-
Notifications
You must be signed in to change notification settings - Fork 421
/
2_caddy.json
66 lines (66 loc) · 1.86 KB
/
2_caddy.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
{
"admin": {
"disabled": true
},
"logging": {
"logs": {
"default": {
"level": "ERROR",
"writer": {
"output": "file",
"filename": "/var/log/caddy/access.log"
}
}
}
},
"apps": {
"http": {
"servers": {
"https": {
"listen": [":443"],
"routes": [{
"match": [{
"path": ["/9ALdGZ9k"], //与trojan+ws应用中path对应
"header": {
"Connection": ["*Upgrade*"],
"Upgrade": ["websocket"]
}
}],
"handle": [{
"handler": "reverse_proxy",
"upstreams": [{
"dial": "unix//dev/shm/tws.sock" //转发给本机trojan+ws监听进程
}]
}]
},
{
"match": [{
"host": ["xx.yy"] //限定域名访问(禁止以ip方式访问网站),更改为自己的域名。
}],
"handle": [{
"handler": "headers",
"response": {
"set": {
"Strict-Transport-Security": ["max-age=31536000; includeSubDomains; preload"] //启用HSTS
}
}
},
{
"handler": "file_server",
"root": "/var/www/html" //更改为自己存放的web文件路径
}]
}],
"tls_connection_policies": [{
"cipher_suites": ["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"],
"alpn": ["http/1.1","h2"]
}]
}
}
},
"tls": {
"certificates": {
"automate": ["xx.yy"] //自动化管理域名证书(包括获取、更新证书及加载证书)。更改为自己的域名。
}
}
}
}