Add VLESS-H3-Caddy two modes

2024-11-21 16:11:32 +00:00 · 2024-10-17 04:54:23 -04:00 · 2024-10-17 04:54:23 -04:00 · bebf51e5f7
parent 2fe711231a
commit bebf51e5f7
9 changed files with 311 additions and 0 deletions
--- a/VLESS-HTTP-Caddy/VLESS-H2C-Caddy/Caddyfile
+++ b/VLESS-HTTP-Caddy/VLESS-H2C-Caddy/Caddyfile
@ -1,6 +1,10 @@
 xx.com {
+    log {
+        level DEBUG
+    }
    root * /var/www
    file_server
+    tls CA.crt priv.key # 换成你的证书和私钥，绝对路径
    
    reverse_proxy /path 127.0.0.1:2001 {
        transport http {
--- a/VLESS-HTTP-Caddy/VLESS-H3-Caddy/Caddyfile
+++ b/VLESS-HTTP-Caddy/VLESS-H3-Caddy/Caddyfile
@ -0,0 +1,17 @@
+xx.com {
+    log {
+        level DEBUG
+    }
+    root * /var/www
+    file_server
+    tls CA.crt priv.key # 换成你的证书和私钥，绝对路径
+    
+    reverse_proxy /path 127.0.0.1:2001 {
+        transport http {
+            tls
+            tls_client_auth CA.crt priv.key # 换成你的证书和私钥，绝对路径
+            tls_server_name xx.com
+            versions 3
+        }
+    }
+}
--- a/VLESS-HTTP-Caddy/VLESS-H3-Caddy/README.md
+++ b/VLESS-HTTP-Caddy/VLESS-H3-Caddy/README.md
@ -0,0 +1,7 @@
+# 原理图：
+Xray client <--- H3 ---> Caddy2 <--- H3 ---> Xray server
+
+注意：
+由于 H3 没有解密的明文传输标准 这种模式 Caddy 解密流量之后 会重新加密 会增加少许延迟和负载
+
+目前仅 Caddy2 的 v2.9.0-beta.2 版及以后完美支持 Xray 的 H3 入站。
--- a/VLESS-HTTP-Caddy/VLESS-H3-Caddy/client.json
+++ b/VLESS-HTTP-Caddy/VLESS-H3-Caddy/client.json
@ -0,0 +1,73 @@
+{
+  "log":{},
+  "inbounds":[
+    {
+      "port":"1080",
+      "protocol":"socks",
+      "settings":{
+        "auth":"noauth",
+        "udp":true
+      }
+    },
+    {
+      "port":"1081",
+      "protocol":"http",
+      "settings":{}
+    }
+  ],
+  "outbounds":[
+    {
+      "protocol":"vless",
+      "settings":{
+        "vnext":[
+          {
+            "address":"xx.com",
+            "port":443,
+            "users":[
+              {
+                "id":"",
+                "encryption":"none"
+              }
+            ]
+          }
+        ]
+      },
+      "streamSettings":{
+        "network":"http",
+        "security":"tls",
+        "httpSettings":{
+          "host":[
+            "xx.com"
+          ],
+          "path":"/path"
+        }
+      },
+      "tlsSettings":{
+        "alpn":["h3"],
+        "serverName":"xx.com"
+      }
+    },
+    {
+      "tag":"direct",
+      "protocol":"freedom",
+      "settings":{}
+    },
+    {
+      "tag":"blocked",
+      "protocol":"blackhole",
+      "settings":{}
+    }
+  ],
+  "routing":{
+    "domainStrategy":"IPOnDemand",
+    "rules":[
+      {
+        "type":"field",
+        "ip":[
+          "geoip:private"
+        ],
+        "outboundTag":"direct"
+      }
+    ]
+  }
+}
--- a/VLESS-HTTP-Caddy/VLESS-H3-Caddy/server.json
+++ b/VLESS-HTTP-Caddy/VLESS-H3-Caddy/server.json
@ -0,0 +1,66 @@
+{
+  "log": {
+    "loglevel": "warning"
+  },
+  "inbounds": [
+    {
+      "port": 2001,
+      "listen": "127.0.0.1",
+      "protocol": "vless",
+      "settings": {
+        "clients": [
+          {
+            "id": "",
+            "email": "love@example.com"
+          }
+        ],
+        "decryption": "none"
+      },
+      "streamSettings": {
+        "security": "tls",
+        "network": "http",
+        "httpSettings": {
+          "path": "/path",
+          "host": [
+            "xx.com"
+          ]
+        },
+        "tlsSettings": {
+          // "rejectUnknownSni": true,
+          "minVersion": "1.3",
+          "alpn": ["h3"],
+          "certificates": [
+              {
+                  "certificateFile": "CA.crt", // 换成你的证书，绝对路径
+                  "keyFile": "priv.key" // 换成你的私钥，绝对路径
+              }
+          ]
+        }
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "tag": "direct",
+      "protocol": "freedom",
+      "settings": {}
+    },
+    {
+      "tag": "blocked",
+      "protocol": "blackhole",
+      "settings": {}
+    }
+  ],
+  "routing": {
+    "domainStrategy": "AsIs",
+    "rules": [
+      {
+        "type": "field",
+        "ip": [
+          "geoip:private"
+        ],
+        "outboundTag": "blocked"
+      }
+    ]
+  }
+}
--- a/VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/Caddyfile
+++ b/VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/Caddyfile
@ -0,0 +1,11 @@
+xx.com {
+    log {
+        level DEBUG
+    }
+    root * /var/www
+    file_server
+    tls CA.crt priv.key # 换成你的证书和私钥，绝对路径
+    
+    reverse_proxy /path h2c://127.0.0.1:2001 {
+    }
+}
--- a/VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/README.md
+++ b/VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/README.md
@ -0,0 +1,5 @@
+# 原理图：
+Xray client <--- H3 ---> Caddy2 <--- H2C ---> Xray server
+
+注意：
+目前仅 Caddy2 的 v2.9.0-beta.2 版及以后完美支持 H3 转换 H2C 对接 Xray 的 H2C 入站。
--- a/VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/client.json
+++ b/VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/client.json
@ -0,0 +1,73 @@
+{
+  "log":{},
+  "inbounds":[
+    {
+      "port":"1080",
+      "protocol":"socks",
+      "settings":{
+        "auth":"noauth",
+        "udp":true
+      }
+    },
+    {
+      "port":"1081",
+      "protocol":"http",
+      "settings":{}
+    }
+  ],
+  "outbounds":[
+    {
+      "protocol":"vless",
+      "settings":{
+        "vnext":[
+          {
+            "address":"xx.com",
+            "port":443,
+            "users":[
+              {
+                "id":"",
+                "encryption":"none"
+              }
+            ]
+          }
+        ]
+      },
+      "streamSettings":{
+        "network":"http",
+        "security":"tls",
+        "httpSettings":{
+          "host":[
+            "xx.com"
+          ],
+          "path":"/path"
+        },
+        "tlsSettings":{
+          "alpn":["h3"],
+          "serverName":"xx.com"
+        }
+      }
+    },
+    {
+      "tag":"direct",
+      "protocol":"freedom",
+      "settings":{}
+    },
+    {
+      "tag":"blocked",
+      "protocol":"blackhole",
+      "settings":{}
+    }
+  ],
+  "routing":{
+    "domainStrategy":"IPOnDemand",
+    "rules":[
+      {
+        "type":"field",
+        "ip":[
+          "geoip:private"
+        ],
+        "outboundTag":"direct"
+      }
+    ]
+  }
+}
--- a/VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/server.json
+++ b/VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/server.json
@ -0,0 +1,55 @@
+{
+  "log": {
+    "loglevel": "warning"
+  },
+  "inbounds": [
+    {
+      "port": 2001,
+      "listen": "127.0.0.1",
+      "protocol": "vless",
+      "settings": {
+        "clients": [
+          {
+            "id": "",
+            "email": "love@example.com"
+          }
+        ],
+        "decryption": "none"
+      },
+      "streamSettings": {
+        "security": "none",
+        "network": "http",
+        "httpSettings": {
+          "path": "/path",
+          "host": [
+            "xx.com"
+          ]
+        }
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "tag": "direct",
+      "protocol": "freedom",
+      "settings": {}
+    },
+    {
+      "tag": "blocked",
+      "protocol": "blackhole",
+      "settings": {}
+    }
+  ],
+  "routing": {
+    "domainStrategy": "AsIs",
+    "rules": [
+      {
+        "type": "field",
+        "ip": [
+          "geoip:private"
+        ],
+        "outboundTag": "blocked"
+      }
+    ]
+  }
+}