├── README.md ├── backup.sh ├── changelog ├── clash ├── clash.yaml ├── clash_fullproxy_without_ru.yaml ├── clash_refilter_ech.yaml └── clash_skrepysh.yaml ├── media ├── Config_XUI_ADMIN.jpg ├── Config_XUI_ADMIN_4.jpg ├── CustomWebSub.png ├── CustomWebSubHow2Open.png ├── CustomWebSubSections.png ├── CustomWebSubSingBox.png ├── Enable_WARP.jpg ├── TURNON.png ├── XUI_CONFIG_XRAY_CLIENT_EDIT2.png ├── admin_config.png ├── cdnon.png ├── client_config.png ├── direct_gfw.png ├── error403Google.png ├── grpc_config_format.jpg ├── new_screen_old.png ├── reality.png ├── sub2sing.png ├── trojan_grpc_admin.png ├── vlessandws.png ├── warp.png └── xui-warp.png ├── randomfakehtml.sh ├── sub-3x-ui-classical.html ├── sub-3x-ui.html └── x-ui-pro.sh /README.md: -------------------------------------------------------------------------------- 1 | ## x-ui-pro (x-ui + nginx) modification of https://github.com/GFW4Fun/x-ui-pro for REALITY 2 | - Auto Installation (lightweight) 3 | - Auto SSL renewal / Daily reload Nginx X-ui 4 | - Handle **REALITY** and **WebSocket** via **nginx**. 5 | - Multi-user and config via port **443** 6 | - Auto enabled subscriptions via port **443** 7 | - Auto configured VLESS+Reality and VLESSoverWebSocket 8 | - **Custom Web Sub Page** 9 | - Feature that allows the use of **custom client configurations for SING-BOX & CLASH META** 10 | - **Local instance sub2sing-box** 11 | - Auto configured Firewall 12 | - More security and low detection with nginx 13 | - Compatible with Cloudflare (only for WebSocket/GRPC) 14 | - Random 150+ fake template! 15 | - Linux Debian12/Ubuntu24! 16 | > 17 | **You need TWO domains or subdomains** 18 | 1. For panel and WebSocket/GRPC/HttpUgrade/SplitHttp 19 | 2. For REALITY destination 20 | > 21 | Get Free subdomains - https://scarce-hole-1e2.notion.site/14d1666462e48069818cf42553bfae1f?pvs=74 22 | > 23 | RU instruction - https://scarce-hole-1e2.notion.site/3X-UI-pro-with-REALITY-panel-and-inbaunds-on-port-443-10d1666462e48085be0fee4c136ce417 24 | 25 | ➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖ 26 | 27 | ### Install X-UI-PRO 28 | 29 | ``` 30 | bash <(wget -qO- https://github.com/mozaroc/x-ui-pro/raw/master/x-ui-pro.sh) -install yes -panel 1 -ONLY_CF_IP_ALLOW no 31 | ``` 32 | > 33 | > Do not change SubDomain for renew SSL❗ 34 | 35 | 36 | **Uninstall X-UI-PRO**:x: 37 | ``` 38 | sudo su -c "bash <(wget -qO- https://raw.githubusercontent.com/mozaroc/x-ui-pro/master/x-ui-pro.sh) -Uninstall yes" 39 | ``` 40 | 41 | **backup panel and nginx configs**:x: 42 | ``` 43 | sudo su -c "bash <(wget -qO- https://raw.githubusercontent.com/mozaroc/x-ui-pro/master/backup.sh)" 44 | ``` 45 | 46 | ➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖ 47 | ### Screenshots :wrench:🐧⚙️ 48 | > 49 | **How to open custom web sub page?** 50 | > 51 | ![](https://github.com/legiz-ru/x-ui-pro/blob/master/media/CustomWebSubHow2Open.png?raw=true) 52 | > 53 | **Main Page custom web sub** 54 | > 55 | ![](https://github.com/legiz-ru/x-ui-pro/blob/master/media/CustomWebSub.png?raw=true) 56 | > 57 | **sub2sing-box section on custom web sub page** 58 | > 59 | ![](https://github.com/legiz-ru/x-ui-pro/blob/master/media/CustomWebSubSingBox.png?raw=true) 60 | > 61 | **local instance sub2sing-box fork by legiz** 62 | > 63 | ![](https://github.com/legiz-ru/x-ui-pro/blob/master/media/sub2sing.png?raw=true) 64 | -------------------------------------------------------------------------------- /backup.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Check if the script is run as root 4 | if [ "$EUID" -ne 0 ]; then 5 | echo "Please run this script as root." 6 | exit 1 7 | fi 8 | 9 | # Function to get web roots from Nginx configuration 10 | get_web_roots() { 11 | nginx -T 2>/dev/null | grep "root " | awk '{print $2}' | sed 's/;//g' | sort -u 12 | } 13 | 14 | # Logging function 15 | log() { 16 | echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" >> /var/log/backup_script.log 17 | } 18 | 19 | # Function to perform backup 20 | backup() { 21 | # Ask for backup directory with default 22 | while true; do 23 | read -p "Enter the backup directory path (default /backup): " BACKUP_DIR 24 | BACKUP_DIR="${BACKUP_DIR:-/backup}" 25 | if mkdir -p "$BACKUP_DIR" 2>/dev/null; then 26 | break 27 | else 28 | echo "Failed to create backup directory. Please enter a valid path." 29 | fi 30 | done 31 | 32 | # Get current date and timestamp 33 | BACKUP_DATE=$(date +%F) 34 | BACKUP_TIMESTAMP=$(date +%H-%M-%S) 35 | BACKUP_DIR_DATE="$BACKUP_DIR/$BACKUP_DATE" 36 | BACKUP_DIR_TIMESTAMP="$BACKUP_DIR_DATE/$BACKUP_TIMESTAMP" 37 | mkdir -p "$BACKUP_DIR_TIMESTAMP" 38 | 39 | # Present menu for backup selection with exit option 40 | while true; do 41 | echo "Select components to backup:" 42 | echo "1. Nginx configuration" 43 | echo "2. 3x-ui database" 44 | echo "3. 3x-ui config.json" 45 | echo "4. Website files" 46 | echo "5. All of the above" 47 | echo "0. Exit" 48 | read -p "Enter your choice (0-5): " OPTION 49 | 50 | case $OPTION in 51 | 1) 52 | # Backup Nginx configuration 53 | echo "Creating backup of Nginx configuration..." 54 | tar -czf "$BACKUP_DIR_TIMESTAMP/nginx-$BACKUP_TIMESTAMP.tar.gz" /etc/nginx 55 | echo "Backup completed." 56 | log "Nginx configuration backed up to $BACKUP_DIR_TIMESTAMP/nginx-$BACKUP_TIMESTAMP.tar.gz" 57 | ;; 58 | 2) 59 | # Backup 3x-ui database 60 | echo "Creating backup of 3x-ui database..." 61 | tar -czf "$BACKUP_DIR_TIMESTAMP/x-ui-sql-$BACKUP_TIMESTAMP.tar.gz" /etc/x-ui 62 | echo "Backup completed." 63 | log "3x-ui database backed up to $BACKUP_DIR_TIMESTAMP/x-ui-sql-$BACKUP_TIMESTAMP.tar.gz" 64 | ;; 65 | 3) 66 | # Backup 3x-ui config.json 67 | echo "Creating backup of 3x-ui config.json..." 68 | tar -czf "$BACKUP_DIR_TIMESTAMP/config-$BACKUP_TIMESTAMP.tar.gz" /usr/local/x-ui/bin/config.json 69 | echo "Backup completed." 70 | log "3x-ui config.json backed up to $BACKUP_DIR_TIMESTAMP/config-$BACKUP_TIMESTAMP.tar.gz" 71 | ;; 72 | 4) 73 | # Backup website files 74 | echo "Creating backup of website files..." 75 | WEB_ROOTS=$(get_web_roots) 76 | echo "Web roots: $WEB_ROOTS" 77 | for WEB_ROOT in $WEB_ROOTS; do 78 | if [ -d "$WEB_ROOT" ]; then 79 | tar -czf "$BACKUP_DIR_TIMESTAMP/website-${WEB_ROOT//\//_}-$BACKUP_TIMESTAMP.tar.gz" -P "$WEB_ROOT" 80 | echo "Backed up $WEB_ROOT" 81 | log "Website files for $WEB_ROOT backed up to $BACKUP_DIR_TIMESTAMP/website-${WEB_ROOT//\//_}-$BACKUP_TIMESTAMP.tar.gz" 82 | else 83 | echo "Web root $WEB_ROOT does not exist. Skipping backup." 84 | fi 85 | done 86 | echo "Backup completed." 87 | ;; 88 | 5) 89 | # Backup all components 90 | echo "Creating backup of all components..." 91 | tar -czf "$BACKUP_DIR_TIMESTAMP/nginx-$BACKUP_TIMESTAMP.tar.gz" /etc/nginx 92 | tar -czf "$BACKUP_DIR_TIMESTAMP/x-ui-sql-$BACKUP_TIMESTAMP.tar.gz" /etc/x-ui 93 | tar -czf "$BACKUP_DIR_TIMESTAMP/config-$BACKUP_TIMESTAMP.tar.gz" /usr/local/x-ui/bin/config.json 94 | WEB_ROOTS=$(get_web_roots) 95 | for WEB_ROOT in $WEB_ROOTS; do 96 | if [ -d "$WEB_ROOT" ]; then 97 | tar -czf "$BACKUP_DIR_TIMESTAMP/website-${WEB_ROOT//\//_}-$BACKUP_TIMESTAMP.tar.gz" -P "$WEB_ROOT" 98 | log "Website files for $WEB_ROOT backed up to $BACKUP_DIR_TIMESTAMP/website-${WEB_ROOT//\//_}-$BACKUP_TIMESTAMP.tar.gz" 99 | else 100 | echo "Web root $WEB_ROOT does not exist. Skipping backup." 101 | fi 102 | done 103 | echo "Backup completed." 104 | ;; 105 | 0) 106 | echo "Exiting backup selection." 107 | break 108 | ;; 109 | *) 110 | echo "Invalid choice. Please select a valid option." 111 | ;; 112 | esac 113 | read -p "Press Enter to continue..." 114 | done 115 | } 116 | 117 | # Function to perform restore 118 | restore() { 119 | # Ask for backup directory with default 120 | while true; do 121 | read -p "Enter the backup directory path (default /backup): " BACKUP_DIR 122 | BACKUP_DIR="${BACKUP_DIR:-/backup}" 123 | if [ -d "$BACKUP_DIR" ]; then 124 | break 125 | else 126 | echo "Backup directory does not exist. Please enter a valid path." 127 | fi 128 | done 129 | 130 | # List available backup dates with exit option 131 | BACKUP_DATES=($(find "$BACKUP_DIR" -mindepth 1 -maxdepth 1 -type d -exec basename {} \;)) 132 | if [ ${#BACKUP_DATES[@]} -eq 0 ]; then 133 | echo "No backup dates found." 134 | return 135 | fi 136 | 137 | echo "Available backup dates:" 138 | select BACKUP_DATE in "${BACKUP_DATES[@]}" "Exit"; do 139 | if [ "$BACKUP_DATE" == "Exit" ]; then 140 | echo "Exiting restore selection." 141 | return 142 | elif [ -n "$BACKUP_DATE" ]; then 143 | BACKUP_DIR_DATE="$BACKUP_DIR/$BACKUP_DATE" 144 | break 145 | else 146 | echo "Please select a valid option." 147 | fi 148 | done 149 | 150 | # List all backup timestamps in the selected date directory 151 | BACKUP_TIMESTAMPS=($(find "$BACKUP_DIR_DATE" -mindepth 1 -maxdepth 1 -type d -exec basename {} \;)) 152 | if [ ${#BACKUP_TIMESTAMPS[@]} -eq 0 ]; then 153 | echo "No backup timestamps found in $BACKUP_DIR_DATE." 154 | return 155 | fi 156 | 157 | echo "Available backup timestamps in $BACKUP_DIR_DATE:" 158 | select BACKUP_TIMESTAMP in "${BACKUP_TIMESTAMPS[@]}" "Exit"; do 159 | if [ "$BACKUP_TIMESTAMP" == "Exit" ]; then 160 | echo "Exiting restore selection." 161 | return 162 | elif [ -n "$BACKUP_TIMESTAMP" ]; then 163 | BACKUP_DIR_TIMESTAMP="$BACKUP_DIR_DATE/$BACKUP_TIMESTAMP" 164 | echo "Restoring from $BACKUP_DIR_TIMESTAMP..." 165 | for FILE in "$BACKUP_DIR_TIMESTAMP"/*.tar.gz; do 166 | echo "Restoring $FILE..." 167 | tar -xzf "$FILE" -C / 168 | log "Restored $FILE from $BACKUP_DIR_TIMESTAMP" 169 | done 170 | echo "Restore completed." 171 | read -p "Press Enter to continue..." 172 | else 173 | echo "Please select a valid option." 174 | fi 175 | done 176 | 177 | # Start services after restore 178 | echo "Starting nginx and x-ui services..." 179 | systemctl start nginx 180 | systemctl start x-ui 181 | log "Services restarted after restore operation." 182 | } 183 | 184 | # Main menu with exit option 185 | while true; do 186 | echo "------------------------" 187 | echo " Backup/Restore Menu " 188 | echo "------------------------" 189 | echo "1. Perform Backup" 190 | echo "2. Perform Restore" 191 | echo "0. Exit" 192 | read -p "Select an option: " OPTION 193 | 194 | case $OPTION in 195 | 1) 196 | backup 197 | ;; 198 | 2) 199 | restore 200 | ;; 201 | 0) 202 | echo "Exiting script." 203 | log "Script exited by user." 204 | break 205 | ;; 206 | *) 207 | echo "Invalid option. Please choose again." 208 | ;; 209 | esac 210 | done 211 | -------------------------------------------------------------------------------- /changelog: -------------------------------------------------------------------------------- 1 | v0.3 2 | add emoji flag vps country to inbound remarks 3 | for clash meta config with re-filter ECH+noECH rules use option: -clash 3 4 | fix sub2sing-box run only localhost 5 | v0.2 6 | add new sub page based on https://github.com/streletskiy/marzban-sub-page 7 | for install classic web sub page use option: -websub 1 8 | add clash meta config with ru-bundle 9 | for clash meta config by skrepysh use option: -clash 1 10 | for clash meta config with fullproxy without ru use option: -clash 2 11 | change sub2sing-box to fork by legiz 12 | add link local instance sub2sing-box to output after install 13 | xhttp packet-up mode 14 | v0.1 15 | add web sub page 16 | local sub2sing-box 17 | -------------------------------------------------------------------------------- /clash/clash.yaml: -------------------------------------------------------------------------------- 1 | mixed-port: 7890 2 | allow-lan: false 3 | log-level: info 4 | ipv6: false 5 | 6 | mode: rule 7 | dns: 8 | enable: true 9 | use-hosts: true 10 | ipv6: false 11 | enhanced-mode: redir-host 12 | listen: 127.0.0.1:6868 13 | default-nameserver: 14 | - 1.1.1.1 15 | - 8.8.8.8 16 | - 1.0.0.1 17 | nameserver: 18 | - https://1.1.1.1/dns-query#PROXY 19 | - https://8.8.8.8/dns-query#PROXY 20 | - https://1.0.0.1/dns-query#PROXY 21 | - 8.8.8.8 22 | - 1.1.1.1 23 | 24 | profile: 25 | store-selected: true 26 | 27 | proxy-groups: 28 | - name: PROXY 29 | proxies: 30 | - auto 31 | use: 32 | - sub 33 | type: select 34 | 35 | - name: auto 36 | use: 37 | - sub 38 | type: url-test 39 | url: http://cp.cloudflare.com 40 | interval: 300 41 | tolerance: 150 42 | lazy: true 43 | 44 | proxy-providers: 45 | sub: 46 | type: http 47 | url: https://${DOMAIN}/${SUB_PATH}/ 48 | path: ./proxy_providers/base64.yml 49 | interval: 3600 50 | health-check: 51 | enable: true 52 | url: https://www.gstatic.com/generate_204 53 | interval: 300 54 | timeout: 5000 55 | lazy: true 56 | expected-status: 204 57 | 58 | rule-providers: 59 | ru-bundle: 60 | type: http 61 | behavior: domain 62 | format: mrs 63 | url: https://github.com/legiz-ru/mihomo-rule-sets/raw/main/ru-bundle/rule.mrs 64 | path: ./ru-bundle/rule.mrs 65 | interval: 86400 66 | 67 | rules: 68 | - PROCESS-NAME,Discord.exe,PROXY 69 | - PROCESS-NAME,com.supercell.clashofclans,PROXY 70 | - PROCESS-NAME,com.supercell.brawlstars,PROXY 71 | - RULE-SET,ru-bundle,PROXY 72 | - MATCH,DIRECT 73 | 74 | sniffer: 75 | enable: true 76 | force-dns-mapping: true 77 | parse-pure-ip: true 78 | sniff: 79 | HTTP: 80 | ports: [80, 8080-8880] 81 | override-destination: true 82 | TLS: 83 | ports: [443, 8443] 84 | 85 | tun: 86 | enable: true 87 | stack: system 88 | dns-hijack: 89 | - any:53 90 | auto-redir: true 91 | auto-route: true 92 | auto-detect-interface: true 93 | -------------------------------------------------------------------------------- /clash/clash_fullproxy_without_ru.yaml: -------------------------------------------------------------------------------- 1 | mixed-port: 7890 2 | allow-lan: false 3 | log-level: info 4 | ipv6: false 5 | 6 | mode: rule 7 | dns: 8 | enable: true 9 | use-hosts: true 10 | ipv6: false 11 | enhanced-mode: redir-host 12 | listen: 127.0.0.1:6868 13 | default-nameserver: 14 | - 1.1.1.1 15 | - 8.8.8.8 16 | - 1.0.0.1 17 | nameserver: 18 | - https://1.1.1.1/dns-query#PROXY 19 | - https://8.8.8.8/dns-query#PROXY 20 | - https://1.0.0.1/dns-query#PROXY 21 | - 8.8.8.8 22 | - 1.1.1.1 23 | 24 | profile: 25 | store-selected: true 26 | 27 | proxy-groups: 28 | - name: PROXY 29 | proxies: 30 | - auto 31 | use: 32 | - sub 33 | type: select 34 | 35 | - name: auto 36 | use: 37 | - sub 38 | type: url-test 39 | url: http://cp.cloudflare.com 40 | interval: 300 41 | tolerance: 150 42 | lazy: true 43 | 44 | proxy-providers: 45 | sub: 46 | type: http 47 | url: https://${DOMAIN}/${SUB_PATH}/ 48 | path: ./proxy_providers/base64.yml 49 | interval: 3600 50 | health-check: 51 | enable: true 52 | url: https://www.gstatic.com/generate_204 53 | interval: 300 54 | timeout: 5000 55 | lazy: true 56 | expected-status: 204 57 | 58 | rule-providers: 59 | geosite-ru: 60 | type: http 61 | behavior: domain 62 | format: mrs 63 | url: https://github.com/MetaCubeX/meta-rules-dat/raw/meta/geo/geosite/category-ru.mrs 64 | path: ./geosite-ru.mrs 65 | interval: 86400 66 | geoip-ru: 67 | type: http 68 | behavior: ipcidr 69 | format: mrs 70 | url: https://github.com/MetaCubeX/meta-rules-dat/raw/meta/geo/geoip/ru.mrs 71 | path: ./geoip-ru.mrs 72 | interval: 86400 73 | 74 | rules: 75 | - PROCESS-NAME,Discord.exe,PROXY 76 | - RULE-SET,geosite-ru,DIRECT 77 | - RULE-SET,geoip-ru,DIRECT 78 | - MATCH,PROXY 79 | 80 | sniffer: 81 | enable: true 82 | force-dns-mapping: true 83 | parse-pure-ip: true 84 | sniff: 85 | HTTP: 86 | ports: [80, 8080-8880] 87 | override-destination: true 88 | TLS: 89 | ports: [443, 8443] 90 | 91 | tun: 92 | enable: true 93 | stack: system 94 | dns-hijack: 95 | - any:53 96 | auto-redir: true 97 | auto-route: true 98 | auto-detect-interface: true 99 | -------------------------------------------------------------------------------- /clash/clash_refilter_ech.yaml: -------------------------------------------------------------------------------- 1 | 2 | mixed-port: 7890 3 | allow-lan: false 4 | mode: rule 5 | log-level: warning 6 | ipv6: false 7 | unified-delay: true 8 | tcp-concurrent: true 9 | global-client-fingerprint: chrome 10 | 11 | profile: 12 | store-selected: true 13 | 14 | dns: 15 | enable: true 16 | prefer-h3: true 17 | use-hosts: true 18 | use-system-hosts: true 19 | listen: 127.0.0.1:6868 20 | ipv6: false 21 | enhanced-mode: redir-host 22 | default-nameserver: 23 | - 'tls://1.1.1.1' 24 | - 'tls://1.0.0.1' 25 | proxy-server-nameserver: 26 | - 'tls://1.1.1.1' 27 | - 'tls://1.0.0.1' 28 | nameserver: 29 | - 'https://cloudflare-dns.com/dns-query#PROXY' 30 | 31 | sniffer: 32 | enable: true 33 | force-dns-mapping: true 34 | parse-pure-ip: true 35 | sniff: 36 | HTTP: 37 | ports: [80, 8080-8880] 38 | override-destination: true 39 | TLS: 40 | ports: [443, 8443] 41 | 42 | tun: 43 | enable: true 44 | stack: mixed 45 | auto-route: true 46 | auto-detect-interface: true 47 | dns-hijack: 48 | - any:53 49 | strict-route: true 50 | mtu: 1500 51 | 52 | proxy-groups: 53 | - name: PROXY 54 | proxies: 55 | - auto 56 | use: 57 | - sub 58 | type: select 59 | 60 | - name: auto 61 | use: 62 | - sub 63 | type: url-test 64 | url: http://cp.cloudflare.com 65 | interval: 300 66 | tolerance: 150 67 | lazy: true 68 | 69 | proxy-providers: 70 | sub: 71 | type: http 72 | url: https://${DOMAIN}/${SUB_PATH}/ 73 | path: ./proxy_providers/base64.yml 74 | interval: 3600 75 | health-check: 76 | enable: true 77 | url: https://www.gstatic.com/generate_204 78 | interval: 300 79 | timeout: 5000 80 | lazy: true 81 | expected-status: 204 82 | 83 | rule-providers: 84 | refilter_noech: 85 | type: http 86 | behavior: domain 87 | format: mrs 88 | url: https://github.com/legiz-ru/mihomo-rule-sets/raw/main/re-filter/re-filter-noech.mrs 89 | path: ./re-filter/noech.mrs 90 | interval: 86400 91 | refilter_ech: 92 | type: http 93 | behavior: domain 94 | format: mrs 95 | url: https://github.com/legiz-ru/mihomo-rule-sets/raw/main/re-filter/re-filter-ech.mrs 96 | path: ./re-filter/ech.mrs 97 | interval: 86400 98 | refilter_ipsum: 99 | type: http 100 | behavior: ipcidr 101 | format: mrs 102 | url: https://github.com/legiz-ru/mihomo-rule-sets/raw/main/re-filter/ip-rule.mrs 103 | path: ./re-filter/ip-rule.mrs 104 | interval: 86400 105 | rules: 106 | - DOMAIN,cloudflare-ech.com,PROXY 107 | - RULE-SET,refilter_ech,DIRECT 108 | - RULE-SET,refilter_noech,PROXY 