Init
This commit is contained in:
commit
e5e32c769a
57
Caddyfile
Normal file
57
Caddyfile
Normal file
@ -0,0 +1,57 @@
|
||||
{
|
||||
#debug
|
||||
order replace after encode
|
||||
}
|
||||
|
||||
(log) {
|
||||
log {
|
||||
output file /log/{args[0]}/access.log {
|
||||
roll_size 100MiB
|
||||
roll_local_time
|
||||
roll_keep 10
|
||||
roll_keep_for 2160h
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
(common) {
|
||||
header Host {host}
|
||||
header X-Real-IP {remote_host}
|
||||
header X-Forwarded-For {remote_host}
|
||||
header X-Forwarded-Proto {scheme}
|
||||
|
||||
request_body {
|
||||
max_size 10MB
|
||||
}
|
||||
}
|
||||
|
||||
(ratelimit) {
|
||||
rate_limit {
|
||||
zone dynamic_zone {
|
||||
key {client_ip}
|
||||
events 50
|
||||
window 1s
|
||||
}
|
||||
log_key
|
||||
}
|
||||
}
|
||||
|
||||
(geoblock) {
|
||||
@non_china_block {
|
||||
not {
|
||||
maxmind_geolocation {
|
||||
db_path "/geodb/GeoLite2-Country.mmdb"
|
||||
allow_countries CN
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
respond @non_china_block "You are blocked" 403
|
||||
}
|
||||
|
||||
:443 {
|
||||
tls internal
|
||||
respond 404
|
||||
}
|
||||
|
||||
import /conf/*
|
13
READMD.md
Normal file
13
READMD.md
Normal file
@ -0,0 +1,13 @@
|
||||
## Github 镜像配置
|
||||
|
||||
./conf/github.caddyfile
|
||||
|
||||
## Google 镜像配置
|
||||
|
||||
./conf/google.caddyfile
|
||||
|
||||
## 使用的 Caddy 模块
|
||||
|
||||
github.com/caddyserver/replace-response
|
||||
github.com/mholt/caddy-ratelimit
|
||||
github.com/porech/caddy-maxmind-geolocation
|
135
conf/github.caddyfile
Normal file
135
conf/github.caddyfile
Normal file
@ -0,0 +1,135 @@
|
||||
(communal) {
|
||||
header_down -Strict-Transport-Security
|
||||
header_down -Content-Security-Policy
|
||||
header_down -Set-Cookie
|
||||
header_down -x-pjax-url
|
||||
header_down -Referrer-Policy
|
||||
header_up Accept-Encoding identity
|
||||
}
|
||||
|
||||
github.example.com {
|
||||
import log github.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
|
||||
replace {
|
||||
https://raw.githubusercontent.com https://github-raw.example.com
|
||||
https://github.com https://github.example.com
|
||||
https://github.githubassets.com https://github-assets.example.com
|
||||
https://api.github.com https://github-api.example.com
|
||||
}
|
||||
|
||||
@downloads path_regexp ^/[^/]+/[^/]+/releases/download/.*$
|
||||
redir @downloads https://github-download.example.com{re.0}
|
||||
|
||||
@archives path_regexp ^/[^/]+/[^/]+/archive/.*$
|
||||
redir @archives https://github-archive.example.com{re.0}
|
||||
|
||||
@artifacts path_regexp ^/[^/]+/[^/]+/suites/[^/]+/artifacts/.*$
|
||||
redir @artifacts https://github-download.example.com{re.0}
|
||||
|
||||
reverse_proxy https://github.com {
|
||||
import communal
|
||||
header_up Host github.com
|
||||
header_up Referer https://github.com/
|
||||
header_up Origin https://github.com
|
||||
}
|
||||
}
|
||||
|
||||
github-assets.example.com {
|
||||
import log github-assets.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
|
||||
reverse_proxy https://github.githubassets.com {
|
||||
import communal
|
||||
header_up Host github.githubassets.com
|
||||
}
|
||||
}
|
||||
|
||||
github-codeload.example.com {
|
||||
import log github-codeload.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
|
||||
reverse_proxy https://codeload.github.com {
|
||||
import communal
|
||||
header_up Host github.com
|
||||
}
|
||||
}
|
||||
|
||||
github-download.example.com {
|
||||
import log github-download.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
|
||||
@archives path_regexp ^/[^/]+/[^/]+/archive/.*$
|
||||
redir @archives https://github-archive.example.com{re.0}
|
||||
|
||||
@downloads path_regexp ^/[^/]+/[^/]+/releases(/latest)?/download/.*$
|
||||
reverse_proxy @downloads https://github.com {
|
||||
import communal
|
||||
header_up Host github.com
|
||||
}
|
||||
|
||||
@artifacts path_regexp ^/[^/]+/[^/]+/suites/[^/]+/artifacts/.*$
|
||||
reverse_proxy @artifacts https://github.com {
|
||||
import communal
|
||||
header_up Host github.com
|
||||
}
|
||||
}
|
||||
|
||||
github-raw.example.com {
|
||||
import log github-raw.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
|
||||
replace https://raw.githubusercontent.com https://github-raw.example.com
|
||||
|
||||
reverse_proxy https://raw.githubusercontent.com {
|
||||
import communal
|
||||
header_up Host raw.githubusercontent.com
|
||||
}
|
||||
}
|
||||
|
||||
github-api.example.com {
|
||||
import log github-api.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
|
||||
replace {
|
||||
https://github.com https://github.example.com
|
||||
https://raw.githubusercontent.com https://github-raw.example.com
|
||||
https://api.github.com https://github-api.example.com
|
||||
}
|
||||
|
||||
reverse_proxy https://api.github.com {
|
||||
import communal
|
||||
header_up Host api.github.com
|
||||
}
|
||||
}
|
||||
|
||||
github-archive.example.com {
|
||||
import log github-archive.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
|
||||
@downloads path_regexp ^/[^/]+/[^/]+/releases(/latest)?/download/.*$
|
||||
redir @downloads https://github-download.example.com{re.0}
|
||||
|
||||
@artifacts path_regexp ^/[^/]+/[^/]+/suites/[^/]+/artifacts/.*$
|
||||
redir @artifacts https://github-download.example.com{re.0}
|
||||
|
||||
@archives path_regexp ^/[^/]+/[^/]+/archive/.*$
|
||||
reverse_proxy @archives https://github.com {
|
||||
import communal
|
||||
header_up Host github.com
|
||||
}
|
||||
}
|
28
conf/google.caddyfile
Normal file
28
conf/google.caddyfile
Normal file
@ -0,0 +1,28 @@
|
||||
google.example.com {
|
||||
import log google.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
replace http://www.google.com http://google.example.com
|
||||
replace https://www.google.com http://google.example.com
|
||||
|
||||
reverse_proxy https://www.google.com {
|
||||
header_up Host www.google.com
|
||||
header_down Set-Cookie google.com google.example.com
|
||||
}
|
||||
}
|
||||
|
||||
google-scholar.example.com {
|
||||
import log google-scholar.example.com
|
||||
import common
|
||||
import ratelimit
|
||||
import geoblock
|
||||
replace http://www.google.com http://google.example.com
|
||||
replace https://www.google.com http://google.example.com
|
||||
replace https://scholar.google.com http://google-scholar.example.com
|
||||
|
||||
reverse_proxy https://scholar.google.com {
|
||||
header_up Host scholar.google.com
|
||||
header_down Set-Cookie google.com google-scholar.example.com
|
||||
}
|
||||
}
|
BIN
geodb/GeoLite2-Country.mmdb
Normal file
BIN
geodb/GeoLite2-Country.mmdb
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user