miladrahimi / v2ray-docker-compose Goto Github PK
View Code? Open in Web Editor NEWV2Ray Docker Compose Configurations (Single Server, Relay and Upstream Servers, Websockets + TLS + CDN) with Shadowsocks, VMess, SOCKS, and HTTP Protocols
V2Ray Docker Compose Configurations (Single Server, Relay and Upstream Servers, Websockets + TLS + CDN) with Shadowsocks, VMess, SOCKS, and HTTP Protocols
We can also mention this in the documentation: It is not always necessary to use CDN and users can use WSS (Secure Web Socket) without CDN when there is internet.
Naturally, they should enable CDN when internet goes down!
It would be great if you could add nginx configuration as described in https://guide.v2fly.org/en_US/advanced/wss_and_web.html#server-side-configuration for CDN approach.
Hi, Sorry if this is not relevant, Is there any way to route all traffic through sock or HTTP proxy on Linux? I set the HTTP_PROXY but some apps have their config and do not listen to that.
error in docker compose V2RAY_NGINX_CDN:
Unsupported config option for services.dockergen: 'volumes_from'
Hello contributors, and thank you for everything!
There is this issue in the recent python script, specifically in "open" statements. Since most of are in Farsi, you should consider adding the encoding argument to the related lines of code.
file = open(str(path.joinpath('config/config.json')), 'r', encoding="utf-8")
Thanks for the scripts.
There is an issue in client config file. outbound
must be replaced by outbounds
.
Hello everyone
is it possible to have one way bridge (send or receive via bridge only)?
for instance all the requests could be sent via the bridge server and all the responses sent directly via the foreign server to client and not through the bridge
Hi , I tried to connect with derak cdn.
but it does not work with the proxy on.
Do you have better idea or any solution for this ?
Users can use this scripts to generate all vmess clients base64 strings from config.json
.
For example:
./json2vmess.py /to/path/config/config.json
Hi,
I read docs of v2ray and saw all parts of config file but did not find anything to set multiple usernames and passwords (something like account-based service).
Is there any way to do this? I saw some videos which require hardware ID and things like this, which is not acceptable in my mind.
Also I didn't find a way to limit per-container bandwidth in docker. Do you have any solution? This is when the first question could not be implemented, and it would be an alternative.
first of all, thanks for your work.
take a look at x-ui forked by @hossinasaadi.
is it possible to use it in our docker container?
please explain, if you got any ideas
I have some problem with client
can u please put the client config file for v2ray?
My server is connected and fully working, but using ADSL Internet (LTE not tested) the connection is kind of unstable (Specially on IOS), the connection speed is jumping up and down continuously.
Do you think the optimization articles below could be applicable in this project ?
https://shadowsocks.org/guide/advanced.html
https://github.com/shadowsocks/shadowsocks/wiki/Optimizing-Shadowsocks
Users can use this project to install NekoRay with desktop shortcut in most Linux distributions
https://github.com/ohmydevops/nekoray-installer
Simply run:
wget -qO- https://raw.githubusercontent.com/ohmydevops/nekoray-installer/main/installer.sh | bash
step1:
docker install
`sudo apt-get update
sudo apt-get install \
ca-certificates \
curl \
gnupg \
lsb-release
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null`
after this copy docker in the server :
` "log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "warning"
