From 048e805efb29b862833beee40c273faee0ea1815 Mon Sep 17 00:00:00 2001 From: white kong <36179789+androidmumo@users.noreply.github.com> Date: Wed, 18 Oct 2023 11:10:12 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E6=9B=B4=E6=94=B9frp=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=E6=96=87=E4=BB=B6=E4=B8=BAtoml=E6=A0=BC=E5=BC=8F=20(#496)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/frpc/0.52.1/data/frpc.ini | 9 - apps/frpc/0.52.1/data/frpc.toml | 9 + apps/frpc/0.52.1/data/frpc_full.ini | 365 --------------------------- apps/frpc/0.52.1/data/frpc_full.toml | 360 ++++++++++++++++++++++++++ apps/frpc/0.52.1/data/frps.ini | 2 - apps/frpc/0.52.1/data/frps_full.ini | 168 ------------ apps/frpc/0.52.1/docker-compose.yml | 2 +- apps/frps/0.52.1/data/frpc.ini | 9 - apps/frps/0.52.1/data/frpc_full.ini | 365 --------------------------- apps/frps/0.52.1/data/frps.ini | 2 - apps/frps/0.52.1/data/frps.toml | 1 + apps/frps/0.52.1/data/frps_full.ini | 168 ------------ apps/frps/0.52.1/data/frps_full.toml | 154 +++++++++++ apps/frps/0.52.1/docker-compose.yml | 2 +- 14 files changed, 526 insertions(+), 1090 deletions(-) delete mode 100644 apps/frpc/0.52.1/data/frpc.ini create mode 100644 apps/frpc/0.52.1/data/frpc.toml delete mode 100644 apps/frpc/0.52.1/data/frpc_full.ini create mode 100644 apps/frpc/0.52.1/data/frpc_full.toml delete mode 100644 apps/frpc/0.52.1/data/frps.ini delete mode 100644 apps/frpc/0.52.1/data/frps_full.ini delete mode 100644 apps/frps/0.52.1/data/frpc.ini delete mode 100644 apps/frps/0.52.1/data/frpc_full.ini delete mode 100644 apps/frps/0.52.1/data/frps.ini create mode 100644 apps/frps/0.52.1/data/frps.toml delete mode 100644 apps/frps/0.52.1/data/frps_full.ini create mode 100644 apps/frps/0.52.1/data/frps_full.toml diff --git a/apps/frpc/0.52.1/data/frpc.ini b/apps/frpc/0.52.1/data/frpc.ini deleted file mode 100644 index 13a8e5f6..00000000 --- a/apps/frpc/0.52.1/data/frpc.ini +++ /dev/null @@ -1,9 +0,0 @@ -[common] -server_addr = 127.0.0.1 -server_port = 7000 - -[ssh] -type = tcp -local_ip = 127.0.0.1 -local_port = 22 -remote_port = 6000 diff --git a/apps/frpc/0.52.1/data/frpc.toml b/apps/frpc/0.52.1/data/frpc.toml new file mode 100644 index 00000000..366bd33c --- /dev/null +++ b/apps/frpc/0.52.1/data/frpc.toml @@ -0,0 +1,9 @@ +serverAddr = "0.0.0.0" +serverPort = 7000 + +[[proxies]] +name = "ssh" +type = "tcp" +localIP = "127.0.0.1" +localPort = 22 +remotePort = 6001 diff --git a/apps/frpc/0.52.1/data/frpc_full.ini b/apps/frpc/0.52.1/data/frpc_full.ini deleted file mode 100644 index 29f6bcab..00000000 --- a/apps/frpc/0.52.1/data/frpc_full.ini +++ /dev/null @@ -1,365 +0,0 @@ -# [common] is integral section -[common] -# A literal address or host name for IPv6 must be enclosed -# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" -# For single "server_addr" field, no need square brackets, like "server_addr = ::". -server_addr = 0.0.0.0 -server_port = 7000 - -# The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds. -# dial_server_timeout = 10 - -# dial_server_keepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. -# If negative, keep-alive probes are disabled. -# dial_server_keepalive = 7200 - -# if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set http_proxy here or in global environment variables -# it only works when protocol is tcp -# http_proxy = http://user:passwd@192.168.1.128:8080 -# http_proxy = socks5://user:passwd@192.168.1.128:1080 -# http_proxy = ntlm://user:passwd@192.168.1.128:2080 - -# console or real logFile path like ./frpc.log -log_file = ./frpc.log - -# trace, debug, info, warn, error -log_level = info - -log_max_days = 3 - -# disable log colors when log_file is console, default is false -disable_log_color = false - -# for authentication, should be same as your frps.ini -# authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. -authenticate_heartbeats = false - -# authenticate_new_work_conns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. -authenticate_new_work_conns = false - -# auth token -token = 12345678 - -authentication_method = - -# oidc_client_id specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". -# By default, this value is "". -oidc_client_id = - -# oidc_client_secret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". -# By default, this value is "". -oidc_client_secret = - -# oidc_audience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". -oidc_audience = - -# oidc_scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". -oidc_scope = - -# oidc_token_endpoint_url specifies the URL which implements OIDC Token Endpoint. -# It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "". -oidc_token_endpoint_url = - -# oidc_additional_xxx specifies additional parameters to be sent to the OIDC Token Endpoint. -# For example, if you want to specify the "audience" parameter, you can set as follow. -# frp will add "audience=" "var1=" to the additional parameters. -# oidc_additional_audience = https://dev.auth.com/api/v2/ -# oidc_additional_var1 = foobar - -# set admin address for control frpc's action by http api such as reload -admin_addr = 127.0.0.1 -admin_port = 7400 -admin_user = admin -admin_pwd = admin -# Admin assets directory. By default, these assets are bundled with frpc. -# assets_dir = ./static - -# connections will be established in advance, default value is zero -pool_count = 5 - -# if tcp stream multiplexing is used, default is true, it must be same with frps -# tcp_mux = true - -# specify keep alive interval for tcp mux. -# only valid if tcp_mux is true. -# tcp_mux_keepalive_interval = 60 - -# your proxy name will be changed to {user}.{proxy} -user = your_name - -# decide if exit program when first login failed, otherwise continuous relogin to frps -# default is true -login_fail_exit = true - -# communication protocol used to connect to server -# supports tcp, kcp, quic and websocket now, default is tcp -protocol = tcp - -# set client binding ip when connect server, default is empty. -# only when protocol = tcp or websocket, the value will be used. -connect_server_local_ip = 0.0.0.0 - -# quic protocol options -# quic_keepalive_period = 10 -# quic_max_idle_timeout = 30 -# quic_max_incoming_streams = 100000 - -# if tls_enable is true, frpc will connect frps by tls -tls_enable = true - -# tls_cert_file = client.crt -# tls_key_file = client.key -# tls_trusted_ca_file = ca.crt -# tls_server_name = example.com - -# specify a dns server, so frpc will use this instead of default one -# dns_server = 8.8.8.8 - -# proxy names you want to start separated by ',' -# default is empty, means all proxies -# start = ssh,dns - -# heartbeat configure, it's not recommended to modify the default value -# The default value of heartbeat_interval is 10 and heartbeat_timeout is 90. Set negative value -# to disable it. -# heartbeat_interval = 30 -# heartbeat_timeout = 90 - -# additional meta info for client -meta_var1 = 123 -meta_var2 = 234 - -# specify udp packet size, unit is byte. If not