需要用到的软件包

  • Nginx
  • Caddy

NGINX的编译参数

nginx version: nginx/1.17.1 built by gcc 7.4.0 (Ubuntu/Linaro 7.4.0-1ubuntu1~18.04.1) built with OpenSSL 1.1.1c 28 May 2019 TLS SNI support enabled configure arguments: --with-openssl=../openssl-OpenSSL_1_1_1c --with-openssl-opt=enable-tls1_3 --add-module=../ngx_brotli --add-module=../naxsi-0.56/naxsi_src --with-stream --with-stream_realip_module --with-stream_ssl_preread_module --with-stream_ssl_module --with-mail --with-mail_ssl_module --with-http_geoip_module --with-http_addition_module --with-threads --with-http_dav_module --with-http_slice_module --with-http_xslt_module --with-http_image_filter_module --with-http_auth_request_module --with-compat --with-file-aio --with-http_flv_module --with-http_mp4_module --with-http_random_index_module --with-http_secure_link_module --with-pcre-jit --with-http_sub_module --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_gzip_static_module --with-http_gunzip_module --with-http_degradation_module
Code language: JavaScript (javascript)

Caddy的配置

#基于之前发过的教程安装Caddy #修改Caddy配置文件 #位于/etc/caddy/Caddyfile #以下是该文件的示例 echo "https://www.starx.ink:4433 { gzip tls /media/OTD/src/ssl/archive/starx.ml/fullchain1.pem /media/OTD/src/ssl/archive/starx.ml/privkey1.pem proxy / https://www.starx.ink:443 { header_upstream Host {host} header_upstream X-Real-IP {remote} header_upstream X-Forwarded-For {remote} header_upstream X-Forwarded-Proto {scheme} } log /var/log/caddy/caddy_log.log errors /var/log/caddy/caddy_errors.log } " > /etc/caddy/Caddyfile systemctl start caddy
Code language: PHP (php)

NGINX的配置

#根据给出的编译参数编译安装后更改配置文件 #位于/usr/local/nginx/conf/nginx.conf #以下为示例 echo "stream { upstream quic_caddy { server 127.0.0.1:4433; } server { listen 443 udp; proxy_pass quic_caddy; } } " >> /usr/local/nginx/conf/nginx.conf ##Server段的配置添加以下 #add_header alt-svc 'quic=":443", h2=":443"; ma=2592000; persist=1; v="44,43,39"'; killall nginx nginx
Code language: PHP (php)

检测是否生效

root@starx:/var/log/caddy# netstat -pul|grep nginx udp 0 0 0.0.0.0:443 0.0.0.0:* 4154/nginx: worker root@starx:/var/log/caddy# curl -I https://www.starx.ink HTTP/2 200 server: nginx date: Sat, 13 Jul 2019 15:03:33 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding link: <https://www.starx.ink/wp-json/>; rel="https://api.w.org/" alt-svc: quic=":443", h2=":443"; ma=2592000; persist=1; v="44,43,39" strict-transport-security: max-age=63072000; includeSubDomains; preload x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block x-robots-tag: none x-download-options: noopen x-permitted-cross-domain-policies: none
Code language: PHP (php)

结束。

分类: Web

0 条评论

发表评论

Avatar placeholder

您的电子邮箱地址不会被公开。

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据