网站和服务端共存
  LinuxNetwork   0 评论

网站和服务端共存

  LinuxNetwork   0 评论

背景描述

服务端设置

服务端配置文件一般在 /etc/shadowsocksr/user-config.json 或者 /usr/local/shadowsocksr/user-config.json

编辑配置文件

nano /usr/local/shadowsocksr/user-config.json

添加或者修改 redirect 参数

# 80
"redirect": ["*:80#127.0.0.1:2333"],
# 443
"redirect": ["*:443#127.0.0.1:6666"],
# 多端口...
"redirect": ["*:888#127.0.0.1:2333", "*:666#127.0.0.1:6666"],

修改 apachenginx 等软件的监听端口

nginx 配置文件示例

server {
         listen 80;
         listen [::]:80;
         server_name example.com;
         return 301 https://$server_name$request_uri;
}
server {
         listen 4433 ssl http2;
         listen [::]:4433 ssl http2;
         server_name example.com;
         root html;
         index index.html index.php;
         location / {
                 try_files $uri $uri/ /index.php$is_args$args;
         }
         location ~ \.php$ {
                 include fastcgi.conf;
                 include fastcgi_params;
                 fastcgi_pass unix:/run/php/php7.0-fpm.sock;
         }
         ssl_certificate /root/.acme.sh/example.com_ecc/example.com.cer;
         ssl_certificate_key /root/.acme.sh/example.com_ecc/example.com.key;
}

ssl 证书申请

curl  https://get.acme.sh | sh
# 确保正确安装
source ~/.bashrc
# 如果缺少依赖安装
apt-get -y install netcat socat
# 生成证书
~/.acme.sh/acme.sh --issue -d example.com --standalone -k ec-256
# 更新证书
~/.acme.sh/acme.sh --renew -d example.com --force --ecc

参考来源

回复