ShellClash#
A CLI tool for forward proxying on Linux. Achieved by importing the standard Clash
config.yaml.
Tg notification channel: https://t.me/ShellClash
bash -c "$(curl -kfsSl https://raw-githubusercontent-com.acofork.us.kg/juewuy/ShellClash/master/install.sh)" && source /etc/profile &> /dev/null
Open CLI: clash, crash
Import configuration file: 6-2
Install local web panel: 9-4-1
Auto-start on boot: 4-1
Vless General Configuration (Unencrypted)#
{
"inbounds": [
{
"port": 1080, // Listening port, can be modified as needed
"protocol": "vless", // Using VLESS protocol
"settings": {
"clients": [
{
"id": "0721-07210721onani", // This is a UUID used to identify the user
"level": 0, // User level, set to 0 for regular users
"email": "[email protected]" // User email (optional)
}
],
"decryption": "none" // Set to none, indicating no encryption
},
"streamSettings": {
"network": "tcp", // Using TCP network
"security": "none" // No encryption used, suitable for VLESS
}
}
],
"outbounds": [
{
"protocol": "freedom", // Allow free traffic to pass
"settings": {}
}
],
"routing": {
"rules": []
}
}
AMD Laptop Optimization#
Objective: Disable fTPM and prevent system reinstallation, disable Windows automatic updates
- Disable fTPM: Group Policy Editor:
Computer Configuration - Administrative Templates - System - Device Installation - Device Installation Restrictions - Prevent installation of devices that match any of these device instance IDsFill in: the value fromDetails - Device Instance Pathof Trusted Platform Module 2.0 in Device Manager - Disable Windows automatic updates: In
Computer Configuration - Administrative Templates - Windows Components - Windows Update:- Configure Automatic Updates - Disabled
- Remove access to all using Windows Update - Enabled
- Do not connect to any Windows Update Internet locations - Enabled
- Windows Update does not include driver updates - Enabled
VPS Fusion Monster Test Script#
bash <(curl -sL kejilion.sh)
- Fusion monster test: 8-32
- IP purity test: 8-4
VPS One-Click Magic Script#
- Hysteria2 (UDP):
bash <(curl -fsSL https://raw.githubusercontent.com/0x0129/hysteria2/main/install.sh) -port 0721
- Vless+Trojan+Shadowsocks:
bash <(curl -s -L https://git.io/v2ray.sh)
- x-ui:
bash <(curl -Ls https://raw.githubusercontent.com/vaxilu/x-ui/master/install.sh)
Hysteria2 Server Setup (Universal for All Platforms)#
- Download Hysteria2 executable: https://github.com/apernet/hysteria/releases
- Create a self-signed SSL/TLS certificate:
- Create private key:
openssl genpkey -algorithm RSA -out hy2.key - Create certificate signing request:
openssl req -new -key hy2.key -out hy2.csr - Create certificate:
openssl x509 -req -in hy2.csr -signkey hy2.key -out hy2.crt -days 9999
- Create private key:
config.yaml:
listen: :443
tls:
cert: hy2.crt
key: hy2.key
auth:
type: password
password: 0721
masquerade:
type: proxy
proxy:
url: https://news.ycombinator.com/
rewriteHost: true
- Start Hysteria2 with parameters:
server - V2Ray client connection direct link:
hysteria2://[email protected]:443?sni=bing.com&insecure=1#HomeCloud
Cloudflare One-Click Magic#
Download https://github.com/cmliu/edgetunnel/archive/refs/heads/main.zip and upload it to Cloudflare Pages to set UUID. Access https://yourdomain.pages.dev/UUID
Cloudflare Preferred Methods#
A, AAAA, CNAME#
- Domain B directly uses CDN pointing to the origin
- Domain B enables SaaS, sets fallback source to point to the origin domain, custom hostname to domain A
- Domain B points to the preferred domain without using CDN
- Domain A points to the preferred domain that domain B points to, without using CDN
Cloudflare Pages#
- Directly create a custom domain in Pages
- Change subdomain NS to Alibaba Cloud DNS
- Set up resolution diversion in Alibaba Cloud DNS
Cloudflare Workers#
- Directly create routes in Workers, e.g., example.com/*
- Resolve the domain set by the route to the preferred domain
Cloudflare Preferred Domains#
cf.090227.xyz
cloudflare.182682.xyz
- Mobile Happiness:
cf-saas.asia
Magic Software#
Windows:
Linux:
Use Cloudflared to Relay RDP Traffic#
cloudflared access rdp --hostname rdp.onani.cn --url rdp://localhost:3380
FRP Related#
FRP Basic Authentication Parameters#
auth.token = "0721"
FRP systemd Service Configuration (Auto-start on Boot)#
- Create frps.service file
sudo nano /etc/systemd/system/frps.service
- Copy the following content into the file
[Unit]
# Service name, customizable
Description = frp server
After = network.target syslog.target
Wants = network.target
[Service]
Type = simple
# Command to start frps, modify to your frps installation path
ExecStart = /path/to/frps -c /path/to/frps.toml
[Install]
WantedBy = multi-user.target
Install Speedtest-cli on Linux Deb-based Systems#
apt install -y lsb-release ca-certificates apt-transport-https curl gnupg dpkg
curl -sSL https://packagecloud.io/ookla/speedtest-cli/gpgkey | gpg --dearmor > /usr/share/keyrings/speedtest.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/speedtest.gpg] https://packagecloud.io/ookla/speedtest-cli/debian/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/speedtest.list
apt update
apt install -y speedtest
Linux Monitoring Panel:#
apt install s-tui
Windows Super Awesome Package Manager: https://scoop.sh#
Installation Notes for Various Linux Distributions#
- Very new versions generally only have drivers for Realtek wired network cards
- Installing Debian should use CLI installation (GUI installation may cause issues
I forgot the specific issue) - Installing CentOS/Rocky must first install GUI, otherwise it will lead to network issues
- Except for Arch, which uses iwd to connect to the network, other distributions can use nmcli to connect to the network
Domestic Linux Mirror Notes#
- USTC (University of Science and Technology of China source) often uses JavaScript for client verification, which may cause wget and curl commands to fail to download files correctly. It is recommended to use TUNA (Tsinghua source)
Domestic Docker Mirrors#
- 1Panel Docker Monitoring: https://status.1panel.top/status/docker
- Nanjing University GHCR Mirror: https://ghcr.nju.edu.cn