forked from lxhao61/integrated-examples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
2_caddy.json
74 lines (74 loc) · 2.21 KB
/
2_caddy.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
{
"admin": {
"disabled": true
},
"logging": {
"logs": {
"default": {
"writer": {
"output": "file",
"filename": "/var/log/caddy/access.log"
},
"level": "ERROR"
}
}
},
"apps": {
"http": {
"servers": {
"https": {
"listen": [":443"],
"routes": [{
"match": [{
"path": ["/teuW56Es"] //与trojan+h2c应用中path对应
}],
"handle": [{
"handler": "reverse_proxy",
"transport": {
"protocol": "http",
"versions": ["h2c","2"]
},
"upstreams": [{
"dial": "unix//dev/shm/th2c.sock" //转发给本机trojan+h2c监听进程
}]
}]
},
{
"match": [{
"host": ["xx.yy"] //限定域名访问(禁止以IP方式访问网站),修改为自己的域名。
}],
"handle": [{
"handler": "subroute",
"routes": [{
"handle": [{
"handler": "headers",
"response": {
"set": {
"Strict-Transport-Security": ["max-age=31536000; includeSubDomains; preload"] //启用HSTS
}
}
}]
},
{
"handle": [{
"handler": "file_server",
"root": "/var/www/html" //修改为自己存放的WEB文件路径
}]
}]
}]
}],
"tls_connection_policies": [{
"cipher_suites": ["TLS_AES_256_GCM_SHA384","TLS_AES_128_GCM_SHA256","TLS_CHACHA20_POLY1305_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"],
"curves": ["x25519","secp521r1","secp384r1","secp256r1"],
"alpn": ["h2","http/1.1"]
}]
}
}
},
"tls": {
"certificates": {
"automate": ["xx.yy"] //自动化管理域名证书(包括获取、更新证书及加载证书)。修改为自己的域名。
}
}
}
}