109 | - RULE-SET,refilter_ipsum,PROXY 110 | - MATCH,DIRECT 111 | -------------------------------------------------------------------------------- /clash/clash_skrepysh.yaml: -------------------------------------------------------------------------------- 1 | mixed-port: 7890 2 | allow-lan: false 3 | mode: rule 4 | log-level: warning 5 | ipv6: false 6 | unified-delay: true 7 | tcp-concurrent: true 8 | global-client-fingerprint: chrome 9 | 10 | profile: 11 | store-selected: true 12 | 13 | dns: 14 | enable: true 15 | prefer-h3: true 16 | use-hosts: true 17 | use-system-hosts: true 18 | listen: 127.0.0.1:6868 19 | ipv6: false 20 | enhanced-mode: redir-host 21 | default-nameserver: 22 | - 'tls://1.1.1.1' 23 | - 'tls://1.0.0.1' 24 | proxy-server-nameserver: 25 | - 'tls://1.1.1.1' 26 | - 'tls://1.0.0.1' 27 | nameserver: 28 | - 'https://cloudflare-dns.com/dns-query#PROXY' 29 | 30 | sniffer: 31 | enable: true 32 | force-dns-mapping: true 33 | parse-pure-ip: true 34 | sniff: 35 | HTTP: 36 | ports: [80, 8080-8880] 37 | override-destination: true 38 | TLS: 39 | ports: [443, 8443] 40 | 41 | tun: 42 | enable: true 43 | stack: mixed 44 | auto-route: true 45 | auto-detect-interface: true 46 | dns-hijack: 47 | - any:53 48 | strict-route: true 49 | mtu: 1500 50 | 51 | proxy-groups: 52 | - name: PROXY 53 | proxies: 54 | - auto 55 | use: 56 | - sub 57 | type: select 58 | 59 | - name: auto 60 | use: 61 | - sub 62 | type: url-test 63 | url: http://cp.cloudflare.com 64 | interval: 300 65 | tolerance: 150 66 | lazy: true 67 | 68 | proxy-providers: 69 | sub: 70 | type: http 71 | url: https://${DOMAIN}/${SUB_PATH}/ 72 | path: ./proxy_providers/base64.yml 73 | interval: 3600 74 | health-check: 75 | enable: true 76 | url: https://www.gstatic.com/generate_204 77 | interval: 300 78 | timeout: 5000 79 | lazy: true 80 | expected-status: 204 81 | 82 | rule-providers: 83 | skrepysh-proxy: 84 | type: http 85 | url: https://github.com/Skrepysh/mihomo-rulesets/raw/refs/heads/main/skrepysh-rulesets/skrepysh-proxy.yaml 86 | interval: 86400 87 | proxy: DIRECT 88 | behavior: classical 89 | format: yaml 90 | skrepysh-direct: 91 | type: http 92 | url: https://github.com/Skrepysh/mihomo-rulesets/raw/refs/heads/main/skrepysh-rulesets/skrepysh-direct.yaml 93 | interval: 86400 94 | proxy: DIRECT 95 | behavior: classical 96 | format: yaml 97 | skrepysh-reject: 98 | type: http 99 | url: https://github.com/Skrepysh/mihomo-rulesets/raw/refs/heads/main/skrepysh-rulesets/skrepysh-reject.yaml 100 | interval: 86400 101 | proxy: DIRECT 102 | behavior: classical 103 | format: yaml 104 | ru-bundle: 105 | type: http 106 | url: https://github.com/legiz-ru/mihomo-rule-sets/raw/main/ru-bundle/rule.mrs 107 | interval: 86400 108 | proxy: DIRECT 109 | behavior: domain 110 | format: mrs 111 | torrent-clients: 112 | type: http 113 | url: 'https://raw.githubusercontent.com/legiz-ru/mihomo-rule-sets/refs/heads/main/other/torrent-clients.yaml' 114 | interval: 86400 115 | proxy: DIRECT 116 | behavior: classical 117 | format: yaml 118 | torrent-trackers: 119 | type: http 120 | url: 'https://raw.githubusercontent.com/legiz-ru/mihomo-rule-sets/refs/heads/main/other/torrent-trackers.mrs' 121 | interval: 86400 122 | proxy: DIRECT 123 | behavior: domain 124 | format: mrs 125 | 126 | rules: 127 | - RULE-SET,torrent-clients,DIRECT 128 | - RULE-SET,torrent-trackers,DIRECT 129 | - RULE-SET,skrepysh-reject,REJECT 130 | - RULE-SET,skrepysh-proxy,PROXY 131 | - RULE-SET,skrepysh-direct,DIRECT 132 | - RULE-SET,ru-bundle,PROXY 133 | - MATCH,DIRECT -------------------------------------------------------------------------------- /media/Config_XUI_ADMIN.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/Config_XUI_ADMIN.jpg -------------------------------------------------------------------------------- /media/Config_XUI_ADMIN_4.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/Config_XUI_ADMIN_4.jpg -------------------------------------------------------------------------------- /media/CustomWebSub.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/CustomWebSub.png -------------------------------------------------------------------------------- /media/CustomWebSubHow2Open.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/CustomWebSubHow2Open.png -------------------------------------------------------------------------------- /media/CustomWebSubSections.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/CustomWebSubSections.png -------------------------------------------------------------------------------- /media/CustomWebSubSingBox.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/CustomWebSubSingBox.png -------------------------------------------------------------------------------- /media/Enable_WARP.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/Enable_WARP.jpg -------------------------------------------------------------------------------- /media/TURNON.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/TURNON.png -------------------------------------------------------------------------------- /media/XUI_CONFIG_XRAY_CLIENT_EDIT2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/XUI_CONFIG_XRAY_CLIENT_EDIT2.png -------------------------------------------------------------------------------- /media/admin_config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/admin_config.png -------------------------------------------------------------------------------- /media/cdnon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/cdnon.png -------------------------------------------------------------------------------- /media/client_config.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/client_config.png -------------------------------------------------------------------------------- /media/direct_gfw.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/direct_gfw.png -------------------------------------------------------------------------------- /media/error403Google.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/error403Google.png -------------------------------------------------------------------------------- /media/grpc_config_format.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/grpc_config_format.jpg -------------------------------------------------------------------------------- /media/new_screen_old.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/new_screen_old.png -------------------------------------------------------------------------------- /media/reality.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/reality.png -------------------------------------------------------------------------------- /media/sub2sing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/sub2sing.png -------------------------------------------------------------------------------- /media/trojan_grpc_admin.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/trojan_grpc_admin.png -------------------------------------------------------------------------------- /media/vlessandws.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/vlessandws.png -------------------------------------------------------------------------------- /media/warp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/warp.png -------------------------------------------------------------------------------- /media/xui-warp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mozaroc/x-ui-pro/ddc469514243470a865773ce4a78d295f071e9f0/media/xui-warp.png -------------------------------------------------------------------------------- /randomfakehtml.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ### https://github.com/GFW4Fun 3 | Green="\033[32m" 4 | Red="\033[31m" 5 | Yellow="\033[33m" 6 | Blue="\033[36m" 7 | Font="\033[0m" 8 | OK="${Green}[OK]${Font}" 9 | ERROR="${Red}[ERROR]${Font}" 10 | function msg_inf() { echo -e "${Blue} $1 ${Font}"; } 11 | function msg_ok() { echo -e "${OK} ${Blue} $1 ${Font}"; } 12 | function msg_err() { echo -e "${ERROR} ${Yellow} $1 ${Font}"; } 13 | ################################### 14 | apt install unzip -y 15 | cd $HOME 16 | if [[ -d "randomfakehtml-master" ]]; then 17 | cd randomfakehtml-master 18 | else 19 | wget https://github.com/GFW4Fun/randomfakehtml/archive/refs/heads/master.zip 20 | unzip master.zip && rm master.zip 21 | cd randomfakehtml-master 22 | rm -rf assets 23 | rm ".gitattributes" "README.md" "_config.yml" 24 | fi 25 | ################################### 26 | #RandomHTML=$(for i in *; do echo "$i"; done | shuf -n1 2>&1) 27 | RandomHTML=$(a=(*); echo ${a[$((RANDOM % ${#a[@]}))]} 2>&1) 28 | msg_inf "Random template name: ${RandomHTML}" 29 | ################################# 30 | if [[ -d "${RandomHTML}" && -d "/var/www/html/" ]]; then 31 | rm -rf /var/www/html/* 32 | cp -a ${RandomHTML}/. "/var/www/html/" 33 | msg_ok "Template extracted successfully!" 34 | else 35 | msg_err "Extraction error!" 36 | fi 37 | ################################# 38 | -------------------------------------------------------------------------------- /sub-3x-ui-classical.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 3x-ui sub page 7 | 8 | 117 | 171 | 172 | 173 | 174 |

1. Скачать приложение

175 |

- sing-box -

176 | 178 | 180 |

181 |

- xray -

182 | 184 | 186 |

187 |

- Windows -

188 | 190 | 193 |

194 |

- Linux -

195 | 197 | 199 |

200 |

2. Подключиться к серверу

201 |

Для Android, iOS и Windows

202 |

203 |

204 |

205 | 206 | 207 | 208 | 209 |

Выберите шаблон sing-box:

210 |
222 |
223 |
224 |
225 | 226 | 227 |
228 |

229 |
230 | 231 | 232 | -------------------------------------------------------------------------------- /sub-3x-ui.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 3x-ui sub page 8 | 9 | 10 | 11 | 12 | 13 | 132 | 292 | 293 | 294 | 295 | 296 | 297 | 298 | 299 | 300 | 301 | 302 | 303 | 304 | 305 | 306 | 307 | 308 | 309 | 310 | 311 | 312 | 313 | 314 | 315 | 316 | 317 | 318 | 319 | 320 | 321 | 322 | 323 | 324 | 325 | 326 | 327 | 328 | 329 | 330 | 331 | 332 | 333 | 334 | 335 | 336 | 337 | 338 | 339 | 340 | 341 | 342 | 343 | 344 | 345 | 346 | 347 | 348 | 349 | 350 | 351 | 352 | 353 | 354 | 355 | 356 | 357 | 358 | 359 | 360 | 361 | 362 | 363 | 364 | 365 | 366 | 367 | 368 |
369 | 370 | 371 |
372 | 378 |
379 | 380 | 381 | 394 | 395 | 396 |
397 | Logo 398 | 434 |
435 | 436 | 437 |
438 | 439 |
440 | 441 | 444 |
445 |
446 | 447 | 448 | 515 | 516 | 517 | 518 | 519 | 520 |
521 |
522 |
523 |

524 | 530 |

531 |
532 |
533 |
534 |

535 |
536 | 537 | 552 |
553 |
554 | 555 | 561 |
562 |
563 |
564 |
565 |
566 |
567 |

568 | 574 |

575 |
576 |
577 |

iOS 15+

578 |

1.

579 |

580 | 581 | 582 | 583 |

2.

584 |

585 | 586 |
587 |
588 |
589 |
590 |
591 |

592 | 598 |

599 |
600 |
601 |

1.

602 |

603 | 604 | 605 | 606 |

2.

607 |

608 | 609 |
610 |
611 |
612 |
613 |
614 |

615 | 621 |

622 |
623 |
624 |

1.

625 |

626 | 627 | 628 | 629 |

2.

630 |

631 | 632 |
633 |
634 |
635 |
636 |
637 |

638 | 644 |

645 |
646 |
647 |

1.

648 |

649 | 650 | 651 | 652 |

2.

653 |

654 | 655 |
656 |
657 |
658 |
659 |
660 |
661 |
662 |
663 |

664 | 670 |

671 |
672 |
673 |
674 |
675 |
676 |

677 | 683 |

684 |
685 |
686 |

iOS 15+

687 |

1.

688 |

689 | 690 | 691 | 692 |

2.

693 |

694 | 695 | 696 | 697 |

3.

698 |

699 |

700 |

701 |
702 |
703 |
704 |
705 |
706 |

707 | 711 |

712 |
713 |

714 |
715 |
716 |

717 | 723 |

724 |
725 |
726 |

iOS 14+

727 |

1.

728 |

729 | 730 | 731 | 732 |

2.

733 |

734 | 735 | 736 | 737 |
738 |
739 |
740 |
741 |
742 |

743 | 749 |

750 |
751 |
752 |

iOS 15+

753 |

1.

754 |

755 | 756 | 757 | 758 |

2.

759 |

760 | 761 | 762 | 763 |

3.

764 |

765 |

766 | 767 | 768 |
769 |

770 |

771 | 772 | 773 | 774 |
775 |
776 |
777 |
778 |
779 |
780 |
781 |
782 |
783 |
784 |
785 |

786 | 792 |

793 |
794 |
795 |
796 |
797 |
798 |

799 | 805 |

806 |
807 |
808 |

1.

809 |

810 | 811 | 812 | 813 |

2.

814 |

815 | 816 | 817 | 818 |

3.

819 |

820 |
821 |
822 |
823 |
824 |
825 |

826 | 830 |

831 |
832 |

833 |
834 |
835 |

836 | 842 |

843 |
844 |
845 |

1.

846 |

847 | 848 | 849 | 850 |

2.

851 |

852 | 853 | 854 | 855 |

3.

