油管视频
https://youtu.be/BDJ3RGedOAQ
主流节点搭建 2026 | Reality AnyTls-Go Naive Hysteria2
Reality
#安装必要组件
apt install -y curl
#安装xray
bash -c “$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)” @ install -u root
#xray配置文件(如果没有的话创建)
/usr/local/etc/xray/config.json
#一定要改的两个地方
30 id
46 private key
#建议要改的
speed.cloudflare.com
#检查配置文件
xray -test -config /usr/local/etc/xray/config.json
#重启并查看状态
systemctl restart xray && systemctl status xray
#xray配置(不被偷流量)官方模板
https://github.com/XTLS/Xray-examples/tree/main/VLESS-TCP-REALITY%20(without%20being%20stolen)
#配置文件
{
"log": {
"loglevel": "debug"
},
"inbounds": [
{
"tag": "dokodemo-in",
"port": 443,
"protocol": "dokodemo-door",
"settings": {
"address": "127.0.0.1",
"port": 4431, // 指向内网中的 reality 端口,示例是这个端口,如果要自己修改了记得这里和下面的 reality 入站都要修改
"network": "tcp"
},
"sniffing": { // 这里的 sniffing 不是多余的,别乱动
"enabled": true,
"destOverride": [
"tls"
],
"routeOnly": true
}
},
{
"listen": "127.0.0.1",
"port": 4431, // 见上 如果和其他服务冲突了可以换
"protocol": "vless",
"settings": {
"clients": [
{
"id": "", // uuid 运行 `xray uuid` 生成
"flow": "xtls-rprx-vision"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
// 下方要求和普通 reality 一致,这里演示 dest 设置为 cloudflare 不被偷跑流量所以设置为 speed.cloudflare.com 了
// 你可以设置为其他 CF 网站,如果你的 dest 不是这种网站你也不用点了进来不是吗
"dest": "speed.cloudflare.com:443",
"serverNames": [
"speed.cloudflare.com"
],
"privateKey": "", // 运行 `xray x25519` 生成
"shortIds": [
"",
"0123456789abcdef"
]
}
},
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls",
"quic"
],
"routeOnly": true
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct"
},
{
"protocol": "blackhole",
"tag": "block"
}
],
"routing": {
"rules": [
{
"inboundTag": [
"dokodemo-in"
],
// 重要,这个域名列表需要和 realitySettings 的 serverNames 保持一致
"domain": [
"speed.cloudflare.com"
],
"outboundTag": "direct"
},
{
"inboundTag": [
"dokodemo-in"
],
"outboundTag": "block"
}
]
}
}
Anytls
#项目链接
https://github.com/anytls/anytls-go
#环境
Debian12,ARM 64, root
#安装必要组件
apt install -y curl unzip
#安装anytls服务端(自制命令,自动获取最新版本号和cpu类型)
VERSION=$(curl -s https://api.github.com/repos/anytls/anytls-go/releases/latest | grep -Po ‘”tag_name”: “v\K[^”]*’) && \
ARCH=$(uname -m | sed ‘s/x86_64/amd64/;s/aarch64/arm64/’) && \
curl -LO “https://github.com/anytls/anytls-go/releases/download/v${VERSION}/anytls_${VERSION}_linux_${ARCH}.zip”
#解压缩
unzip -o “anytls_${VERSION}_linux_${ARCH}.zip”
#移动文件到执行目录
mv anytls-server /usr/local/bin/ && rm anytls-client readme.md
#添加系统启动配置(密码需要修改,端口,user,group选择性修改)
dd of=/etc/systemd/system/anytls.service <<EOF
[Unit]
Description=AnyTLS Service
After=network.target
[Service]
Type=simple
User=root
Group=root
ExecStart=/usr/local/bin/anytls-server -l 0.0.0.0:8443 -p YOUR_PASSWORD
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
#启动配置文件和其他配置命令
systemctl daemon-reload
systemctl start anytls
systemctl status anytls
systemctl enable anytls
#sing-box核心下载
https://github.com/SagerNet/sing-box/releases
#anytls用的是自签证书
跳过证书验证,要选true
#配置文件
dd of=/etc/systemd/system/anytls.service <<EOF [Unit] Description=AnyTLS Service After=network.target [Service] Type=simple User=root Group=root ExecStart=/usr/local/bin/anytls-server -l 0.0.0.0:8443 -p YOUR_PASSWORD Restart=on-failure [Install] WantedBy=multi-user.target EOF
Naive
主流节点搭建 2026 | Reality AnyTls-Go Naive Hysteria2
Naive
安装wget & tar
apt install -y curl wget tar
安装go-lang
LATEST_GO=$(curl -s https://go.dev/VERSION?m=text | head -n 1) && \
ARCH=$(uname -m) && \
if [ “$ARCH” = “x86_64″ ]; then ARCH=”amd64”; elif [ “$ARCH” = “aarch64″ ]; then ARCH=”arm64”; fi && \
wget “https://go.dev/dl/${LATEST_GO}.linux-${ARCH}.tar.gz” && \
rm -rf /usr/local/go && \
tar -C /usr/local -xzf “${LATEST_GO}.linux-${ARCH}.tar.gz” && \
export PATH=$PATH:/usr/local/go/bin && \
source /root/.profile; \
go version
最后会输出go-lang的版本
安装Caddy
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
编译Caddy
~/go/bin/xcaddy build –with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive
#最后一项要卡5-6分钟([INFO] exec (timeout=-2562047h47m16.854775808s))
直到出现“Cleaning up temporary folder…”,才结束
#新建配置文件
touch /root/Caddyfile
#编辑配置文件
运行Caddy
./caddy run
得到INFO tls.obtain releasing lock {“identifier”: “xxxx”}
关闭窗口
ctrl+c
后台运行Caddy
./caddy start
下载caddy核心
Naive Proxy Github官方主页
https://github.com/klzgrad/naiveproxy
#服务端配置文件
:443, xxx.com #你的域名 tls [email protected] #你的邮箱 route { forward_proxy { basic_auth username password #用户名和密码 hide_ip hide_via probe_resistance } reverse_proxy https://example.com { #伪装网址 header_up Host {upstream_hostport} } }
#客户端配置文件
{
"listen": "socks://127.0.0.1:1080",
"proxy": "https://username:[email protected]"
}
Hysteria2
#官网
https://v2.hysteria.network/zh/
#Github项目主页
https://github.com/apernet/hysteria
#安装必要组件
apt install -y curl
#安装
bash <(curl -fsSL https://get.hy2.sh/)
#配置文件
/etc/hysteria/config.yaml
#启动
systemctl start hysteria-server.service
#开机启动
systemctl enable hysteria-server.service
#安装iptables
apt install -y iptables
#端口跳跃
iptables -t nat -A PREROUTING -i enp0s6: -p udp –dport 20000:50000 -j REDIRECT –to-ports 443
#撤销
iptables -t nat -D PREROUTING -i eth0 -p udp –dport 20000:50000 -j REDIRECT –to-ports 443
#查询网卡
ip a
#其他进阶用法比如拥塞控制算法和混淆等,参见
https://jollyroger.top/sites/210.html
