{"id":292,"date":"2018-07-29T15:36:34","date_gmt":"2018-07-29T07:36:34","guid":{"rendered":"https:\/\/luke6887.me\/?p=292"},"modified":"2018-07-29T15:59:17","modified_gmt":"2018-07-29T07:59:17","slug":"v2-be-contiune-h2tls-web%e6%b5%8b%e8%af%95","status":"publish","type":"post","link":"https:\/\/blog.luke6887.me\/?p=292","title":{"rendered":"v2–be contiune h2+TLS+Web\u6d4b\u8bd5"},"content":{"rendered":"

\u4eca\u5929\u60f3\u5c1d\u8bd5\u4e86\u4e00\u4e0b\u4f20\u8bf4\u4e2d\u7684Websocks+TLS+Web\u65b9\u5f0f\u53bb\u642d\u5efav2ray\u3002\u3002\u4e0d\u8fc7\u83ab\u540d\u4e0d\u60f3\u7528Websocks\uff0c\u800c\u662f\u6539\u7528\u4e86http\/2\uff0c\u4e0d\u8fc7\u603b\u4f53\u6765\u8bf4\u3002\u3002\u6027\u80fd\u597d\u50cf\u5e76\u4e0d\u592a\u7406\u60f3\u3002\uff08\u8ddf\u4f20\u7edf\u7684TCP+TLS\u76f8\u6bd4\uff09<\/p>\n

\u4e0d\u8fc7\u4f18\u70b9\u5c31\u662f\u3002\u3002\u770b\u8d77\u6765\u5c31\u662f\u5408\u60c5\u5408\u7406\u7684https\u8bf7\u6c42\uff0c\u5c01\u7684\u673a\u4f1a\u4f1a\u66f4\u4f4e\uff0c\u800c\u4e14\u542c\u8bf4\u53ef\u4ee5\u63a5CDN\u3002\u3002\u3002\u55ef\u3002<\/p>\n

\u9700\u8981\u4e24\u4e2a\u8f6f\u4ef6\uff1a\u4e3b\u4f53\u7684v2ray\uff0c\u8fd8\u6709\u505aweb\u7684Caddy\uff08\u53cd\u5411\u4ee3\u7406\uff09\u3002<\/p>\n

\u5927\u6982\u6d41\u7a0b\u662f\u8fd9\u6837\u7684\uff1a<\/p>\n

\u5ba2\u6237\u7aef—–Caddy—–v2ray—–\u5916\u7f51<\/p>\n

\u9996\u5148v2ray\u914d\u7f6e\u6587\u4ef6\u662f\u8fd9\u6837\u7684\uff1a<\/p>\n

{\r\n    \"log\": {\r\n        \"access\": \"\/var\/log\/v2ray\/access.log\",\r\n        \"error\": \"\/var\/log\/v2ray\/error.log\",\r\n        \"loglevel\": \"debug\"\r\n    },\r\n    \"inbound\": {\r\n        \"port\": 10000,\r\n\t\"listen\": \"127.0.0.1\",\r\n        \"protocol\": \"vmess\",\r\n        \"settings\": {\r\n            \"clients\": [\r\n                {\r\n                    \"id\": \"uuid\",\r\n                    \"level\": 1,\r\n                    \"alterId\": 100\r\n                }\r\n            ]\r\n        },\r\n        \"streamSettings\": {\r\n            \"network\": \"h2\",\r\n            \"security\": \"tls\",\r\n\t\t\t\"httpSettings\": {\r\n\t\t\t\t\"path\": \"\/path\",\r\n\t\t\t\t\"host\": [\"domain.me\"]\r\n\t\t\t},\r\n\t\t\t\"tlsSettings\": {\r\n                \t\t\"serverName\": \"domain.me\",\r\n                \t\t\"certificates\": [\r\n                    \t{\r\n                        \t\"certificateFile\": \"\/etc\/v2ray\/v2ray.crt\",\r\n                        \t\"keyFile\": \"\/etc\/v2ray\/v2ray.key\"\r\n                    }\r\n                ]\r\n            }\r\n        }\r\n    },\r\n    \"outbound\": {\r\n        \"protocol\": \"freedom\",\r\n        \"settings\": {}\r\n    },\r\n    \"inboundDetour\": [],\r\n    \"outboundDetour\": [\r\n        {\r\n            \"protocol\": \"blackhole\",\r\n            \"settings\": {},\r\n            \"tag\": \"blocked\"\r\n        }\r\n    ],\r\n    \"routing\": {\r\n        \"strategy\": \"rules\",\r\n        \"settings\": {\r\n            \"rules\": [\r\n                {\r\n                    \"type\": \"field\",\r\n                    \"ip\": [\r\n                        \"0.0.0.0\/8\",\r\n                        \"10.0.0.0\/8\",\r\n                        \"100.64.0.0\/10\",\r\n                        \"127.0.0.0\/8\",\r\n                        \"169.254.0.0\/16\",\r\n                        \"172.16.0.0\/12\",\r\n                        \"192.0.0.0\/24\",\r\n                        \"192.0.2.0\/24\",\r\n                        \"192.168.0.0\/16\",\r\n                        \"198.18.0.0\/15\",\r\n                        \"198.51.100.0\/24\",\r\n                        \"203.0.113.0\/24\",\r\n                        \"::1\/128\",\r\n                        \"fc00::\/7\",\r\n                        \"fe80::\/10\"\r\n                    ],\r\n                    \"outboundTag\": \"blocked\"\r\n                }\r\n            ]\r\n        }\r\n    }\r\n}\r\n<\/pre>\n
\u7136\u540e\u5b89\u88c5Caddy\uff1a<\/p>\n
curl https:\/\/getcaddy.com | bash -s personal http.filemanager,http.forwardproxy,http.proxyprotocol\r\ncurl -s https:\/\/raw.githubusercontent.com\/GEM7\/My_scripts\/master\/caddy\/caddy.service -o \/etc\/systemd\/system\/caddy.service<\/pre>\n
\u5148\u5efa\u597dCaddy\u7684\u65e5\u5fd7\u8ddf\u914d\u7f6e\u6587\u4ef6\uff1a<\/p>\n
touch \/etc\/Caddyfile\r\ntouch \/var\/log\/caddy.log<\/pre>\n
\u7136\u540e\u518d\u5199Caddy\u7684\u914d\u7f6e\u6587\u4ef6\uff1a\/etc\/Caddyfile<\/p>\n
https:\/\/domian.me:443 {\r\nlog \/var\/log\/caddy.log\r\nproxy \/path https:\/\/127.0.0.1:10000 {\r\n       insecure_skip_verify\r\n       header_upstream X-Forwarded-Proto \"https\"\r\n       header_upstream Host \"domain.me\"\r\n    }\r\n}\r\n<\/pre>\n
\u7136\u540e\u91cd\u542fv2ray\uff0c\u542f\u52a8Caddy<\/p>\n
sudo ssytemctl start caddy.service\r\nsudo service v2ray start<\/pre>\n
\u5ba2\u6237\u7aef\u7684\u8bdd\u624b\u673a\u8bbe\u7f6e\u597d\u5bfc\u51fa\u914d\u7f6e\u5c31\u6210\u4e86\u3002\u3002
\n\u4e0d\u8fc7\u611f\u89c9\u8fd8\u6709\u53ef\u4ee5\u4f18\u5316\u7684\u5730\u65b9\u554a\u3002\u3002\u3002\u5148\u8fd9\u6837\u5427= =
\n\uff08\u53cd\u6b63\u600e\u4e48\u6539\u5e94\u8be5\u4e5f\u6ca1\u539f\u6765\u7684TCP+TLS\u5feb\u3002\u3002\uff09<\/p>\n
PS\uff1a\u4eca\u5929\u53d1\u73b0\u5728TCP+TLS\u7684\u60c5\u51b5\u4e0b\u5ba2\u6237\u7aef\u5173\u4e86\u52a0\u5bc6\u65b9\u5f0f\uff08”security”: “none”,\uff09\u6027\u80fd\u6bd4\u4ee5\u524d\u597d\u591a\u4e86\u3002\u3002\u6ca1\u6709\u4e86\u4ee5\u524d\u201c\u4e00\u8df3\u4e00\u8df3\u201d\u7684\u4f20\u8f93\u884c\u4e3a\u3002\u3002
\n\u5e0c\u671b\u5173\u4e86\u52a0\u5bc6\u65b9\u5f0f\u8fd8\u6709TLS\u628a\u5173\u5427\u3002\u3002\u55ef<\/p>\n
\u76f8\u5173\u6559\u7a0b\uff08\u589e\u91cf\uff09
\nhttps:\/\/ellinia.me\/Use_caddy_to_reverse_proxy_project_v\/<\/a><\/p>\n
https:\/\/toutyrater.github.io\/advanced\/wss_and_web.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
\u4eca\u5929\u60f3\u5c1d\u8bd5\u4e86\u4e00\u4e0b\u4f20\u8bf4\u4e2d\u7684Websocks+TLS+Web\u65b9\u5f0f\u53bb\u642d\u5efav2ray\u3002\u3002\u4e0d\u8fc7\u83ab\u540d\u4e0d\u60f3\u7528Websocks … <\/p>\n
\u7ee7\u7eed\u9605\u8bfb\u201cv2–be contiune h2+TLS+Web\u6d4b\u8bd5\u201d<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-292","post","type-post","status-publish","format-standard","hentry","category-servers"],"_links":{"self":[{"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=\/wp\/v2\/posts\/292","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=292"}],"version-history":[{"count":18,"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=\/wp\/v2\/posts\/292\/revisions"}],"predecessor-version":[{"id":310,"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=\/wp\/v2\/posts\/292\/revisions\/310"}],"wp:attachment":[{"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=292"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=292"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.luke6887.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=292"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}