/one_click_script

一键安装 trojan v2ray xray. Install v2ray / xray (VLESS) and trojan (trojan-go) script

Primary LanguageShellMIT LicenseMIT

Easy install v2ray (xray) and trojan (trojan-go) script (ultimate script for all condition)

Hits

Sponsors

Thanks for support this project. Check on patreon

Table of Contents

Features

  1. Install and upgrade trojan/trojan-go/v2ray/xray and fully remove.
  2. Support to running trojan-go and v2ray at the same server.
  3. Support various mode, using trojan or v2ray or nginx to serve 443 port
  4. Support multi https domains with Nginx SNI on one VPS server.
  5. Support install trojan or v2ray only in order to work with exist website on one VPS.
  6. Customize trojan or v2ray working port, password and Websocket path.
  7. Support v2ray or xray vless protocol. Support Xray XTLS.
  8. Script create 10 password as default, can set prefix for these passwords.
  9. Install trojan and v2ray UI panel to easily manage users.
  10. Easily set v2ray route rules with wireguard IPv6 and Cloudflare WARP to unlock Netflix restriction and Google reCAPTCHA.
  11. Using bootstarp official template for default website content serve by nginx
  12. All working port are random generated to ensure high security.

Installation

via bash

bash <(curl -Lso- https://git.io/oneclick)

via curl to install script

curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh

via wget to install script

wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh

功能列表

功能列表2

功能列表3

Netflix-Check

Netflix non-self-produced drama and region testing shell script

via wget to install script

wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh

acme

Get SSL certificate for domain

  1. Run script then choose 26 to request SSL certificate for any domains. It's better to disable CDN of your domain duiring the SSL certificate application process. Make sure the domain is resolved to the real VPS ip.
  2. Duiring the SSL certificate application process, if you can't disable CDN or the VPS only have IPv6, you can skip the IP check process to continue your following SSL certificate request.
  3. The script is using acme.sh to get SSL certificate. There are three providers: Let's Encrypt, BuyPass.com, ZeroSSL.com. When you request too many times in one day and reach the limit of Let's Encrypt, you can switch other providers such as BuyPass.com.
  4. Normally SSL certificate need renew in three month,The script will autorenew the certificate with Cronjob by acme.sh .
  1. The main limit is Certificates per Registered Domain (50 per week)
  2. You can create a maximum of 300 New Orders per account per 3 hours
  3. You can create a maximum of 10 Accounts per IP Address per 3 hours. You can create a maximum of 500 Accounts per IP Range within an IPv6 /48 per 3 hours
  4. You can combine multiple hostnames into a single certificate, up to a limit of 100 Names per Certificate
  5. You can have a maximum of 300 Pending Authorizations on your account

How to use

Preparatory work for setting up a new VPS

  1. There are several work to do to secure your VPS when you set up a new VPS. It's optional but recommended.
  2. Configuring an SSH login without password. Run script then choose 26. Input your public key and save the authorized_keys file
  3. Change the SSH Default Port. Run script then choose 33. Customize your SSH login port. The default SSH port is 22, Modify the port number you want.
  4. Enable root accout login. Some VPS can't login with root as default. Run script then choose 32 to enable root accout login.
  5. Run script then choose 31 to install sofrware including Oh-my-zsh, zsh-autosuggestions, Micro editors. After finish installation, exit VPS and relogin SSH to use ZSH.

Install latest or LTS Linux kernel and enable BBR or BBR plus

  1. To install latest or LTS Linux kernel. Run script then choose 1. And enter the sub menu to install Linux kernel and enable BBR+Cake. Check out more details for LTS Linux kernel switcher script

Install command line trojan or v2ray

  1. Firstly, prefer run this script with root user. Because linux kernel installation need root privileges. And to get SSL with acme.sh also need root privileges. acme.sh instruction.

  2. How to install trojan. Run script ./trojan_v2ray_install.sh . Choose 2 to install trojan or trojan-go with no websockt. Choose 3 to install trojan-go with websocket support CDN.

  3. How to install V2ray. Run script ./trojan_v2ray_install.sh . Choose 11 to install V2ray or Xray with Nginx. Nginx listen 443 port and serve TLS service. During the installation, you can choose websocket or gRPC to support CDN. Choose TCP or HTTP2 or QUIC protocal will not supprot CDN.

  4. How to install V2ray using Vless. Run script ./trojan_v2ray_install.sh . Choose 13-17 to install V2ray or Xray. Vless listen 443 port and serve TLS service. Nginx is optional during the installation for fake website service. Also you can choose XTLS instead of TLS to improve network speed.

  5. Run script ./trojan_v2ray_install.sh . Choose 21 to install both V2ray and trojan on same VPS. Vless listen 443 port and serve TLS service.

  6. Run script ./trojan_v2ray_install.sh . Choose 22 to install both V2ray and trojan/trojan-go on same VPS. trojan/trojan-go listen 443 port and serve TLS service.

  7. Run script ./trojan_v2ray_install.sh . Choose 23 to install both V2ray and trojan/trojan-go on same VPS. Nginx SNI listen 443 port. You need at least 2 domain for trojan and v2ray. Nginx SNI distinguishes v2ray or trojan traffic by different domain name.

Advanced Tutorials - Work with existing website or web server

  1. If you already have a website or other web server, you can choose 12 to install V2ray or Xray only running at non 80 and 443 port with no TLS. You need modify nginx config manually to serve TLS and redirect v2ray traffic by url or path for V2ray websocket.

  2. If you already have a website or other web server, you can choose 13-17 to install V2ray or Xray. Duiring the installation, you can choose not to install nginx. Vless serve 443 port with TLS. You need modify nginx config manually to serve the website at 80 port. V2ray or Xray will fallback non V2ray traffic to 80 port.

  3. If you already have a website or other web server, you can choose 4 to install trojan or trojan-go only running at non 443 port with TLS. You need modify nginx config manually to serve the website at 80 port. trojan or trojan-go will fallback non trojan traffic to 80 port. Pay attention that if you choose to install trojan-go, nginx must already serve at 80 port which is trojan-go fallback port. Otherwise trojan-go will stop and not running if 80 port is not served by web HTTP server. trojan-go document

Install Web UI admin panel for trojan and v2ray

  1. On a new VPS without v2ray or trojan installed. Run script ./trojan_v2ray_install.sh . Choose 30 to enter sub menu. Then choose 1 to install trojan UI admin panel.

  2. On a new VPS without v2ray or trojan installed. Run script ./trojan_v2ray_install.sh . Choose 30 to enter sub menu. Then choose 6 or 9 to install V2ray or Xray UI admin panel. After sinish the installation. Run script and choose 26 to request SSL certificate. Then input the certificate file path on the UI admin panel config.

Unlock Region restriction for Netflix or Disney+ or other video streaming site

Avoid showing Google CAPTCHA Human verification

  1. Run script ./trojan_v2ray_install.sh . Choose 1 to enter sub menu to install linux kernel. Prefer to install linux kernel 5.10 LTS. More Details
  2. Run script ./trojan_v2ray_install.sh . Choose 1 to enter sub menu. Then choose 2 to enable BBR and Cake. This will import VPS network speed.
  3. After reboot, rerun script ./trojan_v2ray_install.sh . Choose 1 to enter sub menu. Then choose 11 or 12 to Wireguard or cloudflare WARP linux client sock5 proxy.
  4. After finish Wireguard installation, rerun script ./trojan_v2ray_install.sh . Choose 11-17 to v2ray xray。 Duiring the installation, you can follow the instruction to unlock netflix region restriction and avoid showing Google CAPTCHA Human verification.

FAQ

  1. You can use freenom for free domain name.

  2. Please disable your CDN acceleration duiring the installation. Such as cloudflare.com. After finish v2ray or trojan-go installation. you can enable CDN acceleration. trojan not support CDN acceleration.

注意 cloudflare CDN

  1. Using v2ray or xray gRPC protocal for CDN acceleration, you need do some settings at cloudflare.com. Click the "Network" on the leftside menu. Then enable gRPC on the right page. "Network => gRPC"

注意 cloudflare CDN gRPC

  1. The Cloudflare CDN worker script, Please replace the domain name with your own domain name.
addEventListener(
    "fetch", event => {
        let url = new URL(event.request.url);
        url.hostname = "yourdomain.xxx.xx";
        url.protocol = "https";
        let request = new Request(url, event.request);
        event.respondWith(
            fetch(request)
        )
    }
)

Special Thanks

  1. https://github.com/sprov065/v2-ui
  2. https://github.com/Jrohy/trojan
  3. https://github.com/v2fly/v2ray-core
  4. https://github.com/XTLS/Xray-core
  5. https://github.com/trojan-gfw/trojan
  6. https://github.com/p4gefau1t/trojan-go
  7. https://github.com/ylx2016/Linux-NetSpeed

Stargazers over time

Stargazers over time