🛠️给自己开扇窗,网络应该是自由的。

我有三个VPS:中国香港NAT-IPv6(ByteVirt,1C/0.25G/5G)、美国圣何塞(Oracle,4C/24G/200G)、英国伦敦(massiveGrid,1C/1G/32G),都使用docker部署了hysteria,以下是简单记录。

  1. 创建hysteria目录并新建config.yaml:

    listen: :443

tls:
  cert: /etc/hysteria/server.crt 
  key: /etc/hysteria/server.key
 
auth:
  type: password
  password: xxxxxxxxxxxxxxxx

masquerade: 
  type: proxy
  proxy:
    url: https://www.bing.com/ 
    rewriteHost: true

  2. 创建自签证书:

    openssl req -x509 -nodes -newkey ec:<(openssl ecparam -name prime256v1) -keyout /path/to/hysteria/server.key -out /path/to/hysteria/server.crt -subj "/CN=www.bing.com" -days 3650

  3. Docker安装Hysteria服务端:

    docker run -d \
  --network=host \
  --name hysteria \
  --restart=unless-stopped \
  -v /path/to/hysteria:/etc/hysteria \
  tobyxdd/hysteria server -c /etc/hysteria/config.yaml

  4. 创建config.json导入 GUI.for.SingBox 并使用:

    [
  {
 "tag": "name1",
 "type": "hysteria2",
 "server": "x.x.x.x",
 "server_port": xxxx,
 "up_mbps": 50,
 "down_mbps": 100,
 "password": "xxxxxxxxxxxx",
 "tls": {
   "enabled": true,
   "server_name": "www.bing.com",
   "insecure": true
 }
  }
]

  5. Android 版 sing-box配置:

    {
  "log": {
 "level": "info",
 "timestamp": true
  },
  "experimental": {
 "clash_api": {
   "external_controller": "0.0.0.0:20123",
   "external_ui": "/etc/sing-box/ui",
   "secret": "ID_h40Hj0x",
   "external_ui_download_url": "",
   "default_mode": "rule"
 },
 "cache_file": {
   "enabled": true,
   "store_fakeip": true,
   "store_rdrc": false
 }
  },
  "inbounds": [
 {
   "type": "mixed",
   "listen": "127.0.0.1",
   "listen_port": 20122,
   "sniff": true,
   "sniff_override_destination": false,
   "domain_strategy": "ipv4_only",
   "tcp_fast_open": false,
   "tcp_multi_path": false,
   "udp_fragment": false
 },
 {
   "type": "tun",
   "address": [
     "172.18.0.1/30",
     "fdfe:dcba:9876::1/126"
   ],
   "mtu": 1500,
   "auto_route": true,
   "strict_route": true,
   "endpoint_independent_nat": false,
   "stack": "mixed",
   "platform": {
     "http_proxy": {
       "enabled": true,
       "server": "127.0.0.1",
       "server_port": 20122
     }
   },
   "sniff": true,
   "sniff_override_destination": false,
   "domain_strategy": "ipv4_only"
 }
  ],
  "outbounds": [
 {
   "tag": "节点选择",
   "type": "selector",
   "outbounds": [
     "自动选择",
     "US-SJC",
     "UK-LON",
     "CN-HKG"
   ]
 },
 {
   "tag": "自动选择",
   "type": "urltest",
   "outbounds": [
     "US-SJC",
     "UK-LON",
     "CN-HKG"
   ],
   "url": "https://www.gstatic.com/generate_204",
   "interval": "300s",
   "tolerance": 150
 },
 {
   "tag": "Youtube",
   "type": "selector",
   "outbounds": [
     "自动选择",
     "US-SJC",
     "UK-LON",
     "CN-HKG"
   ]
 },
 {
   "tag": "Spotify",
   "type": "selector",
   "outbounds": [
     "US-SJC",
     "UK-LON",
     "CN-HKG"
   ]
 },
 {
   "tag": "AI-Chat",
   "type": "selector",
   "outbounds": [
     "US-SJC",
     "UK-LON",
     "CN-HKG"
   ]
 },
 {
   "tag": "全球直连",
   "type": "selector",
   "outbounds": [
     "direct",
     "block"
   ]
 },
 {
   "tag": "全球拦截",
   "type": "selector",
   "outbounds": [
     "block",
     "direct"
   ]
 },
 {
   "tag": "漏网之鱼",
   "type": "selector",
   "outbounds": [
     "节点选择",
     "全球直连"
   ]
 },
 {
   "tag": "GLOBAL",
   "type": "selector",
   "outbounds": [
     "direct",
     "block",
     "节点选择",
     "自动选择",
     "全球直连",
     "全球拦截",
     "漏网之鱼"
   ]
 },
 {
   "tag": "proxy-name1",
   "type": "hysteria2",
   "server": "x.x.x.x",
   "server_port": xxxxx,
   "up_mbps": 50,
   "down_mbps": 100,
   "password": "xxxxxxxxxxxxxxx",
   "tls": {
     "enabled": true,
     "server_name": "www.bing.com",
     "insecure": true
   }
 },
 {
   "type": "direct",
   "tag": "direct"
 },
 {
   "type": "dns",
   "tag": "dns-out"
 },
 {
   "type": "block",
   "tag": "block"
 }
  ],
  "route": {
 "rule_set": [
   {
     "tag": "AI-Chat",
     "type": "remote",
     "format": "binary",
     "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ai-chat-!cn.srs",
     "download_detour": "全球直连"
   },
   {
     "tag": "Spotify",
     "type": "remote",
     "format": "binary",
     "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/spotify.srs",
     "download_detour": "全球直连"
   },
   {
     "tag": "YouTube",
     "type": "remote",
     "format": "binary",
     "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/youtube.srs",
     "download_detour": "全球直连"
   },
   {
     "tag": "CATEGORY-ADS",
     "type": "remote",
     "format": "binary",
     "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs",
     "download_detour": "全球直连"
   },
   {
     "tag": "GEOIP-CN",
     "type": "remote",
     "format": "binary",
     "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs",
     "download_detour": "全球直连"
   },
   {
     "tag": "GEOSITE-CN",
     "type": "remote",
     "format": "binary",
     "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs",
     "download_detour": "全球直连"
   },
   {
     "tag": "GEOLOCATION-!CN",
     "type": "remote",
     "format": "binary",
     "url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs",
     "download_detour": "全球直连"
   }
 ],
 "rules": [
   {
     "rule_set": "AI-Chat",
     "outbound": "AI-Chat"
   },
   {
     "rule_set": "Spotify",
     "outbound": "Spotify"
   },
   {
     "rule_set": "YouTube",
     "outbound": "Youtube"
   },
   {
     "protocol": "dns",
     "port": 53,
     "outbound": "dns-out"
   },
   {
     "clash_mode": "direct",
     "outbound": "direct"
   },
   {
     "clash_mode": "global",
     "outbound": "GLOBAL"
   },
   {
     "network": "udp",
     "port": 443,
     "outbound": "全球拦截"
   },
   {
     "rule_set": "CATEGORY-ADS",
     "outbound": "全球拦截"
   },
   {
     "ip_is_private": true,
     "outbound": "全球直连"
   },
   {
     "rule_set": "GEOIP-CN",
     "outbound": "全球直连"
   },
   {
     "rule_set": "GEOSITE-CN",
     "outbound": "全球直连"
   },
   {
     "rule_set": "GEOLOCATION-!CN",
     "outbound": "节点选择"
   }
 ],
 "final": "漏网之鱼",
 "auto_detect_interface": true
  },
  "dns": {
 "servers": [
   {
     "tag": "remote-dns",
     "address": "tls://8.8.8.8",
     "address_resolver": "remote-resolver-dns",
     "detour": "节点选择"
   },
   {
     "tag": "local-dns",
     "address": "https://223.5.5.5/dns-query",
     "address_resolver": "resolver-dns",
     "detour": "全球直连"
   },
   {
     "tag": "resolver-dns",
     "address": "223.5.5.5",
     "detour": "全球直连"
   },
   {
     "tag": "remote-resolver-dns",
     "address": "8.8.8.8",
     "detour": "节点选择"
   },
   {
     "tag": "block",
     "address": "rcode://success"
   }
 ],
 "disable_cache": false,
 "disable_expire": false,
 "independent_cache": false,
 "rules": [
   {
     "outbound": "any",
     "disable_cache": true,
     "server": "local-dns"
   },
   {
     "clash_mode": "direct",
     "server": "local-dns"
   },
   {
     "clash_mode": "global",
     "server": "remote-dns"
   },
   {
     "rule_set": "GEOSITE-CN",
     "server": "local-dns"
   },
   {
     "rule_set": "GEOLOCATION-!CN",
     "server": "remote-dns"
   }
 ],
 "fakeip": {
   "enabled": false,
   "inet4_range": "198.18.0.1/16",
   "inet6_range": "fc00::/18"
 },
 "final": "remote-dns",
 "strategy": "ipv4_only"
  }
}

    Docker安装sing-box客户端:

    docker run -d \
  --network host \
  --cap-add NET_ADMIN \
  --device=/dev/net/tun \
  -v /etc/sing-box/:/etc/sing-box/ \
  --name=sing-box \
  --restart=always \
  ghcr.io/sagernet/sing-box:v1.10.7 -D /var/lib/sing-box -C /etc/sing-box/ run

Hysteria 文档:https://v2.hysteria.network/zh/docs/getting-started/Installation/
Docker 镜像:https://hub.docker.com/r/tobyxdd/hysteria
sing-box 文档:https://sing-box.sagernet.org/zh/
GUI.for.Core 文档:https://gui-for-cores.github.io/zh/guide/
Yacd-meta面板:https://github.com/MetaCubeX/yacd/archive/gh-pages.zip

标签: sing-box, hysteria, docker

添加新评论