只有创建trojan会话失败,请问是什么原因?
lanhebe opened this issue · comments
./spctl create session --proto trojan --type url --name tro-01
错误代码:
Create rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp: lookup trojan on 127.0.0.11:53: no such host"
请在进入docker目录后,运行以下命令,并将全部输出回复到这里。
docker-compose down && docker-compose up请检查一下你的2443端口是否被占用,如果是,请修改trojan-go/server.json文件中的local_port字段为其他未被占用端口并重启。
[root@107 docker]# ./spctl create session --proto trojan --type url --name tro-01
ERROR Create rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp: lookup trojan on 127.0.0.11:53: no such host"[root@107 docker]#
[root@107 docker]# docker-compose down && docker-compose up
Stopping docker_simple_1 ... done
Stopping docker_adapter-trojan_1 ... done
Stopping docker_adapter-shadowsocks_1 ... done
Removing docker_simple_1 ... done
Removing docker_adapter-trojan_1 ... done
Removing docker_trojan_1 ... done
Removing docker_adapter-shadowsocks_1 ... done
Removing network docker_simple
Creating network "docker_simple" with driver "bridge"
Creating docker_trojan_1 ... done
Creating docker_adapter-shadowsocks_1 ... done
Creating docker_adapter-trojan_1 ... done
Creating docker_simple_1 ... done
Attaching to docker_trojan_1, docker_adapter-shadowsocks_1, docker_adapter-trojan_1, docker_simple_1
adapter-trojan_1 | 2021/08/22 06:11:07 Listening grpc on [::]:10001
simple_1 | [INFO] 2021/08/22 06:11:12 Register to service adapter-trojan:10001
simple_1 | [INFO] 2021/08/22 06:11:12 Register to service adapter-shadowsocks:10003
simple_1 | [INFO] 2021/08/22 06:11:12 Listening grpc on [::]:4433
simple_1 | [INFO] 2021/08/22 06:11:12 Listening grpc gateway on 0.0.0.0:4443 (proxy to 127.0.0.1:4433)
adapter-shadowsocks_1 | 2021/08/22 06:11:07 Listening grpc on [::]:10003
adapter-shadowsocks_1 | 2021/08/22 06:11:12 ss://YWVzLTEyOC1nY206dEtCRHRqVjk1VHNieTkwMkB3d3cueXVnb2dvLnRrOjUwMDAw
adapter-shadowsocks_1 | 2021/08/22 06:11:12 aes-128-gcm:tKBDtjV95Tsby902@www.yugogo.tk:50000
adapter-shadowsocks_1 | [Debug] 2021/08/22 06:11:12 ss.go:129: Create SS on port [50000] success!
adapter-shadowsocks_1 | [Debug] 2021/08/22 06:11:12 ss.go:130: listening TCP on 0.0.0.0:50000
adapter-shadowsocks_1 | [INFO] 2021/08/22 06:11:12 Start shadowsocks [aes-128-gcm|tKBDtjV95Tsby902|50000]
trojan_1 | [INFO] 2021/08/22 06:10:48 trojan-go v0.10.0-34-gcbca3ee initializing
trojan_1 | [WARN] 2021/08/22 06:10:48 empty tls fallback port
trojan_1 | [WARN] 2021/08/22 06:10:48 empty tls http response
trojan_1 | [FATAL] 2021/08/22 06:10:48 github.com/p4gefau1t/trojan-go/proxy.(*Node).BuildNext:stack.go:29 tls failed to load key pair
docker_trojan_1 exited with code 1
另外,2443端口应该没有被占用,因为是用纯净系统搭建的
因为我要启用trojan,所以我再trojan-go目录下修改了server.json的端口为443,remote_addr为自己的域名,以及ssl的证书路径,病呀验证主机名开启。请问这样配置有问题吗?
因为我要启用trojan,所以我再trojan-go目录下修改了server.json的端口为443,remote_addr为自己的域名,以及ssl的证书路径,病呀验证主机名开启。请问这样配置有问题吗?
tls failed to load key pair
读取证书失败,请检查你的证书是否正确
这边直接申请并安装部署证书,检查配置ssl路径都正确,但是还是无法创建trojan节点。错误代码如下: Create rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp: lookup trojan on 127.0.0.11:53: no such host"
以下是我整个安装步骤,请核查哪里出了问题:
[root@107 ~]# ./.acme.sh/acme.sh --issue -d www.yugogo.tk --standalone
[2021年 08月 24日 星期二 08:51:33 EDT] Using CA: https://acme.zerossl.com/v2/DV90
[2021年 08月 24日 星期二 08:51:33 EDT] Standalone mode.
