The latest developement of XTLS has moved to Xray-core v1.7.0 and https://github.com/XTLS/Xray-core/commit/6f61021f7a7337b2997c442495cb8654d145cf8f
THE FUTURE
Easiest way to install & upgrade Xray.
Home Page: https://t.me/projectXray
License: GNU General Public License v3.0
THE FUTURE
服务端如下,好像以前可以,现在最新版1.30不行了
{
"log": {
"loglevel": "warning"
},
"policy": {
"levels": {
"0": {
"handshake": 4,
"connIdle": 300,
"uplinkOnly": 2,
"downlinkOnly": 1,
"statsUserUplink": false,
"statsUserDownlink": false,
"bufferSize": 4
},
"1": {
"handshake": 5,
"connIdle": 500,
"uplinkOnly": 5,
"downlinkOnly": 3,
"statsUserUplink": false,
"statsUserDownlink": false,
"bufferSize": 16
}
},
"system": {
"statsInboundUplink": false,
"statsInboundDownlink": false
}
},
"inbounds": [
{
"port": 443,
"protocol": "vless",
"tag": "xtls-in",
"settings": {
"clients": [
{
"id": "uuid",
"level": 1,
"flow": "xtls-rprx-direct"
}
],
"decryption": "none",
"fallbacks": [
{
"dest": "127.0.0.1:80"
},
{
"path": "/p1",
"dest": 306
},
{
"path": "/p2",
"dest": 316
},
{
"path": "/p3",
"dest": 326
}
]
},
"streamSettings": {
"network": "tcp",
"security": "xtls",
"tcpSettings": {
"acceptProxyProtocol": false,
"type": "none"
},
"xtlsSettings": {
"serverName": "www.vps.domain",
"allowInsecure": false,
"alpn": [
"http/1.1",
"h2"
],
"certificates": [
{
"certificateFile": "/usr/local/etc/v2ray/ray.pem",
"keyFile": "/usr/local/etc/v2ray/ray.key"
}
]
}
}
},
{
"port": 316,
"protocol": "shadowsocks",
"tag": "wssin",
"settings": {
"email": "[email protected]",
"method": "chacha20-poly1305",
"password": "key1",
"level": 1,
"network": "tcp,udp"
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"acceptProxyProtocol": false,
"path": "/p2",
"headers": {
"Host": "www.vps.domain"
}
}
}
},
{
"port": 306,
"protocol": "vmess",
"tag": "vmessws-in",
"settings": {
"clients": [
{
"id": "uuid2",
"level": 1,
"alterId": 64
}
]
},
"streamSettings":
{
"network": "ws",
"wsSettings": {
"acceptProxyProtocol": false,
"path": "/p1"
}
}
},
{
"port": 326,
"listen": "127.0.0.1",
"protocol": "vless",
"tag": "vlessws-in",
"settings": {
"clients": [
{
"id": "uuid3",
"level": 1
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"acceptProxyProtocol": false,
"path": "/p3"
}
}
},
{
"protocol": "shadowsocks",
"port": "346",
"tag": "ssoringinal-in",
"allocate": {
"strategy": "always"
},
"settings": {
"email": "[email protected]",
"method": "aes-256-gcm",
"password": "key1",
"udp": false,
"level": 1,
"ota": false
}
},
{
"protocol": "shadowsocks",
"port": "366",
"tag": "kcpss-in",
"allocate": {
"strategy": "always"
},
"settings": {
"method": "aes-256-gcm",
"password": "key1",
"udp": false,
"level": 1,
"ota": false
},
"streamSettings": {
"network": "kcp",
"security": "none",
"kcpSettings": {
"mtu": 1350,
"tti": 50,
"uplinkCapacity": 40,
"downlinkCapacity": 120,
"congestion": true,
"readBufferSize": 1,
"writeBufferSize": 1,
"header": {
"type": "utp"
}
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct",
"settings": {
}
},
{
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
},
"tag": "block"
}
]
}
电脑重新安装系统后,安装Xray最新版本1.8.4,但是无法正常启动,是否新版本不兼容老版本?
服务器还是1.6.0版本,暂时无法升级。所以下载了老版本1.6的ZIP文件.
如何安装ZIP文件?
原因:移动网络无法直接访问VPS,所以想借助跳板,不得不说移动网络真垃
现有阿里服务器
怎么在家用电脑通过阿里服务器访问VPS呢
目前只会客户端和服务端的配置方式
新版本的systemd不再推荐使用nobody
用户。当使用nobody用户的时候systemd的日志以及dmesg
里会出现以下报错
Special user nobody configured, this is not safe!
systemd官方的解决方案为使用DynamicUser=yes
代替
详见commit
For non-systemd GNU/Linux users (e.g. Alpine, Artix, Gentoo, Void), it is currently not possible to use this script. However, the function if this script is really useful for timely upgrade. I hereby propose to include a special parameter, e.g. --no-systemd
, to support installing and upgrading xray on non-systemd OSes. In this situation, systemd-related files like xray.service
should not be generated or installed.
Below is the same message in Chinese.
上文是下文的英文版本。
非 systemd 用户(如 Alpine,Artix,Gentoo,Void 用户)目前无法使用该脚本,但该脚本的功能有助于及时更新,故期望能添加特殊参数如 --no-systemd
以支持在非 systemd 系统下安装和升级 xray。使用该参数时,无需生成和安装与 systemd 相关的文件,如 xray.service
。
我是使用XTLS/Xray-install一键脚本安装的xray
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
服务器端添加以下路由后,导致tiktok.com被完全阻断,而去掉之后它就不阻断,所以一定是因为xray的geosite.dat把tiktok域名归到cn了
{
"type": "field",
"outboundTag": "block",
"domain": [
"geosite:cn"
]
}
强烈建议修改geosite.dat为Loyalsoldier/domain-list-custom,因为我使用Loyalsoldier/domain-list-custom后就没问题了。
sudo bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 30911 100 30911 0 0 17371 0 0:00:01 0:00:01 --:--:-- 42931
grep: /etc/systemd/system/xray.service: 没有那个文件或目录
error: Failed to get the latest release version.
Welcome bug report:https://github.com/XTLS/Xray-install/issues
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
error: github API rate limit exceeded
系统版本:ubuntu 20.04
安装脚本使用的用户:root
排查过程:
systemctl status xray
:xray.service - Xray Service
Loaded: loaded (/etc/systemd/system/xray.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/xray.service.d
└─10-donot_touch_single_conf.conf
Active: failed (Result: exit-code) since Fri 2020-12-11 06:19:29 UTC; 1s ago
Docs: https://github.com/xtls
Process: 251643 ExecStart=/usr/local/bin/xray run -config /usr/local/etc/xray/config.json (code=exited, status=1/FAILURE)
Main PID: 251643 (code=exited, status=1/FAILURE)
Dec 11 06:19:29 vultr.guest systemd[1]: xray.service: Main process exited, code=exited, status=1/FAILURE
Dec 11 06:19:29 vultr.guest systemd[1]: xray.service: Failed with result 'exit-code'.
Dec 11 06:19:29 vultr.guest systemd[1]: xray.service: Scheduled restart job, restart counter is at 5.
Dec 11 06:19:29 vultr.guest systemd[1]: Stopped Xray Service.
Dec 11 06:19:29 vultr.guest systemd[1]: xray.service: Start request repeated too quickly.
Dec 11 06:19:29 vultr.guest systemd[1]: xray.service: Failed with result 'exit-code'.
Dec 11 06:19:29 vultr.guest systemd[1]: Failed to start Xray Service.
journalctl --boot -u xray
命令进行排查chown -R nobody: nogroup
命令,修改 /etc/systemd/system/xray.service
用的 User 为 root,执行 systemctl daemon-reload
后 start 就成功了没有仔细的找原因,先做一个记录
能否添加个使用代理服务器的功能,墙内鸡装好慢啊. 或者使用自定义源来安装,必须先下载安装包到指定位置,在运行脚本安装.
1.安装 xray-core
2.配置
3.
export http_proxy=http://127.0.0.1:10809/ export https_proxy=http://127.0.0.1:10809/
4.
root@dev:~# curl -v https://www.google.com
CONNECT www.google.com:443 HTTP/1.1
Host: www.google.com:443
User-Agent: curl/7.81.0
Proxy-Connection: Keep-Alive
< HTTP/1.1 200 Connection established
<
root@dev:~# cat /var/log/xray/error.log 2023/01/04 16:53:16 [Warning] core: Xray 1.7.0 started 2023/01/04 16:53:29 [Warning] [2412608028] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: connection ends > proxy/vmess/outbound: failed to read header > proxy/vmess/encoding: failed to read response header > read tcp 111.6.230.102:41516->161.81.212.108:553: read: connection reset by peer 2023/01/04 16:55:28 [Warning] [1462954465] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: connection ends > proxy/vmess/outbound: failed to read header > proxy/vmess/encoding: failed to read response header > read tcp 111.6.230.102:41518->161.81.212.108:553: read: connection reset by peer 2023/01/04 16:59:57 [Warning] [939198484] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: connection ends > proxy/vmess/outbound: failed to read header > proxy/vmess/encoding: failed to read response header > read tcp 111.6.230.102:41520->161.81.212.108:553: read: connection reset by peer
系统版本:Ubuntu Server LTS 22.04.1
root@dev:~# cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=22.04 DISTRIB_CODENAME=jammy DISTRIB_DESCRIPTION="Ubuntu 22.04.1 LTS"
xray 版本:1.7.0
root@dev:~# xray version
Xray 1.7.0 (Xray, Penetrates Everything.) Custom (go1.19.4 linux/amd64)
A unified platform for anti-censorship.
curl 版本: 7.81.0
root@dev:~# curl --version curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.13 Release-Date: 2022-01-05 Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd
openssl 版本:3.0.2
root@dev:~# openssl version OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
Hello,
i updated x-ui to 1.8, but still when i want create, i cant see vision:
screenshot:
https://prnt.sc/ScKnjzfXNuB9
what is solution?
Thanks.
按照之前V2RAY的方式写的配置方式,但是dokodemo-door
部分没有生效,翻了文档也没找到,求教大佬。
{
"inbounds": [
{
"tag": "tproxy",
"protocol": "dokodemo-door",
"listen": "0.0.0.0",
"port": 1280,
"settings": {
"network": "tcp,udp",
"followRedirect": true
},
"sniffing": {
"enabled": false,
"destOverride": [
"http",
"tls"
]
}
},
{
"tag": "dns",
"protocol": "dokodemo-door",
"port": 7913,
"settings": {
"address": "8.8.4.4",
"port": 53,
"network": "tcp,udp",
"timeout": 0,
"followRedirect": false
}
},
{
"tag": "socks5",
"protocol": "socks",
"listen": "0.0.0.0",
"port": 1281,
"settings": {
"udp": true
}
},
{
"tag": "http",
"protocol": "http",
"listen": "0.0.0.0",
"port": 1282
}
],
"outbounds": []}
从 Systemd v246-rc1 起 Systemd 不再鼓励在 Service File 中使用 User=nobody
,并且会显示以下错误提示。
Special user nobody configured, this is not safe!
也许我们应该用 DynamicUser=1
来替换它,或为程序专门分配一个系统用户和系统组。
It is strongly recommended to avoid running services under this user identity,
in particular on systems using NFS or running containers. Allocate a user ID
specific to this service, either statically via systemd-sysusers or dynamically
via the DynamicUser= service setting.
你好
我考虑用双核小米千兆路由器上安装xray服务器(满100M我足够)。你们试过安装吗?
