官网:

https://github.com/XTLS/Xray-core

install xray-core & config:

https://github.com/XTLS/Xray-install/raw/main/install-release.sh

config:

certificates has already been verifiyed,fallbacks most likely only support http.

{
  "log": {
    "access": "/var/log/xray/access.log",
    "error": "/var/log/xray/error.log",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "port": 443,
      "protocol": "vless",
      "settings": {
        "clients": [
          {
            "id": "xxxxx",
            "flow": "xtls-rprx-direct"
          }
        ],
        "decryption": "none",
        "fallbacks": [
          {
            "dest": 60000,
            "alpn": "",
            "xver": 1
          },
          {
            "dest": 60001,
            "alpn": "h2",
            "xver": 1
          }
        ]
      },
      "streamSettings": {
        "network": "tcp",
        "security": "xtls",
        "xtlsSettings": {
          "minVersion": "1.2",
          "certificates": [
            {
              "certificateFile": "/usr/local/etc/xray/self_signed_cert.pem",
              "keyFile": "/usr/local/etc/xray/self_signed_key.pem"
            }
          ]
        }
      },
      "sniffing": {
        "enabled": true,
        "destOverride": [
          "http",
          "tls"
        ]
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom"
    }
  ]
}

certificates:

1. use self_certificates( such as ip.certs or domain.name.certs), i guess it can be use ip:port for connection.

2. use ca_certificates( such as ca_domain.name.certs), made it looks like a real website.

nginx:

multiple server_name

server
{
        listen 127.0.0.1:60000 proxy_protocol;
        listen 127.0.0.1:60001 http2 proxy_protocol;
        server_name $domain_name_1;
        index index.html index.htm index.php default.php default.htm default.html;
        add_header Strict-Transport-Security "max-age=63072000" always;

        location / {
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_redirect off;
                proxy_pass http://127.0.0.1:8112;
                client_max_body_size 20000m;
        }
}

server
{
        listen 127.0.0.1:60000 proxy_protocol;
        listen 127.0.0.1:60001 http2 proxy_protocol;
        server_name $domain_name_2;
        index index.html index.htm index.php default.php default.htm default.html;
        add_header Strict-Transport-Security "max-age=63072000" always;

        location / {
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_redirect off;
                proxy_pass http://127.0.0.1:5212;
                client_max_body_size 20000m;
        }
}

cloudreve or nextcloud:

./cloudreve/cloudreve 

auto startup

systemctl enable autostartup.service

one_key_script:

 wget -N --no-check-certificate -q -O install.sh "https://raw.githubusercontent.com/wulabing/Xray_onekey/main/install.sh" && chmod +x install.sh && bash install.sh