V2RAY+WS+TLS的配置(caddy,nginx,apache)

这是 apache 的配置放到 VirtualHost *:443这个标签里面.

#使用之前需要在ssh下开启一下模块

sudo a2enmod ssl
sudo a2enmod proxy
sudo a2enmod proxy_wstunnel
sudo a2enmod proxy_http
sudo a2enmod rewrite
sudo a2enmod headers

#Apache配置

vi /etc/apache2/sites-available/yourdomain.com.conf

#有用的就是下面这一点.复制到你的配置文件里就可以了.开始

<VirtualHost *:80>
  Redirect /  https://yourdomain.com.tk/
</VirtualHost>

<VirtualHost *:443>

	ServerName yourdomain.com.tk
	#SSL
	SSLEngine On
	SSLCertificateFile /etc/letsencrypt/live/yourdomain.com.tk/fullchain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com.tk/privkey.pem
	SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
	SSLProtocol All -SSLv2 -SSLv3
	SSLHonorCipherOrder On
	Header always set Strict-Transport-Security "max-age=15768000"
  
  <LocationMatch "/ws">
        ProxyPass ws://127.0.0.1:8883/ws
        ProxyAddHeaders Off
        ProxyPreserveHost On
        RequestHeader set Host %{HTTP_HOST}s
        RequestHeader set X-Forwarded-For %{REMOTE_ADDR}s
  </LocationMatch>

</VirtualHost>

#结束

#这是 nginx的配置.

location /ws {
	proxy_redirect off;
	proxy_pass http://127.0.0.1:8883;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_set_header Host $http_host;
}

#caddy的配置.

https://yourdomain.com {
 root /etc/caddy/www
 timeouts none
 tls email@xxx.com
 gzip
 proxy /ws localhost:8883 {
  websocket
  header_upstream -Origin
  }
}

#v2ray服务端配置文件…

{
    "log": {
            "access": "/var/log/v2ray/access.log",
            "error": "/var/log/v2ray/error.log",
            "loglevel": "warning"
    },
    "inbound": {
            "port":8883 ,
            "listen":"127.0.0.1",
            "protocol": "vmess",
            "settings": {
                    "clients": [{
                            "id": "93e09eb8-004a-0000-0000-00000000000",
                            "level": 1,
                            "alterId": 100,
                            "security": "auto"
                    }]
            },
            "streamSettings":{
                    "network":"ws",
                    "security": "auto",
                    "wsSettings":{
                            "path": "/ws"
                            }
                    }
    },
    "outbound": {
            "protocol": "freedom",
            "settings": {}
}