项目重构

1-代理Xray/0-香港节点/0-xtls-reality的配置.json

@@ -0,0 +1,38 @@
+{
+    "listen": "0.0.0.0",
+    "port": 29999,
+    "protocol": "vless",
+    "settings": {
+        "clients": [
+            {
+                "id": "RoMoH00dOl3zaQjdUKB6W0SS-wDYENgI3I7cREYwp1M",
+                "flow": "xtls-rprx-vision"
+            }
+        ],
+        "decryption": "none"
+    },
+    "streamSettings": {
+        "network": "tcp",
+        "security": "reality",
+        "realitySettings": {
+            "dest": "speed.cloudflare.com",
+            "serverNames": [
+                "speed.cloudflare.com"
+            ],
+            "privateKey": "yNsDptp-3i-KqhLHA-RBLrVlJuiYeDUekirp-fkerQA",
+            "shortIds": [
+                "abc124cc",
+                "666asdcd"
+            ]
+        },
+        "sniffing": {
+            "enabled": true,
+            "destOverride": [
+                "http",
+                "tls",
+                "quic"
+            ],
+            "routeOnly": true
+        }
+    }
+}

1-代理Xray/0-香港节点/0-分层代理回落.json

@@ -0,0 +1,94 @@
+{
+  "log": {
+    "loglevel": "info"
+  },
+  "inbounds": [
+    {
+      "port": 443,
+      "protocol": "vless",
+      "settings": {
+        "clients": [
+          {
+            "id": "b4bdf874-8c03-5bd8-8fd7-5e409dfd82c0",
+            "flow": "xtls-rprx-vision",
+            "email": "cc@vless.com",
+            "level": 0
+          }
+        ],
+        "decryption": "none",
+        "fallbacks": [
+          {
+            "name": "xx.tc.hk.go.107421.xyz",
+            "alpn": "h2",
+            "dest": "@trojan-h2"
+          },
+          {
+            "dest": "/dev/shm/h2c.sock",
+            "xver": 2,
+            "alpn": "h2"
+          },
+          {
+            "dest": "/dev/shm/h1.sock",
+            "xver": 2
+          }
+        ]
+      },
+      "streamSettings": {
+        "network": "tcp",
+        "security": "tls",
+        "tlsSettings": {
+          "certificates": [
+            {
+              "ocspStapling": 3600,
+              "certificateFile": "/root/.acme.sh/book.107421.xyz_ecc/fullchain.cer",
+              "keyFile": "/root/.acme.sh/book.107421.xyz_ecc/book.107421.xyz.key"
+            },
+            {
+              "ocspStapling": 3600,
+              "certificateFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/fullchain.cer",
+              "keyFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/xx.tc.hk.go.107421.xyz.key"
+            }
+          ],
+          "minVersion": "1.2",
+          "cipherSuites": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+          "alpn": [
+            "h2",
+            "http/1.1"
+          ]
+        }
+      },
+      "sniffing": {
+        "enabled": true,
+        "destOverride": [
+          "http",
+          "tls"
+        ]
+      }
+    },
+    {
+      "listen": "@trojan-h2",
+      "protocol": "trojan",
+      "settings": {
+        "clients": [
+          {
+            "email": "ice@qq.com",
+            "password": "Vad3.123a)asd1234-asdasd.asdazzS.123",
+            "level": 0
+          }
+        ]
+      },
+      "streamSettings": {
+        "network": "h2",
+        "security": "none",
+        "httpSettings": {
+          "path": "/status"
+        }
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "protocol": "freedom"
+    }
+  ]
+}

1-代理Xray/0-香港节点/nginx.conf

@@ -0,0 +1,57 @@
+# Restrict access to the website by IP or wrong domain name) and return 400
+server {
+    listen unix:/dev/shm/h2c.sock http2 proxy_protocol default_server;
+    # listen 5000;
+    # http2 on;
+    set_real_ip_from unix:;
+    real_ip_header proxy_protocol;
+    server_name _;
+    return 400 "not allowed";
+}
+server {
+    # listen 5001;
+    listen unix:/dev/shm/h1.sock proxy_protocol default_server;
+    set_real_ip_from unix:;
+    real_ip_header proxy_protocol;
+    server_name _;
+    return 400 "not allowed";
+}
+
+# HTTP1 UDS listener
+server {
+    listen unix:/dev/shm/h1.sock proxy_protocol;
+    # listen 5001;
+    server_name xx.s4.cc.hh.107421.xyz;
+
+    set_real_ip_from unix:;
+    real_ip_header proxy_protocol;
+
+    location / {
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
+        root /var/www/html/; 
+        index index.html index.htm;
+    }
+}
+
+# HTTP2 UDS listener
+server {
+    listen unix:/dev/shm/h2c.sock http2 proxy_protocol;
+
+
+    set_real_ip_from unix:;
+    real_ip_header proxy_protocol;
+    
+    server_name xx.s4.cc.hh.107421.xyz;
+
+    # grpc settings
+    # grpc_read_timeout 1h;
+    # grpc_send_timeout 1h;
+    # grpc_set_header X-Real-IP $remote_addr;
+
+    # Decoy website
+    location / {
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
+        root /var/www/html;
+        index index.html index.htm;
+    }
+}

1-代理Xray/0-香港节点/分层代理回落.json

@@ -0,0 +1,126 @@
+{
+  "log": {
+    "loglevel": "debug"
+  },
+  "inbounds": [
+    {
+      "port": 443,
+      "protocol": "vless",
+      "settings": {
+        "clients": [
+          {
+            "id": "b4bdf874-8c03-5bd8-8fd7-5e409dfd82c0",
+            "flow": "xtls-rprx-vision"
+          }
+        ],
+        "decryption": "none",
+        "fallbacks": [
+          {
+            "name": "xx.tc.hk.go.107421.xyz",
+            "path": "/status",
+            "dest": 5000,
+            "xver": 1
+          },
+          {
+            "name": "book.107421.xyz",
+            "dest": 5003,
+            "xver": 1
+          },
+          {
+            "name": "book.107421.xyz",
+            "alpn": "h2",
+            "dest": 5004,
+            "xver": 1
+          },
+          {
+            "dest": 5001,
+            "xver": 1
+          },
+          {
+            "alpn": "h2",
+            "dest": 5002,
+            "xver": 1
+          }
+        ]
+      },
+      "streamSettings": {
+        "network": "tcp",
+        "security": "tls",
+        "tlsSettings": {
+          "alpn": ["h2", "http/1.1"],
+          "certificates": [
+            {
+              "certificateFile": "/root/.acme.sh/book.107421.xyz_ecc/fullchain.cer",
+              "keyFile": "/root/.acme.sh/book.107421.xyz_ecc/book.107421.xyz.key"
+            }
+          ]
+        }
+      }
+    },
+    {
+      "port": 5000,
+      "listen": "127.0.0.1",
+      "protocol": "vless",
+      "settings": {
+        "clients": [
+          {
+            "id": "481d1403-de9a-5ae1-b921-18c04a4a9da0",
+            "level": 0,
+            "email": "dd@qq.com"
+          }
+        ],
+        "decryption": "none"
+      },
+      "streamSettings": {
+        "network": "ws",
+        "security": "tls",
+        "wsSettings": {
+          "acceptProxyProtocol": true,
+          "path": "/status"
+        },
+        "tlsSettings": {
+          "alpn": ["h2", "http/1.1"],
+          "certificates": [
+            {
+              "certificateFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/fullchain.cer",
+              "keyFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/xx.tc.hk.go.107421.xyz.key"
+            }
+          ]
+        }
+      }
+    },
+    {
+      "listen": "0.0.0.0",
+      "port": 29999,
+      "protocol": "trojan",
+      "settings": {
+        "clients": [
+          {
+            "password": "V2ryStr0ngP0ss"
+          }
+        ]
+      },
+      "streamSettings": {
+        "network": "tcp",
+        "security": "tls",
+        "tlsSettings": {
+          "alpn": [
+            "h2",
+            "http/1.1"
+          ],
+          "certificates": [
+            {
+              "certificateFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/fullchain.cer",
+              "keyFile": "/root/.acme.sh/xx.tc.hk.go.107421.xyz_ecc/xx.tc.hk.go.107421.xyz.key"
+            }
+          ]
+        }
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "protocol": "freedom"
+    }
+  ]
+}

1-代理Xray/0-香港节点/在线安装nginx.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+
+sudo apt install -y curl gnupg2 ca-certificates lsb-release ubuntu-keyring
+
+curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
+| sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
+
+gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
+
+echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \
+    | sudo tee /etc/apt/sources.list.d/nginx.list
+
+echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
+    | sudo tee /etc/apt/preferences.d/99nginx
+
+sudo apt update
+sudo apt install -y nginx

1-代理Xray/0-香港节点/清除腾讯云Agent.sh

@@ -0,0 +1,68 @@
+
+
+green "正在删除防火墙。。。"
+    ufw disable
+    apt -y purge firewalld
+    apt -y purge ufw
+    systemctl stop firewalld
+    systemctl disable firewalld
+    $redhat_package_manager -y remove firewalld
+    green "正在删除阿里云盾和腾讯云盾 (仅对阿里云和腾讯云服务器有效)。。。"
+#阿里云盾
+    if [ $release == "ubuntu" ] || [ $release == "other-debian" ]; then
+        systemctl stop CmsGoAgent
+        systemctl disable CmsGoAgent
+        rm -rf /usr/local/cloudmonitor
+        rm -rf /etc/systemd/system/CmsGoAgent.service
+        systemctl daemon-reload
+    else
+        systemctl stop cloudmonitor
+        /etc/rc.d/init.d/cloudmonitor remove
+        rm -rf /usr/local/cloudmonitor
+        systemctl daemon-reload
+    fi
+
+    systemctl stop aliyun
+    systemctl disable aliyun
+    rm -rf /etc/systemd/system/aliyun.service
+    systemctl daemon-reload
+    apt -y purge aliyun-assist
+    $redhat_package_manager -y remove aliyun_assist
+    rm -rf /usr/local/share/aliyun-assist
+    rm -rf /usr/sbin/aliyun_installer
+    rm -rf /usr/sbin/aliyun-service
+    rm -rf /usr/sbin/aliyun-service.backup
+
+    pkill -9 AliYunDun
+    pkill -9 AliHids
+    /etc/init.d/aegis uninstall
+    rm -rf /usr/local/aegis
+    rm -rf /etc/init.d/aegis
+    rm -rf /etc/rc2.d/S80aegis
+    rm -rf /etc/rc3.d/S80aegis
+    rm -rf /etc/rc4.d/S80aegis
+    rm -rf /etc/rc5.d/S80aegis
+#腾讯云盾
+    /usr/local/qcloud/stargate/admin/uninstall.sh
+    /usr/local/qcloud/YunJing/uninst.sh
+    /usr/local/qcloud/monitor/barad/admin/uninstall.sh
+    systemctl daemon-reload
+    systemctl stop YDService
+    systemctl disable YDService
+    rm -rf /lib/systemd/system/YDService.service
+    systemctl daemon-reload
+    sed -i 's#/usr/local/qcloud#rcvtevyy4f5d#g' /etc/rc.local
+    sed -i '/rcvtevyy4f5d/d' /etc/rc.local
+    rm -rf $(find /etc/udev/rules.d -iname *qcloud* 2>/dev/null)
+    pkill -9 YDService
+    pkill -9 YDLive
+    pkill -9 sgagent
+    pkill -9 /usr/local/qcloud
+    pkill -9 barad_agent
+    rm -rf /usr/local/qcloud
+    rm -rf /usr/local/yd.socket.client
+    rm -rf /usr/local/yd.socket.server
+    mkdir /usr/local/qcloud
+    mkdir /usr/local/qcloud/action
+    mkdir /usr/local/qcloud/action/login_banner.sh
+    mkdir /usr/local/qcloud/action/action.sh

1-代理Xray/0-香港节点/生成证书.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+export DOMAIN_NAME=xx.tc.hk.go.107421.xyz
+export DOMAIN_NAME=book.107421.xyz
+export DOMAIN_NAME=octopus.107421.xyz
+
+export CF_Token="oXJRP5XI8Zhipa_PtYtB_jy6qWL0I9BosrJEYE8p"
+export CF_Account_ID="dfaadeb83406ef5ad35da02617af9191"
+export CF_Zone_ID="511894a4f1357feb905e974e16241ebb"
+
+acme.sh   --issue   --dns dns_cf -d ${DOMAIN_NAME} --keylength ec-256
+acme.sh --install-cert -d ${DOMAIN_NAME} --ecc \
+--key-file       /etc/nginx/conf.d/ssl_key/${DOMAIN_NAME}.key.pem  \
+--fullchain-file /etc/nginx/conf.d/ssl_key/${DOMAIN_NAME}.cert.pem \
+--reloadcmd     "systemctl restart nginx --force"