Skip to content

Instantly share code, notes, and snippets.

@tanpengsccd

tanpengsccd/config.json

Last active April 30, 2024 06:12
Show Gist options
  • Save tanpengsccd/998dce1063d6a5435d0c5c6821d3db2f to your computer and use it in GitHub Desktop.
Save tanpengsccd/998dce1063d6a5435d0c5c6821d3db2f to your computer and use it in GitHub Desktop.
Download ZIP
v2ray服务端 json 配置 文件
Raw
config.json
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "warning"
},
"inbound": { //理论最安全的方式 ws,有条件加上TLS
"port": 20080, //开启的端口,建议实用caddy加上TLS加密
"protocol": "vmess",
"listen": null,
"settings": {
"ip": null,
"udp": true,
"clients": [
{
"alterId": 100,
"security": "auto",
"id": "cf390ac1-595a-4f4b-b56d-6f048f01444c"
}
],
"auth": null
},
"streamSettings": {
"network": "ws", //websocket 长连接
"kcpSettings": null,
"wsSettings": {
"connectionReuse": true,
"path": "/home"
},
"tcpSettings": null,
"tlsSettings": {},
"security": ""
}
},
"inboundDetour": [
{//最轻负载方式,推荐移动设备
"port": 34001,
"protocol": "vmess", //vmess 协议
"settings": {
"clients": [
{
"id": "7fab440d-f1e9-419e-b7cb-ba6ba9a21374",
"level": 0,
"security": "auto", //自动选择(运行框架为 AMD64、ARM64 或 s390x 时为aes-128-gcm加密方式,其他情况则为 Chacha20-Poly1305 加密方式)
"alterId": 64
}
]
},
"streamSettings": {
"network": "tcp" //默认tcp时,可直接省略streamSettings
}
},
{//SS是最通用的方式,但非常容易被检测被墙,下下策
"port": 34000,
"protocol": "shadowsocks", // 此段为支持SS协议部分,V2ray不支持SSR
"settings": {
"method": "aes-256-cfb",
"password": "Tanpeng123",
"udp": true //是否支持UDP中转,游戏大多数需要,如SSTAP 加速游戏需要此项,
}
},
{//游戏用,将tcp包转为udp发送,部分服务商对udp限制非常严格,可能反而不如一般tcp,mKCP不一定所有客户端都支持
"port": 34006, //记得打开设置防火墙和安全组规则(如ECS需要设置)
"protocol": "vmess", //vmess 协议
"settings": {
"clients": [
{
"id": "7fab440d-f1e9-419e-b7cb-ba6ba9a21373",
"level": 0,
"security": "auto", //自动选择(运行框架为 AMD64、ARM64 或 s390x 时为aes-128-gcm加密方式,其他情况则为 Chacha20-Poly1305 加密方式)
"alterId": 64
}
]
},
"streamSettings": {
"network": "kcp" //kcp 可以加速,实际是UDP 协议
}
}
],
"outbound": {
"protocol": "freedom",
"settings": {}
},
"outboundDetour": [
{
"protocol": "freedom",
"settings": {}
},
{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}
],
"routing": {
"strategy": "rules",
"settings": {
"rules": [
{
"type": "field",
"ip": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.0.0.0/24",
"192.0.2.0/24",
"192.168.0.0/16",
"198.18.0.0/15",
"198.51.100.0/24",
"203.0.113.0/24",
"::1/128",
"fc00::/7",
"fe80::/10"
],
"outboundTag": "blocked"
}
]
}
}
}
@tanpengsccd
Copy link
Author

tanpengsccd commented Sep 23, 2019
edited
Loading

安装 caddy 以自动获取 ATS 证书
需要开启80 ,443端口

安装caddy

curl https://getcaddy.com | bash -s personal 

sudo mkdir /etc/caddy
sudo touch /etc/caddy/Caddyfile
sudo chown -R root:root /etc/caddy

sudo mkdir /etc/ssl/caddy
sudo chown -R root:root /etc/ssl/caddy
sudo chmod 0770 /etc/ssl/caddy

配置caddy 转发 ,和自动获取证书

emacs /etc/caddy/Caddyfile

cac0.h6.work
{
  #v2ray
  #log ./caddy.log
  tls [email protected] #改成你自己的邮箱
  proxy /home localhost:20080 {
        websocket
        header_upstream -Origin
  }

}

sed替换修改cac0.h6.work 为你自己的域名, YOURHOSTNAME改成你自己的

sed -i 's/cac0.h6.work/YOURHOSTNAME/g' /etc/caddy/Caddyfile

获取caddy启动项

sudo curl -s https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service -o /etc/systemd/system/caddy.service

可能需要修改执行的user 和 group,把www-data替换为root ,但其实不推荐root执行

捕获“=” 替换www-data 为 root

sed -i 's/\(=\)www-data/\1root/g' /etc/systemd/system/caddy.service

启动项开启

systemctl enable caddy
systemctl start caddy
systemctl status caddy

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment