search

XTLS / Xray-install

Easiest way to install & upgrade Xray.
https://t.me/projectXray
GNU General Public License v3.0
1.8k stars 475 forks source link

非nobody、非root用户启动xray-core,服务端入站监听uds问题 #70

Open maoxikun opened 8 months ago

maoxikun commented 8 months ago

问题:一旦登录服务端ssh再退出之后,uds文件会被自动删除,restart xray service之后正常,再次退出ssh之后uds文件又没了,一直循环。 1、xray-core版本: 1.8.9 2、使用如下命令安装xray-core bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install -u myuser 3、vless-ws-tls方式,服务端入站改为"listen": "/dev/shm/xxx.socket",nginx做相应修改 4、操作步骤:

5、nginx配置

server {
    listen 50000 ssl http2;
    listen [::]: 50000 ssl http2;
    server_name xxx.com;

    ssl_certificate /home/ubuntu/tmp/cert/xxx.com_fullchain.pem;
    ssl_certificate_key /home/ubuntu/tmp/cert/xxx.com.key;
    ssl_protocols TLSv1.2 TLSv1.3;

    location /xxx {
        if ($http_upgrade != "websocket") {
            return 404;
        }
        proxy_pass http://unix:/dev/shm/xxx.socket;
        proxy_redirect off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
    }
}

6、服务端配置:

{
    "inbounds": [
        {
            "tag": "inbound-vless-ws",
            "protocol": "vless",
            "listen": "/dev/shm/xxx.socket,0666",
            "settings": {
                "clients": [
                    {
                        "id": "xxx"
                    }
                ],
                "decryption": "none"
            },
            "streamSettings": {
                "network": "ws",
                "wsSettings": {
                    "path": "/xxx"
                },
                "security": "none"
            }
        }
    ]
}

7、客户端配置:

{
    "inbounds": [
        {
            "tag": "inbound-socks",
            "protocol": "socks",
            "listen": "127.0.0.1",
            "port": 1080,
            "settings": {
                "udp": true
            }
        }
    ],
    "outbounds": [
        {
            "tag": "proxy",
            "protocol": "vless",
            "settings": {
                "vnext": [
                    {
                        "address": "xxx",
                        "port": 50000,
                        "users": [
                            {
                                "id": "xxx",
                                "encryption": "none"
                            }
                        ]
                    }
                ]
            },
            "streamSettings": {
                "network": "ws",
                "wsSettings": {
                    "path": "/xxx"
                },
                "security": "tls"
            }
        }
    ]
}
maoxikun commented 6 months ago

最后发现/dev/shm/domain.socket文件的属组是myuser,而config.json配置文件属组是root,把/dev/shm/domain.socket文件的属组改成root之后解决了,但是重启之后/dev/shm/domain.socket文件的属组还是会变成myuser,有没有大佬解决一下

maoxikun commented 6 months ago

不用systemd启动,换成/usr/local/bin/xray run -config /usr/local/etc/xray/config.json &正常启动,退出ssh之后uds文件不会消失,客户端能正常使用