set, the default value is 1500. -# This parameter should be same between client and server. -# It affects the udp and sudp proxy. -udp_packet_size = 1500 - -# include other config files for proxies. -# includes = ./confd/*.ini - -# By default, frpc will connect frps with first custom byte if tls is enabled. -# If DisableCustomTLSFirstByte is true, frpc will not send that custom byte. -disable_custom_tls_first_byte = false - -# Enable golang pprof handlers in admin listener. -# Admin port must be set first. -pprof_enable = false - -# 'ssh' is the unique proxy name -# if user in [common] section is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh' -[ssh] -# tcp | udp | http | https | stcp | xtcp, default is tcp -type = tcp -local_ip = 127.0.0.1 -local_port = 22 -# limit bandwidth for this proxy, unit is KB and MB -bandwidth_limit = 1MB -# where to limit bandwidth, can be 'client' or 'server', default is 'client' -bandwidth_limit_mode = client -# true or false, if true, messages between frps and frpc will be encrypted, default is false -use_encryption = false -# if true, message will be compressed -use_compression = false -# remote port listen by frps -remote_port = 6001 -# frps will load balancing connections for proxies in same group -group = test_group -# group should have same group key -group_key = 123456 -# enable health check for the backend service, it support 'tcp' and 'http' now -# frpc will connect local service's port to detect it's healthy status -health_check_type = tcp -# health check connection timeout -health_check_timeout_s = 3 -# if continuous failed in 3 times, the proxy will be removed from frps -health_check_max_failed = 3 -# every 10 seconds will do a health check -health_check_interval_s = 10 -# additional meta info for each proxy -meta_var1 = 123 -meta_var2 = 234 - -[ssh_random] -type = tcp -local_ip = 127.0.0.1 -local_port = 22 -# if remote_port is 0, frps will assign a random port for you -remote_port = 0 - -# if you want to expose multiple ports, add 'range:' prefix to the section name -# frpc will generate multiple proxies such as 'tcp_port_6010', 'tcp_port_6011' and so on. -[range:tcp_port] -type = tcp -local_ip = 127.0.0.1 -local_port = 6010-6020,6022,6024-6028 -remote_port = 6010-6020,6022,6024-6028 -use_encryption = false -use_compression = false - -[dns] -type = udp -local_ip = 114.114.114.114 -local_port = 53 -remote_port = 6002 -use_encryption = false -use_compression = false - -[range:udp_port] -type = udp -local_ip = 127.0.0.1 -local_port = 6010-6020 -remote_port = 6010-6020 -use_encryption = false -use_compression = false - -# Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02 -[web01] -type = http -local_ip = 127.0.0.1 -local_port = 80 -use_encryption = false -use_compression = true -# http username and password are safety certification for http protocol -# if not set, you can access this custom_domains without certification -http_user = admin -http_pwd = admin -# if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com -subdomain = web01 -custom_domains = web01.yourdomain.com -# locations is only available for http type -locations = /,/pic -# route requests to this service if http basic auto user is abc -# route_by_http_user = abc -host_header_rewrite = example.com -# params with prefix "header_" will be used to update http request headers -header_X-From-Where = frp -health_check_type = http -# frpc will send a GET http request '/status' to local http service -# http service is alive when it return 2xx http response code -health_check_url = /status -health_check_interval_s = 10 -health_check_max_failed = 3 -health_check_timeout_s = 3 - -[web02] -type = https -local_ip = 127.0.0.1 -local_port = 8000 -use_encryption = false -use_compression = false -subdomain = web01 -custom_domains = web02.yourdomain.com -# if not empty, frpc will use proxy protocol to transfer connection info to your local service -# v1 or v2 or empty -proxy_protocol_version = v2 - -[plugin_unix_domain_socket] -type = tcp -remote_port = 6003 -# if plugin is defined, local_ip and local_port is useless -# plugin will handle connections got from frps -plugin = unix_domain_socket -# params with prefix "plugin_" that plugin needed -plugin_unix_path = /var/run/docker.sock - -[plugin_http_proxy] -type = tcp -remote_port = 6004 -plugin = http_proxy -plugin_http_user = abc -plugin_http_passwd = abc - -[plugin_socks5] -type = tcp -remote_port = 6005 -plugin = socks5 -plugin_user = abc -plugin_passwd = abc - -[plugin_static_file] -type = tcp -remote_port = 6006 -plugin = static_file -plugin_local_path = /var/www/blog -plugin_strip_prefix = static -plugin_http_user = abc -plugin_http_passwd = abc - -[plugin_https2http] -type = https -custom_domains = test.yourdomain.com -plugin = https2http -plugin_local_addr = 127.0.0.1:80 -plugin_crt_path = ./server.crt -plugin_key_path = ./server.key -plugin_host_header_rewrite = 127.0.0.1 -plugin_header_X-From-Where = frp - -[plugin_https2https] -type = https -custom_domains = test.yourdomain.com -plugin = https2https -plugin_local_addr = 127.0.0.1:443 -plugin_crt_path = ./server.crt -plugin_key_path = ./server.key -plugin_host_header_rewrite = 127.0.0.1 -plugin_header_X-From-Where = frp - -[plugin_http2https] -type = http -custom_domains = test.yourdomain.com -plugin = http2https -plugin_local_addr = 127.0.0.1:443 -plugin_host_header_rewrite = 127.0.0.1 -plugin_header_X-From-Where = frp - -[secret_tcp] -# If the type is secret tcp, remote_port is useless -# Who want to connect local port should deploy another frpc with stcp proxy and role is visitor -type = stcp -# sk used for authentication for visitors -sk = abcdefg -local_ip = 127.0.0.1 -local_port = 22 -use_encryption = false -use_compression = false - -# user of frpc should be same in both stcp server and stcp visitor -[secret_tcp_visitor] -# frpc role visitor -> frps -> frpc role server -role = visitor -type = stcp -# the server name you want to visitor -server_name = secret_tcp -sk = abcdefg -# connect this address to visitor stcp server -bind_addr = 127.0.0.1 -bind_port = 9000 -use_encryption = false -use_compression = false - -[p2p_tcp] -type = xtcp -sk = abcdefg -local_ip = 127.0.0.1 -local_port = 22 -use_encryption = false -use_compression = false - -[p2p_tcp_visitor] -role = visitor -type = xtcp -server_name = p2p_tcp -sk = abcdefg -bind_addr = 127.0.0.1 -bind_port = 9001 -use_encryption = false -use_compression = false - -[tcpmuxhttpconnect] -type = tcpmux -multiplexer = httpconnect -local_ip = 127.0.0.1 -local_port = 10701 -custom_domains = tunnel1 -# route_by_http_user = user1 diff --git a/apps/frpc/0.52.1/data/frpc_full.toml b/apps/frpc/0.52.1/data/frpc_full.toml new file mode 100644 index 00000000..05d6cbe2 --- /dev/null +++ b/apps/frpc/0.52.1/data/frpc_full.toml @@ -0,0 +1,360 @@ +# your proxy name will be changed to {user}.