- Install Trojan/Trojan-go and V2ray/Xray shell script
- Easy get SSL certificate for domains
- Linux Kernel switcher, including all LTS kernel and latest kernel, enable BBR or BBR Plus to speed up network
- Install wireguard and Cloudflare WARP, unlock Netflix restriction and avoid Google reCAPTCHA
- Netflix available region testing shell script, support for testing through IPv6 and WARP Sock5 proxy
- Install V2Ray-Poseidon, Soga, XrayR, Air-Universe shell script for V2board panel
- PVE Proxmox VE and Synology DiskStation Manager NAS Toolkit
- Install FRP shell script (expose local server behind a NAT or firewall to the Internet tool)
- Install and upgrade trojan/trojan-go/v2ray/xray and fully remove.
- Support to running trojan-go and v2ray at the same server.
- Support various mode, using trojan or v2ray or nginx to serve 443 port
- Support multi https domains with Nginx SNI on one VPS server.
- Support install trojan or v2ray only in order to work with exist website on one VPS.
- Customize trojan or v2ray working port, password and Websocket path.
- Support v2ray or xray vless protocol. Support Xray XTLS.
- Script create 10 password as default, can set prefix for these passwords.
- Install trojan and v2ray UI panel to easily manage users.
- Easily set v2ray route rules with wireguard IPv6 and Cloudflare WARP to unlock Netflix restriction and Google reCAPTCHA.
- Using bootstarp official template for default website content serve by nginx
- All working port are random generated to ensure high security.
bash <(curl -Lso- https://git.io/oneclick)
curl -O https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/trojan_v2ray_install.sh && chmod +x ./trojan_v2ray_install.sh && ./trojan_v2ray_install.sh
wget --no-check-certificate https://raw.githubusercontent.com/jinwyp/one_click_script/master/netflix_check.sh && chmod +x ./netflix_check.sh && ./netflix_check.sh
- Run script then choose 26 to request SSL certificate for any domains. It's better to disable CDN of your domain duiring the SSL certificate application process. Make sure the domain is resolved to the real VPS ip.
- Duiring the SSL certificate application process, if you can't disable CDN or the VPS only have IPv6, you can skip the IP check process to continue your following SSL certificate request.
- The script is using acme.sh to get SSL certificate. There are three providers: Let's Encrypt, BuyPass.com, ZeroSSL.com. When you request too many times in one day and reach the limit of Let's Encrypt, you can switch other providers such as BuyPass.com.
- Normally SSL certificate need renew in three month,The script will autorenew the certificate with Cronjob by acme.sh .
- The main limit is Certificates per Registered Domain (50 per week)
- You can create a maximum of 300 New Orders per account per 3 hours
- You can create a maximum of 10 Accounts per IP Address per 3 hours. You can create a maximum of 500 Accounts per IP Range within an IPv6 /48 per 3 hours
- You can combine multiple hostnames into a single certificate, up to a limit of 100 Names per Certificate
- You can have a maximum of 300 Pending Authorizations on your account
- There are several work to do to secure your VPS when you set up a new VPS. It's optional but recommended.
- Configuring an SSH login without password. Run script then choose 26. Input your public key and save the authorized_keys file
- Change the SSH Default Port. Run script then choose 33. Customize your SSH login port. The default SSH port is 22, Modify the port number you want.
- Enable root accout login. Some VPS can't login with root as default. Run script then choose 32 to enable root accout login.
- Run script then choose 31 to install sofrware including Oh-my-zsh, zsh-autosuggestions, Micro editors. After finish installation, exit VPS and relogin SSH to use ZSH.
- To install latest or LTS Linux kernel. Run script then choose 1. And enter the sub menu to install Linux kernel and enable BBR+Cake. Check out more details for LTS Linux kernel switcher script
-
Firstly, prefer run this script with root user. Because linux kernel installation need root privileges. And to get SSL with acme.sh also need root privileges. acme.sh instruction.
-
How to install trojan. Run script
./trojan_v2ray_install.sh
. Choose 2 to install trojan or trojan-go with no websockt. Choose 3 to install trojan-go with websocket support CDN. -
How to install V2ray. Run script
./trojan_v2ray_install.sh
. Choose 11 to install V2ray or Xray with Nginx. Nginx listen 443 port and serve TLS service. During the installation, you can choose websocket or gRPC to support CDN. Choose TCP or HTTP2 or QUIC protocal will not supprot CDN. -
How to install V2ray using Vless. Run script
./trojan_v2ray_install.sh
. Choose 13-17 to install V2ray or Xray. Vless listen 443 port and serve TLS service. Nginx is optional during the installation for fake website service. Also you can choose XTLS instead of TLS to improve network speed. -
Run script
./trojan_v2ray_install.sh
. Choose 21 to install both V2ray and trojan on same VPS. Vless listen 443 port and serve TLS service. -
Run script
./trojan_v2ray_install.sh
. Choose 22 to install both V2ray and trojan/trojan-go on same VPS. trojan/trojan-go listen 443 port and serve TLS service. -
Run script
./trojan_v2ray_install.sh
. Choose 23 to install both V2ray and trojan/trojan-go on same VPS. Nginx SNI listen 443 port. You need at least 2 domain for trojan and v2ray. Nginx SNI distinguishes v2ray or trojan traffic by different domain name.
-
If you already have a website or other web server, you can choose 12 to install V2ray or Xray only running at non 80 and 443 port with no TLS. You need modify nginx config manually to serve TLS and redirect v2ray traffic by url or path for V2ray websocket.
-
If you already have a website or other web server, you can choose 13-17 to install V2ray or Xray. Duiring the installation, you can choose not to install nginx. Vless serve 443 port with TLS. You need modify nginx config manually to serve the website at 80 port. V2ray or Xray will fallback non V2ray traffic to 80 port.
-
If you already have a website or other web server, you can choose 4 to install trojan or trojan-go only running at non 443 port with TLS. You need modify nginx config manually to serve the website at 80 port. trojan or trojan-go will fallback non trojan traffic to 80 port. Pay attention that if you choose to install trojan-go, nginx must already serve at 80 port which is trojan-go fallback port. Otherwise trojan-go will stop and not running if 80 port is not served by web HTTP server. trojan-go document
-
On a new VPS without v2ray or trojan installed. Run script
./trojan_v2ray_install.sh
. Choose 30 to enter sub menu. Then choose 1 to install trojan UI admin panel. -
On a new VPS without v2ray or trojan installed. Run script
./trojan_v2ray_install.sh
. Choose 30 to enter sub menu. Then choose 6 or 9 to install V2ray or Xray UI admin panel. After sinish the installation. Run script and choose 26 to request SSL certificate. Then input the certificate file path on the UI admin panel config.
- Run script
./trojan_v2ray_install.sh
. Choose 1 to enter sub menu to install linux kernel. Prefer to install linux kernel 5.10 LTS. More Details - Run script
./trojan_v2ray_install.sh
. Choose 1 to enter sub menu. Then choose 2 to enable BBR and Cake. This will import VPS network speed. - After reboot, rerun script
./trojan_v2ray_install.sh
. Choose 1 to enter sub menu. Then choose 11 or 12 to Wireguard or cloudflare WARP linux client sock5 proxy. - After finish Wireguard installation, rerun script
./trojan_v2ray_install.sh
. Choose 11-17 to v2ray xray。 Duiring the installation, you can follow the instruction to unlock netflix region restriction and avoid showing Google CAPTCHA Human verification.
-
You can use freenom for free domain name.
-
Please disable your CDN acceleration duiring the installation. Such as cloudflare.com. After finish v2ray or trojan-go installation. you can enable CDN acceleration. trojan not support CDN acceleration.
- Using v2ray or xray gRPC protocal for CDN acceleration, you need do some settings at cloudflare.com. Click the "Network" on the leftside menu. Then enable gRPC on the right page. "Network => gRPC"
- The Cloudflare CDN worker script, Please replace the domain name with your own domain name.
addEventListener(
"fetch", event => {
let url = new URL(event.request.url);
url.hostname = "yourdomain.xxx.xx";
url.protocol = "https";
let request = new Request(url, event.request);
event.respondWith(
fetch(request)
)
}
)