[Interface]
PrivateKey = 私钥
Address = 10.8.0.3/24
[Peer]
PublicKey = 公钥
PresharedKey = Xtz5vzzicOncQe3Dt8LMFIbdxa/XUepY9hAllrJ3k30=
AllowedIPs = 10.8.0.0/24
Endpoint = 152.136.153.72:51820然后开始macos的操作,首先,你需要有一个Homebrew来用于安装软件。
使用 Homebrew 安装 WireGuard 工具包:
brew install wireguard-tools使用下面的命令创建配置文件:
sudo vim /opt/homebrew/etc/wireguard/wg0.conf编辑配置文件,添加以下内容:
[Interface]
PrivateKey = 私钥
Address = 10.8.0.7/24
MTU = 1540
[Peer]
PublicKey = 公钥
PresharedKey =
AllowedIPs = 10.8.0.0/24
Endpoint = 152.136.153.72:51820
PersistentKeepalive = 25一切配置好之后,安装图形化界面WireGuardStatusbar
去https://github.com/aequitas/macos-menubar-wireguard这个链接下载文件安装。安装完毕之后,启动wg0这个就可以了。
不想安装的话可以使用这个命令去
开启
sudo wg-quick up wg0关闭
sudo wg-quick down wg0HTTPS页面 (aaa.com)
└── HTTP iframe (bbb.com)
└── HTTP frame (ccc.com)大概是这种形式的,所以在第一个a网站是我自己写的,所以我就选择了直接使用http替换成https的了
然后配置b网站
server {
listen 80;
server_name www.bbb.com;
# 强制跳转到 HTTPS
return 301 https://$host$request_uri;
}
# 处理www.bbb.com 的 HTTPS 请求
server {
listen 443 ssl;
server_name www.bbb.com;
# SSL 证书配置(你需要配置自己的证书)
ssl_certificate /path/to/your/certificate.crt;
ssl_certificate_key /path/to/your/private.key;
# 添加安全头
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "upgrade-insecure-requests";
# 代理到后端应用
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# 特别处理企业查看接口,确保内容中的HTTP链接被替换
location /rotech-xyjq-api/api/enterprise/view {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 替换内容中的HTTP链接为HTTPS
sub_filter 'http://b-plugin.qixin.com/' 'https://b-plugin.qixin.com/';
sub_filter 'http://b-plugin.qixin.com' 'https://b-plugin.qixin.com';
sub_filter_once off;
}
}这样就可以再a网站加载c网站的了,可以无限套娃了,前提是每个娃娃都有https这个。
]]>