上个博客讲了用宝塔完成基础的博客搭建,很多配置都是采用默认的配置。这边在运行trojan和nginx的时候发现,这两者会存在443端口冲突。接着我们需要解决这个端口冲突问题,最后通过Nginx的ngx_stream_ssl_preread_module来完成。它能够做到根据SNI进行信息转发。
stream {
log_format tcp_format '$time_local|$remote_addr|$protocol|$status|$bytes_sent|$bytes_received|$session_time|$upstream_addr|$upstream_bytes_sent|$upstream_bytes_received|$upstream_connect_time';
access_log /www/wwwlogs/tcp-access.log tcp_format;
error_log /www/wwwlogs/tcp-error.log;
include /www/server/panel/vhost/nginx/tcp/*.conf;
map $ssl_preread_server_name $backend_name {
host.wakaka007.cn trojan;
# 域名都不匹配情况下的默认值
default web;
}
upstream trojan {
server 127.0.0.1:8805;
}
upstream web {
server 127.0.0.1:8804;
}
server {
listen 443 reuseport;
listen [::]:443 reuseport;
proxy_pass $backend_name;
ssl_preread on;
}
}引用博客:https://www.chengxiaobai.com/trouble-maker/trojan-shared-443-port-scheme