{proxy} +user = "your_name" + +# A literal address or host name for IPv6 must be enclosed +# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" +# For single serverAddr field, no need square brackets, like serverAddr = "::". +serverAddr = "0.0.0.0" +serverPort = 7000 + +# STUN server to help penetrate NAT hole. +# natHoleStunServer = "stun.easyvoip.com:3478" + +# Decide if exit program when first login failed, otherwise continuous relogin to frps +# default is true +loginFailExit = true + +# console or real logFile path like ./frpc.log +log.to = "./frpc.log" +# trace, debug, info, warn, error +log.level = "info" +log.maxDays = 3 +# disable log colors when log.to is console, default is false +log.disablePrintColor = false + +auth.method = "token" +# auth.additionalScopes specifies additional scopes to include authentication information. +# Optional values are HeartBeats, NewWorkConns. +# auth.additionalScopes = ["HeartBeats", "NewWorkConns"] + +# auth token +auth.token = "12345678" + +# oidc.clientID specifies the client ID to use to get a token in OIDC authentication. +# auth.oidc.clientID = "" +# oidc.clientSecret specifies the client secret to use to get a token in OIDC authentication. +# auth.oidc.clientSecret = "" +# oidc.audience specifies the audience of the token in OIDC authentication. +# auth.oidc.audience = "" +# oidc_scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". +# auth.oidc.scope = "" +# oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint. +# It will be used to get an OIDC token. +# auth.oidc.tokenEndpointURL = "" + +# oidc.additionalEndpointParams specifies additional parameters to be sent to the OIDC Token Endpoint. +# For example, if you want to specify the "audience" parameter, you can set as follow. +# frp will add "audience=" "var1=" to the additional parameters. +# auth.oidc.additionalEndpointParams.audience = "https://dev.auth.com/api/v2/" +# auth.oidc.additionalEndpointParams.var1 = "foobar" + +# Set admin address for control frpc's action by http api such as reload +webServer.addr = "127.0.0.1" +webServer.port = 7400 +webServer.user = "admin" +webServer.password = "admin" +# Admin assets directory. By default, these assets are bundled with frpc. +# webServer.assetsDir = "./static" + +# Enable golang pprof handlers in admin listener. +webServer.pprofEnable = false + +# The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds. +# transport.dialServerTimeout = 10 + +# dialServerKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. +# If negative, keep-alive probes are disabled. +# transport.dialServerKeepalive = 7200 + +# connections will be established in advance, default value is zero +transport.poolCount = 5 + +# If tcp stream multiplexing is used, default is true, it must be same with frps +# transport.tcpMux = true + +# Specify keep alive interval for tcp mux. +# only valid if tcpMux is enabled. +# transport.tcpMuxKeepaliveInterval = 60 + +# Communication protocol used to connect to server +# supports tcp, kcp, quic, websocket and wss now, default is tcp +transport.protocol = "tcp" + +# set client binding ip when connect server, default is empty. +# only when protocol = tcp or websocket, the value will be used. +transport.connectServerLocalIP = "0.0.0.0" + +# if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set proxyURL here or in global environment variables +# it only works when protocol is tcp +# transport.proxyURL = "http://user:passwd@192.168.1.128:8080" +# transport.proxyURL = "socks5://user:passwd@192.168.1.128:1080" +# transport.proxyURL = "ntlm://user:passwd@192.168.1.128:2080" + +# quic protocol options +# transport.quic.keepalivePeriod = 10 +# transport.quic.maxIdleTimeout = 30 +# transport.quic.maxIncomingStreams = 100000 + +# If tls.enable is true, frpc will connect frps by tls. +# Since v0.50.0, the default value has been changed to true, and tls is enabled by default. +transport.tls.enable = true + +# transport.tls.certFile = "client.crt" +# transport.tls.keyFile = "client.key" +# transport.tls.trustedCaFile = "ca.crt" +# transport.tls.serverName = "example.com" + +# If the disableCustomTLSFirstByte is set to false, frpc will establish a connection with frps using the +# first custom byte when tls is enabled. +# Since v0.50.0, the default value has been changed to true, and the first custom byte is disabled by default. +# transport.tls.disableCustomTLSFirstByte = true + +# Heartbeat configure, it's not recommended to modify the default value. +# The default value of heartbeat_interval is 10 and heartbeat_timeout is 90. Set negative value +# to disable it. +# transport.heartbeatInterval = 30 +# transport.heartbeatTimeout = 90 + +# Specify a dns server, so frpc will use this instead of default one +# dnsServer = "8.8.8.8" + +# Proxy names you want to start. +# Default is empty, means all proxies. +# start = ["ssh", "dns"] + +# Specify udp packet size, unit is byte. If not set, the default value is 1500. +# This parameter should be same between client and server. +# It affects the udp and sudp proxy. +udpPacketSize = 1500 + +# Additional metadatas for client. +metadatas.var1 = "abc" +metadatas.var2 = "123" + +# Include other config files for proxies. +# includes = ["./confd/*.ini"] + +[[proxies]] +# 'ssh' is the unique proxy name +# If global user is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh' +name = "ssh" +type = "tcp" +localIP = "127.0.0.1" +localPort = 22 +# Limit bandwidth for this proxy, unit is KB and MB +transport.bandwidthLimit = "1MB" +# Where to limit bandwidth, can be 'client' or 'server', default is 'client' +transport.bandwidthLimitMode = "client" +# If true, traffic of this proxy will be encrypted, default is false +transport.useEncryption = false +# If true, traffic will be compressed +transport.useCompression = false +# Remote port listen by frps +remotePort = 6001 +# frps will load balancing connections for proxies in same group +loadBalancer.group = "test_group" +# group should have same group key +loadBalancer.groupKey = "123456" +# Enable health check for the backend service, it supports 'tcp' and 'http' now. +# frpc will connect local service's port to detect it's healthy status +healthCheck.type = "tcp" +# Health check connection timeout +healthCheck.timeoutSeconds = 3 +# If continuous failed in 3 times, the proxy will be removed from frps +healthCheck.maxFailed = 3 +# every 10 seconds will do a health check +healthCheck.intervalSeconds = 10 +# additional meta info for each proxy +metadatas.var1 = "abc" +metadatas.var2 = "123" + +[[proxies]] +name = "ssh_random" +type = "tcp" +localIP = "192.168.31.100" +localPort = 22 +# If remote_port is 0, frps will assign a random port for you +remotePort = 0 + +[[proxies]] +name = "dns" +type = "udp" +localIP = "114.114.114.114" +localPort = 53 +remotePort = 6002 + +# Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02 +[[proxies]] +name = "web01" +type = "http" +localIP = "127.0.0.1" +localPort = 80 +# http username and password are safety certification for http protocol +# if not set, you can access this custom_domains without certification +httpUser = "admin" +httpPassword = "admin" +# if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com +subdomain = "web01" +customDomains = ["web01.yourdomain.com"] +# locations is only available for http type +locations = ["/", "/pic"] +# route requests to this service if http basic auto user is abc +# route_by_http_user = abc +hostHeaderRewrite = "example.com" +# params with prefix "header_" will be used to update http request headers +requestHeaders.set.x-from-where = "frp" +healthCheck.type = "http" +# frpc will send a GET http request '/status' to local http service +# http service is alive when it return 2xx http response code +healthCheck.path = "/status" +healthCheck.intervalSeconds = 10 +healthCheck.maxFailed = 3 +healthCheck.timeoutSeconds = 3 + +[[proxies]] +name = "web02" +type = "https" +localIP = "127.0.0.1" +localPort = 8000 +subdomain = "web02" +customDomains = ["web02.yourdomain.com"] +# if not empty, frpc will use proxy protocol to transfer connection info to your local service +# v1 or v2 or empty +transport.proxyProtocolVersion = "v2" + +[[proxies]] +name = "tcpmuxhttpconnect" +type = "tcpmux" +multiplexer = "httpconnect" +localIP = "127.0.0.1" +localPort = 10701 +customDomains = ["tunnel1"] +# routeByHTTPUser = "user1" + +[[proxies]] +name = "plugin_unix_domain_socket" +type = "tcp" +remotePort = 6003 +# if plugin is defined, local_ip and local_port is useless +# plugin will handle connections got from frps +[proxies.plugin] +type = "unix_domain_socket" +unixPath = "/var/run/docker.sock" + +[[proxies]] +name = "plugin_http_proxy" +type = "tcp" +remotePort = 6004 +[proxies.plugin] +type = "http_proxy" +httpUser = "abc" +httpPassword = "abc" + +[[proxies]] +name = "plugin_socks5" +type = "tcp" +remotePort = 6005 +[proxies.plugin] +type = "socks5" +username = "abc" +password = "abc" + +[[proxies]] +name = "plugin_static_file" +type = "tcp" +remotePort = 6006 +[proxies.plugin] +type = "static_file" +localPath = "/var/www/blog" +stripPrefix = "static" +httpUser = "abc" +httpPassword = "abc" + +[[proxies]] +name = "plugin_https2http" +type = "https" +customDomains = ["test.yourdomain.com"] +[proxies.plugin] +type = "https2http" +localAddr = "127.0.0.1:80" +crtPath = "./server.crt" +keyPath = "./server.key" +hostHeaderRewrite = "127.0.0.1" +requestHeaders.set.x-from-where = "frp" + +[[proxies]] +name = "plugin_https2https" +type = "https" +customDomains = ["test.yourdomain.com"] +[proxies.plugin] +type = "https2https" +localAddr = "127.0.0.1:443" +crtPath = "./server.crt" +keyPath = "./server.key" +hostHeaderRewrite = "127.0.0.1" +requestHeaders.set.x-from-where = "frp" + +[[proxies]] +name = "plugin_http2https" +type = "http" +customDomains = ["test.yourdomain.com"] +[proxies.plugin] +type = "http2https" +localAddr = "127.0.0.1:443" +hostHeaderRewrite = "127.0.0.1" +requestHeaders.set.x-from-where = "frp" + +[[proxies]] +name = "secret_tcp" +# If the type is secret tcp, remote_port is useless +# Who want to connect local port should deploy another frpc with stcp proxy and role is visitor +type = "stcp" +# secretKey is used for authentication for visitors +secretKey = "abcdefg" +localIP = "127.0.0.1" +localPort = 22 +# If not empty, only visitors from specified users can connect. +# Otherwise, visitors from same user can connect. '*' means allow all users. +allowUsers = ["*"] + +[[proxies]] +name = "p2p_tcp" +type = "xtcp" +secretKey = "abcdefg" +localIP = "127.0.0.1" +localPort = 22 +# If not empty, only visitors from specified users can connect. +# Otherwise, visitors from same user can connect. '*' means allow all users. +allowUsers = ["user1", "user2"] + +# frpc role visitor -> frps -> frpc role server +[[visitors]] +name = "secret_tcp_visitor" +type = "stcp" +# the server name you want to visitor +serverName = "secret_tcp" +secretKey = "abcdefg" +# connect this address to visitor stcp server +bindAddr = "127.0.0.1" +# bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from +# other visitors. (This is not supported for SUDP now) +bindPort = 9000 + +[[visitors]] +name = "p2p_tcp_visitor" +type = "xtcp" +# if the server user is not set, it defaults to the current user +serverUser = "user1" +serverName = "p2p_tcp" +secretKey = "abcdefg" +bindAddr = "127.0.0.1" +# bindPort can be less than 0, it means don't bind to the port and only receive connections redirected from +# other visitors. (This is not supported for SUDP now) +bindPort = 9001 +# when automatic tunnel persistence is required, set it to true +keepTunnelOpen = false +# effective when keep_tunnel_open is set to true, the number of attempts to punch through per hour +maxRetriesAnHour = 8 +minRetryInterval = 90 +# fallbackTo = "stcp_visitor" +# fallbackTimeoutMs = 500 diff --git a/apps/frpc/0.52.1/data/frps.ini b/apps/frpc/0.52.1/data/frps.ini deleted file mode 100644 index 229567a9..00000000 --- a/apps/frpc/0.52.1/data/frps.ini +++ /dev/null @@ -1,2 +0,0 @@ -[common] -bind_port = 7000 diff --git a/apps/frpc/0.52.1/data/frps_full.ini b/apps/frpc/0.52.1/data/frps_full.ini deleted file mode 100644 index 2d5e08e1..00000000 --- a/apps/frpc/0.52.1/data/frps_full.ini +++ /dev/null @@ -1,168 +0,0 @@ -# [common] is integral section -[common] -# A literal address or host name for IPv6 must be enclosed -# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" -# For single "bind_addr" field, no need square brackets, like "bind_addr = ::". -bind_addr = 0.0.0.0 -bind_port = 7000 - -# udp port to help make udp hole to penetrate nat -bind_udp_port = 7001 - -# udp port used for kcp protocol, it can be same with 'bind_port'. -# if not set, kcp is disabled in frps. -kcp_bind_port = 7000 - -# udp port used for quic protocol. -# if not set, quic is disabled in frps. -# quic_bind_port = 7002 -# quic protocol options -# quic_keepalive_period = 10 -# quic_max_idle_timeout = 30 -# quic_max_incoming_streams = 100000 - -# specify which address proxy will listen for, default value is same with bind_addr -# proxy_bind_addr = 127.0.0.1 - -# if you want to support virtual host, you must set the http port for listening (optional) -# Note: http port and https port can be same with bind_port -vhost_http_port = 80 -vhost_https_port = 443 - -# response header timeout(seconds) for vhost http server, default is 60s -# vhost_http_timeout = 60 - -# tcpmux_httpconnect_port specifies the port that the server listens for TCP -# HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP -# requests on one single port. If it's not - it will listen on this value for -# HTTP CONNECT requests. By default, this value is 0. -# tcpmux_httpconnect_port = 1337 - -# If tcpmux_passthrough is true, frps won't do any update on traffic. -# tcpmux_passthrough = false - -# set dashboard_addr and dashboard_port to view dashboard of frps -# dashboard_addr's default value is same with bind_addr -# dashboard is available only if dashboard_port is set -dashboard_addr = 0.0.0.0 -dashboard_port = 7500 - -# dashboard user and passwd for basic auth protect -dashboard_user = admin -dashboard_pwd = admin - -# dashboard TLS mode -dashboard_tls_mode = false -# dashboard_tls_cert_file = server.crt -# dashboard_tls_key_file = server.key - -# enable_prometheus will export prometheus metrics on {dashboard_addr}:{dashboard_port} in /metrics api. -enable_prometheus = true - -# dashboard assets directory(only for debug mode) -# assets_dir = ./static - -# console or real logFile path like ./frps.log -log_file = ./frps.log - -# trace, debug, info, warn, error -log_level = info - -log_max_days = 3 - -# disable log colors when log_file is console, default is false -disable_log_color = false - -# DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true. -detailed_errors_to_client = true - -# authentication_method specifies what authentication method to use authenticate frpc with frps. -# If "token" is specified - token will be read into login message. -# If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token". -authentication_method = token - -# authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. -authenticate_heartbeats = false - -# AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. -authenticate_new_work_conns = false - -# auth token -token = 12345678 - -# oidc_issuer specifies the issuer to verify OIDC tokens with. -# By default, this value is "". -oidc_issuer = - -# oidc_audience specifies the audience OIDC tokens should contain when validated. -# By default, this value is "". -oidc_audience = - -# oidc_skip_expiry_check specifies whether to skip checking if the OIDC token is expired. -# By default, this value is false. -oidc_skip_expiry_check = false - -# oidc_skip_issuer_check specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer. -# By default, this value is false. -oidc_skip_issuer_check = false - -# heartbeat configure, it's not recommended to modify the default value -# the default value of heartbeat_timeout is 90. Set negative value to disable it. -# heartbeat_timeout = 90 - -# user_conn_timeout configure, it's not recommended to modify the default value -# the default value of user_conn_timeout is 10 -# user_conn_timeout = 10 - -# only allow frpc to bind ports you list, if you set nothing, there won't be any limit -allow_ports = 2000-3000,3001,3003,4000-50000 - -# pool_count in each proxy will change to max_pool_count if they exceed the maximum value -max_pool_count = 5 - -# max ports can be used for each client, default value is 0 means no limit -max_ports_per_client = 0 - -# tls_only specifies whether to only accept TLS-encrypted connections. By default, the value is false. -tls_only = false - -# tls_cert_file = server.crt -# tls_key_file = server.key -# tls_trusted_ca_file = ca.crt - -# if subdomain_host is not empty, you can set subdomain when type is http or https in frpc's configure file -# when subdomain is test, the host used by routing is test.frps.com -subdomain_host = frps.com - -# if tcp stream multiplexing is used, default is true -# tcp_mux = true - -# specify keep alive interval for tcp mux. -# only valid if tcp_mux is true. -# tcp_mux_keepalive_interval = 60 - -# tcp_keepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. -# If negative, keep-alive probes are disabled. -# tcp_keepalive = 7200 - -# custom 404 page for HTTP requests -# custom_404_page = /path/to/404.html - -# specify udp packet size, unit is byte. If not set, the default value is 1500. -# This parameter should be same between client and server. -# It affects the udp and sudp proxy. -udp_packet_size = 1500 - -# Enable golang pprof handlers in dashboard listener. -# Dashboard port must be set first -pprof_enable = false - -[plugin.user-manager] -addr = 127.0.0.1:9000 -path = /handler -ops = Login - -[plugin.port-manager] -addr = 127.0.0.1:9001 -path = /handler -ops = NewProxy diff --git a/apps/frpc/0.52.1/docker-compose.yml b/apps/frpc/0.52.1/docker-compose.yml index b61b5219..a5dfc7d9 100644 --- a/apps/frpc/0.52.1/docker-compose.yml +++ b/apps/frpc/0.52.1/docker-compose.yml @@ -5,7 +5,7 @@ services: restart: always network_mode: "host" volumes: - - "./data/frpc.ini:/etc/frp/frpc.ini" + - "./data/frpc.toml:/etc/frp/frpc.toml" image: "snowdreamtech/frpc:0.52.1" labels: createdBy: "Apps" diff --git a/apps/frps/0.52.1/data/frpc.ini b/apps/frps/0.52.1/data/frpc.ini deleted file mode 100644 index 13a8e5f6..00000000 --- a/apps/frps/0.52.1/data/frpc.ini +++ /dev/null @@ -1,9 +0,0 @@ -[common] -server_addr = 127.0.0.1 -server_port = 7000 - -[ssh] -type = tcp -local_ip = 127.0.0.1 -local_port = 22 -remote_port = 6000 diff --git a/apps/frps/0.52.1/data/frpc_full.ini b/apps/frps/0.52.1/data/frpc_full.ini deleted file mode 100644 index 29f6bcab..00000000 --- a/apps/frps/0.52.1/data/frpc_full.ini +++ /dev/null @@ -1,365 +0,0 @@ -# [common] is integral section -[common] -# A literal address or host name for IPv6 must be enclosed -# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" -# For single "server_addr" field, no need square brackets, like "server_addr = ::". -server_addr = 0.0.0.0 -server_port = 7000 - -# The maximum amount of time a dial to server will wait for a connect to complete. Default value is 10 seconds. -# dial_server_timeout = 10 - -# dial_server_keepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. -# If negative, keep-alive probes are disabled. -# dial_server_keepalive = 7200 - -# if you want to connect frps by http proxy or socks5 proxy or ntlm proxy, you can set http_proxy here or in global environment variables -# it only works when protocol is tcp -# http_proxy = http://user:passwd@192.168.1.128:8080 -# http_proxy = socks5://user:passwd@192.168.1.128:1080 -# http_proxy = ntlm://user:passwd@192.168.1.128:2080 - -# console or real logFile path like ./frpc.log -log_file = ./frpc.log - -# trace, debug, info, warn, error -log_level = info - -log_max_days = 3 - -# disable log colors when log_file is console, default is false -disable_log_color = false - -# for authentication, should be same as your frps.ini -# authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. -authenticate_heartbeats = false - -# authenticate_new_work_conns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. -authenticate_new_work_conns = false - -# auth token -token = 12345678 - -authentication_method = - -# oidc_client_id specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". -# By default, this value is "". -oidc_client_id = - -# oidc_client_secret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". -# By default, this value is "". -oidc_client_secret = - -# oidc_audience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". -oidc_audience = - -# oidc_scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". -oidc_scope = - -# oidc_token_endpoint_url specifies the URL which implements OIDC Token Endpoint. -# It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "". -oidc_token_endpoint_url = - -# oidc_additional_xxx specifies additional parameters to be sent to the OIDC Token Endpoint. -# For example, if you want to specify the "audience" parameter, you can set as follow. -# frp will add "audience=" "var1=" to the additional parameters. -# oidc_additional_audience = https://dev.auth.com/api/v2/ -# oidc_additional_var1 = foobar - -# set admin address for control frpc's action by http api such as reload -admin_addr = 127.0.0.1 -admin_port = 7400 -admin_user = admin -admin_pwd = admin -# Admin assets directory. By default, these assets are bundled with frpc. -# assets_dir = ./static - -# connections will be established in advance, default value is zero -pool_count = 5 - -# if tcp stream multiplexing is used, default is true, it must be same with frps -# tcp_mux = true - -# specify keep alive interval for tcp mux. -# only valid if tcp_mux is true. -# tcp_mux_keepalive_interval = 60 - -# your proxy name will be changed to {user}.{proxy} -user = your_name - -# decide if exit program when first login failed, otherwise continuous relogin to frps -# default is true -login_fail_exit = true - -# communication protocol used to connect to server -# supports tcp, kcp, quic and websocket now, default is tcp -protocol = tcp - -# set client binding ip when connect server, default is empty. -# only when protocol = tcp or websocket, the value will be used. -connect_server_local_ip = 0.0.0.0 - -# quic protocol options -# quic_keepalive_period = 10 -# quic_max_idle_timeout = 30 -# quic_max_incoming_streams = 100000 - -# if tls_enable is true, frpc will connect frps by tls -tls_enable = true - -# tls_cert_file = client.crt -# tls_key_file = client.key -# tls_trusted_ca_file = ca.crt -# tls_server_name = example.com - -# specify a dns server, so frpc will use this instead of default one -# dns_server = 8.8.8.8 - -# proxy names you want to start separated by ',' -# default is empty, means all proxies -# start = ssh,dns - -# heartbeat configure, it's not recommended to modify the default value -# The default value of heartbeat_interval is 10 and heartbeat_timeout is 90. Set negative value -# to disable it. -# heartbeat_interval = 30 -# heartbeat_timeout = 90 - -# additional meta info for client -meta_var1 = 123 -meta_var2 = 234 - -# specify udp packet size, unit is byte. If not set, the default value is 1500. -# This parameter should be same between client and server. -# It affects the udp and sudp proxy. -udp_packet_size = 1500 - -# include other config files for proxies. -# includes = ./confd/*.ini - -# By default, frpc will connect frps with first custom byte if tls is enabled. -# If DisableCustomTLSFirstByte is true, frpc will not send that custom byte. -disable_custom_tls_first_byte = false - -# Enable golang pprof handlers in admin listener. -# Admin port must be set first. -pprof_enable = false - -# 'ssh' is the unique proxy name -# if user in [common] section is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh' -[ssh] -# tcp | udp | http | https | stcp | xtcp, default is tcp -type = tcp -local_ip = 127.0.0.1 -local_port = 22 -# limit bandwidth for this proxy, unit is KB and MB -bandwidth_limit = 1MB -# where to limit bandwidth, can be 'client' or 'server', default is 'client' -bandwidth_limit_mode = client -# true or false, if true, messages between frps and frpc will be encrypted, default is false -use_encryption = false -# if true, message will be compressed -use_compression = false -# remote port listen by frps -remote_port = 6001 -# frps will load balancing connections for proxies in same group -group = test_group -# group should have same group key -group_key = 123456 -# enable health check for the backend service, it support 'tcp' and 'http' now -# frpc will connect local service's port to detect it's healthy status -health_check_type = tcp -# health check connection timeout -health_check_timeout_s = 3 -# if continuous failed in 3 times, the proxy will be removed from frps -health_check_max_failed = 3 -# every 10 seconds will do a health check -health_check_interval_s = 10 -# additional meta info for each proxy -meta_var1 = 123 -meta_var2 = 234 - -[ssh_random] -type = tcp -local_ip = 127.0.0.1 -local_port = 22 -# if remote_port is 0, frps will assign a random port for you -remote_port = 0 - -# if you want to expose multiple ports, add 'range:' prefix to the section name -# frpc will generate multiple proxies such as 'tcp_port_6010', 'tcp_port_6011' and so on. -[range:tcp_port] -type = tcp -local_ip = 127.0.0.1 -local_port = 6010-6020,6022,6024-6028 -remote_port = 6010-6020,6022,6024-6028 -use_encryption = false -use_compression = false - -[dns] -type = udp -local_ip = 114.114.114.114 -local_port = 53 -remote_port = 6002 -use_encryption = false -use_compression = false - -[range:udp_port] -type = udp -local_ip = 127.0.0.1 -local_port = 6010-6020 -remote_port = 6010-6020 -use_encryption = false -use_compression = false - -# Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02 -[web01] -type = http -local_ip = 127.0.0.1 -local_port = 80 -use_encryption = false -use_compression = true -# http username and password are safety certification for http protocol -# if not set, you can access this custom_domains without certification -http_user = admin -http_pwd = admin -# if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com -subdomain = web01 -custom_domains = web01.yourdomain.com -# locations is only available for http type -locations = /,/pic -# route requests to this service if http basic auto user is abc -# route_by_http_user = abc -host_header_rewrite = example.com -# params with prefix "header_" will be used to update http request headers -header_X-From-Where = frp -health_check_type = http -# frpc will send a GET http request '/status' to local http service -# http service is alive when it return 2xx http response code -health_check_url = /status -health_check_interval_s = 10 -health_check_max_failed = 3 -health_check_timeout_s = 3 - -[web02] -type = https -local_ip = 127.0.0.1 -local_port = 8000 -use_encryption = false -use_compression = false -subdomain = web01 -custom_domains = web02.yourdomain.com -# if not empty, frpc will use proxy protocol to transfer connection info to your local service -# v1 or v2 or empty -proxy_protocol_version = v2 - -[plugin_unix_domain_socket] -type = tcp -remote_port = 6003 -# if plugin is defined, local_ip and local_port is useless -# plugin will handle connections got from frps -plugin = unix_domain_socket -# params with prefix "plugin_" that plugin needed -plugin_unix_path = /var/run/docker.sock - -[plugin_http_proxy] -type = tcp -remote_port = 6004 -plugin = http_proxy -plugin_http_user = abc -plugin_http_passwd = abc - -[plugin_socks5] -type = tcp -remote_port = 6005 -plugin = socks5 -plugin_user = abc -plugin_passwd = abc - -[plugin_static_file] -type = tcp -remote_port = 6006 -plugin = static_file -plugin_local_path = /var/www/blog -plugin_strip_prefix = static -plugin_http_user = abc -plugin_http_passwd = abc - -[plugin_https2http] -type = https -custom_domains = test.yourdomain.com -plugin = https2http -plugin_local_addr = 127.0.0.1:80 -plugin_crt_path = ./server.crt -plugin_key_path = ./server.key -plugin_host_header_rewrite = 127.0.0.1 -plugin_header_X-From-Where = frp - -[plugin_https2https] -type = https -custom_domains = test.yourdomain.com -plugin = https2https -plugin_local_addr = 127.0.0.1:443 -plugin_crt_path = ./server.crt -plugin_key_path = ./server.key -plugin_host_header_rewrite = 127.0.0.1 -plugin_header_X-From-Where = frp - -[plugin_http2https] -type = http -custom_domains = test.yourdomain.com -plugin = http2https -plugin_local_addr = 127.0.0.1:443 -plugin_host_header_rewrite = 127.0.0.1 -plugin_header_X-From-Where = frp - -[secret_tcp] -# If the type is secret tcp, remote_port is useless -# Who want to connect local port should deploy another frpc with stcp proxy and role is visitor -type = stcp -# sk used for authentication for visitors -sk = abcdefg -local_ip = 127.0.0.1 -local_port = 22 -use_encryption = false -use_compression = false - -# user of frpc should be same in both stcp server and stcp visitor -[secret_tcp_visitor] -# frpc role visitor -> frps -> frpc role server -role = visitor -type = stcp -# the server name you want to visitor -server_name = secret_tcp -sk = abcdefg -# connect this address to visitor stcp server -bind_addr = 127.0.0.1 -bind_port = 9000 -use_encryption = false -use_compression = false - -[p2p_tcp] -type = xtcp -sk = abcdefg -local_ip = 127.0.0.1 -local_port = 22 -use_encryption = false -use_compression = false - -[p2p_tcp_visitor] -role = visitor -type = xtcp -server_name = p2p_tcp -sk = abcdefg -bind_addr = 127.0.0.1 -bind_port = 9001 -use_encryption = false -use_compression = false - -[tcpmuxhttpconnect] -type = tcpmux -multiplexer = httpconnect -local_ip = 127.0.0.1 -local_port = 10701 -custom_domains = tunnel1 -# route_by_http_user = user1 diff --git a/apps/frps/0.52.1/data/frps.ini b/apps/frps/0.52.1/data/frps.ini deleted file mode 100644 index 229567a9..00000000 --- a/apps/frps/0.52.1/data/frps.ini +++ /dev/null @@ -1,2 +0,0 @@ -[common] -bind_port = 7000 diff --git a/apps/frps/0.52.1/data/frps.toml b/apps/frps/0.52.1/data/frps.toml new file mode 100644 index 00000000..82957d82 --- /dev/null +++ b/apps/frps/0.52.1/data/frps.toml @@ -0,0 +1 @@ +bindPort = 7000 \ No newline at end of file diff --git a/apps/frps/0.52.1/data/frps_full.ini b/apps/frps/0.52.1/data/frps_full.ini deleted file mode 100644 index 2d5e08e1..00000000 --- a/apps/frps/0.52.1/data/frps_full.ini +++ /dev/null @@ -1,168 +0,0 @@ -# [common] is integral section -[common] -# A literal address or host name for IPv6 must be enclosed -# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" -# For single "bind_addr" field, no need square brackets, like "bind_addr = ::". -bind_addr = 0.0.0.0 -bind_port = 7000 - -# udp port to help make udp hole to penetrate nat -bind_udp_port = 7001 - -# udp port used for kcp protocol, it can be same with 'bind_port'. -# if not set, kcp is disabled in frps. -kcp_bind_port = 7000 - -# udp port used for quic protocol. -# if not set, quic is disabled in frps. -# quic_bind_port = 7002 -# quic protocol options -# quic_keepalive_period = 10 -# quic_max_idle_timeout = 30 -# quic_max_incoming_streams = 100000 - -# specify which address proxy will listen for, default value is same with bind_addr -# proxy_bind_addr = 127.0.0.1 - -# if you want to support virtual host, you must set the http port for listening (optional) -# Note: http port and https port can be same with bind_port -vhost_http_port = 80 -vhost_https_port = 443 - -# response header timeout(seconds) for vhost http server, default is 60s -# vhost_http_timeout = 60 - -# tcpmux_httpconnect_port specifies the port that the server listens for TCP -# HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP -# requests on one single port. If it's not - it will listen on this value for -# HTTP CONNECT requests. By default, this value is 0. -# tcpmux_httpconnect_port = 1337 - -# If tcpmux_passthrough is true, frps won't do any update on traffic. -# tcpmux_passthrough = false - -# set dashboard_addr and dashboard_port to view dashboard of frps -# dashboard_addr's default value is same with bind_addr -# dashboard is available only if dashboard_port is set -dashboard_addr = 0.0.0.0 -dashboard_port = 7500 - -# dashboard user and passwd for basic auth protect -dashboard_user = admin -dashboard_pwd = admin - -# dashboard TLS mode -dashboard_tls_mode = false -# dashboard_tls_cert_file = server.crt -# dashboard_tls_key_file = server.key - -# enable_prometheus will export prometheus metrics on {dashboard_addr}:{dashboard_port} in /metrics api. -enable_prometheus = true - -# dashboard assets directory(only for debug mode) -# assets_dir = ./static - -# console or real logFile path like ./frps.log -log_file = ./frps.log - -# trace, debug, info, warn, error -log_level = info - -log_max_days = 3 - -# disable log colors when log_file is console, default is false -disable_log_color = false - -# DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true. -detailed_errors_to_client = true - -# authentication_method specifies what authentication method to use authenticate frpc with frps. -# If "token" is specified - token will be read into login message. -# If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token". -authentication_method = token - -# authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. -authenticate_heartbeats = false - -# AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. -authenticate_new_work_conns = false - -# auth token -token = 12345678 - -# oidc_issuer specifies the issuer to verify OIDC tokens with. -# By default, this value is "". -oidc_issuer = - -# oidc_audience specifies the audience OIDC tokens should contain when validated. -# By default, this value is "". -oidc_audience = - -# oidc_skip_expiry_check specifies whether to skip checking if the OIDC token is expired. -# By default, this value is false. -oidc_skip_expiry_check = false - -# oidc_skip_issuer_check specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer. -# By default, this value is false. -oidc_skip_issuer_check = false - -# heartbeat configure, it's not recommended to modify the default value -# the default value of heartbeat_timeout is 90. Set negative value to disable it. -# heartbeat_timeout = 90 - -# user_conn_timeout configure, it's not recommended to modify the default value -# the default value of user_conn_timeout is 10 -# user_conn_timeout = 10 - -# only allow frpc to bind ports you list, if you set nothing, there won't be any limit -allow_ports = 2000-3000,3001,3003,4000-50000 - -# pool_count in each proxy will change to max_pool_count if they exceed the maximum value -max_pool_count = 5 - -# max ports can be used for each client, default value is 0 means no limit -max_ports_per_client = 0 - -# tls_only specifies whether to only accept TLS-encrypted connections. By default, the value is false. -tls_only = false - -# tls_cert_file = server.crt -# tls_key_file = server.key -# tls_trusted_ca_file = ca.crt - -# if subdomain_host is not empty, you can set subdomain when