Effortlessly deploy V2Ray with Docker, featuring multi-protocol support and fully optimized for compatibility with Cloudflare and other major CDNs.
The v2ray-nginx-cloudflare project provides both original and modular deployment options for a secure, scalable V2Ray instance using Docker containers. This architecture enables seamless integration with Cloudflare and CDNs, offering enhanced security, obfuscation, and performance.
- π Original Setup - Simple VMess-only configuration (legacy)
- π Modular Setup - Multi-protocol support with VLESS, VMess, and advanced customization
Whether you're looking to bypass restrictions or set up a robust private proxy, this solution prioritizes reliability, compatibility, and ease of deployment.
One-command installation - automatically detects your system and sets up everything:
sudo bash <(curl -s https://raw.githubusercontent.com/samrand96/v2ray-nginx-cloudflare/main/easy-install.sh)What it does:
- β Detects your Linux distribution (Ubuntu, Debian, CentOS, Fedora, Arch, Alpine, etc.)
- β Installs Docker and Docker Compose if needed
- β Lets you choose between original or modular setup
- β Configures multi-protocol support (VLESS+VMess)
- β Generates UUID and client configurations
- β Sets up SSL certificates automatically
- β Provides ready-to-use connection links
The modular setup supports three Cloudflare-compatible protocols:
- Port: 1310
- Path:
/ - Performance: βββββ
- CDN Compatible: β Excellent
- Port: 1311
- Service:
grpc - Performance: ββββ
- CDN Compatible: β Good
- Port: 1312
- Path:
/ws - Performance: βββ
- CDN Compatible: β Good (Legacy)
v2ray-nginx-cloudflare/
βββ .env # β SINGLE source of truth (all config here)
βββ .env.example # Configuration template
βββ docker-compose.modular.yml # Multi-protocol setup
βββ docker-compose.yml # Original setup (preserved)
βββ generate-config.sh # Script to regenerate V2Ray config
βββ vhost/
β βββ default # Nginx location blocks for all protocols
βββ configs/
β βββ nginx.tmpl # Nginx-proxy template
βββ v2ray/config/
βββ config.template.json # V2Ray config template
βββ config.json # Generated V2Ray config
- Single
.envfile - All services read from one place - No duplicate configs - Change once, apply everywhere
- Easy management - Edit
.envand restart services - Version control - All settings in environment variables
- β Ubuntu (18.04, 20.04, 22.04, 24.04+)
- β Debian (9, 10, 11, 12+)
- β CentOS/RHEL (7, 8, 9)
- β Rocky Linux / AlmaLinux
- β Fedora (35+)
- β Arch Linux / Manjaro
- β Alpine Linux
- β openSUSE / SLES
- CPU: 1+ cores
- RAM: 512MB+ (1GB+ recommended)
- Storage: 2GB+ free space
- Network: Public IP with port 80/443 access
Hetzner offers excellent performance and value:
- 2 vCPU, 4 GB RAM, 20 TB Bandwidth
- IPv4 & IPv6 support
- β¬4.5/month with β¬20 credit: https://bit.ly/ssr_vps
Replace your-domain.com and your-uuid with your actual values:
vless://[email protected]:443?type=ws&security=tls&path=%2Fvless-ws&host=your-domain.com#VLESS-WS
vless://[email protected]:443?type=grpc&security=tls&serviceName=grpc&host=your-domain.com#VLESS-gRPC
vmess://eyJ2IjoiMiIsInBzIjoiVk1lc3MtV1MiLCJhZGQiOiJ5b3VyLWRvbWFpbi5jb20iLCJwb3J0IjoiNDQzIiwidHlwZSI6Im5vbmUiLCJpZCI6InlvdXItdXVpZCIsImFpZCI6IjAiLCJuZXQiOiJ3cyIsInBhdGgiOiIvdm1lc3Mtd3MiLCJob3N0IjoieW91ci1kb21haW4uY29tIiwidGxzIjoidGxzIn0=
- v2rayNG - Supports all protocols
- Clash Meta for Android - Modern and user-friendly
- OneClick - Supports VLESS and VMess
- Shadowrocket - Paid but excellent
- V2Ray Desktop - Official client
- Clash Verge - Modern GUI with Clash Meta core
- NekoRay - Feature-rich client
If you prefer manual setup or need custom configuration:
Create an A record pointing to your server's IP. Temporarily disable CDN proxy.
# Download and run our universal installer
curl -fsSL https://raw.githubusercontent.com/samrand96/v2ray-nginx-cloudflare/main/install-docker.sh | sudo bashgit clone https://github.com/samrand96/v2ray-nginx-cloudflare.git
cd v2ray-nginx-cloudflare# Copy environment template
cp .env.example .env
# Generate UUID
UUID=$(uuidgen 2>/dev/null || cat /proc/sys/kernel/random/uuid)
# Edit the SINGLE configuration file
nano .env # Set DOMAIN, LETSENCRYPT_EMAIL, and V2RAY_UUID
# Generate V2Ray config from template
./generate-config.sh
# Start all services
docker compose -f docker-compose.modular.yml up -d# Generate UUID
UUID=$(uuidgen)
# Update config
sed -i "s/<UPSTREAM-UUID>/$UUID/g" v2ray/config/config.json
sed -i "s/YOUR_DOMAIN/your-domain.com/g" docker-compose.yml
sed -i "s/YOUR_EMAIL/[email protected]/g" docker-compose.yml
# Start services
docker compose up -dReturn to your DNS settings and enable the proxy/CDN feature.
