github/Xray-examples
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-examples.git synced 2025-06-28 13:16:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add files via upload

Browse Source 
trojan的xtls配置
设置服务端配置的minVersion和OCSP Stapling
nginx.conf增加HSTS
This commit is contained in:
OnlyCharacter 2021-01-12 23:21:10 +08:00 committed by GitHub
parent 9771ef34cf
commit 9ea78e8a91
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 164 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
config_client.json Normal file
View File

@ -0,0 +1,48 @@
{
"log": {
"loglevel": "debug"
},
"inbounds": [
{
"port": 1080,
"listen": "127.0.0.1",
"protocol": "socks",
"settings": {
"udp": true
}
},
{
"port": 1081,
"protocol": "http",
"sniffing": {
"enabled": true,
"destOverride": ["http", "tls"]
},
"settings": {
"auth": "noauth"
}
}
],
"outbounds": [
{
"protocol": "trojan",
"settings": {
"servers": [
{
"address": "example.com", //IP
"flow": "xtls-rprx-direct", //Linux"xtls-rprx-splice"
"port": 443,
"password": "your_password" //
}
]
},
"streamSettings": {
"network": "tcp",
"security": "xtls",
"xtlsSettings": {
"serverName": "example.com" //
}
}
}
]
}

53
config_server.json Normal file
View File

@ -0,0 +1,53 @@
{
"log": {
"loglevel": "debug"
},
"inbounds": [
{
"port": 443,
"protocol": "trojan",
"settings": {
"clients": [
{
"password":"your_password", //
"flow": "xtls-rprx-direct"
}
],
"fallbacks": [
{
"dest": "/dev/shm/default.sock",
"xver": 1
},
{
"alpn": "h2",
"dest": "/dev/shm/h2c.sock",
"xver": 1
}
]
},
"streamSettings": {
"network": "tcp",
"security": "xtls",
"xtlsSettings": {
"alpn": [
"http/1.1",
"h2"
],
"certificates": [
{
"certificateFile": "/path/to/cert", //
"keyFile": "/path/to/key" //
}
],
"minVersion": "1.2", //ecc使TLSv1.2ecc
"ocspStapling": 3600 //3600
}
}
}
],
"outbounds": [
{
"protocol": "freedom"
}
]
}

63
nginx.conf Normal file
View File

@ -0,0 +1,63 @@
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$proxy_protocol_addr:$proxy_protocol_port';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
#listen 80 default_server;
#listen [::]:80 default_server;
listen [::]:80 default ipv6only=off;
return 301 https://$http_host$request_uri;
}
server {
listen unix:/dev/shm/default.sock proxy_protocol;
listen unix:/dev/shm/h2c.sock http2 proxy_protocol;
# 把example.com换成你的域名
server_name example.com;
root /usr/share/nginx/html;
set_real_ip_from 127.0.0.1;
include /etc/nginx/default.d/*.conf;
# 开启HSTS混sslab的A+
add_header Strict-Transport-Security "max-age=63072000" always;
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}