Add ss grcp web, and update ss wss web

Shadowsocks-gRPC-Web-TLS/README-CN.md

@@ -0,0 +1,26 @@
+# 最低版本要求
+
+NGINX的最低版本要求为 1.13.10:\
+[https://www.nginx.com/blog/nginx-1-13-10-grpc/](https://www.nginx.com/blog/nginx-1-13-10-grpc/)
+
+V2Ray-core的最低版本要求为 v4.36.0:\
+[https://www.v2fly.org/config/transport/grpc.html#grpcobject](https://www.v2fly.org/config/transport/grpc.html#grpcobject)
+
+## 本设置同样适用于Shadowsocks客户端搭配V2Ray-plugin使用
+
+*你需要一个兼容gRPC的v2ray-plugin程序。
+例如由[TeddySun](https://github.com/teddysun)维护的v2ray-plugin叉子: \
+[https://github.com/teddysun/v2ray-plugin](https://github.com/teddysun/v2ray-plugin)*
+
+### 客户端设置
+
+Shadowsocks Windows设置示例:
+
+```properties
+Server_IP: mydomain.me OR your server IP
+Server_Port: 443
+Password: ifYouWantToKeepYourPassphraseSafeChangeThis!!
+Encryption: chacha20-ietf-poly1305
+Plugin_Program: pathToYourV2ray-plugin_windows_arch.exe
+Plugin_Options: tls;mode=grpc;serviceName=/michi;host=mydomain.me
+```

Shadowsocks-gRPC-Web-TLS/README.md

@@ -0,0 +1,28 @@
+# Minimum Versions
+
+中文用户请看[这里](https://github.com/v2fly/v2ray-examples/blob/master/Shadowsocks-gRPC-Web-TLS/README-CN.md)
+
+Minimum NGINX version is 1.13.10:\
+[https://www.nginx.com/blog/nginx-1-13-10-grpc/](https://www.nginx.com/blog/nginx-1-13-10-grpc/)
+
+Minimum V2Ray-Core version is v4.36.0:\
+[https://www.v2fly.org/config/transport/grpc.html#grpcobject](https://www.v2fly.org/config/transport/grpc.html#grpcobject)
+
+## These settings are also compatible with shadowsocks + v2ray-plugins
+
+*You need a grpc compatible v2ray-plugin program to use with shadowsocks client.
+For example the one maintained by [TeddySun](https://github.com/teddysun): \
+[https://github.com/teddysun/v2ray-plugin](https://github.com/teddysun/v2ray-plugin)*
+
+### Client Configurations
+
+Shadowsocks Windows Example Config:
+
+```properties
+Server_IP: mydomain.me OR your server IP
+Server_Port: 443
+Password: ifYouWantToKeepYourPassphraseSafeChangeThis!!
+Encryption: chacha20-ietf-poly1305
+Plugin_Program: pathToYourV2ray-plugin_windows_arch.exe
+Plugin_Options: tls;mode=grpc;serviceName=/michi;host=mydomain.me
+```

Shadowsocks-gRPC-Web-TLS/config_client.json

@@ -0,0 +1,61 @@
+{
+    "log": {
+        "loglevel": "warning"
+    },
+    "routing": {
+        "domainStrategy": "AsIs",
+        "rules": [
+            {
+                "type": "field",
+                "ip": [
+                    "geoip:private"
+                ],
+                "outboundTag": "direct"
+            }
+        ]
+    },
+    "inbounds": [
+        {
+            "listen": "127.0.0.1",
+            "port": "1080",
+            "protocol": "socks",
+            "settings": {
+                "auth": "noauth",
+                "udp": true,
+                "ip": "127.0.0.1"
+            }
+        },
+        {
+            "listen": "127.0.0.1",
+            "port": "1081",
+            "protocol": "http"
+        }
+    ],
+    "outbounds": [
+        {
+            "protocol": "shadowsocks",
+            "settings": {
+                "servers": [
+                    {
+                        "address": "{{ host }}",
+                        "port": 443,
+                        "method": "chacha20-ietf-poly1305",
+                        "password": "{{ password }}"
+                    }
+                ]
+            },
+            "streamSettings": {
+                "network": "grpc",
+                "security": "tls",
+                "grcpSettings": {
+                    "serviceName": "michi"
+                }
+            },
+            "tag": "proxy"
+        },
+        {
+            "protocol": "freedom",
+            "tag": "direct"
+        }
+    ]
+}

Shadowsocks-gRPC-Web-TLS/config_server.json

@@ -0,0 +1,44 @@
+{
+    "log": {
+        "loglevel": "warning"
+    },
+    "routing": {
+        "domainStrategy": "AsIs",
+        "rules": [
+            {
+                "type": "field",
+                "ip": [
+                    "geoip:private"
+                ],
+                "outboundTag": "block"
+            }
+        ]
+    },
+    "inbounds": [
+        {
+            "listen": "127.0.0.1",
+            "port": 12345,
+            "protocol": "shadowsocks",
+            "settings": {
+                "method": "chacha20-ietf-poly1305",
+                "password": "{{ password }}"
+            },
+            "streamSettings": {
+                "network": "grpc",
+                "grpcSettings": {
+                    "serviceName": "michi"
+                }
+            }
+        }
+    ],
+    "outbounds": [
+        {
+            "protocol": "freedom",
+            "tag": "direct"
+        },
+        {
+            "protocol": "blackhole",
+            "tag": "block"
+        }
+    ]
+}

Shadowsocks-gRPC-Web-TLS/nginx_proxy.conf

@@ -0,0 +1,32 @@
+server {
+  listen 443 ssl;
+  listen [::]:443 ssl;
+  
+  ssl_certificate       /etc/v2ray/v2ray.crt;
+  ssl_certificate_key   /etc/v2ray/v2ray.key;
+  ssl_session_timeout 1d;
+  ssl_session_cache shared:MozSSL:10m;
+  ssl_session_tickets off;
+  
+  ssl_protocols         TLSv1.2 TLSv1.3;
+  ssl_ciphers           ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+  ssl_prefer_server_ciphers off;
+  
+  server_name           mydomain.me;
+  location /michi { # This michi shall in consistent with the grpc serviceName in v2ray config.json
+  
+    if ($request_method != "POST") { # if the request method is not POST for this location, return 404
+        return 404;
+    }
+
+    grpc_socket_keepalive on;
+    grpc_intercept_errors on;
+    grpc_pass grpc://127.0.0.1:12345; # presume v2ray is listening on port 12345 
+    grpc_set_header Upgrade $http_upgrade;
+    grpc_set_header Connection "upgrade";
+    grpc_set_header Host $host;
+    # Show real IP in v2ray access.log
+    grpc_set_header X-Real-IP $remote_addr;
+    grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  }
+}