本帖最后由 ifreeswan 于 2025-2-16 23:37 编辑
pve 提供 透明代理 和 frpc 内网穿透
pve 用官方镜像 安装的 haos 虚拟机,网关 dns 设置为 pve 就行
外网服务器 有域名,证书,frps , nginx
测试成功,大家看看,还有什么更好的办法,这些都是最近一段时间 在论坛和网上学的,还有 ai 。
#configuration.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- 127.0.0.1
- ::1
- 192.168.1.0/24
#frpc.toml
serverAddr = "haos.domain"
serverPort = 7000
auth.method = "token"
auth.token = "1560273796"
[[proxies]]
name = "haos_http"
type = "http"
localIP = "10.0.0.8"
localPort = 8123
customDomains = ["haos.domain"]
transport.useEncryption = true
transport.useCompression = true
#frps.toml
bindPort = 7000
auth.method = "token"
auth.token = "123456789"
vhostHTTPPort = 8080
webServer.addr = "0.0.0.0"
webServer.port = 7500
webServer.user = "admin"
webServer.password = "admin"
#haos.domain.conf
server {
listen 80;
server_name haos.domain;
location / {
rewrite ^ https://haos.domain$request_uri? permanent;
}
}
server {
listen 443 ssl;
server_name haos.domain;
ssl_certificate /root/cert/domain.cer;
ssl_certificate_key /root/cert/domain.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;
ssl_prefer_server_ciphers on;
proxy_set_header X-Forwarded-Proto https;
location /api/websocket {
proxy_pass http://127.0.0.1:8080/api/websocket;
proxy_read_timeout 60s;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'Upgrade';
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_buffering off;
proxy_pass http://127.0.0.1:8080;
}
}
| 
发表于 2025-2-16 23:13:29
楼主