Skip to content

Instantly share code, notes, and snippets.

@nickleefly

nickleefly/acme.md

Last active December 26, 2022 14:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save nickleefly/e49ad5f74b2eb9e96b8e3e05f5c999d2 to your computer and use it in GitHub Desktop.
Save nickleefly/e49ad5f74b2eb9e96b8e3e05f5c999d2 to your computer and use it in GitHub Desktop.
Download ZIP
shadowsocks v2ray-plugin nginx with docker-compose
Raw
acme.md 
export CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
export CF_Email="xxxx@sss.com"
~/.acme.sh/acme.sh --issue -d 'example.com' -d '*.example.com' --dns dns_cf -k ec-256
~/.acme.sh/acme.sh --issue --dns dns_cf -d subdomain.example.com
Raw
conf-nginx.conf
#conf/nginx.conf
server {
listen 443 ssl;
server_name subdomain.example.com;
ssl_certificate /etc/nginx/acme/subdomain.example.com/fullchain.cer;
ssl_certificate_key /etc/nginx/acme/subdomain.example.com/subdomain.example.com.key;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_redirect off;
proxy_http_version 1.1;
proxy_pass shadowsocks-libev:8388; # Port of v2ray-plugin
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
Raw
config.json
{
"log": {
"loglevel": "warning",
"access": "/var/log/v2ray-access.log",
"error": "/var/log/v2ray-error.log"
},
"dns": {
"servers": [
"8.8.8.8",
"1.1.1.1"
]
},
"routing": {
"domainStrategy": "IPOnDemand",
"rules": [
{
"type": "field",
"ip": [
"geoip:private",
"geoip:cn"
],
"outboundTag": "direct"
},
{
"type": "field",
"domain": [
"geosite:cn"
],
"outboundTag": "direct"
},
{
"type": "field",
"domain": [
"geosite:speedtest"
],
"outboundTag": "direct"
}
]
},
"inbounds": [
{
"listen": "192.168.1.1",
"port": 8080,
"protocol": "socks",
"tag": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth"
}
},
{
"listen": "192.168.1.1",
"port": 8081,
"protocol": "dokodemo-door",
"tag": "transparent_proxy",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"network": "tcp,udp",
"timeout": 300,
"followRedirect": true
}
}
],
"outbounds": [
{
"protocol": "vmess",
"settings": {
"vnext": [
{
"port": 443,
"users": [
{
"id": "9496add5-c272-faa8-0ff0-0022ed3a67cf",
"alterId": 233,
"level": 0
}
],
"address": "r0.xiuyu.li"
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"tlssettings": {
"allowInsecure": true,
"serverName": "r0.xiuyu.li"
},
"wssettings": {
"connectionReuse": true,
"headers": {
"Host": "r0.xiuyu.li"
},
"path": "/ray"
},
"sockopt": {
"mark": 255
}
}
},
{
"protocol": "freedom",
"tag": "direct",
"streamSettings": {
"sockopt": {
"mark": 255
}
}
}
]
}
Raw
docker-compose.yaml
version: '3'
services:
nginx:
image: nginx:alpine
restart: unless-stopped
volumes:
- ./conf:/etc/nginx/conf.d
- /home/user/.acme.sh:/etc/nginx/acme
ports:
- "80:80"
- "443:443"
links:
- shadowsocks-libev
restart: always
shadowsocks-libev:
container_name: shadowsocks-libev
image: nickleefly/shadowsocks-libev:3.3.0-1.1.0
ports:
- "10001:8388"
environment:
- PASSWORD=password
- METHOD=chacha20
- ARGS=--plugin v2ray-plugin --plugin-opts server; -u
restart: always
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment