在ubuntu中使用nginx和trojan

前期准备工作

关闭防火墙

ufw disable

更新索引和相关依赖

apt update

/var/www/htmlindex.html

mkdir -p /var/www/html

/etc/trojan-goconfig.json

mkdir -p /etc/trojan-go

签发证书

acme.shmy@example.com

wget -O -  https://get.acme.sh | sh -s email=my@example.com

socatacme.sh

apt install -y socat

example.com80

~/.acme.sh/acme.sh --issue -d example.com --standalone

example.comserver.keyserver.crt/etc/trojan-go

~/.acme.sh/acme.sh --install-cert -d example.com --key-file /etc/trojan-go/server.key --fullchain-file /etc/trojan-go/server.crt

acme.sh

~/.acme.sh/acme.sh --upgrade --auto-upgrade

搭建网站

nginxtrojan-go

apt install -y nginx

/var/www/htmlindex.html

nano /var/www/html/index.html

/var/www/html/index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>网站建设中</title>
</head>
<body>
    <p>网站建设中</p>
</body>
</html>

搭建网络代理

trojan-go

wget https://github.com/p4gefau1t/trojan-go/releases/download/v0.10.6/trojan-go-linux-amd64.zip

trojan-go-linux-amd64.ziptrojan-go

unzip -d trojan-go trojan-go-linux-amd64.zip

trojan-go/usr/bin/

cp trojan-go/trojan-go /usr/bin/trojan-go

/etc/trojan-goconfig.jsonpasswordexample.com

nano /etc/trojan-go/config.json

/etc/trojan-go/config.json

{
    "run_type": "server",
    "local_addr": "0.0.0.0",
    "local_port": 443,
    "remote_addr": "127.0.0.1",
    "remote_port": 80,
    "password": [
        "password"
    ],
    "ssl": {
        "cert": "/etc/trojan-go/server.crt",
        "key": "/etc/trojan-go/server.key",
        "sni": "example.com"
    }
}

/etc/trojan-goserver.keyserver.crttrojan-go

chmod 777 /etc/trojan-go/server.key /etc/trojan-go/server.crt

config.jsontrojan-go

trojan-go -config /etc/trojan-go/config.json

开机启动服务

trojan-go.service

nano /etc/systemd/system/trojan-go.service

/etc/systemd/system/trojan-go.service

[Unit]
Description=Trojan-Go
After=network.target nss-lookup.target

[Service]
Type=simple
User=root
ExecStart=/usr/bin/trojan-go -config /etc/trojan-go/config.json
Restart=on-failure
RestartSec=10s
LimitNOFILE=infinity

[Install]
WantedBy=multi-user.target

开机启动服务的相关操作

启动服务

systemctl start trojan-go.service

重启服务

systemctl restart trojan-go.service

停止服务

systemctl stop trojan-go.service

查看服务

systemctl status trojan-go.service

激活服务

systemctl enable trojan-go.service

禁用服务

systemctl disable trojan-go.service