一键开启trojan-go docker

date
Dec 23, 2021
slug
tip-trojan-go-docker
status
Published
summary
小技巧-trojan-go 最简单版本;用于iplc转发的落地系统
tags
tip
type
Post
URL
Problem & SummarySolution服务器端客户端

Problem & Summary

  • 一键开启trojan docker - 可以再用iplc来转发

Solution

服务器端

export DOCKER_NAME='trojan-go'
export DOCKER_PORT=44443
export DOCKER_PASSWORD='YourPassword'
export DOCKER_SNI='your.domain.com'

mkdir -p /data/trojan-go; cd /data/trojan-go
# 对应your.domain.com的ssl - 如果client端到时ignore ssl,这里就无所谓了
cat > ./server.crt <<EOF
-----BEGIN CERTIFICATE-----
MIIEmjCCA4KgAwIBAgIUYzJXQBvpBbmBZIPj4WCeNJL6MG0wDQYJKoZIhvcNAQEL
BQAwgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQw
MgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MB4XDTIxMTEyMDAxNTUwMFoXDTM2MTExNjAxNTUwMFowYjEZMBcGA1UEChMQQ2xv
dWRGbGFyZSwgSW5jLjEdMBsGA1UECxMUQ2xvdWRGbGFyZSBPcmlnaW4gQ0ExJjAk
BgNVBAMTHUNsb3VkRmxhcmUgT3JpZ2luIENlcnRpZmljYXRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+TzrczWX2x0UjSgpZKoNO+x9EAqIiI80vOT
nOd/3sklvOKBp6et3jBrU88L4et2i0K8r2FlwxSSzBsysQiqzZiZRk9nB1KddGbH
vbSdXxDNvQSLQRQldWEAgmZFZ7C/To2tLInEJE2jKgaby84ZoTQjsfF8EuE1I8Lo
WPlMZ2lPJ2F6/nvaVukx9ZpAMI3UHsu1oU+tuEWX/w0DB8q7QTzh0Hc4Knjs1bCO
6rMnMTzFoVMRVdae6vz+m3egvDD4w7su0LYRzNp5IzD4VAEm5TmJJHYOEoFqWNic
kRVpaBHyCWMb93Q7H6VTsUHvYDT5UnDg11pt+UKFwYwxGFMBIwIDAQABo4IBHDCC
ARgwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQWfudbbu5+337s9QQzOrCvZp4l1DAf
BgNVHSMEGDAWgBQk6FNXXXw0QIep65TbuuEWePwppDBABggrBgEFBQcBAQQ0MDIw
MAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLmNsb3VkZmxhcmUuY29tL29yaWdpbl9j
YTAdBgNVHREEFjAUggkqLm5pbmUuaW2CB25pbmUuaW0wOAYDVR0fBDEwLzAtoCug
KYYnaHR0cDovL2NybC5jbG91ZGZsYXJlLmNvbS9vcmlnaW5fY2EuY3JsMA0GCSqG
SIb3DQEBCwUAA4IBAQAOGwjbFuwMEDDadx8V5CDx9hUiB/nVpaejGf4BrgT/ZE6O
4uSJfXBdKVTWIKO75l2Qp0k8x8qYzny38574Tjj5bZBYGaBvJSnb9BOO/nArsydA
D4O6IV1nsImwxwK1U+H1+4T+IXX3K3YTYB2WQqbeajjfgjTUi5iCtESrR5RdpIJc
nJd5/eV238ugmLi93+YHWirlixzE23D1NCBgHa7CMCEzBb4598QV8YnFcJYyDoVv
IcA8LRtASyf+A6mMxr+AR2ElWFrM2wSMWEE3xzBRRZn8/Tkem+5x7T9+fsbrROhd
EYGh90bBiJfegPDt7jpi1XJ+u62CJaI2awAJXCZQ
-----END CERTIFICATE-----
EOF

