Releases: iampedii/WhiteDNS-Wizard
Releases · iampedii/WhiteDNS-Wizard
v1.4.0
v1.3.0
This release improves compatibility with recent 3x-ui changes and adds better Cloudflare support for provisioning subdomain-based projects.
What's Changed
- Fixed 3x-ui Xray config routes after upstream 3x-ui API changes.
- Added fallback support for both new and legacy Xray config/update endpoints.
- Added support for provisioning subdomains through their owning Cloudflare parent zone.
- Example:
team.example.comcan now use the Cloudflare zoneexample.com.
- Example:
- Improved ACME preflight checks for subdomains.
- Detects when a subdomain has public NS records and appears delegated away from the parent Cloudflare zone.
- Gives clearer remediation guidance for delegated subdomain DNS issues.
- Updated Cloudflare token guidance in the README and TUI to clarify parent-zone scoping.
- Improved delete cleanup for managed installs.
- Removes managed Docker images.
- Removes managed volumes/orphans.
- Prunes Docker build cache.
- Keeps local project files.
- Updated the Tor Dockerfile base image from Alpine
3.20to3.24.
Validation
- Added tests for Cloudflare parent-zone resolution.
- Added tests for delegated subdomain ACME preflight behavior.
- Added tests for new and legacy 3x-ui Xray API route handling.
- Added tests for Docker cleanup reporting.
- Verified with
go test ./....
v1.2.0
Fixed
- Fixed compatibility with 3x-ui v3.3.0+, where Xray config routes moved from /panel/xray to /panel/api/xray.
- Resolved setup/repair failures like:
- read xray outbound config: POST .../panel/xray returned 404
- WhiteDNS now uses the new /panel/api/xray/ and /panel/api/xray/update routes first, with fallback support for older 3x-ui versions.
- Fixed URL construction so trailing slashes required by legacy 3x-ui Xray endpoints are preserved.
v1.1.0
WhiteDNS Wizard v1.1.0 focuses on reliability, clearer setup guidance, faster release builds, and better Reality support.
Highlights
- Replaced Reality XHTTP profiles with Reality TCP Vision using
flow=xtls-rprx-vision. - Added ACME DNS-01 preflight checks so DNS/Cloudflare issues fail earlier with clearer errors.
- Moved remote managed state from
/opt/wdns-wizard/3x-uito/var/lib/whitedns/3x-uifor better VPS compatibility. - Improved Cloudflare token permission documentation with screenshots.
- Made GitHub release builds faster with parallel matrix builds.
Added
- ACME readiness checks before certificate issuance:
- Cloudflare zone access
- Zone active status
- Public NS/SOA checks
_acme-challengeDNS readiness
- Friendly ACME errors for bad delegation, wrong token scope, inactive zones, and DNS resolver failures.
- Cloudflare permission tutorial screenshots in the README.
- Single-target release build script for faster CI builds.
- Release workflow uploads all platform artifacts and checksums after publishing a release.
Changed
- Reality profiles now use:
type=tcpsecurity=realityflow=xtls-rprx-vision- Tags:
wdns-reality-tcp-visionandwdns-tor-reality-tcp-vision
- Reality XHTTP legacy profiles are replaced during apply/reset/repair.
- Reality SNI selection is restricted to stable validated options.
- Remote Docker state now lives under
/var/lib/whitedns/3x-ui. - README now documents the correct Cloudflare Edit zone DNS token flow.
Fixed
- Fixed release asset upload workflow configuration.
- Fixed Windows/remote path handling around uploads and restore scripts.
- Fixed remote upload directory preparation before writing compose and Tor files.
- Fixed VPS failures where
/optis read-only or unsafe for Docker bind mounts. - Fixed confusing raw ACME errors by adding clearer preflight messages.
- Resolved Reality connection failures caused by bad SNI choices.
Upgrade Notes
- Existing installs using
/opt/wdns-wizard/3x-uiare migrated automatically when possible. - Users should rerun WhiteDNS apply/reset so old Reality XHTTP inbounds are replaced with Reality TCP Vision.
- Direct TLS and Hysteria profiles still require valid Cloudflare DNS delegation because they depend on public ACME certificates.
v1.0.0
First public release of WhiteDNS, a Cloudflare-first CLI/TUI wizard for provisioning a managed 3x-ui/Xray VPN stack on a VPS.
Highlights
- Interactive
./whitednsmenu for setup, diagnostics, repair, backup, restore, reset, delete, and support bundles. - Cloudflare automation for DNS records, SSL mode
strict, Origin CA certificates, and ACME wildcard certificates. - Local SSH-based VPS provisioning.
- Managed Docker stack with 3x-ui, PostgreSQL, and an internal Tor sidecar.
- Encrypted local project secrets under
~/.wdns-wizard. - Copyable client import strings for all generated profiles.
- Release assets for Linux, macOS, Windows, BSD, and Termux Android ARM64.
Generated Profiles
WhiteDNS creates 12 importable client profiles:
- VLESS WS through Cloudflare:
vpn.<domain>:443 - VLESS WS 8443 through Cloudflare:
trojan.<domain>:8443 - Hysteria2 direct:
hy2.<domain>:443/udp - Direct VLESS TCP TLS:
direct.<domain>:2087 - Reality XHTTP direct:
reality.<domain>:2083 - Shadowsocks 2022 direct:
ss.<domain>:8388 - VLESS WS Tor:
tor-vless-ws.<domain>:2097 - VLESS WS 8443 Tor:
tor-vless-ws-8443.<domain>:2098 - Hysteria2 Tor:
tor-hy2.<domain>:2099/udp - Direct VLESS Tor:
tor-direct.<domain>:2100 - Reality XHTTP Tor:
tor-reality.<domain>:2101 - Shadowsocks Tor:
tor-ss.<domain>:8390
Requirements
- Cloudflare account with an active zone.
- Cloudflare API token with DNS, Zone Settings, SSL/Certificates, and Zone read/write permissions.
- Linux VPS with SSH access.
- Docker-capable VPS. WhiteDNS can install Docker and Docker Compose plugin when missing.
Notes
- Tor profiles route server-side outbound traffic through Tor.
- The VPS still sees the client IP; destination sites see the Tor exit IP.
- UDP traffic through Tor profiles may fail because Tor is TCP-oriented.
- Direct, Hysteria2, Reality, Shadowsocks, panel, and Tor hosts must stay DNS-only in Cloudflare.
- The 3x-ui dashboard is available at
http://panel.<domain>:2053/<base-path>/.
Install
Download the asset for your platform, extract it, then run:
./whitedns