Last active
January 29, 2023 10:48
-
-
Save phlinhng/98fe1f2c9f4e893015fb79865fa61738 to your computer and use it in GitHub Desktop.
soga v2ray + nginx 反代
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| type=v2board # 必填这个 | |
| server_type=v2ray # 必填这个 | |
| api=webapi # webapi 或 db,表示 webapi 对接或数据库对接 | |
| # webapi 对接 | |
| webapi_url=https://www.yourdomain.com/ # webapi url,填写面板主页地址 | |
| webapi_key= # webapi key | |
| node_id=1 # 节点id | |
| soga_key= # 授权key,社区版无需填写,最多支持88用户,商业版无限制 | |
| user_conn_limit=0 # 限制用户连接数,0代表无限制,v2board 必填!!! | |
| user_speed_limit=0 # 用户限速,0代表无限制,单位 Mbps,v2board 必填!!! | |
| check_interval=100 # 同步前端用户、上报服务器信息等间隔时间(秒),近似值 | |
| force_close_ssl=true # 设为true可强制关闭tls,即使前端开启tls,soga也不会开启tls,方便用户自行使用nginx、caddy等反代 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| listen [::]:80; | |
| server_name www.mydomain.com; | |
| return 301 https://$host$request_uri; | |
| } | |
| server { | |
| listen 443 ssl; | |
| listen [::]:443 ssl; | |
| server_name www.mydomain.com; | |
| ssl_certificate /etc/ssl/v2ray/cert.pem; | |
| ssl_certificate_key /etc/ssl/v2ray/key.pem; | |
| ssl_protocols TLSv1.2 TLSv1.3; | |
| ssl_stapling on; | |
| ssl_stapling_verify on; | |
| location / { | |
| return 404; | |
| } | |
| location /some_path { | |
| proxy_redirect off; | |
| proxy_pass http://127.0.0.1:3566; # 此端口应与前端填写的节点服务端口保持一致 | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade $http_upgrade; | |
| proxy_set_header Connection "upgrade"; | |
| proxy_set_header Host $http_host; | |
| # Show realip in v2ray access.log | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| } | |
| } |
整體都可以理解
想請問一下Websocket路徑部分在v2board上看起來並沒有支援指定路徑功能
例如說兩個用戶在v2ray上的ws路徑分別為/ABCD及/EFGH
像上述的情況必須要把路徑/ABCD /EFGH "手動"加在這個nginx的設定檔嗎?
因為看起來v2board沒有支援路徑前綴 例如https://domain.com/v2board/uuid
如果是以這樣就可以在nginx上設定路徑起始為v2board的流量丟給後端的soga,soga再依照uuid比對用戶是否有效再進行轉發
謝謝
@lawrence1751 soga 的 WS 路徑是從面版獲取的,只要在編輯節點→傳輸協議→編輯配置裡寫如下內容
{
"path": "/your_path",
"headers": {
"Host": "xxx.com"
}
}Host 為落地機證書的 SNI,中轉節點必填
v2board 並不是用路徑分用戶的,所有用戶都是用同一個路徑向 soga 發起連接,因此 nginx 配置裡只要寫一個 path 就行。請求發送到 soga 端後, soga 會比對該 uuid 是否有效來決定要接受還是拒絕轉發。
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
校正时间
timedatectl set-ntp true timedatectl set-timezone Asia/Shanghai安装 soga ( 配置文件路径:
/etc/soga/soga.conf)bash <(curl -Ls https://raw.githubusercontent.com/sprov065/soga/master/install.sh)安装 nginx ( 配置文件路径:
/etc/nginx/sites-enabled/v2ray-nginx.conf)add-apt-repository -y ppa:ondrej/nginx-mainline && apt-get update apt-get install -y nginx-extras安装 acme.sh
获取证书 + 安装证书