欢迎光临
我们一直在努力

配置TUIC代理+V2Ray分流

tuic是一个基于quic协议的高性能代理,更多介绍:https://github.com/EAimTY/tuic

安装服务端:

apt -y update
apt -y install wget certbot
mkdir /opt/tuic && cd /opt/tuic
wget https://github.com/EAimTY/tuic/releases/download/0.8.1/tuic-server-0.8.1-x86_64-linux-gnu
chmod +x tuic-server-0.8.1-x86_64-linux-gnu

新建tuic配置文件:

nano config.json

写入如下配置:

{
    "port": 443,
    "token": ["example"],
    "certificate": "/opt/tuic/fullchain.pem",
    "private_key": "/opt/tuic/privkey.pem",
    "ip": "0.0.0.0",
    "congestion_controller": "bbr",
    "alpn": ["h3"]
}

新建systemd配置文件:

nano /lib/systemd/system/tuic.service

写入如下配置:

[Unit]
Description=Delicately-TUICed high-performance proxy built on top of the QUIC protocol
Documentation=https://github.com/EAimTY/tuic
After=network.target

[Service]
User=root
WorkingDirectory=/opt/tuic
ExecStart=/opt/tuic/tuic-server-0.8.1-x86_64-linux-gnu -c config.json
Restart=on-failure
RestartPreventExitStatus=1
RestartSec=5

[Install]
WantedBy=multi-user.target

申请证书:

certbot certonly 
--standalone 
--agree-tos 
--no-eff-email 
--email [email protected] 
-d tuic.example.com

将证书保存到tuic配置文件内配置的位置:

cat /etc/letsencrypt/live/tuic.example.com/fullchain.pem > /opt/tuic/fullchain.pem
cat /etc/letsencrypt/live/tuic.example.com/privkey.pem > /opt/tuic/privkey.pem

启动tuic服务并设置开机自启:

systemctl enable --now tuic.service

新建一个certbot的hook脚本文件,用于让tuic重新加载续期后的新证书:

nano /etc/letsencrypt/renewal-hooks/post/tuic.sh

写入如下内容:

#!/bin/bash
cat /etc/letsencrypt/live/tuic.example.com/fullchain.pem > /opt/tuic/fullchain.pem
cat /etc/letsencrypt/live/tuic.example.com/privkey.pem > /opt/tuic/privkey.pem
systemctl restart tuic.service

给脚本执行权限:

chmod +x tuic.sh

测试续期的情况以及脚本能否正常运行:

certbot renew --cert-name tuic.example.com --dry-run

服务端到这里就全部配置完成了,接下来在这个页面下载客户端:

https://github.com/EAimTY/tuic/releases

我这里使用windows,下载对应架构的文件:

https://github.com/EAimTY/tuic/releases/download/0.8.1/tuic-client-0.8.1-x86_64-windows-gnu.exe

新建客户端的config.json配置文件,在文件内写入如下配置:

{
    "relay": {
        "server": "tuic.example.com",
        "port": 443,
        "token": "example",
        "udp_relay_mode": "quic",
        "congestion_controller": "bbr",
        "alpn": ["h3"],
        "disable_sni": false,
        "reduce_rtt": true
    },
    "local": {
        "port": 2080,
        "ip": "127.0.0.1"
    },
    "log_level": "info"
}

打开powershell运行tuic客户端:

./tuic-client-0.8.1-x86_64-windows-gnu.exe -c config.json

接下来配置v2ray的分流,这里我使用v2rayn,直接给出一份适用于v2rayn的配置文件:

{
  "policy": {
    "system": {
      "statsOutboundUplink": true,
      "statsOutboundDownlink": true
    }
  },
  "log": {
    "access": "",
    "error": "",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "tag": "socks",
      "port": 10808,
      "listen": "127.0.0.1",
      "protocol": "socks",
      "sniffing": {
        "enabled": false,
        "destOverride": [
          "http",
          "tls"
        ]
      },
      "settings": {
        "auth": "noauth",
        "udp": true,
        "allowTransparent": false
      }
    },
    {
      "tag": "http",
      "port": 10809,
      "listen": "127.0.0.1",
      "protocol": "http",
      "sniffing": {
        "enabled": false,
        "destOverride": [
          "http",
          "tls"
        ]
      },
      "settings": {
        "auth": "noauth",
        "udp": true,
        "allowTransparent": false
      }
    }
  ],
  "outbounds": [
    {
      "tag": "proxy",
      "protocol": "socks",
      "settings": {
        "servers": [
          {
            "address": "127.0.0.1",
            "port": 2080,
            "users": []
          }
        ]
      }
    },
    {
      "tag": "block",
      "protocol": "blackhole",
      "settings": {}
    },
    {
      "tag": "direct",
      "protocol": "freedom",
      "settings": {}
    }
  ],
  "routing": {
    "domainStrategy": "IPOnDemand",
    "rules": [
      {
        "type": "field",
        "outboundTag": "block",
        "domain": ["geosite:category-ads-all"]
      },
      {
      	"type": "field",
        "outboundTag": "direct",
        "domain": ["geosite:cn"]
      },
      {
        "type": "field",
        "outboundTag": "direct",
        "ip": [
          "geoip:cn",
          "geoip:private"
        ]
      }
    ]
  }
}

将上面的配置保存为任意名字的.json配置文件,然后在v2rayn添加自定义配置服务器即可:

赞(0)
未经允许不得转载:拆东墙 » 配置TUIC代理+V2Ray分流

评论 抢沙发

登录

找回密码

注册