forked from fatedier/frp
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
rename example configuration file name (fatedier#3721)
- Loading branch information
Showing
7 changed files
with
527 additions
and
513 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,361 +1,9 @@ | ||
# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues. | ||
|
||
# your proxy name will be changed to {user}.{proxy} | ||
user = "your_name" | ||
|
||
# A literal address or host name for IPv6 must be enclosed | ||
# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" | ||
# For single serverAddr field, no need square brackets, like serverAddr = "::". | ||
serverAddr = "0.0.0.0" | ||
serverAddr = "127.0.0.1" | ||
serverPort = 7000 | ||
|
||
# STUN server to help penetrate NAT hole. | ||
# natHoleStunServer = "stun.easyvoip.com:3478" | ||
|
||
# Decide if exit program when first login failed, otherwise continuous relogin to frps | ||
# default is true | ||
loginFailExit = true | ||
|
||
# console or real logFile path like ./frpc.log | ||
log.to = "./frpc.log" | ||
# trace, debug, info, warn, error | ||
log.level = "info" | ||
log.maxDays = 3 | ||
# disable log colors when log.to is console, default is false | ||
log.disablePrintColor = false | ||
|
||
auth.method = "token" | ||
# auth.additionalScopes specifies additional scopes to include authentication information. | ||
# Optional values are HeartBeats, NewWorkConns. | ||
# auth.additionalScopes = ["HeartBeats", "NewWorkConns"] | ||
|
||
# auth token | ||
auth.token = "12345678" | ||
|
||
# oidc.clientID specifies the client ID to use to get a token in OIDC authentication. | ||
# auth.oidc.clientID = "" | ||
# oidc.clientSecret specifies the client secret to use to get a token in OIDC authentication. | ||
# auth.oidc.clientSecret = "" | ||
# oidc.audience specifies the audience of the token in OIDC authentication. | ||
# auth.oidc.audience = "" | ||
# oidc.scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". | ||
# auth.oidc.scope = "" | ||
# oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint. | ||
# It will be used to get an OIDC token. | ||
# auth.oidc.tokenEndpointURL = "" | ||
|
||
# oidc.additionalEndpointParams specifies additional parameters to be sent to the OIDC Token Endpoint. | ||
# For example, if you want to specify the "audience" parameter, you can set as follow. | ||
# frp will add "audience=<value>" "var1=<value>" to the additional parameters. | ||
# auth.oidc.additionalEndpointParams.audience = "https://dev.auth.com/api/v2/" | ||
# auth.oidc.additionalEndpointParams.var1 = "foobar" | ||
|
||
# Set admin address for control frpc's action by http api such as reload | ||
webServer.addr = "127.0.0.1" | ||
webServer.port = 7400 | ||
webServer.user = "admin" | ||
webServer.password = "admin" | ||
# Admin assets directory. By default, these assets are bundled with frpc. | ||
# webServer.assetsDir = "./static" | ||
|
||
# Enable golang pprof handlers in admin listener. | ||
webServer.pprofEnable = false | ||
|
||
# The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds. | ||
# transport.dialServerTimeout = 10 | ||
|
||
# dialServerKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. | ||
# If negative, keep-alive probes are disabled. | ||
# transport.dialServerKeepalive = 7200 | ||
|
||
# connections will be established in advance, default value is zero | ||
transport.poolCount = 5 | ||
|
||
# If tcp stream multiplexing is used, default is true, it must be same with frps | ||
# transport.tcpMux = true | ||
|
||
# Specify keep alive interval for tcp mux. | ||
# only valid if tcpMux is enabled. | ||
# transport.tcpMuxKeepaliveInterval = 60 | ||
|
||
# Communication protocol used to connect to server | ||
# supports tcp, kcp, quic, websocket and wss now, default is tcp | ||
transport.protocol = "tcp" | ||
|
||
# set client binding ip when connect server, default is empty. | ||
# only when protocol = tcp or websocket, the value will be used. | ||
transport.connectServerLocalIP = "0.0.0.0" | ||
|
||
# if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set proxyURL here or in global environment variables | ||
# it only works when protocol is tcp | ||
# transport.proxyURL = "http://user:[email protected]:8080" | ||
# transport.proxyURL = "socks5://user:[email protected]:1080" | ||
# transport.proxyURL = "ntlm://user:[email protected]:2080" | ||
|
||
# quic protocol options | ||
# transport.quic.keepalivePeriod = 10 | ||
# transport.quic.maxIdleTimeout = 30 | ||
# transport.quic.maxIncomingStreams = 100000 | ||
|
