需要用到的软件包

  • Nginx
  • Caddy

NGINX的编译参数

nginx version: nginx/1.17.1
built by gcc 7.4.0 (Ubuntu/Linaro 7.4.0-1ubuntu1~18.04.1) 
built with OpenSSL 1.1.1c  28 May 2019
TLS SNI support enabled
configure arguments: --with-openssl=../openssl-OpenSSL_1_1_1c --with-openssl-opt=enable-tls1_3 --add-module=../ngx_brotli --add-module=../naxsi-0.56/naxsi_src --with-stream --with-stream_realip_module --with-stream_ssl_preread_module --with-stream_ssl_module --with-mail --with-mail_ssl_module --with-http_geoip_module --with-http_addition_module --with-threads --with-http_dav_module --with-http_slice_module --with-http_xslt_module --with-http_image_filter_module --with-http_auth_request_module --with-compat --with-file-aio --with-http_flv_module --with-http_mp4_module --with-http_random_index_module --with-http_secure_link_module --with-pcre-jit --with-http_sub_module --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_gzip_static_module --with-http_gunzip_module --with-http_degradation_moduleCode language: JavaScript (javascript)

Caddy的配置

#基于之前发过的教程安装Caddy
#修改Caddy配置文件
#位于/etc/caddy/Caddyfile
#以下是该文件的示例
echo "https://www.starx.ink:4433
{
gzip
tls /media/OTD/src/ssl/archive/starx.ml/fullchain1.pem /media/OTD/src/ssl/archive/starx.ml/privkey1.pem
proxy / https://www.starx.ink:443 {

header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-For {remote}
header_upstream X-Forwarded-Proto {scheme}
}
log /var/log/caddy/caddy_log.log
errors /var/log/caddy/caddy_errors.log
}
" > /etc/caddy/Caddyfile
systemctl start caddyCode language: PHP (php)

NGINX的配置

#根据给出的编译参数编译安装后更改配置文件
#位于/usr/local/nginx/conf/nginx.conf
#以下为示例
echo "stream {
    upstream quic_caddy {
    server 127.0.0.1:4433;
}
server {
    listen 443 udp;
    proxy_pass quic_caddy;
}
}
" >> /usr/local/nginx/conf/nginx.conf
##Server段的配置添加以下
#add_header alt-svc 'quic=":443", h2=":443"; ma=2592000; persist=1; v="44,43,39"';
killall nginx
nginxCode language: PHP (php)

检测是否生效

root@starx:/var/log/caddy# netstat -pul|grep nginx
udp        0      0 0.0.0.0:443             0.0.0.0:*                           4154/nginx: worker  
root@starx:/var/log/caddy# curl -I https://www.starx.ink
HTTP/2 200 
server: nginx
date: Sat, 13 Jul 2019 15:03:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.starx.ink/wp-json/>; rel="https://api.w.org/"
alt-svc: quic=":443", h2=":443"; ma=2592000; persist=1; v="44,43,39"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: none
x-download-options: noopen
x-permitted-cross-domain-policies: none
Code language: PHP (php)

结束。

分类: Web

0 条评论

发表回复

Avatar placeholder

您的电子邮箱地址不会被公开。 必填项已用*标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据