在Apache服务器上实现tls Websocket转发v2ray代理
因为Nginx的rewrite规则实在是太头疼了,服务器上还要用Apache放别的网站内容,相比之下还是用Apache转发v2ray代理更简单一点。
首先请根据这个教程:v2ray白话文教程注册好域名和生成证书。
安装好Apache之后,在服务器上开启以下apache模组:
sudo a2enmod ssl
sudo a2enmod proxy
sudo a2enmod proxy_wstunnel
sudo a2enmod proxy_http
sudo a2enmod rewrite
sudo a2enmod headers
Apache配置
nano /etc/apache2/sites-available/yourdomain.com.conf
填入以下内容
<VirtualHost *:443>
ServerName yourdomain.com.
ServerAlias yourdomain.com.
##SSL Engine Switch:
#Enable/Disable SSL for this virtual host.
SSLEngine On
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://localhost:3579/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://localhost:3579/$1 [P,L]
##Proxy to port 3579
#Replace xxx.xxx.xxx.xxx with your servers IP adress or hostname
#Replace yourCertname with your servers SSL certificate name
SSLProxyEngine On
Proxypass /ray http://127.0.0.1:3579
ProxyPassReverse /ray http://127.0.0.1:3579
SSLCertificateFile /etc/v2ray/v2ray.crt
SSLCertificateKeyFile /etc/v2ray/v2ray.key
</VirtualHost>
启动网站,重启apache服务
sudo a2ensite yourdomain.com
sudo service apache2 restart
服务器端V2ray配置
{
"log" : {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "warning"
},
"inbound": {
"port": 3579,
"listen":"127.0.0.1",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "your id",
"level": 1,
"alterId": 64
}
]
},
"streamSettings":{
"network":"ws",
"wsSettings":{
"path":"/ray"
}
}
},
"outbound": {
"protocol": "freedom",
"settings": {}
},
"outboundDetour": [
{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}
]
}
V2ray客户端配置(部分)
"outbound": {
"protocol": "vmess",
"settings":{
"vnext":[
{
"address":"yourdomain.com",
"port": 443,
"users": [
{
"id": "your id",
"level": 1,
"alterId": 64,
"security":"auto"
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security":"tls",
"tlsSettings":{
"serverName":"yourdomain.com",
"allowInsecure":true
},
"wsSettings":{
"path":"/ray"
}
},
"mux": {"enabled":true}
},