Prepare
Enter to project root
cd ~
Create directory for v2ray and enter to this directory
mkdir v2ray
cd v2ray
Check the OS bit
uname -a
uname -m
Download and unzip the related version
wget https://github.com/v2ray/v2ray-core/releases/download/v4.21.3/v2ray-linux-32.zip -O v2ray-linux-32-4.21.3.zip
unzip v2ray-linux-32-4.21.3.zip
List all files after unzip
ls -la
Generate the v2ray path
v2ray_path=$(head /dev/urandom | tr -dc 0-9a-zA-Z | head -c 12)
Generate the v2ray port
v2ray_port=$(shuf -i 10000-65000 -n 1)
Generate the v2ray client id
v2ray_client_id=$(head /proc/sys/kernel/random/uuid)
Generate the v2ray client alter id
v2ray_client_alter_id=$(shuf -i 0-100 -n 1)
Cloudflare
- Login to the control panel
- add the domain name and point to your server
- set the ssl/tls encryption mode to Full (Flexible will cause
TOO_MANY_REDIRECTS
)
Nginx
Edit nginx config
vim /path/to/nginx/conf/my.domain.com.conf
With Content
server {
listen 80;
server_name my.domain.com;
return 301 https://my.domain.com$request_uri;
}
server {
listen 443 ssl http2;
charset utf-8;
server_name my.domain.com;
root /www/root/my.domain.com;
index index.html index.htm index.php;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
ssl_certificate /path/to/cert/live/my.domain.com/fullchain.pem;
ssl_certificate_key /path/to/cert/live/my.domain.com/privkey.pem;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;";
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 valid=300s;
resolver_timeout 10s;
location ^~ /.well-known/acme-challenge/ {
root /usr/local/nginx/html;
try_files $uri =404;
}
location /__V2RAY_PATH__ {
proxy_redirect off;
proxy_pass http://127.0.0.1:__V2RAY_PORT__;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_connect_timeout 300s;
fastcgi_read_timeout 300s;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
location ~ /.*\.db {
deny all;
}
}
Replace the v2ray path variable in nginx config
sed -i "s/__V2RAY_PATH__/$v2ray_path/" /path/to/nginx/conf/my.domain.com.conf
Replace the v2ray port variable in nginx config
sed -i "s/__V2RAY_PORT__/$v2ray_port/" /path/to/nginx/conf/my.domain.com.conf
Create directory for domain root
mkdir /www/root/my.domain.com
Create dummy index page
echo "Hello World" > /www/root/my.domain.com/index.html
Change the owner for the domain root
chown -Rf www:www /www/root/my.domain.com
Generate the cert for domain
letsencrypt certonly --webroot -w /path/to/nginx/html -d my.domain.com --email [email protected] --agree-tos --renew-by-default
Restart nginx
/path/to/script/nginx.sh test
/path/to/script/nginx.sh restart
V2Ray
Create custom config and logs directories
mkdir config
mkdir logs
Create server config
vim config/server.json
With content
{
"log":{
"loglevel": "warning",
"access": "__V2RAY_LOG_PATH__/access.log",
"error": "__V2RAY_LOG_PATH__/error.log"
},
"inbounds": [
{
"port": __V2RAY_PORT__,
"listen": "127.0.0.1",
"tag": "vmess-in",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "__V2RAY_CLIENT_ID__",
"alterId": __V2RAY_CLIENT_ALTER_ID__
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/__V2RAY_PATH__"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {},
"tag": "direct"
},
{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}
],
"dns": {
"server": [
"1.1.1.1",
"1.0.0.1",
"8.8.8.8",
"8.8.4.4",
"localhost"
]
},
"routing": {
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"outboundTag": "blocked",
"ip": [
"geoip:private"
]
},
{
"type": "field",
"outboundTag": "blocked",
"domain": [
"geosite:category-ads-all"
]
}
]
}
}
Replace the v2ray log path in server config
sed -i "s#__V2RAY_LOG_PATH__#/path/to/logs#" config/server.json
Replace the v2ray port in server config
sed -i "s/__V2RAY_PORT__/$v2ray_port/" config/server.json
Replace the v2ray client id in server config
sed -i "s/__V2RAY_CLIENT_ID__/$v2ray_client_id/" config/server.json
Replace the v2ray client alter id in server config
sed -i "s/__V2RAY_CLIENT_ALTER_ID__/$v2ray_client_alter_id/" config/server.json
Replace the v2ray path in server config
sed -i "s/__V2RAY_PATH__/$v2ray_path/" config/server.json
Test the v2ray server config
./v2ray -config ./config/server.json -test
Start the v2ray server
./v2ray -config ./config/server.json
Add it to rc.local
screen -dmS v2ray /path/to/v2ray -config /path/to/v2ray/config/server.json