Trojan与oneinstack 共存

关键 : 让 Trojan监听非443端口

  • 准备: 安装好oneinstack

1 新建一个 vhost 让 oneinstack 自动申请好 Let’s Encrypt 证书(或者自己准备证书),修改 vhost 默认配置文件。

server
    {
        listen 80;
        server_name hostname.com;
        root /data/wwwroot/default;
        index index.html index.htm index.php;
    }

2 在 /usr/local/nginx/conf/nginx.conf 的 http 字段添加如下代码

  log_format  main  $remote_addr – $remote_user [$time_local] "$request"
  $status $body_bytes_sent "$http_referer"
  "$http_user_agent" "$http_x_forwarded_for"

nginx -t 测试一下,无误后 service nginx restart

3 让 Trojan监听非443端口

1 cd /usr/local 目录下 下载 Trojan 服务端

2 解压 到 cd /usr/local/trojan

3 在 cd /usr/local/trojan 新建 一个server.conf配置文件 ,监听非443端口local_port": 90

{
    "run_type": "server",
    "local_addr": "0.0.0.0",
    "local_port": 90,
    "remote_addr": "127.0.0.1",
    "remote_port": 80,
    "password": [
        "链接时的密钥"
    ],
    "log_level": 1,
    "ssl": {
        "cert": "/usr/local/nginx/conf/ssl/证书路径.crt",
        "key": "/usr/local/nginx/conf/ssl/证书路径.key",
        "key_password": "",
        "cipher_tls13":"TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"prefer_server_cipher": true,
        "alpn": [
            "http/1.1"
        ],
        "reuse_session": true,
        "session_ticket": false,
        "session_timeout": 600,
        "plain_http_response": "",
        "curves": "",
        "dhparam": ""
    },
    "tcp": {
        "no_delay": true,
        "keep_alive": true,
        "fast_open": false,
        "fast_open_qlen": 20
    },
    "mysql": {
        "enabled": false,
        "server_addr": "127.0.0.1",
        "server_port": 3306,
        "database": "trojan",
        "username": "trojan",
        "password": ""
    }
}

4 创建 Trojan 自启服务

  • Debian9 系统找到/lib/systemd/system/目录,并创建trojan.service文件
  • CentOS7 系统找到/usr/lib/systemd/system/目录,并创建trojan.service文件

trojan.service

[Unit]  
Description=trojan  
After=network.target  
   
[Service]  
Type=simple  
PIDFile=/usr/src/trojan/trojan/trojan.pid
ExecStart=/usr/src/trojan/trojan -c "/usr/src/trojan/server.conf"  
ExecReload=  
ExecStop=/usr/src/trojan/trojan  
PrivateTmp=true  
   
[Install]  
WantedBy=multi-user.target

设置启动 Trojan 服务

systemctl start trojan.service  #启动 Trojan

systemctl enable trojan.service  #设置 Trojan 服务开机自启

systemctl stop trojan.service  #停止 Trojan

5 客户端软件(Trojan-Qt5) 链接

最后修改:2021 年 01 月 04 日 05 : 37 PM
如果觉得我的文章对你有用,请随意赞赏