1.客户端trojan的 config.json
{
"run_type": "client",
"local_addr": "127.0.0.1",
"local_port": 1080,
"remote_addr": "www.fofsmile.tk",
"remote_port": 443,
"password": [
"cc"
],
"log_level": 1,
"ssl": {
"verify": true,
"verify_hostname": true,
"cert": "",
"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA",
"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"sni": "",
"alpn": [
"h2",
"http/1.1"
],
"reuse_session": true,
"session_ticket": false,
"curves": ""
},
"tcp": {
"no_delay": true,
"keep_alive": true,
"reuse_port": false,
"fast_open": false,
"fast_open_qlen": 20
}
}
2.客户端SwitchyOmega
3.服务端设置
根目录下创建
mkdir config
/config下存放的文件
fullchain.pem是证书
privkey.pem是密钥
这个我从 https://letsencrypt.org/申请的。
安装教程以及选得证书类型如下: https://certbot.eff.org/lets-encrypt/centosrhel8-nginx
域名是从 https://www.freenom.com/zh/index.html?lang=zh申请的
安装nginx服务器配置/etc/nginx/nginx.conf 配置https访问
结果显示正常(做这一步我自己是为了确定证书成功申请下来)
关闭nginx服务器: nginx -s stop(关闭了服务器)
trojan服务端的config.json配置如下:
{
"run_type": "server",
"local_addr": "0.0.0.0",
"local_port": 443,
"remote_addr": "127.0.0.1",
"remote_port": 80,
"password": [
"cc"
],
"log_level": 1,
"ssl": {
"cert": "/config/fullchain.pem",
"key": "/config/privkey.pem",
"key_password": "",
"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384",
"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"prefer_server_cipher": true,
"alpn": [
"http/1.1"
],
"alpn_port_override": {
"h2": 81
},
"reuse_session": true,
"session_ticket": false,
"session_timeout": 600,
"plain_http_response": "",
"curves": "",
"dhparam": ""
},
"tcp": {
"prefer_ipv4": false,
"no_delay": true,
"keep_alive": true,
"reuse_port": false,
"fast_open": false,
"fast_open_qlen": 20
},
"mysql": {
"enabled": false,
"server_addr": "127.0.0.1",
"server_port": 3306,
"database": "trojan",
"username": "trojan",
"password": "",
"key": "",
"cert": "",
"ca": ""
}
}
使用docker:
1、安装 epel 源
yum install epel-release
2、安装docker运行必须的依赖程序
yum install -y yum-utils device-mapper-persistent-data lvm2
3、安装docker的yum源
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
4、安装docker程序
yum -y install docker-ce
5、启动docker程序
systemctl start docker
6、设置docker程序开机启动
systemctl enable docker
7、从托管仓库拉取trojan的docker镜像
docker pull trojangfw/trojan
8、创建容器并运行
docker run -dt --name trojan --restart=always -v /config:/config -p 443:443 trojangfw/trojan
9、检查trojan进程是否在运行
ps -ef | grep trojan
执行完上述命令:
执行: docker ps -a
(这个表明docker与trojan配置正常)
4.开始使用报的错误:
哪里配置错误了呢???
有些详细情况没出来:我把问题公开到https://app.yinxiang.com/fx/18af3d18-6290-4311-9845-07f6e03653eb