Jianrry 大佬有话说 :
V2Ray 一直无法连接,有报错信息
这个问题已经困扰我3天了,一直没有解决,请教一下各位18cm的mjj该如何解决这个问题。
我使用了 docker compose 部署了 V2Ray 的 vmess + tls + ws 方案,容器可以正常运行,却一直无法连接。
下面的是我的配置文件,麻烦帮忙看一下,配置是否出错了。
docker-compose.yml (docker compose 配置文件)
version: ‘3’
services:
nginx:
# 镜像
image: nginx
# 容器名
container_name: nginx
# 端口
ports:
# 80 端口
– "80:80"
# 443 端口
– "443:443"
# 数据卷
volumes:
# Nginx 配置文件夹
– "./nginx/config:/etc/nginx/conf.d"
# Nginx 站点的根目录
– "./nginx/html:/html"
# Nginx 日志文件夹
– "./nginx/log:/log"
# SSL 证书文件夹
– "./nginx/ssl:/ssl"
# 在容器退出时,总是重启容器
restart: always
v2ray:
# 镜像
image: v2ray/official
# 容器名
container_name: v2ray
# 数据卷
volumes:
# V2Ray 配置文件
– ./v2ray/config/config.json:/etc/v2ray/config.json
# V2Ray 访问日志文件
– ./v2ray/log/access.log:/var/log/v2ray/access.log
# V2Ray 错误日志文件
– ./v2ray/log/error.log:/var/log/v2ray/error.log
# 在容器退出时,总是重启容器
restart: always
v2ray.conf (Nginx 配置文件)
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /path/to/cert/file;
ssl_certificate_key /path/to/cert/file;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
server_name domain.com;
# 与 V2Ray 配置中的 path 保持一致
location /v2ray {
# WebSocket协商失败时返回404
if ($http_upgrade != "websocket") {
return 404;
}
proxy_redirect off;
# 假设WebSocket监听在环回地址的10000端口上
proxy_pass http://v2ray:1024;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
# Show real IP in v2ray access.log
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# 访问日志
access_log/log/domain.com.log;
}
V2Ray 服务器配置文件
{
"log": {
"loglevel": "warning",
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log"
},
"inbounds": [
{
"port": 1024,
"listen":"127.0.0.1",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "uuid",
"alterId": 0
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/v2ray"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}
V2Ray 客户端配置文件
// 通过 V2RayN 导出为客户端配置文件
{
"policy": {
"system": {
"statsOutboundUplink": true,
"statsOutboundDownlink": true
}
},
"log": {
"access": "",
"error": "",
"loglevel": "warning"
},
"inbounds": [
{
"tag": "socks",
"port": 10808,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
},
{
"tag": "http",
"port": 10809,
"listen": "127.0.0.1",
"protocol": "http",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"udp": false,
"allowTransparent": false
}
},
{
"tag": "api",
"port": 59712,
"listen": "127.0.0.1",
"protocol": "dokodemo-door",
"settings": {
"udp": false,
"address": "127.0.0.1",
"allowTransparent": false
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "domain.com",
"port": 443,
"users": [
{
"id": "uuid",
"alterId": 0,
"email": "[email protected]",
"security": "auto"
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"tlsSettings": {
"allowInsecure": true,
"serverName": "domain.com"
},
"wsSettings": {
"path": "/v2ray",
"headers": {
"Host": "domain.com"
}
}
},
"mux": {
"enabled": false,
"concurrency": -1
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
}
],
"stats": {},
"api": {
"tag": "api",
"services": [
"StatsService"
]
},
"routing": {
"domainStrategy": "IPIfNonMatch",
"domainMatcher": "linear",
"rules": [
{
"type": "field",
"inboundTag": [
"api"
],
"outboundTag": "api",
"enabled": true
},
{
"type": "field",
"port": "0-65535",
"outboundTag": "proxy",
"enabled": true
}
]
}
}
domain.com.log (Nginx 日志文件)
162.142.125.210 – – "GET / HTTP/1.1" 404 153 "-" "-"
162.142.125.210 – – "GET / HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
172.70.210.164 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.70.210.164 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
V2Ray 服务端日志文件
2022/07/19 09:57:02 v2ray.com/core: V2Ray 4.22.1 started
V2Ray 客户端日志文件
// 在这里附上客户端日志
配置成功
V2Ray(v2ray***com:443)
启动服务(2022/7/19 18:35:25)…
V2Ray 4.42.2 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.17.1 windows/386)
A unified platform for anti-**ship.
