使用 Caddy / Nginx 反代谷歌
1、Caddy
使用 Caddy 反代谷歌十分简单,并且支持自动配置 SSL。前提是 VPS 上没有安装其他的 HTTP Server。
安装 Caddy
wget -N --no-check-certificate https://raw.githubusercontent.com/ToyoDAdoubi/doubi/master/caddy_install.sh && chmod +x caddy_install.sh && bash caddy_install.sh install http.filemanager
配置文件
# 以下全部内容是一个整体,全部复制粘贴到 SSH 软件中一并执行 # 更改 yourdomain 为你的域名,并提前将它解析到你 VPS 的 IP # 更改 [email protected] 为你的邮箱 # 更改 user passwd 为你自己的用户名及密码 # 若公开使用则删除 basicauth 一行,强烈不推荐。 echo "https://yourdomain { gzip tls [email protected] basicauth / user passwd proxy / https://www.google.com.hk }" > /usr/local/caddy/Caddyfile
然后重启,即可访问你的域名使用谷歌了。
/etc/init.d/caddy restart
启动错误
一些系统会自带 apache2 ,而 apache2 会占用 80 端口,导致 Caddy 无法绑定端口,所以只要关掉就好了。
kill -9 $(ps -ef|grep "apache2"|grep -v "grep"|awk '{print $2}') && apt-get remove --purge apache2 -y
然后再次重启 Caddy
/etc/init.d/caddy restart
2、Nginx
安装 Nginx
Debian8 安装 Nginx:
curl http://nginx.org/keys/nginx_signing.key | apt-key add - && echo "deb http://nginx.org/packages/mainline/ubuntu/ xenial nginx" >> /etc/apt/sources.list.d/nginx.list && echo "deb-src http://nginx.org/packages/mainline/ubuntu/ xenial nginx " >> /etc/apt/sources.list.d/nginx.list && echo "deb http://httpredir.debian.org/debian/ jessie-backports main contrib non-free" >> /etc/apt/sources.list.d/backports.list && echo "deb-src http://httpredir.debian.org/debian/ jessie-backports main contrib non-free" >> /etc/apt/sources.list.d/backports.list && apt-get update && apt-get install -t jessie-backports openssl -y && apt-get install -y nginx
Debian9 安装 Nginx:
curl http://nginx.org/keys/nginx_signing.key | apt-key add - && echo "deb http://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list && echo "deb-src http://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list && apt update && apt install -y nginx
申请 SSL
先将域名解析到 VPS 的 IP,访问域名,出现 Welcome to nginx! 然后申请证书:
# 安装 ACME.SH curl -L get.acme.sh | bash # 关闭 SSH 窗口,重新进入 # 将 yourdomain 更改为你的域名 acme.sh --issue -w /usr/share/nginx/html -d 你的域名
配置文件
创建认证文件
# 将 passwd 更换为你的密码 openssl passwd # 将 username 更改为你的用户名,将 PASSWORD 更改为上一步生成的内容 echo "username:$(openssl passwd -crypt PASSWORD)" > /etc/nginx/passwdfile
mkdir /home/nginx && mkdir /home/nginx/cache && mkdir /home/nginx/temp && vim /etc/nginx/conf.d/gg.conf
复制下面配置文件,将 YOURDOMAIN 更改为你的域名
proxy_cache_path /home/nginx/cache levels=1:2 keys_zone=proxycache:60m max_size=120m inactive=2h use_temp_path=on; proxy_temp_path /home/nginx/temp; proxy_cache_key $host$request_uri; upstream www.google.com { server 74.125.199.101:443; server 74.125.199.102:443; server 74.125.199.103:443; server 74.125.199.104:443; server 74.125.199.105:443; } server { listen 80; server_name YOURDOMAIN; root /usr/share/nginx/html; location /.well-known/acme-challenge/ { allow all; } location / { return 301 https://$host$request_uri; } } server { listen 443 ssl http2; server_name YOURDOMAIN; ssl on; ssl_protocols TLSv1.2; ssl_certificate /root/.acme.sh/YOURDOMAIN/fullchain.cer; ssl_certificate_key /root/.acme.sh/YOURDOMAIN/YOURDOMAIN.key; ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5; ssl_prefer_server_ciphers on; location / { sub_filter www.google.com YOURDOMAIN; sub_filter_once off; proxy_pass https://www.google.com; proxy_redirect off; proxy_set_header Host "www.google.com"; proxy_set_header Referer $http_referer; proxy_set_header X-Real-IP $remote_addr; proxy_set_header User-Agent $http_user_agent; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header Accept-Encoding ""; proxy_set_header Accept-Language "zh-CN"; proxy_cookie_domain www.google.com YOURDOMAIN; proxy_set_header Cookie "PREF=ID=047808f19f6de346:U=0f62f33dd8549d11:FF=2:LD=en-US:NW=1:TM=1325338577:LM=1332142444:GM=1:SG=2:S=rE0SyJh2W1IQ-Maw"; proxy_cache proxycache; proxy_cache_valid 304 2h; proxy_cache_valid 403 444 2h; proxy_cache_valid 404 2h; proxy_cache_valid 500 502 2h; proxy_cache_use_stale invalid_header http_404 http_500 http_502; proxy_cache_lock on; proxy_cache_lock_timeout 5s; auth_basic "Authorization"; auth_basic_user_file /etc/nginx/passwdfile; } }
然后重启 Nginx
nginx -s reload
访问域名,使用你设置的用户名及密码认证后即可使用谷歌。
本文参考了 1 & 2 & https://yjk.im/proxy-gg/
因本文不是用Markdown格式的编辑器书写的,转换的页面可能不符合MIP标准。