V +
Last updated
Was this helpful?
Last updated
Was this helpful?
# 安装更新内核Ubuntu16.04
apt install --install-recommends linux-generic-hwe-16.04
apt autoremove
# 14.04
wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.16/linux-image-4.16.0-041600-generic_4.16.0-041600.201804012230_amd64.deb
dpkg -i linux-image-4.*.deb
dpkg -l | grep linux-image
apt-get purge <old core>
# 重启查看内核
update-grub
reboot
uname -r
# 检测是否启用bbr
uname -r
lsmod | grep bbr
# 启用bbr
modprobe tcp_bbr
echo "tcp_bbr" | sudo tee --append /etc/modules-load.d/modules.conf
echo "net.core.default_qdisc=fq" | sudo tee --append /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" | sudo tee --append /etc/sysctl.conf
sysctl -p
# 检测
sysctl net.ipv4.tcp_available_congestion_control
sysctl net.ipv4.tcp_congestion_controlcurl https://raw.githubusercontent.com/linhua55/lkl_study/master/get-rinetd.sh | bash
iptables -t raw -nL
vi /etc/rinetd-bbr.conf
ip addr
/usr/bin/rinetd-bbr -f -c /etc/rinetd-bbr.conf raw venet0:0 &/etc/rinetd-bbr.conf
# bindadress bindport connectaddress connectport
0.0.0.0 443 0.0.0.0 443wget https://raw.githubusercontent.com/kuoruan/shell-scripts/master/ovz-bbr/ovz-bbr-installer.sh
chmod +x ovz-bbr-installer.sh
./ovz-bbr-installer.sh
systemctl {start|stop|restart} haproxy-lkl
service haproxy-lkl {start|stop|restart}
# 检查
iptables -t nat -nL
# 修改
vi /usr/local/haproxy-lkl/etc/port-rules
# 卸载
./ovz-bbr-installer.sh uninstallwget -N --no-check-certificate "https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/tcp.sh" && chmod +x tcp.sh && ./tcp.shwget http://ftp.al/appex.sh
chmod +x appex.sh
bash appex.sh installapt update
apt install nginx
apt remove nginx nginx-common nginx-fullwget http://nginx.org/keys/nginx_signing.key
apt-key add nginx_signing.key
apt-cache policy nginx
apt install nginx=1.10.3-1~trustyroot /usr/share/nginx/html;
/etc/nginx/nginx.conf
/etc/nginx/conf.d${my.com} 替换为你的域名
nginx认证配置 vim /etc/nginx/sites-enabled/${my.com}.conf
server {
listen 80;
listen [::]:80;
server_name ${my.com};
root /var/www/html/;
location / {
try_files $uri $uri/ =404;
}
location /path {
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:1000;
}
location ~ /.well-known {
allow all;
}
}生成证书
# acme需要
apt install socat curl
# 安装acme
curl https://get.acme.sh | sh
source ~/.bashrc
mkdir /etc/v2ray
# 生成证书
~/.acme.sh/acme.sh --issue --home /etc/v2ray --domain ${my.com} --webroot /var/www/html --reloadcmd "nginx -s reload" --force
# 删除
acme.sh --remove -d ${my.com} --ecc
# 吊销
acme.sh --revoke -d ${my.com} --eccnginx配置SSL vim /etc/nginx/sites-enabled/${my.com}-ssl.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${my.com};
root /var/www/html;
ssl_certificate /etc/v2ray/${my.com}/fullchain.cer;
ssl_certificate_key /etc/v2ray/${my.com}/${my.com}.key;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers HIGH:!aNULL:!MD5;
include /etc/nginx/snippets/ssl-params.conf;
location / {
try_files $uri $uri/ =404;
}
location /path {
proxy_redirect off;
proxy_pass http://127.0.0.1:1000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
location ~ /.well-known {
allow all;
}
}重启Nginx service nginx restart
bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)
bash <(wget https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh -O -)
# 指定版本
wget https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh
chmod a+x ./install-release.sh
./install-release.sh --version 4.36.2vim gg + dG 清空内容,i 插入编辑,esc + :wq 保存退出
v2ray config vim /usr/local/etc/v2ray/config.json
{
"inbounds": [
{
"port": 1000,
"listen": "127.0.0.1",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "${uuid}",
"alterId": 0
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/path"
}
}
}
],
"outbounds": [
{
"tag": "directout",
"protocol": "freedom",
"settings": {}
},
{
"tag": "blockout",
"protocol": "blackhole",
"settings": {}
}
]
}重启 service v2ray restart 或 systemctl restart v2ray
{
"inbounds": [
{
"tag": "socksin",
"port": 1080,
"listen": "0.0.0.0",
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true
},
"snifffing": {
"enabled": false,
"destOverride": [
"tls",
"http"
]
}
},
{
"tag": "httpin",
"port": 1087,
"listen": "0.0.0.0",
"protocol": "http",
"settings": {
"timeout": 0
},
"snifffing": {
"enabled": false,
"destOverride": [
"tls",
"http"
]
}
}
],
"outbounds": [
{
"tag": "proxyout",
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "${my.com}",
"port": 443,
"users": [
{
"id": "${uuid}",
"alterId": 0,
"security": "auto"
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"wsSettings": {
"path": "/path"
},
"tlsSettings": {
"serverName": "${my.com}",
"allowInsecure": false
},
"sockopt": {
"tcpFastOpen": true
}
}
},
{
"tag": "directout",
"protocol": "freedom",
"settings": {}
},
{
"tag": "blockout",
"protocol": "blackhole",
"settings": {}
}
],
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"outboundTag": "directout",
"domain": [
"geosite:cn"
],
"ip": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.0.0.0/24",
"192.0.2.0/24",
"192.168.0.0/16",
"198.18.0.0/15",
"198.51.100.0/24",
"203.0.113.0/24",
"::1/128",
"fc00::/7",
"fe80::/10",
"geoip:private",
"geoip:cn"
]
}
]
}
}