debian 8手动xray

1.1安装nginx Debian 8 Jessie如何安装Nginx1.9.5

1	apt install nginx

1.2配置

cat > /etc/nginx/nginx.conf <<-EOF
user  root;
worker_processes  1;
#error_log  /etc/nginx/error.log warn;
#pid    /var/run/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '\$remote_addr - \$remote_user [\$time_local] "\$request" '
                      '\$status \$body_bytes_sent "\$http_referer" '
                      '"\$http_user_agent" "\$http_x_forwarded_for"';
    #access_log  /etc/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  120;
    client_max_body_size 20m;
    #gzip  on;
    include /etc/nginx/conf.d/*.conf;
}
EOF

$your_domain (域名)

cat > /etc/nginx/conf.d/default.conf<<-EOF
 server {
    listen       127.0.0.1:37212;
    server_name  $your_domain;
    root /usr/share/nginx/html;
    index index.php index.html index.htm;
}
 server {
    listen       127.0.0.1:37213 http2;
    server_name  $your_domain;
    root /usr/share/nginx/html;
    index index.php index.html index.htm;
}
    
server { 
    listen       0.0.0.0:80;
    server_name  $your_domain;
    root /usr/share/nginx/html/;
    index index.php index.html;
    #rewrite ^(.*)$  https://\$host\$1 permanent; 
}
EOF

1.3启动

1 2	systemctl enable nginx.service systemctl restart nginx.service

为域名申请证书,$your_domain(域名)

1 2	curl https://get.acme.sh \| sh ~/.acme.sh/acme.sh --issue -d $your_domain --webroot /usr/share/nginx/html/

安装官方Xray服务
以下一键安装程序来源于官方

1 2	mkdir /usr/local/etc/xray/ mkdir /usr/local/etc/xray/cert

1	bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install -u root

UUID 随机生成代码

1	cat /proc/sys/kernel/random/uuid

xray配置文件， $uuid(随机UUID)，$your_domain（域名）

cat > /usr/local/etc/xray/config.json<<-EOF
{
    "log": {
        "loglevel": "warning"
    }, 
    "inbounds": [
        {
            "listen": "0.0.0.0", 
            "port": 443, 
            "protocol": "vless", 
            "settings": {
                "clients": [
                    {
                        "id": "$uuid", 
                        "level": 0, 
                        "email": "a@b.com",
                        "flow":"xtls-rprx-direct"
                    }
                ], 
                "decryption": "none", 
                "fallbacks": [
                    {
                        "dest": 37212
                    }, 
                    {
                        "alpn": "h2", 
                        "dest": 37213
                    }
                ]
            }, 
            "streamSettings": {
                "network": "tcp", 
                "security": "xtls", 
                "xtlsSettings": {
                    "serverName": "$your_domain", 
                    "alpn": [
                        "h2", 
                        "http/1.1"
                    ], 
                    "certificates": [
                        {
                            "certificateFile": "/usr/local/etc/xray/cert/fullchain.cer", 
                            "keyFile": "/usr/local/etc/xray/cert/private.key"
                        }
                    ]
                }
            }
        }
    ], 
    "outbounds": [
        {
            "protocol": "freedom", 
            "settings": { }
        }
    ]
}
EOF

伪装站点

1
2
3

cd /usr/share/nginx/html/ && rm -f ./*
wget https://github.com/atrandys/trojan/raw/master/fakesite.zip
unzip -o fakesite.zip

xray 自启

1	systemctl enable xray.service

$your_domain(域名)

~/.acme.sh/acme.sh  --installcert  -d  $your_domain   \
--key-file   /usr/local/etc/xray/cert/private.key \
--fullchain-file  /usr/local/etc/xray/cert/fullchain.cer \
--reloadcmd  "chmod -R 777 /usr/local/etc/xray/cert && systemctl restart xray.service"