蓝灯服务端Lantern Chained Server基于Apache Traffic Server(ATS)实现,相关的文档已经在github上公开,现在你也可以在VPS上部署专属的蓝灯Lantern Chained Server服务端。以下教程以Ubuntu 14.10环境为例。
部署步骤:
1,配置环境
sudo apt-get update
sudo apt-get install -y git libtool tcl openjdk-7-jre-headless openssl
2,生成你的私钥与证书(要在安装ATS之前生成)
CERT_PASS=MY_VERY_OWN_PASSWORD
IP=`ifconfig eth0 | grep "inet addr" | awk -F ':' '{print $2}' | awk '{print $1}'`
keytool -genkeypair -keystore keystore.jks -alias ats -keypass "$CERT_PASS" -storepass "$CERT_PASS" -ext san=ip:$IP -dname 'CN=Seacoasts Furtwngler, O=Poising Parched, L=Bin, S=California, C=US' -startdate -3m-27d -keyalg RSA -keysize 2048 -validity 730
keytool -v -importkeystore -srckeystore keystore.jks -srcalias ats --srcstorepass "$CERT_PASS" -destkeystore keystore.p12 -deststoretype PKCS12 --deststorepass "$CERT_PASS"
openssl pkcs12 -in keystore.p12 -passin pass:"$CERT_PASS" -out key.pem -passout pass:"$CERT_PASS" # key.pem will be used by ATS
keytool -export -alias ats -keystore keystore.jks --storepass "$CERT_PASS" -rfc -file cert.pem # cert.pem will be the in chained server config
3,通过github安装蓝灯Lantern Chained Server服务端
git clone http://ift.tt/1LmnP9t
cd ats
sudo AUTH_TOKEN=xxx CERT_FILE=<path of key.pem> CERT_PASS=xxx ./install.sh
4,配置蓝灯Lantern Chained Server服务端
chainedservers:
my-fallback-server:
addr: <ip>:443
pipelined: true
cert: "<content of cert.pem here>"
authtoken: "<AUTH_TOKEN here>"
weight: 1000000
qos: 10
trusted: true
5,配置一个简单的Auth
sudo apt-get -y install autoconf libtool pkg-config libssl-dev tcl-dev libxml2-dev libpcre3-dev
(cd ~; wget http://ift.tt/1VF3EOZ && tar jxvf trafficserver-5.3.1.tar.bz2)
# To generate headers required by plugin
(cd ~/trafficserver-5.3.1 && autoreconf -if && ./configure --prefix=/opt/ts)
tsxs -I ~/trafficserver-5.3.1/lib/ts/ -o lantern-auth.so -c lantern-auth.c
最后激活该蓝灯Lantern Chained Server服务
cp lantern-auth.so /opt/ts/libexec/trafficserver
sudo service trafficserver reload
via 细节的力量 http://ift.tt/1FVTPVW
No comments:
Post a Comment