soroush.asadi
5f769b0293
The real Xray VPN config held credentials and was overwritten by git checkout on every deploy. Untrack it + gitignore it + ship config.json.example as the template, so the server-side config persists across redeploys. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
54 lines
1.3 KiB
JSON
54 lines
1.3 KiB
JSON
{
|
|
"log": { "loglevel": "warning" },
|
|
"inbounds": [
|
|
{
|
|
"tag": "socks-in",
|
|
"listen": "0.0.0.0",
|
|
"port": 10808,
|
|
"protocol": "socks",
|
|
"settings": { "udp": true, "auth": "noauth" }
|
|
},
|
|
{
|
|
"tag": "http-in",
|
|
"listen": "0.0.0.0",
|
|
"port": 10809,
|
|
"protocol": "http"
|
|
}
|
|
],
|
|
"outbounds": [
|
|
{
|
|
"//": "REPLACE this whole outbound with YOUR vmess / vless / trojan config.",
|
|
"//vmess-example": "see deploy/xray/README.md for vmess & trojan templates",
|
|
"tag": "proxy",
|
|
"protocol": "vless",
|
|
"settings": {
|
|
"vnext": [
|
|
{
|
|
"address": "YOUR_SERVER_ADDRESS",
|
|
"port": 443,
|
|
"users": [
|
|
{
|
|
"id": "YOUR_UUID",
|
|
"encryption": "none",
|
|
"flow": ""
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"streamSettings": {
|
|
"network": "ws",
|
|
"security": "tls",
|
|
"tlsSettings": { "serverName": "YOUR_SNI" },
|
|
"wsSettings": { "path": "/", "headers": { "Host": "YOUR_SNI" } }
|
|
}
|
|
},
|
|
{ "tag": "direct", "protocol": "freedom" }
|
|
],
|
|
"routing": {
|
|
"rules": [
|
|
{ "type": "field", "inboundTag": ["socks-in", "http-in"], "outboundTag": "proxy" }
|
|
]
|
|
}
|
|
}
|