加入守护进程和采用参数自定义
parent
709562f24c
commit
52ab4c8133
|
|
@ -9,7 +9,7 @@ wget "https://go.dev/dl/$(curl https://go.dev/VERSION?m=text).linux-amd64.tar.gz
|
|||
echo 'export GOROOT=/usr/local/go' >> /etc/profile
|
||||
echo 'export PATH=$GOROOT/bin:$PATH' >> /etc/profile
|
||||
source /etc/profile
|
||||
echo $(go version) && rm go*.linux-amd64.tar.gz
|
||||
echo $(go version) && rm go*.linux-amd64.tar.gz # 移除为了不影响将来升级
|
||||
|
||||
# 编译安装caddy+naive
|
||||
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest && \
|
||||
|
|
@ -17,34 +17,54 @@ go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest && \
|
|||
|
||||
chmod +x caddy
|
||||
cp caddy /usr/bin/
|
||||
echo $(/usr/bin/caddy version) && rm -r go
|
||||
echo $(/usr/bin/caddy version) && rm -r go # 移除go为了不影响将来升级
|
||||
setcap cap_net_bind_service=+ep /usr/bin/caddy
|
||||
|
||||
# 添加配置文件
|
||||
mkdir /etc/caddy/
|
||||
cat > /etc/caddy/Caddyfile <<EOF
|
||||
:443, vn.ahfei.icu # 只用改这一个
|
||||
tls vgamebox@outlook.com # 你的邮箱
|
||||
:443, ${1} # 域名
|
||||
tls ${2} # 你的邮箱
|
||||
route {
|
||||
forward_proxy {
|
||||
basic_auth Devalue t3NL5&vD*5RgG7 #用户名和密码
|
||||
basic_auth ${3} ${4} # 用户名和密码
|
||||
hide_ip
|
||||
hide_via
|
||||
probe_resistance
|
||||
}
|
||||
forward_proxy {
|
||||
basic_auth dude A112358.. #用户名和密码
|
||||
hide_ip
|
||||
hide_via
|
||||
probe_resistance
|
||||
}
|
||||
reverse_proxy https://nextcloud.ahfei.blog { #伪装网址
|
||||
reverse_proxy ${5} { # 伪装网址
|
||||
header_up Host {upstream_hostport}
|
||||
header_up X-Forwarded-Host {host}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
# 前台运行
|
||||
caddy fmt --overwrite /etc/caddy/Caddyfile
|
||||
caddy run --config /etc/caddy/Caddyfile
|
||||
groupadd --system caddy && useradd --system --gid caddy --create-home --home-dir /var/lib/caddy --shell /usr/sbin/nologin --comment "Caddy web server" caddy
|
||||
|
||||
cat > /etc/systemd/system/naiveCaddy.service <<EOF
|
||||
[Unit]
|
||||
Description=Caddy with Naive
|
||||
Documentation=https://caddyserver.com/docs/
|
||||
After=network.target network-online.target
|
||||
Requires=network-online.target
|
||||
|
||||
[Service]
|
||||
User=caddy
|
||||
Group=caddy
|
||||
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
|
||||
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
|
||||
TimeoutStopSec=5s
|
||||
LimitNOFILE=1048576
|
||||
LimitNPROC=512
|
||||
PrivateTmp=true
|
||||
ProtectSystem=full
|
||||
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl enable --now naiveCaddy
|
||||
ss -tulpn | grep caddy
|
||||
systemctl status naiveCaddy
|
||||
Loading…
Reference in New Issue