这篇文章上次修改于 602 天前，可能其部分内容已经发生变化，如有疑问可询问作者。

更新系统

yum -y update

安装 v2ray

bash <(curl -L https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh)
systemctl enable v2ray; systemctl start v2ray

安装 nginx

yum -y install nginx
systemctl enable nginx
systemctl start nginx

修改配置文件 /usr/local/etc/v2ray/config.json

配置

{
  "log" : {
    "access": "/var/log/v2ray/access.log",
    "error": "/var/log/v2ray/error.log",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "port": 10000,
      "listen":"127.0.0.1",
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "xxxxx",
            "alterId": 0
        }
        ]
    },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
        "path": "/ray"
    }
}
}
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
  }
  ]
}

修改配置/etc/systemd/system/v2ray.service

在[Service]增加 Environment="V2RAY_VMESS_AEAD_FORCED=false"

[Unit]
Description=V2Ray Service
Documentation=https://www.v2fly.org/
After=network.target nss-lookup.target

[Service]
User=nobody
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
NoNewPrivileges=true
ExecStart=/usr/local/bin/v2ray run -config /usr/local/etc/v2ray/config.json
Restart=on-failure
RestartPreventExitStatus=23
Environment="V2RAY_VMESS_AEAD_FORCED=false"

[Install]
WantedBy=multi-user.target

重启

systemctl restart v2ray

新增nginx配置

[root@instance-20230905-0042 opc]# cat /etc/nginx/conf.d/v2ray.conf

server {
    server_name example.com;

     location /ray { # 路径需要与v2ray config.json 的保持一致
         proxy_redirect off;
         # 端口要变成v2ray运行的端口
         proxy_pass http://127.0.0.1:10000;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
         proxy_set_header Host $http_host;
     } 

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    server_name example.com;
    return 404; # managed by Certbot
}

重启服务

nginx -t && nginx -s reload