V2Board机场管理面板后端节点对接教程

v2Board机场后端节点对接是通过开源一键脚本XrayR或者V2bX来进行对接,过程并不复杂,安装本教程即可实现对接Reality节点和对接VLESS+gRPC+CDN节点。

如果还没有搭建完前端,可以参考教程 LNMP下安装V2Board机场管理面板教程

v2board对接Reality节点

XrayR是一个基于Xray的后端框架,支持V2ay,Trojan,Shadowsocks协议,极易扩展,支持多面板对接。

这里我们采用修改版XrayR的后端一键脚本( https://github.com/wyx2685/XrayR )来配置后端节点,主要是因为支持vless,Trojan, Shadowsocks多种协议。

特点

 

  • 永久开源且免费。
  • 支持vless,Trojan, Shadowsocks多种协议。
  • 支持Vless和XTLS等新特性。
  • 支持单实例对接多面板、多节点,无需重复启动。
  • 支持限制在线IP
  • 支持节点端口级别、用户级别限速。
  • 配置简单明了。
  • 修改配置自动重启实例。
  • 方便编译和升级,可以快速更新核心版本, 支持Xray-core新特性。

功能介绍

 

功能 vmess vless trojan shadowsocks
获取节点信息
获取用户信息
用户流量统计
服务器信息上报
自动申请tls证书
自动续签tls证书
在线人数统计
在线用户限制
审计规则
节点端口限速
按照用户限速
自定义DNS

安装后端

wget -N https://raw.githubusercontent.com/wyx2685/XrayR-release/master/install.sh && bash install.sh

v2board对接Reality节点

在面板新建vless节点,按下图配置:

v2board对接Reality节点

编辑安全性设置,按下图配置:
v2board对接Reality节点

记住节点ID

然后编辑后端配置文件
进入 /etc/XrayR 编辑config.yml文件

示例配置

 - PanelType: "NewV2board" # Panel type: SSpanel, NewV2board, PMpanel, Proxypanel, V2RaySocks, GoV2Panel
    ApiConfig:
      ApiHost: "https://jiemahao.com"
      ApiKey: "6e264cd9-e192-49e9-b5aa"
      NodeID: 1
      NodeType: V2ray # Node type: V2ray, Shadowsocks, Trojan, Shadowsocks-Plugin
      Timeout: 30 # Timeout for the api request
      EnableVless: true # Enable Vless for V2ray Type
      VlessFlow: "xtls-rprx-vision" # Only support vless
      SpeedLimit: 0 # Mbps, Local settings will replace remote settings, 0 means disable
      DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
      RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
      DisableCustomConfig: false # disable custom config for sspanel
    ControllerConfig:
      ListenIP: 0.0.0.0 # IP address you want to listen
      SendIP: 0.0.0.0 # IP address you want to send pacakage
      UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
      DeviceOnlineMinTraffic: 100 # V2board面板设备数限制统计阈值,大于此流量时上报设备数在线,单位kB,不填则默认上报
      EnableDNS: false # Use custom DNS config, Please ensure that you set the dns.json well
      DNSType: AsIs # AsIs, UseIP, UseIPv4, UseIPv6, DNS strategy
      EnableProxyProtocol: false # Only works for WebSocket and TCP
      AutoSpeedLimitConfig:
        Limit: 0 # Warned speed. Set to 0 to disable AutoSpeedLimit (mbps)
        WarnTimes: 0 # After (WarnTimes) consecutive warnings, the user will be limited. Set to 0 to punish overspeed user immediately.
        LimitSpeed: 0 # The speedlimit of a limited user (unit: mbps)
        LimitDuration: 0 # How many minutes will the limiting last (unit: minute)
      GlobalDeviceLimitConfig:
        Enable: false # Enable the global device limit of a user
        RedisAddr: 127.0.0.1:6379 # The redis server address
        RedisPassword: YOUR PASSWORD # Redis password
        RedisDB: 0 # Redis DB
        Timeout: 5 # Timeout for redis request
        Expiry: 60 # Expiry time (second)
      EnableFallback: false # Only support for Trojan and Vless
      FallBackConfigs:  # Support multiple fallbacks
        - SNI: # TLS SNI(Server Name Indication), Empty for any
          Alpn: # Alpn, Empty for any
          Path: # HTTP PATH, Empty for any
          Dest: 80 # Required, Destination of fallback, check https://xtls.github.io/config/features/fallback.html for details.
          ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for disable
      DisableLocalREALITYConfig: true   # 是否忽略本地 REALITY 配置
      EnableREALITY: false # 是否开启 REALITY
      REALITYConfigs: # 本地 REALITY 配置
        Show: false # Show REALITY debug
        Dest: m.media-amazon.com:443 # REALITY 目标地址
        ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for disable
        ServerNames: # Required, list of available serverNames for the client, * wildcard is not supported at the moment.
          - m.media-amazon.com
        PrivateKey: # 可不填
        MinClientVer: # Optional, minimum version of Xray client, format is x.y.z.
        MaxClientVer: # Optional, maximum version of Xray client, format is x.y.z.
        MaxTimeDiff: 0 # Optional, maximum allowed time difference, unit is in milliseconds.
        ShortIds: # 可不填
          - ""
      CertConfig:
        CertMode: none # Option about how to get certificate: none, file, http, tls, dns. Choose "none" will forcedly disable the tls config.
        CertDomain: "jiemahao.com" # Domain to cert
        CertFile: /etc/XrayR/cert/node1.test.com.cert # Provided if the CertMode is file
        KeyFile: /etc/XrayR/cert/node1.test.com.key
        Provider: cloudflare # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
        Email: test@me.com
        DNSEnv: # DNS ENV option used by DNS provider
          CLOUDFLARE_EMAIL: service@jiemahao.com
          CLOUDFLARE_API_KEY: ace474942f68b8c16af367421ae27d9ef82e7
         

说明:DisableLocalREALITYConfig使用这个选项后,直接从面板下发reality节点配置信息,所以配置文件里面就不需要配置reality相关的东西了。

最后上传,启动后端。

V2board对接VLESS+gRPC+CDN节点

在面板新建vless节点,按下图配置
v2board对接Reality节点

编辑安全性设置,按下图配置,注意这里只需要配置一个SNI即可,其他的都留空。
v2board对接Reality节点
编辑协议配置:

{
  "serviceName": "jiemahao"
}

v2board对接Reality节点

编辑后端配置文件config.yml:

 - PanelType: "NewV2board" # Panel type: SSpanel, NewV2board, PMpanel, Proxypanel, V2RaySocks, GoV2Panel
    ApiConfig:
      ApiHost: "https://jiemahao.com"
      ApiKey: "6e264cd9-e192-49e9-b5aa"
      NodeID: 2
      NodeType: V2ray # Node type: V2ray, Shadowsocks, Trojan, Shadowsocks-Plugin
      Timeout: 30 # Timeout for the api request
      EnableVless: true # Enable Vless for V2ray Type
      VlessFlow: "xtls-rprx-vision" # Only support vless
      SpeedLimit: 0 # Mbps, Local settings will replace remote settings, 0 means disable
      DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
      RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
      DisableCustomConfig: false # disable custom config for sspanel
    ControllerConfig:
      ListenIP: 0.0.0.0 # IP address you want to listen
      SendIP: 0.0.0.0 # IP address you want to send pacakage
      UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
      DeviceOnlineMinTraffic: 100 # V2board面板设备数限制统计阈值,大于此流量时上报设备数在线,单位kB,不填则默认上报
      EnableDNS: false # Use custom DNS config, Please ensure that you set the dns.json well
      DNSType: AsIs # AsIs, UseIP, UseIPv4, UseIPv6, DNS strategy
      EnableProxyProtocol: false # Only works for WebSocket and TCP
      AutoSpeedLimitConfig:
        Limit: 0 # Warned speed. Set to 0 to disable AutoSpeedLimit (mbps)
        WarnTimes: 0 # After (WarnTimes) consecutive warnings, the user will be limited. Set to 0 to punish overspeed user immediately.
        LimitSpeed: 0 # The speedlimit of a limited user (unit: mbps)
        LimitDuration: 0 # How many minutes will the limiting last (unit: minute)
      GlobalDeviceLimitConfig:
        Enable: false # Enable the global device limit of a user
        RedisAddr: 127.0.0.1:6379 # The redis server address
        RedisPassword: YOUR PASSWORD # Redis password
        RedisDB: 0 # Redis DB
        Timeout: 5 # Timeout for redis request
        Expiry: 60 # Expiry time (second)
      EnableFallback: false # Only support for Trojan and Vless
      FallBackConfigs:  # Support multiple fallbacks
        - SNI: # TLS SNI(Server Name Indication), Empty for any
          Alpn: # Alpn, Empty for any
          Path: # HTTP PATH, Empty for any
          Dest: 80 # Required, Destination of fallback, check https://xtls.github.io/config/features/fallback.html for details.
          ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for disable
      DisableLocalREALITYConfig: false   # 是否忽略本地 REALITY 配置
      EnableREALITY: false # 是否开启 REALITY
      REALITYConfigs: # 本地 REALITY 配置
        Show: false # Show REALITY debug
        Dest: m.media-amazon.com:443 # REALITY 目标地址
        ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for disable
        ServerNames: # Required, list of available serverNames for the client, * wildcard is not supported at the moment.
          - m.media-amazon.com
        PrivateKey: # 可不填
        MinClientVer: # Optional, minimum version of Xray client, format is x.y.z.
        MaxClientVer: # Optional, maximum version of Xray client, format is x.y.z.
        MaxTimeDiff: 0 # Optional, maximum allowed time difference, unit is in milliseconds.
        ShortIds: # 可不填
          - ""
      CertConfig:
        CertMode: none # Option about how to get certificate: none, file, http, tls, dns. Choose "none" will forcedly disable the tls config.
        CertDomain: "jiemahao.com" # Domain to cert
        CertFile: /etc/XrayR/cert/node1.test.com.cert # Provided if the CertMode is file
        KeyFile: /etc/XrayR/cert/node1.test.com.key
        Provider: cloudflare # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
        Email: test@me.com
        DNSEnv: # DNS ENV option used by DNS provider
          CLOUDFLARE_EMAIL: service@jiemahao.com
          CLOUDFLARE_API_KEY: ace474942f68b8c16af367w21ae27defw2e7

安装nginx:

apt -y install nginx

新建nginx配置文件:
nano /etc/nginx/sites-available/grpc
写入如下配置

server {
    listen 80;
    server_name grpc.example.com;

    if ($host = grpc.example.com) {
        return 301 https://$host$request_uri;
    }
    return 404;
}

server {
    listen 443 ssl http2 so_keepalive=on;
    server_name grpc.example.com;
    index index.nginx-debian.html;
    root /var/www/html;

    ssl_certificate /etc/nginx/cert/grpc.example.com.pem;
    ssl_certificate_key /etc/nginx/cert/grpc.example.com.key; 
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

    location /jiemhao{
        if ($content_type !~ "application/grpc") {
            return 404;
        }
        client_max_body_size 0;
        client_body_buffer_size 1m;
        client_body_timeout 1h;
        grpc_pass grpc://127.0.0.1:53000;
        grpc_set_header X-Real-IP $remote_addr;
    }
}

启用站点:

ln -s /etc/nginx/sites-available/grpc /etc/nginx/sites-enabled/grpc

转到cloudflare,添加域名a记录并启用cdn:
v2board对接Reality节点

转到Network,启用gRPC回源
v2board对接Reality节点

转到SSL/TLS-Overview,将encryption mode改为Full (strict):
v2board对接Reality节点

转到SS/TLS-Origin Server,申请一个免费15年的证书:
v2board对接Reality节点

类型选ECC,hostnames填你的域名或者直接通配符也行:

v2board对接Reality节点

将证书(PEM)和密钥(KEY)分别复制保存到如下文件:

mkdir -p /etc/nginx/cert
nano /etc/nginx/cert/grpc.example.com.pem
nano /etc/nginx/cert/grpc.example.com.key

重载nginx使其生效:

systemctl reload nginx
原文链接:https://jiemahao.com/v2board-xrayr/,转载请注明出处。
0
显示验证码