Initial README: Juris server config (LXD, network, storage, Xray)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-08 07:17:30 +00:00
commit abe4820745
1 changed files with 124 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,124 @@
 # Juris Server
 Documentation and configuration reference for the Juris remote server.
 ## Hardware & OS
 - **OS**: Ubuntu 24.04.3 LTS
 - **Kernel**: 6.8.0-100-generic
 - **Public IP**: `83.99.190.32`
 - **LAN IP**: `192.168.54.230/24` (via `eno1`, DHCP from router at `192.168.54.254`)
 ## Storage Layout
 | Disk | Size | VG | LV | Mount | Use |
 |------|------|----|----|-------|-----|
 | `sda` (old SSD) | 223GB | `oldssdg` | `oldssd` | `/mnt/hdd2` | spare/unused |
 | `sdb` (HDD) | 931GB | `ubuntu-vg` | `ubuntu-lv` | `/` (OS) | 100GB |
 | `sdb` (HDD) | 931GB | `ubuntu-vg` | `data` | `/mnt/data` | 828GB |
 ### /mnt/data contents
 | Path | Size | Purpose |
 |------|------|---------|
 | `/mnt/data/shared` | 408GB | File sharing (copyparty) |
 | `/mnt/data/copyparty` | — | copyparty config/state |
 ## Network
 - **Interface**: `eno1` (MAC `8c:dc:d4:40:0d:96`)
 - **IP**: `192.168.54.230/24`, gateway `192.168.54.254` (DHCP)
 - **Public access**: via router NAT (port forwarding to `192.168.54.230`)
 ### Port Forwarding (router → Juris)
 | External Port | Internal | Service |
 |--------------|----------|---------|
 | 443 | → LXD proxy → xray container | Xray VPN (VLESS+XHTTP+Reality) |
 | 16627 | → LXD proxy → xray container | x-ui admin panel |
 | 22 | 22 | SSH |
 ## LXD
 LXD manages the `xray` container. The host forwards ports 443 and 16627 into the container via LXD proxy devices.
 ### Storage pool
 | Name | Driver | Source |
 |------|--------|--------|
 | `default` | dir | `/var/snap/lxd/common/lxd/storage-pools/default` |
 ### Network
 | Name | Type | Subnet |
 |------|------|--------|
 | `lxdbr0` | bridge (managed) | `10.187.159.1/24` |
 ### Container: xray
 | Setting | Value |
 |---------|-------|
 | Image | Ubuntu 24.04 LTS (noble), amd64 |
 | IP | `10.187.159.41` (via `lxdbr0`) |
 | State | RUNNING |
 | Profile | default |
 **Proxy devices** (host → container):
 | Device | Listen | Connect |
 |--------|--------|---------|
 | `proxy-443` | `tcp:0.0.0.0:443` | `tcp:127.0.0.1:443` |
 | `proxy-16627` | `tcp:0.0.0.0:16627` | `tcp:127.0.0.1:16627` |
 **Services inside xray container**:
 | Service | Description |
 |---------|-------------|
 | `x-ui` | Xray panel — manages Xray config and inbounds |
 | Xray (via x-ui) | VLESS+XHTTP+Reality inbound on port 443 |
 ### Useful commands
 ```bash
 # Enter xray container
 lxc exec xray -- bash
 # Check xray config
 lxc exec xray -- cat /usr/local/x-ui/bin/config.json
 # Restart x-ui (and xray)
 lxc exec xray -- systemctl restart x-ui
 # View x-ui logs
 lxc exec xray -- journalctl -u x-ui -f
 ```
 ## Xray VPN Configuration
 See [ai-xray repo](http://localhost:3000/alvis/ai-xray) for full benchmark and config details.
 **Active config**: VLESS + XHTTP + Reality
 | Setting | Value |
 |---------|-------|
 | Protocol | VLESS |
 | Transport | XHTTP |
 | Security | Reality |
 | Reality destination | `www.delfi.lv:443` |
 | Allowed SNIs | `www.delfi.lv`, `www.lmt.lv`, `www.inbox.lv`, `e-klase.lv` |
 | XHTTP path | `/xt-6036d37d` |
 | Port | 443 |
 x-ui panel: `https://share.alogins.net:16627/gBdsRLtVZdgZ63wmVR/`
 ## Monitoring
 Zabbix agent 2 running on the host in active mode → reports to `zb.alogins.net:10051`.
 Zabbix host: **Juris Server** (template: Linux by Zabbix agent active).
 ## Access
 | Method | Details |
 |--------|---------|
 | SSH | `ssh juris@83.99.190.32` (key auth) |
 | sudo | password required (`[redacted]`) |