NetworkV2Ray
, , ,
Source
Edit
History

V2ray Behide Traefik

前言

若是要讓VPS除了V2ray以外還可以跑其他的Web Service, 除了Nginx/Apache的Virtual Host方案外還可以採用Traefik(Container專用)

但是單純V2ray+Traefik的搭配時,ACME申請SSL憑證這個地方因為沒有實際的httpd服務而失敗卡死,所以還是會需要一個Nginx

Config.json for V2ray

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# /var/lib/docker/volume/v2ray/config.json
-----------------------------------------------------
{
    "log": {
        "loglevel": "warning"
    },
    "inbounds": [
        {
            "port": <Port_You_Want>,
            "listen": "0.0.0.0",
            "protocol": "vless",
            "settings": {
                "clients": [
                    {
                        "id": "<UUID_You_Want>",
                        "level": 0,
                       "email": "<Mail_Address_You_Want>"
                    }
                ],
                "decryption": "none"
            },
            "streamSettings": {
                "network": "ws",
                "security": "none",
                "wsSettings": {
                    "path": "/<Path_You_Want>"
                }
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom"
        }
    ]
}

簡單的說明一下,就是把原來當作接口用的443 Port部份那段拿掉,回歸早期透過Caddy/Apache/Nginx做代轉的寫法

Default for Nginx

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# /var/lib/docker/volumes/nginx/config/nginx/site-confs/default
-----------------------------------------------------------------------
server {
    server_name _;
    listen 80;

    location / {
        root   /var/www/html;
        index  index.html index.htm;
    }

    location /ray {
        proxy_redirect off;
        proxy_pass http://v2ray:<Port_You_Want>;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
    }

    location ~ \.php$ {
        deny all;
    }
}

利用Links把兩個Container連在一起,可以直接用http://v2ray指定轉移

Docker-Compose.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
version: "3.7"
services:
  nginx:
    image: lscr.io/linuxserver/nginx
    container_name: Nginx_v2ray
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Asia/Taipei
    expose:
      - 80
    restart: always
    volumes:
      - /var/lib/docker/volumes/nginx/config:/config
    links:
      - v2ray:v2ray
    labels:
      traefik.enable: true 
      traefik.http.routers.v2ray.rule: Host(`<domain.you.want>`) 
      traefik.http.routers.v2ray.tls: true
      traefik.http.routers.v2ray.tls.certresolver: myresolver

  v2ray:
    image: v2fly/v2fly-core
    container_name: v2ray
    environment:
      - TZ=Asia/Taipei
    restart: always
    command: v2ray --config=/etc/v2ray/config.json
    volumes:
      - /var/lib/docker/volumes/v2ray:/etc/v2ray


networks:
  default:
    external: true
    name: traefik_backend
  • 用nginx當作整個服務的前端去對應traefik
  • 後面的v2ray完整的躲起來連expose都不需要
  • 這樣子更新的時候才不會因為特殊的image更新比較慢而產生問題(有整合的image但是兩年沒更新了…)