tuic是一个基于quic协议的高性能代理,更多介绍:https://github.com/EAimTY/tuic
安装服务端:
apt -y update apt -y install wget certbot mkdir /opt/tuic && cd /opt/tuic wget https://github.com/EAimTY/tuic/releases/download/0.8.1/tuic-server-0.8.1-x86_64-linux-gnu chmod +x tuic-server-0.8.1-x86_64-linux-gnu
新建tuic配置文件:
nano config.json
写入如下配置:
{ "port": 443, "token": ["example"], "certificate": "/opt/tuic/fullchain.pem", "private_key": "/opt/tuic/privkey.pem", "ip": "0.0.0.0", "congestion_controller": "bbr", "alpn": ["h3"] }
新建systemd配置文件:
nano /lib/systemd/system/tuic.service
写入如下配置:
[Unit] Description=Delicately-TUICed high-performance proxy built on top of the QUIC protocol Documentation=https://github.com/EAimTY/tuic After=network.target [Service] User=root WorkingDirectory=/opt/tuic ExecStart=/opt/tuic/tuic-server-0.8.1-x86_64-linux-gnu -c config.json Restart=on-failure RestartPreventExitStatus=1 RestartSec=5 [Install] WantedBy=multi-user.target
申请证书:
certbot certonly --standalone --agree-tos --no-eff-email --email [email protected] -d tuic.example.com
将证书保存到tuic配置文件内配置的位置:
cat /etc/letsencrypt/live/tuic.example.com/fullchain.pem > /opt/tuic/fullchain.pem cat /etc/letsencrypt/live/tuic.example.com/privkey.pem > /opt/tuic/privkey.pem
启动tuic服务并设置开机自启:
systemctl enable --now tuic.service
新建一个certbot的hook脚本文件,用于让tuic重新加载续期后的新证书:
nano /etc/letsencrypt/renewal-hooks/post/tuic.sh
写入如下内容:
#!/bin/bash cat /etc/letsencrypt/live/tuic.example.com/fullchain.pem > /opt/tuic/fullchain.pem cat /etc/letsencrypt/live/tuic.example.com/privkey.pem > /opt/tuic/privkey.pem systemctl restart tuic.service
给脚本执行权限:
chmod +x tuic.sh
测试续期的情况以及脚本能否正常运行:
certbot renew --cert-name tuic.example.com --dry-run
服务端到这里就全部配置完成了,接下来在这个页面下载客户端:
https://github.com/EAimTY/tuic/releases
我这里使用windows,下载对应架构的文件:
https://github.com/EAimTY/tuic/releases/download/0.8.1/tuic-client-0.8.1-x86_64-windows-gnu.exe
新建客户端的config.json配置文件,在文件内写入如下配置:
{ "relay": { "server": "tuic.example.com", "port": 443, "token": "example", "udp_relay_mode": "quic", "congestion_controller": "bbr", "alpn": ["h3"], "disable_sni": false, "reduce_rtt": true }, "local": { "port": 2080, "ip": "127.0.0.1" }, "log_level": "info" }
打开powershell运行tuic客户端:
./tuic-client-0.8.1-x86_64-windows-gnu.exe -c config.json
接下来配置v2ray的分流,这里我使用v2rayn,直接给出一份适用于v2rayn的配置文件:
{ "policy": { "system": { "statsOutboundUplink": true, "statsOutboundDownlink": true } }, "log": { "access": "", "error": "", "loglevel": "warning" }, "inbounds": [ { "tag": "socks", "port": 10808, "listen": "127.0.0.1", "protocol": "socks", "sniffing": { "enabled": false, "destOverride": [ "http", "tls" ] }, "settings": { "auth": "noauth", "udp": true, "allowTransparent": false } }, { "tag": "http", "port": 10809, "listen": "127.0.0.1", "protocol": "http", "sniffing": { "enabled": false, "destOverride": [ "http", "tls" ] }, "settings": { "auth": "noauth", "udp": true, "allowTransparent": false } } ], "outbounds": [ { "tag": "proxy", "protocol": "socks", "settings": { "servers": [ { "address": "127.0.0.1", "port": 2080, "users": [] } ] } }, { "tag": "block", "protocol": "blackhole", "settings": {} }, { "tag": "direct", "protocol": "freedom", "settings": {} } ], "routing": { "domainStrategy": "IPOnDemand", "rules": [ { "type": "field", "outboundTag": "block", "domain": ["geosite:category-ads-all"] }, { "type": "field", "outboundTag": "direct", "domain": ["geosite:cn"] }, { "type": "field", "outboundTag": "direct", "ip": [ "geoip:cn", "geoip:private" ] } ] } }
将上面的配置保存为任意名字的.json配置文件,然后在v2rayn添加自定义配置服务器即可:
最新评论
5211314
能不能教我 一点不会