v1.8.3
This is a quality-of-life and reliability release. The TUI surfaces more of the day-to-day commands, the operator docs catch up to where the code actually is, and a class of silent user-management bugs that affected the dashboard create / CLI revoke flow is cleaned up. No re-bootstrap or user regeneration required.
What's new
A more useful interactive menu
The moav TUI menu picks up four high-value commands that used to be CLI-only:
7) Donate configs (MahsaNet, Psiphon, Snowflake)
8) Doctor — diagnose problems
9) Admin password reset
10) Update MoaV
Slots 1–6 are unchanged for muscle memory. The "Add User" preview now lists every service the bundle actually provisions (Reality / Trojan / Hysteria2 / Shadowsocks-2022 / XHTTP / CDN / WireGuard / AmneziaWG / TrustTunnel / DNS tunnels / Telegram MTProxy / GooseRelay) instead of the stale 1.7-era "sing-box + WireGuard" line.
moav users is now complete
The listing was only showing sing-box + WireGuard + bundles, hiding four services that user-add provisions: AmneziaWG, Xray (XHTTP + XDNS), TrustTunnel, and Telegram MTProxy. Each is now its own section with totals. If you've been running MoaV for a while and didn't know who had access to your Telegram proxy, this is the section to look at.
WebSocket is the new default CDN transport
CDN_TRANSPORT flipped from httpupgrade to ws in .env.example and the three shell fallback paths. WebSocket is more battle-tested in heavily-censored networks, universally supported across V2Ray-family clients, and isn't subject to the deprecation warnings newer Xray clients emit for httpupgrade. Existing installs keep their current setting — only fresh installs and re-bootstraps pick up the new default. If you specifically need httpupgrade (some CloudFront edge cases), just set CDN_TRANSPORT=httpupgrade in .env.
Cloudflare CDN setup is now hard to miss
The bootstrap UX surfaces the two required Cloudflare settings up-front (Origin Rule for port 2082 and SSL/TLS mode = Flexible) instead of only the Origin Rule. The docs/DNS.md Cloudflare section is restructured the same way, with an inline response-code decoder so a 521 or 525 doesn't leave you guessing.
Documentation catches up
The docs had drifted across 1.7.x and 1.8.x. This release brings them back to where the code is:
- New
docs/architecture.md— container topology, dns-router fan-out, bundle generation flow, monitoring stack. - New
site/llms.txt— llmstxt.org-spec discovery file at the site root for AI assistants. docs/CLI.md— rewrote the profiles table (was missing 6 of 13 actual Compose profiles); new "Disabled profiles" subsection undermoav start; newmoav conduit-offsetssection (1.7.9+ feature was 100% undocumented).docs/DNS.md— four NS-delegation Steps consolidated into one table; Cloudflare records table gains the missingmandxNS rows.docs/MONITORING.md— new "Conduit lifetime bandwidth" section explaining the offset watcher.docs/philosophy.md— rewritten to integrate the "this is ours to build" narrative ("What Infrastructure Actually Means", "The Internet Is Closing", "A Global Pattern", "The Arms Race Gets Creative", "You Are Donating Bandwidth", "The Window Is Open") with the existing rights-based sections. Cite-ready sources appendix.- Client guide HTML — Telegram MTProxy section has a clickable "Open in Telegram" button on top of the copy-pastable link; Tor + Psiphon + WireGuard-over-WebSocket sections collapse like the V2Ray-compatible cards. EN + FA mirrors.
Critical fixes
Dashboard create-user silently broke after CLI revoke
The most operationally painful bug we fixed. Five user-management scripts used mv -f tmp orig to write back rewritten config files. mv -f swaps inodes — so when you ran sudo moav user revoke X, the resulting wg0.conf / awg0.conf / xray/config.json / sing-box/config.json / trusttunnel/credentials.toml ended up -rw------- root:root. The admin container (running as moav:moav) then couldn't write the same configs on the next dashboard user-add attempt → permission denied.
