Caterpillar in the tree   ·   About Me

ubuntu下v2ray+nginx+cdn简单配置及youtube视频下载方法

Table of Contents

1 简介

v2ray 主要用以数据的加密传输,项目主页:https://github.com/v2ray/v2ray-core

nginx的配置原理是:直接通过 http/https 访问 vps 的数据会被nginx解释,并返回nginx提供的内容;但访问某特定路径的的数据会被转发给v2ray所监听的端口。使得监控方难以简单的判定该流量是否非法。

CDN 则负责将你对域名的访问解析为其ip库中的ip, 并通过该ip将数据转发给你的真实ip。其本意是对数据访问进行加速,但在这里直到隐藏真实ip的目的。

2 v2ray安装方法

wget https://install.direct/go.sh
sudo bash go.sh

Add /usr/bin/v2ray to $PATH

3 域名和CDN配置

注册 cloudflare 账号,配置使用其CDN功能。

购买或申请免费域名,在域名管理中将 DNS 设置为 cloudflare 提供的域名服务器。

4 nginx配置

编辑配置文件 /etc/nginx/sites-available/default

server {
	listen 80 default_server;
	listen [::]:80 default_server;

	# SSL configuration
	#
	listen 443 ssl default_server;
	listen [::]:443 ssl default_server;

	location /your_path { # 路径为上面的路径
		proxy_redirect off;
		proxy_pass http://127.0.0.1:your_port; # 端口要变成v2ray运行的端口
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";
		proxy_set_header Host $http_host;
	}

	root /var/www/html;

	# Add index.php to the list if you are using PHP
	index index.html index.htm index.nginx-debian.html;

	server_name www.soulbound.site;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
	}
}

5 服务端配置

{
    "log": {
	"access": "/var/log/v2ray/access.log",
	"error": "/var/log/v2ray/error.log",
	"loglevel": "warning"
    },
    "inbounds": [
	{
	    "port": your_port,
	    "protocol": "vmess",
	    "settings": {
		"clients": [
		    {
			"id": "your_uuid",
			"level": 1,
			"alterId": 233
		    }
		]
	    },
	    "streamSettings": {
		"wsSettings":{
		    "path":"/your_path",
		    "headers":{}
		},
		"network":"ws"
	    },
	    "sniffing": {
		"enabled": true,
		"destOverride": [
		    "http",
		    "tls"
		]
	    }
	}

    ],
    "outbounds": [
	{
	    "protocol": "freedom",
	    "settings": {}
	},
	{
	    "protocol": "blackhole",
	    "settings": {},
	    "tag": "blocked"
	},
	{
	    "protocol": "freedom",
	    "settings": {},
	    "tag": "direct"
	},
	{
	    "protocol": "mtproto",
	    "settings": {},
	    "tag": "tg-out"
	}

    ],
    "dns": {
	"server": [
	    "1.1.1.1",
	    "1.0.0.1",
	    "8.8.8.8",
	    "8.8.4.4",
	    "localhost"
	]
    },
    "routing": {
	"domainStrategy": "IPOnDemand",
	"rules": [
	    {
		"type": "field",
		"ip": [
		    "0.0.0.0/8",
		    "::1/128",
		    "fc00::/7",
		    "fe80::/10"
		],
		"outboundTag": "blocked"
	    },
	    {
		"type": "field",
		"inboundTag": ["tg-in"],
		"outboundTag": "tg-out"
	    }
	    ,
	    {
		"type": "field",
		"domain": [
		    "domain:shenyun.com"
		],
		"outboundTag": "blocked"
	    }                       ,
	    {
		"type": "field",
		"protocol": [
		    "bittorrent"
		],
		"outboundTag": "blocked"
	    }
	]
    },
    "transport": {
	"kcpSettings": {
	    "uplinkCapacity": 100,
	    "downlinkCapacity": 100,
	    "congestion": true
	},
	"sockopt": {
	    "tcpFastOpen": true
	}
    }
}

Create firewall rules to enable Igress and Egress of the port by the following command or you should do it on your vps control panel.

iptables -A INPUT -p udp -m state --state NEW -m udp --dport 16028 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 16028 -j ACCEPT

6 客服端配置

{
    "inbounds": [{
	"port": 1080,  // SOCKS 代理端口,在浏览器中需配置代理并指向这个端口
	"listen": "127.0.0.1",
	"protocol": "socks",
	"domainOverride": ["tls","http"],
	"settings": {
	    "auth": "noauth"
	}
    }],
    "outbounds": [{
	"protocol": "vmess",
	"settings": {
	    "vnext": [{
		"address": "your_site", // 服务器地址,请修改为你自己的服务器 ip 或域名
		"port": 443,  // 服务器端口
		"users": [{
		    "id": "your_uuid",
		    "alterId": 233
		}]
	    }]
	}
    },{
	"protocol": "freedom",
	"tag": "direct",
	"settings": {}
    }],
    "routing": {
	"domainStrategy":"IPOnDemand",
	"rules": [
	    {
		"type": "field",
		"outboundTag": "direct",
		"domain": [
		    "geosite:cn"
		]

	    },
	    {
		"type": "field",
		"outboundTag": "direct",
		"ip": [
		    "0.0.0.0\/8",
		    "10.0.0.0\/8",
		    "100.64.0.0\/10",
		    "127.0.0.0\/8",
		    "169.254.0.0\/16",
		    "172.16.0.0\/12",
		    "192.0.0.0\/24",
		    "192.0.2.0\/24",
		    "192.168.0.0\/16",
		    "198.18.0.0\/15",
		    "198.51.100.0\/24",
		    "203.0.113.0\/24",
		    "::1\/128",
		    "fc00::\/7",
		    "fe80::\/10",
		    "geoip:cn",
		    "geoip:private"
		]
	    }
	]
    }
}



sudo service v2ray restart

7 通过docker配置

sudo apt install docker.io
sudo usermod -aG docker ${USER}

docker pull v2ray/official
docker run -d --name v2ray -v /etc/v2ray:/etc/v2ray -p 443:443 v2ray/official  v2ray -config=/etc/v2ray/config.json

8 浏览器配置

设置且仅设置socks5代理,指向127.0.0.1:1080。

9 youtube视频下载

安装youtube-dl:

https://ytdl-org.github.io/youtube-dl/

执行以下命令下载视频:

youtube-dl --proxy socks5://127.0.0.1:1080/ -F https://www.youtube.com/watch?v=ll_OioxmtRs&t=932s
youtube-dl --proxy socks5://127.0.0.1:1080/ -f 136 https://www.youtube.com/watch?v=ll_OioxmtRs&t=932s
youtube-dl -v --embed-subs --write-auto-sub --proxy socks5://127.0.0.1:1080/ -f 136 https://www.youtube.com/watch?v=ll_OioxmtRs&t=932s # With subtitle