"Big Brother is watching. We're watching back." A complete, production-ready VPN business infrastructure built by @DeFiTON
This project is built and maintained by Sviatoslav Gusev β entrepreneur, developer, and founder of multiple tech products.
| π Website | gusev.biz |
| π¬ Telegram | @defiton |
| π GitHub | @DeFiTON |
| π’ Company | Libermall LLC |
| Project | Description |
|---|---|
| TonChat.AI | AI chat on TON blockchain |
| Tegro.Finance | DEX on TON |
| Tegro.Money | Payment system |
| SMOService | SMM panel |
| Libermall | Digital marketplace |
1984 VPN is a complete infrastructure stack for launching a commercial VPN service, optimized for the Russian-speaking market where standard protocols (WireGuard, OpenVPN) are blocked by Roskomnadzor's DPI systems.
| Decision | Choice | Reason |
|---|---|---|
| Protocol | VLESS+Reality | Only protocol reliably bypassing Russian DPI |
| Panel | Marzban | Best open-source VPN management panel |
| Hosting | Hetzner Helsinki | Low latency to Russia, good price/performance |
| Distribution | Telegram Bot | Standard for Russian VPN market |
| Payments | Telegram Stars + TON | Works without Russian bank cards |
User (iOS/Android/Windows)
β
β VLESS+Reality (port 2053)
βΌ
βββββββββββββββββββββββ
β EDGE NODE β β Hetzner Helsinki
β XRay Core β β "Dirty transit", no logs
β No user data β β Expendable if seized
ββββββββββββ¬βββββββββββ
β Marzban Node Protocol (port 62050)
βΌ
βββββββββββββββββββββββ
β MASTER SERVER β β Hetzner Helsinki
β Marzban Panel β β panel.1984vpn.com
β Caddy (SSL proxy) β
β SQLite Database β
ββββββββββββ¬βββββββββββ
β REST API
βΌ
βββββββββββββββββββββββ
β TELEGRAM BOT β β Railway.app
β Customer Sales β
β Payment Processing β
β Key Delivery β
βββββββββββββββββββββββ
This project integrates with my existing product ecosystem:
Balance top-up is powered by Tegro.Money β a payment system supporting TON, USDT, and other cryptocurrencies.
API Documentation: tegro.money/docs/en/
# Example: Create payment via Tegro.Money
import requests
response = requests.post("https://tegro.money/api/v1/createOrder", json={
"shop_id": "YOUR_SHOP_ID",
"amount": 299,
"currency": "RUB",
"order_id": "vpn_sub_12345"
})VPN activation codes are distributed through Libermall Marketplace β a digital goods marketplace where partners can buy and resell VPN keys.
git clone https://github.com/DeFiTON/1984vpn.git
cd 1984vpn# Install Marzban
sudo bash -c "$(curl -sL https://github.com/Gozargah/Marzban-scripts/raw/master/marzban.sh)" @ install
# Create admin
marzban cli admin create --sudo
# Setup Caddy SSL proxy
apt install -y caddy
cat > /etc/caddy/Caddyfile << 'EOF'
panel.yourdomain.com {
reverse_proxy localhost:8000
}
EOF
systemctl restart caddycat >> /opt/marzban/.env << 'EOF'
TELEGRAM_API_TOKEN = "your_admin_bot_token"
TELEGRAM_ADMIN_ID = your_telegram_id
NODE_CLIENT_CERT_FILE = "/var/lib/marzban/certs/client.pem"
NODE_CLIENT_KEY_FILE = "/var/lib/marzban/certs/client.key"
EOF
# Generate node SSL certs
mkdir -p /var/lib/marzban/certs
openssl req -x509 -newkey rsa:4096 \
-keyout /var/lib/marzban/certs/client.key \
-out /var/lib/marzban/certs/client.pem \
-days 3650 -nodes -subj "/CN=marzban-client"
marzban restart# On edge server
sudo bash -c "$(curl -sL https://github.com/Gozargah/Marzban-scripts/raw/master/marzban-node.sh)" @ install
# IMPORTANT: Use certificate from panel β Node Settings β Download certificate
# Save to: /var/lib/marzban-node/ssl_client_cert.pem
cat > /opt/marzban-node/docker-compose.yml << 'EOF'
services:
marzban-node:
image: gozargah/marzban-node:latest
restart: always
network_mode: host
environment:
SSL_CERT_FILE: "/var/lib/marzban-node/ssl_cert.pem"
SSL_KEY_FILE: "/var/lib/marzban-node/ssl_key.pem"
SSL_CLIENT_CERT_FILE: "/var/lib/marzban-node/ssl_client_cert.pem"
SERVICE_PROTOCOL: "rest"
SERVICE_PORT: "62050"
XRAY_API_PORT: "62051"
volumes:
- /var/lib/marzban-node:/var/lib/marzban-node
EOF
ufw --force enable && ufw allow 22 && ufw allow 62050 && ufw allow 62051 && ufw allow 2053 && ufw reload
marzban-node restart# Generate keypair on master
docker exec marzban-marzban-1 xray x25519
# Save Private key and Public keyPaste the XRay config from configs/xray-config.json into Marzban Core Settings, insert your private key.
| Platform | Recommended App |
|---|---|
| iOS | V2Box or Streisand |
| Android | V2RayNG |
| Windows | v2rayN or Hiddify |
| macOS | FoXray or V2Box |
- Marzban panel deployment
- VLESS+Reality protocol
- Edge node (dirty transit)
- SSL via Caddy
- Admin Telegram bot
- Customer Telegram bot (Railway + aiogram 3)
- Telegram Stars payment
- Tegro.Money payment integration
- 2-level referral program
- Promo code system (Libermall distribution)
- White-label (partner bot tokens)
- Landing page (1984vpn.com)
- Mobile app
- Browser extension
1984vpn/
βββ configs/
β βββ Caddyfile # Caddy reverse proxy
β βββ xray-config.json # VLESS+Reality config
β βββ docker-compose.node.yml # Edge node compose
β βββ marzban.env # Environment template
βββ docs/
β βββ deployment.md # Full deployment guide
β βββ node-setup.md # Edge node setup
β βββ bot-setup.md # Telegram bot setup
βββ bot/ # Customer bot (WIP)
β βββ README.md
βββ LICENSE
βββ README.md
Documented here for future reference:
- WireGuard is blocked in Russia β use VLESS+Reality only
- Port 443 conflicts with Caddy β use port 2053 for VLESS
- Node SSL cert β must use
ssl_client_cert.pemfrom panel's "Download certificate" button, NOT auto-generated certs - Three-server architecture β Master / Bot / Edge, never combine them
SERVICE_PROTOCOL: "rest"β required in node docker-compose for proper connection
MIT β see LICENSE
Built with β€οΈ by Sviatoslav Gusev | @defiton
