Master Caddy: Easily configure Naive proxy, accelerate BBR network, and unlock VPS traffic

Sharing of HTTP2 proxy technology principles

  • This method is not for commercial use – it is for learning reference only – do not use it for illegal activities – there are consequences at your own risk
  • This method tries to choose the server to run
  • QA
  • 1. Caddy configures Naive proxy
    • Upgrading the system
    • Install go
    • Install xcaddy
    • Local installation
    • Configure Caddyfile
    • How to obtain cloudflare API Token
    • Two startup methods
      • The second format is as follows:
    • Add HTML web page-you can choose to add it here, but it is not necessary.
    • You can write html yourself
      • The above server configuration is completed
  • BBR network optimization
  • VPS Unlock Traffic
  • test

This method is not for commercial use – it is for learning reference only – do not use it for illegal activities – you are responsible for the consequences

This method tries to choose the server to run

QA

Question 1: What is the Caddy configuration Naive proxy, and why should I use it?
Answer 1: Caddy configuration Naive proxy is a configuration method for proxy servers that helps achieve proxying and encryption of network traffic. It is often used to bypass network restrictions or provide a more secure network connection.

Question 2: What is BBR network optimization and how does it improve network performance?
Answer 2: BBR network optimization is a congestion control algorithm used to improve the performance of TCP connections. It manages network congestion more effectively and improves data transfer speed and stability.

Question 3: How to unlock traffic on VPS to access specific websites?
Answer 3: Unlocking traffic on a VPS usually requires using specific tools, such as CFwarp.sh, and selecting the corresponding configuration options to achieve traffic unblocking. This helps improve the network performance and stability of your VPS.

1. Caddy configures Naive proxy

Upgrade system

  1. apt update -y & amp; & amp; apt install vim sudo -y

Install go

My server is an AMD chip-according to your choice

  1. wget https://go.dev/dl/go1.20.7.linux-amd64.tar.gz
  2. tar -C /usr/local -xzf go1.21.0.linux-amd64.tar.gz
  3. echo “export PATH=$PATH:/usr/local/go/bin” >> ~/.bashrc
  4. source ~/.bashrc
  5. go version
  6. go clean -modcache clear cache

Install xcaddy

  1. go clean -modcache clear cache
  2. go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
  3. echo “export PATH=$PATH:/root/go/bin” >> ~/.bashrc
  4. source ~/.bashrc
  5. apt install git -y
  6. xcaddy build –with github.com/caddyserver/forwardproxy@caddy2=github.com/klzgrad/forwardproxy@naive –with github.com/caddy-dns/cloudflare (if the installation of two modules fails, you can download it to the local download address: : https://github.com/klzgrad/forwardproxy)
  7. cp caddy /usr/bin/
  8. caddy version
  9. caddy list-modules (view modules)

Two non-standard modules

Local installation

  1. Clone the repository: git clone https://github.com/klzgrad/forwardproxy.git
  2. Change to directory: cd forwardproxy
  3. Install caddy server xcaddy: go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
  4. Build Caddy with forward proxy: xcaddy build –with github.com/caddyserver/forwardproxy@caddy2=$PWD
  5. The result is an executable file that you can launch directly (in the same directory where your caddy was created) sudo ./caddy runCaddyfile
  6. Reference command xcaddy build –with github.com/caddyserver/forwardproxy@caddy2=$PWD–withgithub.com/caddy-dns/cloudflare

Configure Caddyfile

  1. mkdir /etc/caddy/
  2. vim /etc/caddy/Caddyfile #File syntax explanation, official address https://caddyserver.com/docs/json/
  3. The format is as follows: In the following content: acme_dns cloudflare and dns cloudflare are followed by cloudflare API Token
{<!-- -->
acme_dns cloudflare xxxxxxxxx [xxxxx is the TOKEN value cloudflare API Token]
}
:80 {<!-- -->
route {<!-- -->
file_server {<!-- -->
root /var/www/html
}
}
}
:443, URL {<!-- -->
tls {<!-- -->
dns cloudflare xxxxxxxxx [xxxxx is the TOKEN value cloudflare API Token]
}
route {<!-- -->
forward_proxy {<!-- -->
basic_auth account password
hide_ip
hide_via
# probe_resistance
# upstream socks5://127.0.0.1:40000 #No need to add
}
file_server {<!-- -->
root /var/www/html
}
}
}

Account and password set by yourself
Token needs to obtain the cloudflare token

How to obtain cloudflare API Token

  1. dash.cloudflare.com profile -> api token -> create token -> custom token
  2. There are two permission options as follows:
    DNS Firewall: This permission allows Caddy to view and modify DNS records, which is required for DNS verification.
    Account: SSL and Certificates: This permission allows Caddy to manage SSL/TLS certificates, which is also required by Caddy.
  3. Choose to continue and save your API Token. This cannot be viewed again.
  4. Just paste it ixXPE0FdgCV6kSgawkfJnVMLVzYGCRYd1OFGT-ZA
  5. new
  6. createCustomToken
  7. zone, zone, read
  8. zone,dns,edit
  9. The above is enough

This token can only appear once, don’t forget to back it up

Two startup methods

  1. (The first type of front-end operation) caddy run –config “/etc/caddy/Caddyfile”
    This startup method is used to allow caddy to automatically configure the certificate and check whether there are any problems. After confirming that there are no problems, choose the second method to run
  2. (The second type can be run in the background) vim /etc/systemd/system/caddy.service

The second format is as follows:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=root
Group=root
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile # (Note that the Caddyfile file must have the same name as the file you created above)
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile # (remember to delete all Chinese characters and brackets)
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
Environment=CLOUDFLARE_EMAIL=Own email
Environment=CLOUDFLARE_API_KEY=the token just now

[Install]
WantedBy=multi-user.target


Loading service systemctl daemon-reload
Start up and run systemctl enable caddy
Start method systemctl start caddy
View status systemctl status caddy
Restart systemctl restart caddy
Stop running systemctl stop caddy

Add HTML web page-you can choose to add it here, but it is not necessary

You can write your own html

  1. mkdir -p /var/www/html
  2. apt install wget zip unzip -y
  3. git clone https://github.com/smaranjitghose/awesome-portfolio-websites.git
  4. cp -rf awesome-portfolio-websites/* /var/www/html/ (the path here is consistent with the file_server configured by Caddyfile)

The above server configuration is completed

BBR network optimization

  1. Use BBR congestion control Use BBR congestion control
sudo sysctl -w net.ipv4.tcp_congestion_control=bbr
  1. Turn off tcp_slow_start_after_idle
sudo sysctl -w net.ipv4.tcp_slow_start_after_idle=0
  1. (Server only) Consider setting tcp_notsent_lowat – use with caution
sudo sysctl -w net.ipv4.tcp_notsent_lowat=16384

VPS Unlocked Traffic

  1. Download CFwarp.sh
wget -N https://gitlab.com/rwkgyg/CFwarp/raw/main/CFwarp.sh
  1. run
bash CFwarp.sh
  1. choose
1. warp-go installation
2. Dual stack ipv4 + 6

Test

  1. You can open the URL IP to test whether it is successful.
    I am successful here!
    Indicate success