If you have already install Caddy.
Firstly you need build a caddy with "forwarderproxy" module to replace exiting caddy.
###Server:
apt update
apt install git
wget https://dl.google.com/go/go1.16.6.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.16.6.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin
go version
go env -w GO111MODULE="auto"
go get -u github.com/caddyserver/xcaddy/cmd/xcaddy
~/go/bin/xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive
cp caddy /usr/bin/
nano /etc/systemd/system/caddy.service
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
sudo groupadd --system caddy
sudo useradd --system
--gid caddy
--create-home
--home-dir /var/lib/caddy
--shell /usr/sbin/nologin
--comment "Caddy web server"
caddy
Enable BBR:
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
echo "net.ipv4.tcp_slow_start_after_idle=0" >> /etc/sysctl.conf
nano /etc/caddy/Caddyfile
:443, xxx.example.com
tls example@example.com
route {
forward_proxy {
basic_auth user pass #change the account and password for client login
hide_ip
hide_via
probe_resistance
}
file_server { root /usr/share/caddy }
}
systemctl daemon-reload
systemctl enable caddy
systemctl restart caddy
systemctl status caddy
###Client
wget https://github.com/klzgrad/naiveproxy/releases/download/v91.0.4472.77-1/naiveproxy-v91.0.4472.77-1-linux-x64.tar.xz
tar -xf naiveproxy-v91.0.4472.77-1-linux-x64.tar.xz
cd naiveproxy-v91.0.4472.77-1-linux-x64
cp naive /usr/local/bin
mkdir /etc/naive
cp config.json /etc/naive
if there is an error with extracting , try to install xzutils apt t install xz-utils
create service with system boot
nano /etc/systemd/system/naive.service
[Unit]
Description=NaiveProxy Server Service
After=network-online.target
[Service]
Type=simple
User=nobody
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
ExecStart=/usr/local/bin/naive /etc/naive/config.json
[Install]
WantedBy=multi-user.target
nano /etc/naive/config.json
{
"listen": "http://127.0.0.1:8080",
"padding": true
}
systemctl daemon-reload
systemctl enable naive
systemctl status naive
Enjoy!
