侧边栏壁纸
  • 累计撰写 8 篇文章
  • 累计创建 20 个标签
  • 累计收到 3 条评论

目 录CONTENT

文章目录

nginx+xray+vless+TCP+xtls-rprx-direct

LengJun
2022-02-28 / 0 评论 / 0 点赞 / 3,293 阅读 / 3,346 字
温馨提示:
本文最后更新于 2022-04-03,若内容或图片失效,请留言反馈。部分素材来自网络,若不小心影响到您的利益,请联系我们删除。

性能

经实测 Vless+TCP+xtls-rprx-direct 比 Vmess+ws+tls+web 延迟降低一半,Chrome首页加载、Google搜索速度均有明显改善,非常建议使用。

配置服务器

基于CentOS 7/8

CentOS 8需要在/etc/yum.repos.d中更新一下源,使用vault.centos.org代替mirror.centos.org

sudo sed -i -e "s|mirrorlist=|#mirrorlist=|g" /etc/yum.repos.d/CentOS-*
sudo sed -i -e "s|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g" /etc/yum.repos.d/CentOS-*

1、关闭SELinux

setsebool -P httpd_can_network_connect 1 && setenforce 0

2. 放行防火墙

firewall-cmd --permanent --add-service=https; firewall-cmd --permanent --add-service=http; firewall-cmd --reload;

3. 安装内核

bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install -u root

查看内核版本

[root@makali ~]$ xray -version
Xray 1.5.3 (Xray, Penetrates Everything.) Custom (go1.17.6 linux/amd64)
A unified platform for anti-censorship.

4. 配置xray

vi /usr/local/etc/xray/config.json

写入

{
    "log": {
     "access": "/var/log/xray/access.log",
     "error": "/var/log/xray/error.log",
     "loglevel": "debug"
    }, 
    "inbounds": [
        {
            "listen": "0.0.0.0", 
            "port": 443, 
            "protocol": "vless", 
            "settings": {
                "clients": [
                    {
                        "id": "****", // 填写UUID
                        "level": 0, 
                        "email": "a@b.com",
                        "flow":"xtls-rprx-direct"
                    }
                ], 
                "decryption": "none", 
                "fallbacks": [
                    {
                        "dest": 1234
                    }
                ]
            }, 
            "streamSettings": {
                "network": "tcp", 
                "security": "xtls", 
                "xtlsSettings": {
                    "serverName": "****", //换成自己的域名
                    "alpn": [
                        "http/1.1"
                    ], 
                    "certificates": [
                        {
                            "certificateFile": "/etc/pki/tls/certs/****.crt", // 换成你的证书,绝对路径
                            "keyFile": "/etc/pki/tls/private/****.key"  // 换成你的私钥,绝对路径
                        }
                    ]
                }
            }
        }
    ], 
    "outbounds": [
        {
            "protocol": "freedom", 
            "settings": { }
        }
    ]
}

写完可以验证一下

/usr/local/bin/xray -test -config=/usr/local/etc/xray/config.json

显示
Xray 1.5.3 (Xray, Penetrates Everything.) Custom (go1.17.6 linux/amd64)
A unified platform for anti-censorship.
2022/02/28 00:43:03 [Info] infra/conf/serial: Reading config: /usr/local/etc/xray/config.json
Configuration OK.

设置开机自启并启动xray服务:

systemctl enable xray; systemctl start xray

xray常用命令

查看xray状态:service xray status
启动xray:service xray start
停止xray:service xray stop
重启xray:service xray restart
仅更新geoip.dat和geosite.dat:
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install-geodata
移除xray:
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ remove --purge

5. 配置Nginx

安装Nginx

yum install -y nginx

编辑配置文件

vi /etc/nginx/conf.d/default.conf

写入

server {
    listen 80 ;
    server_name xxx; //换成自己的域名
    rewrite ^(.*)$ https://${server_name}$1 permanent; 
    if ($request_method  !~ ^(POST|GET)$) { return  501; }
    autoindex off;
    server_tokens off;
 }
server{
        listen 1234;
        server_name xxx; //换成自己的域名

	location /{
		root  /usr/share/nginx/html; 
	}
	
	index index.php index.html index.htm;
	
	if ($request_method  !~ ^(POST|GET)$) { return 501; }
        autoindex off;
        server_tokens off;
 }

把网页模板文件夹里的所有东西,包括index.html,blog.html,以及css,fonts,img,js几个文件夹,全部上传到/usr/share/nginx/html/

验证一下Nginx配置是否正确

[root@makali ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

设置开机自启并启动Nginx服务

systemctl enable nginx; systemctl start nginx

故障排除

查看xray日志

tail -f /var/log/xray/access.log
0

评论区