OpenWRT支持xray-install吗?推荐多少M运存,内存?256M+128M够不够?
mips服务器教程不好找。
谢谢
Hello
Please add --no-service mode to just download or upgrade xray-core to latest version without installing any service
Useful for some panels and custom scripts
Thank you
运行bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
提示curl: (56) OpenSSL SSL_read: SSL_ERROR_SYSCALL, errno 104
本脚本由 fhs-install-v2ray 修改而来,目前共同存在的问题、建议等可以先去那里提 issue,这里的脚本会跟进修改。
若只有本脚本存在问题,或者有针对性的建议,请及时提 issue,更欢迎直接 PR。
cmd:
bash install-release.sh
output:
No new version. The current version of V2Ray is
why ?how time building reless Debian Gnu/Linux .deb package???
cat /etc/os-release
NAME="OpenWrt"
VERSION="19.07.7"
ID="openwrt"
ID_LIKE="lede openwrt"
PRETTY_NAME="OpenWrt 19.07.7"
VERSION_ID="19.07.7"
HOME_URL="https://openwrt.org/"
BUG_URL="https://bugs.openwrt.org/"
SUPPORT_URL="https://forum.openwrt.org/"
BUILD_ID="r11306-c4a6851c72"
OPENWRT_BOARD="x86/64"
OPENWRT_ARCH="x86_64"
OPENWRT_TAINTS=""
OPENWRT_DEVICE_MANUFACTURER="OpenWrt"
OPENWRT_DEVICE_MANUFACTURER_URL="https://openwrt.org/"
OPENWRT_DEVICE_PRODUCT="Generic"
OPENWRT_DEVICE_REVISION="v0"
OPENWRT_RELEASE="OpenWrt 19.07.7 r11306-c4a6851c72"
in Iran tls xray server are easily detected when some lazy clients don't configure utls (shared with url not json) and the ip will get banned
even if you share with json an enveying person can use without utls and get your server banned on purpose
so it would be great if you can set an option on server side to reject clients not using utls
需要改动https://github.com/XTLS/Xray-core/blob/be9421fedf9017f1ea48c292a2ba7c9d8e3ed9dc/common/log/logger.go#L151
另外,没有安装logrotate(8)
配置/etc/logrotated.d/xray
。/var/log/xray/access.log
的perms也不合理,应改成owner=nobody/root,group=adm,mode=640。
help中 --logrotate 项有写 under 12:00:00 should be start with 0, e.g. 01:23:45. 这里12应该是10吧
设置了定时命令来更新该脚本
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install-geodata
请问该脚本更新完毕后还需要重新启动xray服务以确保新dat文件生效吗
复现流程:
1 使用 https://github.com/bohanyang/debi DD 成 Debian 12,系统安装完成后,只安装 apt install curl。
2 使用Xray安装命令 bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
输出如下,实际没有安装动作。测试了不同的VPS,都统一DD成全新系统,只安装curl,然后再用Xray安装命令,20次约有1次能正常安装,其它次数都无响应。
root@localhost:~# # bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
root@localhost:~# # bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
root@localhost:~# # bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
root@localhost:~# # bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
root@localhost:~# # bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
root@localhost:~# # bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
root@localhost:~#
试过重启VPS,还是一样。同时发现有几个是从Debian11升级到12的VPS,使用
# bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ remove --purge
也是无响应情况。
配置文件无法使用acme.sh导出的证书fullchain.cer 、private.key
~/.acme.sh/acme.sh --issue -d 域名 --standalone -k ec-256 --force
~/.acme.sh/acme.sh --install-cert -d 域名 --fullchain-file /usr/local/etc/xray/fullchain.cer --key-file /usr/local/etc/xray/private.key --ecc
国内无法正常安装,可否增加proxy
主要是配置文件不会写
ubuntu 20.04LTS , Xray安装后一直正常工作,考虑安全问题,使用“# bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install” 命令来升级,过程正常。
显示“info: Xray is installed.”。但是无法启动xray!
什么原因,怎么修复?
目前这个脚本安装的 xray.service
只能安装到系统的 systemctl service 目录,对于不便或者不能使用 root 的场景没有很好的支持,此外在多用户场景下也使得不同用户被迫共享同一个配置文件,体验并不好。
由于 systemd 本身是有运行 user unit 的功能的,因此我在自己的电脑上,通过复制粘贴的方式,写了一个用户级 xray.service
给我自己使用,内容如下:
[Unit]
Description="Xray service (user unit)"
[Service]
ExecStart="%h/GFW/Xray/Xray-linux-64/xray" -c "%h/GFW/Xray/Xray-linux-64/config.json"
Restart=on-failure
RestartPreventExitStatus=23
LimitNPROC=10000
LimitNOFILE=1000000
[Install]
WantedBy=default.target
按照 systemd.unit(5)
manpage 的说明,我把它放到了 ~/.config/systemd/user
目录。
然后就可以在 systemd
命令中传入 --user
来启动了:
systemctl start --user xray
systemctl enable --user xray
希望作者更新一下安装脚本,在日后以非 root 权限安装的时候能够用上这个功能。
https://www.freedesktop.org/software/systemd/man/systemd.unit.html
Path | Description |
---|---|
/etc/systemd/system | System units created by the administrator |
/usr/local/lib/systemd/system | System units installed by the administrator |
/usr/lib/systemd/system | System units installed by the distribution package manager |
希望Xray-core更新的时候不更新xray.service,User给的root权限,更新后又变成了nobody,每次更新后都需要手动改一下。
老大好啊!直接使用brew install xray安装的xray无法使用brew services start xray方法启动,无plist文件。另外,似乎默认的配置文件路径也是无效的。
使用 -u root 参数安装后,使用 xray.service 无法打开证书,日志显示 Permission denied. 经检查发现是 xray.service 中第 8 行CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
的问题,注释掉这一行就可以正常使用。我并不太懂 service
配置文件的写法,供大佬参考!
运行安装脚本得到以下错误提示:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:02 --:--:-- 0
100 28424 100 28424 0 0 3205 0 0:00:08 0:00:08 --:--:-- 6443
error: Failed to get the latest release version.
Welcome bug report:https://github.com/XTLS/Xray-install/issues
问题:一旦登录服务端ssh再退出之后,uds文件会被自动删除,restart xray service之后正常,再次退出ssh之后uds文件又没了,一直循环。
1、xray-core版本: 1.8.9
2、使用如下命令安装xray-core
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install -u myuser
3、vless-ws-tls方式,服务端入站改为"listen": "/dev/shm/xxx.socket",nginx做相应修改
4、操作步骤:
5、nginx配置
server {
listen 50000 ssl http2;
listen [::]: 50000 ssl http2;
server_name xxx.com;
ssl_certificate /home/ubuntu/tmp/cert/xxx.com_fullchain.pem;
ssl_certificate_key /home/ubuntu/tmp/cert/xxx.com.key;
ssl_protocols TLSv1.2 TLSv1.3;
location /xxx {
if ($http_upgrade != "websocket") {
return 404;
}
proxy_pass http://unix:/dev/shm/xxx.socket;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
}
6、服务端配置:
{
"inbounds": [
{
"tag": "inbound-vless-ws",
"protocol": "vless",
"listen": "/dev/shm/xxx.socket,0666",
"settings": {
"clients": [
{
"id": "xxx"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/xxx"
},
"security": "none"
}
}
]
}
7、客户端配置:
{
"inbounds": [
{
"tag": "inbound-socks",
"protocol": "socks",
"listen": "127.0.0.1",
"port": 1080,
"settings": {
"udp": true
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "xxx",
"port": 50000,
"users": [
{
"id": "xxx",
"encryption": "none"
}
]
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/xxx"
},
"security": "tls"
}
}
]
}
Hi
I have my own config.json file. There are my clients and my headers in it. I want the core to install this config for me. What is the command and how i can do that?
之前速度都还正常,现在速度突然下降,能否更新下脚本,谢谢了🙏
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.