Something About V

前言

V2Ray已由V2Fly项目接管，截至到这篇记录最新版本来到了4.34.0，多增加了一个新的协议：VLESS。此处记录一下。

全新安装

$ mkdir ~/scripts
# v2fly 主文件
$ curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh
# geoip dat文件
$ curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-dat-release.sh

$ bash install-release.sh
$ bash install-dat-release.sh

# 卸载
$ bash install-release.sh --remove

详见v2fly官网安装说明

v2ray配置文件

配置文件位置变了，在/usr/local/etc/v2ray/里。

• VMESS+Websocket协议的配置

$ nano /usr/local/etc/v2ray/config.json

{
    "log": {
        "access": "/var/log/v2ray/access.log",
        "error": "/var/log/v2ray/error.log",
        "loglevel": "warning"
    },
    "inbound": {
        "port":port,
        "listen":"127.0.0.1",
        "protocol": "vmess",
        "settings": {
                "clients": [
                {
                    "id": "可以用v2ctl uuid命令生成一个",
                    "level": 1,
                    "alterId": 80
                }
            ]
        },
        "streamSettings":{
            "network":"ws",
            "security":"",
            "wsSettings":{
                "path":"Your Path"
            }
        }
    },
    "outbound": {
        "protocol": "freedom",
        "settings": {}
    },
    "outboundDetour": [
        {
            "protocol": "blackhole",
            "settings": {},
            "tag": "blocked"
        }
    ],
    "routing": {
        "strategy": "rules",
        "settings": {
            "rules": [
                {
                    "type": "field",
                    "ip": [
                        "0.0.0.0/8",
                        "10.0.0.0/8",
                        "100.64.0.0/10",
                        "127.0.0.0/8",
                        "169.254.0.0/16",
                        "172.16.0.0/12",
                        "192.0.0.0/24",
                        "192.0.2.0/24",
                        "192.168.0.0/16",
                        "198.18.0.0/15",
                        "198.51.100.0/24",
                        "203.0.113.0/24",
                        "::1/128",
                        "fc00::/7",
                        "fe80::/10"
                    ],
                    "outboundTag": "blocked"
                }
            ]
        }
    }
}

• VLESS+Websocket协议的配置

$ nano /usr/local/etc/v2ray/config.json

{
    "log": {
        "access": "/var/log/v2ray/access.log",
        "error": "/var/log/v2ray/error.log",
        "loglevel": "warning"
    },
    "inbound": {
        "port":port,
        "protocol": "vless",
        "settings": {
                "decryption": "none",
                "clients": [
                {
                    "id": "可以用v2ctl uuid命令生成一个",
                    "level": 0
                }
            ]
        },
        "streamSettings":{
            "network":"ws",
            "security":"none",
            "wsSettings":{
                "path":"Your Path"
            }
        }
    },
    "outbound": {
        "protocol": "freedom",
        "settings": {}
    },
    "outboundDetour": [
        {
            "protocol": "blackhole",
            "settings": {},
            "tag": "blocked"
        }
    ],
    "routing": {
        "strategy": "rules",
        "settings": {
            "rules": [
                {
                    "type": "field",
                    "ip": [
                        "0.0.0.0/8",
                        "10.0.0.0/8",
                        "100.64.0.0/10",
                        "127.0.0.0/8",
                        "169.254.0.0/16",
                        "172.16.0.0/12",
                        "192.0.0.0/24",
                        "192.0.2.0/24",
                        "192.168.0.0/16",
                        "198.18.0.0/15",
                        "198.51.100.0/24",
                        "203.0.113.0/24",
                        "::1/128",
                        "fc00::/7",
                        "fe80::/10"
                    ],
                    "outboundTag": "blocked"
                }
            ]
        }
    }
}

申请证书

$ sudo apt-get install certbot
$ certbot certonly --standalone -d example.com -d www.example.com

Nginx配置文件

$ nano /etc/nginx/config.d/proxy.conf

server {
    listen 80;
    server_name example.com;
    rewrite ^/(.*) https://example.com$1 permanent;
}

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    error_page 497  https://$host$request_uri;

    location /coffee {
        proxy_pass       http://127.0.0.1:v2rayPort;
        proxy_redirect             off;
        proxy_http_version         1.1;
        proxy_set_header Upgrade   $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host      $http_host;
    }

}

更新安装

# 删除老的服务
$ systemctl disable v2ray
$ systemctl stop v2ray
$ rm -rf /etc/systemd/system/v2ray.service
$ rm -rf /usr/bin/v2ray/
# 配置文件移动到新位置
$ mv /etc/v2ray/ /usr/local/etc/
$ chown -R nobody:nogroup /var/log/v2ray
# 安装新的
$ curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh
# geoip dat文件
$ curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-dat-release.sh
$ bash install-release.sh
$ bash install-dat-release.sh

$ systemctl daemon-reload
$ systemctl start v2ray
$ systemctl enable v2ray

V2Ray两个有用的命令

# 测试配置文件是否正确
$ v2ray -config /usr/local/etc/v2ray/config.json -test
# 生成新的UUID
$ v2ctl uuid