caddy-l4: a tcp/udp app for caddy | 使用caddy做站的同时,也可以用其来sni分流转发流量

  • 服务器分配端口较少时,以此节约端口
  • 商家限制安装代理软件,使用caddy可能会降低一定的风险
  • 可以配置转发到开启Cloudflare的CDN域名,相比iptables转发,没有盗用风险
  • 可搭建naiveproxy

以下教程在debian 10 64上测试,仅供参考:

dpkg安装caddy服务

trap 'rm -f "$TMPFILE"' EXIT; TMPFILE=$(mktemp) || exit 1
caddyURL="$(wget -qO-  https://api.github.com/repos/caddyserver/caddy/releases | grep -E "browser_download_url.*linux_amd64\.deb" | cut -f4 -d\" | head -n1)"
wget -O $TMPFILE $caddyURL && dpkg -i $TMPFILE

#### 替换caddy文件为https://github.com/mixool/caddys版本,此版本有layer4插件
naivecaddyURL="https://github.com/mixool/caddys/raw/master/caddy"
rm -rf /usr/bin/caddy
wget --no-check-certificate -O /usr/bin/caddy $naivecaddyURL && chmod +x /usr/bin/caddy
sed -i "s/caddy\/Caddyfile$/caddy\/Caddyfile\.json/g" /lib/systemd/system/caddy.service && systemctl daemon-reload

按需修改/etc/caddy/Caddyfile.json文件

{
    "admin": {"disabled": true},
    "apps": {
        "layer4": {
            "servers": {
                "example0": {
                    "listen": [":20143"],
                    "routes": [
                        {
                            "match": [{"tls": {"sni": ["example1.com"]}}],
                            "handle": [
                                {
                                    "handler": "proxy",
                                    "upstreams": [{"dial": ["example1.com:443"]}]
                                }
                            ]
                        },
                        {
                            "match": [{"tls": {"sni": ["example2.com"]}}],
                            "handle": [
                                {
                                    "handler": "proxy",
                                    "upstreams": [{"dial": ["example2.com:443"]}]
                                }
                            ]
                        }
                    ]
                }
            }
        }
    }
}

启动服务

systemctl enable caddy && systemctl restart caddy && sleep 3 && systemctl status caddy

参考

标签: none

已有 2 条评论

  1. Joyace Joyace

    使用caddy layer4转发的这台机子 可以使用cloudflareCDN吗

    1. OB OB

      可以 完全没冲突噻

添加新评论