.255
ChinaUnicom=("104.23.240.0-104.23.243.254")
ChinaMobile=("1.0.0.0-1.0.0.254" "1.1.1.0-1.1.1.254" "104.16.80.0-104.16.95.255" "104.16.175.255-104.16.191.255")
hkDirect=("104.16.0.0-104.16.79.255" "104.16.96.0-104.16.175.254" "104.16.192.0-104.16.207.255")
# 测试延迟
testPing(){
echo "\n"${skyBlue}$5次检测中....${none}${red}请等待${none}"\n"
# 计算ip段
ip11=`echo $1|awk '{print $1}'`
ip12=`echo $1|awk '{print $2}'`
ip21=`echo $2|awk '{print $1}'`
ip22=`echo $2|awk '{print $2}'`
ip31=`echo $3|awk '{print $1}'`
ip32=`echo $3|awk '{print $2}'`
ip41=`echo $4|awk '{print $1}'`
ip42=`echo $4|awk '{print $2}'`
index=0
for ((i1=$ip11;i1<=$ip12;i1++))
do
for ((i2=$ip21;i2<=$ip22;i2++))
do
for ((i3=$ip31;i3<=$ip32;i3++))
do
for ((i4=$ip41;i4<=$ip42;i4++))
do
ip="${i1}.${i2}.${i3}.${i4}"
status=`ping -c 1 -W 1000 "${ip}"|awk '{print $7}'|awk 'BEGIN{FS="="} {print $2}'|awk 'BEGIN{FS="."} {print $1}'`
ipArr[$index]="${ip} ${status} ms"
if [ "${ipArr[$index]}" == "${ip} ms" ]
then
ipArr[$index]="${ip} 9999 ms"
fi
echo ${skyBlue}".\c"{none}
# echo ${skyBlue}${ipArr[$index]}${none}
let "index++"
done
done
done
done
echo ${skyBlue}"请等待"${none}
min="1.1.1.1 1000 ms"
indexLength=${#ipArr[@]}
index=0
while(( $index< $indexLength))
do
latency=`echo ${ipArr[$index]}|awk '{print $2}'`
latency2=`echo $min|awk '{print $2}'`
if [[ ! -z $latency && ! -z $latency2 ]]
then
if [ $latency -lt $latency2 ]
then
min="${ipArr[$index]}"
fi
else
echo '异常数据'
fi
let "index++"
done
echo "${skyBlue}\n一共检测到${indexLength}个ip,第$5段ip区间最优ip为${none}"${green}$min${none}
}
manageFun(){
case $1 in
1)
echo ${skyBlue}"要检测的ip段为104.23.240.0-104.23.243.254"${none}
ipList=()
for ((i=0;i<${#ChinaUnicom[*]};i++))
do
ip01=`echo ${ChinaUnicom[$i]}|awk -F "[-]" '{print $1}'`
ip02=`echo ${ChinaUnicom[$i]}|awk -F "[-]" '{print $2}'`
ip11=`echo $ip01|awk -F "[.]" '{print $1}'`
ip12=`echo $ip02|awk -F "[.]" '{print $1}'`
ip21=`echo $ip01|awk -F "[.]" '{print $2}'`
ip22=`echo $ip02|awk -F "[.]" '{print $2}'`
ip31=`echo $ip01|awk -F "[.]" '{print $3}'`
ip32=`echo $ip02|awk -F "[.]" '{print $3}'`
ip41=`echo $ip01|awk -F "[.]" '{print $4}'`
ip42=`echo $ip02|awk -F "[.]" '{print $4}'`
index=$i
let "index++"
testPing "$ip11 $ip12" "$ip21 $ip22" "$ip31 $ip32" "$ip41 $ip42" $index
done
;;
2)
echo ${skyBlue}"要检测的ip段为1.0.0.0-1.0.0.2541.1.1.0-1.1.1.254104.16.80.0-104.16.95.255104.16.175.255-104.16.191.255"${none}
for ((i=0;i<${#ChinaMobile[*]};i++))
do
ip01=`echo ${ChinaMobile[$i]}|awk -F "[-]" '{print $1}'`
ip02=`echo ${ChinaMobile[$i]}|awk -F "[-]" '{print $2}'`
ip11=`echo $ip01|awk -F "[.]" '{print $1}'`
ip12=`echo $ip02|awk -F "[.]" '{print $1}'`
ip21=`echo $ip01|awk -F "[.]" '{print $2}'`
ip22=`echo $ip02|awk -F "[.]" '{print $2}'`
ip31=`echo $ip01|awk -F "[.]" '{print $3}'`
ip32=`echo $ip02|awk -F "[.]" '{print $3}'`
ip41=`echo $ip01|awk -F "[.]" '{print $4}'`
ip42=`echo $ip02|awk -F "[.]" '{print $4}'`
index=$i
let "index++"
testPing "$ip11 $ip12" "$ip21 $ip22" "$ip31 $ip32" "$ip41 $ip42" ${index}
done
;;
3)
echo ${skyBlue}"要检测的ip段为104.16.0.0-104.16.79.255104.16.96.0-104.16.175.254104.16.192.0-104.16.207.255"${none}
for ((i=0;i<${#hkDirect[*]};i++))
do
ip01=`echo ${hkDirect[$i]}|awk -F "[-]" '{print $1}'`
ip02=`echo ${hkDirect[$i]}|awk -F "[-]" '{print $2}'`
ip11=`echo $ip01|awk -F "[.]" '{print $1}'`
ip12=`echo $ip02|awk -F "[.]" '{print $1}'`
ip21=`echo $ip01|awk -F "[.]" '{print $2}'`
ip22=`echo $ip02|awk -F "[.]" '{print $2}'`
ip31=`echo $ip01|awk -F "[.]" '{print $3}'`
ip32=`echo $ip02|awk -F "[.]" '{print $3}'`
ip41=`echo $ip01|awk -F "[.]" '{print $4}'`
ip42=`echo $ip02|awk -F "[.]" '{print $4}'`
index=$i
let "index++"
testPing "$ip11 $ip12" "$ip21 $ip22" "$ip31 $ip32" "$ip41 $ip42" ${index}
done
;;
esac
}
start(){
echo "${purple}测试指定ip段cloudflare的ip延迟${none}"
echo "${purple}===============================${none}"
echo "${green} 1.联通${none}"
echo "${green} 2.移动${none}"
echo "${green} 3.hk直连【适合移动以及服务器在hk的情况】${none}"
echo "${purple}===============================${none}"
echo "${skyBlue}请选择【数字编号】:${none}"
read -e funType
manageFun $funType
}
start
# 104.23.240.0-104.23.243.254
#testPing "104 104" "23 23" "243 243" "0 100"

32
recover_version.md 100644
View File

@ -0,0 +1,32 @@
# 前言
>重新整理下目前的教程以及未来要加入的内容并给出确切TodoList。
# 1.V2Ray
## 1.CDN手动部署
- 极适用于被墙的VPS
### 1.Cloudflare+V2Ray+WebSocket+Nginx+Web伪装博客【建议使用该方法】
- 仅使用Cloudflare的证书
- 客户端->Cloudflare使用TLS+Vmess加密Cloudflare->VPS仅使用Vmess[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Flexible.md)
- 不需要维护TLS证书
- 少一步解析证书的过程,速度理论上会快一些
### 2.Cloudflare+V2Ray+WebSocket+TLS+Nginx+Web伪装博客
- 需要TLS一般使用let's encrypt生成有效期为三个月。
- 客户端->Cloudflare使用Cloudflare TLS+Vmess加密Cloudflare->VPS使用let's encrypt TLS+Vmess加密[点击查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Full.md)
# 2.全自动化一键脚本、博客搭建【博客书写需要熟悉markdown语法】
- 2020-5-16 立项预计完成时间2020-6-16
## [ ] 脚本编写
## [ ] 自动博客搭建【Hexo+Next】
- [ ] 1.博客编写
- [ ] 2.博客部署【githook、Jekins】
# 3.V2Ray配置文件生成
- 2020-5-16 立项预计完成时间2020-6-20
# 4.k8s集群、Docker
- 2020-5-16 立项,预计完成时间****
- [ ] 私有仓库托管
- [ ] k8s集群管理

207
settings.md 100644
View File

@ -0,0 +1,207 @@
* * *
- [1.开机自启](#1开机自启)
* [1.配置Nginx开机自启](#1配置Nginx开机自启)
* [2.配置v2ray_ws_tls开机自启](#2配置v2ray_ws_tls开机自启)
* [3.测试开机自启是否成功](#3测试开机自启是否成功)
- [2.开启Centos bbr拥塞控制算法[我的测试机是centos 7]](#27开启centos-bbr拥塞控制算法我的测试机是centos-7)
* [1.检查是否安装bbr](#1检查是否安装bbr)
* [2.yum更新](#2yum更新)
* [3.查看系统版本](#3查看系统版本)
* [4.安装elrepo并升级内核](#4安装elrepo并升级内核)
* [5.更新grud文件并重启](#5更新grud文件并重启)
* [6.开机后检查内容是否为4.9及以上版本](#6开机后检查内容是否为4.9及以上版本)
* [7.开启bbr](#7开启bbr)
* [8.验证bbr是否开启成功](#8验证bbr是否开启成功)
+ [测试方法1](#测试方法1)
+ [测试方法2](#测试方法2)
* * *
# 1.开机自启
## 1.配置Nginx开机自启
- 创建service文件
```
cd /etc/systemd/system&&touch nginxReboot.service
```
- 将下面内容复制到/etc/systemd/system/nginxReboot.service
```
[Unit]
Description=nginx - high performance web server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
Environment=PATH=/root/.nvm/versions/node/v12.8.1/bin:/usr/bin/v2ray/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/usr/sbin/nginx -s reload
ExecStop=/usr/sbin/nginx -s stop
ExecQuit=/usr/sbin/nginx -s quit
PrivateTmp=true
[Install]
WantedBy=multi-user.target
```
- 设置开机自启
```
sudo systemctl enable nginxReboot.service
```
- 可能出现的错误
```
# 可能会出现 (13: Permission denied) while connecting to upstream:[nginx]
// 解决方法 执行下面的命令
setsebool -P httpd_can_network_connect 1
```
## 2.配置v2ray_ws_tls开机自启
- 创建service文件
```
cd /etc/systemd/system&&touch v2ray_ws_tls.service
```
- 将下面内容复制到/etc/systemd/system/v2ray_ws_tls.service
```
[Unit]
Description=V2Ray WS TLS Service
After=network.target
Wants=network.target
[Service]
Type=simple
PIDFile=/run/v2rayWSTLS.pid
ExecStart=/usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
Restart=on-failure
# Don't restart in the case of configuration error
RestartPreventExitStatus=23
[Install]
WantedBy=multi-user.target
```
- 设置开机自启
```
sudo systemctl enable v2ray_ws_tls.service
```
## 3.测试开机自启是否成功
- 重启vps
```
reboot
```
- 重启后查看程序是否正常启动
```
# 执行下方命令查看v2ray是否启动
ps -ef|grep v2ray
root 4533 1 0 03:03 ? 00:00:00 /usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
root 4560 1287 0 03:04 pts/0 00:00:00 grep --color=auto v2ray
# 执行下方命令查看nginx是否启动
ps -ef|grep nginx
``
root 762 1 0 02:20 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 763 762 0 02:20 ? 00:00:00 nginx: worker process
root 4562 1287 0 03:04 pts/0 00:00:00 grep --color=auto nginx
```
# 2.开启Centos bbr拥塞控制算法[我的测试机是centos 7]
## 1.检查是否安装bbr
- 有一些vps会自带bbr模块 比如搬瓦工的某些机器,执行下面命令
```
lsmod | grep bbr
```
- 如果输出类似内容则已经开启bbr 到这里就可以结束了
```
tcp_bbr 20480 28
```
## 2.yum更新
```
yum update
```
## 3.查看系统版本
- 执行下面命令
```
cat /etc/redhat-release
```
- 如果release后面的数字大于7.3即可
```
CentOS Linux release 7.7.1908 (Core)
```
## 4.安装elrepo并升级内核
- 分别依次执行下面命令
```
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum --enablerepo=elrepo-kernel install kernel-ml -y
```
- 正常情况下会输出下面内容
```
Transaction Summary
================================================================================
Install 1 Package
Total download size: 39 M
Installed size: 169 M
Downloading packages:
kernel-ml-4.9.0-1.el7.elrepo.x86_64.rpm | 39 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Installing : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
Verifying : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
Installed:
kernel-ml.x86_64 0:4.9.0-1.el7.elrepo
Complete!
```
## 5.更新grud文件并重启
- 依次执行下面的命令重启后需要等待数秒重新使用ssh连接
```
egrep ^menuentry /etc/grub2.cfg | cut -f 2 -d \'
grub2-set-default 0
reboot
```
## 6.开机后检查内容是否为4.9及以上版本
- 执行下面的命令
```
uname -r
```
- 输出结果
```
5.3.7-1.el7.elrepo.x86_64
```
## 7.开启bbr
- 执行下面的命令
```
vim /etc/sysctl.conf
```
- 添加如下内容
```
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
```
- 加载系统参数
```
sysctl -p
```
## 8.验证bbr是否开启成功
### 测试方法1
- 执行下面的命令
```
sysctl net.ipv4.tcp_available_congestion_control
```
- 输出下面内容即为成功
```
net.ipv4.tcp_available_congestion_control = bbr cubic reno
```
### 测试方法2
- 执行下面的命令
```
lsmod | grep bbr
```
- 输出下面内容即为成功
```
tcp_bbr 20480 28
```

View File

@ -0,0 +1,52 @@
- [1.准备工作](#1准备工作)
- [2.购买流量转发服务](#2购买流量转发服务)
- [3.配置流量转发服务](#3配置流量转发服务)
* [1.配置idc.wiki流量转发](#1配置idcwiki流量转发)
- [4.修改客户端](#4修改客户端)
- [5节点测试](#5节点测试)
* [1.联通](#1联通暂无)
* [2.移动](#2移动)
* [2.电信](#3电信暂无)
# 1.准备工作
- 1.需要一台没被墙的VPSIPLC理论上是可以转发流量给被墙的VPS目前手中没有被墙的VPS无法进行测试
- 5.必须保证在不用流量转发服务的情况可以使用tcp vmess科学上网。
- 6.购买流量转发服务[点击购买](https://idc.wiki)
# 2.购买流量转发服务
- 1.注册-->[idc.wiki](https://idc.wiki)
- 2.注册完成后,服务-->购买新服务-->左侧显示菜单-->左侧列表最下面【流量转发服务】【建议购买150的服务包含IPLC线路】
# 3.配置流量转发服务
## 1.配置idc.wiki流量转发
- 1.服务-->我的产品和服务-->管理产品-->添加普通转发&添加IPLC转发【普通和IPLC设置方式一样由于IPLC不过墙这里建议使用IPLC】
- 2.配置转发规则这里只有一个点需要注意下一下【需转发地址填写自己vps的ip以及tcp vmess的端口。】
```
# 示例
173.82.112.30:37210
```
- 3.协议为TCP
# 4.修改客户端
- 修改客户端端口部分【端口修改为中转IP的端口例如上述的12187】
- 其余客户端类似在保证tcp+vmess正常使用的情况下配置流量转发服务客户端只需要修改地址为转发的IP和端口即可。
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/Quantumult_Setting_vmess.png" width=400>
# 5.节点测试
- 下列测试结果仅供参考
## 1.联通
节点|台湾GCP|洛杉矶
-|-|-
莞港IPLC tcp_vmess|延迟50ms-100ms回源100ms-200ms|暂无
苏日IPLC tcp_vmess|暂无|延迟100ms-200ms,回源400ms-500ms
## 2.移动
节点|台湾GCP|洛杉矶
-|-|-
莞港IPLC tcp_vmess|延迟50ms-100ms回源100ms-200ms|暂无
苏日IPLC tcp_vmess|暂无|延迟100ms-200ms,回源400ms-500ms
## 3.电信【暂无】

View File

@ -0,0 +1,80 @@
- [1.准备工作](#1准备工作)
- [2.购买流量转发服务](#2购买流量转发服务)
- [3.配置流量转发服务](#3配置流量转发服务)
* [1.配置idc.wiki流量转发](#1配置idcwiki流量转发)
* [2.配置&修改DNS解析](#2配置修改dns解析这里示例为cloudflare)
- [4.修改客户端](#4修改客户端)
- [5节点测试](#5节点测试)
* [1.联通](#1联通暂无)
* [2.移动](#2移动)
* [2.电信](#3电信暂无)
# 1.准备工作
- 1.需要一台没被墙的VPSIPLC理论上是可以转发流量给被墙的VPS目前手中没有被墙的VPS无法进行测试
- 2.需要域名以及设置DNS解析建议使用CloudFlare其余的dns解析也可以。这里转发的是tls+ws流量如果只是转发tcp vmess流量可以不用域名但是vps会有被墙的风险这里不推荐最基础tcp+vmess【如果有需要可以提issues】。
