Update Caddyfile

* Simplify SplitHTTP further, and add Caddyfile

* raise log level

* enable udp

---------

Co-authored-by: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>

All-in-One-fallbacks-Nginx/client.configs/ShadowSocks-WS-TLS.jsonc

@@ -28,7 +28,7 @@
       "streamSettings": {
         "network": "ws",
         "wsSettings": {
-          "path": "/ssws?ed=2048"
+          "path": "/ssws?ed=2560"
         },
         "security": "tls",
         "tlsSettings": {

All-in-One-fallbacks-Nginx/client.configs/Trojan-WS-TLS.jsonc

@@ -27,7 +27,7 @@
       "streamSettings": {
         "network": "ws",
         "wsSettings": {
-          "path": "/trojanws?ed=2048"
+          "path": "/trojanws?ed=2560"
         },
         "security": "tls",
         "tlsSettings": {

All-in-One-fallbacks-Nginx/client.configs/VMESS-WS-TLS.jsonc

@@ -33,7 +33,7 @@
       "streamSettings": {
         "network": "ws",
         "wsSettings": {
-          "path": "/vmws?ed=2048"
+          "path": "/vmws?ed=2560"
         },
         "security": "tls",
         "tlsSettings": {

All-in-One-fallbacks-Nginx/client.configs/Vless-WS-TLS.jsonc

@@ -32,7 +32,7 @@
       "streamSettings": {
         "network": "ws",
         "wsSettings": {
-          "path": "/vlws?ed=2048"
+          "path": "/vlws?ed=2560"
         },
         "security": "tls",
         "tlsSettings": {

Trojan-gRPC-Caddy2／Nginx/README.md

@@ -23,7 +23,7 @@ server {
         keepalive_timeout 30m;
 	# 在 location 后填写 /你的 ServiceName
 	location /你的 ServiceName {
-		if ($content_type !~ "application/grpc") {
+		if ($content_type !~ "^application/grpc") {
 			return 404;
 		}
 		client_max_body_size 0;

VLESS-GRPC/Caddyfile

@@ -4,6 +4,7 @@ xx.com {
 		path /ServiceName/* # 修改为你自己的 ServiceName，且仅能存在两个斜杠。（如：/MyService/ServiceName/*会导致错误）
 	}
 	reverse_proxy @grpc unix//dev/shm/Xray-VLESS-gRPC.socket {
+		flush_interval -1
 		transport http {
 			versions h2c
 		}

VLESS-GRPC/README.md

@@ -23,7 +23,7 @@ server {
         keepalive_timeout 30m;
 	# 在 location 后填写 /你的 ServiceName
 	location /你的 ServiceName {
-		if ($content_type !~ "application/grpc") {
+		if ($content_type !~ "^application/grpc") {
 			return 404;
 		}
 		client_max_body_size 0;

VLESS-HTTP-Caddy/README.md

@@ -0,0 +1,9 @@
+Xray 基于 HTTP/2 或 HTTP/3 的传输方式完整按照 HTTP 标准实现，可以通过其它的 HTTP 服务器（如 Caddy）进行中转。
+
+Caddy 使用 reverse_proxy 模块，一般使用 path 分流，主路径伪装为网站，中间人无法探测到 Xray-core（请使用复杂 path）。
+
+Caddy 默认开启 UDP 同端口的 HTTP/3 服务器，目前支持三种中转方式
+
+- HTTP/2
+- HTTP/3 解密后重新加密
+- HTTP/3 转 H2C

VLESS-HTTP-Caddy/VLESS-H2C-Caddy/Caddyfile

@@ -1,6 +1,10 @@
 xx.com {
+    log {
+        level DEBUG
+    }
     root * /var/www
     file_server
+    tls CA.crt priv.key # 换成你的证书和私钥，绝对路径
     
     reverse_proxy /path 127.0.0.1:2001 {
         transport http {

VLESS-HTTP-Caddy/VLESS-H3-Caddy/Caddyfile

@@ -0,0 +1,17 @@
+xx.com {
+    log {
+        level DEBUG
+    }
+    root * /var/www
+    file_server
+    tls CA.crt priv.key # 换成你的证书和私钥，绝对路径
+    
+    reverse_proxy /path 127.0.0.1:2001 {
+        transport http {
+            tls
+            tls_client_auth CA.crt priv.key # 换成你的证书和私钥，绝对路径
+            tls_server_name xx.com
+            versions 3
+        }
+    }
+}

VLESS-HTTP-Caddy/VLESS-H3-Caddy/README.md

@@ -0,0 +1,7 @@
+# 原理图：
+Xray client <--- H3 ---> Caddy2 <--- H3 ---> Xray server
+
+注意：
+由于 H3 没有解密的明文传输标准 这种模式 Caddy 解密流量之后 会重新加密 会增加少许延迟和负载
+
+目前仅 Caddy2 的 v2.9.0-beta.2 版及以后完美支持 Xray 的 H3 入站。

VLESS-HTTP-Caddy/VLESS-H3-Caddy/client.jsonc

@@ -0,0 +1,73 @@
+{
+  "log":{},
+  "inbounds":[
+    {
+      "port":"1080",
+      "protocol":"socks",
+      "settings":{
+        "auth":"noauth",
+        "udp":true
+      }
+    },
+    {
+      "port":"1081",
+      "protocol":"http",
+      "settings":{}
+    }
+  ],
+  "outbounds":[
+    {
+      "protocol":"vless",
+      "settings":{
+        "vnext":[
+          {
+            "address":"xx.com",
+            "port":443,
+            "users":[
+              {
+                "id":"",
+                "encryption":"none"
+              }
+            ]
+          }
+        ]
+      },
+      "streamSettings":{
+        "network":"http",
+        "security":"tls",
+        "httpSettings":{
+          "host":[
+            "xx.com"
+          ],
+          "path":"/path"
+        }
+      },
+      "tlsSettings":{
+        "alpn":["h3"],
+        "serverName":"xx.com"
+      }
+    },
+    {
+      "tag":"direct",
+      "protocol":"freedom",
+      "settings":{}
+    },
+    {
+      "tag":"blocked",
+      "protocol":"blackhole",
+      "settings":{}
+    }
+  ],
+  "routing":{
+    "domainStrategy":"IPOnDemand",
+    "rules":[
+      {
+        "type":"field",
+        "ip":[
+          "geoip:private"
+        ],
+        "outboundTag":"direct"
+      }
+    ]
+  }
+}

VLESS-HTTP-Caddy/VLESS-H3-Caddy/server.jsonc

@@ -0,0 +1,66 @@
+{
+  "log": {
+    "loglevel": "warning"
+  },
+  "inbounds": [
+    {
+      "port": 2001,
+      "listen": "127.0.0.1",
+      "protocol": "vless",
+      "settings": {
+        "clients": [
+          {
+            "id": "",
+            "email": "love@example.com"
+          }
+        ],
+        "decryption": "none"
+      },
+      "streamSettings": {
+        "security": "tls",
+        "network": "http",
+        "httpSettings": {
+          "path": "/path",
+          "host": [
+            "xx.com"
+          ]
+        },
+        "tlsSettings": {
+          // "rejectUnknownSni": true,
+          "minVersion": "1.3",
+          "alpn": ["h3"],
+          "certificates": [
+              {
+                  "certificateFile": "CA.crt", // 换成你的证书，绝对路径
+                  "keyFile": "priv.key" // 换成你的私钥，绝对路径
+              }
+          ]
+        }
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "tag": "direct",
+      "protocol": "freedom",
+      "settings": {}
+    },
+    {
+      "tag": "blocked",
+      "protocol": "blackhole",
+      "settings": {}
+    }
+  ],
+  "routing": {
+    "domainStrategy": "AsIs",
+    "rules": [
+      {
+        "type": "field",
+        "ip": [
+          "geoip:private"
+        ],
+        "outboundTag": "blocked"
+      }
+    ]
+  }
+}

VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/Caddyfile

@@ -0,0 +1,11 @@
+xx.com {
+    log {
+        level DEBUG
+    }
+    root * /var/www
+    file_server
+    tls CA.crt priv.key # 换成你的证书和私钥，绝对路径
+    
+    reverse_proxy /path h2c://127.0.0.1:2001 {
+    }
+}

VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/README.md

@@ -0,0 +1,5 @@
+# 原理图：
+Xray client <--- H3 ---> Caddy2 <--- H2C ---> Xray server
+
+注意：
+目前仅 Caddy2 的 v2.9.0-beta.2 版及以后完美支持 H3 转换 H2C 对接 Xray 的 H2C 入站。

VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/client.jsonc

@@ -0,0 +1,73 @@
+{
+  "log":{},
+  "inbounds":[
+    {
+      "port":"1080",
+      "protocol":"socks",
+      "settings":{
+        "auth":"noauth",
+        "udp":true
+      }
+    },
+    {
+      "port":"1081",
+      "protocol":"http",
+      "settings":{}
+    }
+  ],
+  "outbounds":[
+    {
+      "protocol":"vless",
+      "settings":{
+        "vnext":[
+          {
+            "address":"xx.com",
+            "port":443,
+            "users":[
+              {
+                "id":"",
+                "encryption":"none"
+              }
+            ]
+          }
+        ]
+      },
+      "streamSettings":{
+        "network":"http",
+        "security":"tls",
+        "httpSettings":{
+          "host":[
+            "xx.com"
+          ],
+          "path":"/path"
+        },
+        "tlsSettings":{
+          "alpn":["h3"],
+          "serverName":"xx.com"
+        }
+      }
+    },
+    {
+      "tag":"direct",
+      "protocol":"freedom",
+      "settings":{}
+    },
+    {
+      "tag":"blocked",
+      "protocol":"blackhole",
+      "settings":{}
+    }
+  ],
+  "routing":{
+    "domainStrategy":"IPOnDemand",
+    "rules":[
+      {
+        "type":"field",
+        "ip":[
+          "geoip:private"
+        ],
+        "outboundTag":"direct"
+      }
+    ]
+  }
+}

VLESS-HTTP-Caddy/VLESS-H3-To-H2C-Caddy/server.jsonc

@@ -0,0 +1,55 @@
+{
+  "log": {
+    "loglevel": "warning"
+  },
+  "inbounds": [
+    {
+      "port": 2001,
+      "listen": "127.0.0.1",
+      "protocol": "vless",
+      "settings": {
+        "clients": [
+          {
+            "id": "",
+            "email": "love@example.com"
+          }
+        ],
+        "decryption": "none"
+      },
+      "streamSettings": {
+        "security": "none",
+        "network": "http",
+        "httpSettings": {
+          "path": "/path",
+          "host": [
+            "xx.com"
+          ]
+        }
+      }
+    }
+  ],
+  "outbounds": [
+    {
+      "tag": "direct",
+      "protocol": "freedom",
+      "settings": {}
+    },
+    {
+      "tag": "blocked",
+      "protocol": "blackhole",
+      "settings": {}
+    }
+  ],
+  "routing": {
+    "domainStrategy": "AsIs",
+    "rules": [
+      {
+        "type": "field",
+        "ip": [
+          "geoip:private"
+        ],
+        "outboundTag": "blocked"
+      }
+    ]
+  }
+}

VLESS-TCP-REALITY(Without being stolen)/README.md

@@ -0,0 +1,5 @@
+# 不会被偷跑流量的 REALITY
+
+一个老生常谈的问题，对于非法请求, reality都会无脑转发流量去dest，如果reality的dest指向一个cloudflare网站，那么相当于服务端变成了CF的端口转发，任何人扫过来都可以拿来嫖。
+
+目前的解决办法是不要使用这类的网站作为 dest, 懂一点的会告诉你用 nginx 的 stream 滤一遍 SNI 并丢掉非法请求，但是其实 Xray 本身就支持这种操作，这也是这个模板的原理