[2021年 08月 24日 星期二 08:51:34 EDT] Create account key ok.
[2021年 08月 24日 星期二 08:51:34 EDT] No EAB credentials found for ZeroSSL, let's get one
[2021年 08月 24日 星期二 08:51:35 EDT] Registering account: https://acme.zerossl.com/v2/DV90
[2021年 08月 24日 星期二 08:51:36 EDT] Registered
[2021年 08月 24日 星期二 08:51:36 EDT] ACCOUNT_THUMBPRINT='S_t7k96DU6EZZNv0pGET8J1XYhbWQSyVkVbBeCgiaCw'
[2021年 08月 24日 星期二 08:51:36 EDT] Creating domain key
[2021年 08月 24日 星期二 08:51:36 EDT] The domain key is here: /root/.acme.sh/www.yugogo.tk/www.yugogo.tk.key
[2021年 08月 24日 星期二 08:51:37 EDT] Single domain='www.yugogo.tk'
[2021年 08月 24日 星期二 08:51:37 EDT] Getting domain auth token for each domain
[2021年 08月 24日 星期二 08:51:38 EDT] Getting webroot for domain='www.yugogo.tk'
[2021年 08月 24日 星期二 08:51:38 EDT] Verifying: www.yugogo.tk
[2021年 08月 24日 星期二 08:51:38 EDT] Standalone mode server
[2021年 08月 24日 星期二 08:51:40 EDT] Processing, The CA is processing your order, please just wait. (1/30)
[2021年 08月 24日 星期二 08:51:42 EDT] Success
[2021年 08月 24日 星期二 08:51:42 EDT] Verify finished, start to sign.
[2021年 08月 24日 星期二 08:51:42 EDT] Lets finalize the order.
[2021年 08月 24日 星期二 08:51:42 EDT] Le_OrderFinalize='https://acme.zerossl.com/v2/DV90/order/Gb8kyW6uteOTntxwnr3DiA/finalize'
[2021年 08月 24日 星期二 08:51:43 EDT] Order status is processing, lets sleep and retry.
[2021年 08月 24日 星期二 08:51:43 EDT] Retry after: 15
[2021年 08月 24日 星期二 08:51:59 EDT] Polling order status: https://acme.zerossl.com/v2/DV90/order/Gb8kyW6uteOTntxwnr3DiA
[2021年 08月 24日 星期二 08:52:00 EDT] Downloading cert.
[2021年 08月 24日 星期二 08:52:00 EDT] Le_LinkCert='https://acme.zerossl.com/v2/DV90/cert/yMPpi_asWV_qJhHUgGLVJA'
[2021年 08月 24日 星期二 08:52:01 EDT] Cert success.
-----BEGIN CERTIFICATE-----
MIIGaTCCBFGgAwIBAgIRAPzhkhJxzKLvggGtH5rxHx8wDQYJKoZIhvcNAQEMBQAw
SzELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9T
U0wgUlNBIERvbWFpbiBTZWN1cmUgU2l0ZSBDQTAeFw0yMTA4MjQwMDAwMDBaFw0y
MTExMjIyMzU5NTlaMBgxFjAUBgNVBAMTDXd3dy55dWdvZ28udGswggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4wd6leNSg6tQ6Gw+TKyMIkfzwUTwkGUW2
McNMoJpNwIfXFlIzmdIV0TwWeEnZyncKenee3ro0E9DOyk62MS0tW12yUCoxeKbp
Smezmviv16PwQHcSiDtrSIbcNqJw5d5cuOLesikdsexzKfqfBaXfLp3fzU9BjznG
tiKClEwvp9CMXUwuL7bozqveeBWYJPdzvpQdBvw7LTuiPCegPDQYlgbTVCBpifhk
Vvhfr3Ct5eQgTyTjb/y5Ol+eGqPjUuDzadCjrSrqcfuILeFpisqYAuoPDpbJyX3G
3fuB3+ip0z7XRHw9fysJe+lWfogGiJQI/40zWvOUjwYSNYHYqlOjAgMBAAGjggJ5
MIICdTAfBgNVHSMEGDAWgBTI2XhootkZaNU9ct5fCj7ctYaGpjAdBgNVHQ4EFgQU
0ZuP715JYFIb6+8qW0XCr6RDcGgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYL
KwYBBAGyMQECAk4wJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9D
