净化阿里云镜像
https://www.moerats.com/archives/625/
##防火墙管理
https://www.cnblogs.com/moxiaoan/p/5683743.html
(firewalld-cmd中,用-连接端口范围)
需要开放的端口(在阿里云管理平台上也要打开)
20 、21、 39000-40000端口(linux 系统 ),3000-4000(windows系统)
22 (SSH)
80、443(网站及SSL)
3306 (数据库远程连接)
888 (phpmyadmin)
https://www.4spaces.org/v2ray-nginx-tls-websocket/
##安装lnmp
https://lnmp.org/install.html
无人值守命令(密码请自行替换)
wget http://soft.vpser.net/lnmp/lnmp1.5.tar.gz -cO lnmp1.5.tar.gz && tar zxf lnmp1.5.tar.gz && cd lnmp1.5 && LNMP_Auto="y" DBSelect="2" DB_Root_Password="**********" InstallInnodb="n" PHPSelect="8" SelectMalloc="1" ./install.sh lnmp
============================== Check install ==============================
Checking ...
Nginx: OK
MySQL: OK
PHP: OK
PHP-FPM: OK
Clean src directory...
+------------------------------------------------------------------------+
| LNMP V1.5 for CentOS Linux Server, Written by Licess |
+------------------------------------------------------------------------+
| For more information please visit https://lnmp.org |
+------------------------------------------------------------------------+
| lnmp status manage: lnmp {start|stop|reload|restart|kill|status} |
+------------------------------------------------------------------------+
| phpMyAdmin: http://IP/phpmyadmin/ |
| phpinfo: http://IP/phpinfo.php |
| Prober: http://IP/p.php |
+------------------------------------------------------------------------+
| Add VirtualHost: lnmp vhost add |
+------------------------------------------------------------------------+
| Default directory: /home/wwwroot/default |
+------------------------------------------------------------------------+
| MySQL/MariaDB root password: ************** |
+------------------------------------------------------------------------+
+-------------------------------------------+
| Manager for LNMP, Written by Licess |
+-------------------------------------------+
| https://lnmp.org |
+-------------------------------------------+
nginx (pid 11904 11901) is running...
php-fpm is runing!
SUCCESS! MySQL running (12337)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:32000 0.0.0.0:* LISTEN
添加虚拟主机
https://lnmp.org/faq/lnmp-vhost-add-howto.html
记得要开启phpinfo
================================================
Virtualhost infomation:
Your domain: www.vidaima.com
Home Directory: /home/wwwroot/www.vidaima.com
Rewrite: typecho
Enable log: no
Database username: ******
Database userpassword: ******
Database Name: *******
Create ftp account: no
Enable SSL: yes
=>Let's Encrypt
================================================
下载网站程序到虚拟主机
cd /home/wwwroot/www.vidaima.com/
wget -c http://typecho.org/downloads/1.1-17.10.30-release.tar.gz
解压
tar zxvf 1.1-17.10.30-release.tar.gz
将解压出来的build文件夹的文件放到虚拟主机的根目录(build的上一级目录)
cd build/
mv * ../
cd ..
进入网站继续安装
##安装v2ray
使用WebSocket+TLS+Web的加密方式
###1. 安装v2ray程序
https://toutyrater.github.io/prep/install.html
###2. 在lnmp创建新的虚拟主机,同时将域名的子域名解析到服务器
(目前是ray.vidaima.com)
lnmp vhost add
就只绑定个域名,生成个ssl证书就行,其他全部选否,不要。
###3.填写配置文件
####客户端
{
"inbounds": [
{
"port": 10808,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls"]
},
"settings": {
"auth": "noauth",
"udp": false
}
}
],
"outbounds": [
{
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "ray.vidaima.com",
"port": 443,
"users": [
{
"id": "*********",
"alterId": 64
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"wsSettings": {
"path": "/myay/"
}
}
}
]
}
####服务端
{
"log": {
"loglevel": "debug"
},
"inbounds": [
{
"port": 10086,
"listen": "127.0.0.1",
"tag": "vmess-in",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "********",
"alterId": 64
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/myay/", //路径
"headers": { }
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": { },
"tag": "direct"
},
{
"protocol": "blackhole",
"settings": { },
"tag": "blocked"
}
],
"routing": {
"domainStrategy": "AsIs",
"rules": [
{
"type": "field",
"inboundTag": [
"vmess-in"
],
"outboundTag": "direct"
}
]
}
}
####nginx配置
在/usr/local/nginx/conf/vhost/ray.vidaima.com.conf中的443口的后面加一条location,将上面wssettings词条的path路径中写到的路径重写给v2ray的服务器端
location /myay/ { #注:修改路径
proxy_redirect off;
proxy_pass http://127.0.0.1:10086; #注:与服务端的inbound要一致
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
现在可以给新的虚拟主机扔个静态网页