VLESS-TCP-REALITY(Without being stolen)/config_client.jsonc

@@ -0,0 +1,56 @@
+// 直接从其他示例里 copy 过来的，客户端不需要任何特殊修改，要填的东西也一致
+{
+    "log": {
+        "loglevel": "debug"
+    },
+    "inbounds": [
+        {
+            "listen": "127.0.0.1", 
+            "port": 10808, 
+            "protocol": "socks",
+            "settings": {
+                "udp": true
+            },
+            "sniffing": {
+                "enabled": true,
+                "destOverride": [
+                    "http",
+                    "tls",
+                    "quic"
+                ],
+                "routeOnly": true
+            }
+        }
+    ],
+    "outbounds": [
+        {
+            "protocol": "vless",
+            "settings": {
+                "vnext": [
+                    {
+                        "address": "127.0.0.1", 
+                        "port": 443, 
+                        "users": [
+                            {
+                                "id": "", // Needs to match server side
+                                "encryption": "none"
+                            }
+                        ]
+                    }
+                ]
+            },
+            "streamSettings": {
+                "network": "tcp",
+                "security": "reality",
+                "realitySettings": {
+                    "fingerprint": "chrome", 
+                    "serverName": "speed.cloudflare.com",
+                    "publicKey": "",
+                    "spiderX": "",
+                    "shortId": ""
+                }
+            },
+            "tag": "proxy"
+        }
+    ]
+}

VLESS-TCP-REALITY(Without being stolen)/config_server.jsonc

@@ -0,0 +1,93 @@
+{
+    "log": {
+        "loglevel": "debug"
+    },
+    "inbounds": [
+        {
+            "tag": "dokodemo-in",
+            "port": 443,
+            "protocol": "dokodemo-door",
+            "settings": {
+                "address": "127.0.0.1",
+                "port": 4431,  // 指向内网中的 reality 端口，示例是这个端口，如果要自己修改了记得这里和下面的 reality 入站都要修改
+                "network": "tcp"
+            },
+            "sniffing": { // 这里的 sniffing 不是多余的，别乱动
+                "enabled": true,
+                "destOverride": [
+                    "tls"
+                ],
+                "routeOnly": true
+            }
+        },
+        {
+            "listen": "127.0.0.1",
+            "port": 4431, // 见上 如果和其他服务冲突了可以换
+            "protocol": "vless",
+            "settings": {
+                "clients": [
+                    {
+                        "id": "" // uuid
+                    }
+                ],
+                "decryption": "none"
+            },
+            "streamSettings": {
+                "network": "tcp",
+                "security": "reality",
+                "realitySettings": {
+                    // 下方要求和普通 reality 一致，这里演示 dest 设置为 cloudflare 不被偷跑流量所以设置为 speed.cloudflare.com 了
+                    // 你可以设置为其他 CF 网站，如果你的 dest 不是这种网站你也不用点了进来不是吗
+                    "dest": "speed.cloudflare.com:443",
+                    "serverNames": [
+                        "speed.cloudflare.com"
+                    ],
+                    "privateKey": "", // 运行 `xray x25519` 生成
+                    "shortIds": [
+                        "",
+                        "0123456789abcdef"
+                    ]
+                }
+            },
+            "sniffing": {
+                "enabled": true,
+                "destOverride": [
+                    "http",
+                    "tls",
+                    "quic"
+                ],
+                "routeOnly": true
+            }
+        }
+    ],
+    "outbounds": [
+        {
+            "protocol": "freedom",
+            "tag": "direct"
+        },
+        {
+            "protocol": "blackhole",
+            "tag": "blcok"
+        }
+    ],
+    "routing": {
+        "rules": [
+            {
+                "inboundTag": [
+                    "dokodemo-in"
+                ],
+                // 重要，这个域名列表需要和 realitySettings 的 serverNames 保持一致
+                "domain": [
+                    "speed.cloudflare.com"
+                ],
+                "outboundTag": "direct"
+            },
+            {
+                "inboundTag": [
+                    "dokodemo-in"
+                ],
+                "outboundTag": "blcok"
+            }
+        ]
+    }
+}

VLESS-TLS-SplitHTTP-CaddyNginx/Caddyfile

@@ -0,0 +1,5 @@
+localhost:443 {
+	handle_path /split/* {
+		reverse_proxy http://127.0.0.1:1234
+	}
+}

VLESS-TLS-SplitHTTP-CaddyNginx/client.jsonc

@@ -0,0 +1,46 @@
+{
+    "log": {
+      "loglevel": "warning"
+    },
+    "inbounds": [
+      {
+        "listen": "127.0.0.1",
+        "port": 10808,
+        "protocol": "socks",
+        "settings": {
+            "udp": true
+        }
+      }
+    ],
+    "outbounds": [
+      {
+        "protocol": "vless",
+        "settings": {
+          "vnext": [
+            {
+              "address": "",
+              "port": 443,
+              "users": [
+                {
+                  "id": "",
+                  "encryption": "none"
+                }
+              ]
+            }
+          ]
+        },
+        "streamSettings": {
+          "network": "splithttp",
+          "splithttpSettings": {
+            "path": "/split"
+          },
+          "security": "tls",
+          "tlsSettings": {
+            "serverName": ""
+          }
+        },
+        "tag": "proxy"
+      }
+    ]
+  }
+  