UFMwCAYGZ4EMAQIBMIGIBggrBgEFBQcBAQR8MHowSwYIKwYBBQUHMAKGP2h0dHA6
Ly96ZXJvc3NsLmNydC5zZWN0aWdvLmNvbS9aZXJvU1NMUlNBRG9tYWluU2VjdXJl
U2l0ZUNBLmNydDArBggrBgEFBQcwAYYfaHR0cDovL3plcm9zc2wub2NzcC5zZWN0
aWdvLmNvbTCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AH0+8viP/4hVaCTCwMqe
Uol5K8UOeAl/LmqXaJl+IvDXAAABe3g3cDQAAAQDAEcwRQIgaIHEDScJj1R5N+wd
88p+Fw5t1giM6vkAMA9BHcvw90YCIQDzJudCTP+OpB1NYeyVwcjfVQhpSAOLwrE7
ZH3NQg7WuwB2AESUZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAABe3g3
cAAAAAQDAEcwRQIgUIZ7PTHDu5jwgNMGRS56A2uHx4EoxU9icJ4wTVwM7GsCIQCI
ALJjJm13YTx839TKYTjItkh/2/qqjqK5/dgmyOoD/TAYBgNVHREEETAPgg13d3cu
eXVnb2dvLnRrMA0GCSqGSIb3DQEBDAUAA4ICAQAVpeDdz2ABFrKL+Zkxkd1Ca03V
62VGjsJszBrrfqnkEb4ByStqZaCCQvldsfkrtsUOIxslrcPsNd9k4pAERmasBRoG
bga92Wt8aBbWhtC1BRuHe6PThICt92Hq8X7A3+JYTZXy3anNM6DDlCoGC0BnlBC/
gwLw3aUpb+bRZ4U0xa2KLBxlksewybojnrresLVTprt8iy5inXSPzi4+EgVgrWBr
akb3IWTWAmMUwelk/y7J4Z/+MZaRVbwYzVzTNrMEo0y7af5hlVfyt+7umIJOxhmp
VUINcWOQ4jBs28YRa/nTn+sjjR+UI7VXBAPBCwz7Rmg1oH7iWPXuOV1Uqytg67W7
vAxv9XtqRDYf8rR3sbiIZcMbob+ppzlDnP2m6fufEvT52Rd6loERrMoADT/Lo0wo
jaUvb0d4ag35NB0l1zC0JRL5kl25M32jMH4RA2NLeQcbTK4oLO05Sx5x/uETrvUJ
jf/ambfq8XiIFpl/alSCnyztmo0nIkFqTjsHtkNb/15hh+U/jD14BZlVdV5cQfAK
NrRtWgTBXE7uJRptg8xm/zTiGn55ALEz3/f2WcBQkgqiZSzdpdmPCzhQOQ585YXD
RT5HvTN6KpB8ehADMtuCi9St9EjmuY1wgsOXjWUhAnW8rK2Wj7QA1l9gQA4wtrZ7
0prV40SLC9NoWGM27A==
-----END CERTIFICATE-----
[2021年 08月 24日 星期二 08:52:01 EDT] Your cert is in: /root/.acme.sh/www.yugogo.tk/www.yugogo.tk.cer
[2021年 08月 24日 星期二 08:52:01 EDT] Your cert key is in: /root/.acme.sh/www.yugogo.tk/www.yugogo.tk.key
[2021年 08月 24日 星期二 08:52:01 EDT] The intermediate CA cert is in: /root/.acme.sh/www.yugogo.tk/ca.cer
[2021年 08月 24日 星期二 08:52:01 EDT] And the full chain certs is there: /root/.acme.sh/www.yugogo.tk/fullchain.cer
[root@107 ~]# ~/.acme.sh/acme.sh --installcert -d www.yugogo.tk --key-file /etc/ssl/cert/www.yugogo.tk.crt --fullchain-file /etc/ssl/cert/fullchain.crt
[2021年 08月 24日 星期二 08:53:46 EDT] Installing key to: /etc/ssl/cert/www.yugogo.tk.crt
/root/.acme.sh/acme.sh:行5572: /etc/ssl/cert/www.yugogo.tk.crt: 没有那个文件或目录
[root@107 ~]# ~/.acme.sh/acme.sh --installcert -d www.yugogo.tk --key-file /etc/ssl/certs/www.yugogo.tk.crt --fullchain-file /etc/ssl/certs/fullchain.crt
[2021年 08月 24日 星期二 08:54:26 EDT] Installing key to: /etc/ssl/certs/www.yugogo.tk.crt
[2021年 08月 24日 星期二 08:54:26 EDT] Installing full chain to: /etc/ssl/certs/fullchain.crt
[root@107 ~]# cd docker/
[root@107 docker]# docker-compose up -d
Creating network "docker_simple" with driver "bridge"
Pulling trojan (fregie/trojan-go:latest)...
