广告

搭建一个服务器费时费力, 还容易被封

这里推荐一个机场 : https://panel.flowercity.xyz

每月仅需10元, 是自己搭建所需金额的三分之一

1个月85G流量, 满足大部分需求

欢迎选购

1. 为什么

x-ui只是一个ui管理页面, 更新可能更不上,
为了赶上最前沿的Xray内核, 我们选用命令行部署

2. 准备

请仔细阅读这两篇文章, 可能对你有大帮助

https://flowercity.xyz/翻墙节点搭建-进阶/
https://flowercity.xyz/翻墙节点搭建/

在输入代码是看到中文内容一定要仔细看并替换!!!

根据前两篇文章, 准备

一个已经配置好的服务器

一个已经Cloudflare过的域名

3. 开始

因为作者精力有限, 介绍的方面会更少, 如有问题, 可自行百度

安装 nginx

1
2
sudo apt install nginx -y
sudo ufw allow 'Nginx Full'

等待安装完成后

1
sudo vim /etc/nginx/nginx.conf

按a编辑

将user后面改为root

即:

1
user: root

在http内加入如下内容

1
2
3
4
5
6
server {
        listen 80;
        server_name 你的域名;
        root /root/www/pages;
        index index.html;
}

按Esc, 输入:wq回车以退出

随后

1
mkdir -p ~/www/pages/ && vim ~/www/pages/index.html

将以下内容完整的粘贴进去

按a编辑

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<html lang="">
  <!-- Text between angle brackets is an HTML tag and is not displayed.
        Most tags, such as the HTML and /HTML tags that surround the contents of
        a page, come in pairs; some tags, like HR, for a horizontal rule, stand
        alone. Comments, such as the text you're reading, are not displayed when
        the Web page is shown. The information between the HEAD and /HEAD tags is
        not displayed. The information between the BODY and /BODY tags is displayed.-->
  <head>
    <title>Enter a title, displayed at the top of the window.</title>
  </head>
  <!-- The information between the BODY and /BODY tags is displayed.-->
  <body>
    <h1>Enter the main heading, usually the same as the title.</h1>
    <p>Be <b>bold</b> in stating your key points. Put them in a list:</p>
    <ul>
      <li>The first item in your list</li>
      <li>The second item; <i>italicize</i> key words</li>
    </ul>
    <p>Improve your image by including an image.</p>
    <p>
      <img src="https://i.imgur.com/SEBww.jpg" alt="A Great HTML Resource" />
    </p>
    <p>
      Add a link to your favorite
      <a href="https://www.dummies.com/">Web site</a>. Break up your page
      with a horizontal rule or two.
    </p>
    <hr />
    <p>
      Finally, link to <a href="page2.html">another page</a> in your own Web
      site.
    </p>
    <!-- And add a copyright notice.-->
    <p>&#169; Wiley Publishing, 2011</p>
  </body>
</html>

按Esc, 输入:wq, 回车

输入

1
2
sudo chmod 755 index.html
sudo systemctl restart nginx

等待重启

访问你的http://你的ip:80

如果弹出一个乱七八糟且没有Nginx字样的网页,即成功

安装证书

1
2
3
4
5
6
7
8
9
10
cd ~
mkdir cert
wget -O -  https://get.acme.sh | sh
. .bashrc
acme.sh --upgrade --auto-upgrade
acme.sh --set-default-ca --server letsencrypt
acme.sh --issue -d 你的域名 -w /root/www/pages --keylength ec-256 --force
acme.sh --installcert -d 你的域名 --cert-file /root/cert/cert.crt --key-file /root/cert/cert.key --fullchain-file /root/cert/fullchain.crt --ecc
cd ~/cert
sudo chmod 755 cert.key

