[QUOTE="raws0ck3t, post: 12480, member: 8918"]
It good works with let's encrypt:
openvpn-client -> (listen 1080 socks5) ss-client -> (listen 443/tcp, let's encrypt cert) nginx -> (listen 8000/tcp) v2ray-plugin -> ss-server -> openvpn-server
add to nginx conf (inside server block):
location /bypass {
access_log off;
proxy_redirect off;
proxy_pass http://127.0.0.1:8000; #port of v2ray-plugin
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
restart nginx:
sudo nginx -s reload
sudo systemctl restart nginx
shadowsocks.json on server side:
{
"server": "0.0.0.0",
"server_port": 8000,
"password": "password",
"timeout": 300,
"method": "aes-256-gcm",
"plugin": "v2ray-plugin",
"plugin_opts": "server;host=yourdomain;path=/bypass;loglevel=none"
}
start v2ray:
screen -S shadowsocks
ss-server -c shadowsocks.json
plugin_opts on client side:
host=yourdomain;path=/bypass;tls
[/QUOTE]
