commit 40e064b2c8208ba2453dfdc30d2e5928ff4f1d41
Author: mack-a <57424792+mack-a@users.noreply.github.com>
Date: Wed Nov 6 10:58:06 2019 +0800
feat(init): init
diff --git a/.idea/workspace.xml b/.idea/workspace.xml
new file mode 100644
index 0000000..c700bb9
--- /dev/null
+++ b/.idea/workspace.xml
@@ -0,0 +1,138 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ jerry-ap/v2ray-network
+
+
+ mack-a/v2ray-agent
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 
+
+### 2.选择套餐
+- 如果仅仅只享受科学上网功能,选择free即可
+- 如果需要更好的网络环境、更快的速度,可选择相应的套餐
+
+
+### 3.根据提示修改godaddy的dns解析
+- cloudflare提示界面
+
+
+- godaddy DNS管理,根据上面的cloudflare提示界面修改为相应的dns
+
+
+## 4.增加cloudflare域名解析
+- 添加域名解析(记录),可以选择二级域名,这样就可以一个月解析到不同的服务器,name填写你要解析的二级域名的host部分,比如ls.example.com 只填写ls即可
+
+
+## 5.修改godaddy SSL/TLS
+- 如果vps选择使用https,需要把类型修改为Full
+
+
+# 2.vps配置Nginx、https
+## 1.安装Nginx
+```
+yum install nginx
+```
+## 2.nginx配置文件
+
+- 1.下载配置文件并替换默认文件
+```
+cd /etc/nginx&&rm -rf /etc/nginx/nginx.conf&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/nginx.conf
+# 如果缺少wget 则执行下面的命令,然后重复上面的命令
+yum install wget
+```
+- 将下载好的文件中关于ls.xxx.xyz的内容都替换成你的二级域名
+
+## 3.生成https
+
+- 1.安装acme.sh
+```
+curl https://get.acme.sh | sh
+% Total % Received % Xferd Average Speed Time Time Time Current
+ Dload Upload Total Spent Left Speed
+100 671 100 671 0 0 680 0 --:--:-- --:--:-- --:--:-- 679
+% Total % Received % Xferd Average Speed Time Time Time Current
+ Dload Upload Total Spent Left Speed
+100 112k 100 112k 0 0 690k 0 --:--:-- --:--:-- --:--:-- 693k
+[Fri 30 Dec 01:03:32 GMT 2016] Installing from online archive.
+[Fri 30 Dec 01:03:32 GMT 2016] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
+[Fri 30 Dec 01:03:33 GMT 2016] Extracting master.tar.gz
+[Fri 30 Dec 01:03:33 GMT 2016] Installing to /home/user/.acme.sh
+[Fri 30 Dec 01:03:33 GMT 2016] Installed to /home/user/.acme.sh/acme.sh
+[Fri 30 Dec 01:03:33 GMT 2016] Installing alias to '/home/user/.profile'
+[Fri 30 Dec 01:03:33 GMT 2016] OK, Close and reopen your terminal to start using acme.sh
+[Fri 30 Dec 01:03:33 GMT 2016] Installing cron job
+no crontab for user
+no crontab for user
+[Fri 30 Dec 01:03:33 GMT 2016] Good, bash is found, so change the shebang to use bash as preferred.
+[Fri 30 Dec 01:03:33 GMT 2016] OK
+[Fri 30 Dec 01:03:33 GMT 2016] Install success!
+```
+
+- 2.生成https证书
+```
+# 替换ls.xxx.xyz为自己的域名
+sudo ~/.acme.sh/acme.sh --issue -d ls.xxx.xyz --standalone -k ec-256
+
+# 如果提示Please install socat tools first.则执行,安装完成后继续重复执行上面的命令
+yum install socat
+```
+
+- 3.安装证书
+```
+# 替换ls.xxx.xyz为自己的域名
+~/.acme.sh/acme.sh --installcert -d ls.xxx.xyz --fullchainpath /etc/nginx/ls.xxx.xyz.crt --keypath /etc/nginx/ls.xxx.xyz.key --ecc
+```
+
+- 4.修改/etc/nginx/nginx.conf
+```
+# 将下面这部分前面的#去掉,并将ssl_certificate、ssl_certificate_key修改成自己的路径
+
+# ssl on;
+# ssl_certificate /etc/nginx/ls.xx.xyz.crt;
+# ssl_certificate_key /etc/nginx/ls.xx.xyz.key;
+# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+# ssl_prefer_server_ciphers on;
+```
+
+- 5.每一次生成https证书后有效期只有三个月,需要快过期时更新(剩余七天内可以重新生成)
+```
+# 替换ls.xxx.xyz为自己的域名
+sudo ~/.acme.sh/acme.sh --renew -d ls.xxx.xyz --force --ecc
+```
+
+# 3.配置v2ray
+## 1.安装v2ray
+
+```
+bash <(curl -L -s https://install.direct/go.sh)
+```
+
+## 2.v2ray配置文件
+
+- 下载config_ws_tls.json
+```
+cd&&wget https://raw.githubusercontent.com/mack-a/v2ray-agent/master/config/config_ws_tls.json
+```
+
+- 配置文件的id可以自己生成一个新的,替换即可
+```
+/usr/bin/v2ray/v2ctl uuid
+```
+
+## 3.启动v2ray
+```
+/usr/bin/v2ray/v2ray -config ./config_ws_tls.json&
+```
+
+# 4.客户端
+## 1.MacOS
+- 下载V2RayU[点我下载](https://github.com/yanue/V2rayU/releases/download/1.4.1/V2rayU.dmg)
+- 下载后打开,服务器设置,修改address即可
+
+
+- pac设置,添加下面的链接
+```
+https://raw.githubusercontent.com/gfwlist/gfwlist/master/gfwlist.txt
+```
+
+- 选择使用Pac模式,即可
+## 2.windows
+- 下载v2rayN[点我下载](https://github.com/2dust/v2rayN/releases/download/2.44/v2rayN.zip)
+- 使用方法 [点我查看](https://github.com/233boy/v2ray/wiki/V2RayN%E4%BD%BF%E7%94%A8%E6%95%99%E7%A8%8B)
+
+
+到这里就配置完成,可以测试是否能上被q的网站
+
+
+# 5.其余设置
+## 1.开机自启
+### 1.配置Nginx开机自启
+- 创建service文件
+```
+cd /etc/systemd/system&&touch nginxReboot.service
+```
+
+- 将下面内容复制到/etc/systemd/system/nginxReboot.service
+```
+[Unit]
+Description=nginx - high performance web server
+After=network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=forking
+PIDFile=/run/nginx.pid
+Environment=PATH=/root/.nvm/versions/node/v12.8.1/bin:/usr/bin/v2ray/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
+ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
+ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
+ExecReload=/usr/sbin/nginx -s reload
+ExecStop=/usr/sbin/nginx -s stop
+ExecQuit=/usr/sbin/nginx -s quit
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target
+```
+
+- 设置开机自启
+```
+sudo systemctl enable nginxReboot.service
+```
+- 可能出现的错误
+```
+# 可能会出现 (13: Permission denied) while connecting to upstream:[nginx]
+// 解决方法 执行下面的命令
+setsebool -P httpd_can_network_connect 1
+```
+
+### 2.配置v2ray_ws_tls开机自启
+- 创建service文件
+```
+cd /etc/systemd/system&&touch v2ray_ws_tls.service
+```
+
+- 将下面内容复制到/etc/systemd/system/v2ray_ws_tls.service
+```
+[Unit]
+Description=V2Ray WS TLS Service
+After=network.target
+Wants=network.target
+
+[Service]
+Type=simple
+PIDFile=/run/v2rayWSTLS.pid
+ExecStart=/usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
+Restart=on-failure
+# Don't restart in the case of configuration error
+RestartPreventExitStatus=23
+
+[Install]
+WantedBy=multi-user.target
+```
+- 设置开机自启
+```
+sudo systemctl enable v2ray_ws_tls.service
+```
+### 3.测试开机自启是否成功
+- 重启vps
+```
+reboot
+```
+- 重启后查看程序是否正常启动
+```
+# 执行下方命令查看v2ray是否启动
+ps -ef|grep v2ray
+
+root 4533 1 0 03:03 ? 00:00:00 /usr/bin/v2ray/v2ray -config /root/config_ws_tls.json
+root 4560 1287 0 03:04 pts/0 00:00:00 grep --color=auto v2ray
+
+# 执行下方命令查看nginx是否启动,
+ps -ef|grep nginx
+``
+root 762 1 0 02:20 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
+nginx 763 762 0 02:20 ? 00:00:00 nginx: worker process
+root 4562 1287 0 03:04 pts/0 00:00:00 grep --color=auto nginx
+```
+# 6.异常处理
+## 1.偶尔断流
+- 修改cloudflare Firwall Rules->create a Firewall rule
+- - 设置Field:URI path
+- - 设置:value:/v2
+- - Choose an action:Allow
+
+# 7.开启Centos bbr拥塞控制算法[我的测试机是centos 8]
+## 1.检查是否安装bbr
+- 有一些vps会自带bbr模块 比如搬瓦工的某些机器,执行下面命令
+```
+lsmod | grep bbr
+```
+- 如果输出类似内容则已经开启bbr 到这里就可以结束了
+```
+tcp_bbr 20480 28
+```
+## 2.yum更新
+```
+yum update
+```
+## 3.查看系统版本
+- 执行下面命令
+```
+cat /etc/redhat-release
+```
+
+- 如果release后面的数字大于7.3即可
+```
+CentOS Linux release 7.7.1908 (Core)
+```
+## 4.安装elrepo并升级内核
+- 分别依次执行下面命令
+```
+rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
+rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
+yum --enablerepo=elrepo-kernel install kernel-ml -y
+```
+- 正常情况下会输出下面内容
+```
+Transaction Summary
+================================================================================
+Install 1 Package
+Total download size: 39 M
+Installed size: 169 M
+Downloading packages:
+kernel-ml-4.9.0-1.el7.elrepo.x86_64.rpm | 39 MB 00:00
+Running transaction check
+Running transaction test
+Transaction test succeeded
+Running transaction
+Warning: RPMDB altered outside of yum.
+ Installing : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
+ Verifying : kernel-ml-4.9.0-1.el7.elrepo.x86_64 1/1
+Installed:
+ kernel-ml.x86_64 0:4.9.0-1.el7.elrepo
+Complete!
+```
+## 5.更新grud文件并重启
+- 依次执行下面的命令,重启后需要等待数秒重新使用ssh连接
+```
+egrep ^menuentry /etc/grub2.cfg | cut -f 2 -d \'
+grub2-set-default 0
+reboot
+```
+## 6.开机后检查内容是否为4.9及以上版本
+- 执行下面的命令
+```
+uname -r
+```
+- 输出结果
+```
+5.3.7-1.el7.elrepo.x86_64
+```
+## 7.开启bbr
+- 执行下面的命令
+```