- 3.需要生成HTTPS证书推荐使用通配符证书【通配符证书稍后完善】。
- 4.上面三个步骤参考 [点此链接查看](https://github.com/mack-a/v2ray-agent/blob/master/Cloudflare_Full.md)
- 5.必须保证在不用流量转发服务的情况可以使用tls+ws科学上网。
- 6.购买流量转发服务[点击购买](https://idc.wiki)
# 2.购买流量转发服务
- 1.注册-->[idc.wiki](https://idc.wiki)
- 2.注册完成后,服务-->购买新服务-->左侧显示菜单-->左侧列表最下面【流量转发服务】【建议购买150的服务包含IPLC线路】
# 3.配置流量转发服务
## 1.配置idc.wiki流量转发
- 1.服务-->我的产品和服务-->管理产品-->添加普通转发&添加IPLC转发【普通和IPLC设置方式一样】
- 2.配置转发规则这里只有一个点需要注意下一下【需转发地址填写自己vps的ip以及https+ws的端口。】
```
# 示例
173.82.112.30:443
```
- 3.协议为TCP
## 2.配置&修改DNS解析【这里示例为CloudFlare】
- 1.idc.wiki 示例图
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/idcwiki_traffic.png" width=700>
- 2.修改域名dns解析到中转服务ip
```
# 1.name是你的二级域名的blog部分【blog.example.com】
# 2.content则是上述示例图转发部分的ip
```
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/cloudflare_idcwiki.png" width=700>
# 4.修改客户端
- 修改客户端端口部分【端口修改为中转IP的端口例如上述的12187】
- 其余客户端类似在保证ws+tls正常使用的情况下配置流量转发服务客户端只需要修改为流量转发IP的端口即可。
<img src="https://raw.githubusercontent.com/mack-a/v2ray-agent/master/fodder/Quantumult_Setting.png" width=400>
# 5.节点测试
- 下列测试结果仅供参考
## 1.联通
节点|台湾GCP|洛杉矶
-|-|-
苏日IPLC ws_tls|延迟50ms-120ms回源500ms-800ms|延迟100ms-200ms,回源1000ms-1500ms
徐州联通 ws_tls|延迟10ms-50ms回源1000ms-1500ms|延迟10ms-50ms回源1000ms-1500ms
上海电信 ws_tls|延迟1000ms+回源2000ms+|延迟1000ms+回源2000ms+
泉州CN2 ws_tls|延迟50ms-150ms回源500ms-1000ms|延迟200ms+,回源1000ms+
绍兴双线[电信-联通出口] ws_tls|延迟200ms+,回源稳定1400ms左右|延迟30ms-40ms,回源3000ms+
绍兴双线[联通-联通出口] ws_tls|延迟200ms+,回源稳定1400ms左右|延迟30ms-40ms,回源2000ms+
常州三线[电信-联通出口] ws_tls|延迟200ms+,回源稳定1450ms左右|延迟200ms+,回源稳定2000ms+
常州三线[联通-联通出口] ws_tls|延迟200ms+,回源稳定1450ms左右|延迟200ms+,回源稳定2000ms+
常州三线[移动-联通出口] ws_tls|延迟200ms+,回源稳定1450ms左右|延迟200ms+,回源稳定2000ms+
绍兴双线[电信-电信出口] ws_tls|错误|错误
绍兴双线[联通-电信出口] ws_tls|延迟100ms以内回源500ms-1000ms|延迟30ms-40ms,回源3000ms+
## 2.移动
节点|台湾GCP|洛杉矶
-|-|-
莞港IPLC ws_tls|延迟50ms-100ms回源300ms-500ms|延迟50ms-100ms,回源800ms-1500ms
苏日IPLC ws_tls|延迟50ms-120ms回源500ms-800ms|延迟100ms-200ms,回源1000ms-1500ms
莞港IPLC tcp_vmess|延迟50ms-100ms回源100ms-200ms|暂无
苏日IPLC tcp_vmess|暂无|延迟100ms-200ms,回源400ms-500ms
上海电信 ws_tls|延迟50ms-100ms会源500ms-700ms|延迟100ms-200ms回源2000ms+
泉州CN2 ws_tls|延迟50ms-120ms回源500ms-800ms|延迟100ms-200ms,回源1000ms-1500ms
## 3.电信【暂无】