fix: improve VLESS link compatibility and add Reality repair script
Only encode SNI dots, keep pbk/sid raw, copy links via API, prefer xray keygen, and add repair-reality.sh for server-side fixes. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -22,9 +22,15 @@ else
|
||||
SB="sing-box"
|
||||
fi
|
||||
|
||||
KEYPAIR="$("$SB" generate reality-keypair)"
|
||||
REALITY_PRIVATE_KEY="$(echo "$KEYPAIR" | grep 'PrivateKey:' | awk '{print $2}')"
|
||||
REALITY_PUBLIC_KEY="$(echo "$KEYPAIR" | grep 'PublicKey:' | awk '{print $2}')"
|
||||
if command -v xray &>/dev/null; then
|
||||
KEYPAIR="$(xray x25519)"
|
||||
REALITY_PRIVATE_KEY="$(echo "$KEYPAIR" | awk '/Private key/ {print $3; exit} /PrivateKey/ {print $3; exit}')"
|
||||
REALITY_PUBLIC_KEY="$(echo "$KEYPAIR" | awk '/Public key/ {print $3; exit} /Password/ {print $3; exit}')"
|
||||
else
|
||||
KEYPAIR="$("$SB" generate reality-keypair)"
|
||||
REALITY_PRIVATE_KEY="$(echo "$KEYPAIR" | grep 'PrivateKey:' | awk '{print $2}')"
|
||||
REALITY_PUBLIC_KEY="$(echo "$KEYPAIR" | grep 'PublicKey:' | awk '{print $2}')"
|
||||
fi
|
||||
REALITY_SHORT_ID="$("$SB" generate rand --hex 8)"
|
||||
|
||||
GENERATE_PANEL_PASSWORD=1
|
||||
|
||||
@@ -18,13 +18,13 @@ done
|
||||
mkdir -p "$OUT_DIR"
|
||||
|
||||
urlencode() {
|
||||
python3 -c "import sys, urllib.parse; print(urllib.parse.quote(sys.argv[1], safe='').replace('.', '%2E'))" "$1"
|
||||
python3 -c "import sys; print(sys.argv[1].replace('.', '%2E'))" "$1"
|
||||
}
|
||||
|
||||
REALITY_SNI_ENC="$(urlencode "$REALITY_SERVER_NAME")"
|
||||
REALITY_PBK_ENC="$(urlencode "$REALITY_PUBLIC_KEY")"
|
||||
REALITY_SID_ENC="$(urlencode "$REALITY_SHORT_ID")"
|
||||
HY2_PASSWORD_ENC="$(urlencode "$HY2_PASSWORD")"
|
||||
REALITY_PBK_ENC="$REALITY_PUBLIC_KEY"
|
||||
REALITY_SID_ENC="$REALITY_SHORT_ID"
|
||||
HY2_PASSWORD_ENC="$(python3 -c "import sys, urllib.parse; print(urllib.parse.quote(sys.argv[1], safe=''))" "$HY2_PASSWORD")"
|
||||
DOMAIN_SNI_ENC="$(urlencode "$DOMAIN")"
|
||||
|
||||
sed -e "s|\${VPS_IP}|${VPS_IP}|g" \
|
||||
@@ -38,7 +38,7 @@ sed -e "s|\${VPS_IP}|${VPS_IP}|g" \
|
||||
|
||||
cat > "$OUT_DIR/share-links.txt" <<EOF
|
||||
========== VLESS + Reality (主力) ==========
|
||||
vless://${UUID}@${VPS_IP}:443?encryption=none&flow=xtls-rprx-vision&security=reality&sni=${REALITY_SNI_ENC}&fp=chrome&pbk=${REALITY_PBK_ENC}&sid=${REALITY_SID_ENC}&spx=%2F&type=tcp#Reality-Main
|
||||