+vim /etc/sysctl.conf
+```
+- 添加如下内容
+```
+net.core.default_qdisc = fq
+net.ipv4.tcp_congestion_control = bbr
+```
+- 加载系统参数
+```
+sysctl -p
+```
+## 8.验证bbr是否开启成功
+### 测试方法1
+- 执行下面的命令
+```
+sysctl net.ipv4.tcp_available_congestion_control
+```
+- 输出下面内容即为成功
+```
+net.ipv4.tcp_available_congestion_control = bbr cubic reno
+```
+
+### 测试方法2
+- 执行下面的命令
+```
+lsmod | grep bbr
+```
+- 输出下面内容即为成功
+```
+tcp_bbr 20480 28
+```
diff --git a/config/config_ws_tls.json b/config/config_ws_tls.json
new file mode 100644
index 0000000..b3799fa
--- /dev/null
+++ b/config/config_ws_tls.json
@@ -0,0 +1,79 @@
+{
+ "log": {
+ "access": "",
+ "error": "",
+ "loglevel": "debug"
+ },
+ "stats": {},
+ "api": {
+ "services": [
+ "StatsService"
+ ],
+ "tag": "api"
+ },
+ "policy": {
+ "levels": {
+ "1": {
+ "handshake": 4,
+ "connIdle": 300,
+ "uplinkOnly": 2,
+ "downlinkOnly": 5,
+ "statsUserUplink": false,
+ "statsUserDownlink": false
+ }
+ },
+ "system": {
+ "statsInboundUplink": true,
+ "statsInboundDownlink": true
+ }
+ },
+ "allocate": {
+ "strategy": "always",
+ "refresh": 5,
+ "concurrency": 3
+ },
+ "inbounds": [
+ {
+ "port": 31290,
+ "listen": "127.0.0.1",
+ "protocol": "vmess",
+ "settings": {
+ "clients": [
+ {
+ "id": "a4f7ef9b-6951-2397-098d-bb1e660b3805",
+ "alterId": 64,
+ "level": 1,
+ "email": "xxx_ls_ws_username@v2ray.com"
+ }
+ ]
+ },
+ "streamSettings": {
+ "network": "ws",
+ "wsSettings": {
+ "path": "/v2"
+ }
+ }
+ }
+ ],
+ "outbounds": [
+ {
+ "protocol": "freedom",
+ "settings": {
+ }
+ }
+ ],
+ "routing": {
+ "settings": {
+ "rules": [
+ {
+ "inboundTag": [
+ "api"
+ ],
+ "outboundTag": "api",
+ "type": "field"
+ }
+ ]
+ },
+ "strategy": "rules"
+ }
+}
diff --git a/config/nginx.conf b/config/nginx.conf
new file mode 100644
index 0000000..e433ff5
--- /dev/null
+++ b/config/nginx.conf
@@ -0,0 +1,88 @@
+# For more information on configuration, see:
+# * Official English Documentation: http://nginx.org/en/docs/
+# * Official Russian Documentation: http://nginx.org/ru/docs/
+
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log;
+pid /run/nginx.pid;
+
+# Load dynamic modules. See /usr/share/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+
+ access_log /var/log/nginx/access.log main;
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ # Load modular configuration files from the /etc/nginx/conf.d directory.
+ # See http://nginx.org/en/docs/ngx_core_module.html#include
+ # for more information.
+ include /etc/nginx/conf.d/*.conf;
+
+ server {
+ listen 80;
+ listen [::]:80;
+ server_name ls.xxx.xyz; # 这里需要修改为你的
+ root /usr/share/nginx/html;
+
+ # Load configuration files for the default server block.
+ include /etc/nginx/default.d/*.conf;
+
+ location / {
+ }
+ location ~ /.well-known {
+ allow all;
+ }
+ error_page 404 /404.html;
+ location = /40x.html {
+ }
+
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ }
+ }
+ #server {
+ # listen 80;
+ # server_name ls.xxx.xyz;
+ # return 301 https://$host$request_uri;
+ #}
+ server {
+ listen 443 ssl;
+ # ssl_certificate /etc/nginx/ls.xx.xyz.crt;
+ # ssl_certificate_key /etc/nginx/ls.xx.xyz.key;
+ # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ # ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+ # ssl_prefer_server_ciphers on;
+ server_name ls.xxx.xyz; # 这里需要修改
+ location / {
+ }
+ location /v2 {
+ proxy_redirect off;
+ proxy_pass http://127.0.0.1:31290;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ # proxy_set_header Host $http_host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ }
+
+ }
+}
diff --git a/fodder/cloudflare.png b/fodder/cloudflare.png
new file mode 100644
index 0000000..1e4a1e6
Binary files /dev/null and b/fodder/cloudflare.png differ
diff --git a/fodder/cloudflare_dns.png b/fodder/cloudflare_dns.png
new file mode 100644
index 0000000..c79e258
Binary files /dev/null and b/fodder/cloudflare_dns.png differ
diff --git a/fodder/cloudflare_plan.png b/fodder/cloudflare_plan.png
new file mode 100644
index 0000000..9ea610c
Binary files /dev/null and b/fodder/cloudflare_plan.png differ
diff --git a/fodder/cloudflare_record_dns.png b/fodder/cloudflare_record_dns.png
new file mode 100644
index 0000000..5e70ec1
Binary files /dev/null and b/fodder/cloudflare_record_dns.png differ
diff --git a/fodder/cloudflare_tls.png b/fodder/cloudflare_tls.png
new file mode 100644
index 0000000..fecb393
Binary files /dev/null and b/fodder/cloudflare_tls.png differ
diff --git a/fodder/godayddy_dns.png b/fodder/godayddy_dns.png
new file mode 100644
index 0000000..ec9b968
Binary files /dev/null and b/fodder/godayddy_dns.png differ
diff --git a/fodder/v2rayU_服务器配置.png b/fodder/v2rayU_服务器配置.png
new file mode 100644
index 0000000..73bbab1
Binary files /dev/null and b/fodder/v2rayU_服务器配置.png differ
diff --git a/install.sh b/install.sh
new file mode 100755
index 0000000..896c7f5
--- /dev/null
+++ b/install.sh
@@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+export PATH="/usr/bin/:#$PATH"
+nginxStatus=false
+v2rayStatus=false
+httpsStatus=false
+# todo 先完善正常步骤
+initNginx(){
+ echo -e '\033[36m 检查Nginx中... \033[0m'
+ existProcessNginx=`ps -ef|grep nginx|grep -v grep`
+ existNginx=`command -v nginx`
+ if [ -z "$existProcessNginx" ] && [ -z "$existNginx" ]
+ then
+ echo '安装Nginx中,如遇到是否安装输入y'
+ yum update
+ yum install nginx
+ echo '步骤二:Nginx安装成功,执行下一步'
+ installV2Ray
+ else
+ # todo
+ echo '检查到Nginx存在,是否停止并卸载,输入y/Y确认:'
+ read -e unstallStatus
+ if [[ $unstallStatus -eq "y" || $unstallStatus -eq "Y" ]]
+ then
+ echo '卸载'
+ else
+ echo '不卸载,停止脚本'
+ fi
+ fi
+}
+installHttps(){
+ echo 'https'
+}
+installV2Ray(){
+ echo -e '\033[36m 检查V2Ray中... \033[0m'
+
+}
+checkOS(){
+ systemVersion=`cat /etc/redhat-release|grep CentOS|awk '{print $1}'`
+ if [ -n "$systemVersion" ] && [ "$systemVersion" == "CentOS" ]
+ then
+ echo ''
+ echo -e '\033[35m步骤一:系统为CentOS,执行下一步 \033[0m'
+ return 1
+ else
+ echo '目前仅支持Centos'
+ fi
+}
+init(){
+ echo -e "\033[35m此脚本会执行以下内容: \033[0m"
+ echo -e "\033[36m 1.检查系统版本是否为CentOS \033[0m"
+ echo -e "\033[36m 2.检测nginx是否安装并配置 \033[0m"
+ echo -e "\033[36m 3.检测https是否安装并配置 \033[0m"
+ echo -e "\033[36m 4.检测V2Ray是否安装并配置 \033[0m"
+ echo -e "\033[35m是否进入手动模式y,键入回车进入自动模式: \033[0m"
+ read -e automatic
+ if [ "$automatic" = "y" ]
+ then
+ echo '手动模式'
+ else
+ checkOS
+ echo "$?"
+ fi
+}
+init