},
"inbound": {
"port": 1013,
"listen": "0.0.0.0",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "d91290fe-2b1a-4d61--------------------------",
"alterId": 10,
"security": "auto"
}
]
},
"streamSettings": {
"network": "tcp",
"tcpSettings": {
"connectionReuse": true,
"header": {
"type": "http",
"response": {
"version": "1.1",
"status": "200",
"reason": "OK",
"headers": {
"Content-Type": [
"application/octet-stream",
"video/mpeg",
"application/x-msdownload",
"text/html",
"application/x-shockwave-flash"
],
"Transfer-Encoding": [
"chunked"
],
"Connection": [
"keep-alive"
],
"Pragma": "no-cache"
}
}
}
}
}
},
"outbound": {
"protocol": "freedom"
},
"inboundDetour": null,
"outboundDetour": [
{
"protocol": "blackhole",
"settings": null,
"tag": "blocked"
}
],
"routing": {
"strategy": "rules",
"settings": {
"domainStrategy": null,
"rules": [
{
"type": "field",
"port": null,
"outboundTag": "blocked",
"ip": [
"0.0.0.0/8",
"10.0.0.0/8",
"100.64.0.0/10",
"127.0.0.0/8",
"169.254.0.0/16",
"172.16.0.0/12",
"192.0.0.0/24",
"192.0.2.0/24",
"192.168.0.0/16",
"198.18.0.0/15",
"198.51.100.0/24",
"203.0.113.0/24",
"::1/128",
"fc00::/7",
"fe80::/10"
],
"domain": null
}
]
}
}
}
`
bridge server is too:
`{
"log": {
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log",
"loglevel": "warning"
},
"inbounds": [
{
"listen": "0.0.0.0",
"port": 1010,
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true
}
},
{
"listen": "0.0.0.0",
"port": 1110,
"protocol": "http",
"settings": {}
},
{
"listen": "0.0.0.0",
"port": 1210,
"protocol": "shadowsocks",
"settings": {
"password": "<Noureddin------->",
"method": "aes-128-gcm",
"level": 0,
"network": "tcp,udp"
}
},
{
"listen": "0.0.0.0",
"port": 1310,
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "<e4eb5012-f2------------------->",
"alterId": 0,
"security": "aes-128-gcm"
}
]
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "<65.-------->",
"port": 1310,
"users": [
{
"id": "<da7594----------------------->",
"alterId": 10,
"security": "none"
}
]
}
]
},
"streamSettings": {
"network": "ws"
},
"mux": {
"enabled": true
}
},
{
"protocol": "freedom",
"tag": "freedom"
}
],
"dns": {
"servers": [
"8.8.8.8",
"8.8.4.4",
"localhost"
]
},
"routing": {
"domainStrategy": "IPIfNonMatch",
"settings": {
"rules": [
{
"type": "field",
"outboundTag": "freedom",
"domain": [
"regexp:.*\\.ir$"
]
}
]
}
}
}
`
and run docker, after unlocking port in the config at upstream
so can u help me does not work :(****
Assuming upstream server is accessible by the end user, can somehow merge bridge and upstream servers functionality in 1 server together using this docker? how?
Is it possible to create panel like features like managing bandwidth, keeping track on usages, setting time limit for particular uuid, multiple login ban etc using webui?
I use V2Ray+CDN+Caddy And for CDN used cloudflare, until the proxy turned off everything is ok.
But when the proxy is turned on after a few minutes (probably the DNS is updated), the connection is interrupted and clients give error "Fail to detect internet connection: io read/write on closed pipe " and web page published in the browser (Home page) error "ERR_TOO_MANY_REDIRECTS" when page is reloaded
Caddyfile
mydomain.ga {
root * /usr/share/caddy
@websockets {
header Connection *Upgrade*
header Upgrade websocket
}
reverse_proxy @websockets v2ray:1310/ws
route {
reverse_proxy /ws v2ray:1310
file_server
}
log {
output stdout
}
}
Hi
Today I had a problem connecting to my upstream server which is blocked in Iran.
I increase my "alterid" to a number greater than 30 and It solves my issue.
I searched for it and as the document said, It's better to change to a number between 30 and 100.
