This is an up-to-date guide on running Chromium in Vercel serverless functions in 2022. What you will read below is the result of two days of research, debugging, 100+ failed deployments, and a little bit of stress.
Use chrome-aws-lambda that comes with Chromium pre-configured to run in serverless, and puppeteer-core due to the smaller size of Chromium distributive.
pip3 install -r requirements.txt to install dependenciesfollowers_clear.py and follow instructions.Consumer keys can be found here. Use these keys instead of applying yourself can get rid of rate limit.
| [General] | |
| skip-proxy = 127.0.0.1, 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10, localhost, *.local, ::ffff:0:0:0:0/1, ::ffff:128:0:0:0/1 | |
| bypass-tun = 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12 | |
| # dns-server = 119.29.29.29, 223.5.5.5, 114.114.114.114 | |
| loglevel = notify | |
| [Proxy] | |
| BJ-All = custom | |
| BJ-HK-Azure = custom | |
| BJ-US-Azure = custom |
| server { | |
| listen 80; | |
| server_name *.cn *.org *.com *.jp *.hk *.io *.info ""; | |
| client_body_timeout 60000; | |
| client_max_body_size 1024m; | |
| send_timeout 60000; | |
| client_header_buffer_size 16k; | |
| large_client_header_buffers 4 64k; |
| #! /bin/sh | |
| #! /usr/bin/expect -f | |
| certtool --generate-privkey --outfile $1-key.pem | |
| sed -i "1ccn = "${1}"" client.tmpl | |
| sed -i "3cemail = ${1}@abc.org" client.tmpl | |
| certtool --generate-certificate --load-privkey $1-key.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem --template client.tmpl --outfile $1-cert.pem | |
| openssl pkcs12 -export -inkey $1-key.pem -in $1-cert.pem -name "$1 VPN Client Cert" -certfile ca-cert.pem -out $1.cert.p12 |
| good, 你已经有了一个自己的shadowsocks代理了,现在想要把这个代理公布出去给所有人分享。 | |
| 但是没有两个小时,代理就没法使用了,为什么?因为你需要额外注意以下事项(以下步骤需要比较高的linux技能) | |
| 本文只关注于确保shadowsocks服务还“活着”,如果你希望让其跑得更快,请参考 | |
| https://github.com/clowwindy/shadowsocks/wiki/Optimizing-Shadowsocks | |
| 1、 shadowsocks的timeout设置 | |
| 超时时间越长,连接被保持得也就越长,导致并发的tcp的连接数也就越多。对于公共代理,这个值应该调整得小一些。推荐60秒。 | |
| 2、 检查操作系统的各种限制 | |
| 对于openvz的vps,特别需要检查一下 |
| var fs = require('fs'); | |
| var iconv = require('iconv-lite'); | |
| // 这里是utf8 | |
| var str = '坑爹啊,都是国际项目了,编码居然还用gbk'; | |
| console.log(new Buffer(str).length); | |
| // 转换成gbk | |
| var encoded = iconv.encode(str, 'gbk'); |
| // Generated on 2013-10-08 using generator-angular 0.4.0 | |
| 'use strict'; | |
| var LIVERELOAD_PORT = 35729; | |
| var lrSnippet = require('connect-livereload')({ port: LIVERELOAD_PORT }); | |
| var mountFolder = function (connect, dir) { | |
| return connect.static(require('path').resolve(dir)); | |
| }; | |
| // # Globbing | |
| // for performance reasons we're only matching one level down: |
Two ways to do it, but only worked for me so I'll put it first and the second for reference:
$ openssl pkcs12 -export -in hostname.crt -inkey hostname.key -out hostname.p12
$ openssl pkcs12 -in hostname.p12 -nodes -out hostname.pem
Other options for this method in comments below:
# Note, the -certfile root.crt appends all CA certs to the export, I've never needed these so it's optional for my personal steps
$ openssl pkcs12 -export -in hostname.crt -inkey hostname.key -certfile root.crt -out hostname.p12