一、xray 服务端配置
下载:https://github.com/XTLS/Xray-core
进入下载界面
这里我选择的是Xray-linux-64.zip
将文件解压到 /usr/local/xray
编辑配置文件/usr/local/xray/config.json
uuid可以在自动生成,也可以在UUID v4 生成器 - KKTool工具箱 (kktoolkit.com) 上获取uuid
vmess方式1:
{
"inbounds": [
{
"port": 10000,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "6ec56d51-52cd-4b64-a925-52982ed7044e",
"alterId": 100
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/kazfs"
}
}
}
],
"outbounds": [
{
"protocol": "freedom"
}
]
}
vless方式2:
如果不使用vmess,vmess有时间限制问题
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"port": 10000,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "6ec56d51-52cd-4b64-a925-52982ed704a1",
"level": 0
},
{
"id": "f6725b1b-546a-4fff-9fc3-4b60e8c1cd41",
"level": 1
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/kazfs"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}
配置xray启动服务 vi /etc/systemd/system/xray.service
[Unit]
Description=Xray Service
After=network.target
[Service]
User=nobody
ExecStart=/usr/local/xray/xray -config /usr/local/xray/config.json
Restart=on-failure
RestartSec=10
LimitNOFILE=51200
[Install]
WantedBy=multi-user.target
设置开机启动xray
systemctl enable xray --now
二、nginx配置
location /kazfs {
if ($http_upgrade != "websocket") { # WebSocket协商失败时返回404
return 404;
}
proxy_redirect off;
proxy_pass http://127.0.0.1:10000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
# Show real IP in v2ray access.log
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
三、本地配置
3.1 windows
测试结果:
3.2 linux
下载软件还是去https://github.com/XTLS/Xray-core下载,用的还是服务端一样的xray
/usr/local/xray/config.json
vmess方式1:
{
"log":{
"loglevel":"warning"
},
"inbounds":[
{
"port":10808,
"listen":"127.0.0.1",
"protocol":"socks",
"settings":{
"udp":true
}
},
{
"tag":"http",
"port":10809,
"listen":"127.0.0.1",
"protocol":"http",
"sniffing":{
"enabled":true,
"destOverride":[
"http",
"tls"
]
},
"settings":{
"auth":"noauth",
"udp":true,
"allowTransparent":false
}
}
],
"outbounds":[
{
"tag":"proxy",
"protocol":"vmess",
"settings":{
"vnext":[
{
"address":"www.yuantao.com",
"port":443,
"users":[
{
"id":"6ec56d51-52cd-4b64-a925-52982ed7044e",
"alterId": 100
}
]
}
]
},
"streamSettings":{
"network":"ws",
"security":"tls",
"tlsSettings":{
"serverName":"www.yuantao.com"
},
"wsSettings":{
"path":"/kazfs"
}
}
},
{
"tag":"direct",
"protocol":"freedom",
"settings":{
}
},
{
"tag":"block",
"protocol":"blackhole",
"settings":{
"response":{
"type":"http"
}
}
}
],
"routing":{
"domainStrategy":"IPIfNonMatch",
"domainMatcher":"linear",
"rules":[
{
"type":"field",
"inboundTag":[
"api"
],
"outboundTag":"api",
"enabled":true
},
{
"type":"field",
"outboundTag":"direct",
"domain":[
"domain:example-example.com",
"domain:example-example2.com"
],
"enabled":true
},
{
"type":"field",
"outboundTag":"direct",
"ip":[
"192.168.10.1/24"
],
"protocol":[
"http",
"tls",
"bittorrent"
]
},
{
"type":"field",
"outboundTag":"block",
"domain":[
"geosite:category-ads-all"
],
"enabled":true
},
{
"type":"field",
"outboundTag":"direct",
"domain":[
"geosite:cn"
],
"enabled":true
},
{
"type":"field",
"outboundTag":"direct",
"ip":[
"geoip:private",
"geoip:cn"
],
"enabled":true
},
{
"type":"field",
"port":"0-65535",
"outboundTag":"proxy",
"enabled":true
},
{
"type":"field",
"port":"0-65535",
"outboundTag":"proxy",
"enabled":true
}
]
}
}
vless方式2:
{
"log": {
"access": "",
"error": "",
"loglevel": "warning"
},
"inbounds": [
{
"tag": "socks",
"port": 10808,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
],
"routeOnly": false
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
},
{
"tag": "http",
"port": 10809,
"listen": "127.0.0.1",
"protocol": "http",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
],
"routeOnly": false
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "www.ziyuantao.com",
"port": 1443,
"users": [
{
"id": "6ec56d51-52cd-4b64-a925-52982ed704a1",
"alterId": 0,
"email": "t@t.tt",
"security": "auto",
"encryption": "none"
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"tlsSettings": {
"allowInsecure": false,
"serverName": "www.ziyuantao.com",
"show": false
},
"wsSettings": {
"path": "/kazfs",
"headers": {
"Host": "www.ziyuantao.com"
}
}
},
"mux": {
"enabled": false,
"concurrency": -1
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
}
],
"dns": {
"servers": [
"1.1.1.1",
"8.8.8.8"
]
},
"routing": {
"domainStrategy": "AsIs",
"rules": [
{
"type": "field",
"inboundTag": [
"api"
],
"outboundTag": "api"
},
{
"type": "field",
"outboundTag": "direct",
"domain": [
"domain:example-example.com",
"domain:example-example2.com"
]
},
{
"type": "field",
"outboundTag": "block",
"domain": [
"geosite:category-ads-all"
]
},
{
"type": "field",
"outboundTag": "direct",
"domain": [
"geosite:cn"
]
},
{
"type": "field",
"outboundTag": "direct",
"ip": [
"geoip:private",
"geoip:cn"
]
}
]
}
}
service配置:
[Unit]
Description=Xray Service
After=network.target
[Service]
User=nobody
ExecStart=/usr/local/xray/xray -config /usr/local/xray/config.json
Restart=on-failure
RestartSec=10
LimitNOFILE=51200
[Install]
WantedBy=multi-user.target
启动service:
systemctl start xray
四、测试
curl -x socks5h://127.0.0.1:10808 https://www.xxx.com
curl -x http://127.0.0.1:10809 https://www.xxx.com
五、设置
export http_proxy=http://127.0.0.1:10809
export https_proxy=http://127.0.0.1:10809
然后通过curl 测试就能访问
六、问题排查(重要)
VMess: Invalid User 可能的原因:
1、客户端和服务端的用户 ID 不匹配;
2、客户端和服务端的用户 alterId 不匹配;
3、客户端与服务端的时间不匹配,误差不能超过90秒钟;
可以选择证书自申请的caddy+xray,也可以选择网上那些一键式搭建的方式
由于我的服务端需要nginx,就用nginx做websocket连接了