配置Juicity代理

Juicity是一个基于quic的代理协议，更多介绍可移步项目地址查看：https://Github.com/juicity/juicity

系统我使用的debian12，安装需要用到的软件包：

apt -y update  apt -y install wget unzip uuid-runtime nginx python3-certbot-nginx

下载对应架构的压缩包，这里我是arm64：

wget https://github.com/juicity/juicity/releases/download/v0.3.0/juicity-linux-arm64.zip  unzip juicity-linux-arm64.zip -d juicity  cd juicity

把juicity-server复制到/usr/local/bin：

cp juicity-server /usr/local/bin

新建一个目录用于存放juicity的配置文件：

mkdir /etc/juicity

新建juicity的配置文件：

nano /etc/juicity/server.json

写入如下配置：

{      "listen": ":23182",      "users": {          "5075556a-13df-4d6a-aa14-4747040bb7e5": "password"      },      "certificate": "/etc/letsencrypt/live/juicity.example.com/fullchain.pem",      "private_key": "/etc/letsencrypt/live/juicity.example.com/privkey.pem",      "congestion_control": "bbr",      "disable_outbound_udp443": true,      "log_level": "info"  }

其中UUID可使用如下命令生成：

uuidgen

新建systemd服务：

nano /etc/systemd/system/juicity-server.service

写入如下配置：

[Unit]  Description=juicity-server Service  Documentation=https://github.com/juicity/juicity  After=network.target nss-lookup.target    [Service]  Type=simple  ExecStart=/usr/local/bin/juicity-server run -c /etc/juicity/server.json --disable-timestamp  Restart=on-failure  LimitNPROC=512  LimitNOFILE=infinity    [Install]  WantedBy=multi-user.target

设置开机自启：

systemctl enable juicity-server.service

接下来需要申请一个SSL证书，这里我用Certbot和NGINX来完成。

新建一个NGINX站点配置文件：

nano /etc/nginx/sites-available/juicity

写入如下配置：

server {      listen 80;      server_name juicity.example.com; // 修改成你的域名  }

启用站点：

ln -s /etc/nginx/sites-available/juicity /etc/nginx/sites-enabled/juicity

签发SSL证书：

certbot --nginx

再次编辑juicity的配置文件：

nano /etc/juicity/server.json

将证书和私钥路径修改成刚申请的：

{  ...      "certificate": "/etc/letsencrypt/live/juicity.example.com/fullchain.pem",      "private_key": "/etc/letsencrypt/live/juicity.example.com/privkey.pem",  ...  }

启动juicity服务：

systemctl start juicity-server.service

确保juicity服务正常运行：

至此，juicity服务端配置完成。接下来是客户端的配置。

在这里下载对应系统的压缩包：

https://Github.com/juicity/juicity/releases

例如我使用windows X64则下载：

https://Github.com/juicity/juicity/releases/download/v0.3.0/juicity-windows-x86_64.zip

解压压缩包里面的文件到一个文件夹内。

在同一个文件夹内新建一个客户端配置文件，例如client.json，写入如下配置：

{      "listen": ":1080",      "server": "server ip:23182", // server ip修改为你的服务器IP      "uuid": "5075556a-13df-4d6a-aa14-4747040bb7e5", // 对应服务端的UUID      "password": "password", // 对应服务端的密码      "sni": "juicity.example.com", // 申请证书时使用的域名      "allow_insecure": false,      "congestion_control": "bbr",      "log_level": "info"  }

打开PowerShell运行juicity客户端：

./juicity-client.exe run -c client.json

现在已经可用了，juicity在1080端口起了一个HTTP/Socks5服务，将需要使用代理的程序配置使用这个服务即可。

[可选]配置sing-box使用juicity，实现分流、TUN透明代理等高级功能。下面是一个sing-box的示例配置：

{    "log": {      "level": "info",      "timestamp": true    },    "dns": {      "servers": [        {          "tag": "cloudflare",          "address": "https://1.1.1.1/dns-query"        },        {          "tag": "dnspod",          "address": "https://1.12.12.12/dns-query",          "detour": "direct"        },        {          "tag": "block",          "address": "rcode://success"        }      ],      "rules": [        {          "geosite": "cn",          "server": "dnspod"        },        {          "geosite": "category-ads-all",          "server": "block",          "disable_cache": true        }      ]    },    "inbounds": [      {        "type": "tun",        "tag": "tun-in",        "interface_name": "singbox-tun",        "inet4_address": "172.20.0.1/30",        "auto_route": true,        "strict_route": true,        "stack": "system",        "sniff": true      }    ],    "outbounds": [      {        "type": "socks",        "tag": "socks-out",        "server": "127.0.0.1",        "server_port": 1080,        "version": "5"      },      {        "type": "direct",        "tag": "direct"      },      {        "type": "block",        "tag": "block"      },      {        "type": "dns",        "tag": "dns"      }    ],    "route": {      "rules": [        {          "protocol": "dns",          "outbound": "dns"        },        {          "geosite": "cn",          "geoip": [            "cn",            "private"          ],          "outbound": "direct"        },        {        	"process_name": "juicity-client.exe",        	"outbound": "direct"        },        {          "geosite": "category-ads-all",          "outbound": "block"        }      ],      "auto_detect_interface": true    }  }

用管理员权限打开PowerShell运行sing-box：

./sing-box.exe run -c juicity-tun.json