Create 1_naive_caddy.json

lxhao61 · Mar 24, 2021 · 8ed17ea · 8ed17ea
1 parent ba1632f
commit 8ed17ea
Showing 1 changed file with 133 additions and 0 deletions.
diff --git a/v2ray(E+B+F+C+D+G+A)+naiveproxy+nginx\haproxy/1_naive_caddy.json b/v2ray(E+B+F+C+D+G+A)+naiveproxy+nginx\haproxy/1_naive_caddy.json
@@ -0,0 +1,133 @@
+{
+ "admin": {
+ "disabled": true
+ },
+ "logging": {
+ "logs": {
+ "default": {
+ "level": "ERROR",
+ "writer": {
+ "output": "file",
+ "filename": "/var/log/caddy/access.log"
+ }
+ }
+ }
+ },
+ "apps": {
+ "http": {
+ "servers": {
+ "h1": {
+ "listen": [":80"], //http默认监听端口
+ "routes": [{
+ "handle": [{
+ "handler": "static_response",
+ "status_code": 301, 
+ "headers": {
+ "Location": ["https://{http.request.host}{http.request.uri}"] //http自动跳转https,让网站看起来更真实。
+ }
+ }],
+ "terminal": true
+ }]
+ },
+ "h1h2c": {
+ "listen": ["127.0.0.1:88"], //本机端口监听，避免除本机外的机器探测及非安全web访问，仅接收web回落。
+ "routes": [{
+ "handle": [{
+ "handler": "headers",
+ "response": {
+ "set": {
+ "Strict-Transport-Security": ["max-age=31536000; includeSubDomains; preload"] //启用HSTS
+ }
+ }
+ },
+ {
+ "handler": "file_server",
+ "root": "/var/www/html" //修改成自己存放的web文件路径
+ }],
+ "terminal": true
+ }],
+ "allow_h2c": true //开启h2c server支持
+ },
+ "naive": {
+ "listen": ["127.0.0.1:7443"], //本机https server端口监听，提供naiveproxy、h2c proxy等应用。
+ "routes": [{
+ "handle": [{
+ "handler": "forward_proxy",
+ "auth_user": "user", //naiveproxy账号，修改为自己的。
+ "auth_pass": "pass", //naiveproxy密码，修改为自己的。
+ "hide_ip": true,
+ "hide_via": true,
+ "probe_resistance": {
+ "domain": "unsplash.com:443"
+ }
+ }]
+ },
+ {
+ "match": [{
+ "path": ["/SeuW56Es"] //分流出h2,与v2ray h2 path对应。
+ }],
+ "handle": [{
+ "handler": "reverse_proxy",
+ "transport": {
+ "protocol": "http",
+ "versions": ["h2c"]
+ },
+ "upstreams": [{
+ "dial": "127.0.0.1:2005" //与v2ray h2 端口对应
+ }]
+ }],
+ "terminal": true
+ },
+ {
+ "match": [{
+ "protocol": "grpc" //与本机vless+grpc对应,分流出grpc。
+ }],
+ "handle": [{
+ "handler": "reverse_proxy",
+ "transport": {
+ "protocol": "http",
+ "versions": ["h2c"]
+ },
+ "upstreams": [{
+ "dial": "127.0.0.1:2009" //转发给本机vless+grpc对应端口
+ }]
+ }],
+ "terminal": true
+ },
+ {
+ "handle": [{
+ "handler": "headers",
+ "response": {
+ "set": {
+ "Strict-Transport-Security": ["max-age=31536000; includeSubDomains; preload"] //启用HSTS
+ }
+ }
+ },
+ {
+ "handler": "file_server",
+ "root": "/var/www/html" //修改为自己存放的web文件路径
+ }],
+ "terminal": true
+ }],
+ "tls_connection_policies": [{
+ "certificate_selection": {
+ "any_tag": ["tls-1"]
+ },
+ "cipher_suites": ["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"],
+ "alpn": ["h2","http/1.1"]
+ }],
+ "experimental_http3": true //开启http3 server支持。若采用haproxy SNI分流，不支持UDP，此项可关闭。
+ }
+ }
+ },
+ "tls": {
+ "certificates": {
+ "load_files": [{
+ "certificate": "/etc/ssl/tls/xx.yy.crt", //换成你的证书，绝对路径。
+ "key": "/etc/ssl/tls/xx.yy.key", //换成你的私钥，绝对路径。
+ "tags": ["tls-1"]
+ }]
+ }
+ }
+ }
+}