一、安装相关依赖
ArchLinux
pacman -S gcc
目前仅支持python3.11.9的版本
pacman -U python311-3.11.9-2-x86_64.pkg.tar.zst
Ubuntu
sudo su
apt update && apt-get upgrade && apt-get install gcc python3-pip python3-virtualenvwrapper
Oracle Linux
sudo su
yum update && yum install python-pip
pip install virtualenvwrapper
代理软件
安装xray-core
pacman -U xray*
Ubuntu/Oracle Linux
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install
更新地理信息
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install-geodata
二、安装Nginx
ArchLinux
pacman -S nginx nginx-mod-cache_purge nginx-mod-geoip2 nginx-mod-vts
Ubuntu
apt install nginx
Oracle Linux
yum install nginx
nano -w /etc/nginx/nginx.conf
include vhost/*.conf;
}
mkdir /etc/nginx/vhost && cd /etc/nginx/vhost
nano -w default_ssl.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name v.example.com;
ssl_certificate /etc/nginx/ssl/v.example.com.pem;
ssl_certificate_key /etc/nginx/ssl/v.example.com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
root /srv/http/marzban;
index index.php;
#charset koi8-r;
access_log /var/log/nginx/v.example.com.access.log;
error_log /var/log/nginx/v.example.com.error.log;
# 禁止DNS缓存
resolver_timeout 0;
expires epoch;
# 禁用游览器缓存
add_header Cache-Control "no-cache, no-store, must-revalidate";
add_header Pragma "no-cache";
add_header Expires 0;
set $skip_cache 1;
proxy_cache_bypass $skip_cache;
proxy_no_cache $skip_cache;
location ~* /(static|dashboard|sub|api|docs|redoc|openapi.json) {
proxy_pass http://0.0.0.0:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# xray-core ws-path: /
# client ws-path: /marzban/me/2087
#
# 所有流量通过 443 端口进行代理,然后分发至真正的 xray 端口(2087、2088 等等)。
# 路径中的 “/marzban” 可以改为任意合法 URL 字符.
#
# /${path}/${username}/${xray-port}
location ~* /marzban/.+/(.+)$ {
proxy_redirect off;
proxy_pass http://127.0.0.1:$1/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
三、安装数据库
ArchLinux
pacman -S mariadb
Ubuntu
apt-get install mysql-server
启动 MariaDB 服务并设置开机启动
systemctl start mariadb
systemctl enable mariadb
初始化数据库
mariadb-install-db --user=mysql --basedir=/usr --datadir=/srv/mysql
修改数据库数据目录
nano -w /etc/my.cnf.d/server.cnf
[mysqld]
datadir = /srv/mysql
nano -w /etc/my.cnf.d/mysql-clients.cnf
[mysql]
password = password
重新启动MariaDB
systemctl restart mariadb
进入系统修改密码
mysql> ALTER USER USER() IDENTIFIED BY 'password';
创建数据库
mysql> CREATE DATABASE marzban CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
mysql> CREATE USER 'marzban'@'localhost' IDENTIFIED BY 'password';
mysql> GRANT ALL PRIVILEGES ON marzban.* TO 'marzban'@'localhost';
mysql> FLUSH PRIVILEGES;
五、安装Marzban
安装虚拟环境
ArchLinux
cd /srv
set VIRTUALENVWRAPPER_PYTHON=/usr/bin/python3.11
/usr/bin/virtualenvwrapper.sh marzban_env
/usr/bin/python3.11 -m venv /srv/marzban_env
/srv/marzban_env/bin/pip install --upgrade pip
Ubuntu
cd /srv
source /usr/share/virtualenvwrapper/virtualenvwrapper.sh
/usr/bin/python3 -m venv /srv/marzban_env
/srv/marzban_env/bin/pip install --upgrade pip
Oracle Linux
cd /srv
/usr/local/bin/virtualenvwrapper.sh marzban_env
/usr/bin/python -m venv /srv/marzban_env
/srv/marzban_env/bin/pip install --upgrade pip
git clone https://github.com/Gozargah/Marzban.git
cd Marzban
修改requirements.txt
#grpcio==1.50.0
#grpcio-tools==1.44.0
grpcio==1.59.3
grpcio-tools==1.59.3
#protobuf==3.20.3
protobuf==4.21.6
#typing_extensions==4.4.0
typing_extensions==4.6.0
#PyYAML==6.0
PyYAML==6.0.1
#psycopg2-binary==2.9.7
psycopg2-binary-2.9.9
#cffi==1.15.1
cffi==1.16.0
#httptools==0.5.0
httptools==0.6.1
#Pillow==9.4.0
Pillow==10.4.0
#uvloop==0.17.0
uvloop==0.19.0
#pycparser==2.21
pycparser==2.22
#greenlet==2.0.1
greenlet==3.0.3
/srv/marzban_env/bin/pip3 install -r requirements.txt
修改配置文件
cp .env.example .env
mkdir /var/lib/marzban
nano .env
UVICORN_HOST = "0.0.0.0"
UVICORN_PORT = 8000
## We highly recommend add admin using `marzban cli` tool and do not use
## the following variables which is somehow hard codded infrmation.
SUDO_USERNAME = "admin"
SUDO_PASSWORD = "password"
# UVICORN_UDS: "/run/marzban.socket"
# UVICORN_SSL_CERTFILE = "/var/lib/marzban/certs/example.com/fullchain.pem"
# UVICORN_SSL_KEYFILE = "/var/lib/marzban/certs/example.com/key.pem"
# XRAY_JSON = "xray_config.json"
# XRAY_SUBSCRIPTION_URL_PREFIX = "https://example.com"
# XRAY_SUBSCRIPTION_PATH = sub
# XRAY_EXECUTABLE_PATH = "/usr/local/bin/xray"
# XRAY_ASSETS_PATH = "/usr/local/share/xray"
# XRAY_EXCLUDE_INBOUND_TAGS = "INBOUND_X INBOUND_Y"
# XRAY_FALLBACKS_INBOUND_TAG = "INBOUND_X"
# TELEGRAM_API_TOKEN = 123456789:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
# TELEGRAM_ADMIN_ID = 987654321, 123456789
# TELEGRAM_LOGGER_CHANNEL_ID = -1234567890123
# TELEGRAM_DEFAULT_VLESS_FLOW = "xtls-rprx-vision"
# TELEGRAM_PROXY_URL = "http://localhost:8080"
# DISCORD_WEBHOOK_URL = "https://discord.com/api/webhooks/xxxxxxx"
# CUSTOM_TEMPLATES_DIRECTORY="/var/lib/marzban/templates/"
# CUSTOM_TEMPLATES_DIRECTORY="/srv/Marzban/templates/"
# CLASH_SUBSCRIPTION_TEMPLATE="clash/my-custom-template.yml"
# SUBSCRIPTION_PAGE_TEMPLATE="subscription/index.html"
# SUBSCRIPTION_PAGE_TEMPLATE="subscription/index.html"
# HOME_PAGE_TEMPLATE="home/index.html"
# Set headers for subscription
# SUB_PROFILE_TITLE = "Susbcription"
# SUB_SUPPORT_URL = "https://t.me/support"
# SUB_UPDATE_INTERVAL = "12"
# SQLALCHEMY_DATABASE_URL = "sqlite:///db.sqlite3"
SQLALCHEMY_DATABASE_URL = "mysql+pymysql://marzban:password@127.0.0.1:3306/marzban?charset=utf8"
### for developers
# DOCS=true
# DEBUG=true
# If You Want To Send Webhook To Multiple Server Add Multi Address
# WEBHOOK_ADDRESS = "http://127.0.0.1:9000/,http://127.0.0.1:9001/"
# WEBHOOK_SECRET = "something-very-very-secret"
# VITE_BASE_API="https://example.com/api/"
# JWT_ACCESS_TOKEN_EXPIRE_MINUTES = 1440
初始化数据
/srv/marzban_env/bin/pip3 install alembic
/srv/marzban_env/bin/pip3 install uvicorn
/srv/marzban_env/bin/alembic upgrade head
修复时区bug,因为过期时间存储的timestamp,并且使用字符串传过来的,所以带了时区信息,这里需要比较的时候使用系统时间来做判断
当然了, 管理浏览器的时区需要和服务器的时区一致,否则会出现问题
nano -w /srv/Marzban/app/jobs/review_users.py
def review():
now = datetime.now()
运行起来
/srv/marzban_env/bin/python3 main.py
也可使用 linux systemctl 启动:
nano -w /usr/lib/systemd/system/marzban.service
[Unit]
Description=Marzban Service
Documentation=https://github.com/gozargah/marzban
After=network.target nss-lookup.target
[Service]
ExecStart=/srv/marzban_env/bin/python3 /srv/Marzban/main.py
Restart=on-failure
WorkingDirectory=/srv/Marzban
[Install]
WantedBy=multi-user.target
systemctl enable marzban.service
systemctl start marzban
创建管理员用户
/srv/marzban_env/bin/python3 marzban-cli.py admin create --sudo
更多命令请查看
/srv/marzban_env/bin/python3 marzban-cli.py help
六、安装MarzBan节点
下载软件包
cd /srv && git clone https://github.com/Gozargah/Marzban-node
cd Marzban-node
创建虚拟运行环境
ArchLinux
目前仅支持python3.11.9的版本
pacman -S gcc
pacman -U python311-3.11.9-2-x86_64.pkg.tar.zst
pacman -S gcc python-pip python-virtualenvwrapper
Ubuntu
sudo su
apt update && apt-get upgrade && apt-get install python3-pip python3-virtualenvwrapper
Oracle Linux
sudo su
yum update && yum install python-pip
pip install virtualenvwrapper
ArchLinux
cd /srv
set VIRTUALENVWRAPPER_PYTHON=/usr/bin/python3.11
/usr/bin/virtualenvwrapper.sh marzban_env
/usr/bin/python3.11 -m venv /srv/marzban_env
/srv/marzban_env/bin/pip install --upgrade pip
Ubuntu
cd /srv
source /usr/share/virtualenvwrapper/virtualenvwrapper.sh
apt install python3.12-venv
/usr/bin/python3 -m venv /srv/marzban_env
/srv/marzban_env/bin/pip install --upgrade pip
Oracle Linux
cd /srv
/usr/local/bin/virtualenvwrapper.sh marzban_env
/usr/bin/python -m venv /srv/marzban_env
/srv/marzban_env/bin/pip install --upgrade pip
全部都要
cd Marzban-node
/srv/marzban_env/bin/pip install -r requirements.txt
生成证书
mkdir -p /var/lib/marzban-node
cp .env.example .env
nano -w .env
XRAY_EXECUTABLE_PATH = /usr/bin/xray
XRAY_ASSETS_PATH = /usr/share/xray
到主服务器上复制证书,然后写入到证书文件中
nano -w /var/lib/marzban-node/ssl_client_cert.pem
七、服务自动启动
nano -w /usr/lib/systemd/system/marzban-node.service
[Unit]
Description=Marzban Service
Documentation=https://github.com/gozargah/marzban
After=network.target nss-lookup.target
[Service]
ExecStart=/srv/marzban_env/bin/python3 /srv/Marzban-node/main.py
Restart=on-failure
WorkingDirectory=/srv/Marzban-node
[Install]
WantedBy=multi-user.target
systemctl enable marzban-node.service
systemctl start marzban-node
如果节点和主服务器的架构不一样,请把小众架构的机器设置成rest协议
nano -w config.py
#SERVICE_PROTOCOL = config('SERVICE_PROTOCOL', cast=str, default='rpyc')
SERVICE_PROTOCOL = config('SERVICE_PROTOCOL', cast=str, default='rest')
八、给订阅页面增加下载链接
nano -w app/templates/subscription/index.html
<h2>Links:</h2>
<ul>
...
</ul>
后面增加
<h2>Downloads:</h2>
<ul>
<li>
<p>Windows:
<br> <a href="https://github.com/2dust/v2rayN/releases/download/6.29/v2rayN-32.zip">win32</a>
<a href="https://github.com/2dust/v2rayN/releases/download/6.29/v2rayN-With-Core.zip">win64</a>
<a href="https://github.com/2dust/v2rayN/releases/download/6.29/v2rayN-arm64.zip">arm64</a>
</p>
</li>
<li>
<p>
MacOS:
<br> <a href="https://apps.apple.com/app/foxray/id6448898396">macOS</a>
</p>
</li>
<li>
<p>
iOS:
<br> <a href="https://apps.apple.com/app/foxray/id6448898396">iOS</a>
</p>
</li>
</ul>
也可以自定义订阅页面
cp index /srv/Marzban/templates/subscription
修改配置文件
CUSTOM_TEMPLATES_DIRECTORY="/srv/Marzban/templates/"
创建静态目录
mkdir -p /srv/Marzban/app/dashboard/public
cp static /srv/Marzban/
本地化cdn的相关资源
cd /srv/Marzban/
mkdir -p static/{css,js}
cd static/js
wget -O full.css https://cdn.jsdelivr.net/npm/daisyui@3.7.3/dist/full.css
wget -O font-face.css https://cdn.jsdelivr.net/gh/rastikerdar/shabnam-font@v5.0.1/dist/font-face.css
wget -O be-vietnam-pro.css https://fonts.cdnfonts.com/css/be-vietnam-pro
cd ../js
wget -O alpinejs-i18n.min.js https://cdn.jsdelivr.net/npm/alpinejs-i18n@2.4.0/dist/cdn.min.js
wget -O collapse.min.js https://unpkg.com/@alpinejs/collapse@3.x.x/dist/cdn.min.js
wget -O flowbite.min.js https://cdnjs.cloudflare.com/ajax/libs/flowbite/1.8.1/flowbite.min.js
wget -O alpinejs.min.js https://unpkg.com/alpinejs
wget -O bhenfmcm.js https://cdn.lordicon.com/bhenfmcm.js
wget -O qrcode.min.js https://cdn.rawgit.com/davidshimjs/qrcodejs/gh-pages/qrcode.min.js
修改python,增加static的目录
nano -w app/__init__
from fastapi.staticfiles import StaticFiles
# 设置静态文件目录 /static name="static" 为挂载点 可选
app.mount("/static", StaticFiles(directory="static"), name="static")
九、啃爹的Oracle VPS开了防火墙
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
apt-get purge netfilter-persistent