2022/07/19 18:35:25 main/jsonem: Reading config: D:Softwarev2rayN-Coreconfig.json
2022/07/19 18:35:25 V2Ray 4.42.2 started
2022/07/19 18:35:25 127.0.0.1:61280 accepted //mtalk.google.com:5228
2022/07/19 18:35:25 127.0.0.1:61281 accepted //bl3301.storage.live.com:443
2022/07/19 18:35:26 127.0.0.1:61286 accepted tcp:127.0.0.1:0
2022/07/19 18:35:30 127.0.0.1:61292 accepted //www.google.com:443
2022/07/19 18:35:30 127.0.0.1:61294 accepted //alive.github.com:443
2022/07/19 18:35:35 127.0.0.1:61308 accepted //alive.github.com:443
2022/07/19 18:35:36 app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: > common/retry: all retry attempts failed
2022/07/19 18:35:36 127.0.0.1:61311 accepted //mtalk.google.com:5228
2022/07/19 18:35:39 app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: > common/retry: all retry attempts failed
2022/07/19 18:35:39 127.0.0.1:61321 accepted //alive.github.com:443
2022/07/19 18:35:40 app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: > common/retry: all retry attempts failed
2022/07/19 18:35:40 127.0.0.1:61326 accepted //www.google.com:443
摩卡 大佬有话说 :
本帖最后由 摩卡 于 2022-7-20 10:56 编辑
看下nginx的日志 有没有转发到v2容器
另外我看v2容器没有配置端口号 你配置下端口映射规则试试?
toot 大佬有话说 :
用aapanrl面板吧。方便管理https://daima.eu.org/post/bt-v2ray/
汤家凤 大佬有话说 :
别的不说,先校时,保证二者相差不超过90s
CC大魔王 大佬有话说 :
domain.com 是本来就是这样写的,还是你打码了的
Jianrry 大佬有话说 :
本帖最后由 Jianrry 于 2022-7-20 11:11 编辑
摩卡 大佬有话说 : 2022-7-20 10:52
看下nginx的日志 有没有转发到v2容器
另外我看v2容器没有配置端口号 你配置下端口映射规则试试? …
我不知道如何判断是否转发,麻烦大佬帮我看一下,下面是 nginx 的日志文件。
162.142.125.210 – – "GET / HTTP/1.1" 404 153 "-" "-"
162.142.125.210 – – "GET / HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
172.70.210.164 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.70.210.164 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.68.254.38 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.68.254.38 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.70.214.84 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
另外我看v2容器没有配置端口号 你配置下端口映射规则试试?
v2 容器用的是 1024 端口,通过 nginx 反向代理转发到 443 端口,443 端口映射为本机的 443 端口,这个已经配置了。
V2Ray 服务器配置文件
…
"inbounds": [
{
"port": 1024,
…
v2ray.conf (Nginx 配置文件)
…
# 假设WebSocket监听在环回地址的10000端口上
proxy_pass http://v2ray:1024;
…
docker-compose.yml (docker compose 配置文件)
…
# 端口
ports:
# 80 端口
– "80:80"
# 443 端口
– "443:443"
…
Jianrry 大佬有话说 :
toot 大佬有话说 : 2022-7-20 10:52
用aapanrl面板吧。方便管理https://daima.eu.org/post/bt-v2ray/
不习惯用面板,习惯用 docker 一把梭了。。。
Jianrry 大佬有话说 :
汤家凤 大佬有话说 : 2022-7-20 11:01
别的不说,先校时,保证二者相差不超过90s
已经修改时区 和 校时 了,服务器时间和本机时间相差不到1min.
一颗赛艇 大佬有话说 :
nginx 报错502 说明连接不到后端
再看你的docker compose文件,两个容器之间没有定义关联网络,两个容器网络是不通的
要么用link关联 要么定义一个网络两个容器加入
参考 https://docs.docker.com/compose/networking/
Jianrry 大佬有话说 :
CC大魔王 大佬有话说 : 2022-7-20 11:04
domain.com 是本来就是这样写的,还是你打码了的
打了码,将 我的域名修改为了 domain.com ,为了防止别人恶意攻击。