安装docker部分忽略掉
在VPS上开了80和 443端口
先建lets encrypt
sudo docker run --rm -p 80:80 -p 443:443 \
-v /etc/letsencrypt:/etc/letsencrypt \
quay.io/letsencrypt/letsencrypt auth \
--standalone -m [email protected] --agree-tos \
-d example.com
替换掉[email protected] 换成你自己的电邮地址,替换example.com 为自己的域名,可以顶级和二级
然后用root建个 /etc/trojan 文件夹
cd /etc/
mkdir trojan
然后建个config.json
{
"run_type": "server",
"local_addr": "0.0.0.0",
"local_port": 443,
"remote_addr": "127.0.0.1",
"remote_port": 80,
"password": [
"替换成自己password"
],
"log_level": 1,
"ssl": {
"cert": "/etc/letsencrypt/live/example.com/fullchain.pem",
"key": "/etc/letsencrypt/live/example.com/privkey.pem",
"key_password": "",
"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384",
"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
"prefer_server_cipher": true,
"alpn": [
"http/1.1"
],
"reuse_session": true,
"session_ticket": false,
"session_timeout": 600,
"plain_http_response": "",
"curves": "",
"dhparam": ""
},
"tcp": {
"prefer_ipv4": false,
"no_delay": true,
"keep_alive": true,
"reuse_port": false,
"fast_open": false,
"fast_open_qlen": 20
},
"mysql": {
"enabled": false,
"server_addr": "127.0.0.1",
"server_port": 3306,
"database": "trojan",
"username": "trojan",
"password": ""
}
}
上面的example.com 换成自己的域名,password那里换成自己的password
搞定后使用tj的docker
sudo docker pull trojangfw/trojan
sudo docker run -dt --name trojan -v /etc/trojan:/config -v /etc/letsencrypt:/etc/letsencrypt -p 443:443 trojangfw/trojan
如果发现服务器没有启动,可以用这个命令找出原因
sudo docker logs -f trojan