改了下的。。h2+tls+caddy的v2ray配置

挖坑.jpg

以前好像写过一个很像很像的。。。今天刚搭好就更新下。。

主要是一些细节上是小问题吧。。。其实也就一些更新而已。。

1:原来是能不断开CDN申请跟更新证书了!看这个:

https://github.com/Neilpang/acme.sh/wiki/dnsapi

用dns api去申请/更新。。

2:Caddy的安装和设置服务

  • 在下载安装的时候得记得选上http.proxyprotocol, http.forwardproxy和hook.service这三个插件。。
  • Caddy安装成服务变成这样了,看这里:

https://github.com/hacdias/caddy-service/blob/master/README.md

然后其他的就是老生常谈了。。不过更新成4.x以后配置生成器也有新的了,感谢大佬。。。

https://www.veekxt.com/utils/v2ray_gen

*典型的配置:

客户端:

{
  "log":{},
  "dns":{},
  "stats":{},
  "inbounds":[
    {
      "settings":{
        "auth":"noauth",
        "udp":true
      },
      "protocol":"socks",
      "port":"1080",
      "tag":"in-0"
    },
    {
      "settings":{},
      "protocol":"http",
      "port":"1081",
      "tag":"in-1"
    }
  ],
  "outbounds":[
    {
      "settings":{
        "vnext":[
          {
            "address":"(你的服务器域名)",
            "port":(你的端口),
            "users":[
              {
                "alterId":32,
                "id":"(user id)"
              }
            ]
          }
        ]
      },
      "protocol":"vmess",
      "streamSettings":{
        "security":"tls",
        "httpSettings":{
          "path":"(h2路径)",
          "host":[
            "(h2域名)"
          ]
        },
        "tlsSettings":{
          "serverName":"(tls域名)"
        },
        "network":"http"
      },
      "tag":"out-0"
    },
    {
      "tag":"direct",
      "protocol":"freedom",
      "settings":{}
    },
    {
      "tag":"blocked",
      "protocol":"blackhole",
      "settings":{}
    }
  ],
  "routing":{
    "domainStrategy":"IPOnDemand",
    "rules":[
      {
        "outboundTag":"direct",
        "ip":[
          "geoip:private"
        ],
        "type":"field"
      }
    ]
  },
  "policy":{},
  "reverse":{},
  "transport":{}
}

服务端的。。。

{
  "log": {
    "loglevel": "warning",
    "error": "/var/log/v2ray/error.log",
    "access": "/var/log/v2ray/access.log"
  },
  "dns": {},
  "stats": {},
  "inbounds": [
    {
      "settings": {
        "clients": [
          {
            "alterId": 32,
            "id": "(你的user id)"
          }
        ]
      },
      "port": (接Caddy的端口),
      "tag": "in-0",
      "streamSettings": {
        "security": "tls",
        "httpSettings": {
          "path": "(h2的路径)",
          "host": [
            "(h2的域名)"
          ]
        },
        "tlsSettings": {
          "certificates": [
            {
              "certificateFile": "/etc/v2ray/v2ray.crt",
              "keyFile": "/etc/v2ray/v2ray.key"
            }
          ]
        },
        "network": "http"
      },
      "protocol": "vmess",
      "listen": "127.0.0.1"
    }
  ],
  "outbounds": [
    {
      "tag": "direct",
      "protocol": "freedom",
      "settings": {}
    },
    {
      "tag": "blocked",
      "protocol": "blackhole",
      "settings": {}
    }
  ],
  "routing": {
    "domainStrategy": "AsIs",
    "rules": [
      {
        "outboundTag": "blocked",
        "ip": [
          "geoip:private"
        ],
        "type": "field"
      }
    ]
  },
  "policy": {},
  "reverse": {},
  "transport": {}
}

最后是Caddy的。。。

https://(你的域名):(对客户端端口) {
    tls (你的邮箱)
    root /var/www/

    proxy (h2路径) https://127.0.0.1:(对服务端v2的端口)  {
        header_upstream Host "(域名)"
        header_upstream X-Forwarded-Proto "https"
        insecure_skip_verify
    }
}

嗯嗯。。。就这样吧

发表评论

邮箱地址不会被公开。 必填项已用*标注