Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

مشکل با تنظیمات شبکه توزیع محتوا - سی دی اِن (هم کلود فلر و هم آروان) #116

Closed
parsatavafi opened this issue Feb 12, 2023 · 1 comment
Closed

مشکل با تنظیمات شبکه توزیع محتوا - سی دی اِن (هم کلود فلر و هم آروان) #116

parsatavafi opened this issue Feb 12, 2023 · 1 comment

Comments

@parsatavafi
Copy link

من سه تا سرور از هتزنر گرفتم. DNS های دو تا رو روی کلودفلر و یکی رو روی شبکه ی آروان تنظیم کردم و هر سه تاش دیشب خیلی خوب داشت کار می کرد. چند ساعتیه متوجه شدم که سیستم فقط با IP و از روی پروتکل http میاد بالا اما روی پروتکل https و دامنه و CDN فعال لود نمیشه.
سروری که روی ابر اروان تنظیم شده در مرورگر پیغام خطای :

خطای ۵۰۴ | Gateway Timeout
سرور وب‌سایت به طور موقت از دسترس خارج شده است.

و سرورهایی که با کلودفلر تنظیم شده در مرورگر خطای ERR_CONNECTION_CLOSED میده و کلا صفحه ای لود نمیشه

تنظیمات رو تغییر دادم شاید مشکل حل بشه اما زمان Apply configs کردن یکی از سرویس ها به نام ss-v2ray رو failed نشون داده. محتویات فایل log اش رو این پایین کپی می کنم :

Please open the following link in the browser for client setup
Finished! Thank you for helping Iranians to skip filternet.
===========================================================
---------------------Finished!------------------------
nginx                           active                         
hiddify-xray                 active                         
hiddify-sniproxy          active                         
hiddify-panel               active                         
ss-v2ray                       failed                         
ss-faketls                     inactive                       
netdata                        inactive                       
Feb 13 00:23:01 Helsinki systemd[1]: Started HTTPS SNI Proxy.

             └─101418 /usr/sbin/sniproxy -f -c /opt/hiddify-config/sniproxy/sniproxy.conf
             ├─101416 /usr/sbin/sniproxy -f -c /opt/hiddify-config/sniproxy/sniproxy.conf
     CGroup: /system.slice/hiddify-sniproxy.service
        CPU: 66ms
     Memory: 3.4M
      Tasks: 2 (limit: 4538)
   Main PID: 101416 (sniproxy)
             file:///usr/share/doc/sniproxy/
       Docs: man:sniproxy(8)
     Active: active (running) since Mon 2023-02-13 00:23:01 +0330; 2s ago
     Loaded: loaded (/etc/systemd/system/hiddify-sniproxy.service; enabled; vendor preset: enabled)
● hiddify-sniproxy.service - HTTPS SNI Proxy

Feb 13 00:23:01 Helsinki systemd[1]: Started Xray Service.

             └─101542 /usr/local/bin/xray run -confdir /opt/hiddify-config/xray/configs/
     CGroup: /system.slice/hiddify-xray.service
        CPU: 482ms
     Memory: 37.4M
      Tasks: 10 (limit: 4538)
   Main PID: 101542 (xray)
       Docs: https://github.com/xtls
     Active: active (running) since Mon 2023-02-13 00:23:01 +0330; 1s ago
     Loaded: loaded (/etc/systemd/system/hiddify-xray.service; enabled; vendor preset: enabled)
● hiddify-xray.service - Xray Service

Feb 13 00:23:01 Helsinki systemd[1]: Started A high performance web server and a reverse proxy server.
Feb 13 00:23:01 Helsinki systemd[1]: Starting A high performance web server and a reverse proxy server...

             └─101410 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
             ├─101409 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
             ├─101408 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
             ├─101407 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
     CGroup: /system.slice/nginx.service
        CPU: 45ms
     Memory: 5.6M
      Tasks: 4 (limit: 4538)
   Main PID: 101407 (nginx)
       Docs: man:nginx(8)
     Active: active (running) since Mon 2023-02-13 00:23:01 +0330; 2s ago
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
● nginx.service - A high performance web server and a reverse proxy server


Failed to disable unit: Unit file trojan-go.service does not exist.
Failed to kill unit trojan-go.service: Unit trojan-go.service not loaded.
===========================================================
===uninstall.sh deprecated/trojan-go
===========================================================
Removed /etc/systemd/system/multi-user.target.wants/netdata.service.
Executing: /lib/systemd/systemd-sysv-install disable netdata
Synchronizing state of netdata.service with SysV service script with /lib/systemd/systemd-sysv-install.
===========================================================
===uninstall.sh other/netdata
===========================================================
   ...done.
 * Reloading configuration files for periodic command scheduler cron
Failed to disable unit: Unit file hiddify_monitoring_web.service does not exist.
Failed to kill unit hiddify_monitoring_web.service: Unit hiddify_monitoring_web.service not loaded.
===========================================================
===uninstall.sh deprecated/monitoring
===========================================================
Failed to disable unit: Unit file v2ray.service does not exist.
Failed to kill unit v2ray.service: Unit v2ray.service not loaded.
===========================================================
===uninstall.sh deprecated/vmess
===========================================================
environment: line 146: popd: directory stack empty
environment: line 136: pushd: other/shadowtls: No such file or directory
Failed to disable unit: Unit file ss-faketls.service does not exist.
Removed /etc/systemd/system/ss-v2ray.service.
Removed /etc/systemd/system/multi-user.target.wants/ss-v2ray.service.
Failed to kill unit ss-faketls.service: Unit ss-faketls.service not loaded.
===========================================================
===uninstall.sh other/ssfaketls
===========================================================
Failed to disable unit: Unit file mtproto-proxy.service does not exist.
Failed to kill unit mtproto-proxy.service: Unit mtproto-proxy.service not loaded.
Removed /etc/systemd/system/mtproxy.service.
Removed /etc/systemd/system/multi-user.target.wants/mtproxy.service.
===========================================================
===uninstall.sh other/telegram
===========================================================
Feb 13 00:23:01 Helsinki systemd[1]: Started Xray Service.

             └─101542 /usr/local/bin/xray run -confdir /opt/hiddify-config/xray/configs/
     CGroup: /system.slice/hiddify-xray.service
        CPU: 5ms
     Memory: 2.0M
      Tasks: 6 (limit: 4538)
   Main PID: 101542 (xray)
       Docs: https://github.com/xtls
     Active: active (running) since Mon 2023-02-13 00:23:01 +0330; 7ms ago
     Loaded: loaded (/etc/systemd/system/hiddify-xray.service; enabled; vendor preset: enabled)
● hiddify-xray.service - Xray Service
{"ocspStapling": 3600, "certificateFile": "/opt/hiddify-config/ssl/سانسور.crt", "keyFile": "/opt/hiddify-config/ssl/سانسور.key"},{"ocspStapling": 3600, "certificateFile": "/opt/hiddify-config/ssl/سانسور.crt", "keyFile": "/opt/hiddify-config/ssl/سانسور.key"}
سانسور : آدرس دامنه روی CDN بدون ابر فعال (مستقیم)
سانسور : آدرس دامنه با CDN
===========================================================
===run.sh xray
===========================================================
Feb 13 00:23:01 Helsinki systemd[1]: Started HTTPS SNI Proxy.

             └─101418 /usr/sbin/sniproxy -f -c /opt/hiddify-config/sniproxy/sniproxy.conf
             ├─101416 /usr/sbin/sniproxy -f -c /opt/hiddify-config/sniproxy/sniproxy.conf
     CGroup: /system.slice/hiddify-sniproxy.service
        CPU: 2ms
     Memory: 400.0K
      Tasks: 2 (limit: 4538)
   Main PID: 101416 (sniproxy)
             file:///usr/share/doc/sniproxy/
       Docs: man:sniproxy(8)
     Active: active (running) since Mon 2023-02-13 00:23:01 +0330; 5ms ago
     Loaded: loaded (/etc/systemd/system/hiddify-sniproxy.service; enabled; vendor preset: enabled)
● hiddify-sniproxy.service - HTTPS SNI Proxy
Warning: The unit file, source configuration file or drop-ins of hiddify-sniproxy.service changed on disk. Run 'systemctl daemon-reload' to reload units.
Warning: The unit file, source configuration file or drop-ins of hiddify-sniproxy.service changed on disk. Run 'systemctl daemon-reload' to reload units.
===========================================================
===run.sh sniproxy
===========================================================
===========================================================
===run.sh nginx
===========================================================
[Mon Feb 13 12:23:01 AM +0330 2023] Reload success
Warning: The unit file, source configuration file or drop-ins of hiddify-xray.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[Mon Feb 13 12:23:01 AM +0330 2023] Run reload cmd: systemctl restart hiddify-xray
[Mon Feb 13 12:23:01 AM +0330 2023] Installing full chain to: ../ssl/سانسور.crt
[Mon Feb 13 12:23:01 AM +0330 2023] Installing key to: ../ssl/سانسور.key
[Mon Feb 13 12:23:01 AM +0330 2023] The domain 'سانسور' seems to have a ECC cert already, lets use ecc cert.
[Mon Feb 13 12:23:01 AM +0330 2023] Add '--force' to force to renew.
[Mon Feb 13 12:23:01 AM +0330 2023] Skip, Next renewal time is: 2023-04-10T16:06:47Z
[Mon Feb 13 12:23:01 AM +0330 2023] Domains not changed.
resolving domain سانسور -> IP= سانسور ServerIP-> سانسور
[Mon Feb 13 12:23:00 AM +0330 2023] Reload success
Warning: The unit file, source configuration file or drop-ins of hiddify-xray.service changed on disk. Run 'systemctl daemon-reload' to reload units.
[Mon Feb 13 12:23:00 AM +0330 2023] Run reload cmd: systemctl restart hiddify-xray
[Mon Feb 13 12:23:00 AM +0330 2023] Installing full chain to: ../ssl/سانسور.crt
[Mon Feb 13 12:23:00 AM +0330 2023] Installing key to: ../ssl/سانسور.key
[Mon Feb 13 12:23:00 AM +0330 2023] The domain 'سانسور' seems to have a ECC cert already, lets use ecc cert.
[Mon Feb 13 12:23:00 AM +0330 2023] Add '--force' to force to renew.
[Mon Feb 13 12:23:00 AM +0330 2023] Skip, Next renewal time is: 2023-04-10T16:08:41Z
[Mon Feb 13 12:23:00 AM +0330 2023] Domains not changed.
maybe it is an error! make sure that it is correct
سانسور ServerIP-> سانسور
resolving domain سانسور -> IP= سانسور
[Mon Feb 13 12:23:00 AM +0330 2023] ACCOUNT_THUMBPRINT='سانسور'
[Mon Feb 13 12:23:00 AM +0330 2023] Already registered
[Mon Feb 13 12:22:58 AM +0330 2023] Registering account: https://acme.zerossl.com/v2/DV90
===========================================================
===run.sh acme.sh
===========================================================
   ...done.
 * Reloading configuration files for periodic command scheduler cron
ACCEPT  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0   tcp dpt:22
ACCEPT  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0   tcp dpt:80
ACCEPT  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0   udp dpt:53
ACCEPT  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0   tcp dpt:443
ACCEPT  all opt -- in lo out *  0.0.0.0/0  -> 0.0.0.0/0  
ACCEPT  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0   state RELATED,ESTABLISHED
===========================================================
===run.sh common
===========================================================
USER_SECRET=سانسور;
MAIN_DOMAIN=سانسور;
SERVER_IPv6=سانسور
SERVER_IP=سانسور
ONLY_IPV4=false
BLOCK_IR_SITES=true
ENABLE_SPEED_TEST=false
ENABLE_TROJAN_GO=false
ENABLE_AUTO_UPDATE=true
ALLOW_ALL_SNI_TO_USE_PROXY=true
ENABLE_HTTP_PROXY=
ENABLE_NETDATA=false
ENABLE_FIREWALL=false
ENABLE_MONITORING=false
ENABLE_VMESS=false
SSR_FAKEDOMAIN=
ENABLE_SSR=
FAKE_CDN_DOMAIN=
SHADOWTLS_FAKEDOMAIN=
ENABLE_SHADOW_TLS=
TELEGRAM_AD_TAG=
TELEGRAM_FAKE_TLS_DOMAIN=www.wikipedia.org
ENABLE_TELEGRAM=false
SHARED_SECRET=سانسور
DECOY_DOMAIN=www.helsinki.fi
SS_FAKE_TLS_DOMAIN=fa.wikipedia.org
ENABLE_SS=false
ENABLE_V2RAY=false
ADMIN_SECRET=سانسور
TELEGRAM_LIB=python
BASE_PROXY_PATH=سانسور
TELEGRAM_USER_SECRET=سانسور
FIRST_SETUP=false
GITHUB_BRANCH_OR_TAG=main
GITHUB_REPOSITORY=hiddify-config
GITHUB_USER=hiddify

  users_000000000001_uuid=سانسور
  users_000000000001_usage_limit_GB=100000
  users_000000000001_name=سانسور
  users_000000000001_monthly=false
  users_000000000001_last_reset_time=2023-02-10
  users_000000000001_id=2
  users_000000000001_expiry_time=2024-08-10
  users_000000000001_current_usage_GB=0
  users_000000000000_uuid=سانسور
  users_000000000000_usage_limit_GB=9000
  users_000000000000_name=default
  users_000000000000_monthly=false
  users_000000000000_last_reset_time=2023-02-10
  users_000000000000_id=1
  users_000000000000_expiry_time=2029-02-10
  users_000000000000_current_usage_GB=0
  hconfigs_vmess_enable=false
  hconfigs_v2ray_enable=false
  hconfigs_tls_ports=443
  hconfigs_telegram_lib=python
  hconfigs_telegram_fakedomain=www.wikipedia.org
  hconfigs_telegram_enable=false
  hconfigs_telegram_adtag=
  hconfigs_ssfaketls_fakedomain=fa.wikipedia.org
  hconfigs_ssfaketls_enable=false
  hconfigs_speed_test=false
  hconfigs_shared_secret=سانسور
  hconfigs_proxy_path=سانسور
  hconfigs_only_ipv4=false
  hconfigs_netdata=false
  hconfigs_lang=en
  hconfigs_http_proxy_enable=false
  hconfigs_http_ports=80
  hconfigs_first_setup=false
  hconfigs_firewall=false
  hconfigs_domain_fronting_tls_enable=true
  hconfigs_domain_fronting_http_enable=false
  hconfigs_domain_fronting_domain=account.tamin.ir
  hconfigs_decoy_domain=www.helsinki.fi
  hconfigs_db_version=8
  hconfigs_branding_title=
  hconfigs_branding_site=
  hconfigs_branding_freetext=
  hconfigs_block_iran_sites=true
  hconfigs_auto_update=true
  hconfigs_allow_invalid_sni=true
  hconfigs_admin_secret=سانسور
  hconfigs_admin_lang=en
  domains_000000000001_mode=cdn
  domains_000000000001_id=2
  domains_000000000001_domain=سانسور
  domains_000000000001_cdn_ip=null
  domains_000000000000_mode=direct
  domains_000000000000_id=1
  domains_000000000000_domain=سانسور
  domains_000000000000_cdn_ip=null
@ Line 17 environment:
   ...done.
 * Reloading configuration files for periodic command scheduler cron
Current DB version is 8
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
/usr/bin/gunicorn
/usr/bin/pip
Failed to disable unit: Unit file hiddify-admin.service does not exist.
Failed to kill unit hiddify-admin.service: Unit hiddify-admin.service not loaded.
===========================================================
===install.sh hiddify-panel
===========================================================

کسی نظری داره؟
@parsatavafi parsatavafi changed the title مشکل با تنظیمات CDN (هم کلود فلر و هم آروان) مشکل با تنظیمات شبکه توزیع محتوا - سی دی اِن (هم کلود فلر و هم آروان) Feb 12, 2023
@hiddify-com
Copy link
Collaborator

به نظر دامنه یا آی پی روی ssl فیلتر شده

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hiddify-com @parsatavafi