Trojan与oneinstack 共存
关键 : 让 Trojan监听非443端口
- 准备: 安装好oneinstack
1 新建一个 vhost 让 oneinstack 自动申请好 Let’s Encrypt 证书(或者自己准备证书),修改 vhost 默认配置文件。
server
{
listen 80;
server_name hostname.com;
root /data/wwwroot/default;
index index.html index.htm index.php;
}2 在 /usr/local/nginx/conf/nginx.conf 的 http 字段添加如下代码
log_format main $remote_addr – $remote_user [$time_local] "$request"
$status $body_bytes_sent "$http_referer"
"$http_user_agent" "$http_x_forwarded_for"nginx -t 测试一下,无误后 service nginx restart
3 让 Trojan监听非443端口
1 cd /usr/local 目录下 下载 Trojan 服务端
2 解压 到 cd /usr/local/trojan 下
3 在 cd /usr/local/trojan 新建 一个server.conf配置文件 ,监听非443端口local_port": 90
{
"run_type": "server",
"local_addr": "0.0.0.0",
"local_port": 90,
"remote_addr": "127.0.0.1",
"remote_port": 80,
"password": [
"链接时的密钥"
],
"log_level": 1,
"ssl": {
"cert": "/usr/local/nginx/conf/ssl/证书路径.crt",
"key": "/usr/local/nginx/conf/ssl/证书路径.key",
"key_password": "",
"cipher_tls13":"TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"prefer_server_cipher": true,
"alpn": [
"http/1.1"
],
"reuse_session": true,
"session_ticket": false,
"session_timeout": 600,
"plain_http_response": "",
"curves": "",
"dhparam": ""
},
"tcp": {
"no_delay": true,
"keep_alive": true,
"fast_open": false,
"fast_open_qlen": 20
},
"mysql": {
"enabled": false,
"server_addr": "127.0.0.1",
"server_port": 3306,
"database": "trojan",
"username": "trojan",
"password": ""
}
}
4 创建 Trojan 自启服务
- Debian9 系统找到/lib/systemd/system/目录,并创建trojan.service文件
- CentOS7 系统找到/usr/lib/systemd/system/目录,并创建trojan.service文件
trojan.service
[Unit]
Description=trojan
After=network.target
[Service]
Type=simple
PIDFile=/usr/src/trojan/trojan/trojan.pid
ExecStart=/usr/src/trojan/trojan -c "/usr/src/trojan/server.conf"
ExecReload=
ExecStop=/usr/src/trojan/trojan
PrivateTmp=true
[Install]
WantedBy=multi-user.target设置启动 Trojan 服务
systemctl start trojan.service #启动 Trojan
systemctl enable trojan.service #设置 Trojan 服务开机自启
systemctl stop trojan.service #停止 Trojan5 客户端软件(Trojan-Qt5) 链接
