Naiveproxy手动搭建 + Https配合浏览器Switchyomega直接使用

TinyServe

Naive不用多说，个人翻墙经验认为是最简单最安全的tcp翻墙协议（udp不可用）

下载go 并配置编译环境

SYSTEM_ARCH="$(uname -m)"
GO_LATEST_VER=`curl -s https://go.dev/VERSION?m=text`

wget https://golang.org/dl/$GO_LATEST_VER.linux-$SYSTEM_ARCH.tar.gz
tar -C /usr/local -xzf $GO_LATEST_VER.linux-$SYSTEM_ARCH.tar.gz

export PATH=$PATH:/usr/local/go/bin

go env -w GO111MODULE="auto"

获取xcaddy
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest 编译caddy

apt install git libnss3
~/go/bin/xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive

复制caddy执行路径
cp caddy /usr/bin/
设置开机启动 systemctl管理
nano /etc/systemd/system/caddy.service
复制以下文字并保存

# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

创建文件夹
mkdir /etc/caddy
创建Caddyfile文件
nano /etc/caddy/Caddyfile

:443, 比如.com
tls 比如@比如.com
route {
  forward_proxy {
    basic_auth 账户 密码
    hide_ip
    hide_via
    probe_resistance www.baidu.com
  }
  file_server { root /usr/share/caddy }
}

创建一个简单文字网页（仅示范，可换成真是网页html5up 或者 403页面）

mkdir /usr/share/caddy
cd /usr/share/caddy
touch index.html
nano index.html
<H2>Hello, World!<H2>

创建caddy用户

sudo groupadd --system caddy

sudo useradd --system \
    --gid caddy \
    --create-home \
    --home-dir /var/lib/caddy \
    --shell /usr/sbin/nologin \
    --comment "Caddy web server" \
    caddy

设置开机启动

systemctl daemon-reload
systemctl enable caddy
systemctl restart caddy

至此，服务端结束，平时基本不用维护只要服务器本身稳定，其他代理都需要服务端不定期更新。

1, 推荐使用naiveproxy客户端: https://github.com/klzgrad/naiveproxy/issues/158
2)a，直接使用chrome或者firefox插件 Switchyomega 选择 https 模式，填入域名端口点击🔒标志填入 caddyfile里的账户密码。即可直接食用。
注意，
2)b,浏览器插件无法预存验证，需要先打开 probe_resistance 后面的网址才可以触发验证，提示：

Hidden Proxy Page!
Congratulations, you are successfully authenticated to the proxy! Go browse all the things!

才能正常访问网页，可认为是一个双重验证，网址+用户密码。
2)c,如果不愿意这样，也可以删除probe_resistance，但是不建议。

enjoy!

yqk100

bash <(curl -L https://raw.githubusercontent.com/gfw-list/gfwlist/main/raw/caddy.sh)

执行这一步老是卡在启动失败。。。