moecat

moecat

摸鱼大师
HomeArchives

Quick Start Guide for rsshub

#rsshub#compose#docker#safeline434
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This article provides instructions on how to set up a server using Debian 12 and Cloudflare. It explains how to register a Cloudflare account, add a domain to the control panel, change the domain's NS to Cloudflare, install Cloudflare zero trust tunnel, install Docker, and configure a Docker-compose file. It also suggests advanced techniques such as using a local WAF and enabling HTTPS and HTTP2 for increased security.

No need for a public IP, no need to manually manage certificate updates. The server used in this article is debian12.

  1. Register a cloudflare account
    Add your domain in the control panel, add site.

image
Happy to choose the free option 😎 cloudflare is awesome.

  1. Change the domain NS to cloudflare
    Follow the tutorial, here is a brief explanation...

  2. Install cloudflare zero trust tunnel
    https://one.dash.cloudflare.com/

image

Select Access->Tunnels in order
Follow the documentation for installation

  1. After installation, select Public Hostname->Add your own domain
    Here is an example, add your own subdomain

image

Include the complete subdomain in the Http Header

  1. Install docker
    Using apt (debian based)

    For other platforms, please refer to
    https://www.docker.com/products/docker-desktop/

  2. Write docker-compose file
    Create a new folder named rsshub, open it, and create docker-compose.yml
    Change ACCESS_KEY

Save, then run docker compose up -d
The service is now running, open your domain, and the rsshub default page should be displayed.

image

Deployment is complete, when using your own subscription source in the future, use https://${your_domain}/${subscription_path}?key=your_ACCESS_KEY

Advanced gameplay:

Add an additional layer of local WAF using Thunder Trench

  1. Uninstall nginx/apache/caddy on your local machine to free up ports 80 and 443
  2. Install Thunder Trench

Thunder Trench management page
https://localhost:9443/
Map SSH to server 9443 to open it normally

image

  1. Add the domain on port 80 in Thunder Trench, reverse proxy

image

Change the port in Tunnels to 80
image

  1. Add a certificate in Thunder Trench

Thunder Trench general configuration->Certificate management
image

  1. Add port 443 in Thunder Trench
    Use the certificate
    Change the port in Tunnels to 443

image

image

Now you can use https to open the rsshub page, and the traffic passing through your server is cleaned, making it more secure.

After confirming that https is working fine, enable http2 and force https

image
Remember to set the Thunder Trench source IP acquisition method to obtain from HttpHeader, fill in X-Forwarded-For

Enable http2 in the tunnel settings

image

Now the settings are complete, because Thunder Trench comes with statistics and protection, you can have a better understanding of the site's operational status and whether it is being abused.

image

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.