docs: add http2/http2-caddy examples

docs/examples/http2-caddy/Caddyfile

@@ -0,0 +1,9 @@
+example.com {
+    proxy /<your-custom-path> https://127.0.0.1:59463 {
+        insecure_skip_verify
+        header_upstream Host {host}
+        header_upstream X-Real-IP {remote}
+        header_upstream X-Forwarded-For {remote}
+        header_upstream X-Forwarded-Proto {scheme}
+    }
+}

docs/examples/http2-caddy/README.md

@@ -0,0 +1,40 @@
+# http2-caddy
+
+**Minimal Version Required: v3.4.0**
+
+blinksocks can transfer data through [caddy] proxy server using http2:
+
+```
+                                      +--------------------------------------------------+
+                                      | Caddy Server                                     |
++-------------+                       |                                   +-----------+  |          +------------+
+|             |  h2://site.com/path   |    :433       h2://127.0.0.1:1234 |           |  |  tcp://  |            |
+|  bs-client  <----------------------->  proxy /path +--------------------> bs-server <------------->   Target   |
+|             |     (encrypted)       |                   (encrypted)     |           |  |  (raw)   |            |
++-------------+                       |                                   +-----------+  |          +------------+
+                                      |                                                  |
+                                      +--------------------------------------------------+
+```
+
+When use `h2://` as transport on **server side**, make sure both `tls_cert` and `tls_key` is provided:
+
+```
+{
+  ...
+  "tls_key": "key.pem",
+  "tls_cert": "cert.pem"
+  ...
+}
+```
+
+**self-signed** tls_cert is ok because we set `insecure_skip_verify` in Caddyfile.
+
+## Generate key.pem and cert.pem
+
+```
+// self-signed certificate
+$ openssl req -x509 -newkey rsa:4096 -nodes -sha256 -subj '/CN=example.com' \
+    -keyout key.pem -out cert.pem
+```
+
+[caddy]: https://caddyserver.com

docs/examples/http2-caddy/blinksocks.client.json

@@ -0,0 +1,15 @@
+{
+  "service": "socks5://127.0.0.1:1080",
+  "server": {
+    "service": "h2://example.com:64270",
+    "key": "zAcy9wve53gpm{YC",
+    "presets": [
+      {
+        "name": "ss-base"
+      },
+      {
+        "name": "obfs-random-padding"
+      }
+    ]
+  }
+}

docs/examples/http2-caddy/blinksocks.server.json

@@ -0,0 +1,14 @@
+{
+  "service": "h2://0.0.0.0:64270",
+  "key": "zAcy9wve53gpm{YC",
+  "presets": [
+    {
+      "name": "ss-base"
+    },
+    {
+      "name": "obfs-random-padding"
+    }
+  ],
+  "tls_key": "key.pem",
+  "tls_cert": "cert.pem"
+}

docs/examples/http2/README.md

@@ -0,0 +1,32 @@
+# http2
+
+**Minimal Version Required: v3.4.0**
+
+blinksocks can transfer data using `http2`:
+
+```
++-------------+                      +-------------+           +------------+
+|             |  h2://site.com/path  |             |   tcp://  |            |
+|  bs-client  <---------------------->  bs-server  <----------->   Target   |
+|             |                      |             |           |            |
++-------------+                      +-------------+           +------------+
+```
+
+When use `h2://` as transport, make sure both `tls_cert` and `tls_key` is provided to `bs-server`.
+
+> If your are using self-signed certificate on server, please also provide the same `tls_cert` on client and also set `"tls_cert_self_signed": true`.
+
+Make sure you provide **Common Name** of certificate NOT IP in client config:
+
+```
+{
+  ...
+  "server": {
+    "service": "h2://<Common Name>:<port>",
+    "tls_cert": "cert.pem",
+    "tls_cert_self_signed": true
+    ...
+  },
+  ...
+}
+```

docs/examples/http2/blinksocks.client.json

@@ -0,0 +1,15 @@
+{
+  "service": "socks5://127.0.0.1:1080",
+  "server": {
+    "service": "h2://example.com:18732",
+    "key": "TZr[JmZYjNJ3USYq",
+    "presets": [
+      {
+        "name": "ss-base"
+      },
+      {
+        "name": "obfs-random-padding"
+      }
+    ]
+  }
+}

docs/examples/http2/blinksocks.server.json

@@ -0,0 +1,12 @@
+{
+  "service": "tcp://0.0.0.0:18732",
+  "key": "TZr[JmZYjNJ3USYq",
+  "presets": [
+    {
+      "name": "ss-base"
+    },
+    {
+      "name": "obfs-random-padding"
+    }
+  ]
+}