||
# If tls.enable is true, frpc will connect frps by tls. | ||
# Since v0.50.0, the default value has been changed to true, and tls is enabled by default. | ||
transport.tls.enable = true | ||
|
||
# transport.tls.certFile = "client.crt" | ||
# transport.tls.keyFile = "client.key" | ||
# transport.tls.trustedCaFile = "ca.crt" | ||
# transport.tls.serverName = "example.com" | ||
|
||
# If the disableCustomTLSFirstByte is set to false, frpc will establish a connection with frps using the | ||
# first custom byte when tls is enabled. | ||
# Since v0.50.0, the default value has been changed to true, and the first custom byte is disabled by default. | ||
# transport.tls.disableCustomTLSFirstByte = true | ||
|
||
# Heartbeat configure, it's not recommended to modify the default value. | ||
# The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value | ||
# to disable it. | ||
# transport.heartbeatInterval = 30 | ||
# transport.heartbeatTimeout = 90 | ||
|
||
# Specify a dns server, so frpc will use this instead of default one | ||
# dnsServer = "8.8.8.8" | ||
|
||
# Proxy names you want to start. | ||
# Default is empty, means all proxies. | ||
# start = ["ssh", "dns"] | ||
|
||
# Specify udp packet size, unit is byte. If not set, the default value is 1500. | ||
# This parameter should be same between client and server. | ||
# It affects the udp and sudp proxy. | ||
udpPacketSize = 1500 | ||
|
||
# Additional metadatas for client. | ||
metadatas.var1 = "abc" | ||
metadatas.var2 = "123" | ||
|
||
# Include other config files for proxies. | ||
# includes = ["./confd/*.ini"] | ||
|
||
[[proxies]] | ||
# 'ssh' is the unique proxy name | ||
# If global user is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh' | ||
name = "ssh" | ||
type = "tcp" | ||
localIP = "127.0.0.1" | ||
localPort = 22 | ||
# Limit bandwidth for this proxy, unit is KB and MB | ||
transport.bandwidthLimit = "1MB" | ||
# Where to limit bandwidth, can be 'client' or 'server', default is 'client' | ||
transport.bandwidthLimitMode = "client" | ||
# If true, traffic of this proxy will be encrypted, default is false | ||
transport.useEncryption = false | ||
# If true, traffic will be compressed | ||
transport.useCompression = false | ||
# Remote port listen by frps | ||
remotePort = 6001 | ||
# frps will load balancing connections for proxies in same group | ||
loadBalancer.group = "test_group" | ||
# group should have same group key | ||
loadBalancer.groupKey = "123456" | ||
# Enable health check for the backend service, it supports 'tcp' and 'http' now. | ||
# frpc will connect local service's port to detect it's healthy status | ||
healthCheck.type = "tcp" | ||
# Health check connection timeout | ||
healthCheck.timeoutSeconds = 3 | ||
# If continuous failed in 3 times, the proxy will be removed from frps | ||
healthCheck.maxFailed = 3 | ||
# every 10 seconds will do a health check | ||
healthCheck.intervalSeconds = 10 | ||
# additional meta info for each proxy | ||
metadatas.var1 = "abc" | ||
metadatas.var2 = "123" | ||
|
||
[[proxies]] | ||
name = "ssh_random" | ||
type = "tcp" | ||
localIP = "192.168.31.100" | ||
localPort = 22 | ||
# If remotePort is 0, frps will assign a random port for you | ||
remotePort = 0 | ||
|
||
[[proxies]] | ||
name = "dns" | ||
type = "udp" | ||
localIP = "114.114.114.114" | ||
localPort = 53 | ||
remotePort = 6002 | ||
|
||
# Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02 | ||
[[proxies]] | ||
name = "web01" | ||
type = "http" | ||
localIP = "127.0.0.1" | ||
localPort = 80 | ||
# http username and password are safety certification for http protocol | ||
# if not set, you can access this customDomains without certification | ||
httpUser = "admin" | ||
httpPassword = "admin" | ||
# if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com | ||
subdomain = "web01" | ||
customDomains = ["web01.yourdomain.com"] | ||
# locations is only available for http type | ||
locations = ["/", "/pic"] | ||
# route requests to this service if http basic auto user is abc | ||
# routeByHTTPUser = abc | ||
hostHeaderRewrite = "example.com" | ||
requestHeaders.set.x-from-where = "frp" | ||
healthCheck.type = "http" | ||
# frpc will send a GET http request '/status' to local http service | ||
# http service is alive when it return 2xx http response code | ||
healthCheck.path = "/status" | ||
healthCheck.intervalSeconds = 10 | ||
healthCheck.maxFailed = 3 | ||
healthCheck.timeoutSeconds = 3 | ||
|
||
[[proxies]] | ||
name = "web02" | ||
type = "https" | ||
localIP = "127.0.0.1" | ||
localPort = 8000 | ||
subdomain = "web02" | ||
customDomains = ["web02.yourdomain.com"] | ||
# if not empty, frpc will use proxy protocol to transfer connection info to your local service | ||
# v1 or v2 or empty | ||
transport.proxyProtocolVersion = "v2" | ||
|
||
[[proxies]] | ||
name = "tcpmuxhttpconnect" | ||
type = "tcpmux" | ||
multiplexer = "httpconnect" | ||
localIP = "127.0.0.1" | ||
localPort = 10701 | ||
customDomains = ["tunnel1"] | ||
# routeByHTTPUser = "user1" | ||
|
||
[[proxies]] | ||
name = "plugin_unix_domain_socket" | ||
type = "tcp" | ||
remotePort = 6003 | ||
# if plugin is defined, localIP and localPort is useless | ||
# plugin will handle connections got from frps | ||
[proxies.plugin] | ||
type = "unix_domain_socket" | ||
unixPath = "/var/run/docker.sock" | ||
|
||
[[proxies]] | ||
name = "plugin_http_proxy" | ||
type = "tcp" | ||
remotePort = 6004 | ||
[proxies.plugin] | ||
type = "http_proxy" | ||
httpUser = "abc" | ||
httpPassword = "abc" | ||
|
||
[[proxies]] | ||
name = "plugin_socks5" | ||
name = "test-tcp" | ||
type = "tcp" | ||
remotePort = 6005 | ||
[proxies.plugin] | ||
type = "socks5" | ||
username = "abc" | ||
password = "abc" | ||
|
||
[[proxies]] | ||
name = "plugin_static_file" | ||
type = "tcp" | ||
remotePort = 6006 | ||
[proxies.plugin] | ||
type = "static_file" | ||
localPath = "/var/www/blog" | ||
stripPrefix = "static" | ||
httpUser = "abc" | ||
httpPassword = "abc" | ||
|
||
[[proxies]] | ||
name = "plugin_https2http" | ||
type = "https" | ||
customDomains = ["test.yourdomain.com"] | ||
[proxies.plugin] | ||
type = "https2http" | ||
localAddr = "127.0.0.1:80" | ||
crtPath = "./server.crt" | ||
keyPath = "./server.key" | ||
hostHeaderRewrite = "127.0.0.1" | ||
requestHeaders.set.x-from-where = "frp" | ||
|
||
[[proxies]] | ||
name = "plugin_https2https" | ||
type = "https" | ||
customDomains = ["test.yourdomain.com"] | ||
[proxies.plugin] | ||
type = "https2https" | ||
localAddr = "127.0.0.1:443" | ||
crtPath = "./server.crt" | ||
keyPath = "./server.key" | ||
hostHeaderRewrite = "127.0.0.1" | ||
requestHeaders.set.x-from-where = "frp" | ||
|
||
[[proxies]] | ||
name = "plugin_http2https" | ||
type = "http" | ||
customDomains = ["test.yourdomain.com"] | ||
[proxies.plugin] | ||
type = "http2https" | ||
localAddr = "127.0.0.1:443" | ||
hostHeaderRewrite = "127.0.0.1" | ||
requestHeaders.set.x-from-where = "frp" | ||
|
||
[[proxies]] | ||
name = "secret_tcp" | ||
# If the type is secret tcp, remotePort is useless | ||
# Who want to connect local port should deploy another frpc with stcp proxy and role is visitor | ||
type = "stcp" | ||
# secretKey is used for authentication for visitors | ||
secretKey = "abcdefg" | ||
localIP = "127.0.0.1" | ||
localPort = 22 | ||
# If not empty, only visitors from specified users can connect. | ||
# Otherwise, visitors from same user can connect. '*' means allow all users. | ||
allowUsers = ["*"] | ||
|
||
[[proxies]] | ||
name = "p2p_tcp" | ||
type = "xtcp" | ||
secretKey = "abcdefg" | ||
localIP = "127.0.0.1" | ||
localPort = 22 | ||
# If not empty, only visitors from specified users can connect. | ||
# Otherwise, visitors from same user can connect. '*' means allow all users. | ||
allowUsers = ["user1", "user2"] | ||
|
||
# frpc role visitor -> frps -> frpc role server | ||
[[visitors]] | ||
name = "secret_tcp_visitor" | ||
type = "stcp" | ||
# the server name you want to visitor | ||
serverName = "secret_tcp" | ||
secretKey = "abcdefg" | ||
# connect this address to visitor stcp server | ||
bindAddr = "127.0.0.1" | ||
# bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from | ||
# other visitors. (This is not supported for SUDP now) | ||
bindPort = 9000 | ||
|
||
[[visitors]] | ||
name = "p2p_tcp_visitor" | ||
type = "xtcp" | ||
# if the server user is not set, it defaults to the current user | ||
serverUser = "user1" | ||
serverName = "p2p_tcp" | ||
secretKey = "abcdefg" | ||
bindAddr = "127.0.0.1" | ||
# bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from | ||
# other visitors. (This is not supported for SUDP now) | ||
bindPort = 9001 | ||
# when automatic tunnel persistence is required, set it to true | ||
keepTunnelOpen = false | ||
# effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour | ||
maxRetriesAnHour = 8 | ||
minRetryInterval = 90 | ||
# fallbackTo = "stcp_visitor" | ||
# fallbackTimeoutMs = 500 | ||
remotePort = 6000 |
Oops, something went wrong.