切换到root账号
sudo -i设置root密码
passwdDebian安装宝塔面板
BT面板官方安装脚本:(Debian系统)
wget -O install.sh http://download.bt.cn/install/install-ubuntu_6.0.sh && bash install.shCentos安装
yum install -y wget && wget -O install.sh http://download.bt.cn/install/install_6.0.sh && sh install.sh如下图就安装成功了。
根据上面提示的地址和密码登录你的宝塔面板
安装Nginx/Sql/或是其他你需要的运行环境软件
因为有时候debian不能急速安装,一般是编译安装,所以速度慢的奇葩!!若是真心是建站需求的话,推荐使用CENTOS7以上的系统,那样安装运行环境很急速的!一般10分钟内全部搞定
开启DEBIAN9 BBR
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
sysctl -p
sysctl net.ipv4.tcp_available_congestion_control
lsmod | grep bbr安装v2ray服务器:官方脚本
bash <(curl -L -s https://install.direct/go.sh)
如果提示 curl: command not found ,那是因为你的 VPS 没装 Curl
ubuntu/debian系统安装 Curl 方法
apt-get update -y && apt-get install curl -y
centos系统安装 Curl 方法
yum update -y && yum install curl -y
vi /etc/v2ray/config.json V2RAY服务器的配置文件如下:(下面代码可以直接覆盖源文件代码)
{
"inbounds": [{
"port": 65432, //此处为安装时生成的端口,可修改随意,但是保证和下面提到的端口号相同
"listen":"127.0.0.1",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "xxxxxxxxx", //此处为安装时生成的id
"level": 1,
"alterId": 64 //此处为安装时生成的alterId
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/SoftDown" //此处为路径,需要和下面NGINX上面的路径配置一样
}
}
}],
"outbounds": [{
"protocol": "freedom",
"settings": {}
},{
"protocol": "blackhole",
"settings": {},
"tag": "blocked"
}],
"routing": {
"rules": [
{
"type": "field",
"ip": ["geoip:private"],
"outboundTag": "blocked"
}
]
}
}设置为开机自动启动
- systemctl enable v2ray
启动v2ray服务
- systemctl start v2ray
自动签发SSL证书,并强制开启HTTPS
配置站点的nginx
location /SoftDown {
proxy_redirect off;
proxy_pass http://127.0.0.1:65432;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
- 宝塔配置文件
server{
listen 80;
listen 443 ssl http2;
server_name v-hk.yuezl.top;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/v-hk.yuezl.top;
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#error_page 404/404.html;
#HTTP_TO_HTTPS_START
if ($server_port !~ 443){
rewrite ^(/.*)$ https://$host$1 permanent;
}
#HTTP_TO_HTTPS_END
ssl_certificate /www/server/panel/vhost/cert/v-hk.yuezl.top/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/v-hk.yuezl.top/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
#SSL-END
#ERROR-PAGE-START 错误页配置,可以注释、删除或修改
error_page 404 /404.html;
#error_page 502 /502.html;
#ERROR-PAGE-END
#PHP-INFO-START PHP引用配置,可以注释或修改
include enable-php-74.conf;
#PHP-INFO-END
#REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效
include /www/server/panel/vhost/rewrite/v-hk.yuezl.net.conf;
#REWRITE-END
#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)
{
return 404;
}
#一键申请SSL证书验证目录相关设置
location ~ \.well-known{
allow all;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
error_log off;
access_log /dev/null;
}
location ~ .*\.(js|css)?$
{
expires 12h;
error_log off;
access_log /dev/null;
}
access_log /www/wwwlogs/v-hk.yuezl.top.log;
error_log /www/wwwlogs/v-hk.yuezl.top.error.log;
location / {
proxy_redirect off;
proxy_pass http://127.0.0.1:56629;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
# Show realip in v2ray access.log
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}