V2fly-vless-tcp-tls-max

Aug 14, 2020 v2fly vless nginx tls tcp cetbot
Share on:

V2fly+vless+tcp+tls+max

Ubuntu 20.04

install v2fly create config.json

1bash <(curl -sL https://git.io/v2fly.sh);rm -f /usr/local/etc/v2ray/*.json;nano /usr/local/etc/v2ray/config.json

在线uuid抽奖

1https://www.v2fly.org/awesome/tools.html#%E5%9C%A8%E7%BA%BF%E5%B7%A5%E5%85%B7

server json

 1{
 2    "log": {
 3        "loglevel": "warning"
 4    },
 5    "inbounds": [
 6        {
 7            "port": 443,
 8            "protocol": "vless",
 9            "settings": {
10                "clients": [
11                    {
12                        "id": "9c9d2224-ce6d-4546-ade8-4a7d4bf91eb8",
13                        "level": 0,
14                        "email": "lovsssse@v2fly.org"
15                    }
16                ],
17                "decryption": "none",
18                "fallback": {
19                    "unix": "/dev/shm/default.sock",
20                    "xver": 1
21                },
22                "fallback_h2": {
23                    "unix": "/dev/shm/h2.sock",
24                    "xver": 1
25                }
26            },
27            "streamSettings": {
28                "network": "tcp",
29                "security": "tls",
30                "tlsSettings": {
31                    "alpn": [
32                        "h2",
33                        "http/1.1"
34                    ],
35                    "certificates": [
36                        {
37                            "certificateFile": "/etc/letsencrypt/live/951.scaleya.xyz/fullchain.pem",
38                            "keyFile": "/etc/letsencrypt/live/951.scaleya.xyz/privkey.pem"
39                        }
40                    ]
41                }
42            }
43        }
44    ],
45    "outbounds": [
46        {
47            "protocol": "freedom"
48        }
49    ]
50}

install certbot

1sudo apt update;sudo snap install --classic certbot;fuser -k 80/tcp;sudo certbot certonly --standalone --register-unsafely-without-email --agree-tos

/etc/letsencrypt/live/951.scaleya.xyz/fullchain.pem

/etc/letsencrypt/live/951.scaleya.xyz/privkey.pem

1chown -R nobody /etc/letsencrypt

nginx

1apt install nginx -y;echo "" > /etc/nginx/nginx.conf;nano /etc/nginx/nginx.conf

  1user www-data;
  2worker_processes auto;
  3pid /run/nginx.pid;
  4error_log /var/log/nginx/error.log;
  5include /etc/nginx/modules-enabled/*.conf;
  6
  7events {
  8        worker_connections 768;
  9        # multi_accept on;
 10}
 11
 12http {
 13
 14        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
 15                      '$status $body_bytes_sent "$http_referer" '
 16                      '"$http_user_agent" "$http_x_forwarded_for" '
 17                      '$proxy_protocol_addr:$proxy_protocol_port';
 18        ##
 19        # Basic Settings
 20        ##
 21
 22        sendfile on;
 23        tcp_nopush on;
 24        tcp_nodelay on;
 25        keepalive_timeout 65;
 26        types_hash_max_size 2048;
 27        # server_tokens off;
 28
 29        # server_names_hash_bucket_size 64;
 30        # server_name_in_redirect off;
 31
 32        include /etc/nginx/mime.types;
 33        default_type application/octet-stream;
 34
 35        ##
 36        # SSL Settings
 37        ##
 38
 39        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
 40        ssl_prefer_server_ciphers on;
 41
 42        ##
 43        # Logging Settings
 44        ##
 45
 46        access_log /var/log/nginx/access.log;
 47        error_log /var/log/nginx/error.log;
 48
 49        ##
 50        # Gzip Settings
 51        ##
 52
 53        gzip on;
 54
 55        # gzip_vary on;
 56        # gzip_proxied any;
 57        # gzip_comp_level 6;
 58        # gzip_buffers 16 8k;
 59        # gzip_http_version 1.1;
 60        # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
 61
 62        ##
 63        # Virtual Host Configs
 64        ##
 65
 66        include /etc/nginx/conf.d/*.conf;
 67        include /etc/nginx/sites-enabled/*;
 68
 69            server {
 70        #listen       80 default_server;
 71        #listen       [::]:80 default_server;
 72        listen       [::]:80 default ipv6only=off;
 73        return       301 https://$http_host$request_uri;
 74    }
 75
 76    server {
 77        listen       unix:/dev/shm/default.sock proxy_protocol;
 78        server_name  _;
 79        root         /usr/share/nginx/html;
 80
 81        set_real_ip_from 127.0.0.1;
 82
 83        # Load configuration files for the default server block.
 84        include /etc/nginx/default.d/*.conf;
 85
 86        location / {
 87        }
 88
 89        error_page 404 /404.html;
 90            location = /40x.html {
 91        }
 92
 93        error_page 500 502 503 504 /50x.html;
 94            location = /50x.html {
 95        }
 96    }
 97
 98    server {
 99        listen       unix:/dev/shm/h2.sock http2 proxy_protocol;
100        server_name  _;
101        root         /usr/share/nginx/html;
102
103        set_real_ip_from 127.0.0.1;
104
105        # Load configuration files for the default server block.
106        include /etc/nginx/default.d/*.conf;
107
108        location / {
109        }
110
111        error_page 404 /404.html;
112            location = /40x.html {
113        }
114
115        error_page 500 502 503 504 /50x.html;
116            location = /50x.html {
117        }
118    }
119}

1rm /dev/shm/*.sock;rm /etc/nginx/sites-available/*;rm /etc/nginx/sites-enabled/*
2systemctl enable nginx;systemctl stop nginx;systemctl start nginx;journalctl -u nginx | tail -20
3systemctl enable v2ray;systemctl stop v2ray;systemctl start v2ray;journalctl -u v2ray | tail -20