docker 部署v2[change_to_ray]
docker部署的相关配置见如下
,需要自己准备https证书文件,有一点Linux基础的可以参考链接https://www.cnblogs.com/faberbeta/p/12844811.html 或者 https://www.cnblogs.com/faberbeta/p/14395054.html 获取证书
,批量修改[change_to_ray]为ray
mkdir /docker-compose
cd /docker-compose
mkdir v2[change_to_ray]_logs
mkdir nginx_ssl
mkdir nginx_conf_d
mkdir nginx_logs
#需要自己准备证书
#vi ./nginx_ssl/yourdomain.com.crt
#vi ./nginx_ssl/yourdomain.com.key
cat << "EOF" > docker-compose.yaml
---
version: "2.3"
services:
v2[change_to_ray]:
image: v2fly/v2fly-core
container_name: v2[change_to_ray]
volumes:
- ./config-ws.json:/etc/v2[change_to_ray]/config.json
- ./v2[change_to_ray]_logs:/var/log/v2[change_to_ray]/
restart: always
ports:
- 1080:1080/tcp
v2[change_to_ray]-nginx:
image: nginx:latest
container_name: v2[change_to_ray]-nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./nginx_ssl:/etc/nginx/ssl/
- ./nginx_conf_d:/etc/nginx/conf.d/
- ./nginx_logs:/var/logs/nginx/
ports:
- 8443:8443/tcp
networks:
default:
name: docker_network
external: true
EOF
cat << "EOF" > nginx.conf
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;
events {
multi_accept on;
worker_connections 65535;
}
http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
log_not_found off;
types_hash_max_size 2048;
client_max_body_size 100M;
log_format main '$time_local{G;}$remote_addr{G;}$http_host{G;}$request_uri{G;}$status{G;}$upstream_addr{G;}$upstream_status{G;}$upstream_cache_status{G;}$upstream_response_time{G;}$request_time{G;}$http_x_forwarded_for{G;}$http_user_agent{G;}$server_port{G;}$server_protocol{G;}$request_method';
# MIME
include mime.types;
default_type "text/html";
# Logging
access_log /var/logs/nginx/access.log;
error_log /var/logs/nginx/error.log;
# SSL
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
# Mozilla Intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 223.5.5.5 8.8.8.8 119.29.29.29 valid=60s;
resolver_timeout 10s;
server {
listen 443 ssl ;
server_name _ default;
ssl_stapling off;
# SSL
ssl_certificate ssl/nginx.crt;
ssl_certificate_key ssl/nginx.key;
return 403;
}
server {
listen 8080;
server_name _ default;
return 403;
}
# Load configs
include conf.d/*.conf;
server {
listen 8443 ssl http2;
ssl_certificate ssl/yourdomain.com.crt;
ssl_certificate_key ssl/yourdomain.com.key;
client_max_body_size 100m; # 录像及文件上传大小限制
server_name yourdomain.com;
location /proxy {
proxy_pass http://v2[change_to_ray]:1080;
if ($http_upgrade != "websocket") {
return 404;
}
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
}
}
EOF
cat << "EOF" > config-ws.json
{
"log": {
"access": "/var/log/v2[change_to_ray]/access.log",
"error": "/var/log/v2[change_to_ray]/error.log",
"loglevel": "warning"
},
"inbounds": [
{
"port": 1080,
"listen":"0.0.0.0",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "2b2949cc-4377-467d-83eb-2429ef11cef4",
"alterId": 0
},
{
"id": "b12b5e56-3685-4625-8dff-ecfead011394",
"alterId": 0
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/proxy"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}
EOF
cat << "EOF" > restart-with-build.sh
#!/bin/bash
BASE_PATH=$(cd $(dirname $0); pwd)
cd ${BASE_PATH}
docker compose down
docker compose up --build -d
EOF
chmod 755 restart-with-build.sh
./restart-with-build.sh