vless多https站点共存，复用443端口

vless设置落地网站后，可以设置多https站点共存。

近日，需要帮助Chris设置多个网站，进行实验。因前期安装vless，443端口已被占用，现需解决443端口复用问题。

1. Nginx可调用stream_ssl_preread模块，nginx -V查看已安装的模块，默认Nginx1.8已安装此模块。在主配置文件nginx.conf的events和http之间插入stream_ssl_preread模块，示例如下：

   ...
   events
    {
      ...
    }
   stream {
   map $ssl_preread_server_name $name {
    chris.ur.baby vless;
    a.chrischai.xyz https1;
    b.chrischai.xyz https2;
    c.chrischai.xyz https3;
    d.chrischai.xyz https4;
   }
   upstream vless {
    server 127.0.0.1:351; #vless服务端
   }
   upstream https1 {
    server 127.0.0.1:352; #https网站1端口
   }
   upstream https2 {
    server 127.0.0.1:353; #https网站2端口
   }
   upstream https3 {
    server 127.0.0.1:354; #https网站3端口
   }
   upstream https4 {
    server 127.0.0.1:355; #https网站4端口
   }  
   server {
    listen 443 reuseport;
    listen [::]:443 reuseport;
    proxy_pass  $name;
    ssl_preread on; #开启 ssl_preread
   }
   }
   http
    {
    ...
   }

2. 设置https站点Nginx文件，nginx配置文件内原本监听443端口的listen需要改为在upstream内指定的端口。如下：

   server {
    listen       0.0.0.0:80;
    server_name  d.chrischai.xyz;
    return 301 https://d.chrischai.xyz$request_uri; #强制开启ssl
   }
   server
   {
    listen 355 ssl http2; #将443端口更改为upstream设置的端口
    server_name d.chrischai.xyz;
    ...
   }

3. vless需更改配置config文件，port由443更改为351，回落不变，不再开启h2配置。具体如下：

{
    "log": {
        "loglevel": "warning"
    },
    "inbounds": [
        {
            "listen": "127.0.0.1", # 仅监听在本地防止探测到下面的端口
            "port": 351, # 这里的端口对应nginx内的upstream端口
            "protocol": "vless",
            "settings": {
                "clients": [
                    {
                        "id": "***", # 填写你的UUID
                        "flow": "xtls-rprx-direct",
                        "level": 0
                    }
                ],
                "decryption": "none",
                "fallbacks": [
                    {
                        "dest": "8002" # 回落站点的端口号
                    }
                 ]
            },
            "streamSettings": {
                "network": "tcp",
                "security": "xtls",
                "xtlsSettings": {
                    "alpn": [
                        "http/1.1"
                    ],
                    "certificates": [
                        {
                            "certificateFile": "/www/server/panel/vhost/cert/***/fullchain.pem", # 你的域名证书
                            "keyFile": "/www/server/panel/vhost/cert/***/privkey.pem" # 你的证书私钥
                        }
                    ]
                }
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom"
        }
    ]
}

#vless回落页对应的Nginx配置更改为：
server {
    listen       0.0.0.0:80;
    server_name  domain; #domain为落地的网页地址
    return 301 https://domain$request_uri;
}
server
{
    listen 8002;
        server_name domain;
    index index.php index.html index.htm default.php default.htm default.html;
    root /www/wwwroot/domain;

参考链接：
https://lala.im/7666.html
https://lhy.life/20200816-vless/
https://www.v2rayssr.com/xraybt.html

本文链接：