BlueRose/BlueRoseNote
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
BlueRoseNote/03-UnrealEngine/流程管理与部署/VPS服务部署/VPS账号与Trojan安装命令.md
BlueRose 36e95249b1 Init
2023-06-29 11:55:02 +08:00

305 lines
8.2 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## vps 价格
### hostkey
1核 2G内存 30G硬盘 0.010K贝壳/小时 2M带宽 (≈72元/月)
2核 4G内存 40G硬盘 0.020K贝壳/小时 3M带宽 (≈144元/月)
### 搬瓦工
CN2 GIA 1190元/年
### UCloud
1M/2M 225元/年起
2M/5M 534元/年起
### 硅云
1核1G 带宽 2M 232 元/1年
2核2G 带宽 2M 482 元/1年
## blueroses.top(阿里云)
### DNS
alla.ns.cloudflare.com
micah.ns.cloudflare.com
dns19.hichina.com
dns20.hichina.com
f1g1ns1.dnspod.net
f1g1ns2.dnspod.net
### cloudflare
如果不通可能是cloudflare出问题了。
默认的域名blueroses.top是指向cloudflare的所以通过域名来访问SFTP需要访问在cloudflare设置的子域名。
- tj.blueroses.top
- www.blueroses.top
因为还添加了阿里云DNS解析所以更换VPS时需要记得**修改阿里云的DNS设置**。
## 搬瓦工
378100977@qq.com ljj199221
## 测速网址
### SpeedTest
https://www.speedtest.net/
测速命令:`wget -qO- bench.sh | bash`
### ip测速
https://tools.ipip.net/newping.php
### 检查Ip是否被墙
https://bandwagonhoster.com/653.html
http://www.ping.pe/
https://ping.pe/
### 搬瓦工免费换ip
https://kiwivm.64clouds.com/main-exec.php?mode=blacklistcheck
## 单位阿里云账号
```
阿里云账号(拜托华城租的服务器)
子账户zjsjcpzljczx@1042965787832287
密码:123456&*()LlL
123456&*()LlL
zaq1@XSW2
登录地址http://signin.aliyun.com/1042965787832287/login.htm
116.62.69.44
```
```
门户网站域名:轻工院方工管理。
```
# Trojan
## BBR Plus加速脚本
wget "https://github.com/chiakge/Linux-NetSpeed/raw/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
## 一键Trojan脚本
curl -O https://raw.githubusercontent.com/atrandys/trojan/master/trojan_centos7.sh && chmod +x trojan_centos7.sh && ./trojan_centos7.sh
curl -O https://raw.githubusercontent.com/atrandys/trojan/master/trojan_mult.sh && chmod +x trojan_mult.sh && ./trojan_mult.sh
### 修改密码
修改Trojan服务端密码需用到的命令
```
sudo systemctl stop trojan
cd /usr/src/trojan
vi server.conf
sudo systemctl restart trojan
```
### 安卓Android端Igniter下载地址
https://github.com/trojan-gfw/igniter...
### IOS
需要借用他人IOS账号购买ShadowRocket。
## 使用Docker安装Trojan
### 安装Docker
1. 卸载老版本的 docker 及其相关依赖
sudo yum remove docker docker-common container-selinux docker-selinux docker-engine
2. 更新yum
yum update
3. 安装 yum-utils它提供了 yum-config-manager可用来管理yum源
sudo yum install -y yum-utils
4. 添加yum源
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
5. 更新索引
sudo yum makecache fast
6. 安装 docker-ce
sudo yum install -y docker-ce
指定版本安装
yum -y install docker-ce-18.06.3.ce
yum install docker-ce docker-ce-cli containerd.io
7. 启动 docker
sudo systemctl start docker
8. 验证是否安装成功
sudo docker info
9. 开机自启动
systemctl enable docker
### 通过acme.sh脚本来设置证书
安装acme.sh
```
apt-get update && apt-get -y install socat //安装socat
yum install socat
wget -qO- get.acme.sh | bash //安装脚本
source ~/.bashrc
```
#### 申请证书
在你的域名解析服务提供商那里添加好解析记录假定你的域名是yourdomain.com记得不要开启CDN然后执行下面命令申请证书。
```
acme.sh --issue --standalone -d yourdomain.com -k ec-256
```
因为本人要有blog需要与nginx容器共存所以使用网站目录方式
```
acme.sh --issue -d blueroses.top -d www.blueroses.top -d tj.blueroses.top -k ec-256 --webroot /root/docker/nginx/html
```
#### 安装证书和私钥到指定位置
```
acme.sh --installcert -d blueroses.top \
--fullchain-file /root/docker/trojan/trojan.crt \
--key-file /root/docker/trojan/trojan.key \
--ecc --reloadcmd "docker restart nginx-web trojan"
```
#### 自动续期
```
acme.sh --upgrade --auto-upgrade
```
#### 证书过期解决方法手动使用DNS验证(没必要用这个)
通过Docker关闭Nginx服务器之后执行申请证书
```
acme.sh --issue --standalone -d tj.blueroses.top -k ec-256
```
2020.9.19遇到证书过期是cloudflare把我的DNS解析删掉了
如果出错可以考虑用DNS验证
```
acme.sh --issue --dns -d tj.blueroses.top -k ec-256 --yes-I-know-dns-manual-mode-enough-go-ahead-please
```
重启Trojan服务。
#### acme.sh证书签发单位更换
因为acme.sh 2.0更换了默认的签发单位为zerossl所以如果有需要可以更换
```
acme.sh --set-default-ca --server letsencrypt
acme.sh --set-default-ca --server zerossl
```
### 安装Docker
```
wget -qO- get.docker.com | bash //安装docker
systemctl start docker //启动docker服务
systemctl status docker //查看docker运行状态
docker -v //查看docker版本
systemctl enable docker //将docker服务加入开机自启动
```
### 安装Trojan
```
docker pull teddysun/trojan
```
创建并且修改配置文件**(证书路径、密码)**。
```cd /docker/trojan && vim config.json```
password可以设置多个方便多用户使用.
```
{
"run_type": "server",
"local_addr": "0.0.0.0",
"local_port": 443,
"remote_addr": "127.0.0.1",
"remote_port": 80,
"password": [
"512512512",
"512"
],
"log_level": 1,
"ssl": {
"cert": "/etc/trojan/trojan.crt",
"key": "/etc/trojan/trojan.key",
"key_password": "",
"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384",
"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"prefer_server_cipher": true,
"alpn": [
"http/1.1"
],
"reuse_session": true,
"session_ticket": false,
"session_timeout": 600,
"plain_http_response": "",
"curves": "",
"dhparam": ""
},
"tcp": {
"prefer_ipv4": false,
"no_delay": true,
"keep_alive": true,
"reuse_port": false,
"fast_open": false,
"fast_open_qlen": 20
},
"mysql": {
"enabled": false,
"server_addr": "127.0.0.1",
"server_port": 3306,
"database": "trojan",
"username": "trojan",
"password": ""
}
}
```
#### 启动命令
trojan
```
docker run -d --name trojan --restart always --net host \
-p 443:443 \
-v /root/docker/trojan:/etc/trojan \
teddysun/trojan
```
trojan-go
```bash
docker run -d --network host --name trojan-go --restart=always \
-v /root/docker/trojan-go:/etc/trojan-go \
teddysun/trojan-go
```
#### 一键脚本紧急时候使用
```bash
curl -sL https://raw.githubusercontent.com/phlinhng/v2ray-tcp-tls-web/master/install.sh) && v2script
```
#### ~~带有管理后台的Docker部署~~ 会顶掉我Blog网站所以放弃
1. 安装mysql
因为mariadb内存使用比mysql至少减少一半, 所以推荐使用mariadb数据库
```
docker run --name trojan-mariadb --restart=always -p 3306:3306 \
-v /root/docker/mariadb:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=trojan \
-e MYSQL_ROOT_HOST=% \
-e MYSQL_DATABASE=trojan \
-d mariadb:10.2
```
数据库trojan
账号root
密码trojan
2. 安装trojan
```
docker run -it -d --name trojan-web --net=host --restart=always --privileged jrohy/trojan init
```
运行完后进入容器 `docker exec -it trojan-web bash`, 然后输入`trojan`即可进行初始化安装
- 启动web服务: `systemctl start trojan-web`
- 设置自启动: `systemctl enable trojan-web`
- 更新管理程序: `source <(curl -sL https://git.io/trojan-install)`
#### 查看日志
docker logs -f 容器id
docker logs -f --tail string 容器id
# Nginx
```bash
docker run -d --restart=always --name nginx-web \
-v /root/docker/nginx/nginx.conf:/etc/nginx/nginx.conf \
-v /root/docker/nginx/html:/usr/share/nginx/html \
-v /root/docker/nginx/log:/var/log/nginx \
-v /root/docker/trojan/:/root/docker/trojan \
-v /etc/localtime:/etc/localtime:ro \
-p 80:80 \
nginx
```
# X-UI
```bash
docker run -itd --network=host \
-v /root/docker/x-ui/db/:/etc/x-ui/ \
-v /root/docker/trojan/:/root/cert/ \
--name x-ui --restart=unless-stopped \
enwaiax/x-ui
```
Reference in New Issue View Git Blame Copy Permalink