856 |

857 |
858 |
859 | 860 |
861 |
862 | 863 |
864 |
865 |
866 |
867 |
868 |
869 |
870 |

871 | 877 |

878 |
879 |
880 |

1.

881 |

882 | 883 | 884 | 885 |

2.

886 |

887 | 888 | 889 | 890 |

3.

891 |

892 |

893 |

894 |
895 |
896 |
897 |
898 |
899 |

900 | 906 |

907 |
908 |
909 |

1.

910 |

911 | 912 | 913 | 914 |

2.

915 |

916 | 917 | 918 | 919 |

3.

920 |

921 |

922 | 923 | 924 |
925 |

926 |

927 | 928 | 929 | 930 |
931 |
932 |
933 |
934 |
935 |
936 |
937 |
938 |
939 |
940 |
941 |

942 | 948 |

949 |
950 |
951 |
952 |
953 |

954 | 960 |

961 |
962 |
963 |

1.

964 |

965 | 966 | 967 | 968 |

2.

969 |

970 |

3. Invisible Man XRay.exe

971 |

972 |

4.

973 |

974 | 975 | 976 | 977 |

978 |

979 |

5.

980 |

981 |

6.

982 |

983 |
984 |

985 |

986 |
987 |
988 |
989 |
990 |
991 |
992 |

993 | 997 |

998 |
999 |

1000 |
1001 |
1002 |

1003 | 1009 |

1010 |
1011 |
1012 |

1.

1013 |

1014 | 1015 | 1016 | 1017 |

2.

1018 |

1019 |

3. nekobox.exe

1020 |

1021 |

4.

1022 |

1023 | 1028 |

1029 |

5.

1030 |

1031 | 1032 | 1033 | 1034 |

1035 |

1036 |
1037 | 1038 |

{"rules": [{"outbound": "proxy","process_name":

1039 |

[ "Discord.exe", "Update.exe", "chrome.exe", "firefox.exe", "msedge.exe", "opera.exe", "browser.exe", "yandexbrowser.exe", "brave.exe", "vivaldi.exe", "librewolf.exe" ]

1040 |

}]}

1041 | 1042 |
1043 |

1044 |

1045 |

6.

1046 |

1047 |

1048 |

1049 |
1050 |

1051 |

1052 |
1053 |
1054 |
1055 |
1056 |
1057 |
1058 |

1059 | 1065 |

1066 |
1067 |
1068 |

1.

1069 |

1070 | 1071 | 1072 | 1073 |

2.

1074 |

1075 |

3. v2rayN.exe

1076 |

1077 |

4.

1078 |

1079 | 1084 |

1085 |

5.

1086 |

1087 |

6.

1088 |

1089 |

1090 |

1091 |

7.

1092 |

1093 |

1094 | 1095 | 1096 | 1097 |
1098 |

1099 |

1100 |
1101 |
1102 |
1103 |
1104 |
1105 |
1106 |
1107 |

1108 | 1114 |

1115 |
1116 |
1117 |

1.

1118 |

1119 | 1120 | 1121 | 1122 |

2.

1123 |

1124 | 1125 | 1126 | 1127 |

3.

1128 |

1129 |

1130 |

1131 |
1132 |

1133 |

1134 |
1135 |

4. VPN-mode:

1136 |

1137 |

1138 |
1139 |
1140 |
1141 |
1142 |
1143 |

1144 | 1150 |

1151 |
1152 |
1153 |

1.

1154 |

1155 | 1156 | 1157 | 1158 |

2. Clash Verge Rev

1159 |

1160 |

3.

1161 |

1162 | 1163 | 1164 | 1165 |

1166 |

1167 |

4.

1168 |

1169 |

1170 |
1171 |

1172 |

1173 |
1174 |
1175 |
1176 |
1177 |
1178 |
1179 |
1180 |
1181 |
1182 |
1183 |
1184 |

1185 | 1191 |

1192 |
1193 |
1194 |
1195 |
1196 |

1197 | 1203 |

1204 |
1205 |
1206 |

1.

1207 |

1208 | 1209 | 1210 | 1211 |

2. Clash Verge Rev

1212 |

3.

1213 |

1214 | 1215 | 1216 | 1217 |

1218 |

1219 |
1220 |
1221 |
1222 |
1223 |

1224 | 1228 |

1229 |
1230 |

1231 | 1232 | 1233 | 1234 |

1235 | 1240 |
1241 |
1242 |
1243 |
1244 |
1245 |
1246 | 1247 | 1248 |
1249 |

1250 | 1254 |

1255 | 1287 |
1288 | 1289 | 1290 |
1291 | 1292 | 1293 |
1294 |
1295 |

1296 |

1297 |
1298 | 1299 | 1300 |
1301 | 1302 | 1303 | 1304 | 1305 | 1310 | 2110 | 2112 | -------------------------------------------------------------------------------- /x-ui-pro.sh: -------------------------------------------------------------------------------- 1 | 2 | #!/bin/bash 3 | #################### x-ui-pro v2.4.3 @ github.com/GFW4Fun ############################################## 4 | [[ $EUID -ne 0 ]] && echo "not root!" && sudo su - 5 | ##############################INFO###################################################################### 6 | msg_ok() { echo -e "\e[1;42m $1 \e[0m";} 7 | msg_err() { echo -e "\e[1;41m $1 \e[0m";} 8 | msg_inf() { echo -e "\e[1;34m$1\e[0m";} 9 | echo;msg_inf ' ___ _ _ _ ' ; 10 | msg_inf ' \/ __ | | | __ |_) |_) / \ ' ; 11 | msg_inf ' /\ |_| _|_ | | \ \_/ ' ; echo 12 | ##################################Variables############################################################# 13 | XUIDB="/etc/x-ui/x-ui.db";domain="";UNINSTALL="x";INSTALL="n";PNLNUM=1;CFALLOW="n";CLASH=0;CUSTOMWEBSUB=0 14 | Pak=$(type apt &>/dev/null && echo "apt" || echo "yum") 15 | systemctl stop x-ui 16 | rm -rf /etc/systemd/system/x-ui.service 17 | rm -rf /usr/local/x-ui 18 | rm -rf /etc/x-ui 19 | rm -rf /etc/nginx/sites-enabled/* 20 | rm -rf /etc/nginx/sites-available/* 21 | rm -rf /etc/nginx/stream-enabled/* 22 | 23 | 24 | ##################################generate ports and paths############################################################# 25 | get_port() { 26 | echo $(( ((RANDOM<<15)|RANDOM) % 49152 + 10000 )) 27 | } 28 | 29 | gen_random_string() { 30 | local length="$1" 31 | local random_string=$(LC_ALL=C tr -dc 'a-zA-Z0-9' /dev/null 37 | return $? 38 | } 39 | 40 | make_port() { 41 | while true; do 42 | PORT=$(get_port) 43 | if ! check_free $PORT; then 44 | echo $PORT 45 | break 46 | fi 47 | done 48 | } 49 | sub_port=$(make_port) 50 | panel_port=$(make_port) 51 | web_path=$(tr -dc A-Za-z0-9 &1 | tr -d '[:space:]' ) 111 | SubDomain=$(echo "$domain" 2>&1 | sed 's/^[^ ]* \|\..*//g') 112 | MainDomain=$(echo "$domain" 2>&1 | sed 's/.*\.\([^.]*\..*\)$/\1/') 113 | 114 | if [[ "${SubDomain}.${MainDomain}" != "${domain}" ]] ; then 115 | MainDomain=${domain} 116 | fi 117 | 118 | while true; do 119 | if [[ -n "$reality_domain" ]]; then 120 | break 121 | fi 122 | echo -en "Enter available subdomain for REALITY (sub.domain.tld): " && read reality_domain 123 | done 124 | 125 | reality_domain=$(echo "$reality_domain" 2>&1 | tr -d '[:space:]' ) 126 | RealitySubDomain=$(echo "$reality_domain" 2>&1 | sed 's/^[^ ]* \|\..*//g') 127 | RealityMainDomain=$(echo "$reality_domain" 2>&1 | sed 's/.*\.\([^.]*\..*\)$/\1/') 128 | 129 | if [[ "${RealitySubDomain}.${RealityMainDomain}" != "${reality_domain}" ]] ; then 130 | RealityMainDomain=${reality_domain} 131 | fi 132 | 133 | ###############################Install Packages######################################################### 134 | ufw disable 135 | if [[ ${INSTALL} == *"y"* ]]; then 136 | 137 | version=$(grep -oP '(?<=VERSION_ID=")[0-9]+' /etc/os-release) 138 | 139 | # Проверяем, является ли версия 20 или 22 140 | if [[ "$version" == "20" || "$version" == "22" ]]; then 141 | echo "Версия системы: Ubuntu $version" 142 | fi 143 | 144 | $Pak -y update 145 | 146 | $Pak -y install curl wget jq bash sudo nginx-full certbot python3-certbot-nginx sqlite3 ufw 147 | 148 | systemctl daemon-reload && systemctl enable --now nginx 149 | fi 150 | systemctl stop nginx 151 | fuser -k 80/tcp 80/udp 443/tcp 443/udp 2>/dev/null 152 | ##################################GET SERVER IPv4-6##################################################### 153 | IP4_REGEX="^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" 154 | IP6_REGEX="([a-f0-9:]+:+)+[a-f0-9]+" 155 | IP4=$(ip route get 8.8.8.8 2>&1 | grep -Po -- 'src \K\S*') 156 | IP6=$(ip route get 2620:fe::fe 2>&1 | grep -Po -- 'src \K\S*') 157 | [[ $IP4 =~ $IP4_REGEX ]] || IP4=$(curl -s ipv4.icanhazip.com); 158 | [[ $IP6 =~ $IP6_REGEX ]] || IP6=$(curl -s ipv6.icanhazip.com); 159 | ##############################Install SSL############################################################### 160 | certbot certonly --standalone --non-interactive --agree-tos --register-unsafely-without-email -d "$domain" 161 | if [[ ! -d "/etc/letsencrypt/live/${domain}/" ]]; then 162 | systemctl start nginx >/dev/null 2>&1 163 | msg_err "$domain SSL could not be generated! Check Domain/IP Or Enter new domain!" && exit 1 164 | fi 165 | 166 | certbot certonly --standalone --non-interactive --agree-tos --register-unsafely-without-email -d "$reality_domain" 167 | if [[ ! -d "/etc/letsencrypt/live/${reality_domain}/" ]]; then 168 | systemctl start nginx >/dev/null 2>&1 169 | msg_err "$reality_domain SSL could not be generated! Check Domain/IP Or Enter new domain!" && exit 1 170 | fi 171 | ################################# Access to configs only with cloudflare################################# 172 | rm -f "/etc/nginx/cloudflareips.sh" 173 | cat << 'EOF' >> /etc/nginx/cloudflareips.sh 174 | #!/bin/bash 175 | rm -f "/etc/nginx/conf.d/cloudflare_real_ips.conf" "/etc/nginx/conf.d/cloudflare_whitelist.conf" 176 | CLOUDFLARE_REAL_IPS_PATH=/etc/nginx/conf.d/cloudflare_real_ips.conf 177 | CLOUDFLARE_WHITELIST_PATH=/etc/nginx/conf.d/cloudflare_whitelist.conf 178 | echo "geo \$realip_remote_addr \$cloudflare_ip { 179 | default 0;" >> $CLOUDFLARE_WHITELIST_PATH 180 | for type in v4 v6; do 181 | echo "# IP$type" 182 | for ip in `curl https://www.cloudflare.com/ips-$type`; do 183 | echo "set_real_ip_from $ip;" >> $CLOUDFLARE_REAL_IPS_PATH; 184 | echo " $ip 1;" >> $CLOUDFLARE_WHITELIST_PATH; 185 | done 186 | done 187 | echo "real_ip_header X-Forwarded-For;" >> $CLOUDFLARE_REAL_IPS_PATH 188 | echo "}" >> $CLOUDFLARE_WHITELIST_PATH 189 | EOF 190 | sudo bash "/etc/nginx/cloudflareips.sh" > /dev/null 2>&1; 191 | if [[ ${CFALLOW} == *"y"* ]]; then 192 | CF_IP=""; 193 | else 194 | CF_IP="#"; 195 | fi 196 | ###################################Get Installed XUI Port/Path########################################## 197 | if [[ -f $XUIDB ]]; then 198 | XUIPORT=$(sqlite3 -list $XUIDB 'SELECT "value" FROM settings WHERE "key"="webPort" LIMIT 1;' 2>&1) 199 | XUIPATH=$(sqlite3 -list $XUIDB 'SELECT "value" FROM settings WHERE "key"="webBasePath" LIMIT 1;' 2>&1) 200 | if [[ $XUIPORT -gt 0 && $XUIPORT != "54321" && $XUIPORT != "2053" ]] && [[ ${#XUIPORT} -gt 4 ]]; then 201 | RNDSTR=$(echo "$XUIPATH" 2>&1 | tr -d '/') 202 | PORT=$XUIPORT 203 | sqlite3 $XUIDB < "/etc/nginx/stream-enabled/stream.conf" << EOF 213 | map \$ssl_preread_server_name \$sni_name { 214 | hostnames; 215 | ${reality_domain} xray; 216 | ${domain} www; 217 | default xray; 218 | } 219 | 220 | upstream xray { 221 | server 127.0.0.1:8443; 222 | } 223 | 224 | upstream www { 225 | server 127.0.0.1:7443; 226 | } 227 | 228 | server { 229 | proxy_protocol on; 230 | set_real_ip_from unix:; 231 | listen 443; 232 | proxy_pass \$sni_name; 233 | ssl_preread on; 234 | } 235 | 236 | EOF 237 | 238 | grep -xqFR "stream { include /etc/nginx/stream-enabled/*.conf; }" /etc/nginx/* ||echo "stream { include /etc/nginx/stream-enabled/*.conf; }" >> /etc/nginx/nginx.conf 239 | grep -xqFR "load_module modules/ngx_stream_module.so;" /etc/nginx/* || sed -i '1s/^/load_module \/usr\/lib\/nginx\/modules\/ngx_stream_module.so; /' /etc/nginx/nginx.conf 240 | grep -xqFR "load_module modules/ngx_stream_geoip2_module.so;" /etc/nginx* || sed -i '2s/^/load_module \/usr\/lib\/nginx\/modules\/ngx_stream_geoip2_module.so; /' /etc/nginx/nginx.conf 241 | grep -xqFR "worker_rlimit_nofile 16384;" /etc/nginx/* ||echo "worker_rlimit_nofile 16384;" >> /etc/nginx/nginx.conf 242 | sed -i "/worker_connections/c\worker_connections 4096;" /etc/nginx/nginx.conf 243 | cat > "/etc/nginx/sites-available/80.conf" << EOF 244 | server { 245 | listen 80; 246 | server_name ${domain} ${reality_domain}; 247 | return 301 https://\$host\$request_uri; 248 | } 249 | EOF 250 | 251 | 252 | cat > "/etc/nginx/sites-available/${domain}" << EOF 253 | server { 254 | server_tokens off; 255 | server_name ${domain}; 256 | listen 7443 ssl http2 proxy_protocol; 257 | listen [::]:7443 ssl http2 proxy_protocol; 258 | index index.html index.htm index.php index.nginx-debian.html; 259 | root /var/www/html/; 260 | ssl_protocols TLSv1.2 TLSv1.3; 261 | ssl_ciphers HIGH:!aNULL:!eNULL:!MD5:!DES:!RC4:!ADH:!SSLv3:!EXP:!PSK:!DSS; 262 | ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem; 263 | ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem; 264 | if (\$host !~* ^(.+\.)?$domain\$ ){return 444;} 265 | if (\$scheme ~* https) {set \$safe 1;} 266 | if (\$ssl_server_name !~* ^(.+\.)?$domain\$ ) {set \$safe "\${safe}0"; } 267 | if (\$safe = 10){return 444;} 268 | if (\$request_uri ~ "(\"|'|\`|~|,|:|--|;|%|\\$|&&|\?\?|0x00|0X00|\||\\|\{|\}|\[|\]|<|>|\.\.\.|\.\.\/|\/\/\/)"){set \$hack 1;} 269 | error_page 400 401 402 403 500 501 502 503 504 =404 /404; 270 | proxy_intercept_errors on; 271 | #X-UI Admin Panel 272 | location /${panel_path}/ { 273 | proxy_redirect off; 274 | proxy_set_header Host \$host; 275 | proxy_set_header X-Real-IP \$remote_addr; 276 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 277 | proxy_pass http://127.0.0.1:${panel_port}; 278 | break; 279 | } 280 | location /${panel_path} { 281 | proxy_redirect off; 282 | proxy_set_header Host \$host; 283 | proxy_set_header X-Real-IP \$remote_addr; 284 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 285 | proxy_pass http://127.0.0.1:${panel_port}; 286 | break; 287 | } 288 | #sub2sing-box 289 | location /${sub2singbox_path}/ { 290 | proxy_redirect off; 291 | proxy_set_header Host \$host; 292 | proxy_set_header X-Real-IP \$remote_addr; 293 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 294 | proxy_pass http://127.0.0.1:8080/; 295 | } 296 | # Path to open clash.yaml and generate YAML 297 | location ~ ^/${web_path}/clashmeta/(.+)$ { 298 | default_type text/plain; 299 | ssi on; 300 | ssi_types text/plain; 301 | set \$subid \$1; 302 | root /var/www/subpage; 303 | try_files /clash.yaml =404; 304 | } 305 | # web 306 | location ~ ^/${web_path} { 307 | root /var/www/subpage; 308 | index index.html; 309 | try_files \$uri \$uri/ /index.html =404; 310 | } 311 | #Subscription Path (simple/encode) 312 | location /${sub_path} { 313 | if (\$hack = 1) {return 404;} 314 | proxy_redirect off; 315 | proxy_set_header Host \$host; 316 | proxy_set_header X-Real-IP \$remote_addr; 317 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 318 | proxy_pass http://127.0.0.1:${sub_port}; 319 | break; 320 | } 321 | location /${sub_path}/ { 322 | if (\$hack = 1) {return 404;} 323 | proxy_redirect off; 324 | proxy_set_header Host \$host; 325 | proxy_set_header X-Real-IP \$remote_addr; 326 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 327 | proxy_pass http://127.0.0.1:${sub_port}; 328 | break; 329 | } 330 | #Subscription Path (json/fragment) 331 | location /${json_path} { 332 | if (\$hack = 1) {return 404;} 333 | proxy_redirect off; 334 | proxy_set_header Host \$host; 335 | proxy_set_header X-Real-IP \$remote_addr; 336 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 337 | proxy_pass http://127.0.0.1:${sub_port}; 338 | break; 339 | } 340 | location /${json_path}/ { 341 | if (\$hack = 1) {return 404;} 342 | proxy_redirect off; 343 | proxy_set_header Host \$host; 344 | proxy_set_header X-Real-IP \$remote_addr; 345 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 346 | proxy_pass http://127.0.0.1:${sub_port}; 347 | break; 348 | } 349 | #XHTTP 350 | location /${xhttp_path} { 351 | grpc_pass grpc://unix:/dev/shm/uds2023.sock; 352 | grpc_buffer_size 16k; 353 | grpc_socket_keepalive on; 354 | grpc_read_timeout 1h; 355 | grpc_send_timeout 1h; 356 | grpc_set_header Connection ""; 357 | grpc_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 358 | grpc_set_header X-Forwarded-Proto \$scheme; 359 | grpc_set_header X-Forwarded-Port \$server_port; 360 | grpc_set_header Host \$host; 361 | grpc_set_header X-Forwarded-Host \$host; 362 | } 363 | #Xray Config Path 364 | location ~ ^/(?\d+)/(?.*)\$ { 365 | $CF_IP if (\$cloudflare_ip != 1) {return 404;} 366 | if (\$hack = 1) {return 404;} 367 | client_max_body_size 0; 368 | client_body_timeout 1d; 369 | grpc_read_timeout 1d; 370 | grpc_socket_keepalive on; 371 | proxy_read_timeout 1d; 372 | proxy_http_version 1.1; 373 | proxy_buffering off; 374 | proxy_request_buffering off; 375 | proxy_socket_keepalive on; 376 | proxy_set_header Upgrade \$http_upgrade; 377 | proxy_set_header Connection "upgrade"; 378 | proxy_set_header Host \$host; 379 | proxy_set_header X-Real-IP \$remote_addr; 380 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 381 | #proxy_set_header CF-IPCountry \$http_cf_ipcountry; 382 | #proxy_set_header CF-IP \$realip_remote_addr; 383 | if (\$content_type ~* "GRPC") { 384 | grpc_pass grpc://127.0.0.1:\$fwdport\$is_args\$args; 385 | break; 386 | } 387 | if (\$http_upgrade ~* "(WEBSOCKET|WS)") { 388 | proxy_pass http://127.0.0.1:\$fwdport\$is_args\$args; 389 | break; 390 | } 391 | if (\$request_method ~* ^(PUT|POST|GET)\$) { 392 | proxy_pass http://127.0.0.1:\$fwdport\$is_args\$args; 393 | break; 394 | } 395 | } 396 | location / { try_files \$uri \$uri/ =404; } 397 | } 398 | EOF 399 | 400 | cat > "/etc/nginx/sites-available/${reality_domain}" << EOF 401 | server { 402 | server_tokens off; 403 | server_name ${reality_domain}; 404 | listen 9443 ssl http2; 405 | listen [::]:9443 ssl http2; 406 | index index.html index.htm index.php index.nginx-debian.html; 407 | root /var/www/html/; 408 | ssl_protocols TLSv1.2 TLSv1.3; 409 | ssl_ciphers HIGH:!aNULL:!eNULL:!MD5:!DES:!RC4:!ADH:!SSLv3:!EXP:!PSK:!DSS; 410 | ssl_certificate /etc/letsencrypt/live/$reality_domain/fullchain.pem; 411 | ssl_certificate_key /etc/letsencrypt/live/$reality_domain/privkey.pem; 412 | if (\$host !~* ^(.+\.)?${reality_domain}\$ ){return 444;} 413 | if (\$scheme ~* https) {set \$safe 1;} 414 | if (\$ssl_server_name !~* ^(.+\.)?${reality_domain}\$ ) {set \$safe "\${safe}0"; } 415 | if (\$safe = 10){return 444;} 416 | if (\$request_uri ~ "(\"|'|\`|~|,|:|--|;|%|\\$|&&|\?\?|0x00|0X00|\||\\|\{|\}|\[|\]|<|>|\.\.\.|\.\.\/|\/\/\/)"){set \$hack 1;} 417 | error_page 400 401 402 403 500 501 502 503 504 =404 /404; 418 | proxy_intercept_errors on; 419 | #X-UI Admin Panel 420 | location /${panel_path}/ { 421 | proxy_redirect off; 422 | proxy_set_header Host \$host; 423 | proxy_set_header X-Real-IP \$remote_addr; 424 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 425 | proxy_pass http://127.0.0.1:${panel_port}; 426 | break; 427 | } 428 | location /$panel_path { 429 | proxy_redirect off; 430 | proxy_set_header Host \$host; 431 | proxy_set_header X-Real-IP \$remote_addr; 432 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 433 | proxy_pass http://127.0.0.1:${panel_port}; 434 | break; 435 | } 436 | #sub2sing-box 437 | location /${sub2singbox_path}/ { 438 | proxy_redirect off; 439 | proxy_set_header Host \$host; 440 | proxy_set_header X-Real-IP \$remote_addr; 441 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 442 | proxy_pass http://127.0.0.1:8080/; 443 | } 444 | # Path to open clash.yaml and generate YAML 445 | location ~ ^/${web_path}/clashmeta/(.+)$ { 446 | default_type text/plain; 447 | ssi on; 448 | ssi_types text/plain; 449 | set \$subid \$1; 450 | root /var/www/subpage; 451 | try_files /clash.yaml =404; 452 | } 453 | # web 454 | location ~ ^/${web_path} { 455 | root /var/www/subpage; 456 | index index.html; 457 | try_files \$uri \$uri/ /index.html =404; 458 | } 459 | #Subscription Path (simple/encode) 460 | location /${sub_path} { 461 | if (\$hack = 1) {return 404;} 462 | proxy_redirect off; 463 | proxy_set_header Host \$host; 464 | proxy_set_header X-Real-IP \$remote_addr; 465 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 466 | proxy_pass http://127.0.0.1:${sub_port}; 467 | break; 468 | } 469 | location /${sub_path}/ { 470 | if (\$hack = 1) {return 404;} 471 | proxy_redirect off; 472 | proxy_set_header Host \$host; 473 | proxy_set_header X-Real-IP \$remote_addr; 474 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 475 | proxy_pass http://127.0.0.1:${sub_port}; 476 | break; 477 | } 478 | #Subscription Path (json/fragment) 479 | location /${json_path} { 480 | if (\$hack = 1) {return 404;} 481 | proxy_redirect off; 482 | proxy_set_header Host \$host; 483 | proxy_set_header X-Real-IP \$remote_addr; 484 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 485 | proxy_pass http://127.0.0.1:${sub_port}; 486 | break; 487 | } 488 | location /${json_path}/ { 489 | if (\$hack = 1) {return 404;} 490 | proxy_redirect off; 491 | proxy_set_header Host \$host; 492 | proxy_set_header X-Real-IP \$remote_addr; 493 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 494 | proxy_pass http://127.0.0.1:${sub_port}; 495 | break; 496 | } 497 | #XHTTP 498 | location /${xhttp_path} { 499 | grpc_pass grpc://unix:/dev/shm/uds2023.sock; 500 | grpc_buffer_size 16k; 501 | grpc_socket_keepalive on; 502 | grpc_read_timeout 1h; 503 | grpc_send_timeout 1h; 504 | grpc_set_header Connection ""; 505 | grpc_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 506 | grpc_set_header X-Forwarded-Proto \$scheme; 507 | grpc_set_header X-Forwarded-Port \$server_port; 508 | grpc_set_header Host \$host; 509 | grpc_set_header X-Forwarded-Host \$host; 510 | } 511 | #Xray Config Path 512 | location ~ ^/(?\d+)/(?.*)\$ { 513 | $CF_IP if (\$cloudflare_ip != 1) {return 404;} 514 | if (\$hack = 1) {return 404;} 515 | client_max_body_size 0; 516 | client_body_timeout 1d; 517 | grpc_read_timeout 1d; 518 | grpc_socket_keepalive on; 519 | proxy_read_timeout 1d; 520 | proxy_http_version 1.1; 521 | proxy_buffering off; 522 | proxy_request_buffering off; 523 | proxy_socket_keepalive on; 524 | proxy_set_header Upgrade \$http_upgrade; 525 | proxy_set_header Connection "upgrade"; 526 | proxy_set_header Host \$host; 527 | proxy_set_header X-Real-IP \$remote_addr; 528 | proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; 529 | #proxy_set_header CF-IPCountry \$http_cf_ipcountry; 530 | #proxy_set_header CF-IP \$realip_remote_addr; 531 | if (\$content_type ~* "GRPC") { 532 | grpc_pass grpc://127.0.0.1:\$fwdport\$is_args\$args; 533 | break; 534 | } 535 | if (\$http_upgrade ~* "(WEBSOCKET|WS)") { 536 | proxy_pass http://127.0.0.1:\$fwdport\$is_args\$args; 537 | break; 538 | } 539 | if (\$request_method ~* ^(PUT|POST|GET)\$) { 540 | proxy_pass http://127.0.0.1:\$fwdport\$is_args\$args; 541 | break; 542 | } 543 | } 544 | location / { try_files \$uri \$uri/ =404; } 545 | } 546 | EOF 547 | ##################################Check Nginx status#################################################### 548 | if [[ -f "/etc/nginx/sites-available/${domain}" ]]; then 549 | unlink "/etc/nginx/sites-enabled/default" >/dev/null 2>&1 550 | rm -f "/etc/nginx/sites-enabled/default" "/etc/nginx/sites-available/default" 551 | ln -s "/etc/nginx/sites-available/${domain}" "/etc/nginx/sites-enabled/" 2>/dev/null 552 | ln -s "/etc/nginx/sites-available/${reality_domain}" "/etc/nginx/sites-enabled/" 2>/dev/null 553 | ln -s "/etc/nginx/sites-available/80.conf" "/etc/nginx/sites-enabled/" 2>/dev/null 554 | else 555 | msg_err "${domain} nginx config not exist!" && exit 1 556 | fi 557 | 558 | if [[ $(nginx -t 2>&1 | grep -o 'successful') != "successful" ]]; then 559 | msg_err "nginx config is not ok!" && exit 1 560 | else 561 | systemctl start nginx 562 | fi 563 | 564 | 565 | ##############################generate uri's########################################################### 566 | sub_uri=https://${domain}/${sub_path}/ 567 | json_uri=https://${domain}/${web_path}?name= 568 | ##############################generate keys########################################################### 569 | shor=($(openssl rand -hex 8) $(openssl rand -hex 8) $(openssl rand -hex 8) $(openssl rand -hex 8) $(openssl rand -hex 8) $(openssl rand -hex 8) $(openssl rand -hex 8) $(openssl rand -hex 8)) 570 | 571 | ########################################Update X-UI Port/Path for first INSTALL######################### 572 | UPDATE_XUIDB(){ 573 | if [[ -f $XUIDB ]]; then 574 | x-ui stop 575 | var1=$(/usr/local/x-ui/bin/xray-linux-amd64 x25519) 576 | var2=($var1) 577 | private_key=${var2[2]} 578 | public_key=${var2[5]} 579 | client_id=$(/usr/local/x-ui/bin/xray-linux-amd64 uuid) 580 | client_id2=$(/usr/local/x-ui/bin/xray-linux-amd64 uuid) 581 | client_id3=$(/usr/local/x-ui/bin/xray-linux-amd64 uuid) 582 | emoji_flag=$(LC_ALL=en_US.UTF-8 curl -s https://ipwho.is/ | jq -r '.flag.emoji') 583 | sqlite3 $XUIDB < /dev/null; then 911 | echo "kill sub2sing-box..." 912 | pkill -x "sub2sing-box" 913 | fi 914 | if [ -f "/usr/bin/sub2sing-box" ]; then 915 | echo "delete sub2sing-box..." 916 | rm -f /usr/bin/sub2sing-box 917 | fi 918 | wget -P /root/ https://github.com/legiz-ru/sub2sing-box/releases/download/v0.0.9/sub2sing-box_0.0.9_linux_amd64.tar.gz 919 | tar -xvzf /root/sub2sing-box_0.0.9_linux_amd64.tar.gz -C /root/ --strip-components=1 sub2sing-box_0.0.9_linux_amd64/sub2sing-box 920 | mv /root/sub2sing-box /usr/bin/ 921 | chmod +x /usr/bin/sub2sing-box 922 | rm /root/sub2sing-box_0.0.9_linux_amd64.tar.gz 923 | su -c "/usr/bin/sub2sing-box server --bind 127.0.0.1 --port 8080 & disown" root 924 | 925 | ######################install_fake_site################################################################# 926 | 927 | sudo su -c "bash <(wget -qO- https://raw.githubusercontent.com/mozaroc/x-ui-pro/refs/heads/master/randomfakehtml.sh)" 928 | 929 | ######################install_web_sub_page############################################################## 930 | 931 | URL_SUB_PAGE=( "https://github.com/legiz-ru/x-ui-pro/raw/master/sub-3x-ui.html" 932 | "https://github.com/legiz-ru/x-ui-pro/raw/master/sub-3x-ui-classical.html" 933 | ) 934 | URL_CLASH_SUB=( "https://github.com/legiz-ru/x-ui-pro/raw/master/clash/clash.yaml" 935 | "https://github.com/legiz-ru/x-ui-pro/raw/master/clash/clash_skrepysh.yaml" 936 | "https://github.com/legiz-ru/x-ui-pro/raw/master/clash/clash_fullproxy_without_ru.yaml" 937 | "https://github.com/legiz-ru/x-ui-pro/raw/master/clash/clash_refilter_ech.yaml" 938 | ) 939 | DEST_DIR_SUB_PAGE="/var/www/subpage" 940 | DEST_FILE_SUB_PAGE="$DEST_DIR_SUB_PAGE/index.html" 941 | DEST_FILE_CLASH_SUB="$DEST_DIR_SUB_PAGE/clash.yaml" 942 | 943 | sudo mkdir -p "$DEST_DIR_SUB_PAGE" 944 | 945 | sudo curl -L "${URL_CLASH_SUB[$CLASH]}" -o "$DEST_FILE_CLASH_SUB" 946 | sudo curl -L "${URL_SUB_PAGE[$CUSTOMWEBSUB]}" -o "$DEST_FILE_SUB_PAGE" 947 | 948 | sed -i "s/\${DOMAIN}/$domain/g" "$DEST_FILE_SUB_PAGE" 949 | sed -i "s/\${DOMAIN}/$domain/g" "$DEST_FILE_CLASH_SUB" 950 | sed -i "s#\${SUB_JSON_PATH}#$json_path#g" "$DEST_FILE_SUB_PAGE" 951 | sed -i "s#\${SUB_PATH}#$sub_path#g" "$DEST_FILE_SUB_PAGE" 952 | sed -i "s#\${SUB_PATH}#$sub_path#g" "$DEST_FILE_CLASH_SUB" 953 | sed -i "s|sub.legiz.ru|$domain/$sub2singbox_path|g" "$DEST_FILE_SUB_PAGE" 954 | 955 | #while true; do 956 | # if [[ -n "$tg_escaped_link" ]]; then 957 | # break 958 | # fi 959 | # echo -en "Enter your support link for web sub page (example https://t.me/durov/ ): " && read tg_escaped_link 960 | #done 961 | 962 | #sed -i -e "s|https://t.me/gozargah_marzban|$tg_escaped_link|g" -e "s|https://github.com/Gozargah/Marzban#donation|$tg_escaped_link|g" "$DEST_FILE_SUB_PAGE" 963 | 964 | ######################cronjob for ssl/reload service/cloudflareips###################################### 965 | crontab -l | grep -v "certbot\|x-ui\|cloudflareips" | crontab - 966 | (crontab -l 2>/dev/null; echo '@reboot /usr/bin/sub2sing-box server --bind 127.0.0.1 --port 8080 > /dev/null 2>&1') | crontab - 967 | (crontab -l 2>/dev/null; echo '@daily x-ui restart > /dev/null 2>&1 && nginx -s reload;') | crontab - 968 | (crontab -l 2>/dev/null; echo '@weekly bash /etc/nginx/cloudflareips.sh > /dev/null 2>&1;') | crontab - 969 | (crontab -l 2>/dev/null; echo '@monthly certbot renew --nginx --non-interactive --post-hook "nginx -s reload" > /dev/null 2>&1;') | crontab - 970 | ##################################ufw################################################################### 971 | ufw disable 972 | ufw allow 22/tcp 973 | ufw allow 80/tcp 974 | ufw allow 443/tcp 975 | ufw --force enable 976 | ##################################Show Details########################################################## 977 | 978 | if systemctl is-active --quiet x-ui; then clear 979 | printf '0\n' | x-ui | grep --color=never -i ':' 980 | msg_inf "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 981 | nginx -T | grep -i 'ssl_certificate\|ssl_certificate_key' 982 | msg_inf "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 983 | certbot certificates | grep -i 'Path:\|Domains:\|Expiry Date:' 984 | 985 | # msg_inf "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 986 | # if [[ -n $IP4 ]] && [[ "$IP4" =~ $IP4_REGEX ]]; then 987 | # msg_inf "IPv4: http://$IP4:$PORT/$RNDSTR/" 988 | # fi 989 | # if [[ -n $IP6 ]] && [[ "$IP6" =~ $IP6_REGEX ]]; then 990 | # msg_inf "IPv6: http://[$IP6]:$PORT/$RNDSTR/" 991 | # fi 992 | 993 | msg_inf "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 994 | msg_inf "X-UI Secure Panel: https://${domain}/${panel_path}/\n" 995 | echo -e "Username: ${config_username} \n" 996 | echo -e "Password: ${config_password} \n" 997 | msg_inf "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 998 | # msg_inf "Web Sub Page your first client: https://${domain}/${web_path}?name=first\n" 999 | # msg_inf "Your local sub2sing-box instance: https://${domain}/$sub2singbox_path/\n" 1000 | msg_inf "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 1001 | msg_inf "Please Save this Screen!!" 1002 | else 1003 | nginx -t && printf '0\n' | x-ui | grep --color=never -i ':' 1004 | msg_err "sqlite and x-ui to be checked, try on a new clean linux! " 1005 | fi 1006 | #################################################N-joy################################################## 1007 | --------------------------------------------------------------------------------