2017.7 - 2019.6: Shadowsocks
2019.6 - 2023.4: Vmess + TLS + WS + Nginx
2023.4 - now: NavieProxy + Caddy

以下操作基于CentOS 7操作系统，只记录关键步骤

Shadowsocks #

服务端 #

安装pip

yum install python-pip

检查pip版本

pip -V

安装Shadowsocks，目前PyPI中的最新版本停留在了Released: Aug 10, 2015的2.8.2版本

pip install shadowsocks

创建和编辑/etc/shadowsocks.json，填写如下内容

{
  "server": "0.0.0.0",
  "server_port": 4444,
  "password": "xxxx",
  "timeout": 600,
  "method": "aes-256-cfb",
  "fast_open": "true"
}

启动服务并设置开机自起，将如下命令写入到/etc/rc.local（exit 0之前）

ssserver -c /etc/shadowsocks.json -d start

客户端 #

GUI客户端

• shadowsocks-android: Android client.
• shadowsocks-windows: Windows client.
• shadowsocksX-NG: MacOS client.
• shadowsocks-qt5: Cross-platform client for Windows/MacOS/Linux.

客户端配置暂略

References

https://shadowsocks.org/guide/getting-started.html https://pypi.org/project/shadowsocks/#history

Vmess + TLS + WS + Nginx #

依赖 #

需要具备域名，以v2.example.com为例，并配置了A记录解析到了VPS的IP，如45.76.190.133

服务端 #

下载v2ray

bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)

编辑v2ray配置文件vi /usr/local/etc/v2ray/config.json写入以下内容，并启动v2ray

{
  "inbounds": [
    {
      "port": 18967,
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "54bb75fe-e973-4fa1-8390-a4fc95f96ec2",
            "level": 1,
            "alterId": 64
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/videos/"
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
    },
    {
      "protocol": "blackhole",
      "settings": {},
      "tag": "blocked"
    }
  ],
  "routing": {
    "rules": [
      {
        "type": "field",
        "ip": [
          "geoip:private"
        ],
        "outboundTag": "blocked"
      }
    ]
  }
}

systemctl enable v2ray
systemctl start v2ray

安装并启动nginx

yum install epel-release
yum install nginx
systemctl enable nginx
systemctl start nginx

编辑nginxv2.example.com站点配置文件vi /etc/nginx/conf.d/v2.example.com.conf，用于转发/vidoes/路径请求至v2ray

server {
    listen 80;
    root /usr/share/nginx/html;
    server_name v2.example.com;

    location / {
            root   html;
            index  index.html index.htm;
    }

    location /videos/ {
        proxy_redirect off;
        proxy_pass http://127.0.0.1:18967;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
    }
}

重启nginx

systemctl restart nginx

安装certbot-nginxNginx Plugin

yum install certbot-nginx

证书申请及配置，同时确认关闭防火墙

systemctl stop firewalld
systemctl disable firewalld
certbot --nginx -d v2.example.name

验证，浏览器访问https://v2.example.com/videos/返回Bad Request即说明服务器端安装成功

客户端 #

GUI客户端

• V2RayN 是一个基于 V2Ray 内核的 Windows 客户端
• V2RayX 是一个基于 V2Ray 内核的 Mac OS X 客户端
• Shadowrocket 是一个通用的 iOS VPN 应用，它支持众多协议，如 Shadowsocks、VMess、SSR 等
• V2RayNG 是一个基于 V2Ray 内核的 Android 应用

References

https://www.v2ray.com/awesome/tools.html
https://github.com/v2fly/v2ray-core

NavieProxy + Caddy #

依赖 #

需要具备域名，以v2.example.com为例，并配置了A记录解析到了VPS的IP，如45.76.190.133

需要安装Go

服务端 #

生成证书，输入v2.example.com

yum install epel-release
yum install ca-certificates openssl certbot
certbot certonly

安装最新版本Go环境

wget "https://go.dev/dl/$(curl https://go.dev/VERSION?m=text|head -1).linux-amd64.tar.gz"
tar -xf go*.linux-amd64.tar.gz -C /usr/local/

echo 'export GOROOT=/usr/local/go' >> /etc/profile
echo 'export PATH=/root/go/bin:$GOROOT/bin:$PATH' >> /etc/profile
source /etc/profile

go

Caddy安装

yum install yum-plugin-copr
yum copr enable @caddy/caddy
yum install caddy

使用XCaddy编译Caddy NavieProxy插件，并替换原有caddy文件

go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive

./caddy list-modules # 显示 http.handlers.forward_proxy，Non-standard modules: 1

mv caddy /usr/bin/caddy

编辑JSON格式配置文件vi /etc/caddy/server.json，使用了6443自定义端口
allow 172.31.255.2的作用为解锁chatGPT网站，详细可以参看以下链接： https://chatgpt123.com/86113.html
https://ijustmysocks.com/364.html
https://github.com/klzgrad/naiveproxy/issues/577

{
        admin off
        log {
                output file /var/log/caddy/access.log
                level INFO
        }
        servers :6443 {
                protocols h1 h2 h3
        }
}

:80 {
        redir https://{host}{uri} permanent
}

https://:6443, v4.zqq.xyz #Modify to your domain
tls xxx@xxx.com #Modify to your email address
route {
        forward_proxy {
                basic_auth xxx xxx #Modify to your user name and password
                hide_ip
                hide_via
                probe_resistance #Modify to a secret domain, like password
                acl {
                        allow 172.31.255.2
                }
        }
        file_server {
                root /usr/share/caddy
        }
}

格式化配置文件

caddy fmt --overwrite /etc/caddy/Caddyfile

修改systemd caddy配置vi /usr/lib/systemd/system/caddy.service

User=root
Group=root
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force

启动Caddy

systemctl daemon-reload
systemctl enable caddy
systemctl start caddy

客户端 #

使用Qv2ray搭配NavieProxy插件

Qv2ray需要指定v2ray-core目录位置，NavieProxy插件放在Qv2ray插件目录中，NavieProxy插件需要指定navie客户端执行文件位置