Remote Proxy Server

Server Side

  • nginx web server
  • certbot
  • proxy server

Docker Compose

docker-compose.yml

version: '3'

services:
  nginx:
    image: nginx:latest
    container_name: nginx
    restart: unless-stopped
    volumes:
      - ./data/nginx/conf.d:/etc/nginx/conf.d
      - ./data/nginx/html:/usr/share/nginx/html
      - ./logs/nginx:/var/log/nginx
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    ports:
      # You will need to expose these port to the public
      - "80:80"
      - "443:443"
    links:
      - v2ray:v2ray # This is very important step, that the nginx docker need this to coonect with v2ray docker
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"

  certbot:
    image: certbot/certbot
    container_name: certbot
    restart: unless-stopped
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

  v2ray:
    image: v2fly/v2fly-core:latest
    container_name: v2ray
    environment:
      - TZ=Asia/Shanghai
    restart: always
    command: v2ray -config=/etc/v2ray/config.json
    volumes:
      - ./data/v2ray:/etc/v2ray
      - ./logs/v2ray:/var/log/v2ray
    expose:
      - "30909" # This is for the nginx docker, you don't need to expose it to the public

Server Config

site.conf

server{
    listen 80;
    server_name your_domain;

    location /.well-known/acme-challenge/ {
       root /var/www/certbot;
    }

    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl http2 default_server;
    server_name your_domain;

    ssl_certificate /etc/letsencrypt/live/your_domain/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/your_domain/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;


    root /usr/share/nginx/html/v2ray;
    index index.html;

    location /v2ray {
        proxy_redirect off;
        proxy_pass http://v2ray:30909;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
    }
}

Proxy config

config.json

{
  "log": {
    "access": "/var/log/v2ray/access.log",
    "error": "/var/log/v2ray/error.log",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "port": 30909,
      "listen": "0.0.0.0",
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "bae399d4-13a4-46a3-b144-4af2c0004c2e",
            "level": 1,
            "alterId": 64
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/v2ray"
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
    }
  ]
}


Client

profile.yml

proxies:
  - name: "Your Customized Name"
    type: vmess
    server: your-dns-name.japaneast.cloudapp.azure.com
    port: 443
    uuid: bae399d4-13a4-46a3-b144-4af2c0004c2e
    alterId: 64
    cipher: auto
    udp: false
    tls: true
    skip-cert-verify: true
    network: ws
    ws-opts:
      path: /v2ray