├── README.md ├── caddy ├── Caddyfile ├── forwardproxyCaddyfile └── srv │ └── index.html ├── docker-compose-forwardproxy.yml ├── docker-compose.yml └── v2ray ├── adapter-shadowsocks-config.json ├── adapter-socks-config.json ├── client-config.json ├── client-https-config.json ├── client-simple-config.json └── config.json /README.md: -------------------------------------------------------------------------------- 1 | 2 | 推荐使用navieproxy https://github.com/klzgrad/naiveproxy 3 | 4 | 已不维护更新 5 | 6 | #### caddy 代理 websocket 流量转发给 v2ray 处理 7 | 8 | vmess over wss `ss vmess 这些自发明的翻墙协议最终都跑在tls里面:)` 9 | 10 | 选择 caddy 因为支持自动续签证书,请先解析自己域名到部署服务的 ip 地址生效后再使用, 11 | 12 | 默认占用 80 433 端口, 要使用其他端口,自行修改 Caddyfile 配置 13 | 14 | 安装 [docker-ce](https://docs.docker.com/install/linux/docker-ce/ubuntu/) 15 | 16 | 安装 [docker-compose](https://docs.docker.com/compose/install/) 17 | ``` 18 | sudo curl -L "https://github.com/docker/compose/releases/download/1.25.0/docker-compose-$(uname -s)-$(uname -m)" \ 19 | -o /usr/local/bin/docker-compose 20 | 21 | sudo chmod +x /usr/local/bin/docker-compose 22 | ``` 23 | 24 | 替换 uuid 25 | ``` 26 | git clone https://github.com/luoqeng/caddy-v2ray-docker.git && cd caddy-v2ray-docker 27 | 28 | UUID=$(cat /proc/sys/kernel/random/uuid) && echo ${UUID} 29 | 30 | sed -i "s/uuid/${UUID}/" ./v2ray/config.json 31 | ``` 32 | 33 | 替换域名 34 | ``` 35 | DOMAIN=www.xxxx.com 36 | sed -i "s/your.domain/${DOMAIN}/" ./caddy/Caddyfile 37 | ``` 38 | 39 | 默认页面 40 | ``` 41 | echo 'hello' > ./caddy/srv/index.html 42 | ``` 43 | 44 | 启动 caddy + v2ray 45 | ``` 46 | sudo docker-compose up -d 47 | ``` 48 | 49 | v2ray [客户端](https://www.v2ray.com/awesome/tools.html)配置 50 | ``` 51 | sed -i "s/uuid/${UUID}/" ./v2ray/client-simple-config.json 52 | sed -i "s/your.domain/${DOMAIN}/" ./v2ray/client-simple-config.json 53 | ``` 54 | 55 | #### 以下可选步骤 56 | 57 | shadowsocks adapter 58 | ``` 59 | sudo docker run -dit --restart always --name v2fly-ss -p 2048:2048 -d -v $PWD/v2ray/adapter-shadowsocks-config.json:/etc/v2ray/config.json v2fly/v2fly-core 60 | ``` 61 | 62 | 启用 https 代理,替换默认账号密码 admin pass123456 `支持 h2 tls1.3` 63 | ``` 64 | cp ./caddy/forwardproxyCaddyfile ./caddy/Caddyfile 65 | 66 | DOMAIN=www.xxxx.com 67 | sed -i "s/your.domain/${DOMAIN}/" ./caddy/Caddyfile 68 | 69 | HTTPS_USER=ubuntu 70 | sed -i "s/admin/${HTTPS_USER}/" ./caddy/Caddyfile 71 | 72 | HTTPS_PASSWD=pass2048 73 | sed -i "s/pass123456/${HTTPS_PASSWD}/" ./caddy/Caddyfile 74 | 75 | # https代理地址 https://ubuntu:pass2048@www.xxxx.com 76 | 77 | sudo docker-compose stop caddy 78 | sudo docker-compose rm caddy 79 | 80 | docker-compose -f docker-compose-forwardproxy.yml up -d 81 | ``` 82 | 83 | [v2ray 4.21](https://github.com/v2ray/v2ray-core/pull/1813) 版本支持 https 代理作为 outbounds 84 | 85 | 但目前很多 v2ray 客户端不支持 https 代理作为 outbounds。 86 | 87 | 客户端启动 [v2ray socks2https](https://guide.v2fly.org/en_US/basics/http.html#configuration) 88 | ``` 89 | sudo docker run -dit --restart always --name v2fly-socks -p 1080:1080 -d -v $PWD/v2ray/client-https-config.json:/etc/v2ray/config.json v2fly/v2fly-core 90 | ``` 91 | 92 | 透明代理推荐 openwrt + luci-app-ssr-plus [预编译好的下载](https://github.com/luoqeng/OpenWrt-on-VMware/releases) 93 | - https://downloads.openwrt.org/releases/19.07.1/targets/x86/64/ 94 | - https://github.com/coolsnowwolf/lede/tree/master/package/lean/luci-app-ssr-plus 95 | 96 | ~~透明代理推荐使用 koolshare x64 固件离线安装科学上网~~ 97 | - ~~https://github.com/hq450/fancyss_history_package/tree/master/fancyss_X64~~ 98 | - ~~https://firmware.koolshare.cn/LEDE_X64_fw867~~ 99 | 100 | 参考 101 | - https://gist.github.com/dcb9/1e0f0346400e42fb4d03ead124da1658 