85 lines
2.3 KiB
Django/Jinja
85 lines
2.3 KiB
Django/Jinja
{
|
|
"log": {
|
|
"loglevel": "warning"
|
|
},
|
|
"routing": {
|
|
"domainStrategy": "IPIfNonMatch",
|
|
"rules": [
|
|
{
|
|
"type": "field",
|
|
"ip": [
|
|
"geoip:cn"
|
|
],
|
|
"outboundTag": "block"
|
|
}
|
|
]
|
|
},
|
|
"inbounds": [
|
|
{
|
|
"listen": "0.0.0.0",
|
|
"port": 1443,
|
|
"protocol": "vless",
|
|
"settings": {
|
|
"clients": [
|
|
{
|
|
"id": "{% raw %}{{ UUID }}{% endraw %}",
|
|
"flow": "xtls-rprx-vision"
|
|
}
|
|
],
|
|
"decryption": "none",
|
|
"fallbacks": [
|
|
{
|
|
"dest": "8001",
|
|
"xver": 1
|
|
},
|
|
{
|
|
"alpn": "h2",
|
|
"dest": "8002",
|
|
"xver": 1
|
|
}
|
|
]
|
|
},
|
|
"streamSettings": {
|
|
"network": "tcp",
|
|
"security": "tls",
|
|
"tlsSettings": {
|
|
"rejectUnknownSni": true,
|
|
"minVersion": "1.2",
|
|
"certificates": [
|
|
{
|
|
"ocspStapling": 3600,
|
|
"certificateFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_tls_cert_name }}/{{ agent_tls_cert_name }}.crt",
|
|
"keyFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_tls_cert_name }}/{{ agent_tls_cert_name }}.key"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"sniffing": {
|
|
"enabled": true,
|
|
"destOverride": [
|
|
"http",
|
|
"tls"
|
|
]
|
|
}
|
|
}
|
|
],
|
|
"outbounds": [
|
|
{
|
|
"protocol": "freedom",
|
|
"tag": "direct"
|
|
},
|
|
{
|
|
"protocol": "blackhole",
|
|
"tag": "block"
|
|
}
|
|
],
|
|
"policy": {
|
|
"levels": {
|
|
"0": {
|
|
"handshake": 2,
|
|
"connIdle": 120
|
|
}
|
|
}
|
|
}
|
|
}
|