server
docker-compose.yml
config.json
cat <<'EOF'>/opt/xray-server/config.json
{
"log": {
"access": "/var/log/xray_log/access.log",
"error": "/var/log/xray_log/error.log",
"loglevel": "debug"
},
"inbounds": [
{
"port": 443,
"protocol": "vless",
"settings": {
"decryption":"none",
"clients": [
{
"id": "ceabcf56-f488-489a-a485-b712345f71",
"flow": "xtls-rprx-vision",
"alterId": 0
}
]
},
"streamSettings": {
"security": "tls",
"tlsSettings": {
"certificates": [
{
"certificateFile": "/etc/xray/clash.oplab.net.crt",
"keyFile": "/etc/xray/clash.oplab.net.key"
}
]
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}
EOF
mkdir -p /opt/xray-server/
cat <<'EOF'>/opt/xray-server/docker-compose.yml
version: '3'
networks:
ssrdog-network:
driver: bridge
ipam:
config:
- subnet: 172.18.10.0/24
services:
xray-server:
image: teddysun/xray:1.8.8
cap_add:
- NET_ADMIN # 允许容器进行网络管理操作
container_name: xray-server
hostname: xray-server
ports:
- "4443:443"
networks:
ssrdog-network:
ipv4_address: 172.18.10.2
volumes:
- ./config.json:/etc/xray/config.json
- ./clash.oplab.net.crt:/etc/xray/clash.oplab.net.crt
- ./clash.oplab.net.key:/etc/xray/clash.oplab.net.key
- ./log:/var/log/xray_log/
EOF
cd /opt/xray-server/
docker-compose up -d
client
docker-compose.yml
config.json
cat <<'EOF'>/opt/xray-client/config.json
{
"log": {
"access": "/var/log/xray_log/access.log",
"error": "/var/log/xray_log/error.log",
"loglevel": "warning"
},
"dns": {
"servers": [
{
"address": "1.1.1.1",
"domains": [
"geosite:geolocation-!cn"
]
},
{
"address": "223.5.5.5",
"domains": [
"geosite:cn"
],
"expectIPs": [
"geoip:cn"
]
},
{
"address": "114.114.114.114",
"domains": [
"geosite:cn"
]
},
"localhost"
]
},
"routing": {
"domainStrategy": "IPIfNonMatch",
"rules": [
{
"type": "field",
"domain": [
"geosite:category-ads-all"
],
"outboundTag": "block"
},
{
"type": "field",
"domain": [
"geosite:cn"
],
"outboundTag": "direct"
},
{
"type": "field",
"ip": [
"geoip:cn",
"geoip:private"
],
"outboundTag": "direct"
},
{
"type": "field",
"domain": [
"geosite:geolocation-!cn"
],
"outboundTag": "proxy"
},
{
"type": "field",
"ip": [
"223.5.5.5"
],
"outboundTag": "direct"
}
]
},
"inbounds": [
{
"tag": "socks-in",
"protocol": "socks",
"listen": "0.0.0.0",
"port": 10800,
"settings": {
"udp": true
}
},
{
"tag": "http-in",
"protocol": "http",
"listen": "0.0.0.0",
"port": 10801
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "clash.oplab.net",
"port": 4443,
"users": [
{
"id": "xxx",
"encryption": "none",
"level": 0
}
]
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"serverName": "clash.oplab.net",
"allowInsecure": false,
"fingerprint": "chrome"
}
}
},
{
"tag": "direct",
"protocol": "freedom"
},
{
"tag": "block",
"protocol": "blackhole"
}
]
}
EOF
mkdir -p /opt/xray-client/
cat <<'EOF'>/opt/xray-client/docker-compose.yml
version: '3'
networks:
ssrdog-network:
driver: bridge
ipam:
config:
- subnet: 172.18.10.0/24
services:
clash_us_2:
image: teddysun/xray:1.8.8
cap_add:
- NET_ADMIN # 允许容器进行网络管理操作
container_name: clash_us_2
hostname: clash_us_2
ports:
- "47894:10800"
extra_hosts:
- clash.oplab.net:199.193.125.33
networks:
ssrdog-network:
ipv4_address: 172.18.10.2
devices:
- /dev/net/tun:/dev/net/tun
volumes:
- ./config.json:/etc/xray/config.json
- ./log:/var/log/xray_log/
EOF
cd /opt/xray-client
docker-compose up -d
参考
xray镜像
xray doc