-
Notifications
You must be signed in to change notification settings - Fork 403
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
133 additions
and
0 deletions.
There are no files selected for viewing
133 changes: 133 additions & 0 deletions
133
v2ray(E+B+F+C+D+G+A)+naiveproxy+nginx\haproxy/1_naive_caddy.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,133 @@ | ||
{ | ||
"admin": { | ||
"disabled": true | ||
}, | ||
"logging": { | ||
"logs": { | ||
"default": { | ||
"level": "ERROR", | ||
"writer": { | ||
"output": "file", | ||
"filename": "/var/log/caddy/access.log" | ||
} | ||
} | ||
} | ||
}, | ||
"apps": { | ||
"http": { | ||
"servers": { | ||
"h1": { | ||
"listen": [":80"], //http默认监听端口 | ||
"routes": [{ | ||
"handle": [{ | ||
"handler": "static_response", | ||
"status_code": 301, | ||
"headers": { | ||
"Location": ["https://{http.request.host}{http.request.uri}"] //http自动跳转https,让网站看起来更真实。 | ||
} | ||
}], | ||
"terminal": true | ||
}] | ||
}, | ||
"h1h2c": { | ||
"listen": ["127.0.0.1:88"], //本机端口监听,避免除本机外的机器探测及非安全web访问,仅接收web回落。 | ||
"routes": [{ | ||
"handle": [{ | ||
"handler": "headers", | ||
"response": { | ||
"set": { | ||
"Strict-Transport-Security": ["max-age=31536000; includeSubDomains; preload"] //启用HSTS | ||
} | ||
} | ||
}, | ||
{ | ||
"handler": "file_server", | ||
"root": "/var/www/html" //修改成自己存放的web文件路径 | ||
}], | ||
"terminal": true | ||
}], | ||
"allow_h2c": true //开启h2c server支持 | ||
}, | ||
"naive": { | ||
"listen": ["127.0.0.1:7443"], //本机https server端口监听,提供naiveproxy、h2c proxy等应用。 | ||
"routes": [{ | ||
"handle": [{ | ||
"handler": "forward_proxy", | ||
"auth_user": "user", //naiveproxy账号,修改为自己的。 | ||
"auth_pass": "pass", //naiveproxy密码,修改为自己的。 | ||
"hide_ip": true, | ||
"hide_via": true, | ||
"probe_resistance": { | ||
"domain": "unsplash.com:443" | ||
} | ||
}] | ||
}, | ||
{ | ||
"match": [{ | ||
"path": ["/SeuW56Es"] //分流出h2,与v2ray h2 path对应。 | ||
}], | ||
"handle": [{ | ||
"handler": "reverse_proxy", | ||
"transport": { | ||
"protocol": "http", | ||
"versions": ["h2c"] | ||
}, | ||
"upstreams": [{ | ||
"dial": "127.0.0.1:2005" //与v2ray h2 端口对应 | ||
}] | ||
}], | ||
"terminal": true | ||
}, | ||
{ | ||
"match": [{ | ||
"protocol": "grpc" //与本机vless+grpc对应,分流出grpc。 | ||
}], | ||
"handle": [{ | ||
"handler": "reverse_proxy", | ||
"transport": { | ||
"protocol": "http", | ||
"versions": ["h2c"] | ||
}, | ||
"upstreams": [{ | ||
"dial": "127.0.0.1:2009" //转发给本机vless+grpc对应端口 | ||
}] | ||
}], | ||
"terminal": true | ||
}, | ||
{ | ||
"handle": [{ | ||
"handler": "headers", | ||
"response": { | ||
"set": { | ||
"Strict-Transport-Security": ["max-age=31536000; includeSubDomains; preload"] //启用HSTS | ||
} | ||
} | ||
}, | ||
{ | ||
"handler": "file_server", | ||
"root": "/var/www/html" //修改为自己存放的web文件路径 | ||
}], | ||
"terminal": true | ||
}], | ||
"tls_connection_policies": [{ | ||
"certificate_selection": { | ||
"any_tag": ["tls-1"] | ||
}, | ||
"cipher_suites": ["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"], | ||
"alpn": ["h2","http/1.1"] | ||
}], | ||
"experimental_http3": true //开启http3 server支持。若采用haproxy SNI分流,不支持UDP,此项可关闭。 | ||
} | ||
} | ||
}, | ||
"tls": { | ||
"certificates": { | ||
"load_files": [{ | ||
"certificate": "/etc/ssl/tls/xx.yy.crt", //换成你的证书,绝对路径。 | ||
"key": "/etc/ssl/tls/xx.yy.key", //换成你的私钥,绝对路径。 | ||
"tags": ["tls-1"] | ||
}] | ||
} | ||
} | ||
} | ||
} |