Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

域名 #17

Closed
wanghaisheng opened this issue Mar 20, 2020 · 13 comments
Closed

域名 #17

wanghaisheng opened this issue Mar 20, 2020 · 13 comments

Comments

@wanghaisheng
Copy link

wanghaisheng commented Mar 20, 2020
edited
Loading

1.域名是否要一级域名 格式有没有要求
www.fff.com
fff.com
2.是否clouflare Proxy status设置为DNS only即可
3.crt文件是否支持pem格式

有个错


请选择: 4
● trojan.service - trojan
   Loaded: loaded (/etc/systemd/system/trojan.service; enabled; vendor preset: enabled)
   Active: activating (auto-restart) (Result: exit-code) since Fri 2020-03-20 18:36:01 UTC; 453ms ago
     Docs: https://trojan-gfw.github.io/trojan/config
           https://trojan-gfw.github.io/trojan/
  Process: 10428 ExecStart=/usr/bin/trojan/trojan /usr/local/etc/trojan/config.json (code=exited, status=1/FAILURE)
 Main PID: 10428 (code=exited, status=1/FAILURE)

Mar 20 18:36:01 instance-20200320-2037 systemd[1]: trojan.service: Main process exited, code=exited, status=1/FAILURE
Mar 20 18:36:01 instance-20200320-2037 trojan[10428]: Welcome to trojan 1.14.1
Mar 20 18:36:01 instance-20200320-2037 trojan[10428]: [2020-03-20 18:36:01] [FATAL] fatal: use_private_key_file: no start line
Mar 20 18:36:01 instance-20200320-2037 trojan[10428]: [2020-03-20 18:36:01] [FATAL] exiting. . .
Mar 20 18:36:01 instance-20200320-2037 systemd[1]: trojan.service: Unit entered failed state.
Mar 20 18:36:01 instance-20200320-2037 systemd[1]: trojan.service: Failed with result 'exit-code'.
@wanghaisheng
Copy link
Author

wanghaisheng commented Mar 20, 2020
edited
Loading

https://ssu.tw/index.php/archives/8/
使用这个给二级域名生成了证书 配置好以后

root@instance-20200320-2037:/home/ubuntu# systemctl status trojan.service
● trojan.service - trojan
   Loaded: loaded (/etc/systemd/system/trojan.service; enabled; vendor preset: e
nabled)
   Active: active (running) since Fri 2020-03-20 18:58:17 UTC; 1min 1
s ago
     Docs: https://trojan-gfw.github.io/trojan/config
           https://trojan-gfw.github.io/trojan/
 Main PID: 22222 (trojan)
    Tasks: 1
   Memory: 688.0K
      CPU: 3ms
   CGroup: /system.slice/trojan.service
           └─22222 /usr/bin/trojan/trojan /usr/local/etc/trojan/config.json

Mar 20 18:58:17 instance-20200320-2037 systemd[1]: Stopped trojan.
Mar 20 18:58:17 instance-20200320-2037 systemd[1]: Started trojan.
Mar 20 18:58:17 instance-20200320-2037 trojan[22222]: Welcome to trojan 1.14.1
Mar 20 18:58:17 instance-20200320-2037 trojan[22222]: [2020-03-20 18:58:17] [INF
O] connecting to MySQL server 127.0.0.1:20026
Mar 20 18:58:17 instance-20200320-2037 trojan[22222]: [2020-03-20 18:58:17] [INF
O] connected to MySQL server
Mar 20 18:58:17 instance-20200320-2037 trojan[22222]: [2020-03-20 18:58:17] [WAR
N] trojan service (server) started at 0.0.0.0:443
Mar 20 18:58:45 instance-20200320-2037 systemd[1]: Started trojan.

还是开不了web管理页 dns record 配置是好了

(base) ➜  ~ dig v2ray.9bx1.com 

; <<>> DiG 9.10.6 <<>> v2ray.9bx1.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29558
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;v2ray.9bx1.com.			IN	A

;; ANSWER SECTION:
v2ray.9bx1.com.		186	IN	A	140.238.53.209

;; Query time: 4 msec
;; SERVER: 192.168.11.1#53(192.168.11.1)
;; WHEN: Sat Mar 21 03:03:42 CST 2020
;; MSG SIZE  rcvd: 48

3 测试也是延迟
分享链接: trojan://pMzXjhNi@v2ray.9bx1.com:443

4 端口是好

root@instance-20200320-2037:/home/ubuntu# ss -tulpn | gawk '{printf "%-6s %-9s %-19s %s\n", $1, $2, $5, $7}'
Netid  State     Local               Peer
tcp    LISTEN    *:22                users:(("sshd",pid=1217,fd=3))
tcp    LISTEN    *:443               users:(("trojan",pid=24411,fd=6))
tcp    LISTEN    :::80               users:(("trojan",pid=16222,fd=3))
tcp    LISTEN    :::22               users:(("sshd",pid=1217,fd=4))
tcp    LISTEN    :::20026            users:(("docker-proxy",pid=1698,fd=4))

root@instance-20200320-2037:/home/ubuntu# curl 'https://v2ray.9bx1.com/' -x 127.0.0.1:443 -i -L  
curl: (56) Proxy CONNECT aborted
root@instance-20200320-2037:/home/ubuntu# curl 'http://v2ray.9bx1.com/' -x 127.0.0.1:80 -i -L  
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 940
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 20 Mar 2020 19:56:17 GMT
Date: Fri, 20 Mar 2020 19:56:17 GMT

