Provide both trojan and trojan grpc on the same domain name
User --- haproxy ----- (h2) ----- nginx ----- (grpc) ----- v2ray ----- PROXY | └--------------------------------return 404 └-----(http1.1)---v2ray-----(trojan)-----------------PROXY └--------------------nginx-------return 404
global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy user haproxy group haproxy daemon ssl-default-bind-ciphers TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20:ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 defaults log global mode tcp option dontlognull maxconn 5000 timeout connect 5s timeout client 20s timeout server 20s timeout queue 30s timeout http-request 5s timeout http-keep-alive 15s frontend www bind :443 ssl crt /etc/haproxy/cert.pem alpn h2,http/1.1 mode tcp use_backend nodes-http2 if { ssl_fc_alpn -i h2 } default_backend nodes-http backend nodes-http mode tcp server http 127.0.0.1:44445 backend nodes-http2 mode tcp server http2 127.0.0.1:44444 send-proxy
server { listen 80; server_name domain.example.com; location / { default_type text/html; return 404 '<h1>Not Found!</h1>'; } } server { listen 127.0.0.1:44444 http2 proxy_protocol; server_name domain.example.com; real_ip_header proxy_protocol; set_real_ip_from "unix:"; location / { default_type text/html; return 404 '<h1>Not Found!</h1>'; } location /GrpcServiceName/Tun { grpc_pass grpc://127.0.0.1:44443 ; } }
... "inbounds": [ { "listen": "127.0.0.1", "port": 44445, "tag": "trojan", "protocol": "trojan", "settings": { "clients":[ { "email": "testuser", "password": "99999999-9999-9999-9999-999999999999", "level": 0 } ], "fallbacks": [ { "dest": 80 } ] }, "sniffing": { "enabled": true, "destOverride": ["http", "tls"] }, "streamSettings": { "network": "tcp", "security": "none" } }, { "listen": "127.0.0.1", "port": 44443, "tag": "trojan-grpc", "protocol": "trojan", "settings": { "clients":[ { "email": "testuser", "password": "99999999-9999-9999-9999-999999999999", "level": 0 } ] }, "sniffing": { "enabled": true, "destOverride": ["http", "tls"] }, "streamSettings": { "network": "grpc", "security": "none", "grpcSettings": { "serviceName": "GrpcServiceName" } } } ], ...