2️⃣ 节点部署
我们用 Trojan/VLESS(TLS + WebSocket/gRPC):
安装 sing-box(最简单稳定)
bash <(curl -Ls https://raw.githubusercontent.com/mhsanaei/3x-ui/master/install.sh)
|
安装时:
- 选择 Trojan 或 VLESS + TLS
- 监听端口:443
- 域名:你自己的子域名,比如
vpn.dostorm.com
- 密码/UUID:随机生成,至少 20 位
- TLS:开启,证书用 Let’s Encrypt 自动申请
安装完成后,你的 VPS 就已经有节点可以访问了。
安装具体步骤
Would you like to customize the Panel Port settings? (If not, a random port will be applied) [y/n]:
|
问是否自定义端口,自己看情况选择,对应的防火墙端口也要打开
Choose SSL certificate setup method:
1. Let's Encrypt for Domain (90-day validity, auto-renews)
2. Let's Encrypt for IP Address (6-day validity, auto-renews)
3. Custom SSL Certificate (Path to existing files)
Note: Options 1 & 2 require port 80 open. Option 3 requires manual paths.
Choose an option (default 2 for IP):
|
选择配置ssl证书,这里我直接选3,用文件来配
Please enter domain name certificate issued for:
|
输入域名,这我输入我已经申请好了的域名vpn.ddsadostorm.com
Input certificate path (keywords: .crt / fullchain):
|
选择证书的fullchain文件路径
Input private key path (keywords: .key / privatekey):
|
选择证书的privatekey文件路径
然后就好了
═══════════════════════════════════════════
Panel Installation Complete!
═══════════════════════════════════════════
Username: a7nK0Iwsadsd5sdf4asdZ1
Password: l0fZQfdsfdsfsdsdffasdfsdRV
Port: 58680
WebBasePath: ffmaIchfdsfsdfdsfYsdfVhKf33PHrc
Access URL: https://vpn.dossdfsdfsdftorm.com:58680/ffmaIchYVhsdfsdsdfsdfKf33PHrc
═══════════════════════════════════════════
|
打开面板了,可以
然后配置面板了,将里面的账号密码改一下,最好把双重验证打开
订阅设置里面也要改一下,改好重启面板
然后是入站配置了,参靠
然后点击
打开bbr加速
在窗口输入:x-ui 打开3X-UI面板管理脚本,输入18,选择SSL证书管理
Please enter your selection [0-25]: 18 # 请输入您的选择 [0-25]:18
1. Get SSL (Domain) # 获取 SSL(域名)
2. Revoke # 撤销
3. Force Renew # 强制续期
4. Show Existing Domains # 显示现有域名
5. Set Cert paths for the panel # 设置面板证书路径
6. Get SSL for IP Address (6-day cert, auto-renews) # 获取 IP 地址的 SSL(6 天证书,自动续期)
0. Back to Main Menu # 返回主菜单
Choose an option: 5 # 选择一个选项:5
Available domains: # 可用域名:
guaishou.eu.org # 这里会显示之前申请过证书的域名
|
再选择 5 ,设置面板证书路径
可用域名列表就显示之前申请域名证书时候填写的域名
Please choose a domain to set the panel paths: guaishou.eu.org # 请选择一个域名来设置面板路径:
set certificate public key success # 设置证书公钥成功
set certificate private key success # 设置证书私钥成功
set certificate for subscription public key success # 设置订阅证书公钥成功
set certificate for subscription private key success # 设置订阅证书私钥成功
Panel paths set for domain: guaishou.eu.org # 已为域名 guaishou.eu.org 设置面板路径
- Certificate File: /root/cert/guaishou.eu.org/fullchain.pem # 证书文件地址
- Private Key File: /root/cert/guaishou.eu.org/privkey.pem # 私钥文件地址
[INF] x-ui and xray Restarted successfully # [INF] x-ui 和 xray 已成功重启
Press enter to return to the main menu: # 按回车键返回主菜单:
|
请选择一个域名来设置面板路径:输入上面的域名地址
出现证书文件和私钥文件地址时候,会自动设置到面板(可临时保存备用)
回到主菜单
Please enter your selection [0-25]: 23 #
1. Enable BBR # 启用BBR
2. Disable BBR # 禁用BBR
0. Back to Main Menu # 返回主菜单
Choose an option: 1 # 选择 1
BBR is already enabled! # BBR 已启用!
|
选择23 ,再选择1 ,启用BBR,当出现 BBR is already enabled! 说明启用成功
开启BBR前后测试
开启前:延迟313,速度 36.6
开启后:延迟83,速度 23.1
至此命令行已经设置结束。
这个稳一点
导入clash格式要转化一下,直接叫codex帮忙转把。
格式大概是这个样
port: 7890
socks-port: 7891
allow-lan: false
mode: rule
proxies:
- name: "uxcif4sr"
type: vmess
server: vpn.dostorm.com
port: 32547
uuid: a18f73fc-9cc5-4b95-a05e-7b6d6cc2f5c2
alterId: 0
cipher: auto
tls: true
network: ws
ws-opts:
path: /
proxy-groups:
- name: PROXY
type: select
proxies:
- uxcif4sr
rules:
- MATCH,PROXY
|