latest: Pulling from fregie/trojan-go
188c0c94c7c5: Pull complete
c47d2d338cf9: Pull complete
84975a3736c1: Pull complete
d95dc98769e4: Pull complete
Digest: sha256:fdfa38cdea69dcdc50a03b249a52c02bb045a662b6d41abafda5ec53a69f7215
Status: Downloaded newer image for fregie/trojan-go:latest
Pulling adapter-trojan (fregie/adapter-trojan:latest)...
latest: Pulling from fregie/adapter-trojan
5843afab3874: Pull complete
1e5595a98089: Pull complete
9106a2a72651: Pull complete
Digest: sha256:343302f7ea8bdc098df73eb0a6737ce3bbd53a7169899da42de7e08e039c7cff
Status: Downloaded newer image for fregie/adapter-trojan:latest
Pulling adapter-shadowsocks (fregie/adapter-shadowsocks:latest)...
latest: Pulling from fregie/adapter-shadowsocks
5843afab3874: Already exists
1e5595a98089: Already exists
85c7fd3c789c: Pull complete
Digest: sha256:a946d79a8e24d0d63722ac9a0037babf4e466eefd4a9fa581f32d80330126739
Status: Downloaded newer image for fregie/adapter-shadowsocks:latest
Pulling simple (fregie/simple:latest)...
latest: Pulling from fregie/simple
5843afab3874: Already exists
1e5595a98089: Already exists
6bda95f1a6ef: Pull complete
ba29624e9b65: Pull complete
Digest: sha256:a3d4af514a924bd6e7bff602515c545104f1068aff5028e9a317c6bec4562157
Status: Downloaded newer image for fregie/simple:latest
Creating docker_trojan_1 ... done
Creating docker_adapter-shadowsocks_1 ... done
Creating docker_adapter-trojan_1 ... done
Creating docker_simple_1 ... done
[root@107 docker]# wget https://github.com/fregie/simple/releases/download/v1.0.2/spctl
--2021-08-24 08:57:43-- https://github.com/fregie/simple/releases/download/v1.0.2/spctl
正在解析主机 github.com (github.com)... 192.30.255.113
正在连接 github.com (github.com)|192.30.255.113|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 302 Found
位置:https://github-releases.githubusercontent.com/377499006/6c228a19-88c8-4ccc-b3bd-d93b0c5331e8?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210824%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210824T125744Z&X-Amz-Expires=300&X-Amz-Signature=f5232d1b7ba962a62bc64bc8675c109f20a8bd0f70334a1a2449d08f26a7077f&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=377499006&response-content-disposition=attachment%3B%20filename%3Dspctl&response-content-type=application%2Foctet-stream [跟随至新的 URL]
--2021-08-24 08:57:44-- https://github-releases.githubusercontent.com/377499006/6c228a19-88c8-4ccc-b3bd-d93b0c5331e8?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210824%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210824T125744Z&X-Amz-Expires=300&X-Amz-Signature=f5232d1b7ba962a62bc64bc8675c109f20a8bd0f70334a1a2449d08f26a7077f&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=377499006&response-content-disposition=attachment%3B%20filename%3Dspctl&response-content-type=application%2Foctet-stream
正在解析主机 github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.111.154, 185.199.109.154, 185.199.110.154, ...
正在连接 github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.111.154|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:10698752 (10M) [application/octet-stream]
正在保存至: “spctl”
100%[===============================================================================================================================================>] 10,698,752 41.3MB/s 用时 0.2s
2021-08-24 08:57:44 (41.3 MB/s) - 已保存 “spctl” [10698752/10698752])
[root@107 docker]# chmod +x spctl
[root@107 docker]# ./spctl get protos
ERROR Read config file failed: Config File ".spctl" Not Found in "[/root]"[root@107 docker]#
[root@107 docker]#
[root@107 docker]#
[root@107 docker]# echo 'grpcAddr: 127.0.0.1:4433' > $HOME/.spctl
[root@107 docker]# ./spctl get protos
Support protos:
• trojan
• ss
[root@107 docker]# ./spctl create session --proto ss --type url --name ss-01
SUCCESS Create success!
ID: ss-50000-W8noF2L65i50ts0OjFOv87d09
Name: ss-01
Proto: ss
Config type: URL
Config:
ss://YWVzLTEyOC1nY206cUNDajNrS3NtZFIxakZESEB3d3cueXVnb2dvLnRrOjUwMDAw
[root@107 docker]# ./spctl get session ss-01 --conf
ID: ss-50000-W8noF2L65i50ts0OjFOv87d09
Name: ss-01
Proto: ss
Config type: URL
Option:
Upload rate limit: 0 mbps
Download rate limit: 0 mbps
Config:
ss://YWVzLTEyOC1nY206cUNDajNrS3NtZFIxakZESEB3d3cueXVnb2dvLnRrOjUwMDAw
[root@107 docker]# ./spctl create session --proto trojan --type url --name trojan-01
ERROR Create rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp: lookup trojan on 127.0.0.11:53: no such host"[root@107 docker]#
[root@107 docker]# ./spctl create session --proto trojan --type url --name trojan-01
ERROR Create rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp: lookup trojan on 127.0.0.11:53: no such host"
[root@107 docker]# docker-compose down && docker-compose up
Stopping docker_simple_1 ... done
Stopping docker_adapter-trojan_1 ... done
Stopping docker_adapter-shadowsocks_1 ... done
Removing docker_simple_1 ... done
Removing docker_adapter-trojan_1 ... done
Removing docker_trojan_1 ... done
Removing docker_adapter-shadowsocks_1 ... done
Removing network docker_simple
Creating network "docker_simple" with driver "bridge"
Creating docker_adapter-shadowsocks_1 ... done
Creating docker_trojan_1 ... done
Creating docker_adapter-trojan_1 ... done
Creating docker_simple_1 ... done
Attaching to docker_trojan_1, docker_adapter-shadowsocks_1, docker_adapter-trojan_1, docker_simple_1
adapter-shadowsocks_1 | 2021/08/24 13:12:43 Listening grpc on [::]:10003
adapter-trojan_1 | 2021/08/24 13:12:43 Listening grpc on [::]:10001
simple_1 | [INFO] 2021/08/24 13:12:46 Register to service adapter-trojan:10001
simple_1 | [INFO] 2021/08/24 13:12:46 Register to service adapter-shadowsocks:10003
trojan_1 | [INFO] 2021/08/24 13:12:31 trojan-go v0.10.0-34-gcbca3ee initializing
trojan_1 | [WARN] 2021/08/24 13:12:31 empty tls fallback port
trojan_1 | [WARN] 2021/08/24 13:12:31 empty tls http response
trojan_1 | [FATAL] 2021/08/24 13:12:31 github.com/p4gefau1t/trojan-go/proxy.(*Node).BuildNext:stack.go:29 tls failed to load key pair
simple_1 | [INFO] 2021/08/24 13:12:46 Listening grpc on [::]:4433
simple_1 | [INFO] 2021/08/24 13:12:46 Listening grpc gateway on 0.0.0.0:4443 (proxy to 127.0.0.1:4433)
adapter-shadowsocks_1 | 2021/08/24 13:12:46 ss://YWVzLTEyOC1nY206cUNDajNrS3NtZFIxakZESEB3d3cueXVnb2dvLnRrOjUwMDAw
adapter-shadowsocks_1 | 2021/08/24 13:12:46 aes-128-gcm:qCCj3kKsmdR1jFDH@www.yugogo.tk:50000
adapter-shadowsocks_1 | [Debug] 2021/08/24 13:12:46 ss.go:129: Create SS on port [50000] success!
adapter-shadowsocks_1 | [Debug] 2021/08/24 13:12:46 ss.go:130: listening TCP on 0.0.0.0:50000
adapter-shadowsocks_1 | [INFO] 2021/08/24 13:12:46 Start shadowsocks [aes-128-gcm|qCCj3kKsmdR1jFDH|50000]
docker_trojan_1 exited with code 1
@lanhebe
请展示一下你 trojan-go 目录下有哪些文件
以及trojan-go/server.json和docker-compose.yaml的文件内容
@fregie
请展示一下你 trojan-go 目录下有哪些文件
以及trojan-go/server.json和docker-compose.yaml的文件内容
trojan-go 目录下有data空文件夹,server.json,simple.fregie.cn.crt和simple.fregie.cn.key
server.json内容如下:
{
"run_type": "server",
"local_addr": "0.0.0.0",
"local_port": 2443,
"remote_addr": "www.bing.com",
"remote_port": 80,
"sqlite": "/opt/trojan/trojan.db",
"password": [
"yugogogo"
],
"ssl": {
"verify_hostname": true,
"cert": "/etc/ssl/certs/cert.crt",
"key": "/etc/ssl/certs/private.key"
},
"mux": {
"enabled": true,
"concurrency": 4,
"idle_timeout": 60
},
"websocket": {
"enabled": true,
"path": "/rainbow/mika"
},
"api": {
"enabled": true,
"api_addr": "0.0.0.0",
"api_port": 2552
}
}
docker-compose.yaml内容如下:
version: '3'
services:
trojan:
image: fregie/trojan-go:latest
ports:
- 2443:2443
- 2552:2552
volumes:
- ./trojan-go/server.json:/etc/trojan-go/config.json
- ./trojan-go/simple.fregie.cn.crt:/etc/ssl/certs/simple.fregie.cn.crt
- ./trojan-go/simple.fregie.cn.key:/etc/ssl/certs/simple.fregie.cn.key
- ./trojan-go/data:/opt/trojan
networks:
- simple
adapter-trojan:
image: fregie/adapter-trojan:latest
depends_on:
- trojan
ports:
- 10001:10001
environment:
ADDR: 0.0.0.0:10001
TROJAN_ADDR: trojan:2552
volumes:
- ./trojan-go/server.json:/server.json
networks:
- simple
adapter-shadowsocks:
image: fregie/adapter-shadowsocks:latest
ports:
- 10003:10003
- 50000-50100:50000-50100
environment:
ADDR: 0.0.0.0:10003
PORT_RANGE: 50000-50100
networks:
- simple
simple:
image: fregie/simple:latest
depends_on:
- adapter-shadowsocks
- adapter-trojan
- trojan
ports:
- 4433:4433
- 4444:4444
- 4442:4442
volumes:
- ./config.yaml:/config.yaml
- ./simple:/opt/simple
networks:
- simple
networks:
simple:
driver: bridge
config.yaml内容如下:
grpc_addr: "0.0.0.0:4433"
grpc_gateway_addr: "0.0.0.0:4443"
prom_addr: "0.0.0.0:4442"
host: www.yugogo.tk
sqlite: /opt/simple/simple.db
services:
- "adapter-trojan:10001"
- "adapter-shadowsocks:10003"
trojan的配置文件中,你的证书和key配置是如下
"ssl": {
"verify_hostname": true,
"cert": "/etc/ssl/certs/cert.crt",
"key": "/etc/ssl/certs/private.key"
},需要在trojan的docker镜像中这两个文件存在且可用,在docker-compose.yaml中对应的配置是:
trojan:
image: fregie/trojan-go:latest
ports:
- 2443:2443
- 2552:2552
volumes:
- ./trojan-go/server.json:/etc/trojan-go/config.json
- ./trojan-go/simple.fregie.cn.crt:/etc/ssl/certs/simple.fregie.cn.crt
- ./trojan-go/simple.fregie.cn.key:/etc/ssl/certs/simple.fregie.cn.key
- ./trojan-go/data:/opt/trojan这里的证书映射是不正确的,你需要做的是:
将你的docker-compose.yaml文件中trojan的部分修改为:
trojan:
image: fregie/trojan-go:latest
ports:
- 2443:2443
- 2552:2552
volumes:
- ./trojan-go/server.json:/etc/trojan-go/config.json
- 你证书的路径:/etc/ssl/certs/cert.crt
- 你私钥的路径:/etc/ssl/certs/private.key
- ./trojan-go/data:/opt/trojan