本文及资源最后更新时间 2021-01-29 by sky995
caddy-l4: a tcp/udp app for caddy | 使用caddy做站的同时,也可以用其来sni分流转发流量
- 服务器分配端口较少时,以此节约端口
- 商家限制安装代理软件,使用caddy可能会降低一定的风险
- 可以配置转发到开启Cloudflare的CDN域名,相比iptables转发,没有盗用风险
- 可搭建naiveproxy
以下教程在debian 10 64上测试,仅供参考:
dpkg安装caddy服务
trap 'rm -f "$TMPFILE"' EXIT; TMPFILE=$(mktemp) || exit 1
caddyURL="$(wget -qO- https://api.github.com/repos/caddyserver/caddy/releases | grep -E "browser_download_url.*linux_amd64\.deb" | cut -f4 -d\" | head -n1)"
wget -O $TMPFILE $caddyURL && dpkg -i $TMPFILE
#### 替换caddy文件为https://github.com/mixool/caddys版本,此版本有layer4插件
naivecaddyURL="https://github.com/mixool/caddys/raw/master/caddy"
rm -rf /usr/bin/caddy
wget --no-check-certificate -O /usr/bin/caddy $naivecaddyURL && chmod +x /usr/bin/caddy
sed -i "s/caddy\/Caddyfile$/caddy\/Caddyfile\.json/g" /lib/systemd/system/caddy.service && systemctl daemon-reload
按需修改/etc/caddy/Caddyfile.json文件
{
"admin": {"disabled": true},
"apps": {
"layer4": {
"servers": {
"example0": {
"listen": [":20143"],
"routes": [
{
"match": [{"tls": {"sni": ["example1.com"]}}],
"handle": [
{
"handler": "proxy",
"upstreams": [{"dial": ["example1.com:443"]}]
}
]
},
{
"match": [{"tls": {"sni": ["example2.com"]}}],
"handle": [
{
"handler": "proxy",
"upstreams": [{"dial": ["example2.com:443"]}]
}
]
}
]
}
}
}
}
}
启动服务
systemctl enable caddy && systemctl restart caddy && sleep 3 && systemctl status caddy