search

BobCoderS9 / SSPanel-Metron

SSPanel-Metron主题,目前由@Bobs9维护开发中。
MIT License
409 stars 238 forks source link

添加reality支持 #140

Closed wyx2685 closed 11 months ago

wyx2685 commented 1 year ago

PR供参考 vless+reality+xtls-rprx-flow节点格式

<ip>;<port>;0;tcp;tls;security=reality|flow=xtls-rprx-vision|host=<sni>|enable_vless=true|publicKey=<publicKey>|shortId=<shortId>

后端XrayR配置示例

Log:
  Level: warning # Log level: none, error, warning, info, debug
  AccessPath: #/etc/XrayR/access.Log
  ErrorPath: #/etc/XrayR/error.log
DnsConfigPath: # /etc/XrayR/dns.json # Path to dns config, check https://xtls.github.io/config/dns.html for help
RouteConfigPath:  # /etc/XrayR/route.json # Path to route config, check https://xtls.github.io/config/routing.html for help
InboundConfigPath: # /etc/XrayR/custom_inbound.json # Path to custom inbound config, check https://xtls.github.io/config/inbound.html for help
OutboundConfigPath:  # /etc/XrayR/custom_outbound.json # Path to custom outbound config, check https://xtls.github.io/config/outbound.html for help
ConnectionConfig:
  Handshake: 10 # Handshake time limit, Second
  ConnIdle: 60 # Connection idle time limit, Second
  UplinkOnly: 10 # Time limit when the connection downstream is closed, Second
  DownlinkOnly: 10 # Time limit when the connection is closed after the uplink is closed, Second
  BufferSize: 64 # The internal cache size of each connection, kB
Nodes:
  -
    PanelType: "SSpanel" # Panel type: SSpanel, V2board, NewV2board, PMpanel, Proxypanel, V2RaySocks
    ApiConfig:
      ApiHost: "https://xxxx.xxx" # 面板地址
      ApiKey: "xxxx" # 面板密码
      NodeID: 3 # 节点编号
      NodeType: V2ray # Node type: V2ray, Shadowsocks, Trojan, Shadowsocks-Plugin
      Timeout: 30 # Timeout for the api request
      EnableVless: true # Enable Vless for V2ray Type
      VlessFlow: "xtls-rprx-vision"
      SpeedLimit: 0 # Mbps, Local settings will replace remote settings, 0 means disable
      DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
      RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
    ControllerConfig:
      ListenIP: 0.0.0.0 # IP address you want to listen
      SendIP: 0.0.0.0 # IP address you want to send pacakage
      UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
      EnableDNS: false # Use custom DNS config, Please ensure that you set the dns.json well
      DNSType: AsIs # AsIs, UseIP, UseIPv4, UseIPv6, DNS strategy
      EnableProxyProtocol: false # Only works for WebSocket and TCP
      AutoSpeedLimitConfig:
        Limit: 0 # Warned speed. Set to 0 to disable AutoSpeedLimit (mbps)
        WarnTimes: 0 # After (WarnTimes) consecutive warnings, the user will be limited. Set to 0 to punish overspeed user immediately.
        LimitSpeed: 0 # The speedlimit of a limited user (unit: mbps)
        LimitDuration: 0 # How many minutes will the limiting last (unit: minute)
      GlobalDeviceLimitConfig:
        Enable: false # Enable the global device limit of a user
        RedisAddr: 127.0.0.1:6379 # The redis server address
        RedisPassword: # Redis password
        RedisDB: 0 # Redis DB
        Timeout: 5 # Timeout for redis request
        Expiry: 60 # Expiry time (second)
      EnableFallback: false # Only support for Trojan and Vless
      FallBackConfigs:  # Support multiple fallbacks
        -
          SNI: # TLS SNI(Server Name Indication), Empty for any
          Alpn: # Alpn, Empty for any
          Path: # HTTP PATH, Empty for any
          Dest: # Required, Destination of fallback, check https://xtls.github.io/config/features/fallback.html for details.
          ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for dsable
      EnableREALITY: true # Enable REALITY
      REALITYConfigs:
        Show: false # Show REALITY debug
        Dest: xxxxxxx.com:443 # 目标网站
        ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for disable
        ServerNames: # Required, list of available serverNames for the client, * wildcard is not supported at the moment.
          - <sni> # 需与节点host一致
        PrivateKey: xxxxxxxxxxxxxx # x25519密钥,可使用xray x25519生成
        MinClientVer: # Optional, minimum version of Xray client, format is x.y.z.
        MaxClientVer: # Optional, maximum version of Xray client, format is x.y.z.
        MaxTimeDiff: 0 # Optional, maximum allowed time difference, unit is in milliseconds.
        ShortIds: # 需与节点shortId一致
          - <shortId> 
      CertConfig:
        CertMode: none # Option about how to get certificate: none, file, http, tls, dns. Choose "none" will forcedly disable the tls config.
        CertDomain: "" # Domain to cert
        CertFile:  # Provided if the CertMode is file
        KeyFile:  # Provided if the CertMode is file
        Provider: alidns # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
        Email: test@me.com
        DNSEnv: # DNS ENV option used by DNS provider
          ALICLOUD_ACCESS_KEY: aaa
          ALICLOUD_SECRET_KEY: bbb
BobCoderS9 commented 12 months ago

publicKey和shortId是哪里来的?如果这个长的话,放到server字段里面不现实。而且你没改node的后端接口,XrayR怎么接收这个

wyx2685 commented 12 months ago

privatekey和publickey需要手动生成,用 xray x25519 可以生成,也可以用openssl openssl genpkey -algorithm x25519 -out privateKey openssl pkey -in privateKey -pubout -out publicKey

shortid是0-16位,双位的16进制数字,可以自己指定 例如00 1111 1a2b3c都可以

XrayR的配置都是直接在config.yml写入的,参照上面配置即可(reality必须使用xray内核版本1.8.0以上的XrayR,即官方最新commit)

需要修改node数据库server长度,不然写不下 或者换一个地方放也行,那要动的东西比较多

BobCoderS9 commented 11 months ago

这个协议接口目前并不规范,这样配置并不合理,你可以单独提交下其他的修改,这个新协议的暂时不合并了。

tristesky commented 11 months ago

已经对接上了,感谢大佬 👍

vlesstop commented 10 months ago

大佬, VLEES+XTLS的话,写法应该是什么样的, 自己尝试了几个小时都不行

wyx2685 commented 10 months ago

@waiwaiwq 传输写tls

lemontea66 commented 3 weeks ago

您好,想咨询一下如果reality+中转方案能否在sspanel-metron实现?目前我这边测试直连后发现带宽跑不起来,想做个中转来拉取一下