I can contribute to this if you don't mind
when I run this on bridge server I get this error:
sudo docker-compose up -d
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 665, in urlopen
httplib_response = self._make_request(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 387, in _make_request
conn.request(method, url, **httplib_request_kw)
File "/usr/lib/python3.8/http/client.py", line 1256, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.8/http/client.py", line 1302, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "/usr/lib/python3.8/http/client.py", line 1251, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "/usr/lib/python3.8/http/client.py", line 1011, in _send_output
self.send(msg)
File "/usr/lib/python3.8/http/client.py", line 951, in send
self.connect()
File "/usr/lib/python3/dist-packages/docker/transport/unixconn.py", line 43, in connect
sock.connect(self.unix_socket)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 439, in send
resp = conn.urlopen(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 719, in urlopen
retries = retries.increment(
File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 400, in increment
raise six.reraise(type(error), error, _stacktrace)
File "/usr/lib/python3/dist-packages/six.py", line 702, in reraise
raise value.with_traceback(tb)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 665, in urlopen
httplib_response = self._make_request(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 387, in _make_request
conn.request(method, url, **httplib_request_kw)
File "/usr/lib/python3.8/http/client.py", line 1256, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.8/http/client.py", line 1302, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "/usr/lib/python3.8/http/client.py", line 1251, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "/usr/lib/python3.8/http/client.py", line 1011, in _send_output
self.send(msg)
File "/usr/lib/python3.8/http/client.py", line 951, in send
self.connect()
File "/usr/lib/python3/dist-packages/docker/transport/unixconn.py", line 43, in connect
sock.connect(self.unix_socket)
urllib3.exceptions.ProtocolError: ('Connection aborted.', FileNotFoundError(2, 'No such file or directory'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/compose/cli/errors.py", line 45, in handle_connection_errors
yield
File "/usr/lib/python3/dist-packages/compose/cli/command.py", line 151, in get_project
return Project.from_config(
File "/usr/lib/python3/dist-packages/compose/project.py", line 102, in from_config
service_networks = get_networks(service_dict, networks)
File "/usr/lib/python3/dist-packages/compose/network.py", line 320, in get_networks
networks[network.true_name] = netdef
File "/usr/lib/python3/dist-packages/compose/network.py", line 125, in true_name
self._set_legacy_flag()
File "/usr/lib/python3/dist-packages/compose/network.py", line 146, in _set_legacy_flag
data = self.inspect(legacy=True)
File "/usr/lib/python3/dist-packages/compose/network.py", line 106, in inspect
return self.client.inspect_network(self.legacy_full_name)
File "/usr/lib/python3/dist-packages/docker/utils/decorators.py", line 19, in wrapped
return f(self, resource_id, *args, **kwargs)
File "/usr/lib/python3/dist-packages/docker/api/network.py", line 212, in inspect_network
res = self._get(url, params=params)
File "/usr/lib/python3/dist-packages/docker/utils/decorators.py", line 46, in inner
return f(self, *args, **kwargs)
File "/usr/lib/python3/dist-packages/docker/api/client.py", line 230, in _get
return self.get(url, **self._set_request_timeout(kwargs))
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 546, in get
return self.request('GET', url, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 498, in send
raise ConnectionError(err, request=request)
requests.exceptions.ConnectionError: ('Connection aborted.', FileNotFoundError(2, 'No such file or directory'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/docker-compose", line 11, in
load_entry_point('docker-compose==1.25.0', 'console_scripts', 'docker-compose')()
File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 72, in main
command()
File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 125, in perform_command
project = project_from_options('.', options)
File "/usr/lib/python3/dist-packages/compose/cli/command.py", line 53, in project_from_options
return get_project(
File "/usr/lib/python3/dist-packages/compose/cli/command.py", line 151, in get_project
return Project.from_config(
File "/usr/lib/python3.8/contextlib.py", line 131, in exit
self.gen.throw(type, value, traceback)
File "/usr/lib/python3/dist-packages/compose/cli/errors.py", line 53, in handle_connection_errors
exit_with_error(get_conn_error_message(client.base_url))
File "/usr/lib/python3/dist-packages/compose/cli/errors.py", line 123, in get_conn_error_message
return docker_not_found_msg("Couldn't connect to Docker daemon.")
File "/usr/lib/python3/dist-packages/compose/cli/errors.py", line 137, in docker_not_found_msg
problem, docker_install_url())
File "/usr/lib/python3/dist-packages/compose/cli/errors.py", line 143, in docker_install_url
elif is_ubuntu():
File "/usr/lib/python3/dist-packages/compose/cli/utils.py", line 76, in is_ubuntu
return platform.system() == 'Linux' and platform.linux_distribution()[0] == 'Ubuntu'
AttributeError: module 'platform' has no attribute 'linux_distribution'
./vmess.py
file in the v2ray-nginx-cdn
directory is a copy of the caddy file and it doesn't work. it needs some changes to work properly.
As you know, the websocket transport is much more slower than TCP. The quic
protocol was introduced in V2ray-4.7 and it promises a faster and more stealthy transport. Has anybody tried using it?
I searched around and found some sample configurations however I couldn't manage to make it work.
can you add routing rule to seprating iran's ip and domain to route directly from iran server (bridge server ) and not routed from upstream server
I believe some sanctioned sites cannot be accessed with the current configuration.
Examples:
I have read new version of the configuration files. I want to ask the reason of following changes:
thanks.
hi
i run V2ray-caddy-cdn(cloudflare)
and it work verywell on rightel but i cant use video call on this
and
it not work on any isp(adsl,mci,mtnir)
i do this stuff and no internet both shadowsocks and vmess has no internet access
Hi, I got this error would you please help me, Does it happen because of my configuration or government censorship?
|WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it
at Shadowsocks.Util.Sockets.WrappedSocket.EndConnect(IAsyncResult asyncResult)
at Shadowsocks.Proxy.DirectConnect.EndConnectDest(IAsyncResult asyncResult)
at Shadowsocks.Controller.TCPHandler.ConnectCallback(IAsyncResult ar)
CFScanner in v2ray-nginx-cdn not working anymore,
connection timeout
the http://bot.sudoer.net/best.cf.iran has been stoped
I think it's a good idea to add these links in README, for those who need to read more about v2ray.
Thanks Milad for your great work ❤️, this is just for documentation; To make sure the both images are the same:
Official image RootFS layers at DockerHub (v2ray/official:latest):
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:5216338b40a7b96416b8b9858974bbe4acc3096ee60acbc4dfb1ee02aecceb10",
"sha256:6671c3a0b3fed48a38b40f47f6920f6c3e68e140d45386946fe832d327b2cb32",
"sha256:c8f3c46e0c24ca268d17e094707e0d26e26a8f68eb30c8e3225544f1cb84f77d",
"sha256:b7acc7d4bd5b246eccb62f3fe00013a4c6751696352f946e4e81d811a2c5fa03",
"sha256:1a22171f50805bbded39b3d8a57bf3825c463a13afa54fc933b1b5c7d1207109",
"sha256:32cc68e936978cdd8b55ab42a24a79b295258435d940fee1c20b9ff057ea28e3",
"sha256:d9de4e78ddbb137962d82d5e7bb30d3270b383e599ba5c93b0b36cda1ed911ff"
]
}
Unofficial image RootFS layers at Github (ghcr.io/getimages/v2ray:latest)
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:5216338b40a7b96416b8b9858974bbe4acc3096ee60acbc4dfb1ee02aecceb10",
"sha256:6671c3a0b3fed48a38b40f47f6920f6c3e68e140d45386946fe832d327b2cb32",
"sha256:c8f3c46e0c24ca268d17e094707e0d26e26a8f68eb30c8e3225544f1cb84f77d",
"sha256:b7acc7d4bd5b246eccb62f3fe00013a4c6751696352f946e4e81d811a2c5fa03",
"sha256:1a22171f50805bbded39b3d8a57bf3825c463a13afa54fc933b1b5c7d1207109",
"sha256:32cc68e936978cdd8b55ab42a24a79b295258435d940fee1c20b9ff057ea28e3",
"sha256:d9de4e78ddbb137962d82d5e7bb30d3270b383e599ba5c93b0b36cda1ed911ff"
]
}
Hi Milad,
You can use the "https://ipv4.icanhazip.com/" instead of "http://ifconfig.io/ip" to get the correct IP.
Hey,
I see that Xray-core v1.8.0, which supports the reality protocol, has been released. Is there any intention to update the core?
if i get connected with v2ray app and request to bridge server and browsing Instagram its getting blocked by irancell or rightel after 2 or 3 hours !!!! :| and i don't have any clue about "how they are recognizing our bridge server ?" :))))
i guess they are watching our connection between client and bridge server and if our whole requests are routing to bridge server completely ,they recognize that and block the bridge server :|
how can prevent this and hiding our traffic from ISP?
i guess the ISPs are playing active role in censorship :) not just the infrastructure company
Hi,
after the implementation, I noticed that Iran's geo-IP sites are trying to pass from upstream server traffic regardless of the routing configuration of the bridge server, the config.json file of the bridge server is untouched.
Am I missing something?
Truly, peace be upon you for this life saver.
i cant connect to Vmess and shadowsocks via rightel but Mtnirancell and adsl are ok
my bridge server :arvan
For example, to using v5.1.0, we need to test and ensure everything is working properly; because it is a user preview version.
I can test and report results for new features.
Hi,
Thanks for this useful repo.
Almost a week ago I used this repo with two servers and every thing works just fine.
Today I sat up two new servers from same companies as before with updated scripts but it does not work.
The test with V2RayNG is OK but internet is not available on the client.
I tried to use the old script from old servers but it seems that docker images are not available:
Pulling v2ray (ghcr.io/miladrahimi/v2ray:latest)...
ERROR: Head "https://ghcr.io/v2/miladrahimi/v2ray/manifests/latest": denied
Can you bring back the old images?
It would be nice if we include a setup script for easy setup so for new users we do something like
curl github.com/miladrahimi/v2ray-docker-compose/tree/master/setup.sh | bash
script should:
Or
we can do a different approach and do a client side script that will take two ips as bridge and upstream and setup servers using ssh itself, it's the most user friendly and easy way
Hello,
This is not an issue, rather a question/suggestion. Is there any way to monitor the number of clients that are connected to the bridge/upstream server, and the current network usage?
Thanks
Hi
It seems that the Iranian government blocked or set limitations on the Internet after 7 Dec 2022 which caused decreasing speed.
Is there any solution for fixing that?
Checked with:
-MTN
-MCI
-ZITEL
-ASIATECH
-Mokhaberat
ArvanCloud provides my Iran server.
Thanks,
We can not connect to the proxy servers either with ShadowSocks or VMess protocols via MTN Irancell. Is there any way or procedure to compass this situation?
Thanks for your fantastic solution. However, as you know, there is a good chance that upstream servers will become unreachable due to blind foreign IP range blockings by the Iranian government.
It would be great if we can configure two (or more) upstream servers for our bridge so it would fall back to the second one in case the first one is unreachable. It would improve this tool's reliability very much.
hi
its work fine for me
if i want add vless, need change image?
can you share dockerfile?
Hi
This is awesome solution but it would be easier to detect ?
Why not use Xray core instead of old v2ray core ? it is stronger.
also can we use other protocols such as vless or trojan
Update: i decided to turn this issue into some suggestion for future.
Sometimes we need to block some domains in our server configuration. I looked it up and found https://guide.v2fly.org/en_US/basics/routing/adblock.html. Can it be added to this config?
Hi. First thanks for the awesome repo, have helped keep a dozens of people connected!
I'm using V2Ray Upsream and Bridge Servers
method. It's worked fine for the past ~9 months with all operators and ISPs. Recently I bought a new vps from a provider in a new datacenter (in Iran to use as bridge).
But it does not work with Irancell/RighTel. HarahAval is OK. I have no idea what the issue is.
Any help would be appreciated.
Hi
In last 3 days, I believe they are doing some actions on the DNS packets. and you can not browse internet with v2ray. I just works for Telegram and some other applications.
As I saw in this config we are solving the DNS in the bridge server.
How we can proxy the DNS requests to the upstream servers too ?
Thank you.
I think this line is not correct.
It should be domainStrategy
.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.