Wednesday, May 5, 2021

Install caddy2 + naiveproxy on ubuntu 20.04

 

1. Install xcaddy

`cd /tmp`

`wget https://github.com/caddyserver/xcaddy/releases/download/v0.1.9/xcaddy_0.1.9_freebsd_amd64.tar.gz`

`tar xvf xcaddy_0.1.9_freebsd_amd64.tar.gz`

`mv xcaddy /usr/local/bin`

 

2. build and run Caddy v2 with naïve fork of forwardproxy

`xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive` 

Allow 80and 443 binding:

`setcap cap_net_bind_service=+ep ./caddy`

`mv caddy /usr/local/bin`, `caddy version`


3. Create caddy user and group

`groupadd --system caddy-g`

`useradd --system --gid caddy-g --create-home --home-dir /var/lib/caddy --shell /usr/sbin/nologin --comment "Caddy web server" caddy-u`

`chown root:root /usr/local/bin/caddy`, `chmod 755 /usr/local/bin/caddy`


4. Create other directories for Caddy

`mkdir /etc/caddy`, `chown -R root:caddy-g /etc/caddy`

`mkdir /etc/ssl/caddy`, `chown -R root:caddy /etc/ssl/caddy`

`chmod 0770 /etc/ssl/caddy`

`mkdir /var/www`, `chown caddy-u:caddy-g /var/www`


5. Create configuration file, service and log for Caddy

`touch /etc/caddy/Caddyfile`, `chmod 644 /etc/caddy/Caddyfile`

Use `head /dev/urandom | tr -dc a-z0-9 | head -c 16 ; echo ''` to generate a password.

Copy the following text into the Caddyfile file:

`:443, example.com
tls example123@gmail.com
route {
  forward_proxy {
    basic_auth username password
    hide_ip
    hide_via
    probe_resistance
  }
  file_server { root /var/www }
}

log {
    output file /var/log/caddy/access.log {
        roll_size 1gb
        roll_keep 10
        roll_keep_for 720h
    }
}`

`touch /etc/systemd/system/caddy.service`

`chmod 644 /etc/systemd/system/caddy.service`

Copy the following text into the caddy.service file:

`[Unit]
Description=Caddy HTTP/2 web server
Documentation=https://caddyserver.com/docs/
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service
StartLimitIntervalSec=14400
StartLimitBurst=10

[Service]
Restart=on-abnormal
User=caddy-u
Group=caddy-g
Environment=CADDYPATH=/etc/ssl/caddy
ExecStart= /usr/local/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload= /usr/local/bin/caddy reload --config /etc/caddy/Caddyfile
KillMode=mixed
KillSignal=SIGQUIT
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
PrivateDevices=false
ProtectHome=true
ProtectSystem=full
ReadWritePaths=/etc/ssl/caddy
ReadWriteDirectories=/etc/ssl/caddy
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target`


`touch /var/log/caddy/access.log`

`chown root:caddy-g /var/log/caddy/access.log`

`chmod 770 /var/log/caddy/access.log`


6. Install NaiveProxy server

`apt install libnss3 xz-utils`

`wget https://github.com/klzgrad/naiveproxy/releases/download/v90.0.4430.85-6/naiveproxy-v90.0.4430.85-6-linux-x64.tar.xz`

`tar -xf naiveproxy-v90.0.4430.85-6-linux-x64.tar.xz`

`cd naiveproxy-v90.0.4430.85-6-linux-x64`, `cp naive /usr/local/bin`

`touch /etc/systemd/system/naive.service`

Copy the following into the naive.service file:

`[Unit]

Description=NaiveProxy Server Service

After=network-online.target

[Service]

Type=simple

User=nobody

CapabilityBoundingSet=CAP_NET_BIND_SERVICE

ExecStart=/usr/local/bin/naive /etc/naive/config.json

[Install]

WantedBy=multi-user.target`

`mkdir /etc/naive`, `touch /etc/naive/config.json`

Copy the following into the config.json file:

`{
  "listen": "socks://127.0.0.1:1080",
  "proxy": "https://username:password@example.com",
  "padding": true
}` 


7. Start & Enable services

`systemctl daemon-reload`

`systemctl enable naive`, `systemctl enable caddy`

`systemctl start naive` , `systemctl start caddy` 

`systemctl status naive`, `systemctl status caddy`


 8. Install NaiveProxy client

Copy the following into the config.json file:

`{
  "listen": "socks://127.0.0.1:1080",
  "proxy": "https://username:password@example.com",
  "log": "",
  "padding": true
}`

 

 

 

 


@reference_0_github.com

@reference_1_github.com

@reference_2_github.com 

@reference_3_caddyserver.com

@reference_4_digitalocean.com

@reference_5_allinfa.com

@reference_6_interserver.net

@reference_7_oilandfish.com

Posted by at
Labels: ,

3 comments:

  1. amazingwebdeveloperMarch 4, 2022 at 4:11 AM

    Thanks so much for sharing mind-blowing tips to accentuate gaming via hiring Python games experts for the organisation. I also believe the same, and I performed the same with the help of the reliable freelancing platform Eiliana.com. They hired experts for my company within my budget, and I am very grateful to them.

    ReplyDelete
  2. DiamondexchMarch 21, 2022 at 7:18 AM

    What we can say is that world777 fantasy sports are modeled after real-life sports, but with significant variations that make the game experience more engaging and enjoyable. Download the Howzat fantasy app and start playing to see how much fun it can be. It will change how you view your favorite sport.

    ReplyDelete
  3. Joe JoeJuly 28, 2023 at 5:06 PM

    Using Ubuntu 20.04 VPS server (Digitial Ocean)

    crashes out with Segmentation fault

    xcaddy build --with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive

    Segmentation fault (core dumped)

    ReplyDelete

Subscribe to: Post Comments (Atom)