Skip to content

Instantly share code, notes, and snippets.

@tjumyk

tjumyk/setup_v2ray.sh

Last active November 7, 2023 07:02
Show Gist options
  • Save tjumyk/863beaa8357ef20bcda26f6f782f30a4 to your computer and use it in GitHub Desktop.
Save tjumyk/863beaa8357ef20bcda26f6f782f30a4 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
setup_v2ray.sh
#!/bin/bash
set -e
V2RAY_PORT=18900
NGINX_PORT_RANGE="8900-8999"
CLIENT_CFG_OUTPUT_PATH=v2ray_client.json
printf "Please make sure the firewall rules for ports 80, 443, $NGINX_PORT_RANGE have been set!\n"
printf "Server Domain Name: "
read SERVER_DOMAIN_NAME
printf "Server Admin Email: "
read SERVER_ADMIN_EMAIL
###############################
# Install Dependencies
###############################
sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get install -y curl unzip python3 nginx certbot python3-certbot-nginx ufw
###############################
# Install V2RAY Server
###############################
curl -s -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh | sudo bash
###############################
# Configure V2RAY Server
###############################
CLIENT_ID=$(python3 -c 'import uuid; print(str(uuid.uuid4()))')
CLIENT_ALT_ID=0 # $(python3 -c 'import random; print(random.randint(1,100))')
WS_PATH=$(python3 -c 'import secrets; print(secrets.token_urlsafe(6))')
cat <<EOF | sudo tee /usr/local/etc/v2ray/config.json
{
"inbounds": [
{
"port": ${V2RAY_PORT},
"listen": "127.0.0.1",
"tag": "vmess-in",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "${CLIENT_ID}",
"alterId": ${CLIENT_ALT_ID}
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/${WS_PATH}/"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": { },
"tag": "direct"
},
{
"protocol": "blackhole",
"settings": { },
"tag": "blocked"
}
],
"dns": {
"servers": [
"https+local://1.1.1.1/dns-query",
"1.1.1.1",
"1.0.0.1",
"8.8.8.8",
"8.8.4.4",
"localhost"
]
},
"routing": {
"domainStrategy": "AsIs",
"rules": [
{
"type": "field",
"inboundTag": [
"vmess-in"
],
"outboundTag": "direct"
}
]
}
}
EOF
###############################
# Start V2RAY Server
###############################
sudo systemctl enable v2ray
sudo systemctl start v2ray
###############################
# Configure NGINX Server
###############################
cat <<EOF | sudo tee /etc/nginx/sites-available/v2ray
map \$http_upgrade \$connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
root /var/www/html;
server_name ${SERVER_DOMAIN_NAME};
location / {
try_files \$uri \$uri/ =404;
}
}
EOF
sudo ln -s /etc/nginx/sites-available/v2ray /etc/nginx/sites-enabled/
sudo nginx -t
sudo nginx -s reload
###############################
# Generate V2RAY Client Config
###############################
NGINX_PORT_RANDOM=$(python3 -c "import random; print(random.randint(${NGINX_PORT_RANGE/-/,}))")
cat <<EOF | sudo tee ${CLIENT_CFG_OUTPUT_PATH}
{
"inbounds": [
],
"outbounds": [
{
"mux": {
"concurrency": 1,
"enabled": null
},
"protocol": "vmess",
"sendThrough": "0.0.0.0",
"settings": {
"vnext": [
{
"address": "${SERVER_DOMAIN_NAME}",
"port": ${NGINX_PORT_RANDOM},
"users": [
{
"alterId": ${CLIENT_ALT_ID},
"id": "${CLIENT_ID}",
"level": 0,
"security": "auto",
"testsEnabled": "none"
}
]
}
]
},
"streamSettings": {
"dsSettings": {
"path": "/"
},
"httpSettings": {
"host": [
],
"path": "/"
},
"kcpSettings": {
"congestion": false,
"downlinkCapacity": 20,
"header": {
"type": "none"
},
"mtu": 1350,
"readBufferSize": 1,
"seed": "",
"tti": 20,
"uplinkCapacity": 5,
"writeBufferSize": 1
},
"network": "ws",
"quicSettings": {
"header": {
"type": "none"
},
"key": "",
"security": ""
},
"security": "tls",
"sockopt": {
"mark": 0,
"tcpFastOpen": false,
"tproxy": "off"
},
"tcpSettings": {
"header": {
"request": {
"headers": {
},
"method": "GET",
"path": [
],
"version": "1.1"
},
"response": {
"headers": {
},
"reason": "OK",
"status": "200",
"version": "1.1"
},
"type": "none"
}
},
"tlsSettings": {
"allowInsecure": false,
"allowInsecureCiphers": false,
"alpn": [
],
"certificates": [
],
"disableSessionResumption": true,
"disableSystemRoot": false,
"serverName": ""
},
"wsSettings": {
"headers": {
},
"path": "/${WS_PATH}/"
}
},
"tag": "${SERVER_DOMAIN_NAME}"
}
],
"routing": {
"balancers": [
],
"domainStrategy": "AsIs",
"rules": [
]
}
}
EOF
###############################
# Configure Firewall
###############################
sudo ufw allow 80
sudo ufw allow 443
sudo ufw allow ${NGINX_PORT_RANGE/-/:}/tcp
###############################
# Configure HTTPS
###############################
# HOTFIX python urllib3 conflict issue
if [ -f "/usr/local/lib/python3.10/dist-packages/urllib3/contrib/__init__.py" ] ; then
if [ -f "/usr/lib/python3/dist-packages/urllib3/__init__.py" ] ; then
sudo pip uninstall --yes urllib3
fi
fi
sudo certbot --non-interactive --agree-tos -m ${SERVER_ADMIN_EMAIL} --nginx --redirect --domains ${SERVER_DOMAIN_NAME}
SSL_CONFIGS=$(grep '/etc/letsencrypt' /etc/nginx/sites-available/v2ray | sort | uniq)
cat <<EOF | sudo tee -a /etc/nginx/sites-available/v2ray
server {
listen [::]:${NGINX_PORT_RANGE} ssl ipv6only=on;
listen ${NGINX_PORT_RANGE} ssl;
root /var/www/html;
server_name ${SERVER_DOMAIN_NAME};
location /${WS_PATH}/ {
include proxy_params;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection \$connection_upgrade;
client_max_body_size 0;
proxy_pass http://127.0.0.1:${V2RAY_PORT}/${WS_PATH}/;
}
${SSL_CONFIGS}
}
EOF
sudo nginx -t
sudo nginx -s reload
###############################
# Finish
###############################
echo "V2RAY client configuration file is written at ${CLIENT_CFG_OUTPUT_PATH}"
echo "ALL DONE!"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment