引言#

至今我仍在维护一个Github全站反代的服务，就是 https://gh.072103.xyz/afoim 。也跟大家谈过原理。最近弄到了一个免费的VPS，就想着将Cloudflare Worker的反代移植到VPS上来

正式开始#

VPS安装Golang运行时

1
apt install golang

创建一个文件夹。放置 main.go 源码如下

1
package main
2

3
import (
4
  "fmt"
5
  "io"
6
  "log"
7
  "net/http"
8
  "net/url"
9
  "regexp"
10
  "strings"
11
  "time"
12
)
13

14
// 域名映射配置
15
var domainMappings = map[string]string{
16
  "github.com":                    "gh.",
17
  "avatars.githubusercontent.com": "avatars-githubusercontent-com.",
18
  "github.githubassets.com":       "github-githubassets-com.",
19
  "collector.github.com":          "collector-github-com.",
20
  "api.github.com":                "api-github-com.",
21
  "raw.githubusercontent.com":     "raw-githubusercontent-com.",
22
  "gist.githubusercontent.com":    "gist-githubusercontent-com.",
23
  "github.io":                     "github-io.",
24
  "assets-cdn.github.com":         "assets-cdn-github-com.",
25
  "cdn.jsdelivr.net":              "cdn.jsdelivr-net.",
26
  "securitylab.github.com":        "securitylab-github-com.",
27
  "www.githubstatus.com":          "www-githubstatus-com.",
28
  "npmjs.com":                     "npmjs-com.",
29
  "git-lfs.github.com":            "git-lfs-github-com.",
30
  "githubusercontent.com":         "githubusercontent-com.",
31
  "github.global.ssl.fastly.net":  "github-global-ssl-fastly-net.",
32
  "api.npms.io":                   "api-npms-io.",
33
  "github.community":              "github-community.",
34
}
35

36
// 需要重定向的路径
37
var redirectPaths = []string{"/", "/login", "/signup", "/copilot"}
38

39
// 检查路径是否需要重定向
40
func shouldRedirect(path string) bool {
41
  for _, p := range redirectPaths {
42
    if path == p {
43
      return true
44
    }
45
  }
46
  return false
47
}
48

49
// 获取代理前缀
50
func getProxyPrefix(host string) string {
51
  if strings.HasPrefix(host, "gh.") {
52
    return "gh."
53
  }
54

55
  for _, prefix := range domainMappings {
56
    if strings.HasPrefix(host, prefix) {
57
      return prefix
58
    }
59
  }
60

61
  return ""
62
}
63

64
// 根据前缀获取目标域名
65
func getTargetHost(prefix string) string {
66
  for original, p := range domainMappings {
67
    if p == prefix {
68
      return original
69
    }
70
  }
71
  return ""
72
}
73

74
// 处理响应内容，替换域名引用
75
func modifyResponse(body []byte, contentType, hostPrefix, currentHostname string) []byte {
76
  // 只处理文本内容
77
  if !strings.Contains(contentType, "text/") &&
78
    !strings.Contains(contentType, "application/json") &&
79
    !strings.Contains(contentType, "application/javascript") &&
80
    !strings.Contains(contentType, "application/xml") {
81
    return body
82
  }
83

84
  text := string(body)
85

86
  // 获取当前域名的后缀部分
87
  domainSuffix := currentHostname[len(hostPrefix):]
88

89
  // 替换所有域名引用
90
  for originalDomain, proxyPrefix := range domainMappings {
91
    fullProxyDomain := proxyPrefix + domainSuffix
92

93
    // 替换完整URLs - 使用简单的字符串替换
94
    text = strings.ReplaceAll(text, "https://"+originalDomain, "https://"+fullProxyDomain)
95
    text = strings.ReplaceAll(text, "http://"+originalDomain, "https://"+fullProxyDomain)
96

97
    // 替换协议相对URLs
98
    text = strings.ReplaceAll(text, "//"+originalDomain, "//"+fullProxyDomain)
99

100
    // 替换带引号的域名引用
101
    text = strings.ReplaceAll(text, `"`+originalDomain+`"`, `"`+fullProxyDomain+`"`)
102
    text = strings.ReplaceAll(text, `'`+originalDomain+`'`, `'`+fullProxyDomain+`'`)
103
  }
104

105
  // 处理相对路径 - 使用简单的字符串替换
106
  if hostPrefix == "gh." {
107
    // 替换引号内的相对路径
108
    text = strings.ReplaceAll(text, `"/`, `"https://`+currentHostname+`/`)
109
    text = strings.ReplaceAll(text, `'/`, `'https://`+currentHostname+`/`)
110
  }
111

112
  return []byte(text)
113
}
114

115
// 处理请求
116
func handleRequest(w http.ResponseWriter, r *http.Request) {
117
  currentHost := r.Host
118

119
  // 检查特殊路径重定向
120
  if shouldRedirect(r.URL.Path) {
121
    http.Redirect(w, r, "https://www.gov.cn", http.StatusFound)
122
    return
123
  }
124

125
  // 从当前主机名中提取前缀
126
  hostPrefix := getProxyPrefix(currentHost)
127
  if hostPrefix == "" {
128
    http.Error(w, "Domain not configured for proxy", http.StatusNotFound)
129
    return
130
  }
131

132
  // 根据前缀找到对应的原始域名
133
  targetHost := getTargetHost(hostPrefix)
134
  if targetHost == "" {
135
    http.Error(w, "Domain not configured for proxy", http.StatusNotFound)
136
    return
137
  }
138

139
  // 处理路径，修复嵌套URL问题
140
  pathname := r.URL.Path
141

142
  // 修复特定的嵌套URL模式
143
  // 处理 URL 编码的嵌套路径
144
  re1 := regexp.MustCompile(`(/[^/]+/[^/]+/(?:latest-commit|tree-commit-info)/[^/]+)/https%3A//[^/]+.*`)
145
  pathname = re1.ReplaceAllString(pathname, "$1")
146

147
  // 处理未编码的嵌套路径
148
  re2 := regexp.MustCompile(`(/[^/]+/[^/]+/(?:latest-commit|tree-commit-info)/[^/]+)/https://[^/]+.*`)
149
  pathname = re2.ReplaceAllString(pathname, "$1")
150

151
  // 处理简化的嵌套路径（如 /main/https:/domain/）
152
  re3 := regexp.MustCompile(`(/[^/]+/[^/]+/(?:latest-commit|tree-commit-info)/[^/]+)/https:/[^/]+.*`)
153
  pathname = re3.ReplaceAllString(pathname, "$1")
154

155
  // 构建目标URL
156
  targetURL := &url.URL{
157
    Scheme:   "https",
158
    Host:     targetHost,
159
    Path:     pathname,
160
    RawQuery: r.URL.RawQuery,
161
  }
162

163
  // 创建新的请求
164
  req, err := http.NewRequest(r.Method, targetURL.String(), r.Body)
165
  if err != nil {
166
    http.Error(w, fmt.Sprintf("Failed to create request: %v", err), http.StatusInternalServerError)
167
    return
168
  }
169

170
  // 复制请求头
171
  for key, values := range r.Header {
172
    for _, value := range values {
173
      req.Header.Add(key, value)
174
    }
175
  }
176

177
  // 设置必要的请求头
178
  req.Header.Set("Host", targetHost)
179
  req.Header.Set("Referer", targetURL.String())
180
  // 禁用压缩以避免编码问题
181
  req.Header.Set("Accept-Encoding", "identity")
182

183
  // 创建HTTP客户端
184
  client := &http.Client{
185
    Timeout: 30 * time.Second,
186
  }
187

188
  // 发起请求
189
  resp, err := client.Do(req)
190
  if err != nil {
191
    http.Error(w, fmt.Sprintf("Proxy Error: %v", err), http.StatusBadGateway)
192
    return
193
  }
194
  defer resp.Body.Close()
195

196
  // 读取响应体
197
  body, err := io.ReadAll(resp.Body)
198
  if err != nil {
199
    http.Error(w, fmt.Sprintf("Failed to read response: %v", err), http.StatusInternalServerError)
200
    return
201
  }
202

203
  // 处理响应内容
204
  contentType := resp.Header.Get("Content-Type")
205
  modifiedBody := modifyResponse(body, contentType, hostPrefix, currentHost)
206

207
  // 设置响应头（排除压缩相关头部）
208
  for key, values := range resp.Header {
209
    // 跳过压缩相关的头部，因为Go已经自动解压缩了内容
210
    if key == "Content-Encoding" || key == "Content-Length" {
211
      continue
212
    }
213
    for _, value := range values {
214
      w.Header().Add(key, value)
215
    }
216
  }
217

218
  // 设置CORS和缓存头
219
  w.Header().Set("Access-Control-Allow-Origin", "*")
220
  w.Header().Set("Access-Control-Allow-Credentials", "true")
221
  w.Header().Set("Cache-Control", "public, max-age=14400")
222
  w.Header().Del("Content-Security-Policy")
223
  w.Header().Del("Content-Security-Policy-Report-Only")
224
  w.Header().Del("Clear-Site-Data")
225

226
  // 设置正确的Content-Length
227
  w.Header().Set("Content-Length", fmt.Sprintf("%d", len(modifiedBody)))
228

229
  // 设置状态码
230
  w.WriteHeader(resp.StatusCode)
231

232
  // 写入响应
233
  w.Write(modifiedBody)
234
}
235

236
func main() {
237
  // 创建路由处理器
238
  http.HandleFunc("/", handleRequest)
239

240
  // 启动服务器
241
  port := ":8080"
242
  log.Printf("GitHub代理服务器启动在端口 %s", port)
243
  log.Printf("请确保你的域名已正确配置并指向此服务器")
244

245
  if err := http.ListenAndServe(port, nil); err != nil {
246
    log.Fatal("服务器启动失败:", err)
247
  }
248
}

继续放置 go.mod 。源码如下

1
module github-proxy
2

3
go 1.19

运行。默认跑在8080端口

1
go run .

输出以下日志即成功

1
root@localhost:~/go_proxy# go run .
2
2025/06/20 23:13:17 GitHub代理服务器启动在端口 :8080
3
2025/06/20 23:13:17 请确保你的域名已正确配置并指向此服务器

使用Nginx或者OpenResty反向代理 localhost:8080 。配置域名，格式为 gh.你的域名 。我的配置如下

签发泛域名证书并且部署，配置完毕后如下

访问，现在你通过自己的域名+VPS代理访问Github。国内直连，无需梯子