Skip to main content

Installing Xray on Ubuntu VPS

Xray is a platform that supports multiple proxy protocols such as VLESS, VMess, Shadowsocks, and Trojan. Below are the steps to install Xray on an Ubuntu VPS and set up a client connection.

Installing Xray on Ubuntu VPS

  1. Update the System

    sudo apt update && sudo apt upgrade -y

  2. Install Required Dependencies

    sudo apt install -y curl wget unzip socat

  3. Install Xray Using the Installation Script Run the following script to install the latest version of Xray:

    bash <(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)

    This script will download, install, and configure Xray as a systemd service.

  4. Configure Xray After installation, the configuration file is located at:

    /usr/local/etc/xray/config.json

    Edit this file to set up your desired proxy protocol (e.g., VMess, VLESS, or Trojan). Below is an example configuration for VLESS with WebSocket and TLS:


    {
  "inbounds": [
    {
      "port": 443,
      "protocol": "vless",
      "settings": {
        "clients": [
          {
            "id": "YOUR_UUID", // Replace with a UUID
            "level": 0,
            "email": "user@example.com"
          }
        ],
        "decryption": "none"
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/vless"
        },
        "security": "tls",
        "tlsSettings": {
          "serverName": "example.com",
          "certificates": [
            {
              "certificateFile": "/path/to/certificate.crt", // Replace with your SSL cert
              "keyFile": "/path/to/private.key" // Replace with your private key
            }
          ]
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
    }
  ]
}
    • Replace YOUR_UUID with a UUID generated using the command:
      uuidgen

    • Obtain SSL Certificates

      1. Install Certbot

        sudo apt install certbot

      2. Generate the Certificate

        sudo certbot certonly --standalone -d <your-domain>

      3. Update Xray Config Use the paths generated by Certbot, typically:

        • /etc/letsencrypt/live/<your-domain>/fullchain.pem
        • /etc/letsencrypt/live/<your-domain>/privkey.pem

      Update the tlsSettings in config.json accordingly.

  5. Enable and Start Xray

    sudo systemctl enable xray
sudo systemctl start xray

  6. Allow Firewall Rules Open the necessary ports (e.g., 443 for TLS):

    sudo ufw allow 443/tcp
sudo ufw allow 443/udp

Adjust Permissions for Xray

Xray runs under its own user (nobody by default), and it doesn't have permission to access the Let's Encrypt directory. To fix this:

  1. Add the nobody user (or the user running Xray) to the ssl-cert group, which has access to the files:

    1. Create the Group:

      sudo groupadd ssl-cert

    2. Add the nobody User to the Group:

      sudo usermod -aG ssl-cert nobody

    3. Set Group Ownership and Permissions

      sudo chgrp -R ssl-cert /etc/letsencrypt
      sudo chmod -R 750 /etc/letsencrypt

    4. Restart the Xray Service:

      sudo systemctl restart xray

Setting Up the VPN Client

Configure the Client Below is an example of a client configuration for VLESS with WebSocket and TLS:

  • Server Address: Your VPS domain or IP address.
  • Port443
  • UUID: The same UUID you used in the Xray server configuration.
  • Networkws (WebSocket)
  • Path/vless (The path configured in the server wsSettings)
  • TLS: Enabled (Set the SNI/Server Name as your domain name)
Labels:

Comments

Post a Comment

Popular posts from this blog

Installing .deb Packages Without Root Access in Ubuntu

In modern Linux environments, installing .deb packages typically requires sudo privileges. However, in scenarios such as shared hosting systems, enterprise security restrictions, or developer workstations with limited administrative access, an alternative approach is necessary. This guide provides a systematic method for extracting, configuring, and executing .deb packages within a user directory, bypassing the need for elevated permissions. Manual Extraction and Execution of .deb Packages Step 1: Extracting the .deb Package Use dpkg-deb to extract the package contents into a designated directory within the user's home directory: mkdir -p ~/my_software # Extract package contents dpkg-deb -x software.deb ~/my_software # Extract package metadata (optional but informative) dpkg-deb -e software.deb ~/my_software/DEBIAN The -x flag extracts core package files. The -e flag extracts control metadata, including package configurations and dependency details. Understanding ...
Post a Comment
Read more

Mastering the Asterisk (*) in Bash: A Comprehensive Guide

The asterisk ( * ) is one of the most powerful and frequently used wildcard characters in Bash. Whether you're listing files, moving directories, or searching for patterns, mastering the use of * can significantly boost your efficiency in the terminal. This article explores various ways to use * in Bash, with practical examples to help you get the most out of this wildcard. 1. Wildcard for File and Directory Matching The * wildcard matches zero or more characters in filenames. Example: ls *.txt # Lists all files ending with .txt ls file* # Lists all files starting with "file" 2. Using * in Commands The * wildcard works with commands like cp , mv , rm , etc. Example: cp *.jpg backup/ # Copies all .jpg files to the backup directory rm * # Deletes all files in the current directory 3. Wildcard in Recursive Search Used with find or grep to search files recursively. Example: find . -name "*.sh" # Finds all .sh fil...
Post a Comment
Read more