Replaced every mv -f tmp orig with cat tmp > orig; rm -f tmp so the original file's inode (and thus its mode and owner) survives. Both user-add.sh and user-revoke.sh also run a chmod a+rw sweep over the six config files at the top of every invocation — so historically broken installs self-heal on the next CLI op without needing to restart the admin container.
moav user revoke reported "User not found in sing-box" for users that did exist
The check used grep -q "\"name\":\"$USERNAME\"" which requires no whitespace between : and ". But jq -S (which renders the config) always emits "name": "X" with a space. Grep returned false-negative every time, and the revoke skipped the sing-box cleanup chain entirely — bundles got deleted but users stayed valid in every service config. Three checks replaced with the same jq query user-list.sh uses. Whitespace-insensitive, source-of-truth consistent.
Xray (XHTTP + XDNS) revoke was completely missing
singbox-user-revoke.sh cleaned sing-box, TrustTunnel, and telemt — but never touched configs/xray/config.json. Revoked users kept their XHTTP and XDNS access via their saved credentials. Now correctly jq-deletes from both .settings.clients[] and .settings.users[] (Xray's v26.5.9 schema rename made them aliases) and restarts xray.
Xray users / clients alias split-brain
Related: moav users could show "(no users)" for Xray on a working install, because bootstrap-added users live in .settings.users (the template path) and the listing only checked .settings.clients. Fixed in three places — listing reads both, exists-check scans both, new users go to the canonical .settings.users.
Smaller fixes
- Admin URL in main menu was rendering as
https://DOMAIN:9443 # Admin dashboardbecause the URL helper stripped quotes but not trailing.envcomments. All four URL helpers now use the comment-aware reader. user-add.shGOPROXY auto-heal failed silently on the admin container's read-only.envmount. Now heals into a tempfile, sources the tempfile, only writes back to.envif it's writable.- Bootstrap domain prompt re-asks on invalid input (up to 3 attempts) instead of saving garbage with a warning.
- Bootstrap container build message says "may take a few minutes" instead of "may take a minute" (the first-time build is genuinely 2–5 min).
Upgrade
moav update
moav startThat's it. No bootstrap, no user-regeneration, no DB migration. Behavior changes that affect existing installs self-heal:
- Stale config-file perms get repaired on the next CLI op (no admin container restart needed).
- Legacy users in Xray's
.settings.clientsarray stay reachable (alias of.settings.users). - The CDN transport default change only affects fresh installs and re-bootstraps — your existing
CDN_TRANSPORTvalue (if any) is preserved.
If you want to pick up the new CDN transport on an existing install, set CDN_TRANSPORT=ws in .env and either re-bootstrap or run moav regenerate-users to refresh client bundles.
What's coming in 1.8.4
A focused PR adding BBR + sysctl tuning to the installer, behind a prompt with default = yes. Real-world testing showed BBR roughly 3× TCP throughput on a 400 ms RTT path with burst loss (5.45 → 14.8 Mbps in our test, and post-loss recovery from 2 Mbps to 43 Mbps in the next second). The bundle also bumps UDP buffers, which directly helps Hysteria2 and WireGuard even though they don't use BBR. New moav doctor net subcommand for visibility and --apply / --revert. Deliberately excludes tcp_fastopen because it's actively harmful in heavily-censored networks (China Mobile firewalls drop TFO).
Verification
- 10 touched shell scripts pass
bash -n mkdocs buildclean (only pre-existing CHANGELOG link warnings unrelated to this release)- 26 files changed: 811 insertions, 263 deletions
- Two merged PRs: #110 (docs + architecture + llms.txt) and #113 (TUI + WebSocket + user-mgmt fixes)
- Live-tested against a real install: perm-heal + jq-consistent revoke confirmed end-to-end across multiple users with mixed sing-box / WG / AmneziaWG state
Thanks
Operators who reported issues that surfaced these fixes — the perm bug and the sing-box / Xray / telemt revoke gaps were all caught by running real users on real servers, not by tests.
Full Changelog: v1.8.2...v1.8.3
Quick Install
curl -fsSL moav.sh/install.sh | bashThis will install MoaV to /opt/moav and guide you through setup.
Documentation
moav.sh/docs — Full documentation
- Setup Guide — Complete installation instructions
- Client Setup — How to connect from devices
- DNS Configuration — DNS records setup
- CLI Reference — All commands and options
- Monitoring — Grafana dashboards and metrics
- Troubleshooting — Common issues and solutions