如何在 Ubuntu 服务器上安装 Hysteria 2 和 AnyTLS 服务

y2k38

2026-05-12

anytls, hysteria

准备

安装 Hysteria 2

# 方式一：官方脚本
bash <(curl -fsSL https://get.hy2.sh/)

# 方式二：手动安装
# 下载
curl -L https://github.com/apernet/hysteria/releases/download/app%2Fv2.9.1/hysteria-linux-amd64 -o hysteria
# 校验哈希值
sha256sum hysteria
# 添加执行权限
chmod +x hysteria
# 安装到指定位置
sudo mv hysteria /usr/local/bin

安装 AnyTLS

# 下载mihomo
curl -LO https://github.com/MetaCubeX/mihomo/releases/download/v1.19.24/mihomo-linux-amd64-v3-v1.19.24.gz
# 校验哈希值
sha256sum mihomo-linux-amd64-v3-v1.19.24.gz
# 解压缩
gzip -d mihomo-linux-amd64-v3-v1.19.24.gz
# 重命名
mv mihomo-linux-amd64-v3-v1.19.24 mihomo
# 添加执行权限
chmod +x mihomo
# 安装到指定位置
sudo mv mihomo /usr/local/bin

安装SSL证书

建立nginx配置文件

1	sudo vi /etc/nginx/sites-enabled/<your_domain.com>

内容，先别配置ssl，让certbot自己设置

server {
    listen 80;
    server_name <your_domain.com>;

    # 用于 Let’s Encrypt 证书验证
    location /.well-known/acme-challenge/ {
        root /var/www/folder_name;
    }

    # 其它 HTTP 请求重定向到 HTTPS
    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl http2;
    server_name <your_domain.com>;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
}

执行certbot申请证书

1	sudo certbot --nginx -d <your_domain.com>

将证书软链接到指定目录

# 确保目录存在
sudo mkdir -p /etc/hysteria/certs
 
# 软链接到配置目录，safe_path
sudo ln -s /etc/letsencrypt/live/<your_domain.com>/fullchain.pem /etc/hysteria/certs/
sudo ln -s /etc/letsencrypt/live/<your_domain.com>/privkey.pem /etc/hysteria/certs/

# 确保目录存在
sudo mkdir -p /etc/mihomo/certs

# 软链接到配置目录，safe_path
sudo ln -s /etc/letsencrypt/live/<your_domain.com>/fullchain.pem /etc/mihomo/certs/
sudo ln -s /etc/letsencrypt/live/<your_domain.com>/privkey.pem /etc/mihomo/certs/

Hysteria 2

配置

服务端

1	sudo vi /etc/hysteria/config.yaml

内容如下

trafficStats:
  listen: :10002

listen: :30002

tls:
  cert: /etc/hysteria/certs/fullchain.pem
  key: /etc/hysteria/certs/privkey.pem

auth:
  type: userpass
  userpass:
    user1: <64_character_password>

obfs:
  type: salamander
  salamander:
    password: <32_character_password>

bandwidth:
  up: 10 mbps
  down: 50 mbps

客户端

1	hysteria2://user1:64_character_password@your_domain.com:30002/?sni=your_domain.com&insecure=0&udp=true&alpn=h3&obfs=salamander&obfs-password=32_character_password#Hy2

Systemd

创建service文件

1	sudo vi /etc/systemd/system/hysteria.service

内容如下

[Unit]
Description=Hysteria2 Service
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/hysteria server -c /etc/hysteria/config.yaml
Restart=on-failure
LimitNOFILE=512000

[Install]
WantedBy=multi-user.target

启动/验证

# 启动
sudo systemctl start hysteria
# 验证
sudo systemctl status hysteria
sudo journalctl -u hysteria -f

# 开机启动
sudo systemctl enable hysteria

查看流量消耗

curl http://127.0.0.1:10002/traffic

# 输出如下
#  {"user1":{"tx":125753,"rx":1549737}}#

AnyTLS

配置

服务端

1	sudo vi /etc/mihomo/config.yaml

内容如下

mode: direct

external-controller: 127.0.0.1:10003

listeners:
  - name: anytls-in
    type: anytls
    listen: 0.0.0.0
    port: 30003

    users:
      user1: <uuid>

    certificate: /etc/mihomo/certs/fullchain.pem
    private-key: /etc/mihomo/certs/privkey.pem

    udp: true

客户端

1	anytls://uuid@your_domain.com:30003?security=tls&sni=your_domain.com&insecure=0&udp=true&fp=chrome#AnyTLS

Systemd

创建service文件

1	sudo vi /etc/systemd/system/mihomo-anytls.service

内容如下

[Unit]
Description=Mihomo AnyTLS Service
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/mihomo -d /etc/mihomo
Restart=on-failure
LimitNOFILE=512000

[Install]
WantedBy=multi-user.target

启动/验证

# 启动
sudo systemctl start mihomo-anytls
# 验证
sudo systemctl status mihomo-anytls
sudo journalctl -u mihomo-anytls -f

# 开机启动
sudo systemctl enable mihomo-anytls

查看流量消耗

curl http://127.0.0.1:10003/traffic

# 输出如下
#  {"up":0,"down":0,"upTotal":582626,"downTotal":11017232}