mptcp/openmptcprouter-vps
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-vps.git synced 2025-02-12 11:21:56 +00:00
Code Issues Releases Wiki Activity

Add shadowsocks-go and XRay

Browse source
This commit is contained in:
Ycarus (Yannick Chabanois) 2023-10-10 14:38:56 +00:00
parent 0743e7c75a
commit 0d9a766d28
6 changed files with 422 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

122
debian9-x86_64.sh
View file

@ -17,6 +17,11 @@ OBFS=${OBFS:-yes}
V2RAY_PLUGIN=${V2RAY_PLUGIN:-no} V2RAY_PLUGIN=${V2RAY_PLUGIN:-no}
V2RAY=${V2RAY:-yes} V2RAY=${V2RAY:-yes}
V2RAY_UUID=${V2RAY_UUID:-$(cat /proc/sys/kernel/random/uuid | tr -d "\n")} V2RAY_UUID=${V2RAY_UUID:-$(cat /proc/sys/kernel/random/uuid | tr -d "\n")}
XRAY=${XRAY:-yes}
XRAY_UUID=${XRAY_UUID:-$V2RAY_UUID}
SHADOWSOCKS_GO=${SHADOWSOCKS_GO:-yes}
PSK=${PSK:-$(head -c 32 /dev/urandom | base64 -w0)}
UPSK=${UPSK:-$(head -c 32 /dev/urandom | base64 -w0)}
UPDATE_OS=${UPDATE_OS:-yes} UPDATE_OS=${UPDATE_OS:-yes}
UPDATE=${UPDATE:-yes} UPDATE=${UPDATE:-yes}
TLS=${TLS:-yes} TLS=${TLS:-yes}
@ -61,13 +66,14 @@ MLVPN_BINARY_VERSION="3.0.0+20211028.git.ddafba3"
UBOND_VERSION="31af0f69ebb6d07ed9348dca2fced33b956cedee" UBOND_VERSION="31af0f69ebb6d07ed9348dca2fced33b956cedee"
OBFS_VERSION="486bebd9208539058e57e23a12f23103016e09b4" OBFS_VERSION="486bebd9208539058e57e23a12f23103016e09b4"
OBFS_BINARY_VERSION="0.0.5-1" OBFS_BINARY_VERSION="0.0.5-1"
OMR_ADMIN_VERSION="488cc5346dbfe8bcbee4413013dc22b698f1d15c" OMR_ADMIN_VERSION="d560968d43850c48119c1b72372d6f341878ffa6"
OMR_ADMIN_BINARY_VERSION="0.3+20230911" OMR_ADMIN_BINARY_VERSION="0.4+20231009"
#OMR_ADMIN_BINARY_VERSION="0.3+20220827" #OMR_ADMIN_BINARY_VERSION="0.3+20220827"
DSVPN_VERSION="3b99d2ef6c02b2ef68b5784bec8adfdd55b29b1a" DSVPN_VERSION="3b99d2ef6c02b2ef68b5784bec8adfdd55b29b1a"
DSVPN_BINARY_VERSION="0.1.4-2" DSVPN_BINARY_VERSION="0.1.4-2"
V2RAY_VERSION="5.7.0" V2RAY_VERSION="5.7.0"
V2RAY_PLUGIN_VERSION="4.43.0" V2RAY_PLUGIN_VERSION="4.43.0"
XRAY_VERSION="1.8.5"
EASYRSA_VERSION="3.0.6" EASYRSA_VERSION="3.0.6"
#SHADOWSOCKS_VERSION="7407b214f335f0e2068a8622ef3674d868218e17" #SHADOWSOCKS_VERSION="7407b214f335f0e2068a8622ef3674d868218e17"
#if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then #if [ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]; then
@ -75,6 +81,7 @@ EASYRSA_VERSION="3.0.6"
#fi #fi
IPROUTE2_VERSION="29da83f89f6e1fe528c59131a01f5d43bcd0a000" IPROUTE2_VERSION="29da83f89f6e1fe528c59131a01f5d43bcd0a000"
SHADOWSOCKS_BINARY_VERSION="3.3.5-3" SHADOWSOCKS_BINARY_VERSION="3.3.5-3"
SHADOWSOCKS_GO_VERSION="1.8.0"
DEFAULT_USER="openmptcprouter" DEFAULT_USER="openmptcprouter"
VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com)} VPS_DOMAIN=${VPS_DOMAIN:-$(wget -4 -qO- -T 2 http://hostname.openmptcprouter.com)}
VPSPATH="server-test" VPSPATH="server-test"
@ -888,6 +895,48 @@ if [ "$OBFS" = "no" ] && [ "$V2RAY_PLUGIN" = "no" ]; then
sed -i -e '/plugin/d' -e 's/,,//' /etc/shadowsocks-libev/config.json sed -i -e '/plugin/d' -e 's/,,//' /etc/shadowsocks-libev/config.json
fi fi
if systemctl -q is-active shadowsocks-go.service; then
systemctl -q stop shadowsocks-go > /dev/null 2>&1
systemctl -q disable shadowsocks-go > /dev/null 2>&1
fi
if [ "$SHADOWSOCKS_GO" = "yes" ]; then
if [ "$SOURCES" = "yes" ] || [ "$ARCH" = "arm64" ]; then
if [ "$ARCH" = "amd64" ]; then
wget -O /tmp/shadowsocks-go-${SHADOWSOCKS_GO_VERSION}-amd64.deb ${VPSURL}/debian/shadowsocks-go-${SHADOWSOCKS_GO_VERSION}-amd64.deb
rm -f /var/lib/dpkg/lock
rm -f /var/lib/dpkg/lock-frontend
dpkg --force-all -i -B /tmp/shadowsocks-go-${SHADOWSOCKS_GO_VERSION}-amd64.deb
rm -f /tmp/shadowsocks-go-${SHADOWSOCKS_GO_VERSION}-amd64.deb
elif [ "$ARCH" = "arm64" ]; then
wget -O /tmp/shadowsocks-go-${SHADOWSOCKS_GO_VERSION}-arm64.deb ${VPSURL}/debian/shadowsocks-go-${SHADOWSOCKS_GO_VERSION}-arm64.deb
rm -f /var/lib/dpkg/lock
rm -f /var/lib/dpkg/lock-frontend
dpkg --force-all -i -B /tmp/shadowsocks-go-${SHADOWSOCKS_GO_VERSION}-arm64.deb
rm -f /tmp/shadowsocks-go-${SHADOWSOCKS_GO_VERSION}-arm64.deb
fi
else
apt-get -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-overwrite" -y install shadowsocks-go=${SHADOWSOCKS_GO_VERSION}
fi
if [ -f /etc/shadowsocks-go/server.json ]; then
PSK2=$(grep -Po '"'"psk"'"\s*:\s*"\K([^"]*)' /etc/shadowsocks-go/server.json | head -n 1 | tr -d "\n")
[ -n "$PSK2" ] && [ "$PSK2" != "PSK" ] && [ "$PSK2" != "null" ] && PSK="$PSK2"
UPSK2=$(grep -Po '"'"openmptcprouter"'"\s*:\s*"\K([^"]*)' /etc/shadowsocks-go/upsks.json | head -n 1 | tr -d "\n")
[ -n "$UPSK2" ] && [ "$UPSK2" != "UPSK" ] && [ "$UPSK2" != "null" ] && UPSK="$UPSK2"
fi
wget -O /etc/shadowsocks-go/server.json ${VPSURL}${VPSPATH}/shadowsocks-go.server.json
sed -i "s:\"PSK\":\"$PSK\":g" /etc/shadowsocks-go/server.json
sed -i "s:UPSK:$UPSK:g" /etc/shadowsocks-go/upsks.json
jq -M 'del(.users[0].openmptcprouter."shadowsocks-go")' /etc/openmptcprouter-vps-admin/omr-admin-config.json > /etc/openmptcprouter-vps-admin/omr-admin-config.json.new
mv -f /etc/openmptcprouter-vps-admin/omr-admin-config.json /etc/openmptcprouter-vps-admin/omr-admin-config.json.bak
mv -f /etc/openmptcprouter-vps-admin/omr-admin-config.json.new /etc/openmptcprouter-vps-admin/omr-admin-config.json
chmod 644 /lib/systemd/system/shadowsocks-go.service
systemctl daemon-reload
systemctl enable shadowsocks-go.service
fi
if systemctl -q is-active v2ray.service; then if systemctl -q is-active v2ray.service; then
systemctl -q stop v2ray > /dev/null 2>&1 systemctl -q stop v2ray > /dev/null 2>&1
systemctl -q disable v2ray > /dev/null 2>&1 systemctl -q disable v2ray > /dev/null 2>&1
@ -898,10 +947,14 @@ if [ "$V2RAY" = "yes" ]; then
if [ "$SOURCES" = "yes" ] || [ "$ARCH" = "arm64" ]; then if [ "$SOURCES" = "yes" ] || [ "$ARCH" = "arm64" ]; then
if [ "$ARCH" = "amd64" ]; then if [ "$ARCH" = "amd64" ]; then
