使用gost,快速搭建 HTTP/HTTPS 正向代理,HTTPS证书可用 certbot自动获取。
申请域名及设置 DNS 解析(略)
certbot申请证书
certbot certonly --standalone --email [email protected] -d xxx.com
运行完成后,会生成的公钥、私钥的路径:
1/etc/letsencrypt/live/xxxx.com/fullchain.pem #证书公钥,xxxx.com是你的域名
2/etc/letsencrypt/live/xxxx.com/privkey.pem #证书私钥
下载Gost
wget -O - https://github.com/ginuerzh/gost/releases/download/v2.11.1/gost-linux-amd64-2.11.1.gz | gzip -d > /usr/bin/gost
chmod +x /usr/bin/gost
注册system服务
vi /etc/systemd/system/gost-dl.service 填入下面内容:
1. http 正向代理
1[Unit]
2Description=gost
3[Service]
4ExecStart=/usr/bin/gost -L=uname:[email protected]:port
5
6
7Restart=always
8User=root
9[Install]
10WantedBy=multi-user.target
2. https 正向代理
1[Unit]
2Description=gost
3[Service]
4ExecStart=/usr/bin/gost -L=https://uname:[email protected]:443?cert=/etc/letsencrypt/live/xxxx.com/fullchain.pem&key=/etc/letsencrypt/live/xxxx.com/privkey.pem
5
6
7Restart=always
8User=root
9[Install]
10WantedBy=multi-user.target
重载system服务 systemctl daemon-reload
下面就可以启动gost了:
systemctl start gost-dl #启动gost
systemctl restart gost-dl #重启gost
systemctl enable gost-dl #开机自启
systemctl status gost-dl #查看状态
评论