https://www.dongvps.com/2022-10-17/%e5%ae%8c%e7%be%8e%e5%8f%96%e4%bb%a3%e7%a9%bf%e9%80%8ftls%e7%9a%84%e9%ab%98%e9%9a%90%e5%8c%bf%e7%a7%91%e5%ad%a6%e4%b8%8a%e7%bd%91%e5%b7%a5%e5%85%b7naiveproxy%e5%ae%8c%e7%be%8e%e5%8f%96%e4%bb%a3/

https://www.scwcd.cn/archives/37.html

https://github.com/klzgrad/naiveproxy

https://github.com/klzgrad/naiveproxy/wiki/%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87

安装golang

wget https://go.dev/dl/go1.19.linux-amd64.tar.gz
tar -zxvf go1.19.linux-amd64.tar.gz -C /usr/local/
vi /etc/profile

/etc/profile 中添加 GO语言的 环境变量

cp /etc/profile /etc/profile.bak
echo export GOROOT=/usr/local/go >> /etc/profile
source /etc/profile
echo export PATH=$GOROOT/bin:$PATH  >> /etc/profile
source /etc/profile
go version

安装NaïveProxy和Caddy

mkdir src
cd src
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
~/go/bin/xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive
cp caddy /usr/bin/
/usr/bin/caddy version        # 2022-4-8 23:09
#v2.4.6 h1:HGkGICFGvyrodcqOOclHKfvJC0qTU7vny/7FhYp9hNw=  
setcap cap_net_bind_service=+ep /usr/bin/caddy  # 设置bind权限,可443

配置文件

# 存放证书的目录,其实没啥用,caddy会自动获取并管理证书
mkdir -p /etc/ssl/caddy
# 存放Caddyfile的目录
mkdir /etc/caddy/
vim /etc/caddy/Caddyfile
:443, naive.buliang0.tk {#你的域名
  tls example@example.com #你的邮箱
  route {
    forward_proxy {
    basic_auth user pass #用户名和密码
    hide_ip
    hide_via
    probe_resistance
    }
    #支持多用户
    forward_proxy {
      basic_auth user2 pass2 #用户名和密码
      hide_ip
      hide_via
      probe_resistance
    }
    reverse_proxy  https://demo.cloudreve.org
  }
}
# 启动测试
caddy run --config "/etc/caddy/Caddyfile"
# systemd 服务
# /etc/systemd/system/naive.service
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=root
Group=root
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

客户端配置

# config.json
{
  "listen": "socks://127.0.0.1:1080",
  "proxy": "https://user:pass@example.com"
}
# Linux下客户端服务
# /etc/systemd/system/naive.service
[Unit]
Description=naiveproxy client service
Documentation=https://github.com/klzgrad/naiveproxy
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=simple
User=nobody
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
ExecStart=/usr/local/bin/naive /etc/naive/config.json

[Install]
WantedBy=multi-user.target

标签: none

添加新评论