以下内容基于Ubuntu18.04
编译安装caddy+naive:
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:longsleep/golang-backports
sudo apt-get update
sudo apt-get install golang-go
#测试:
go version
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
~/go/bin/xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive
Caddyfile配置:
:443, yourdomain.com #你的域名
tls [email protected] #你的邮箱
route {
forward_proxy {
basic_auth user pass #用户名和密码
hide_ip
hide_via
probe_resistance
}
#支持多用户
forward_proxy {
basic_auth user2 pass2 #用户名和密码
hide_ip
hide_via
probe_resistance
}
reverse_proxy https://demo.cloudreve.org { #伪装网址
header_up Host {upstream_hostport}
header_up X-Forwarded-Host {host}
}
}Caddy常用指令:
前台运行caddy: ./caddy run
后台运行caddy: ./caddy start
停止caddy: ./caddy stop
重载配置: ./caddy reload
Caddy配置守护进程(开机自启):
使 Caddy 可执行并将 caddy 二进制文件移动到您的路径中,并将您的 Caddyfile 放在/etc/caddy/
chmod +x caddy
mv caddy /usr/bin/
mkdir /etc/caddy
mv Caddyfile /etc/caddy/测试是否有效:
/usr/bin/caddy run --config /etc/caddy/Caddyfile为 caddy 创建唯一的 Linux 组和用户:
groupadd --system caddy
useradd --system \
--gid caddy \
--create-home \
--home-dir /var/lib/caddy \
--shell /usr/sbin/nologin \
--comment "Caddy web server" \
caddy接下来,使用以下内容创建 caddy.service 下:/etc/systemd/system/
[Unit]
Description=Caddy from ggfw
Documentation=https://ggfw.cc
After=network.target network-online.target
Requires=network-online.target
[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target仔细检查ExecStart和ExecReload指令。确保二进制文件的位置和命令行参数对于您的安装来说是正确的。根据您的设置进行更改。
保存服务文件后,我们现在可以使用systemd启动caddy服务:
systemctl daemon-reload
systemctl enable caddy
systemctl start caddy检查当前状态:
systemctl status caddy使用更改的配置文件重新加载 caddy:
systemctl reload caddy自定义端口:
naiveproxy如果要用自定义端口,需要使用json的配置方式,新手可以直接跳过
启动方式:
./caddy start --config config.json配置内容config.json:
//需删除注释内容caddy才能加载
{
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":4431" //监听端口
],
"routes": [
{
"handle": [
{
"auth_user_deprecated": "user", //用户名
"auth_pass_deprecated": "pass", //密码
"handler": "forward_proxy",
"hide_ip": true,
"hide_via": true,
"probe_resistance": {}
}
]
},
{
"handle": [
{
"handler": "reverse_proxy",
"headers": {
"request": {
"set": {
"Host": [
"{http.reverse_proxy.upstream.hostport}"
],
"X-Forwarded-Host": [
"{http.request.host}"
]
}
}
},
"transport": {
"protocol": "http",
"tls": {}
},
"upstreams": [
{
"dial": "demo.cloudreve.org:443" //伪装网址
}
]
}
]
}
],
"tls_connection_policies": [
{
"match": {
"sni": [
"yourdomain.com" //你的域名
]
},
"certificate_selection": {
"any_tag": [
"cert0"
]
}
}
],
"automatic_https": {
"disable": true
}
}
}
},
"tls": {
"certificates": {
"load_files": [
{
"certificate": "/path/a.crt", //公钥路径
"key": "/path/a.key", //私钥路径
"tags": [
"cert0"
]
}
]
}
}
}
}Naiveproxy客户端
https://github.com/klzgrad/naiveproxy/releases/latest
评论 (0)