102 | - https://github.com/nanking/docker-caddy-v2ray 103 | -------------------------------------------------------------------------------- /caddy/Caddyfile: -------------------------------------------------------------------------------- 1 | your.domain { 2 | log ./caddy.log 3 | root /srv 4 | gzip 5 | proxy /ws v2ray:8001 { 6 | websocket 7 | header_upstream -Origin 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /caddy/forwardproxyCaddyfile: -------------------------------------------------------------------------------- 1 | 2 | #second-level.domain { 3 | # redir 301 { 4 | # if {host} is second-level.domain 5 | # / https://www.{host}{uri} 6 | # } 7 | #} 8 | 9 | 10 | your.domain { 11 | 12 | log ./caddy.log 13 | root /srv 14 | gzip 15 | proxy /ws v2ray:8001 { 16 | websocket 17 | header_upstream -Origin 18 | } 19 | 20 | forwardproxy { 21 | basicauth admin pass123456 22 | probe_resistance your.domain/index.html 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /caddy/srv/index.html: -------------------------------------------------------------------------------- 1 | hi :) 2 | -------------------------------------------------------------------------------- /docker-compose-forwardproxy.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | v2ray: 5 | restart: always 6 | image: v2fly/v2fly-core 7 | volumes: 8 | - ./v2ray/config.json:/etc/v2ray/config.json 9 | expose: 10 | - "8001" # if you need to change this you should change Caddyfile as well 11 | caddy: 12 | restart: always 13 | #image: abiosoft/caddy 14 | 15 | image: luoqeng/caddy 16 | 17 | #image: caddy:latest 18 | #build: 19 | #context: github.com/abiosoft/caddy-docker.git 20 | #args: 21 | #- plugins=forwardproxy,ipfilter 22 | 23 | volumes: 24 | - ./caddy/Caddyfile:/etc/Caddyfile:ro 25 | - ./caddy/cert:/root/.caddy 26 | - ./caddy/srv:/srv 27 | environment: 28 | - ACME_AGREE=true 29 | ports: 30 | - "80:80" 31 | - "443:443" 32 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | v2ray: 5 | restart: always 6 | image: v2fly/v2fly-core 7 | volumes: 8 | - ./v2ray/config.json:/etc/v2ray/config.json 9 | expose: 10 | - "8001" # if you need to change this you should change Caddyfile as well 11 | caddy: 12 | restart: always 13 | image: abiosoft/caddy 14 | 15 | #image: luoqeng/caddy 16 | 17 | #image: caddy:latest 18 | #build: 19 | #context: github.com/abiosoft/caddy-docker.git 20 | #args: 21 | #- plugins=forwardproxy,ipfilter 22 | 23 | volumes: 24 | - ./caddy/Caddyfile:/etc/Caddyfile:ro 25 | - ./caddy/cert:/root/.caddy 26 | - ./caddy/srv:/srv 27 | environment: 28 | - ACME_AGREE=true 29 | ports: 30 | - "80:80" 31 | - "443:443" 32 | -------------------------------------------------------------------------------- /v2ray/adapter-shadowsocks-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "inbounds": [ 3 | { 4 | "port": 2048, 5 | "protocol": "shadowsocks", 6 | "settings": { 7 | "method": "aes-256-gcm", 8 | "password": "passwd2048" 9 | } 10 | } 11 | ], 12 | "outbounds": [ 13 | { 14 | "protocol": "vmess", 15 | "settings": { 16 | "vnext": [ 17 | { 18 | "address": "your.domain", 19 | "port": 443, 20 | "users": [ 21 | { 22 | "id": "uuid", 23 | "alterId": 0 24 | } 25 | ] 26 | } 27 | ] 28 | }, 29 | "streamSettings": { 30 | "network": "ws", 31 | "security": "tls", 32 | "wsSettings": { 33 | "path": "/ws" 34 | } 35 | } 36 | } 37 | ] 38 | } 39 | -------------------------------------------------------------------------------- /v2ray/adapter-socks-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "inbounds": [ 3 | { 4 | "protocol": "socks", 5 | "port": 9090, 6 | "settings": { 7 | "udp": false, 8 | "auth": "password", 9 | "accounts": [ 10 | { 11 | "user": "guest", 12 | "pass": "passwd" 13 | } 14 | ] 15 | } 16 | } 17 | ], 18 | "outbounds": [ 19 | { 20 | "protocol": "vmess", 21 | "settings": { 22 | "vnext": [ 23 | { 24 | "address": "your.domain", 25 | "port": 443, 26 | "users": [ 27 | { 28 | "id": "uuid", 29 | "alterId": 0 30 | } 31 | ] 32 | } 33 | ] 34 | }, 35 | "streamSettings": { 36 | "network": "ws", 37 | "security": "tls", 38 | "wsSettings": { 39 | "path": "/ws" 40 | } 41 | } 42 | } 43 | ] 44 | } 45 | -------------------------------------------------------------------------------- /v2ray/client-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "inbounds": [ 3 | { 4 | "port": 1080, 5 | "protocol": "socks", 6 | "sniffing": { 7 | "enabled": true, 8 | "destOverride": ["http", "tls"] 9 | 10 | }, 11 | "settings": { 12 | "auth": "noauth" 13 | } 14 | } 15 | ], 16 | "outbounds": [ 17 | { 18 | "protocol": "vmess", 19 | "settings": { 20 | "vnext": [ 21 | { 22 | "address": "your.domain", 23 | "port": 443, 24 | "users": [ 25 | { 26 | "id": "uuid", 27 | "alterId": 0 28 | } 29 | ] 30 | } 31 | ] 32 | }, 33 | "streamSettings": { 34 | "network": "ws", 35 | "security": "tls", 36 | "wsSettings": { 37 | "path": "/ws" 38 | } 39 | } 40 | }, 41 | { 42 | "protocol": "freedom", 43 | "settings": {}, 44 | "tag": "direct" 45 | } 46 | ], 47 | "routing": { 48 | "domainStrategy": "IPOnDemand", 49 | "rules": [ 50 | { 51 | "type": "field", 52 | "outboundTag": "direct", 53 | "domain": ["geosite:cn"] 54 | }, 55 | { 56 | "type": "field", 57 | "outboundTag": "direct", 58 | "ip": [ 59 | "geoip:cn", 60 | "geoip:private" 61 | ] 62 | } 63 | ] 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /v2ray/client-https-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "inbounds": [ 3 | { 4 | "port": 1080, 5 | "protocol": "socks", 6 | "sniffing": { 7 | "enabled": true, 8 | "destOverride": ["http", "tls"] 9 | 10 | }, 11 | "settings": { 12 | "auth": "noauth" 13 | } 14 | } 15 | ], 16 | "outbounds": [ 17 | { 18 | "protocol": "http", 19 | "settings": { 20 | "servers": [ 21 | { 22 | "address": "your.domain", 23 | "port": 443, 24 | "users": [ 25 | { 26 | "Username": "admin", 27 | "Password": "pass123456" 28 | } 29 | ] 30 | } 31 | ] 32 | }, 33 | "streamSettings": { 34 | "security": "tls" 35 | } 36 | } 37 | ] 38 | } 39 | 40 | -------------------------------------------------------------------------------- /v2ray/client-simple-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "outbounds": [ 3 | { 4 | "protocol": "vmess", 5 | "settings": { 6 | "vnext": [ 7 | { 8 | "address": "your.domain", 9 | "port": 443, 10 | "users": [ 11 | { 12 | "id": "uuid", 13 | "alterId": 0 14 | } 15 | ] 16 | } 17 | ] 18 | }, 19 | "streamSettings": { 20 | "network": "ws", 21 | "security": "tls", 22 | "wsSettings": { 23 | "path": "/ws" 24 | } 25 | } 26 | } 27 | ] 28 | } 29 | -------------------------------------------------------------------------------- /v2ray/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "log" : { 3 | "access": "/var/log/v2ray-access.log", 4 | "error": "/var/log/v2ray-error.log", 5 | "loglevel": "warning" 6 | }, 7 | "inbounds":[{ 8 | "port": 8001, 9 | "protocol": "vmess", 10 | "settings": { 11 | "clients": [ 12 | { 13 | "id": "uuid", 14 | "level": 1, 15 | "alterId": 0 16 | } 17 | ] 18 | }, 19 | "streamSettings": { 20 | "network": "ws", 21 | "wsSettings": { 22 | "path": "/ws" 23 | } 24 | } 25 | }], 26 | "outbounds": [{ 27 | "protocol": "freedom", 28 | "settings": {} 29 | }] 30 | } 31 | --------------------------------------------------------------------------------