wget -O /tmp/v2ray-${V2RAY_VERSION}-amd64.deb ${VPSURL}/debian/v2ray-${V2RAY_VERSION}-amd64.deb wget -O /tmp/v2ray-${V2RAY_VERSION}-amd64.deb ${VPSURL}/debian/v2ray-${V2RAY_VERSION}-amd64.deb
rm -f /var/lib/dpkg/lock
rm -f /var/lib/dpkg/lock-frontend
dpkg --force-all -i -B /tmp/v2ray-${V2RAY_VERSION}-amd64.deb dpkg --force-all -i -B /tmp/v2ray-${V2RAY_VERSION}-amd64.deb
rm -f /tmp/v2ray-${V2RAY_VERSION}-amd64.deb rm -f /tmp/v2ray-${V2RAY_VERSION}-amd64.deb
elif [ "$ARCH" = "arm64" ]; then elif [ "$ARCH" = "arm64" ]; then
wget -O /tmp/v2ray-${V2RAY_VERSION}-arm64.deb ${VPSURL}/debian/v2ray-${V2RAY_VERSION}-arm64.deb wget -O /tmp/v2ray-${V2RAY_VERSION}-arm64.deb ${VPSURL}/debian/v2ray-${V2RAY_VERSION}-arm64.deb
rm -f /var/lib/dpkg/lock
rm -f /var/lib/dpkg/lock-frontend
dpkg --force-all -i -B /tmp/v2ray-${V2RAY_VERSION}-arm64.deb dpkg --force-all -i -B /tmp/v2ray-${V2RAY_VERSION}-arm64.deb
rm -f /tmp/v2ray-${V2RAY_VERSION}-arm64.deb rm -f /tmp/v2ray-${V2RAY_VERSION}-arm64.deb
fi fi
@ -957,6 +1010,66 @@ if [ "$V2RAY" = "yes" ]; then
#fi #fi
fi fi
if systemctl -q is-active xray.service; then
systemctl -q stop xray > /dev/null 2>&1
systemctl -q disable xray > /dev/null 2>&1
fi
if [ "$XRAY" = "yes" ]; then
#apt-get -y -o Dpkg::Options::="--force-overwrite" install xray
if [ "$SOURCES" = "yes" ] || [ "$ARCH" = "arm64" ]; then
if [ "$ARCH" = "amd64" ]; then
wget -O /tmp/xray-${XRAY_VERSION}-amd64.deb ${VPSURL}/debian/xray-${XRAY_VERSION}-amd64.deb
rm -f /var/lib/dpkg/lock
rm -f /var/lib/dpkg/lock-frontend
dpkg --force-all -i -B /tmp/xray-${XRAY_VERSION}-amd64.deb
rm -f /tmp/xray-${XRAY_VERSION}-amd64.deb
elif [ "$ARCH" = "arm64" ]; then
wget -O /tmp/xray-${XRAY_VERSION}-arm64.deb ${VPSURL}/debian/xray-${XRAY_VERSION}-arm64.deb
rm -f /var/lib/dpkg/lock
rm -f /var/lib/dpkg/lock-frontend
dpkg --force-all -i -B /tmp/xray-${XRAY_VERSION}-arm64.deb
rm -f /tmp/xray-${XRAY_VERSION}-arm64.deb
fi
else
apt-get -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-overwrite" -y install xray=${XRAY_VERSION}
fi
if [ -f /etc/xray/xray-server.json ]; then
XRAY_UUID2=$(grep -Po '"'"id"'"\s*:\s*"\K([^"]*)' /etc/xray/xray-server.json | head -n 1 | tr -d "\n")
[ -n "$XRAY_UUID2" ] && [ "$XRAY_UUID2" != "XRAY_UUID" ] && [ "$XRAY_UUID2" != "V2RAY_UUID" ] && XRAY_UUID="$XRAY_UUID2"
PSK2=$(jq -r '.inbounds[] | select(.tag=="omrin-shadowsocks-tunnel") | .settings.password' /etc/xray/xray-server.json | tr -d "\n")
[ "$PSK2" != "null" ] && [ -n "$PSK2" ] && [ "$PSK2" != "XRAY_PSK" ] && PSK="$PSK2"
UPSK2=$(jq -r '.inbounds[] | select(.tag=="omrin-shadowsocks-tunnel") | .settings.clients[] | select(.email=="openmptcprouter") | .password' /etc/xray/xray-server.json | tr -d "\n")
[ "$UPSK2" != "null" ] && [ -n "$UPSK2" ] && [ "$UPSK2" != "XRAY_UPSK" ] && UPSK="$UPSK2"
fi
jq -M 'del(.users[0].openmptcprouter.xray)' /etc/openmptcprouter-vps-admin/omr-admin-config.json > /etc/openmptcprouter-vps-admin/omr-admin-config.json.new
mv -f /etc/openmptcprouter-vps-admin/omr-admin-config.json /etc/openmptcprouter-vps-admin/omr-admin-config.json.bak
mv -f /etc/openmptcprouter-vps-admin/omr-admin-config.json.new /etc/openmptcprouter-vps-admin/omr-admin-config.json
#if [ ! -f /etc/xray/xray-server.json ]; then
wget -O /etc/xray/xray-server.json ${VPSURL}${VPSPATH}/xray-server.json
sed -i "s:XRAY_UUID:$XRAY_UUID:g" /etc/xray/xray-server.json
sed -i "s:V2RAY_UUID:$XRAY_UUID:g" /etc/xray/xray-server.json
sed -i "s:XRAY_PSK:$PSK:g" /etc/xray/xray-server.json
sed -i "s:XRAY_UPSK:$UPSK:g" /etc/xray/xray-server.json
#fi
if ([ "$UPSTREAM" = "yes" ] || [ "$UPSTREAM6" = "yes" ]) && [ -z "$(grep mptcp /etc/xray/xray-server.json | grep true)" ]; then
sed -i 's/"sockopt": {/&\n "mptcp": true,/' /etc/xray/xray-server.json
fi
rm -f /etc/xray/config.json
ln -s /etc/xray/xray-server.json /etc/xray/config.json
#if [ -f /etc/systemd/system/xray.service.dpkg-dist ]; then
# mv -f /etc/systemd/system/xray.service.dpkg-dist /etc/systemd/system/xray.service
#fi
if [ "$LOCALFILES" = "no" ]; then
wget -O /lib/systemd/system/xray.service ${VPSURL}${VPSPATH}/xray.service
else
cp ${DIR}/xray.service /lib/systemd/system/xray.service
fi
chmod 644 /lib/systemd/system/xray.service
systemctl daemon-reload
systemctl enable xray.service
fi
if systemctl -q is-active mlvpn@mlvpn0.service; then if systemctl -q is-active mlvpn@mlvpn0.service; then
systemctl -q stop mlvpn@mlvpn0 > /dev/null 2>&1 systemctl -q stop mlvpn@mlvpn0 > /dev/null 2>&1
systemctl -q disable mlvpn@mlvpn0 > /dev/null 2>&1 systemctl -q disable mlvpn@mlvpn0 > /dev/null 2>&1
@ -1003,6 +1116,8 @@ if [ "$MLVPN" = "yes" ]; then
fi fi
fi fi
else else
rm -f /var/lib/dpkg/lock
rm -f /var/lib/dpkg/lock-frontend
apt-get -y -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-confdef" install omr-mlvpn=${MLVPN_BINARY_VERSION} apt-get -y -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-confdef" install omr-mlvpn=${MLVPN_BINARY_VERSION}
fi fi
if [ "$mlvpnupdate" = "0" ]; then if [ "$mlvpnupdate" = "0" ]; then
@ -1620,6 +1735,8 @@ if [ "$update" = "0" ]; then
echo 'Shadowsocks encryption: chacha20' echo 'Shadowsocks encryption: chacha20'
echo 'Your shadowsocks key: ' echo 'Your shadowsocks key: '
echo $SHADOWSOCKS_PASS echo $SHADOWSOCKS_PASS
echo 'Your shadowsocks 2022 key: '
echo "${PSK}:${UPSK}"
echo 'Glorytun port: 65001' echo 'Glorytun port: 65001'
echo 'Glorytun encryption: chacha20' echo 'Glorytun encryption: chacha20'
echo 'Your glorytun key: ' echo 'Your glorytun key: '
@ -1666,6 +1783,7 @@ if [ "$update" = "0" ]; then
Shadowsocks port: 65101 Shadowsocks port: 65101
Shadowsocks encryption: chacha20 Shadowsocks encryption: chacha20
Your shadowsocks key: ${SHADOWSOCKS_PASS} Your shadowsocks key: ${SHADOWSOCKS_PASS}
Your shadowsocks 2022 key: ${PSK}:${UPSK}
Glorytun port: 65001 Glorytun port: 65001
Glorytun encryption: chacha20 Glorytun encryption: chacha20
Your glorytun key: ${GLORYTUN_PASS} Your glorytun key: ${GLORYTUN_PASS}

2
omr-service
View file

@ -42,7 +42,7 @@ _glorytun_tcp() {
localip="$(cat /etc/glorytun-tcp/tun0 | grep LOCALIP | cut -d '=' -f2)" localip="$(cat /etc/glorytun-tcp/tun0 | grep LOCALIP | cut -d '=' -f2)"
[ -z "$localip" ] && localip="10.255.255.1" [ -z "$localip" ] && localip="10.255.255.1"
remoteip="$(echo $localip | sed 's/\.1/\.2/')" remoteip="$(echo $localip | sed 's/\.1/\.2/')"
if [ "$(ping -c 4 -w 10 $remoteip | grep '100%')" != "" ] && ([ -z "$(pgrep glorytun-tcp)" ] || [ "$(expr $(date +%s) - $(stat -c %Y /proc/$(pgrep glorytun-tcp)/exe ))" -gt "300" ]); then if [ "$(ping -c 3 -w 10 $remoteip | grep '100%')" != "" ] && ([ -z "$(pgrep glorytun-tcp)" ] || [ "$(expr $(date +%s) - $(stat -c %Y /proc/$(pgrep glorytun-tcp)/exe ))" -gt "300" ]); then
logger -t "OMR-Service" "No answer from VPN client end, restart Glorytun-TCP" logger -t "OMR-Service" "No answer from VPN client end, restart Glorytun-TCP"
systemctl restart glorytun-tcp@tun0 systemctl restart glorytun-tcp@tun0
sleep 10 sleep 10

39
shadowsocks-go.server.json Normal file
View file

@ -0,0 +1,39 @@
{
"servers": [
{
"name": "ss-2022",
"protocol": "2022-blake3-aes-256-gcm",
"tcpListeners": [
{
"network": "tcp",
"address": ":65280",
"fastOpen": false,
"reusePort": false,
"multipath": true
}
],
"enableTCP": true,
"listenerTFO": false,
"enableUDP": true,
"mtu": 1500,
"psk": "PSK",
"uPSKStorePath": "/etc/shadowsocks-go/upsks.json"
}
],
"stats": {
"enabled": true
},
"api": {
"enabled": true,
"debugPprof": false,
"enableTrustedProxyCheck": false,
"trustedProxies": [],
"proxyHeader": "X-Forwarded-For",
"listen": "127.0.0.1:65279",
"certFile": "",
"keyFile": "",
"clientCertFile": "",
"secretPath": "",
"fiberConfigPath": ""
}
}

2
v2ray.service
View file

@ -9,7 +9,7 @@ User=root
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=true NoNewPrivileges=true
ExecStart=/usr/bin/v2ray run -config /etc/v2ray/config.json ExecStart=/usr/bin/v2ray run -config /etc/v2ray/v2ray-server.json
Restart=always Restart=always
RestartPreventExitStatus=23 RestartPreventExitStatus=23
StartLimitInterval=0 StartLimitInterval=0

243
xray-server.json Normal file
View file

@ -0,0 +1,243 @@
{
"log": {
"loglevel": "error",
"error": "/tmp/v2rayError.log"
},
"transport": {
"tcpSettings": {},
"wsSettings": {},
"kcpSettings": {
"mtu": 1460,
"tti": 10,
"uplinkCapacity": 100,
"downlinkCapacity": 100,
"congestion": false,
"readBufferSize": 8,
"writeBufferSize": 8
}
},
"inbounds": [
{
"tag": "omrin-tunnel",
"port": 65248,
"protocol": "vless",
"settings": {
"decryption": "none",
"clients": [
{
"id": "V2RAY_UUID",
"level": 0,
"alterId": 0,
"email": "openmptcprouter"
}
]
},
"streamSettings": {
"sockopt": {
"tcpMptcp": true,
"mark": 0
},
"network": "tcp",
"security": "tls",
"tlsSettings": {
"certificates": [
{
"certificateFile": "/etc/openvpn/ca/pki/issued/server.crt",
"keyFile": "/etc/openvpn/ca/pki/private/server.key"
}
]
}
}
},
{
"tag": "omrin-vmess-tunnel",
"port": 65250,
"protocol": "vmess",
"settings": {
"decryption": "none",
"clients": [
{
"id": "V2RAY_UUID",
"level": 0,
"alterId": 0,
"email": "openmptcprouter"
}
]
},
"streamSettings": {
"sockopt": {
"tcpMptcp": true,
"mark": 0
},
"network": "tcp",
"security": "tls",
"tlsSettings": {
"certificates": [
{
"certificateFile": "/etc/openvpn/ca/pki/issued/server.crt",
"keyFile": "/etc/openvpn/ca/pki/private/server.key"
}
]
}
}
},
{
"tag": "omrin-socks-tunnel",
"port": 65251,
"protocol": "socks",
"settings": {
"auth": "password",
"accounts": [
{
"pass": "V2RAY_UUID",
"user": "openmptcprouter"
}
]
},
"streamSettings": {
"sockopt": {
"tcpMptcp": true,
"mark": 0
},
"network": "tcp",
"security": "tls",
"tlsSettings": {
"certificates": [
{
"certificateFile": "/etc/openvpn/ca/pki/issued/server.crt",
"keyFile": "/etc/openvpn/ca/pki/private/server.key"
}
]
}
}
},
{
"tag": "omrin-trojan-tunnel",
"port": 65249,
"protocol": "trojan",
"settings": {
"clients": [
{
"password": "V2RAY_UUID",
"email": "openmptcprouter",
"level": 0
}
]
},
"streamSettings": {
"sockopt": {
"tcpMptcp": true,
"mark": 0
},
"network": "tcp",
"security": "tls",
"tlsSettings": {
"certificates": [
{
"certificateFile": "/etc/openvpn/ca/pki/issued/server.crt",
"keyFile": "/etc/openvpn/ca/pki/private/server.key"
}
]
}
}
},
{
"tag": "omrin-shadowsocks-tunnel",
"port": 65252,
"protocol": "shadowsocks",
"settings": {
"password": "XRAY_PSK",
"method": "2022-blake3-aes-256-gcm",
"network": "tcp,udp",
"clients": [
{
"password": "XRAY_UPSK",
"email": "openmptcprouter"
}
]
},
"streamSettings": {
"sockopt": {
"tcpMptcp": true,
"mark": 0
},
"network": "tcp"
}
},
{
"listen": "127.0.0.1",
"port": 10086,
"protocol": "dokodemo-door",
"settings": {
"address": "127.0.0.1"
},
"tag": "api"
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {
"userLevel": 0
},
"tag": "direct"
}
],
"routing": {
"rules": [
{
"type": "field",
"inboundTag": [
"omrin-tunnel",
"omrin-vmess-tunnel",
"omrin-socks-tunnel",
"omrin-trojan-tunnel"
],
"outboundTag": "OMRLan",
"domain": [
"full:omr.lan"
]
},
{
"inboundTag": [
"api"
],
"outboundTag": "api",
"type": "field"
}
]
},
"reverse": {
"portals": [
{
"tag": "OMRLan",
"domain": "omr.lan"
}
]
},
"stats": {},
"api": {
"tag": "api",
"services": [
"HandlerService",
"LoggerService",
"StatsService"
]
},
"policy": {
"levels": {
"0": {
"uplinkOnly": 0,
"downlinkOnly": 0,
"bufferSize": 512,
"connIdle": 2400,
"statsUserUplink": true,
"statsUserDownlink": true
}
},
"system": {
"statsInboundUplink": true,
"statsInboundDownlink": true
}
}
}

18
xray.service Normal file
View file

@ -0,0 +1,18 @@
[Unit]
Description=XRay Service
Documentation=https://www.v2fly.org/
After=network.target nss-lookup.target
Wants=network-online.target
[Service]
User=root
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=true
ExecStart=/usr/bin/xray run -config /etc/xray/xray-server.json
Restart=always
RestartPreventExitStatus=23
StartLimitInterval=0
[Install]
WantedBy=multi-user.target