加入守护进程和采用参数自定义
parent
709562f24c
commit
52ab4c8133
|
|
@ -9,7 +9,7 @@ wget "https://go.dev/dl/$(curl https://go.dev/VERSION?m=text).linux-amd64.tar.gz
|
||||||
echo 'export GOROOT=/usr/local/go' >> /etc/profile
|
echo 'export GOROOT=/usr/local/go' >> /etc/profile
|
||||||
echo 'export PATH=$GOROOT/bin:$PATH' >> /etc/profile
|
echo 'export PATH=$GOROOT/bin:$PATH' >> /etc/profile
|
||||||
source /etc/profile
|
source /etc/profile
|
||||||
echo $(go version) && rm go*.linux-amd64.tar.gz
|
echo $(go version) && rm go*.linux-amd64.tar.gz # 移除为了不影响将来升级
|
||||||
|
|
||||||
# 编译安装caddy+naive
|
# 编译安装caddy+naive
|
||||||
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest && \
|
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest && \
|
||||||
|
|
@ -17,34 +17,54 @@ go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest && \
|
||||||
|
|
||||||
chmod +x caddy
|
chmod +x caddy
|
||||||
cp caddy /usr/bin/
|
cp caddy /usr/bin/
|
||||||
echo $(/usr/bin/caddy version) && rm -r go
|
echo $(/usr/bin/caddy version) && rm -r go # 移除go为了不影响将来升级
|
||||||
setcap cap_net_bind_service=+ep /usr/bin/caddy
|
setcap cap_net_bind_service=+ep /usr/bin/caddy
|
||||||
|
|
||||||
# 添加配置文件
|
# 添加配置文件
|
||||||
mkdir /etc/caddy/
|
mkdir /etc/caddy/
|
||||||
cat > /etc/caddy/Caddyfile <<EOF
|
cat > /etc/caddy/Caddyfile <<EOF
|
||||||
:443, vn.ahfei.icu # 只用改这一个
|
:443, ${1} # 域名
|
||||||
tls vgamebox@outlook.com # 你的邮箱
|
tls ${2} # 你的邮箱
|
||||||
route {
|
route {
|
||||||
forward_proxy {
|
forward_proxy {
|
||||||
basic_auth Devalue t3NL5&vD*5RgG7 #用户名和密码
|
basic_auth ${3} ${4} # 用户名和密码
|
||||||
hide_ip
|
hide_ip
|
||||||
hide_via
|
hide_via
|
||||||
probe_resistance
|
probe_resistance
|
||||||
}
|
}
|
||||||
forward_proxy {
|
reverse_proxy ${5} { # 伪装网址
|
||||||
basic_auth dude A112358.. #用户名和密码
|
|
||||||
hide_ip
|
|
||||||
hide_via
|
|
||||||
probe_resistance
|
|
||||||
}
|
|
||||||
reverse_proxy https://nextcloud.ahfei.blog { #伪装网址
|
|
||||||
header_up Host {upstream_hostport}
|
header_up Host {upstream_hostport}
|
||||||
header_up X-Forwarded-Host {host}
|
header_up X-Forwarded-Host {host}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# 前台运行
|
groupadd --system caddy && useradd --system --gid caddy --create-home --home-dir /var/lib/caddy --shell /usr/sbin/nologin --comment "Caddy web server" caddy
|
||||||
caddy fmt --overwrite /etc/caddy/Caddyfile
|
|
||||||
caddy run --config /etc/caddy/Caddyfile
|
cat > /etc/systemd/system/naiveCaddy.service <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Caddy with Naive
|
||||||
|
Documentation=https://caddyserver.com/docs/
|
||||||
|
After=network.target network-online.target
|
||||||
|
Requires=network-online.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User=caddy
|
||||||
|
Group=caddy
|
||||||
|
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
|
||||||
|
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
|
||||||
|
TimeoutStopSec=5s
|
||||||
|
LimitNOFILE=1048576
|
||||||
|
LimitNPROC=512
|
||||||
|
PrivateTmp=true
|
||||||
|
ProtectSystem=full
|
||||||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable --now naiveCaddy
|
||||||
|
ss -tulpn | grep caddy
|
||||||
|
systemctl status naiveCaddy
|
||||||
Loading…
Reference in New Issue