Preparation required
Start building
bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/x-ui/master/install.sh )
wget -N --no-check-certificate https://raw.githubusercontent.com/taffychan/x-ui-3/main/install.sh && bash install.sh
Prompt that curl tool is not installed, please install curl tool first
apt-get update
apt-get upgrade
apt-get install curl
CDN application
bash <(curl -Ls https://raw.githubusercontent.com/FranzKafkaYu/BashScripts/main/SSLAutoInstall/SSLAutoInstall.sh )
CDN applied to panel
Set Node
Domain name: v2.mlldxe.cn Public key path:/etc/cert/cert.crt Key path:/etc/cert/private.key
Domain name: xui.mlldxe.cn Public key path:/etc/cert/cert.crt Key path:/etc/cert/private.key
vmess+ws+tls+cdn
Latest: Debian10 construction -- bulianglin
#Update Software Source apt update #Enable BBR TCP congestion control algorithm echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf sysctl -p #Install Curl apt-get install curl -y #Install x-ui: #Original bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/x-ui/master/install.sh ) #Optimization Magic Revision wget -N --no-check-certificate https://raw.githubusercontent.com/taffychan/x-ui-3/main/install.sh && bash install.sh #Install nginx apt install nginx #Install acme: curl https://get.acme.sh | sh #Add soft link: ln -s /root/.acme.sh/acme.sh /usr/local/bin/acme.sh #Switch CA organization: acme.sh --set-default-ca --server letsencrypt #Application certificate: Acme.sh -- issue - d Your domain name - k ec-256 -- webroot/var/www/html #Installation certificate: Acme.sh -- install cert - d Your domain name -- ecc -- key file/etc/x-ui/server. key -- fullchain file/etc/x-ui/server. crt -- reloadcmd "systemctl force reload nginx"
Find a suitable camouflage station
Example keyword: context: log in to Cloudsave
Configure nginx
user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 1024; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; gzip on; server { listen 8443 ssl; listen 2096 ssl; listen 443 ssl; listen 8080 ssl; listen 80 ssl; Server_name mlldxe. mlldxes. xyz; # Your domain name Ssl_certificate/etc/x-ui/server.crt; # Certificate location Ssl_certificate_key/etc/x-ui/server. key; # Private key location ssl_session_timeout 1d; ssl_session_cache shared:MozSSL:10m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; location / { proxy_pass https://www.hao123.com/ ; # Camouflage URL proxy_redirect off; proxy_ssl_server_name on; sub_filter_once off; Sub_filter "www.hao123. com" $server_name; # Camouflage URL Proxy_set_header Host "www.hao123. com"; # Camouflage URL proxy_set_header Referer $http_referer; proxy_set_header X-Real-IP $remote_addr; proxy_set_header User-Agent $http_user_agent; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header Accept-Encoding ""; proxy_set_header Accept-Language "zh-CN"; } Location/mlldxe {# Shunt path proxy_redirect off; proxy_pass http://127.0.0.1:22911 ; # Xray port proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } Location/admin {# xui path proxy_redirect off; proxy_pass http://127.0.0.1:54321 ; # Xui listening port proxy_http_version 1.1; proxy_set_header Host $host; } } server { listen 443; listen 80; location /.well-known/ { root /var/www/html; } location / { rewrite ^(.*)$ https://$host$1 permanent; } } }
Multi user
Location/ray {# Shunt path proxy_redirect off; proxy_pass http://127.0.0.1:10000 ; # Xray port proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }