woggioni-opencode-agent/xray-hello-world
1
0
Fork 0
Code Actions Packages Releases Activity

Add VLESS+XHTTP Docker Compose project with nginx reverse proxy

Browse Source
This commit is contained in:
opencode
2026-05-18 13:03:30 +00:00
commit 5ae62f3704
4 changed files with 165 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/client.json
+63
View File
@@ -0,0 +1,63 @@
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"listen": "0.0.0.0",
"port": 6543,
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "nginx",
"port": 443,
"users": [
{
"id": "a142293d-1801-4e80-b309-ff3a5f70db8b",
"encryption": "none"
}
]
}
]
},
"streamSettings": {
"network": "xhttp",
"security": "tls",
"xhttpSettings": {
"mode": "stream-one",
"path": "/trapdoor"
},
"tlsSettings": {
"serverName": "localhost",
"allowInsecure": true
}
}
},
{
"tag": "direct",
"protocol": "freedom"
}
],
"routing": {
"domainStrategy": "IPOnDemand",
"rules": [
{
"ip": [
"geoip:private"
],
"outboundTag": "direct"
}
]
}
}
config/nginx.conf
+23
View File
@@ -0,0 +1,23 @@
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name localhost;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
client_header_timeout 5m;
keepalive_timeout 5m;
location /trapdoor {
proxy_pass http://unix:/dev/shm/xray.socket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
}
}
config/server.json
+32
View File
@@ -0,0 +1,32 @@
{
"log": {
"loglevel": "warning"
},
"inbounds": [
{
"listen": "/dev/shm/xray.sock,0666",
"protocol": "vless",
"settings": {
"clients": [
{
"id": "a142293d-1801-4e80-b309-ff3a5f70db8b"
}
],
"decryption": "none"
},
"streamSettings": {
"network": "xhttp",
"xhttpSettings": {
"mode": "stream-one",
"path": "/trapdoor"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"tag": "direct"
}
]
}
docker-compose.yml
+47
View File
@@ -0,0 +1,47 @@
services:
cert-gen:
image: alpine:latest
volumes:
- tls-certs:/etc/nginx/ssl
command: >
sh -c "
apk add --no-cache openssl &&
openssl req -x509 -nodes -days 3650 -newkey rsa:2048
-keyout /etc/nginx/ssl/key.pem
-out /etc/nginx/ssl/cert.pem
-subj '/CN=localhost' &&
chmod 644 /etc/nginx/ssl/cert.pem /etc/nginx/ssl/key.pem
"
nginx:
image: nginx:latest
depends_on:
cert-gen:
condition: service_completed_successfully
xray-server:
condition: service_started
volumes:
- ./config/nginx.conf:/etc/nginx/conf.d/default.conf:ro
- tls-certs:/etc/nginx/ssl:ro
- xray-socket:/dev/shm
xray-server:
image: ghcr.io/xtls/xray-core:latest
volumes:
- ./config/server.json:/etc/xray/config.json:ro
- xray-socket:/dev/shm
command: run -c /etc/xray/config.json
xray-client:
image: ghcr.io/xtls/xray-core:latest
depends_on:
- nginx
volumes:
- ./config/client.json:/etc/xray/config.json:ro
ports:
- "6543:6543"
command: run -c /etc/xray/config.json
volumes:
tls-certs:
xray-socket: