This is an effort to automate setting up trojan proxy server with nginx.
- VPS running Ubuntu
- a registered domain pointing to your VPS server
[webserver]
host ansible_host=1.2.3.4 ansible_user=root
variables/ssh.yaml
---
ssh_user: "user"
ssh_password: "$6$UJsEuR4OCLBtxL5H$f4VRQVt5WVcGIpJ1ExEJ6SvgT3Cjs3UI.cqQroJMLFXJY9ePuons6ic.eLe7oICF1OL79laX1UrUBjIN0GJ/Y."
ssh_port: "1234"
public_key_path: "/home/user/.ssh/id_rsa.pub" # local public key path on your machine
ssl certificate specific variables in certificate.yaml
email: "[email protected]"
primary_domain: "example.com"
sub_domain: "sub.example.com" # trojan requests will be proxied to this domain
trojan variables in variables/trojan.yaml
---
trojan_password: "xyz"
It is recommended to perform these steps (change default ssh port, user, etc.) to avoid potential cyberattacks to your server, though it is not necessary.
ansible-playbook 01-add-ssh-user.yaml
ansible-playbook 02-generate-certificate.yaml --ask-become-pass
ansible-playbook 03-setup-nginx.yaml --ask-become-pass
ansible-playbook 04-setup-trojan.yaml --ask-become-pass