├── README.md
├── cdn.sh
├── remove-xray.sh
├── xray-websocket.sh
└── xray-whatever.sh
/README.md:
--------------------------------------------------------------------------------
1 | # This script is vulnerable to many issues and unhandled exceptions. please consider using other matured and more tested scripts. There are better scripts with better web UIs. v2-ui , x-ui , 3x-ui , marzban , etc.
2 |
3 |
4 | # This repo is archived and unmainted. use at your own risk.
5 |
--------------------------------------------------------------------------------
/cdn.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | echo "enter a valid UUID"
4 | read UUID
5 | echo "enter your domain (*pointed to server ip)"
6 | read DOMAIN_NAME
7 |
8 | #updating and adding firewall rules
9 |
10 | apt update
11 | apt upgrade
12 | apt purge iptables-persistent
13 | apt install ufw
14 | ufw allow 'OpenSSH'
15 | ufw allow 443/tcp
16 | ufw allow 80/tcp
17 | ufw enable
18 |
19 | #installing latest caddy
20 |
21 | VERSION=$(curl --silent 'https://api.github.com/repos/caddyserver/caddy/releases/latest' | sed 'y/,/\n/' | grep 'tag_name' | awk -F '"' '{print $4}')
22 |
23 | if [[ "$(uname)" == 'Linux' ]]; then
24 | case "$(uname -m)" in
25 | 'amd64' | 'x86_64')
26 | MACHINE='amd64'
27 | ;;
28 | 'armv8' | 'aarch64')
29 | MACHINE='arm64'
30 | ;;
31 | *)
32 | echo "error: The architecture is not supported by the script"
33 | exit 1
34 | ;;
35 | esac
36 | else
37 | echo "error: This operating system is not supported."
38 | exit 1
39 | fi
40 |
41 | VERSION_NO="${VERSION:1}"
42 |
43 | DOWNLOAD_LINK="https://github.com/caddyserver/caddy/releases/download/"$VERSION"/caddy_"$VERSION_NO"_linux_"$MACHINE".tar.gz"
44 |
45 | TARBALL="caddy_"$VERSION_NO"_linux_"$MACHINE".tar.gz"
46 |
47 | curl -LJO $DOWNLOAD_LINK
48 |
49 | tar -xvf $TARBALL
50 |
51 | mv caddy /usr/local/bin
52 |
53 | groupadd --system caddy
54 |
55 | useradd --system \
56 | --gid caddy \
57 | --create-home \
58 | --home-dir /var/lib/caddy \
59 | --shell /usr/sbin/nologin \
60 | --comment "Caddy web server" \
61 | caddy
62 |
63 | cat << EOF > /etc/systemd/system/caddy.service
64 | [Unit]
65 | Description=Caddy
66 | Documentation=https://caddyserver.com/docs/
67 | After=network.target network-online.target
68 | Requires=network-online.target
69 |
70 | [Service]
71 | Type=notify
72 | User=caddy
73 | Group=caddy
74 | ExecStart=/usr/local/bin/caddy run --environ --config /etc/caddy/Caddyfile
75 | ExecReload=/usr/local/bin/caddy reload --config /etc/caddy/Caddyfile
76 | TimeoutStopSec=5s
77 | LimitNOFILE=1048576
78 | LimitNPROC=512
79 | PrivateTmp=true
80 | ProtectSystem=full
81 | AmbientCapabilities=CAP_NET_BIND_SERVICE
82 |
83 | [Install]
84 | WantedBy=multi-user.target
85 | EOF
86 |
87 | mkdir /etc/caddy
88 | cat << EOF > /etc/caddy/Caddyfile
89 | {
90 | order reverse_proxy before route
91 | admin off
92 | log {
93 | output file /var/log/caddy/access.log
94 | level ERROR
95 | }
96 | }
97 |
98 | :443, $DOMAIN_NAME {
99 | tls {
100 | ciphers TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
101 | alpn http/1.1 h2
102 | }
103 |
104 | @vws {
105 | path /iamtrazy
106 | header Connection *Upgrade*
107 | header Upgrade websocket
108 | }
109 | reverse_proxy @vws unix//dev/shm/vws.sock
110 |
111 | @host {
112 | host $DOMAIN_NAME
113 | }
114 | route @host {
115 | header {
116 | Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
117 | }
118 | file_server {
119 | root /var/www/$DOMAIN_NAME/html
120 | }
121 | }
122 | }
123 | EOF
124 |
125 | #Fake website
126 |
127 | mkdir -p /var/www/$DOMAIN_NAME/html
128 | cat << EOF > /var/www/$DOMAIN_NAME/html/index.html
129 |
130 |
131 | iamtrazy
132 |
133 |
134 | I LOVE TAYLOR SWIFT
135 |
136 |
137 | EOF
138 | chown -R $SUDO_USER:$SUDO_USER /var/www/$DOMAIN_NAME/html
139 | chmod -R 755 /var/www/$DOMAIN_NAME
140 |
141 | #installing xray-core
142 |
143 | timedatectl set-timezone Asia/Colombo
144 | timedatectl set-ntp true
145 |
146 | bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
147 |
148 | #Adding a xray config json
149 |
150 | rm -rf /usr/local/etc/xray/config.json
151 | cat << EOF > /usr/local/etc/xray/config.json
152 | {
153 | "log": {
154 | "loglevel": "warning",
155 | "error": "/var/log/xray/error.log",
156 | "access": "/var/log/xray/access.log"
157 | },
158 | "inbounds": [
159 | {
160 | "listen": "/dev/shm/vws.sock,666",
161 | "protocol": "vless",
162 | "settings": {
163 | "clients": [
164 | {
165 | "id": "$UUID"
166 | }
167 | ],
168 | "decryption": "none"
169 | },
170 | "streamSettings": {
171 | "network": "ws",
172 | "security": "none",
173 | "wsSettings": {
174 | "path": "/iamtrazy"
175 | }
176 | },
177 | "sniffing": {
178 | "enabled": true,
179 | "destOverride": [
180 | "http",
181 | "tls"
182 | ]
183 | }
184 | }
185 | ],
186 | "routing": {
187 | "rules": [
188 | {
189 | "type": "field",
190 | "protocol": [
191 | "bittorrent"
192 | ],
193 | "outboundTag": "blocked"
194 | }
195 | ]
196 | },
197 | "outbounds": [
198 | {
199 | "protocol": "freedom",
200 | "settings": {}
201 | },
202 | {
203 | "tag": "blocked",
204 | "protocol": "blackhole",
205 | "settings": {}
206 | }
207 | ]
208 | }
209 | EOF
210 |
211 | #installing bbr
212 |
213 | wget -P /tmp https://raw.githubusercontent.com/teddysun/across/master/bbr.sh
214 | chmod +x /tmp/bbr.sh
215 | /tmp/bbr.sh
216 |
217 | #starting caddy & xray
218 |
219 | systemctl daemon-reload
220 |
221 | systemctl enable caddy
222 | systemctl enable xray
223 |
224 | systemctl restart caddy
225 | systemctl restart xray
226 |
--------------------------------------------------------------------------------
/remove-xray.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | #Remove old certificates
3 | rm -rf /etc/xray
4 | #remove json configs
5 | rm -rf /usr/local/etc/xray
6 | #remove xray-core
7 | bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ remove
8 |
--------------------------------------------------------------------------------
/xray-websocket.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | #input uuid & domain
4 |
5 | echo Enter a valid gen4 UUID:
6 | read UUID
7 |
8 | #configure timezone to sri lanka standards
9 |
10 | rm -rf /etc/localtime
11 | cp /usr/share/zoneinfo/Asia/Colombo /etc/localtime
12 | date -R
13 |
14 | apt install ufw
15 |
16 | #firewall rules
17 | ufw allow 'OpenSSH'
18 | ufw allow 443/tcp
19 | ufw allow 80/tcp
20 | ufw enable
21 |
22 | #running xray install script for linux - systemd
23 |
24 | bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
25 |
26 | #adding new configuration files
27 |
28 | rm -rf /usr/local/etc/xray/config.json
29 | cat << EOF > /usr/local/etc/xray/config.json
30 | {
31 | "log": {
32 | "loglevel": "warning"
33 | },
34 | "routing": {
35 | "domainStrategy": "AsIs",
36 | "rules": [
37 | {
38 | "type": "field",
39 | "ip": [
40 | "geoip:private"
41 | ],
42 | "outboundTag": "block"
43 | }
44 | ]
45 | },
46 | "inbounds": [
47 | {
48 | "port": 443,
49 | "protocol": "vless",
50 | "settings": {
51 | "clients": [
52 | {
53 | "id": "$UUID"
54 | }
55 | ],
56 | "decryption": "none"
57 | },
58 | "streamSettings": {
59 | "network": "ws",
60 | "security": "tls",
61 | "tlsSettings": {
62 | "certificates": [
63 | {
64 | "certificateFile": "/etc/xray/xray.crt",
65 | "keyFile": "/etc/xray/xray.key"
66 | }
67 | ]
68 | }
69 | }
70 | },
71 | {
72 | "port": 80,
73 | "protocol": "vless",
74 | "settings": {
75 | "clients": [
76 | {
77 | "id": "$UUID"
78 | }
79 | ],
80 | "decryption": "none"
81 | },
82 | "streamSettings": {
83 | "network": "ws",
84 | "security": "none"
85 | }
86 | }
87 | ],
88 | "outbounds": [
89 | {
90 | "protocol": "freedom",
91 | "tag": "direct"
92 | },
93 | {
94 | "protocol": "blackhole",
95 | "tag": "block"
96 | }
97 | ]
98 | }
99 | EOF
100 |
101 | #accuring a ssl certificate (self-sigend openssl)
102 |
103 | openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
104 | -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" \
105 | -keyout xray.key -out xray.crt
106 | mkdir /etc/xray
107 | cp xray.key /etc/xray/xray.key
108 | cp xray.crt /etc/xray/xray.crt
109 | chmod 644 /etc/xray/xray.key
110 |
111 | #starting xray core on sytem startup
112 |
113 | systemctl enable xray
114 | systemctl restart xray
115 |
116 | #install bbr
117 |
118 | wget -P /tmp https://raw.githubusercontent.com/teddysun/across/master/bbr.sh
119 | chmod +x /tmp/bbr.sh
120 | /tmp/bbr.sh
121 |
--------------------------------------------------------------------------------
/xray-whatever.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | echo Enter a valid gen4 UUID:
4 | read UUID
5 |
6 | rm -rf /etc/localtime
7 | cp /usr/share/zoneinfo/Asia/Colombo /etc/localtime
8 | date -R
9 |
10 |
11 | #updating and adding firewall rules
12 |
13 | apt update
14 | apt upgrade
15 | apt purge iptables-persistent
16 | apt install ufw
17 | ufw allow 'OpenSSH'
18 | ufw allow 443/tcp
19 | ufw enable
20 |
21 | bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install --version v1.8.1
22 |
23 | rm -rf /usr/local/etc/xray/config.json
24 | cat << EOF > /usr/local/etc/xray/config.json
25 | {
26 | "log": {
27 | "loglevel": "none"
28 | },
29 | "inbounds": [
30 | {
31 | "port": 443,
32 | "protocol": "vless",
33 | "settings": {
34 | "clients": [
35 | {
36 | "id": "$UUID",
37 | "flow": "xtls-rprx-vision",
38 | "level": 0,
39 | "email": "love@example.com"
40 | }
41 | ],
42 | "decryption": "none",
43 | "fallbacks": [
44 | {
45 | "dest": 1310,
46 | "xver": 1
47 | },
48 | {
49 | "path": "/websocket",
50 | "dest": 1234,
51 | "xver": 1
52 | },
53 | {
54 | "path": "/vmesstcp",
55 | "dest": 2345,
56 | "xver": 1
57 | },
58 | {
59 | "path": "/vmessws",
60 | "dest": 3456,
61 | "xver": 1
62 | }
63 | ]
64 | },
65 | "streamSettings": {
66 | "network": "tcp",
67 | "security": "tls",
68 | "tlsSettings": {
69 | "alpn": [
70 | "http/1.1"
71 | ],
72 | "certificates": [
73 | {
74 | "certificateFile": "/etc/xray/xray.crt",
75 | "keyFile": "/etc/xray/xray.key"
76 | }
77 | ]
78 | }
79 | }
80 | },
81 | {
82 | "port": 1310,
83 | "listen": "127.0.0.1",
84 | "protocol": "trojan",
85 | "settings": {
86 | "clients": [
87 | {
88 | "password": "$UUID",
89 | "level": 0,
90 | "email": "love@example.com"
91 | }
92 | ],
93 | "fallbacks": [
94 | {
95 | "dest": 80
96 | }
97 | ]
98 | },
99 | "streamSettings": {
100 | "network": "tcp",
101 | "security": "none",
102 | "tcpSettings": {
103 | "acceptProxyProtocol": true
104 | }
105 | }
106 | },
107 | {
108 | "port": 1234,
109 | "listen": "127.0.0.1",
110 | "protocol": "vless",
111 | "settings": {
112 | "clients": [
113 | {
114 | "id": "$UUID",
115 | "level": 0,
116 | "email": "love@example.com"
117 | }
118 | ],
119 | "decryption": "none"
120 | },
121 | "streamSettings": {
122 | "network": "ws",
123 | "security": "none",
124 | "wsSettings": {
125 | "acceptProxyProtocol": true,
126 | "path": "/websocket"
127 | }
128 | }
129 | },
130 | {
131 | "port": 2345,
132 | "listen": "127.0.0.1",
133 | "protocol": "vmess",
134 | "settings": {
135 | "clients": [
136 | {
137 | "id": "$UUID",
138 | "level": 0,
139 | "email": "love@example.com"
140 | }
141 | ]
142 | },
143 | "streamSettings": {
144 | "network": "tcp",
145 | "security": "none",
146 | "tcpSettings": {
147 | "acceptProxyProtocol": true,
148 | "header": {
149 | "type": "http",
150 | "request": {
151 | "path": [
152 | "/vmesstcp"
153 | ]
154 | }
155 | }
156 | }
157 | }
158 | },
159 | {
160 | "port": 3456,
161 | "listen": "127.0.0.1",
162 | "protocol": "vmess",
163 | "settings": {
164 | "clients": [
165 | {
166 | "id": "$UUID",
167 | "level": 0,
168 | "email": "love@example.com"
169 | }
170 | ]
171 | },
172 | "streamSettings": {
173 | "network": "ws",
174 | "security": "none",
175 | "wsSettings": {
176 | "acceptProxyProtocol": true,
177 | "path": "/vmessws"
178 | }
179 | }
180 | }
181 | ],
182 | "outbounds": [
183 | {
184 | "protocol": "freedom"
185 | }
186 | ]
187 | }
188 | EOF
189 |
190 | #accuring a ssl certificate (self-sigend openssl)
191 |
192 | openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
193 | -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" \
194 | -keyout xray.key -out xray.crt
195 | mkdir /etc/xray
196 | cp xray.key /etc/xray/xray.key
197 | cp xray.crt /etc/xray/xray.crt
198 | chmod 644 /etc/xray/xray.key
199 |
200 | #starting xray core on sytem startup
201 |
202 | systemctl enable xray
203 | systemctl restart xray
204 |
205 | #install bbr
206 |
207 | wget -P /tmp https://raw.githubusercontent.com/teddysun/across/master/bbr.sh
208 | chmod +x /tmp/bbr.sh
209 | /tmp/bbr.sh
210 |
--------------------------------------------------------------------------------