docs: add http2/http2-caddy examples
This commit is contained in:
parent
ce515d83ca
commit
b7c90f51e6
9
docs/examples/http2-caddy/Caddyfile
Normal file
9
docs/examples/http2-caddy/Caddyfile
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
example.com {
|
||||||
|
proxy /<your-custom-path> https://127.0.0.1:59463 {
|
||||||
|
insecure_skip_verify
|
||||||
|
header_upstream Host {host}
|
||||||
|
header_upstream X-Real-IP {remote}
|
||||||
|
header_upstream X-Forwarded-For {remote}
|
||||||
|
header_upstream X-Forwarded-Proto {scheme}
|
||||||
|
}
|
||||||
|
}
|
40
docs/examples/http2-caddy/README.md
Normal file
40
docs/examples/http2-caddy/README.md
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
# http2-caddy
|
||||||
|
|
||||||
|
**Minimal Version Required: v3.4.0**
|
||||||
|
|
||||||
|
blinksocks can transfer data through [caddy] proxy server using http2:
|
||||||
|
|
||||||
|
```
|
||||||
|
+--------------------------------------------------+
|
||||||
|
| Caddy Server |
|
||||||
|
+-------------+ | +-----------+ | +------------+
|
||||||
|
| | h2://site.com/path | :433 h2://127.0.0.1:1234 | | | tcp:// | |
|
||||||
|
| bs-client <-----------------------> proxy /path +--------------------> bs-server <-------------> Target |
|
||||||
|
| | (encrypted) | (encrypted) | | | (raw) | |
|
||||||
|
+-------------+ | +-----------+ | +------------+
|
||||||
|
| |
|
||||||
|
+--------------------------------------------------+
|
||||||
|
```
|
||||||
|
|
||||||
|
When use `h2://` as transport on **server side**, make sure both `tls_cert` and `tls_key` is provided:
|
||||||
|
|
||||||
|
```
|
||||||
|
{
|
||||||
|
...
|
||||||
|
"tls_key": "key.pem",
|
||||||
|
"tls_cert": "cert.pem"
|
||||||
|
...
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
**self-signed** tls_cert is ok because we set `insecure_skip_verify` in Caddyfile.
|
||||||
|
|
||||||
|
## Generate key.pem and cert.pem
|
||||||
|
|
||||||
|
```
|
||||||
|
// self-signed certificate
|
||||||
|
$ openssl req -x509 -newkey rsa:4096 -nodes -sha256 -subj '/CN=example.com' \
|
||||||
|
-keyout key.pem -out cert.pem
|
||||||
|
```
|
||||||
|
|
||||||
|
[caddy]: https://caddyserver.com
|
15
docs/examples/http2-caddy/blinksocks.client.json
Normal file
15
docs/examples/http2-caddy/blinksocks.client.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"service": "socks5://127.0.0.1:1080",
|
||||||
|
"server": {
|
||||||
|
"service": "h2://example.com:64270",
|
||||||
|
"key": "zAcy9wve53gpm{YC",
|
||||||
|
"presets": [
|
||||||
|
{
|
||||||
|
"name": "ss-base"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "obfs-random-padding"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
14
docs/examples/http2-caddy/blinksocks.server.json
Normal file
14
docs/examples/http2-caddy/blinksocks.server.json
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{
|
||||||
|
"service": "h2://0.0.0.0:64270",
|
||||||
|
"key": "zAcy9wve53gpm{YC",
|
||||||
|
"presets": [
|
||||||
|
{
|
||||||
|
"name": "ss-base"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "obfs-random-padding"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tls_key": "key.pem",
|
||||||
|
"tls_cert": "cert.pem"
|
||||||
|
}
|
32
docs/examples/http2/README.md
Normal file
32
docs/examples/http2/README.md
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
# http2
|
||||||
|
|
||||||
|
**Minimal Version Required: v3.4.0**
|
||||||
|
|
||||||
|
blinksocks can transfer data using `http2`:
|
||||||
|
|
||||||
|
```
|
||||||
|
+-------------+ +-------------+ +------------+
|
||||||
|
| | h2://site.com/path | | tcp:// | |
|
||||||
|
| bs-client <----------------------> bs-server <-----------> Target |
|
||||||
|
| | | | | |
|
||||||
|
+-------------+ +-------------+ +------------+
|
||||||
|
```
|
||||||
|
|
||||||
|
When use `h2://` as transport, make sure both `tls_cert` and `tls_key` is provided to `bs-server`.
|
||||||
|
|
||||||
|
> If your are using self-signed certificate on server, please also provide the same `tls_cert` on client and also set `"tls_cert_self_signed": true`.
|
||||||
|
|
||||||
|
Make sure you provide **Common Name** of certificate NOT IP in client config:
|
||||||
|
|
||||||
|
```
|
||||||
|
{
|
||||||
|
...
|
||||||
|
"server": {
|
||||||
|
"service": "h2://<Common Name>:<port>",
|
||||||
|
"tls_cert": "cert.pem",
|
||||||
|
"tls_cert_self_signed": true
|
||||||
|
...
|
||||||
|
},
|
||||||
|
...
|
||||||
|
}
|
||||||
|
```
|
15
docs/examples/http2/blinksocks.client.json
Normal file
15
docs/examples/http2/blinksocks.client.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"service": "socks5://127.0.0.1:1080",
|
||||||
|
"server": {
|
||||||
|
"service": "h2://example.com:18732",
|
||||||
|
"key": "TZr[JmZYjNJ3USYq",
|
||||||
|
"presets": [
|
||||||
|
{
|
||||||
|
"name": "ss-base"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "obfs-random-padding"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
12
docs/examples/http2/blinksocks.server.json
Normal file
12
docs/examples/http2/blinksocks.server.json
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
{
|
||||||
|
"service": "tcp://0.0.0.0:18732",
|
||||||
|
"key": "TZr[JmZYjNJ3USYq",
|
||||||
|
"presets": [
|
||||||
|
{
|
||||||
|
"name": "ss-base"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "obfs-random-padding"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user