<!DOCTYPE html><html><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><meta name=renderer content=webkit><meta name=viewport content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no"><link rel=icon href=/trojan.svg><link href=/css/app.68b9b509.css rel=preload as=style><link href=/css/chunk-vendors.103968a4.css rel=preload as=style><link href=/js/app.1e86ce92.js rel=preload as=script><link href=/js/chunk-vendors.569f560a.js rel=preload as=script><link href=/css/chunk-vendors.103968a4.css rel=stylesheet><link href=/css/app.68b9b509.css rel=stylesheet></head><body><noscript><strong>We're sorry but vue-admin doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id=app></div><script src=/vendor/vendor.dll.9340.js></script><script src=/js/chunk-vendors.569f560a.js></script><script src=/js/app.1e86ce92.js></script></body></html>
root@instance-20200320-2037:/home/ubuntu#

@Jrohy
Copy link
Owner

Jrohy commented Mar 20, 2020
edited
Loading

二级域名确实没测试过,你可以直接用ip访问是否能进web界面

@wanghaisheng
Copy link
Author

@Jrohy ip也是进入不了

@Jrohy
Copy link
Owner

Jrohy commented Mar 21, 2020
edited
Loading

@wanghaisheng 会不会防火墙的问题,我用centos8安装申请证书时直接回车跳过导致没开通端口也是访问不了, 我出个新版启动web前开通下端口

@Jrohy
Copy link
Owner

Jrohy commented Mar 21, 2020

@wanghaisheng v2.0.1版本修复了这问题, 更新下source <(curl -sL https://git.io/trojan-install)

@wanghaisheng
Copy link
Author

@Jrohy 疑似防火墙
还有个疑问就是网络时好时坏 超时或者100ms延迟 真是莫不着头脑了我
80伪装页面一直是好

@Jrohy
Copy link
Owner

Jrohy commented Mar 21, 2020

@wanghaisheng 速度不好的话建议安装bbr plus

@wanghaisheng
Copy link
Author

@Jrohy 加速这个我正在测你另一个建议 https://github.com/chiakge/Linux-NetSpeed
这里再问哈 那几个加速内核全部安装吗还是任意挑一个即可

v2.0.1版本刚刚测试了一哈
1.如果域名(一级二级皆可 亲测)要用Cloudflare自己签发证书 准备工作如哈

apt-get update && apt-get -y install socat

//安装socat

wget -qO- get.acme.sh | bash

//安装脚本

source ~/.bashrc

//让环境变量生效,以后无论在哪个路径,直接使用acme.sh

export CF_Key="sssssssssssssssssssss"
//此处替换成你自己的Key
export CF_Email="ssssssss@163.com"
//此处填写你注册Cloudflare使用的邮箱账号

acme.sh --issue --dns dns_cf -d v2ray.9bx1.com -k ec-256

这里你还要把生成在/root/.acme.sh目录证书cp至一个路径 文件名字和后面trojan安装时录入保持一致即可,证书路径这里我们用了 /root/ssl/

acme.sh --installcert -d v2ray.9bx1.com --fullchain-file /root/ssl/web.cer --key-file /root/ssl/web.key --ecc

请输入证书的cert文件路径: /root/ssl/web.cer
请输入证书的key文件路径: /root/ssl/web.key

@Jrohy
Copy link
Owner

Jrohy commented Mar 21, 2020
edited
Loading

加速内核挑一个就行,如果新系统bbr比较稳, 像centos8就没有bbr plus的,小心踩坑, 建议先搞加速内核,因为有挂机风险。至于cloudflare的证书没玩过,程序可以指定证书路径,不要指错文件就好

@wanghaisheng
Copy link
Author

@Jrohy 这个算是调通了 v2ray 和cloudflare cdn 我再折腾哈 服务器ip被封了一回了
应该是trojan更快?

@Jrohy
Copy link
Owner

Jrohy commented Mar 21, 2020

我这边自己测,用搬瓦工的vps + bbr plus + trojan 确实是快点

@wanghaisheng
Copy link
Author

你怎么解决ip被封的 我v2ray tcp本来好好用 😭

@Jrohy
Copy link
Owner

Jrohy commented Mar 21, 2020

被封了只能v2走cdn了,trojan用不了的

@Jrohy Jrohy closed this as completed Apr 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wanghaisheng @Jrohy