4月 16

caddy2+v2ray(vless)+ssl 实现caddy2反代v2ray上网

0.环境说明:

①Debian10

②RAM 4G HHD 100G

③ROOT 权限

推荐VPS:搬瓦工

注:

1.其中v2ray 和 caddy的安装使用官方教程,建议不要使用任何第三方脚本。

2.使用caddy的方便之处就在于自动申请证书。

点击进入搬瓦工VPS购买地址

1.安装caddy

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
 curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
 curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
 sudo apt update
 sudo apt install caddy

至此caddy官网网安装教程截止

2.配置caddy

找到caddy配置文件目录

cd /
sudo find / -name Caddyfile
vi /etc/caddy/Caddyfile

修改配置如下:

v2ray.wolfmark.org:443 {
    root * /caddyweb
    # /caddyweb 是网站根目录
    file_server
    log {
      output file /var/log/caddy/caddy.log
      #日志目录
    }
    tls abc@abc.com
    # 申请ssl的邮箱
    tls {
      protocols tls1.2 tls1.3
      ciphers TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
    }
    @websockets {
      path /v2ray
      # 和v2ray的path保持一致
      header Connection Upgrade
      header Upgrade websocket
    }
    reverse_proxy @websockets 127.0.0.1:12345
    # ghostxiu edit 2022.4.16 https://x.wolfmark.org
}

给caddy用户目录的执行权限

chown -R caddy:caddy /etc/caddy/

新建caddy日志文件

touch /var/log/caddy/caddy.log
chown -R caddy:caddy /var/log/caddy/caddy.log

启动caddy 并支持开机启动

systemctl restart caddy  && systemctl status caddy

在/caddyweb 目录下新建index.html,测试网页是否正常运行

mkdir /caddyweb 
vi /caddyweb/index.html

写入 ghostxiu edit 2022.4.16 https://x.wolfmark.org
输入:wq 保存

授权给caddy用户

chown -R caddy:caddy /caddyweb

至此caddy配置完成,如果只是作为静态页面服务器,则可以止步于此

接下来开始安装v2ray

3. 安装 v2ray

执行v2fly官方一键脚本安装最新版本

bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)

看到如下提示,则表示安装成功

installed: /usr/local/bin/v2ray
installed: /usr/local/bin/v2ctl
installed: /usr/local/share/v2ray/geoip.dat
installed: /usr/local/share/v2ray/geosite.dat
installed: /usr/local/etc/v2ray/config.json
installed: /var/log/v2ray/
installed: /var/log/v2ray/access.log
installed: /var/log/v2ray/error.log
installed: /etc/systemd/system/v2ray.service
installed: /etc/systemd/system/v2ray@.service
removed: /tmp/tmp.ciGxs5qJ3V
info: V2Ray v4.44.0 is installed.

4. v2ray服务端配置

获取UUID备用

cat /proc/sys/kernel/random/uuid

找到v2ray配置地址,并编辑配置文件:

whereis v2ray
vi /usr/local/etc/v2ray/config.json

写入如下配置:

{
     "log": {
         "access": "/var/log/v2ray/access.log",
         "error": "/var/log/v2ray/error.log",
         "loglevel": "warning"
     },
     "inbounds": [{
             "port": 12345,
             "listen":"127.0.0.1",
             "protocol": "vless",
             "settings": {
                 "clients": [{
                         "id": "",
                         # 前面获取的UUID
                         "level": 0,
                         "email": "abc@abc.org"
                     }
                 ],
                 "decryption": "none"
             },
             "streamSettings": {
                 "network": "ws",
                 "security": "none",
                 "wsSettings": {
                     "path": "/v2ray"
                     # 与caddy 配置保持一致  
                 }
             }
         }
     ],
     "outbounds": [{
         "protocol": "freedom"     
      } ]
 }

重启v2ray 并查看状态

systemctl restart v2ray && systemctl status v2ray

v2ray配置结束

注意防火墙开放80 443 12345 这几个用到的端口

防火墙的配置可以参考下面这篇文章:

Centos 7 关闭SELINUX ,两种防火墙配置(firewalld、iptables),可解决90%的访问问题

5.v2ray windows客户端配置

注意以下几点

1.选择xray内核

2.caddy的url

3.端口选择443

4.id是v2ray 配置中的id

5.传输协议选择ws

6.路径path和v2ray服务端保持一致

  • caddy, ssl, v2ray, v2ray 代理

发表评论

Your email address will not be published.