VLESS-TLS-SplitHTTP-CaddyNginx/nginx.conf

@@ -0,0 +1,23 @@
+server {
+        listen 443 http2 ssl;
+        listen [::]:443 http2 ssl;
+
+        index index.html;
+        root /var/www/html;
+        ssl_certificate /path/to/example.cer;
+        ssl_certificate_key /path/to/example.cer;
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+
+        # splithttp produces very noisy access logs, as it sends many HTTP
+        # requests and uses querystrings for padding. It is recommended to turn
+        # them off after setup, or use custom log formats to limit the amount
+        # of information.
+        # access_log off;
+
+        location /split/ {
+            proxy_pass http://127.0.0.1:1234/;
+            proxy_http_version 1.1;
+            proxy_redirect off;
+        }
+}

VLESS-TLS-SplitHTTP-CaddyNginx/server.jsonc

@@ -0,0 +1,38 @@
+{
+    "log": {
+      "loglevel": "warning"
+    },
+    "inbounds": [
+      {
+        "listen": "127.0.0.1",
+        "port": 1234,
+        "protocol": "vless",
+        "settings": {
+          "clients": [
+            {
+              "id": ""
+            }
+          ],
+          "decryption": "none"
+        },
+        "streamSettings": {
+          "network": "splithttp"
+        },
+        "sniffing": {
+          "enabled": true,
+          "destOverride": [
+            "http",
+            "tls",
+            "quic"
+          ]
+        }
+      }
+    ],
+    "outbounds": [
+      {
+        "protocol": "freedom",
+        "tag": "direct"
+      }
+    ]
+  }
+  

VLESS-TLS-SplitHTTP-H3/README.md

@@ -0,0 +1,12 @@
+# VLESS-TLS-SplitHTTP-H3
+
+## 原理图：
+
+直连：Xray client <--- HTTP3 ---> Xray server
+
+配合 CDN 使用：Xray client <--- HTTP3 ---> CDN <--- HTTP2 or HTTP/1.1 ---> Xray server
+
+## 注意：
+
+默认配置仅支持客户端通过 HTTP3 直连服务端，如需和 CDN 一同使用，请参照注释修改服务端的 alpn。
+

VLESS-TLS-SplitHTTP-H3/client.jsonc

@@ -0,0 +1,54 @@
+{
+    "inbounds": [
+        {
+            "sniffing": {
+                "enabled": true,
+                "destOverride": [
+                    "http",
+                    "tls",
+                    "quic"
+                ]
+            },
+            "port": 10808,
+            "listen": "127.0.0.1",
+            "protocol": "socks",
+            "settings": {
+                "udp": true
+            }
+        }
+    ],
+    "outbounds": [
+        {
+            "protocol": "vless",
+            "settings": {
+                "vnext": [
+                    {
+                        "address": "example.com", // Change to your domain.
+                        "port": 443,
+                        "users": [
+                            {
+                                "id": "UUID", // Change to your UUID.
+                                "encryption": "none"
+                            }
+                        ]
+                    }
+                ]
+            },
+            "streamSettings": {
+                "network": "splithttp",
+                "security": "tls",
+                "splithttpSettings": {
+                    "path": "/splithttp",
+                    "host": "example.com" // Change to your domain.
+                },
+                "tlsSettings": {
+                    "serverName": "example.com", // Change to your domain.
+                    "alpn": [
+                        "h3"
+                    ]
+                }
+            }
+        }
+    ]
+}
+

VLESS-TLS-SplitHTTP-H3/server.jsonc

@@ -0,0 +1,54 @@
+{
+    "inbounds": [
+        {
+            "sniffing": {
+                "enabled": true,
+                "destOverride": [
+                    "http",
+                    "tls",
+                    "quic"
+                ]
+            },
+            "port": 443,
+            "listen": "0.0.0.0",
+            "protocol": "vless",
+            "settings": {
+                "clients": [
+                    {
+                        "id": "UUID" // Change to your UUID.
+                    }
+                ],
+                "decryption": "none"
+            },
+            "streamSettings": {
+                "network": "splithttp",
+                "security": "tls",
+                "splithttpSettings": {
+                    "path": "/splithttp",
+                    "host": "example.com" // Change to your domain.
+                },
+                "tlsSettings": {
+                    "rejectUnknownSni": true,
+                    "minVersion": "1.3",
+                    "alpn": [
+                        "h3" // If you want to use with CDN, you need to change alpn to ["h2", "http/1.1"].
+                    ],
+                    "certificates": [
+                        {
+                            "ocspStapling": 3600,
+                            "certificateFile": "/path/to/fullchain.pem", // Change to your fullchain file path.
+                            "keyFile": "/path/to/privkey.pem" // Change to your private key file path.
+                        }
+                    ]
+                }
+            }
+        }
+    ],
+    "outbounds": [
+        {
+            "tag": "direct",
+            "protocol": "freedom"
+        }
+    ]
+}
+

VLESS-WSS-Nginx/client.jsonc

@@ -36,14 +36,15 @@
         "network": "ws",
         "security": "tls",
         "wsSettings": {
-          "path": "/Path2WS?ed=2048" //?ed=2048 前面填写你的 path
+          "path": "/Path2WS?ed=2560" //?ed=2560 前面填写你的 path
         },
         "tlsSettings": {
           "allowInsecure": false,
-          "serverName": "xx.com",  //Equal to "SNI"
+          "serverName": "xx.com", //Equal to "SNI"
           "fingerprint": "chrome" //"chrome" or "firefox"
+        }
       }
-    }},
+    },
     {
       "tag": "direct",
       "protocol": "freedom",
@@ -60,9 +61,7 @@
     "rules": [
       {
         "type": "field",
-        "ip": [
-          "geoip:private"
-        ],
+        "ip": ["geoip:private"],
         "outboundTag": "direct"
       }
     ]

VLESS-WSS-Nginx/nginx.conf

@@ -11,12 +11,12 @@ server {
 	ssl_protocols TLSv1.2 TLSv1.3;
 	ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
 	
-	# 在 location 后填写 /你的 path
-	location /你的 path {
+	# 在 location 后填写 /你的 path/
+	location /你的 path/ {
 	if ($http_upgrade != "websocket") {
 		return 404;
 	}
-        proxy_pass http://127.0.0.1:1234;
+        proxy_pass http://127.0.0.1:1234/;
 	proxy_redirect off;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;

VLESS-WSS-Nginx/server.jsonc

@@ -16,10 +16,7 @@
         "decryption": "none"
       },
       "streamSettings": {
-        "network": "ws",
-        "wsSettings": {
-          "path": "/Path2WS" // 填写你的 path
-        }
+        "network": "ws"
       },
 			"sniffing": {
 				"enabled": true,

VMess-QUIC/client.json

@@ -1,25 +0,0 @@
-{
- "protocol": "vmess",
- "settings": {
-  "vnext": [
-   {
-    "address": "",
-    "port": 443, // 也可以用 8443 nginx 的默认 http3 端口 https://quic.nginx.org/readme.html
-    "users": [
-     {
-      "id": "",
-      "security": "zero"
-     }
-    ]
-   }
-  ]
- },
- "streamSettings": {
-  "network": "quic",
-  "quicSettings": {}, // 不使用伪装头和额外加密 原生 quic 流量特征
-  "security": "tls",
-  "tlsSettings": {
-   "servername": "*" //servername 必填 因为 quic 会验证 sni 否则不发包
-  }
- }
-}

VMess-QUIC/server.json

@@ -1,24 +0,0 @@
-{
- "port": 443,
- "protocol": "vmess",
- "settings": {
-  "clients": [
-   {
-    "id": ""
-   }
-  ]
- },
- "streamSettings": {
-  "network": "quic",
-  "quicSettings": {},
-  "security": "tls",
-  "tlsSettings": {
-   "certificates": [
-    {
-     "certificateFile": "fullchain.crt", // 使用真实证书
-     "keyFile": "private.key"
-    }
-   ]
-  }
- }
-}