All configuration is in the root .env file:
# Domain and SSL
DOMAIN=your-domain.com
[email protected]
# V2Ray UUID (generate with: uuidgen)
V2RAY_UUID=your-uuid-here
# Protocol ports (fixed in vhost/default)
VLESS_WS_PORT=1310 # VLESS WebSocket
VLESS_GRPC_PORT=1311 # VLESS gRPC
VMESS_WS_PORT=1312 # VMess WebSocket
# Protocol paths
VLESS_WS_PATH=/
VLESS_GRPC_SERVICE=grpc
VMESS_WS_PATH=/wsAfter editing .env, regenerate V2Ray config:
./generate-config.sh
docker compose -f docker-compose.modular.yml restart v2rayAdd to .env file:
CPU_LIMIT=1.0
MEMORY_LIMIT=512M
MEMORY_RESERVATION=256M# Individual service control
docker compose -f docker-compose.modular.yml stop v2ray
docker compose -f docker-compose.modular.yml start nginx
docker compose -f docker-compose.modular.yml restart nginx-proxy-acme
# Rebuild and restart
docker compose -f docker-compose.modular.yml up -d --force-recreate
# View logs
docker compose -f docker-compose.modular.yml logs -f v2ray
docker compose -f docker-compose.modular.yml logs -f nginx- π Unique UUID: Always generate a new UUID for V2Ray
- π Strong SSL: Use "Full (strict)" mode in Cloudflare
- π Monitor logs: Regularly check for suspicious activity
- π Keep updated: Update service versions in
.envfiles - π‘οΈ Firewall: Only expose necessary ports (80, 443)
# Check service status
docker compose -f docker-compose.modular.yml ps
# View all logs
docker compose -f docker-compose.modular.yml logs
# Test configuration
docker compose -f docker-compose.modular.yml exec v2ray v2ray -test -config /etc/v2ray/config.json# Check ACME logs
docker compose -f docker-compose.modular.yml logs nginx-proxy-acme
# Force renewal
docker compose -f docker-compose.modular.yml exec nginx-proxy-acme /app/force_renew# Stop all services
docker compose -f docker-compose.modular.yml down
# Clean rebuild
docker compose -f docker-compose.modular.yml build --no-cache
docker compose -f docker-compose.modular.yml up -ddocker compose -f docker-compose.modular.yml psdocker compose -f docker-compose.modular.yml logs v2raydocker compose -f docker-compose.modular.yml logs nginxdocker compose -f docker-compose.modular.yml logs dockergendocker compose -f docker-compose.modular.yml exec v2ray netstat -tlnpdocker compose -f docker-compose.modular.yml exec nginx curl -I http://v2ray:1310docker compose -f docker-compose.modular.yml exec nginx cat /etc/nginx/conf.d/default.confdocker compose -f docker-compose.modular.yml exec v2ray cat /etc/v2ray/config.json| Protocol | Speed | CPU Usage | Compatibility | Cloudflare CDN |
|---|---|---|---|---|
| VLESS+WS | βββββ | βββββ | ββββ | β Excellent |
| VLESS+gRPC | ββββ | ββββ | βββ | β Good |
| VMess+WS | βββ | βββ | βββββ | β Good |
| Feature | Original Setup | Modular Setup |
|---|---|---|
| Protocols | VMess only | VLESS + VMess + gRPC |
| Customization | Limited | Extensive |
| Performance | Good | Excellent |
| Maintenance | Manual | Automated |
| CDN Optimization | Basic | Advanced |
| Resource Control | No | Yes |
Connection Details:
- Server: your-domain.com
- Port: 443
- UUID: your-generated-uuid
- Network: ws
- Path: /
- TLS: true
{
"outbounds": [{
"protocol": "vless",
"settings": {
"vnext": [{
"address": "your-domain.com",
"port": 443,
"users": [{
"id": "your-generated-uuid",
"encryption": "none"
}]
}]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"wsSettings": {
"path": "/",
"headers": {
"Host": "your-domain.com"
}
},
"tlsSettings": {
"serverName": "your-domain.com"
}
}
}]
}proxies:
- name: "VLESS-WS"
type: vless
server: your-domain.com
port: 443
uuid: your-generated-uuid
network: ws
tls: true
ws-opts:
path: /
headers:
Host: your-domain.comConnection Details:
- Server: your-domain.com
- Port: 443
- UUID: your-generated-uuid
- Network: grpc
- Service: grpc
- TLS: true
{
"outbounds": [{
"protocol": "vless",
"settings": {
"vnext": [{
"address": "your-domain.com",
"port": 443,
"users": [{
"id": "your-generated-uuid",
"encryption": "none"
}]
}]
},
"streamSettings": {
"network": "grpc",
"security": "tls",
"grpcSettings": {
"serviceName": "grpc"
},
"tlsSettings": {
"serverName": "your-domain.com"
}
}
}]
}Connection Details:
- Server: your-domain.com
- Port: 443
- UUID: your-generated-uuid
- AlterID: 0
- Network: ws
- Path: /ws
- TLS: true
{
"outbounds": [{
"protocol": "vmess",
"settings": {
"vnext": [{
"address": "your-domain.com",
"port": 443,
"users": [{
"id": "your-generated-uuid",
"alterId": 0,
"security": "auto"
}]
}]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"wsSettings": {
"path": "/ws",
"headers": {
"Host": "your-domain.com"
}
},
"tlsSettings": {
"serverName": "your-domain.com"
}
}
}]
}- V2Ray Documentation: https://www.v2ray.com/
- Nginx Documentation: https://nginx.org/en/docs/
- Let's Encrypt: https://letsencrypt.org/docs/
- Docker Compose: https://docs.docker.com/compose/
We welcome contributions! For issues, improvements, or new features:
- Fork the repository
- Create a feature branch
- Submit a pull request
For questions or support, open an issue in the GitHub repository.
This project is licensed under the terms specified in the LICENSE file.