Trojan Go caddy2 certbot

Aug 13, 2020 trojan-gfw caddy2 certbot
Share on:

trojan+caddy2+certbot

ubuntu 20.04

ubuntu 20.04 install trojan

1sudo apt update
2sudo apt-get install trojan -y

ubuntu 19.04\18.10

1sudo apt update
2sudo add-apt-repository ppa:greaterfire/trojan
3sudo apt-get update
4sudo apt-get install trojan

install cerbot

1sudo snap install --classic certbot;fuser -k 80/tcp;sudo certbot certonly --standalone --register-unsafely-without-email

1/etc/letsencrypt/live/cnm.scaleya.xyz/fullchain.pem
2
3
4/etc/letsencrypt/live/cnm.scaleya.xyz/privkey.pem
5

install caddy2

1echo "deb [trusted=yes] https://apt.fury.io/caddy/ /" \
2    | sudo tee -a /etc/apt/sources.list.d/caddy-fury.list
3sudo apt update
4sudo apt install caddy
5

trojan config

 1{
 2    "run_type": "server",
 3    "local_addr": "0.0.0.0",
 4    "local_port": 443,
 5    "remote_addr": "127.0.0.1",
 6    "remote_port": 80,
 7    "password": [
 8        "password1",
 9        "password2"
10    ],
11    "log_level": 1,
12    "ssl": {
13        "cert": "/etc/letsencrypt/live/cnm.scaleya.xyz/fullchain.pem",
14        "key": "/etc/letsencrypt/live/cnm.scaleya.xyz/privkey.pem",
15        "key_password": "",
16        "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384",
17        "cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
18        "prefer_server_cipher": true,
19        "alpn": [
20            "http/1.1"
21        ],
22        "reuse_session": true,
23        "session_ticket": false,
24        "session_timeout": 600,
25        "plain_http_response": "",
26        "curves": "",
27        "dhparam": ""
28    },
29    "tcp": {
30        "prefer_ipv4": false,
31        "no_delay": true,
32        "keep_alive": true,
33        "reuse_port": false,
34        "fast_open": false,
35        "fast_open_qlen": 20
36    },
37    "mysql": {
38        "enabled": false,
39        "server_addr": "127.0.0.1",
40        "server_port": 3306,
41        "database": "trojan",
42        "username": "trojan",
43        "password": ""
44    }
45}
46

caddy2 config /etc/caddy/Caddyfile

1:80
2redir https://none.blue 301

证书权限

1chown -R nobody /etc/letsencrypt/

run caddy2 & trojan

1systemctl enable caddy;systemctl stop caddy;systemctl start caddy;journalctl -u caddy | tail -20
2systemctl enable trojan;systemctl stop trojan;systemctl start trojan;journalctl -u trojan | tail -20