Skip to content
/ marzban-haproxy-ansible Public

Automation for Unified GUI Censorship Resistant Solution Powered by Xray

License

MIT license
20 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

v-kamerdinerov/marzban-haproxy-ansible

BranchesTags

Repository files navigation

marzban-haproxy-ansible

GitHub CI Status GitHub GitHub tag

Typing SVG

English / Русский

This repository will contain the configuration of VPS servers from scratch, to a fully working production ready solution for anonymization - Marzban.

Marzban is a proxy management tool that provides a simple and easy-to-use user interface for managing hundreds of proxy accounts powered by Xray-core. More.

Features

  • Fully automatic preparation and installation on fresh vps servers
  • Configuration for main nodes and for individual additional nodes
  • Ability to change SSH port fully automatically
  • Configuration of system limits, sysctl
  • Variable installation with separate MariaDB SQL instance (default == true)
  • Variable installation of xanmod kernel with BBR3 tweak (default == true)
  • Variable installation of warp (default == false)
  • Blocking of all ports except SSH (including custom), web based (80/443) and those used for marzban node-api.
  • and more

Requirements

  • Linux VPS servers with Ubuntu 20/22/24 installed.
  • Own a domain name

If you are using an additional node, it is important that the domain name matches the following pattern {{ inventory_hostname }}.{{ marzban_domain }}.

  • Ansible 2.14.1 or higher

Preparation

Make an inventory file hosts.yml using the data from your VPS:

---
all:
  children:
    marzban:
      children:
        marzban_main:
          hosts:
            main:
              ansible_host: 66.77.44.33
              ansible_port: 22
              marzban_roles:
                - panel
        marzban_nodes:
          hosts:
            node1:
              ansible_host: 88.43.44.22
              ansible_port: 22
              marzban_roles:
                - node

In ansible.cfg fill out next following lines:

remote_user = ubuntu
private_key_file = /path/to/private.key

Configuration

The basic configuration is done in group_vars ansible.

WARNING Be careful how you fill in the variables, each of them is documented and it is very important for proper operation after the playbook is rolled out.

  • ./group_vars/marzban/marzban.yml - universal, common variables for all nodes used. (domain, sni, common settings)

Example:

# Main domain for the Marzban panel/reality
marzban_domain: example-domain.com

...

# SNI for traffic masking
marzban_sni: "discord.com"

...

# Time zone configuration
common_timezone: "Europe/Moscow"
  • ./group_vars/marzban_main/main.yml / ./group_vars/marzban_nodes/main.yml - common variables for each of the nodes - main nodes with the main panel, and minion nodes used for expansion. No configuration is required.
# firewall
common_open_ports:
  - "80"
  - "443"

I'm tired wait, go go go

ansible-playbook marzban-deploy.yml

FAQ

FAQ

ToDo / Plans

  • Adding the ability to use a separate MySQL/MariaDB DB instance
  • Adding possibility to automatically generate Lets Encrypt certificate if it is not present in the inventory
  • Adding new variate inbound like Trojan, Vmess etc
  • Adding automatic backup scripts
  • Add automatic search for the best SNI depending on the region
  • Fix known issues :)

Known issues

Issues

About

Automation for Unified GUI Censorship Resistant Solution Powered by Xray

Topics

ansible reality xray vless marzban

Resources

Readme

License

MIT license
Activity

Stars

20 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases 3

Release 2024.09.15 Latest
Sep 15, 2024
+ 2 releases

Sponsor this project

Packages

No packages published

Languages