Remote Proxy Server
Server Side
- nginx web server
- certbot
- proxy server
Docker Compose
docker-compose.yml
version: '3'
services:
nginx:
image: nginx:latest
container_name: nginx
restart: unless-stopped
volumes:
- ./data/nginx/conf.d:/etc/nginx/conf.d
- ./data/nginx/html:/usr/share/nginx/html
- ./logs/nginx:/var/log/nginx
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
ports:
# You will need to expose these port to the public
- "80:80"
- "443:443"
links:
- v2ray:v2ray # This is very important step, that the nginx docker need this to coonect with v2ray docker
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot:
image: certbot/certbot
container_name: certbot
restart: unless-stopped
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
v2ray:
image: v2fly/v2fly-core:latest
container_name: v2ray
environment:
- TZ=Asia/Shanghai
restart: always
command: v2ray -config=/etc/v2ray/config.json
volumes:
- ./data/v2ray:/etc/v2ray
- ./logs/v2ray:/var/log/v2ray
expose:
- "30909" # This is for the nginx docker, you don't need to expose it to the public
Server Config
site.conf
server{
listen 80;
server_name your_domain;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2 default_server;
server_name your_domain;
ssl_certificate /etc/letsencrypt/live/your_domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your_domain/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
root /usr/share/nginx/html/v2ray;
index index.html;
location /v2ray {
proxy_redirect off;
proxy_pass http://v2ray:30909;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
}
Proxy config
config.json
{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "warning"
},
"inbounds": [
{
"port": 30909,
"listen": "0.0.0.0",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "bae399d4-13a4-46a3-b144-4af2c0004c2e",
"level": 1,
"alterId": 64
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/v2ray"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}
Client
profile.yml
proxies:
- name: "Your Customized Name"
type: vmess
server: your-dns-name.japaneast.cloudapp.azure.com
port: 443
uuid: bae399d4-13a4-46a3-b144-4af2c0004c2e
alterId: 64
cipher: auto
udp: false
tls: true
skip-cert-verify: true
network: ws
ws-opts:
path: /v2ray