vless://${UUID}@${VPS_IP}:443?type=tcp&security=reality&encryption=none&flow=xtls-rprx-vision&sni=${REALITY_SNI_ENC}&fp=chrome&pbk=${REALITY_PBK_ENC}&sid=${REALITY_SID_ENC}&spx=%2F#Reality-Main
|
||||
|
||||
========== Hysteria2 (备用) ==========
|
||||
hy2://${HY2_PASSWORD_ENC}@${DOMAIN}:8443?sni=${DOMAIN_SNI_ENC}#Hysteria2-Backup
|
||||
|
||||
@@ -66,6 +66,7 @@ def build_config(env: dict[str, str], nodes: list[dict]) -> dict:
|
||||
},
|
||||
"inbounds": [
|
||||
{
|
||||
"tag": "vless-reality-in",
|
||||
"listen": "0.0.0.0",
|
||||
"port": 443,
|
||||
"protocol": "vless",
|
||||
|
||||
@@ -0,0 +1,39 @@
|
||||
#!/usr/bin/env bash
|
||||
# 一键修复 VLESS Reality:拉代码、重渲染配置、重启服务、诊断
|
||||
set -euo pipefail
|
||||
|
||||
ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
||||
|
||||
[[ $EUID -eq 0 ]] || { echo "请使用 root 运行: sudo bash scripts/repair-reality.sh"; exit 1; }
|
||||
|
||||
export JIEDIAN_ROOT="$ROOT"
|
||||
|
||||
echo "[1/5] 更新代码 ..."
|
||||
if [[ -d "$ROOT/.git" ]]; then
|
||||
git -C "$ROOT" pull --ff-only || echo "(git pull 跳过,请手动同步代码)"
|
||||
fi
|
||||
|
||||
echo "[2/5] 检查 443 监听进程 ..."
|
||||
if ss -tlnp 2>/dev/null | grep -q ':443'; then
|
||||
ss -tlnp | grep ':443' || true
|
||||
else
|
||||
echo " 443 端口未监听"
|
||||
fi
|
||||
|
||||
if [[ -f /etc/sing-box/config.json ]] && grep -q vless-reality /etc/sing-box/config.json 2>/dev/null; then
|
||||
echo "[!] sing-box 仍含 VLESS Reality,执行迁移 ..."
|
||||
bash "$ROOT/scripts/migrate-xray-reality.sh"
|
||||
else
|
||||
echo "[3/5] 渲染 Xray + sing-box 配置 ..."
|
||||
python3 "$ROOT/scripts/render-xray.py"
|
||||
python3 "$ROOT/scripts/render-server.py"
|
||||
echo "[4/5] 重启服务 ..."
|
||||
systemctl restart xray sing-box jiedian-panel
|
||||
fi
|
||||
|
||||
echo "[5/5] 诊断 ..."
|
||||
bash "$ROOT/scripts/verify-reality.sh"
|
||||
|
||||
echo ""
|
||||
echo "完成。请在面板重新复制 VLESS 链接,删除 v2rayNG 旧节点后重新导入。"
|
||||
echo "若仍失败,请执行: journalctl -u xray -n 50 --no-pager"
|
||||
@@ -57,7 +57,7 @@ fi
|
||||
if command -v xray &>/dev/null && [[ -n "${REALITY_PRIVATE_KEY:-}" ]]; then
|
||||
echo ""
|
||||
echo "========== 公钥配对 =========="
|
||||
DERIVED="$(xray x25519 -i "$REALITY_PRIVATE_KEY" 2>/dev/null | awk '/Public key/ {print $3}')"
|
||||
DERIVED="$(xray x25519 -i "$REALITY_PRIVATE_KEY" 2>/dev/null | awk '/Public key/ {print $3; exit} /Password/ {print $3; exit}')"
|
||||
if [[ -n "$DERIVED" ]]; then
|
||||
if [[ "$DERIVED" == "${REALITY_PUBLIC_KEY:-}" ]]; then
|
||||
echo "公钥与私钥配对: 是"
|
||||
|
||||
Reference in New Issue
Block a user