本文最后更新于 2024年1月12日 下午
前言
本篇为 Docker + WebSocket + TLS + Web + nginx
事先准备
- 安装
docker docker-compose nginx 1
| sudo apt install docker.io docker-compose nginx
|
docker 拉取v2ray官方容器 1
| sudo docker pull v2fly/v2fly-core
|
编写 v2ray 配置文件
创建文件 /etc/v2ray/config.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
| {
"log": {
"access": "/etc/v2ray/log/access.log",
"error": "/etc/v2ray/log/error.log",
"loglevel": "warning"
},
"inbounds": [
{
"protocol": "vmess",
"port": 8888,
"settings": {
"clients": [
{
"id": "b8311421-2324-4d53-ad4f-8cda48b30811",
# id改成新生成的uuid的值
"alterId": 0
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/path"
#path 改成需要的真实目录
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}
|
编写docker启动项 compose.yml
在当前目录或选择目录创建文件docker_build/v2ray/compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
| services:
v2ray:
image: v2fly/v2fly-core
container_name: v2ray
environment:
- TZ=Asia/Shanghai
volumes:
- /etc/v2ray:/etc/v2ray
ports:
- 8888:8888
restart: always
command: ["run","--config","/etc/v2ray/config.json"]
|
在目录下启动
1
2
| sudo docker-compose up -d
|
配置 Nginx
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
| server {
# listen 80;
listen 443 ssl;
server_name #选择的域名;
ssl_certificate #你的ssl cert位置(pem);
ssl_certificate_key #你的ssl key位置(key);
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
location /trueline { # 与 V2Ray 配置中的 path 保持一致
if ($http_upgrade != "websocket") { # WebSocket协商失败时返回404
return 404;
}
proxy_redirect off;
proxy_pass http://127.0.0.1:8888; #选择你在v2ray docker-compose配置的端口和ip
# 假设WebSocket监听在环回地址的8888端口上
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
# Show real IP in v2ray access.log
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#location /.well-known/acme-challenge/ {
# alias /var/www/.well-known/acme-challenge/;
# try_files $uri $uri/ =404;
#}
include include/acme-webroot;
}
|
重启 nginx
关于 docker-v2ray 在服务器里的ip
1
| sudo docker network inspect v2ray_default |grep IPv4
|
参考