使用Docker配置Trojan-go的脚本

28 min read
#!/bin/bash

# 更新系统并安装必要软件
apt update && apt install wget vim socat tree -y

# 安装Docker
wget -qO- get.docker.com | bash
systemctl start docker
systemctl enable docker

# 安装docker-compose
wget -O /usr/local/bin/docker-compose https://github.com/docker/compose/releases/download/v2.4.0/docker-compose-linux-x86_64
chmod +x /usr/local/bin/docker-compose

# 安装acme.sh脚本
wget -qO- get.acme.sh | bash
source ~/.bashrc

# 将letsencrypt设置为默认CA
~/.acme.sh/acme.sh --set-default-ca --server letsencrypt

# 停止并禁用ufw防火墙
systemctl stop ufw && systemctl disable ufw

# 创建所需目录和文件
mkdir -p /root/dockerconf/caddy
mkdir -p /root/dockerconf/trojan-go

# 创建Caddyfile配置文件
cat > /root/dockerconf/caddy/Caddyfile <<EOF
example.com:80 {
    gzip
    log /etc/caddy/caddy.log
    proxy / http://bing.com
}
EOF

# 创建空的caddy.log文件
touch /root/dockerconf/caddy/caddy.log

# 为域名申请SSL证书
~/.acme.sh/acme.sh --issue -d example.com --standalone -k ec-256 --force

# 安装SSL证书
~/.acme.sh/acme.sh --installcert -d example.com --fullchain-file /root/dockerconf/trojan-go/trojan.crt --key-file /root/dockerconf/trojan-go/trojan.key --ecc

# 创建Trojan-Go配置文件
cat > /root/dockerconf/trojan-go/config.json <<EOF
{
    "run_type":"server",
    "local_addr":"0.0.0.0",
    "local_port":443,
    "remote_addr":"example.com",
    "remote_port":80,
    "password":[
        "password0"
    ],
    "ssl":{
        "cert":"/etc/trojan-go/trojan.crt",
        "key":"/etc/trojan-go/trojan.key",
        "sni":"example.com",
        "fallback_addr":"example.com",
        "fallback_port":80
    },
    "websocket":{
        "enabled":true,
        "path":"/trojan_path",
        "host":"example.com"
    }
}
EOF

# 创建docker-compose配置文件
cat > /root/dockerconf/docker-compose.yml <<EOF
version: "3"
services:
    caddy:
        image: teddysun/caddy
        container_name: caddy
        restart: always
        network_mode: "host"
        volumes:
            - ./caddy:/etc/caddy
    trojan-go:
        image: teddysun/trojan-go
        container_name: trojan-go
        restart: always
        network_mode: "host"
        volumes:
            - ./trojan-go:/etc/trojan-go
EOF

# 启动容器组
cd /root/dockerconf
docker-compose up -d

保存上述脚本到文件中,例如命名为setup-trojan-go.sh,然后给予执行权限:

shCopy code
chmod +x setup-trojan-go.sh

在执行此脚本之前,请确保:

  1. 您已经将example.com替换为您自己的域名。
  2. 如果您已经为域名申请过证书,可能不需要使用--force参数。
  3. 您需要以root权限运行此脚本。

运行脚本:

shCopy code
./setup-trojan-go.sh

对应的 Quantumult X 配置

trojan=example.com:443, password=password0, over-tls=true, tls-verification=true, fast-open=false, udp-relay=false, tag=YourServerTag