mirror of
https://github.com/XTLS/Xray-examples.git
synced 2024-11-08 18:13:13 +00:00
增加Trojan-TCP-XTLS配置 (#7)
* Add files via upload trojan的xtls配置 设置服务端配置的minVersion和OCSP Stapling nginx.conf增加HSTS * Create Test * Delete Test * Create config_server.json * Create config_client.json * Create nginx.conf * Delete config_server.json * Delete config_client.json * Delete nginx.conf * Update nginx.conf * Update config_client.json * Update config_client.json * Update config_server.json * Update nginx.conf * Update config_server.json
This commit is contained in:
parent
eaa4be6186
commit
2aad651777
48
Trojan-TCP-XTLS/config_client.json
Normal file
48
Trojan-TCP-XTLS/config_client.json
Normal file
|
@ -0,0 +1,48 @@
|
|||
{
|
||||
"log": {
|
||||
"loglevel": "debug"
|
||||
},
|
||||
"inbounds": [
|
||||
{
|
||||
"port": 1080,
|
||||
"listen": "127.0.0.1",
|
||||
"protocol": "socks",
|
||||
"settings": {
|
||||
"udp": true
|
||||
}
|
||||
},
|
||||
{
|
||||
"port": 1081,
|
||||
"protocol": "http",
|
||||
"sniffing": {
|
||||
"enabled": true,
|
||||
"destOverride": ["http", "tls"]
|
||||
},
|
||||
"settings": {
|
||||
"auth": "noauth"
|
||||
}
|
||||
}
|
||||
],
|
||||
"outbounds": [
|
||||
{
|
||||
"protocol": "trojan",
|
||||
"settings": {
|
||||
"servers": [
|
||||
{
|
||||
"address": "example.com", // 你的域名或服务器 IP
|
||||
"flow": "xtls-rprx-direct", // Linux 或安卓可改为 "xtls-rprx-splice"
|
||||
"port": 443,
|
||||
"password": "your_password" // 你的密码
|
||||
}
|
||||
]
|
||||
},
|
||||
"streamSettings": {
|
||||
"network": "tcp",
|
||||
"security": "xtls",
|
||||
"xtlsSettings": {
|
||||
"serverName": "example.com" // 你的域名
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
53
Trojan-TCP-XTLS/config_server.json
Normal file
53
Trojan-TCP-XTLS/config_server.json
Normal file
|
@ -0,0 +1,53 @@
|
|||
{
|
||||
"log": {
|
||||
"loglevel": "debug"
|
||||
},
|
||||
"inbounds": [
|
||||
{
|
||||
"port": 443,
|
||||
"protocol": "trojan",
|
||||
"settings": {
|
||||
"clients": [
|
||||
{
|
||||
"password":"your_password", // 密码
|
||||
"flow": "xtls-rprx-direct"
|
||||
}
|
||||
],
|
||||
"fallbacks": [
|
||||
{
|
||||
"dest": "/dev/shm/default.sock",
|
||||
"xver": 1
|
||||
},
|
||||
{
|
||||
"alpn": "h2",
|
||||
"dest": "/dev/shm/h2c.sock",
|
||||
"xver": 1
|
||||
}
|
||||
]
|
||||
},
|
||||
"streamSettings": {
|
||||
"network": "tcp",
|
||||
"security": "xtls",
|
||||
"xtlsSettings": {
|
||||
"alpn": [
|
||||
"http/1.1",
|
||||
"h2"
|
||||
],
|
||||
"certificates": [
|
||||
{
|
||||
"certificateFile": "/path/to/cert", // 证书文件绝对目录
|
||||
"keyFile": "/path/to/key", // 密钥文件绝对目录
|
||||
"ocspStapling": 3600 // 验证周期 3600 秒
|
||||
}
|
||||
],
|
||||
"minVersion": "1.2" // 如果是ecc证书则最低使用 TLSv1.2 ,如果你不清楚证书类型或者不是 ecc 证书,删掉这行
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"outbounds": [
|
||||
{
|
||||
"protocol": "freedom"
|
||||
}
|
||||
]
|
||||
}
|
63
Trojan-TCP-XTLS/nginx.conf
Normal file
63
Trojan-TCP-XTLS/nginx.conf
Normal file
|
@ -0,0 +1,63 @@
|
|||
user nginx;
|
||||
worker_processes auto;
|
||||
error_log /var/log/nginx/error.log;
|
||||
pid /run/nginx.pid;
|
||||
|
||||
include /usr/share/nginx/modules/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for" '
|
||||
'$proxy_protocol_addr:$proxy_protocol_port';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
|
||||
server {
|
||||
#listen 80 default_server;
|
||||
#listen [::]:80 default_server;
|
||||
listen [::]:80 default ipv6only=off;
|
||||
return 301 https://$http_host$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen unix:/dev/shm/default.sock proxy_protocol;
|
||||
listen unix:/dev/shm/h2c.sock http2 proxy_protocol;
|
||||
|
||||
# 把example.com换成你的域名
|
||||
server_name example.com;
|
||||
|
||||
root /usr/share/nginx/html;
|
||||
|
||||
set_real_ip_from 127.0.0.1;
|
||||
|
||||
|
||||
include /etc/nginx/default.d/*.conf;
|
||||
|
||||
# 开启 HSTS ,混 sslab 的 A+
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
error_page 404 /404.html;
|
||||
location = /40x.html {
|
||||
}
|
||||
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue