mirror of
https://github.com/samuelhbne/server-xray.git
synced 2025-12-17 20:34:39 +03:00
Initial support for SPLITHTTP
This commit is contained in:
Samuel Huang
@@ -10,13 +10,13 @@ RUN git clone https://github.com/XTLS/Xray-core.git . && \
|
|||||||
go build -o xray -trimpath -ldflags "-s -w -buildid=" ./main
|
go build -o xray -trimpath -ldflags "-s -w -buildid=" ./main
|
||||||
|
|
||||||
|
|
||||||
FROM alpine:3.20
|
FROM nginx:stable-alpine3.20
|
||||||
|
|
||||||
ARG ACMEVER='2.9.0'
|
ARG ACMEVER='2.9.0'
|
||||||
|
|
||||||
COPY --from=builder /go/src/XTLS/Xray-core/xray /usr/local/bin/
|
COPY --from=builder /go/src/XTLS/Xray-core/xray /usr/local/bin/
|
||||||
|
|
||||||
RUN apk add --no-cache bash nginx openssl curl socat jq moreutils
|
RUN apk add --no-cache bash openssl curl socat jq moreutils
|
||||||
RUN cd /root; curl -sSL "https://github.com/acmesh-official/acme.sh/archive/refs/tags/${ACMEVER}.tar.gz"|tar zxvf -
|
RUN cd /root; curl -sSL "https://github.com/acmesh-official/acme.sh/archive/refs/tags/${ACMEVER}.tar.gz"|tar zxvf -
|
||||||
RUN cd /root; ln -s acme.sh-${ACMEVER} acme.sh; mkdir .acme.sh
|
RUN cd /root; ln -s acme.sh-${ACMEVER} acme.sh; mkdir .acme.sh
|
||||||
|
|
||||||
|
|||||||
48
run.sh
48
run.sh
@@ -9,31 +9,31 @@ XCONF=/tmp/server-xray.json
|
|||||||
|
|
||||||
usage() {
|
usage() {
|
||||||
echo "server-xray <server-options>"
|
echo "server-xray <server-options>"
|
||||||
echo " --ltx <VLESS-TCP-XTLS option> [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]]"
|
echo " --lx <VLESS-XTLS option> [p=443,]d=domain.com,u=id[:level[:email]]"
|
||||||
echo " --ltt <VLESS-TCP-TLS option> [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]]"
|
echo " --lt <VLESS-TLS option> [p=443,]d=domain.com,u=id[:level[:email]]"
|
||||||
echo " --lttw <VLESS-TCP-TLS-WS option> [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath"
|
echo " --ltw <VLESS-TLS-WS option> [p=443,]d=domain.com,u=id[:level[:email]],w=/wspath"
|
||||||
echo " --ltpw <VLESS-TCP-PLAIN-WS option> [p=443,]u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath"
|
echo " --lpw <VLESS-PLN-WS option> [p=443,]u=id[:level[:email],]w=/wspath"
|
||||||
echo " --lttg <VLESS-TCP-TLS-GRPC option> [p=443,]d=domain.com,u=id[:level[:email]],s=svcname"
|
echo " --ltg <VLESS-TLS-GRPC option> [p=443,]d=domain.com,u=id[:level[:email]],s=svcname"
|
||||||
echo " --ltpg <VLESS-TCP-PLAIN-GRPC option> [p=443,]u=id[:level[:email]],s=svcname"
|
echo " --lpg <VLESS-PLN-GRPC option> [p=443,]u=id[:level[:email]],s=svcname"
|
||||||
echo " --mtt <VMESS-TCP-TLS option> [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]]"
|
echo " --lts <VLESS-TLS-SPLT option> [p=442,]d=domain.com,u=id[:level[:email]],p=/path"
|
||||||
echo " --mttw <VMESS-TCP-TLS-WS option> [p=443,]d=domain.com,u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath"
|
echo " --lps <VLESS-PLN-SPLT option> [p=442,]u=id[:level[:email],]p=/path"
|
||||||
echo " --mtpw <VMESS-TCP-PLAIN-WS option> [p=443,]u=id[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath"
|
echo " --mt <VMESS-TLS option> [p=443,]d=domain.com,u=id[:level[:email]]"
|
||||||
echo " --ttt <TROJAN-TCP-TLS option> [p=443,]d=domain.com,u=psw[:level[:email]][,f=[fb-host]:fb-port:[fb-path]]"
|
echo " --mtw <VMESS-TLS-WS option> [p=443,]d=domain.com,u=id[:level[:email]],w=/webpath"
|
||||||
echo " --tttw <TROJAN-TCP-TLS-WS option> [p=443,]d=domain.com,u=psw[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath"
|
echo " --mpw <VMESS-PLN-WS option> [p=443,]u=id[:level[:email]],w=/webpath"
|
||||||
echo " --ttpw <TROJAN-TCP-PLAIN-WS option> [p=443,]u=psw[:level[:email]][,f=[fb-host]:fb-port:[fb-path]],w=/webpath"
|
echo " --tt <TROJAN-TLS option> [p=443,]d=domain.com,u=psw[:level[:email]]"
|
||||||
# echo " --ssa <Shadowsocks-AEAD option> [port=443,]user=password1:method1[,user=password2:method2]"
|
echo " --ttw <TROJAN-TLS-WS option> [p=443,]d=domain.com,u=psw[:level[:email]],w=/webpath"
|
||||||
# echo " --sst <Shadowsocks-TCP option> [port=443,]user=passwd,method=xxxx"
|
echo " --tpw <TROJAN-PLN-WS option> [p=443,]u=psw[:level[:email]],w=/webpath"
|
||||||
echo " --ng-opt <nginx-options> [p=443,]d=domain0.com[,d=domain1.com][...]"
|
echo " --ng-opt <nginx-options> [p=443,]d=domain0.com[,d=domain1.com][...]"
|
||||||
echo " --ng-proxy <nginx-proxy-options> [d=domain0.com,][d=domain1.com][...][h=127.0.0.1,]p=port-backend,l=location,n=ws|grpc"
|
echo " --ng-proxy <nginx-proxy-options> [d=domain0.com,][d=domain1.com][...][h=127.0.0.1,]p=port-backend,l=location,n=ws|grpc|splt"
|
||||||
echo " -u|--user <global-user-options> u=id0[:level[:email]][,u=id1][...]"
|
echo " -u|--user <global-user-options> u=id0[:level[:email]][,u=id1][...]"
|
||||||
echo " -k|--hook <hook-url> [Optional] DDNS update or notifing URL to be hit"
|
echo " -k|--hook <hook-url> [Optional] DDNS update or notifing URL to be hit"
|
||||||
echo " -r|--request-domain <domain-name> [Optional] Domain name to request for letsencrypt cert"
|
echo " -r|--request-domain <domain-name> [Optional] Domain name to request for letsencrypt cert"
|
||||||
echo " -c|--cert-home <cert-home-dir> [Optional] Reading TLS certs from folder <cert-home-dir>/<domain-name>/"
|
echo " -c|--cert-home <cert-home-dir> [Optional] Reading TLS certs from folder <cert-home-dir>/<domain-name>/"
|
||||||
echo " -i|--stdin [Optional] Read config from stdin instead of auto generation"
|
echo " -i|--stdin [Optional] Read config from STDIN instead of auto generation"
|
||||||
echo " -d|--debug [Optional] Start in debug mode with verbose output"
|
echo " -d|--debug [Optional] Start in debug mode with verbose output"
|
||||||
}
|
}
|
||||||
|
|
||||||
TEMP=`getopt -o u:k:r:c:di --long user:,hook:,request-domain:,cert-home:,ltx:,ltt:,lttw:,ltpw:,mtt:,mttw:,mtpw:,ttt:,tttw:,ttpw:,lttg:,ltpg:,ssa:,sst:,ng-opt:,ng-proxy:,stdin,debug -n "$0" -- $@`
|
TEMP=`getopt -o u:k:r:c:di --long user:,hook:,request-domain:,cert-home:,lx:,lt:,ltw:,lpw:,mt:,mtw:,mpw:,tt:,ttw:,tpw:,ltg:,lpg:,ng-opt:,ng-proxy:,stdin,debug -n "$0" -- $@`
|
||||||
if [ $? != 0 ] ; then usage; exit 1 ; fi
|
if [ $? != 0 ] ; then usage; exit 1 ; fi
|
||||||
|
|
||||||
eval set -- "$TEMP"
|
eval set -- "$TEMP"
|
||||||
@@ -63,7 +63,7 @@ while true ; do
|
|||||||
UOPT+=("$2")
|
UOPT+=("$2")
|
||||||
shift 2
|
shift 2
|
||||||
;;
|
;;
|
||||||
--ltx|--ltt|--lttw|--ltpw|--lttg|--ltpg|--mtt|--mttw|--mtpw|--ttt|--tttw|--ttpw)
|
--lx|--lt|--ltw|--lpw|--ltg|--lpg|--mt|--mtw|--mpw|--tt|--ttw|--tpw)
|
||||||
SVC=`echo $1|tr -d '\-\-'`
|
SVC=`echo $1|tr -d '\-\-'`
|
||||||
SVCMD+=("${DIR}server-${SVC}.sh $2")
|
SVCMD+=("${DIR}server-${SVC}.sh $2")
|
||||||
shift 2
|
shift 2
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
server {
|
server {
|
||||||
|
listen NGPORT quic reuseport;
|
||||||
listen NGPORT ssl;
|
listen NGPORT ssl;
|
||||||
listen [::]:NGPORT ssl;
|
listen [::]:NGPORT ssl;
|
||||||
http2 on;
|
http2 on;
|
||||||
@@ -7,6 +8,7 @@ server {
|
|||||||
ssl_certificate_key PRVKEYFILE;
|
ssl_certificate_key PRVKEYFILE;
|
||||||
ssl_protocols TLSv1.2 TLSv1.3;
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
ssl_ciphers HIGH:!aNULL:!MD5;
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||||
|
add_header Alt-Svc 'h3=":443"; ma=86400';
|
||||||
|
|
||||||
client_header_timeout 1071906480m;
|
client_header_timeout 1071906480m;
|
||||||
keepalive_timeout 1071906480m;
|
keepalive_timeout 1071906480m;
|
||||||
|
|||||||
Reference in New Issue
Block a user