cat > ./server.key <<EOF
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDP5POtzNZfbHRS
NKClkqg077H0QCoiIjzS85Oc53/eySW84oGnp63eMGtTzwvh63aLQryvYWXDFJLM
GzKxCKrNmJlGT2cHUp10Zse9tJ1fEM29BItBFCV1YQCCZkVnsL9Oja0sicQkTaMq
BpvLzhmhNCOx8XwS4TUjwuhY+UxnaU8nYXr+e9pW6TH1mkAwjdQey7WhT624RZf/
DQMHyrtBPOHQdzgqeOzVsI7qsycxPMWhUxFV1p7q/P6bd6C8MPjDuy7QthHM2nkj
MPhUASblOYkkdg4SgWpY2JyRFWloEfIJYxv3dDsfpVOxQe9gNPlScODXWm35QoXB
jDEYUwEjAgMBAAECggEAFHcZ4+STv94Jz2Pd4p6+z0M/VeeRHj4Xlb6jq+EALfrI
K8FyeQIhNAu5LQ1nQoyu5UOjFnK0lVErqEsPIO1U/xtED29WmZpw5JoPlKW4jji1
wCM34CavD1CGv894ip4UHxQEVauUMuyvoL34zUXTMRLUZrp6d9NSq1wPCl80PcOr
OF2SRjL8OhvDFlZA+5WYZ33XCpTIvrB2nM+nAe5/hupDlYZ2Prkoq9tVon0xKhkk
4n0IiZgDY2wfFRMwHal0mPf1xQtSt9A/khRO7pQY2jqyi0FyLdPjn/6WZ4cimb4Z
q2Xv96CQ4a/Vvv5ndssH7aNlPKQ1WnBrt2li5otAcQKBgQDrnDIEM8vc1DZasunK
DJ3OLSAnxZ8vJA14D4YtotcpPRkQsoum+5Gc60KAl/PLZ7lA7S7o+im8KrxFvydp
Ti+QMwmQwkxAVlm7pALynRi4AjKxuqWUBEvlVTUUy/b1UL76CSpUHqy3cnMUVZe5
3VjZ2XL3NkEk19FUGwOoPo92kQKBgQDh4rqysuiO23HlSKC8ORCAl/ZUwsHNWKFi
uipdapsQcTr9jDsOgeE0nWO9QzgpCzuJzCGoH/lFlAxS1XAXpsQSV5I4dCal8pX0
Q1OFJ01nRmew8dwqU30lJnhSdFPWuOpu9rG2gPbzyMkdvEgKaPz9VyvJ1/Wh/VyN
xqGFYZ/ecwKBgQCODVFWmUgLb2MKEh7EtBCc0zY05ICSMoFwZqO2dhyVf4HSQGPU
nI5xdqJU18ikVXgq/hWvX8yz52w1/QctBXfF0A+vWIYSsD1P1ZX1YuQZZTHdWDQm
ZuS/cz0audK+mx1ZsRb1Or1VqUpa8zQUWrEMP3+CLxLdvMU3mUX+NSHYEQKBgGOv
ZWkbX1o8KeVfyd+G52t4pLL/R/vRU1d4hN25ADmfXsMqMZ3TX4mSs8OAeLZUSLAl
L+08PwufrFiZ7N/jLsBReSwExlGR3u9vDtrCX3xmK7iA5AKh2aaddZgd0in+bScP
I5pBC7rGL0s6HijJ8Gv1HlPzRGl6oG/I6tssHBtVAoGAYuilLg3TP56dZpnkcP4f
5U9bAtuEb8IkugWHLNePsHwXJy/m7KbQnjhx6+xBKy3QEPDwMuZ7mgtaE5rqVd36
DiVpghTA5QtFcrVqX2YjNsEcZOLoP9ycTYk0ohj7ph827RFSZgQZekUrG68ozgxK
WwVokWrIz/VVf0t/EHVYoAQ=
-----END PRIVATE KEY-----
EOF

cat > ./config.json <<EOF
{
    "run_type": "server",
    "local_addr": "0.0.0.0",
    "local_port": 443,
    "remote_addr": "www.bing.com",
    "remote_port": 80,
    "password": [
        "$DOCKER_PASSWORD"
    ],
    "ssl": {
        "cert": "/data/server.crt",
        "key": "/data/server.key",
        "sni": "$DOCKER_SNI"
    }
}
EOF


docker run \
    -d --name=${DOCKER_NAME} --restart=always \
    -p $DOCKER_PORT:443 \
    -p 7443:443 \
    -p 8443:443 \
    -p 9443:443 \
    -p 10443:443 \
    -p 11443:443 \
    -p 12443:443 \
    -p 13443:443 \
    -p 14443:443 \
    -p 15443:443 \
    -p 16443:443 \
    -p 17443:443 \
    -p 18443:443 \
    -p 19443:443 \
    -p 20443:443 \
    -p 21443:443 \
    -p 22443:443 \
    -p 23443:443 \
    -v $(pwd)/server.crt:/data/server.crt:ro \
    -v $(pwd)/server.key:/data/server.key:ro \
    -v $(pwd):/etc/trojan-go \
    teddysun/trojan-go

docker logs -f ${DOCKER_NAME}
 

客户端

# 这是在clash当中的 - sni必须要填对
- name: "-trojan-go"
  type: trojan
  server: your.domain.com
  port: 44443
  password: YourPassword
  sni: your.domain.com
  skip-cert-verify: true
 
notion image
notion image

© Ying Bun 2021 - 2024