type is http or https in frpc's configure file -# when subdomain is test, the host used by routing is test.frps.com -subdomain_host = frps.com - -# if tcp stream multiplexing is used, default is true -# tcp_mux = true - -# specify keep alive interval for tcp mux. -# only valid if tcp_mux is true. -# tcp_mux_keepalive_interval = 60 - -# tcp_keepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. -# If negative, keep-alive probes are disabled. -# tcp_keepalive = 7200 - -# custom 404 page for HTTP requests -# custom_404_page = /path/to/404.html - -# specify udp packet size, unit is byte. If not set, the default value is 1500. -# This parameter should be same between client and server. -# It affects the udp and sudp proxy. -udp_packet_size = 1500 - -# Enable golang pprof handlers in dashboard listener. -# Dashboard port must be set first -pprof_enable = false - -[plugin.user-manager] -addr = 127.0.0.1:9000 -path = /handler -ops = Login - -[plugin.port-manager] -addr = 127.0.0.1:9001 -path = /handler -ops = NewProxy diff --git a/apps/frps/0.52.1/data/frps_full.toml b/apps/frps/0.52.1/data/frps_full.toml new file mode 100644 index 00000000..180a3b24 --- /dev/null +++ b/apps/frps/0.52.1/data/frps_full.toml @@ -0,0 +1,154 @@ +# A literal address or host name for IPv6 must be enclosed +# in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" +# For single "bind_addr" field, no need square brackets, like "bind_addr = ::". +bindAddr = "0.0.0.0" +bindPort = 7000 + +# udp port used for kcp protocol, it can be same with 'bind_port'. +# if not set, kcp is disabled in frps. +kcpBindPort = 7000 + +# udp port used for quic protocol. +# if not set, quic is disabled in frps. +# quicBindPort = 7002 + +# Specify which address proxy will listen for, default value is same with bind_addr +# proxy_bind_addr = "127.0.0.1" + +# quic protocol options +# transport.quic.keepalivePeriod = 10 +# transport.quic.maxIdleTimeout = 30 +# transport.quic.maxIncomingStreams = 100000 + +# Heartbeat configure, it's not recommended to modify the default value +# The default value of heartbeat_timeout is 90. Set negative value to disable it. +# transport.heartbeatTimeout = 90 + +# Pool count in each proxy will keep no more than maxPoolCount. +transport.maxPoolCount = 5 + +# If tcp stream multiplexing is used, default is true +# transport.tcpMux = true + +# Specify keep alive interval for tcp mux. +# only valid if tcpMux is true. +# transport.tcpMuxKeepaliveInterval = 60 + +# tcpKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. +# If negative, keep-alive probes are disabled. +# transport.tcpKeepalive = 7200 + +# transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false. +tls.force = false + +# transport.tls.certFile = "server.crt" +# transport.tls.keyFile = "server.key" +# transport.tls.trustedCaFile = "ca.crt" + +# If you want to support virtual host, you must set the http port for listening (optional) +# Note: http port and https port can be same with bind_port +vhostHTTPPort = 80 +vhostHTTPSPort = 443 + +# Response header timeout(seconds) for vhost http server, default is 60s +# vhostHTTPTimeout = 60 + +# tcpmuxHTTPConnectPort specifies the port that the server listens for TCP +# HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP +# requests on one single port. If it's not - it will listen on this value for +# HTTP CONNECT requests. By default, this value is 0. +# tcpmuxHTTPConnectPort = 1337 + +# If tcpmux_passthrough is true, frps won't do any update on traffic. +# tcpmuxPassthrough = false + +# Configure the web server to enable the dashboard for frps. +# dashboard is available only if webServer.port is set. +webServer.addr = "127.0.0.1" +webServer.port = 7500 +webServer.user = "admin" +webServer.password = "admin" +# webServer.tls.certFile = "server.crt" +# webServer.tls.keyFile = "server.key" +# dashboard assets directory(only for debug mode) +# webServer.assetsDir = "./static" + +# Enable golang pprof handlers in dashboard listener. +# Dashboard port must be set first +webServer.pprofEnable = false + +# enablePrometheus will export prometheus metrics on webServer in /metrics api. +enablePrometheus = true + +# console or real logFile path like ./frps.log +log.to = "./frps.log" +# trace, debug, info, warn, error +log.level = "info" +log.maxDays = 3 +# disable log colors when log.to is console, default is false +log.disablePrintColor = false + +# DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true. +detailedErrorsToClient = true + +# auth.method specifies what authentication method to use authenticate frpc with frps. +# If "token" is specified - token will be read into login message. +# If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token". +auth.method = "token" + +# auth.additionalScopes specifies additional scopes to include authentication information. +# Optional values are HeartBeats, NewWorkConns. +# auth.additionalScopes = ["HeartBeats", "NewWorkConns"] + +# auth token +auth.token = "12345678" + +# oidc issuer specifies the issuer to verify OIDC tokens with. +auth.oidc.issuer = "" +# oidc audience specifies the audience OIDC tokens should contain when validated. +auth.oidc.audience = "" +# oidc skipExpiryCheck specifies whether to skip checking if the OIDC token is expired. +auth.oidc.skipExpiryCheck = false +# oidc skipIssuerCheck specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer. +auth.oidc.skipIssuerCheck = false + +# userConnTimeout specifies the maximum time to wait for a work connection. +# userConnTimeout = 10 + +# Only allow frpc to bind ports you list. By default, there won't be any limit. +allowPorts = [ + { start = 2000, end = 3000 }, + { single = 3001 }, + { single = 3003 }, + { start = 4000, end = 50000 } +] + +# Max ports can be used for each client, default value is 0 means no limit +maxPortsPerClient = 0 + +# If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file +# When subdomain is est, the host used by routing is test.frps.com +subDomainHost = "frps.com" + +# custom 404 page for HTTP requests +# custom404Page = "/path/to/404.html" + +# specify udp packet size, unit is byte. If not set, the default value is 1500. +# This parameter should be same between client and server. +# It affects the udp and sudp proxy. +udpPacketSize = 1500 + +# Retention time for NAT hole punching strategy data. +natholeAnalysisDataReserveHours = 168 + +[[httpPlugins]] +name = "user-manager" +addr = "127.0.0.1:9000" +path = "/handler" +ops = ["Login"] + +[[httpPlugins]] +name = "port-manager" +addr = "127.0.0.1:9001" +path = "/handler" +ops = ["NewProxy"] diff --git a/apps/frps/0.52.1/docker-compose.yml b/apps/frps/0.52.1/docker-compose.yml index 9c89ff69..b8bdbf78 100644 --- a/apps/frps/0.52.1/docker-compose.yml +++ b/apps/frps/0.52.1/docker-compose.yml @@ -5,7 +5,7 @@ services: restart: always network_mode: "host" volumes: - - "./data/frps.ini:/etc/frp/frps.ini" + - "./data/frps.toml:/etc/frp/frps.toml" image: "snowdreamtech/frps:0.52.1" labels: createdBy: "Apps"