Analysis updated 2026-06-24
Self-host a multi-protocol proxy panel for a small group
One-click deploy proxy nodes onto VPSes over SSH
Rotate AWS EC2 and Lightsail exit IPs when nodes get blocked
Run a Telegram bot that grants traffic via daily check-ins and mini-games
| vzzoxo/xiaoyizi | xuanlinai/overmind | shootthesound/comfyui-angelo | |
|---|---|---|---|
| Stars | 42 | 43 | 39 |
| Language | JavaScript | JavaScript | JavaScript |
| Setup difficulty | moderate | moderate | moderate |
| Complexity | 4/5 | 4/5 | 3/5 |
| Audience | ops devops | developer | designer |
Figures from each repo's GitHub metadata at analysis time.
One-liner installer pulls Node 22, PM2, Nginx and Let's Encrypt, but you still need a domain and AWS keys before automation works.
xiaoyizi, with a README written in Chinese, is a self-hosted management panel for running a multi-protocol proxy service for one person or a small group. It is built on Node.js 22, Express 5, and SQLite via the better-sqlite3 driver, and runs under PM2. The README says it brings users, nodes, subscriptions, traffic accounting, and day-to-day operations into a single web panel, with support for the VLESS Reality, Shadowsocks, and Hysteria 2 protocols. On the user side the panel handles email signup and login, password recovery, invite codes, user groups, traffic quotas, and expiry freezing. The subscription endpoint auto-detects the client by User-Agent for Clash, Sing-box, v2ray, Shadowrocket, and similar tools, signs links to deter copy-paste theft, applies IP and token rate limits, and runs abuse detection. Nodes are deployed one-click onto any VPS over SSH password or key, with optional SOCKS5 chaining. Health is tracked through a long-lived WebSocket between the panel and a node-side agent, plus liveness checks on xray and Hysteria processes. The automation features are oriented around AWS. The panel manages multiple EC2 and Lightsail accounts, can create instances and rotate IPs (including the Wavelength edge zones), and uses a detection-rotate-sync loop when a node looks blocked from the user's network. UUIDs and subscription tokens rotate on a per-user-group schedule. A Telegram bot ties into all of this: daily check-ins grant traffic, consecutive days bump the user into family, SVIP, or SSVIP tiers at 7, 15, and 30-day thresholds, and three mini-games (a weekly wheel, daily card flip, and daily rock-paper-scissors) hand out small rewards. Bot commands include /me, /sub, and /adminstats. Deployment is a single bash one-liner that fetches install.sh from the repo and runs through system dependencies, Node 22, PM2, code checkout, a generated .env, Nginx with Let's Encrypt SSL, PM2 startup, and a health check, on Debian 11 or Ubuntu 20.04 and up. The first registered user becomes admin. Two required env vars are PANEL_DOMAIN and SESSION_SECRET. The stack also includes EJS templates, Tailwind CSS, AWS SDK v3, and the ws WebSocket library. The security section lists Helmet with a strict Content Security Policy and per-request nonce, CSRF double protection by Origin header and token, login rate limiting and captcha attempt caps, scrypt password hashing with bounded parameters, AES-256-GCM at rest for AWS credentials, optional HMAC-signed subscription links, multi-layer rate limiting by IP, token, and behaviour, and timing-safe comparisons. The project is MIT-licensed.
Self-hosted Node.js web panel for running a multi-protocol proxy service (VLESS Reality, Shadowsocks, Hysteria 2) with users, AWS node automation and Telegram bot.
Mainly JavaScript. The stack also includes Node, Express, SQLite.
MIT license, free to use, modify, and redistribute with attribution.
Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.