Self-Hosted VPN with Shadowsocks vmess and proxying via CDN

This post will be a simple instruction how to install ShadowSocks Proxy via docker and use it with vmess, also proxing it through CDN network via websockets.

how it works

(Client) <-> [ CDN Service ] <-> [ Upstream Server ] <-> (Internet)

what we will use

check the CDN free plans, and choose suitable for you.

This guide assumes you are using CloudFlare as your domain CDN and DNS managment. It will allow to auto provision ssl without any setup and cloudflare have more servers in its infrastructure.


  • Linux VPS or any other server with linux and dedicated IP.
  • Installed git, docker and docker compose plugin.
  • Domain name connected to CDN.
  • Python 3


  1. In your CDN, create an A record pointing to your server IP with the proxy option turned off.

  2. Clone v2ray-docker-compose repo to your server.

     git clone
  3. Run v2ray-docker-compose/utils/ to speed up server network.

  4. copy v2ray folder and file to desired folder from v2ray-docker-compose/v2ray-caddy-cdn/.

  5. Generate a UUID via

    cat /proc/sys/kernel/random/uuid
  6. Replace <UPSTREAM-UUID> in v2ray/config/config.json with the generated UUID.

  7. replace domain = caddy[:caddy.find(' {')] in to domain = <YOUR-DOMAIN>.

ShadowSocks vmess installation

  1. create a docker-compose.yml file, open with text editor and paste the following:

    version: '3.3'
        name: 'proxy_network'
        image: "lucaslorentz/caddy-docker-proxy:ci-alpine"
          - "80:80"
          - "80:80/udp"
          - "443:443"
          - "443:443/udp"
          - /var/run/docker.sock:/var/run/docker.sock:ro
          - /srv/caddy/:/data
        restart: unless-stopped
          - CADDY_INGRESS_NETWORKS=proxy_network
        restart: always
          - v2ray.vmess.aead.forced=false
          - ./v2ray/config/:/etc/v2ray/
          - ./v2ray/logs:/var/log/v2ray/
          - ""
          - ""
          caddy: http://<YOUR-DOMAIN>
          caddy.reverse_proxy: "http://v2ray:1310"

    Don’t forget to replace <YOUR-DOMAIN> to your domain name.

  2. Run docker compose up -d.

  3. In your CDN, turn the proxy option on for the record.

  4. Run python3 ./ to generate client configuration (link).

you may want to allow ports 80 (tcp + udp) and 443 (tcp + udp) in your server firewall.

How to connect

copy the generated link and import it as a configuration url in the client application.

Client Applications

This is the list of recommended applications to use the VMESS protocol:

Licensed under CC BY-NC-SA 4.0