Renzheng 大佬有话说 :
Nginx + 5hadowsocs-libev + v2ray-plugin
本帖最后由 Renzheng 于 2020-2-25 20:01 编辑
今天尝试使用 Nginx 反向代理 shadowsocks-libev + v2ray-plugin 实现分流,使得网站和 v2ray-plugin 共存,但是好像配置失败了,一直连不上。在这里问问各位大佬到底是哪里出了问题?谢谢
无需推荐 v2ray 了, 这和 v2ray 的 WebSocket+TLS+Web 如出一辙。机场也就别来打广告了。
shadowsocks-libev 配置文件
root@iZt4ngiff6xe6fa04n7ew4Z:~# cat /etc/shadowsocks-libev/config.json
{
"server":"0.0.0.0",
"server_port":8443,
"password":"password",
"timeout":300,
"user":"nobody",
"method":"chacha20-ietf-poly1305",
"fast_open":false,
"nameserver":"8.8.8.8",
"mode":"tcp_and_udp",
"plugin":"v2ray-plugin",
"plugin_opts":"server;path=/image;loglevel=none"
}
nginx 配置文件,域名已经使用 example.com 替代了。
root@iZt4ngiff6xe6fa04n7ew4Z:~# cat /usr/local/nginx/conf/vhost/example.com.conf
server
{
listen 80;
#listen [::]:80;
server_name example.com;
return 301 https://example.com$request_uri;
}
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name example.com ;
index index.html index.htm index.php default.html default.htm default.php;
root/home/wwwroot/example.com;
ssl_certificate /usr/local/nginx/conf/ssl/example.com/fullchain.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl/example.com/private.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
include rewrite/typecho.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*.php$ { deny all; }
include enable-php-pathinfo.conf;
location /image {
proxy_redirect off;
proxy_http_version 1.1;
proxy_pass http://127.0.0.1:8443;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /.
{
deny all;
}
access_log/home/wwwlogs/example.com.log;
}
本地客户端配置
https://i.loli.net/2020/02/25/ZJHyWkG4oIqEuv3.png
shadowsocks-libev status
https://i.loli.net/2020/02/25/DfuqNy6Zz1jcdbE.png
example.com 访问日志
cat /home/wwwlogs/example.com.log
https://i.loli.net/2020/02/25/ljEVg8HbYKJqSeN.png
Renzheng 大佬有话说 :
如果把 Nginx 关闭,将 shadowsocks 改用 443端口,即使用如下配置是可以使用的。
{
"server":"0.0.0.0",
"server_port":443,
"password":"passsword",
"timeout":300,
"user":"nobody",
"method":"chacha20-ietf-poly1305",
"fast_open":false,
"nameserver":"8.8.8.8",
"mode":"tcp_and_udp",
"plugin": "v2ray-plugin",
"plugin_opts": "server;tls;host=example.com;cert=/usr/local/nginx/conf/ssl/example.com/fullchain.cer;key=/usr/local/nginx/conf/ssl/example.com/example.com.key"
}
三不 大佬有话说 :
你要搭建这么复杂的做什么?签名省心吧
kfen 大佬有话说 :
省省吧,你这样折腾来折腾去还不如直接上原版V2? 大佬教程也多的是。。。:lol:lol:lol:lol:lol:lol
Renzheng 大佬有话说 :
三不 大佬有话说 : 2020-2-25 19:53
你要搭建这么复杂的做什么?签名省心吧
这样更加安全呐
茎肛互撸娃 大佬有话说 :
三不 大佬有话说 : 2020-2-25 19:53
你要搭建这么复杂的做什么?签名省心吧
机场是自己的挂了,应急用但是我已经用机场已经一个月了还真的不错yc010t
rockyou 大佬有话说 :
为毛不直接上V2
Renzheng 大佬有话说 :
rockyou 大佬有话说 : 2020-2-25 19:58
为毛不直接上V2
因为 v2ray 的WebSocket+TLS+Web 也是这么配置的
allen3201 大佬有话说 :
"server":"127.0.0.1",
试试
焕123 大佬有话说 :
源站的nginx监听一下ip试试看