前置准备
生成必要的密钥和 ID
生成 UUID(客户端 ID):
docker run --rm ghcr.io/xtls/xray-core:latest uuid生成 Reality 密钥对:
docker run --rm ghcr.io/xtls/xray-core:latest x25519生成 shortId(客户端标识,可选):
openssl rand -hex 8部署配置
Docker Compose 文件
创建 compose.yml 文件:
version: '3.8'
services:
xray:
image: ghcr.io/xtls/xray-core:latest
container_name: xray
restart: unless-stopped
command: ["run", "-c", "/usr/local/etc/xray/config.json"]
volumes:
- ./config.json:/usr/local/etc/xray/config.json:ro
ports:
- "443:443/tcp"
- "6080:6080/tcp"Xray 配置文件
创建 config.json 文件,包含两个入站连接:
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"listen": "0.0.0.0",
"port": 443,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "你的UUID",
"flow": "xtls-rprx-vision"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"show": false,
"dest": "m.media-amazon.com:443",
"xver": 0,
"serverNames": [
"m.media-amazon.com",
"media-amazon.com"
],
"privateKey": "你的私钥",
"shortIds": [
"", // 空字符串表示客户端可不配置 shortId
"你的shortId" // 用于标识不同客户端,长度为 2-16 位偶数
]
}
}
},
{
"listen": "0.0.0.0",
"port": 6080,
"protocol": "vless",
"settings": {
"clients": [
{
"id": "你的UUID"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"path": "/lovelive"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
],
"dns": {
"servers": [
"1.1.1.1",
"8.8.8.8",
"223.5.5.5"
]
}
}配置说明
协议配置
- VLESS + Reality(端口 443):使用 Reality 协议伪装成正常 HTTPS 流量
- VLESS + WebSocket(端口 6080):基于 WebSocket 的连接方式
Reality 推荐目标站点
选择稳定的 HTTPS 网站作为伪装目标:
www.amazon.comaddons.mozilla.orgwww.un.orgwww.tesla.comgithub.comwww.cloudflare.com
部署步骤
- 生成必要的密钥和 ID
- 创建配置文件并替换相应的值
- 启动服务:
docker-compose up -d- 查看日志:
docker-compose logs -f xray参考资料: