虽然有一键脚本,但是纯粹的是为了翻墙,好像没有PHP,也没有vhost的设置等等.
如果我在现有的网站VPS,增加V2RAY的功能.还是用如下的方式比较好.

1,设置LNMP
wget http://mirrors.linuxeye.com/oneinstack-full.tar.gz
tar zxvf oneinstack-full.tar.gz
cd oneinstack
./install.sh
设置一大堆.

2,一键安装了V2RAY

bash <(curl -L -s https://install.direct/go.sh)
上面的命令已经失效了。

需要改成下面的：

curl -O https://raw.githubusercontent.com/v2fly/fhs-install-v2ray/master/install-release.sh
bash install-release.sh
systemctl enable v2ray
systemctl start v2ray

安装完之后呢.要改一下参数.下面的port,id,path自己更改
vim /usr/local/etc/v2ray/config.json

{
  "inbounds": [
    {
    "port":23333,
      "listen": "127.0.0.1",
      "tag": "vmess-in",
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
          "id":"9999d32c-5719-4fd5-ba8d-569b0b150888",
          "alterId":64
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path":"/t00ls.kele/"
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": { },
      "tag": "direct"
    },
    {
      "protocol": "blackhole",
      "settings": { },
      "tag": "blocked"
    }
  ],
  "routing": {
    "domainStrategy": "AsIs",
    "rules": [
      {
        "type": "field",
        "inboundTag": [
          "vmess-in"
        ],
        "outboundTag": "direct"
      }
    ]
  }
}

改完之后
service v2ray start

3,设置虚拟主机
cd oneinstack
./vhost.sh
又是一大堆的设置,比如域名是s1.gg.com
添加完虚拟主机之后,
更改/usr/local/nginx/conf/vhost/s1.gg.com.conf
添加:

  location /t00ls.kele/
  {
    proxy_redirect off;
    proxy_pass http://127.0.0.1:23333;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
  }

4,设置防火墙
我不爱用iptables,先停掉
systemctl stop iptables.service
systemctl disable iptables.service
启用firewalld
yum -y install firewalld
systemctl unmask firewalld.service
systemctl start firewalld.service
systemctl enable firewalld.service
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --reload
firewall-cmd --list-all

5,手动设置各个客户端就可以了.
地址(address):s1.gg.com
端口(port):443
ID:9999d32c-5719-4fd5-ba8d-569b0b150888
alterId:64
加密(security):auto
传输协议(network):ws
伪装类型(type):none
path:/t00ls.kele/
底层传输安全:tls

最后,网上有人做的一键脚本:

bash <(curl -L -s https://raw.githubusercontent.com/wulabing/V2Ray_ws-tls_bash_onekey/master/install.sh) | tee v2ray_ins.log

三个服务器备选
kms.kele.im
kms1.kele.im
kms2.kele.im

用的这里的脚本.
https://teddysun.com/530.html

主要用于VOL版本的OFFICE和WINDOWS激活.

激活WINDOWS,使用方法,命令行运行:
slmgr /skms kms.kele.im
slmgr /ato

激活OFFICE,找到OSPP.VBS的目录,CD过去,运行:
cscript ospp.vbs /sethst:kms.kele.im
cscript ospp.vbs /act

更详细的使用方法参考这里:
https://03k.org/kms.html

Windows Server 2008 R2 Standard
slmgr /ipk YC6KT-GKW9T-YTKYR-T4X34-R7VHC
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2008 R2 Enterprise
slmgr /ipk 489J6-VHDMP-X63PK-3K798-CPX3Y
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2008 R2 Datacenter
slmgr /ipk 74YFP-3QFB3-KQT8W-PMXWJ-7M648
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2012 Datacenter
slmgr /ipk 48HP8-DN98B-MYWDG-T2DCC-8W83P
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2012 R2 Server Standard
slmgr /ipk D2N9P-3P6X9-2R39C-7RTCD-MDVJX
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2012 R2 Datacenter
slmgr /ipk W3GGN-FT8W3-Y4M27-J84CP-Q3VJ9
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2016 Standard
slmgr /ipk WC2BQ-8NRM3-FDDYY-2BFGV-KHKQY
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2016 Datacenter
slmgr /ipk CB7KF-BWN84-R7R2Y-793K2-8XDDG
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2019 Standard
slmgr /ipk N69G4-B89J2-4G8F4-WWYCC-J464C
slmgr /skms kms.kele.im
slmgr /ato

Windows Server 2019 Datacenter
slmgr /ipk WMDGN-G9PQG-XVVXX-R3X43-63DFG
slmgr /skms kms.kele.im
slmgr /ato

Windows 8.1 Professional
slmgr /ipk GCRJD-8NW9H-F2CDX-CCM8D-9D6T9
slmgr /skms kms.kele.im
slmgr /ato

Windows 10 Professional
slmgr /ipk W269N-WFGWX-YVC9B-4J6C9-T83GX
slmgr /skms kms.kele.im
slmgr /ato

Windows 10 Enterprise
slmgr /ipk NPPR9-FWDCX-D2C8J-H872K-2YT43
slmgr /skms kms.kele.im
slmgr /ato

Windows 10 Enterprise LTSC 2019
slmgr /ipk M7XTQ-FN8P6-TTKYV-9D4CC-J462D
slmgr /skms kms.kele.im
slmgr /ato

Windows 10 Enterprise N LTSC 2019
slmgr /ipk 92NFX-8DJQP-P6BBQ-THF9C-7CG2H
slmgr /skms kms.kele.im
slmgr /ato

在别人的基础上改了。增加兼容性，易用性。

# coding=utf-8
#pip3 install pycryptodome
#pip3 install pywin32
#

import os
import argparse
import base64
import configparser
import sys
import win32con,win32api
from win32api import GetComputerName, GetUserName
from win32security import LookupAccountName, ConvertSidToStringSid
from Crypto.Hash import SHA256
from Crypto.Cipher import ARC4


def decrypt_string(a1, a2):
    #print(a2)
    v1 = base64.b64decode(a2)
    #print(v1)
    v3 = ARC4.new(SHA256.new(a1.encode('ascii')).digest()).decrypt(v1[:len(v1) - 0x20])
    if SHA256.new(v3).digest() == v1[-32:]:
        return v3.decode('ascii')
    else:
        return None

def GetPath():
    path=os.path.join(os.environ["USERPROFILE"], r"Documents\NetSarang Computer\6")
    if not os.path.exists(path):
        reg_root = win32con.HKEY_CURRENT_USER
        reg_path = r"Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"
        reg_flags = win32con.WRITE_OWNER|win32con.KEY_WOW64_64KEY|win32con.KEY_ALL_ACCESS
        key = win32api.RegOpenKeyEx(reg_root, reg_path, 0, reg_flags)
        value,key_type = win32api.RegQueryValueEx(key, 'Personal')
        path=value+"\\NetSarang Computer\\6\\Xshell\\Sessions"
    return path

sid = GetUserName() + ConvertSidToStringSid(LookupAccountName(GetComputerName(), GetUserName())[0])
password=GetPath()

if not os.path.isdir(password):
    r = decrypt_string(sid, password)
    if r:
        print(r)
for root, dirs, files in os.walk(password):
    for f in files:
        if f.endswith(".xsh") or f.endswith(".xfp"):
            filepath = os.path.join(root, f)
            cfg = configparser.ConfigParser()
            try:
                cfg.read(filepath)
            except UnicodeDecodeError:
                cfg.read(filepath, encoding="utf-16")

            try:
                if f.endswith(".xsh"):
                    host = "{}:{}".format(cfg["CONNECTION"]["Host"], cfg["CONNECTION"]["Port"])
                    username = cfg["CONNECTION:AUTHENTICATION"]["UserName"]
                    password = decrypt_string(sid, cfg["CONNECTION:AUTHENTICATION"]["Password"])
                else:
                    host = "{}:{}".format(cfg["Connection"]["Host"], cfg["Connection"]["Port"])
                    username = cfg["Connection"]["UserName"]
                    password = decrypt_string(sid, cfg["Connection"]["Password"])
                print(f"{filepath:=^100}\nHost:     {host}\nUsername: {username}\nPassword: {password}")
            except Exception as e:
                print(f"{filepath:=^100}\nError:{e}")

《向往的生活4》第1期 完整版：黄磊爆料周迅拍戏黑历史 彭昱畅郭麒麟下地种西瓜 Back to field S4 EP1【湖南卫视官方HD】
国内看要湖南卫视APP才行。
国外直接youtube就有官方频道免费看。

https://www.youtube.com/watch?v=r1WLuRUdsUI 翻墙可看

链接: https://pan.baidu.com/s/15-Mv2T5CU8UGLVfmTsfDOA 密码: 3cuj

证书不能续期。使用acme.sh续期证书，发现acme.sh的原理是在根目录生成一个.well-known目录，下面生成随机字符串，以验证域名所属。
因为前面location / 到127.0.0.1:8888（DNSlog的python端口），所以这个.well-known是请求不到的。所以，导致无法续期。

直接改了nginx的配置文件。添加：

  location ^~ /.well-known {
    root /data/wwwroot/dnslog.com;
  }

但是因为测试了几次，整数的签发机构，不给重新下发key文件了。。。
只能重新换一个域名了。

因为使用的是修改版的dnslog，前端只能使用https。 https://github.com/bit4woo/DNSLog
dnslogsettings.py，有这么两行：

SECURE_SSL_REDIRECT = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

去掉就可以不走https了。

另外这个版本加了个token功能。感觉目前还用不到。想不到什么场景会用到。