源恪的课程学习心得体会

Appearance

配置ubuntu 20.04 (v2ray)

使用 root 用户

bash
sudo -i

环境配置(安装依赖/开启 BBR)

bash
#依赖
apt update
apt install curl wget unzip

# bbr
echo net.core.default_qdisc=fq >> /etc/sysctl.conf
echo net.ipv4.tcp_congestion_control=bbr >> /etc/sysctl.conf
sysctl -p

安装/升级

bash
bash <(curl -s https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)
bash
#使用域名
h2_domain="demo.example.com"

#生成uuid
uuid=$(v2ray uuid)

#防止流量出口走ipv6,结合实际选择网卡,这里是eth0
localip=$(ip addr show eth0 |awk '/inet /{print $2}' |cut -d '/' -f1|head -n 1)
if [ -z "$localip" ] ;then localip="0.0.0.0";fi

#利用HereDoc在终端生成配置
tee /usr/local/etc/v2ray/config.json<<-EOF
{
  "log": {
    "loglevel": "warning",
    "access": "/var/log/v2ray/access",
    "error": "/var/log/v2ray/error"
  },
  "inbounds": [
    {
      "protocol": "vless",
      "listen": "@/v2ray/h2.sock",
      "settings": {
        "decryption":"none",
        "clients": [
          {
            "id": "${uuid}"
          }
        ]
      },
      "streamSettings": {
        "network": "h2",
        "httpSettings": {
          "host": ["${h2_domain}"],
          "path": "/h2"
        }

      }
    }
  ],
  "outbounds": [
    {
      "sendThrough":"${localip}",
      "protocol": "freedom"
    }
  ]
}
EOF

#启用并重启服务
systemctl enable v2ray
systemctl restart v2ray

#输出uuid
echo $uuid

Caddy 安装配置

bash
apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
apt update
apt install caddy

# 当出现402错误时使用下述方法
wget https://github.com/caddyserver/caddy/releases/download/v2.7.6/caddy_2.7.6_linux_amd64.deb
dpkg -i caddy_2.7.6_linux_amd64.deb


h2_domain="demo.example.com"

tee /etc/caddy/Caddyfile<<-"EOF"
${h2_domain} {
    root * /var/www/caddy
    file_server

    @v2ray_ws {
        path /ws
        header Connection *Upgrade*
        header Upgrade websocket
    }

    #reverse_proxy @v2ray_ws unix/@/v2ray/ws.sock
    @v2ray_h2 {
        path /h2
    }
    reverse_proxy @v2ray_h2 unix/@/v2ray/h2.sock {
          transport http {
            versions h2c
          }
    }
}
EOF

sed -i "s/"'${h2_domain}'"/${h2_domain}/g" /etc/caddy/Caddyfile

mkdir -p /var/www/caddy/test

service caddy restart
service v2ray restart

创建测速文件

bash
cd /var/www/caddy/test
dd if=/dev/zero of=256M count=4 bs=64M

防火墙

bash
apt install ufw
ufw allow ssh
ufw allow http
ufw allow https
ufw enable

naive

bash
#安装go
wget https://go.dev/dl/go1.22.4.linux-amd64.tar.gz
rm -rf /usr/local/go && tar -C /usr/local -xzf go1.22.4.linux-amd64.tar.gz

export PATH=$PATH:/usr/local/go/bin

#
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
~/go/bin/xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive
setcap cap_net_bind_service=+ep ./caddy

服务端

bash
domain=
user=
pass=
tee /etc/caddy/Caddyfile<<-EOF
{
  order forward_proxy before file_server
}
:443, ${domain} {
  tls me@${domain}
  forward_proxy {
    basic_auth ${user} ${pass}
    hide_ip
    hide_via
    probe_resistance
  }
  file_server {
    root /var/www/html
  }
}
EOF

客户端(singbox+naive)

bash

curl -OLJ https://github.com/klzgrad/naiveproxy/releases/download/v126.0.6478.40-1/naiveproxy-v126.0.6478.40-1-linux-arm64.tar.xz


xz -d naiveproxy-v126.0.6478.40-1-linux-arm64.tar.xz
tar xf naiveproxy-v126.0.6478.40-1-linux-arm64.tar
mv naiveproxy-v126.0.6478.40-1-linux-arm64/naive /usr/local/bin/naive

naive config.json

Hysteria

json
{
  "type": "hysteria2",
  "tag": "hysteria-in",

  "listen": "::",
  "listen_port": 15643,
  "domain_strategy": "prefer_ipv4",

  "up": "20 Mbps",
  "up_mbps": 20,
  "down": "100 Mbps",
  "down_mbps": 100,

  "users": [
    {
      "name": "sekai",
      "password": "password"
    }
  ],

  "tls": {
    "enabled": true,
    "server_name": "",
  }
}

Last updated: