切换到root账号
sudo -i
设置root密码
passwd
Debian安装宝塔面板
BT面板官方安装脚本:(Debian系统)
wget -O install.sh http://download.bt.cn/install/install-ubuntu_6.0.sh && bash install.sh
Centos安装
yum install -y wget && wget -O install.sh http://download.bt.cn/install/install_6.0.sh && sh install.sh
如下图就安装成功了。
根据上面提示的地址和密码登录你的宝塔面板
安装Nginx/Sql/或是其他你需要的运行环境软件
因为有时候debian不能急速安装,一般是编译安装,所以速度慢的奇葩!!若是真心是建站需求的话,推荐使用CENTOS7以上的系统,那样安装运行环境很急速的!一般10分钟内全部搞定
开启DEBIAN9 BBR
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf sysctl -p sysctl net.ipv4.tcp_available_congestion_control lsmod | grep bbr
安装v2ray服务器:官方脚本
bash <(curl -L -s https://install.direct/go.sh)
如果提示 curl: command not found ,那是因为你的 VPS 没装 Curl
ubuntu/debian系统安装 Curl 方法
apt-get update -y && apt-get install curl -y
centos系统安装 Curl 方法
yum update -y && yum install curl -y
vi /etc/v2ray/config.json
V2RAY服务器的配置文件如下:(下面代码可以直接覆盖源文件代码)
{ "inbounds": [{ "port": 65432, //此处为安装时生成的端口,可修改随意,但是保证和下面提到的端口号相同 "listen":"127.0.0.1", "protocol": "vmess", "settings": { "clients": [ { "id": "xxxxxxxxx", //此处为安装时生成的id "level": 1, "alterId": 64 //此处为安装时生成的alterId } ] }, "streamSettings": { "network": "ws", "wsSettings": { "path": "/SoftDown" //此处为路径,需要和下面NGINX上面的路径配置一样 } } }], "outbounds": [{ "protocol": "freedom", "settings": {} },{ "protocol": "blackhole", "settings": {}, "tag": "blocked" }], "routing": { "rules": [ { "type": "field", "ip": ["geoip:private"], "outboundTag": "blocked" } ] } }
设置为开机自动启动
- systemctl enable v2ray
启动v2ray服务
- systemctl start v2ray
自动签发SSL证书,并强制开启HTTPS
配置站点的nginx
location /SoftDown { proxy_redirect off; proxy_pass http://127.0.0.1:65432; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; }
- 宝塔配置文件
server{ listen 80; listen 443 ssl http2; server_name v-hk.yuezl.top; index index.php index.html index.htm default.php default.htm default.html; root /www/wwwroot/v-hk.yuezl.top; #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则 #error_page 404/404.html; #HTTP_TO_HTTPS_START if ($server_port !~ 443){ rewrite ^(/.*)$ https://$host$1 permanent; } #HTTP_TO_HTTPS_END ssl_certificate /www/server/panel/vhost/cert/v-hk.yuezl.top/fullchain.pem; ssl_certificate_key /www/server/panel/vhost/cert/v-hk.yuezl.top/privkey.pem; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; error_page 497 https://$host$request_uri; #SSL-END #ERROR-PAGE-START 错误页配置,可以注释、删除或修改 error_page 404 /404.html; #error_page 502 /502.html; #ERROR-PAGE-END #PHP-INFO-START PHP引用配置,可以注释或修改 include enable-php-74.conf; #PHP-INFO-END #REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效 include /www/server/panel/vhost/rewrite/v-hk.yuezl.net.conf; #REWRITE-END #禁止访问的文件或目录 location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md) { return 404; } #一键申请SSL证书验证目录相关设置 location ~ \.well-known{ allow all; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; error_log off; access_log /dev/null; } location ~ .*\.(js|css)?$ { expires 12h; error_log off; access_log /dev/null; } access_log /www/wwwlogs/v-hk.yuezl.top.log; error_log /www/wwwlogs/v-hk.yuezl.top.error.log; location / { proxy_redirect off; proxy_pass http://127.0.0.1:56629; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; # Show realip in v2ray access.log proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }