Install required Ubuntu packages
apt install -y chrony
timedatectl set-ntp true
systemctl enable chrony && systemctl restart chrony
timedatectl set-timezone Asia/Tehran
chronyc sourcestats -v
chronyc tracking -v
date
Install Certbot
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot certonly --standalone
result
# Certificate is saved at: /etc/letsencrypt/live/example.com/fullchain.pem
# Key is saved at: /etc/letsencrypt/live/example.com/privkey.pem
Xray
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install -u root
# xray remove
# bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ remove --purge
# /etc/systemd/system/xray.service
# /usr/local/bin/xray run -config /usr/local/etc/xray/config.json
nano /usr/local/etc/xray/config.json
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"port": 10002,
"listen": "127.0.0.1",
"protocol": "vless",
"settings": {
"clients": [
{
"id": "559f6df4-0a3c-4f5f-bb95-d17888b16361",
"level": 0,
"email": "[email protected]"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "ws",
"security": "none",
"wsSettings": {
"path": "/xray"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": { },
"tag": "direct"
},
{
"protocol": "blackhole",
"settings": { },
"tag": "blocked"
}
],
"dns": {
"servers": [
"https+local://1.1.1.1/dns-query",
"1.1.1.1",
"1.0.0.1",
"8.8.8.8",
"8.8.4.4",
"localhost"
]
}
}
Xray Dat Path
/usr/local/share/xray
Apache
nano /etc/apache2/apache2.conf
<VirtualHost *:80>
Servername example.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URL} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
# change your domain
ServerName example.com
# you may have a different root
DocumentRoot /var/www/
# the SSL configuration enable https for your site and it’s also required by shadowsocks + v2ray
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/example.com/privkey.pem
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2 +TLSv1.3
SSLCipherSuite HIGH:!aNULL
<Location "/xray">
ProxyPass ws://127.0.0.1:10002/xray
ProxyAddHeaders Off
ProxyPreserveHost On
RequestHeader append X-Forwarded-For %{REMOTE_ADDR}s
</Location>
</VirtualHost>
References
https://github.com/XTLS/Xray-core
https://github.com/XTLS/Xray-examples
https://github.com/v2fly/v2ray-examples
https://github.com/XTLS/Xray-install