This is a simple docker image which starts up in just a few seconds and launch a proxy-server ready to accept client connections. This proxy-server does not encrypt your data, but it can masquerade your traffic as a regular TLS-connection. To unauthorized users your proxy-server will look like a harmless site.
To get it running, just copy & paste the snippet below in your terminal:
sudo docker run -d --rm -p 443:443 -v xtls-reality-volume:/opt/xray/config --name xtls-reality sensemilla/xtls-realityThe XTLS-Reality proxy server will be up and ready to accept connections on port 443.
To get more detailed information, go to Quick Start.
| Variable | Description | Default value |
|---|---|---|
| SNI | A website address for masquerade. It must support TLSv1.3 and HTTP/2 | www.samsung.com |
| SNI_PORT | Some websites may use a port that differs from standard 443. | 443 |
| MY_HOST | If you specify this variable then it will be used instead of IP. This may help neutralize the Deep Packet Inspection. | localhost |
| MY_PORT | You need to specify this variable if you want to run this proxy using a port that differs from 443. This may also help with DPI. | 443 |
| SHORT_ID | Short ID. You can generate any 32-bit number in HEX-format | aabbccdd |
After container was run using docker run or docker compose up command, it's possible to execute additional commands using docker exec command. For example, sudo docker exec xtls-reality bash get-client-qr.sh. See table below to get the full list of supported commands.
| Command | Description |
|---|---|
get-client-qr.sh |
Outputs a QR-code with client settings. You can scan this code by a mobile application (for exampe, v2rayNG) and get a quick connection. |
get-client-settings.sh |
Outputs a client settings in text form |
regenerate-client-settings.sh |
Generate a new UUID, Private and Public key. Docker container must be reload |
- Any hardware or vps/vds server running Linux. You must have administrative rights on this machine.
- Docker installation on your server.For more information please see https://docs.docker.com/engine/install/
- Your server must have a public IP-address
You can run XTLS-reality proxy server in two ways of your choice: docker run or docker compose.
Pull the latest version of XTLS-reality-docker image:
sudo docker pull sensemilla/xtls-reality:latestCopy & paste the following command to run XTLS-reality-docker:
sudo docker run -d --rm \
-p 443:443 \
-e SNI=YOUR_SNI \
-e SHORT_ID=YOUR_SHORT_ID \
-e MY_HOST=myfreehostname.com \
-e MY_PORT=443 \
-v xtls-reality-volume:/opt/xray/config \
--name xtls-reality sensemilla/xtls-reality:latest
-p 443 accordingly. For example, with MY_PORT=1234 it becomes -p 1234:443.
To check a status of the container you can execute the following command
sudo docker psThe output should look like this
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0e7c45766619 sensemilla/xtls-reality "/bin/bash ./entrypo…" 8 seconds ago Up 7 seconds 0.0.0.0:443->443/tcp, :::443->443/tcp xtls-realityThe another way of start up XTLS-reality proxy-server is docker compose. Docker compose saves all startup options in a special file and can automatically restart containers if they fail. Firts of all you must install docker compose plugin. For more information please see https://docs.docker.com/compose/install/linux/
After install docker compose plugin clone this git repository:
git clone https://github.com/sen-semilla/xtls-reality-dockerChange your work directory and run docker compose
cd xtls-reality-docker
docker compose up -ddocker-compose.yaml file before launch docker compose or leave a default values.
To check a status of the container you can execute the following command
sudo docker psThe output should look like this
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0e7c45766619 sensemilla/xtls-reality "/bin/bash ./entrypo…" 8 seconds ago Up 7 seconds 0.0.0.0:443->443/tcp, :::443->443/tcp xtls-realityAfter run XTLS-reality docker you can get a settings for client connection. You have a two ways for get connection: QR-code or text form. To get the QR code, run the following command
sudo docker exec xtls-reality bash get-client-qr.shThe result will be a generated QR-code in your terminal as shown below
To get the text form settings, run the following command
sudo docker exec xtls-reality bash get-client-settings.shThe result will be a text settings in your terminal as shown below
IP Address: XXX.XXX.XXX.XXX
UUID: e4a047bb-fd0a-4742-b52d-4ef83fae4ef2
Public key: gF5RvoxnC5btsqZ9YvNLtH-gaUfcrDXDLif-NM7oFQ4
SNI: www.samsung.com
ShortID: aabbccddYou can use various proxy client programs to connect to your XTLS reality proxy.
If you use windows you can use NekoBox
In NekoBox window select Preferences - Basic Settings - Core and set sing-box button
I personally recommend using Throne. Why? Because NekoBox is outdated and not supported anymore.
If you use android you can install v2rayNG
To connection v2rayNG select Import config from QRcode and scan QR-code with your settings.
As a result you should have a new connection in the list.
Activate it and use your XTLS-reality proxy.
To stop and remove your XTLS-reality-docker container execute the following command
sudo docker rm --force xtls-reality Your settings (UUID, Private and Public keys) storaged in special docker volume. So they won't change when you delete a container and start a new one. If you desire remove all your settings execute the following command after stop and remove docker container.
sudo docker volume rm xtls-reality-volume