ansible/roles/xray-vps-setup/tasks/end_xray.yml

---
- name: Ensure config directories exist
  become: true
  file:
    path: "{{ item }}"
    state: directory
    owner: root
    group: root
    mode: '0755'
  loop:
    - /etc/xray
    - /etc/sing-box


- name: Normalize generated values
  set_fact:
    uuid: "{{ xray_uuid.stdout }}"
    pbk: "{{ x25519_pbk.stdout }}"
    sid: "{{ short_id.stdout }}"
  no_log: true


- name: Build configs
  set_fact:
    vless_url: "vless://{{ uuid }}@{{ domain }}:443?type=tcp&security=reality&pbk={{ pbk }}&fp=chrome&sni={{ domain }}&sid={{ sid }}&spx=%2F&flow=xtls-rprx-vision"

    xray_outbound:
      tag: default
      protocol: vless
      settings:
        vnext:
          - address: "{{ domain }}"
            port: 443
            users:
              - id: "{{ uuid }}"
                encryption: none
                flow: xtls-rprx-vision
      streamSettings:
        network: tcp
        security: reality
        realitySettings:
          serverName: "{{ domain }}"
          fingerprint: chrome
          publicKey: "{{ pbk }}"
          shortId: "{{ sid }}"
          spiderX: ""

    singbox_outbound:
      type: vless
      server: "{{ domain }}"
      server_port: 443
      uuid: "{{ uuid }}"
      flow: xtls-rprx-vision
      tls:
        enabled: true
        insecure: false
        server_name: "{{ domain }}"
        utls:
          enabled: true
          fingerprint: chrome
        reality:
          enabled: true
          public_key: "{{ pbk }}"
          short_id: "{{ sid }}"
  no_log: true


- name: Write XRay outbound config
  become: true
  copy:
    dest: /etc/xray/outbound.json
    content: "{{ xray_outbound | to_nice_json }}"
    owner: root
    group: root
    mode: '0600'


- name: Write Sing-box outbound config
  become: true
  copy:
    dest: /etc/sing-box/outbound.json
    content: "{{ singbox_outbound | to_nice_json }}"
    owner: root
    group: root
    mode: '0600'


- name: Print connection URL
  debug:
    msg: "{{ vless_url }}"