Xray REALITY using mack-a script

Posted on Edited on

Here is an overview of how to create an Xray REALITY server using the mack-a script from GitHub.

SSH into your server as root, and update your existing software:

1
apt update && apt upgrade -y

Updating the existing software

Download the mack-a script, make it executable, and run the script:

1
wget -P /root -N --no-check-certificate "https://raw.githubusercontent.com/mack-a/v2ray-agent/master/install.sh" && chmod 700 /root/install.sh && /root/install.sh

Download the mack-a script, make it executable, and run the script

At the end of the script’s run, the main menu is displayed.

Enter option 5 for REALITY

Enter option 5 for REALITY.

Enter option 1 for install

Enter option 1 for install.

Enter UUID

Enter a specific UUID, or just press Enter for a UUID to be generated by the script.

Enter port 443

Enter port 443 or just press Enter for a random port in the range 10000-30000.

Enter camouflage domain and port

Just press Enter for the default camouflage domain and port (addons.mozilla.org:443), or enter another choice, e.g.:

  • gateway.icloud.com:443
  • itunes.apple.com:443
  • download-installer.cdn.mozilla.net:443
  • www.microsoft.com:443
  • www.lovelive-anime.jp:443

When the script completes the installation, it displays client configuration URLs in common format, plain text format, and QR code format:

Client configuration URLs

At this stage, copy the client configuration URL to your PC clipboard.

Just out of interest, the script has divided the server configuration into separate files in the directory /etc/v2ray-agent/xray/conf:

  • 00_log.json
  • 07_VLESS_vision_reality_inbounds.json
  • 08_VLESS_reality_fallback_grpc_inbounds.json
  • 09_routing.json
  • 10_ipv4_outbounds.json
  • 11_dns.json
  • 12_policy.json

Displaying the concatenated files /etc/v2ray-agent/xray/conf/*.json shows an Xray server configuration that looks like this:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
{
  "log": {
    "error": "/etc/v2ray-agent/xray/error.log",
    "loglevel": "warning"
  }
}
{
  "inbounds": [
    {
      "port": 443,
      "protocol": "vless",
      "tag": "VLESSReality",
      "settings": {
        "clients": [
          {
            "id": "5db9f7b9-1065-440f-95a4-0b0998cc277f",
            "email": "5db9f7b9-vless_reality_vision",
            "flow": "xtls-rprx-vision"
          }
        ],
        "decryption": "none",
        "fallbacks": [
          {
            "dest": "31305",
            "xver": 1
          }
        ]
      },
      "streamSettings": {
        "network": "tcp",
        "security": "reality",
        "realitySettings": {
          "show": false,
          "dest": "addons.mozilla.org:443",
          "xver": 0,
          "serverNames": [
            "addons.mozilla.org"
          ],
          "privateKey": "WDc7k0peBdceXYHm12jhou8URCZXCFIsDMEZTJWQdk4",
          "publicKey": "ghlWS04LhrBngVqMlivGFWke_5oK8BcQR-86u22ib0Q",
          "maxTimeDiff": 70000,
          "shortIds": [
            ""
          ]
        }
      },
      "sniffing": {
        "enabled": true,
        "destOverride": [
          "http",
          "tls"
        ]
      }
    }
  ]
}
{
  "inbounds": [
    {
      "port": 31305,
      "listen": "127.0.0.1",
      "protocol": "vless",
      "tag": "VLESSRealityGRPC",
      "settings": {
        "clients": [
          {
            "id": "5db9f7b9-1065-440f-95a4-0b0998cc277f",
            "email": "5db9f7b9-vless_reality_grpc",
            "flow": ""
          }
        ],
        "decryption": "none"
      },
      "streamSettings": {
        "network": "grpc",
        "grpcSettings": {
          "serviceName": "grpc",
          "multiMode": true
        },
        "sockopt": {
          "acceptProxyProtocol": true
        }
      },
      "sniffing": {
        "enabled": true,
        "destOverride": [
          "http",
          "tls"
        ]
      }
    }
  ]
}
{
  "routing": {
    "rules": [
      {
        "type": "field",
        "domain": [
          "domain:gstatic.com"
        ],
        "outboundTag": "direct"
      }
    ]
  }
}
{
    "outbounds":[
        {
            "protocol":"freedom",
            "settings":{
                "domainStrategy":"UseIPv4"
            },
            "tag":"IPv4-out"
        },
        {
            "protocol":"freedom",
            "settings":{
                "domainStrategy":"UseIPv6"
            },
            "tag":"IPv6-out"
        },
        {
            "protocol":"freedom",
            "settings": {},
            "tag":"direct"
        },
        {
            "protocol":"blackhole",
            "tag":"blackhole-out"
        }
    ]
}
{
    "dns": {
        "servers": [
          "localhost"
        ]
  }
}
{
  "policy": {
      "levels": {
          "0": {
              "handshake": 3,
              "connIdle": 259
          }
      }
  }
}

Now exit your SSH session with the server in order to work on your client.

Paste the client configuration URL into your client. For example, you can just do Ctrl+v in v2rayN:

Server configuration URL

Confirm the server configuration, and connect your client to the server:

Client configuration URLs