Script for Linux which makes XRay installation and configuration easy
Find a file
2023-12-09 22:53:39 +03:00
misc update customgeo; add custom rules in format appropriate for hiddigy and nekoray 2023-12-09 22:51:42 +03:00
.gitignore add *add username* command 2023-10-31 14:11:40 +03:00
browser-proxy-settings.png update readme with browser settings; change port 2023-10-25 11:35:04 +03:00
customgeo.dat update customgeo; add custom rules in format appropriate for hiddigy and nekoray 2023-12-09 22:51:42 +03:00
ex.sh add link command 2023-12-06 12:47:31 +03:00
LICENSE Initial commit 2023-10-08 22:32:54 +03:00
README.md bring better UX; refactor 2023-12-04 01:08:04 +03:00
template_config_client.jsonc make statistics pretty; add *stats reset* command 2023-11-22 15:34:41 +03:00
template_config_server.jsonc remove quic 2023-12-09 22:53:39 +03:00

easy-xray

Script for Linux which makes XRay installation and configuration easy

(todo) Readme in Russian

(todo) Readme in Chinese

XRay (aka ProjectX) is a frontier solution to surpass the internet censorship. It can work as a server and as a client allowing to guide traffic through a VPS outside the region of censorship. XRay configuration can be confusing for a newcomer, so, here is a script which helps to

  • install/upgrade/remove XRay and geodata
  • generate credentials and server/client configs
  • add/delete users to the configs

First, make the script ex.sh executable, then run a desired command with it. Use ./ex.sh help to see the list of all available commands and ./ex.sh install to start interactive prompt which installs and configures XRay.

$ chmod +x ex.sh
$ ./ex.sh help
$ sudo ./ex.sh install

Prerequisites

For manipulations with configs, jq is needed, it can be found in repositories of almost all popular Linux distributions.

How it works

With current configs, XRay creates a tunnel between the client (your laptop, phone etc.) and the server (your VPS). The tunnel uses VLESS Reality protocol that obfuscates traffic and in our case imitates grpc. For the censor the tunnel looks like a usual connection to a site. The server responds to https requests as some popular site thus it is not suspicious for an active probing. On the client side XRay creates http/https and socks proxies which can be used by your Telegram or web browser like this:

browser proxy: http/https proxy 127.0.0.1 at port 801, socks v5 host 127.0.0.1 at port 800

Note that there is no additional encryption layer in VLESS; using it you rely on the encryption that the browser (Telegram app etc.) makes. Note also that for current client config, traffic to .cn, .ru, .by and .ir sites goes directly from the client, see here for details. This makes your server much less attention-grabbing and suspicious, but your connection less anonymous.

More deep description??

Important: It is assumed that configs are stored and updated locally as config_server.json, config_client.json or config_client_username.json files. You should manually start XRay with one of configs, depending which role - server or client - XRay should play:

    sudo cp config_(role).json /usr/local/etc/xray/config.json
    sudo systemctl start xray

or

    sudo xray run -c config_(role).json

Other clients

For Windows, MacOS or Android you can try Nekobox, v2rayNG or ? (TODO): tests and config generation for them.

Futher reading

Template configs contain comments and links and are good start to find another interesting Xray configuration options.

Acknowledgements

This article (in Russian) helped me to install XRay for the first time.

XRay config reference is brilliant and helped me much.

Configs for gRPC and XTLS on that the template configs are based.