你应该看到想这样的提示

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
[Wed 30 Dec 2022 15:22:51 AM EST] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed 30 Dec 2022 15:22:51 AM EST] Creating domain key
[Wed 30 Dec 2022 15:22:51 AM EST] The domain key is here: /root/.acme.sh/你的域名/你的域名.key
[Wed 30 Dec 2022 15:22:51 AM EST] Single domain='你的域名'
[Wed 30 Dec 2022 15:22:51 AM EST] Getting domain auth token for each domain
[Wed 30 Dec 2022 15:22:51 AM EST] Getting webroot for domain='你的域名'
[Wed 30 Dec 2022 15:22:51 AM EST] Verifying: 你的域名
[Wed 30 Dec 2022 15:22:51 AM EST] Pending
[Wed 30 Dec 2022 15:22:51 AM EST] Success
[Wed 30 Dec 2022 15:22:51 AM EST] Verify finished, start to sign.
[Wed 30 Dec 2022 15:22:51 AM EST] Lets finalize the order.
[Wed 30 Dec 2022 15:22:51 AM EST] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/490205996/7730242872'
[Wed 30 Dec 2022 15:22:51 AM EST] Downloading cert.
[Wed 30 Dec 2022 15:22:51 AM EST] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/vsxvk0oldnuobe51ayxz4dms62sk2dwmw9zhuw'
[Wed 30 Dec 2022 15:22:51 AM EST] Cert success.
--BEGIN CERTIFICAT--
sxlYqPvWreKgD5b8JyOQX0Yg2MLoRUoDyqVkd31PthIiwzdckoh5eD3JU7ysYBtN
cTFK4LGOfjqi8Ks87EVJdK9IaSAu7ZC6h5to0eqpJ5PLhaM3e6yJBbHmYA8w1Smp
wAb3tdoHZ9ttUIm9CrSzvDBt6BBT6GqYdDamMyCYBLooMyDEM4CUFsOzCRrEqqvC
2mTTEmhvpojo5rhdTSJxibozyNWTGwoTj0v9pTUeQcGqLIzqi4DowjBHD5guwRid
SjAFnm6JT2xUQgWFm58A1gv1OhbH1TRPUUmtE1nFEN7YiSjI4xgxqAXT3CLD2EUb
wXlUrO6c75zSsQP4bRMzgOjJUqHtSb6IEqELzt4M7KzL5iCOruCChCo2DZxUwvVX
tOoaAyQJzCbTqE6aUqwiKi3gVyoxvDP9mI5JdRYzsDL6GVud7EHPnYeMl9ubLZAK
0vg84mbMP3f6mYM4KRa1cqiyOIcQPT4AzGFYVv4sm049bZQg7sd0Bz9CaFvE7yDA
1y17XlgCDnsjxl66bqI1vkENN9XT5xeFHONqc18b5fZEKSIvdX7iWPFWp1PyMPpG
0pMCP1EymZNFxIMJLgbWqExwLWfPc5Ib3PjBaIqhXPnw6sT2MQSxXwDupq1UJVhV
7E3hQRVlwI4CXi6WLHJMNvNRyyK87gCrLH1bKYsPeRVaz77poWBq49zwBCts6hPY
IeF4ltGXyANNIOPEi8vy138fRU4LYh81d8FjOtFfJZogMjwhfNvapqxPMsioPlmX
TnZu0n7setrVNUEfTMHWqPpDgk5MPrWLA4LapqaDfEX4pwnQJLMwMi6s94z165c0
iMRSKA1yU5zqv8aNsDfPoY4OkSPWs4MaXgRRSLBsUfZ15DwQXPk76kegHIyxWvwF
tYw9HKR5QCMK66fa0z4aJoFVFLK0IIOGEZOanRFUCnkLUDd3QZ3YU8lEcrj7Uxos
haiRNICyC6UfsCJ94a8vcNyMosPv3xBLMp19WXgiFYqEFQkntkv1FLRI35fjeJmg
0fmD9VG9bkzGPHihJgQLRlCHasGf6XrdfkSsODAyCUHUHJ0RzqF4YEZMcxDxzuQ2
YO7bFwj7S3mUdVPZ6MPasjxdyBjJgEBMch2uy4AhmudXfEBQBye8W6ZI4ztZjLVV
FmP4SIuaNUmMe20TjR8b9NVC96AhxOanWT3mRROsdokpKQGTJvl27EHH8KuAbUOc
G6KtPy4wslNZNXWcBy9n63RcWak12r7kAIFn38tZxmlw2WUKoRSMAH64GcDTjRQd
Am65hBHzvGrj93wEuVNIebvNIsJOlng3HFjpIxVqKGMCIfWIKGDE3YzK3p4LbGZ6
NZFQWYJLNVf2M9CCJfbEImPYgvctrxl39H6KVYPCw1SAdaj9NneUqmREOQkKoEB0
x6PmNirbMscHhQPSC0JQaqUgaQFgba1ALmzRYAnYhNb0twkTxWbY7DBkAarxqMIp
yiLKcBFc5H7dgJCImo7us7aJeftC44uWkPM=
--END CERTIFICAT--
[Wed 30 Dec 2022 15:22:52 AM EST] Your cert is in  /root/.acme.sh/你的域名/你的域名.cer
[Wed 30 Dec 2022 15:22:52 AM EST] Your cert key is in  /root/.acme.sh/你的域名/你的域名.key
[Wed 30 Dec 2022 15:22:52 AM EST] The intermediate CA cert is in  /root/.acme.sh/你的域名/ca.cer
[Wed 30 Dec 2022 15:22:52 AM EST] And the full chain certs is there:  /root/.acme.sh/你的域名/fullchain.cer

安装Xray

1
2
3
wget https://github.com/XTLS/Xray-install/raw/main/install-release.sh
sudo bash install-release.sh
vim ~/cert/xray-cert-renew.sh

按a键

讲一下内容复制进去

1
2
3
4
5
6
7
8
9
10
#!/bin/bash

/home/vpsadmin/.acme.sh/acme.sh --install-cert -d 你的域名 --ecc --fullchain-file /root/cert/xray.crt --key-file /root/cert/xray.key
echo "Xray Certificates Renewed"

chmod +r /root/cert/xray.key
echo "Read Permission Granted for Private Key"

sudo systemctl restart xray
echo "Xray Restarted"

按Esc, 输入:wq, 回车

继续

1
2
chmod +x ~/cert/xray-cert-renew.sh
crontab -e

按a键

加入以下内容

1
2
# 1:00am, 1st day each month, run `xray-cert-renew.sh`
0 1 1 * *   bash /root/cert/xray-cert-renew.sh

按Esc, 输入:wq, 回车

1
2
xray uuid # 复制这里给出的uuid
sudo vim /usr/local/etc/xray/config.json

按a, 写入以下内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
{
    "log": {
        "loglevel": "debug"
    },
    "routing": {
        "domainStrategy": "IPIfNonMatch",
        "rules": [
            {
                "type": "field",
                "ip": [
                    "geoip:cn"
                ],
                "outboundTag": "block"
            }
        ]
    },
    "inbounds": [
        {
            "listen": "0.0.0.0",
            "port": 随便填,1000~65535,
            "protocol": "vless",
            "settings": {
                "clients": [
                    {
                        "id": "刚刚让你复制的uuid",
                        "flow": "xtls-rprx-vision"
                    }
                ],
                "decryption": "none",
                "fallbacks": [
                    {
                        "dest": "80",
                    }
                ]
            },
            "streamSettings": {
                "network": "tcp",
                "security": "tls",
                "tlsSettings": {
                    "rejectUnknownSni": true,
                    "minVersion": "1.2",
                    "certificates": [
                        {
                            "ocspStapling": 3600,
                            "certificateFile": "/root/cert/cert.crt",
                            "keyFile": "/root/cert/cert.key"
                        }
                    ]
                }
            },
            "sniffing": {
                "enabled": true,
                "destOverride": [
                    "http",
                    "tls"
                ]
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom",
            "tag": "direct"
        },
        {
            "protocol": "blackhole",
            "tag": "block"
        }
    ],
    "policy": {
        "levels": {
            "0": {
                "handshake": 2,
                "connIdle": 120
            }
        }
    }
}

按Esc, 输入:wq,回车

输入

1
2
sudo systemctl start xray
sudo systemctl status xray

如果看到了那个绿色的active (running)
铭记这历史性的一刻

客户端配置

打开v2rayN

点击左上角服务器

选择 “添加[Vless]服务器”

  • 别名随便填

  • 地址填你的域名

  • 端口填你自己设的

  • 用户id填xray生成的

  • 流控选xtls-rprx-version

  • 传输层安全选tls

  • 跳过证书验证选false

  • 其余保持不变

4. 完结撒花