科学上网 – xray

服务端-Nginx

下载

wget http://nginx.org/download/nginx-1.24.0.tar.gz
tar zxf nginx-1.24.0.tar.gz -C /usr/local/src/
cd /usr/local/src/nginx-1.24.0/
yum install -y pcre-devel

创建运行用户

groupadd -g 211 ngx
useradd -g ngx -u 211 -s /sbin/nologin -c "Nginx Server" -M ngx

安装

./configure --prefix=/data/nginx --user=ngx --group=ngx --with-threads --with-http_realip_module --with-http_ssl_module --with-stream --with-stream_ssl_module --with-http_stub_status_module --with-http_gzip_static_module --with-http_slice_module --with-cc-opt="-I/usr/local/openssl/include" --with-ld-opt="-Wl,--enable-new-dtags,-rpath,/usr/local/openssl/lib,-L/usr/local/openssl/lib"
make -j `cat /proc/cpuinfo | grep processor | wc -l` && make install

初始配置文件

cd /data/nginx
sed -i '1s/^$/# Nginx Main Configure File./' conf/nginx.conf
sed -i '2s/^#//' conf/nginx.conf
sed -i '2s/nobody/ngx/' conf/nginx.conf
sed -i '35,116d' conf/nginx.conf
sed -i '$ i \ \ \ \ include vhosts/*.conf;' conf/nginx.conf
mkdir conf/vhosts

设置服务开机启动

vim /usr/lib/systemd/system/nginx.service

# systemd service file for Nginx server
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target

[Install]
WantedBy=multi-user.target

[Service]
Type=forking
PIDFile=/data/nginx/logs/nginx.pid
ExecStartPre=/data/nginx/sbin/nginx -t
ExecStart=/data/nginx/sbin/nginx
ExecReload=/data/nginx/sbin/nginx -t
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

systemctl start nginx
systemctl enable nginx

 

设置ws站点

vim conf/vhosts/dummy.conf

# Nginx Second Configure File.
upstream xray-ws {
        server 127.0.0.1:7700;
}

server {
        listen 80 default_server;
        listen 443 ssl default_server;
        ssl_certificate certs/your-cert.key;
        ssl_certificate_key certs/your-cert.pem;
        access_log logs/some_access.log;
        error_log  logs/some_error.log;
    location / {
        root "/data/www";
        index index.html index.htm;
    }
    location /custom-path {
        proxy_pass http://xray-ws;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
    }
}

mkdir -p /data/www
touch /data/www/index.html
systemctl start nginx
systemctl status nginx

域名SSL证书可申请免费证书。

客户端

官方有提供很多其它开发者开发的图形客户端，按自己需要下载使用，按服务端的配置进行设置即可，没有太复杂操作。