1 卸载/关闭Ubuntu防火墙

  • 1.1 关闭ubuntu的防火墙(UFW)
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
ufw disable
ufw disable
ufw disable
  • 1.2 关闭ubuntu的防火墙(IP TABLES)
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F 
iptables -P INPUT ACCEPT 
iptables -P FORWARD ACCEPT 
iptables -P OUTPUT ACCEPT 
iptables -F
  • 1.3 卸载ubuntu的防火墙(IP TABLES)
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
apt-get remove iptables
apt-get remove iptables
apt-get remove iptables

2 安装V2ray

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
bash <(curl -L -s https://mirror.hilz.top/github/v2ray_install/go1.sh)
bash <(curl -L -s https://mirror.hilz.top/github/v2ray_install/go1.sh)
bash <(curl -L -s https://mirror.hilz.top/github/v2ray_install/go1.sh)

3 安装BBRplus内核

为了加速TCP,可不安装。

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
wget --no-check-certificate -O tcp.sh https://github.com/cx9208/Linux-NetSpeed/raw/master/tcp.sh && chmod +x tcp.sh && ./tcp.sh
wget --no-check-certificate -O tcp.sh https://github.com/cx9208/Linux-NetSpeed/raw/master/tcp.sh && chmod +x tcp.sh && ./tcp.sh
wget --no-check-certificate -O tcp.sh https://github.com/cx9208/Linux-NetSpeed/raw/master/tcp.sh && chmod +x tcp.sh && ./tcp.sh

4 安装Caddy

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
curl https://getcaddy.com | bash -s personal
curl https://getcaddy.com | bash -s personal
curl https://getcaddy.com | bash -s personal

5 申请CDN CloudFlare (可选)

https://dash.cloudflare.com/

6 安装 DNS CloudFlare for Caddy插件

使用CDN必须安装

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
curl https://getcaddy.com | bash -s personal tls.dns.cloudflare
curl https://getcaddy.com | bash -s personal tls.dns.cloudflare
curl https://getcaddy.com | bash -s personal tls.dns.cloudflare

7 配置caddy

  • 7.1 创建配置文件放到 /etc/caddy 目录
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
sudo mkdir /etc/caddy
sudo touch /etc/caddy/Caddyfile
sudo chown -R root:www-data /etc/caddy
sudo mkdir /etc/caddy sudo touch /etc/caddy/Caddyfile sudo chown -R root:www-data /etc/caddy
sudo mkdir /etc/caddy
sudo touch /etc/caddy/Caddyfile
sudo chown -R root:www-data /etc/caddy
  • 7.2 配置ssl证书目录
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
sudo mkdir /etc/ssl/caddy
sudo chown -R www-data:root /etc/ssl/caddy
sudo chmod 0770 /etc/ssl/caddy
sudo mkdir /etc/ssl/caddy sudo chown -R www-data:root /etc/ssl/caddy sudo chmod 0770 /etc/ssl/caddy
sudo mkdir /etc/ssl/caddy
sudo chown -R www-data:root /etc/ssl/caddy
sudo chmod 0770 /etc/ssl/caddy
  • 7.3 配置网站目录

可以不配置,只是为了看起来更像正常网站而已

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
sudo mkdir /var/www
sudo chown www-data:www-data /var/www
sudo mkdir /var/www sudo chown www-data:www-data /var/www
sudo mkdir /var/www
sudo chown www-data:www-data /var/www
  • 7.4 创建Caddy Systemd服务单元

安装systemd服务单元配置文件,重新加载systemd守护程序:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
wget https://mirror.hilz.top/github/caddy_service/caddy.service
sudo cp caddy.service /etc/systemd/system/
sudo chown root:root /etc/systemd/system/caddy.service
sudo chmod 644 /etc/systemd/system/caddy.service
sudo systemctl daemon-reload
sudo systemctl enable caddy.service
sudo systemctl status caddy.service
wget https://mirror.hilz.top/github/caddy_service/caddy.service sudo cp caddy.service /etc/systemd/system/ sudo chown root:root /etc/systemd/system/caddy.service sudo chmod 644 /etc/systemd/system/caddy.service sudo systemctl daemon-reload sudo systemctl enable caddy.service sudo systemctl status caddy.service
wget https://mirror.hilz.top/github/caddy_service/caddy.service
sudo cp caddy.service /etc/systemd/system/
sudo chown root:root /etc/systemd/system/caddy.service
sudo chmod 644 /etc/systemd/system/caddy.service
sudo systemctl daemon-reload
sudo systemctl enable caddy.service
sudo systemctl status caddy.service
  • 7.5 创建DNS CloudFlare for Caddy插件

打开sys并在service中加入变量

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
[Service]
Environment=CLOUDFLARE_EMAIL=***********
Environment=CLOUDFLARE_API_KEY=***********
sudo systemctl daemon-reload
[Service] Environment=CLOUDFLARE_EMAIL=*********** Environment=CLOUDFLARE_API_KEY=*********** sudo systemctl daemon-reload
[Service]
Environment=CLOUDFLARE_EMAIL=***********
Environment=CLOUDFLARE_API_KEY=***********
sudo systemctl daemon-reload

Caddyfile 配置样例

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
********
{
root /var/www
gzip
tls {
dns cloudflare
}
proxy /lz localhost:9000 {
websocket
header_upstream -Origin
}
}
******** { root /var/www gzip tls { dns cloudflare } proxy /lz localhost:9000 { websocket header_upstream -Origin } }
********
{
root /var/www
gzip
tls {
dns cloudflare
}

proxy /lz localhost:9000 {
websocket
header_upstream -Origin
}
}