Skip to main content

Installing Xray on Ubuntu VPS

Xray is a platform that supports multiple proxy protocols such as VLESS, VMess, Shadowsocks, and Trojan. Below are the steps to install Xray on an Ubuntu VPS and set up a client connection.

Installing Xray on Ubuntu VPS

  1. Update the System

    sudo apt update && sudo apt upgrade -y

  2. Install Required Dependencies

    sudo apt install -y curl wget unzip socat

  3. Install Xray Using the Installation Script Run the following script to install the latest version of Xray:

    bash <(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)

    This script will download, install, and configure Xray as a systemd service.

  4. Configure Xray After installation, the configuration file is located at:

    /usr/local/etc/xray/config.json

    Edit this file to set up your desired proxy protocol (e.g., VMess, VLESS, or Trojan). Below is an example configuration for VLESS with WebSocket and TLS:


    {
  "inbounds": [
    {
      "port": 443,
      "protocol": "vless",
      "settings": {
        "clients": [
          {
            "id": "YOUR_UUID", // Replace with a UUID
            "level": 0,
            "email": "user@example.com"
          }
        ],
        "decryption": "none"
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/vless"
        },
        "security": "tls",
        "tlsSettings": {
          "serverName": "example.com",
          "certificates": [
            {
              "certificateFile": "/path/to/certificate.crt", // Replace with your SSL cert
              "keyFile": "/path/to/private.key" // Replace with your private key
            }
          ]
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
    }
  ]
}
    • Replace YOUR_UUID with a UUID generated using the command:
      uuidgen

    • Obtain SSL Certificates

      1. Install Certbot

        sudo apt install certbot

      2. Generate the Certificate

        sudo certbot certonly --standalone -d <your-domain>

      3. Update Xray Config Use the paths generated by Certbot, typically:

        • /etc/letsencrypt/live/<your-domain>/fullchain.pem
        • /etc/letsencrypt/live/<your-domain>/privkey.pem

      Update the tlsSettings in config.json accordingly.

  5. Enable and Start Xray

    sudo systemctl enable xray
sudo systemctl start xray

  6. Allow Firewall Rules Open the necessary ports (e.g., 443 for TLS):

    sudo ufw allow 443/tcp
sudo ufw allow 443/udp

Adjust Permissions for Xray

Xray runs under its own user (nobody by default), and it doesn't have permission to access the Let's Encrypt directory. To fix this:

  1. Add the nobody user (or the user running Xray) to the ssl-cert group, which has access to the files:

    1. Create the Group:

      sudo groupadd ssl-cert

    2. Add the nobody User to the Group:

      sudo usermod -aG ssl-cert nobody

    3. Set Group Ownership and Permissions

      sudo chgrp -R ssl-cert /etc/letsencrypt
      sudo chmod -R 750 /etc/letsencrypt

    4. Restart the Xray Service:

      sudo systemctl restart xray

Setting Up the VPN Client

Configure the Client Below is an example of a client configuration for VLESS with WebSocket and TLS:

  • Server Address: Your VPS domain or IP address.
  • Port443
  • UUID: The same UUID you used in the Xray server configuration.
  • Networkws (WebSocket)
  • Path/vless (The path configured in the server wsSettings)
  • TLS: Enabled (Set the SNI/Server Name as your domain name)

Comments

Post a Comment

Popular posts from this blog

Installing .deb Packages Without Root Access in Ubuntu

In modern Linux environments, installing .deb packages typically requires sudo privileges. However, in scenarios such as shared hosting systems, enterprise security restrictions, or developer workstations with limited administrative access, an alternative approach is necessary. This guide provides a systematic method for extracting, configuring, and executing .deb packages within a user directory, bypassing the need for elevated permissions. Manual Extraction and Execution of .deb Packages Step 1: Extracting the .deb Package Use dpkg-deb to extract the package contents into a designated directory within the user's home directory: mkdir -p ~/my_software # Extract package contents dpkg-deb -x software.deb ~/my_software # Extract package metadata (optional but informative) dpkg-deb -e software.deb ~/my_software/DEBIAN The -x flag extracts core package files. The -e flag extracts control metadata, including package configurations and dependency details. Understanding ...
Post a Comment
Read more

tmux: Ensuring Persistent Terminal Sessions for Reliable Server Administration

  Introduction Maintaining an uninterrupted terminal session is essential for professionals managing remote servers. Unexpected disconnections can disrupt workflows, leading to data loss and inefficiencies. tmux (Terminal Multiplexer) addresses this challenge by ensuring that sessions persist even when a user disconnects. This feature makes tmux indispensable for system administrators, developers, and any technical professional working with remote environments. By leveraging tmux , users can manage multiple terminal windows and panes within a single session, detach and reattach as needed, and automate workflows through scripting. This guide provides an exhaustive exploration of tmux —covering installation, session management, advanced pane manipulation, customization, scripting, and best practices. By the end, readers will have a comprehensive understanding of how to maximize tmux to enhance efficiency and maintain workflow continuity. 1. Getting Started with tmux Installin...
Post a Comment
Read more