mirror of https://github.com/ospab/ostp.git
Fix --init client template to match migration spec, and revert dns in server template
This commit is contained in:
ospab
parent
1385cb9423
commit
7a9cf371fb
|
|
@ -1422,35 +1422,7 @@ async fn run_app() -> Result<()> {
|
||||||
],
|
],
|
||||||
|
|
||||||
// Optional proxy for outbound traffic.
|
// Optional proxy for outbound traffic.
|
||||||
"outbound": {{
|
" // Fallback TCP proxy: unrecognized connections are proxied to a web server (anti-DPI).
|
||||||
"enabled": false,
|
|
||||||
"protocol": "socks5",
|
|
||||||
"address": "127.0.0.1",
|
|
||||||
"port": 9050,
|
|
||||||
// default_action: 'proxy' (all through proxy) or 'direct' (bypass proxy by default).
|
|
||||||
"default_action": "proxy",
|
|
||||||
"rules": [
|
|
||||||
{{
|
|
||||||
"domain_suffix": [".onion"],
|
|
||||||
"action": "proxy"
|
|
||||||
}}
|
|
||||||
]
|
|
||||||
}},
|
|
||||||
|
|
||||||
// Web control panel & Management API
|
|
||||||
"api": {{
|
|
||||||
"enabled": false,
|
|
||||||
"bind": "0.0.0.0:9090",
|
|
||||||
// Static API token for Relay servers (optional)
|
|
||||||
"token": "",
|
|
||||||
// Secret URL path to hide panel from scanners (e.g. "mySecret123")
|
|
||||||
"webpath": "",
|
|
||||||
// Login credentials for web panel (password stored as SHA256 hash)
|
|
||||||
"username": "",
|
|
||||||
"password_hash": ""
|
|
||||||
}},
|
|
||||||
|
|
||||||
// Fallback TCP proxy: unrecognized connections are proxied to a web server (anti-DPI).
|
|
||||||
"fallback": {{
|
"fallback": {{
|
||||||
"enabled": false,
|
"enabled": false,
|
||||||
"listen": "0.0.0.0:443",
|
"listen": "0.0.0.0:443",
|
||||||
|
|
@ -1458,29 +1430,6 @@ async fn run_app() -> Result<()> {
|
||||||
"target": "127.0.0.1:8080"
|
"target": "127.0.0.1:8080"
|
||||||
}},
|
}},
|
||||||
|
|
||||||
// Transport settings
|
|
||||||
"transport": {{
|
|
||||||
"mode": "udp",
|
|
||||||
// Optional fake SNI for TLS masking (e.g. "www.microsoft.com")
|
|
||||||
"stealth_sni": null,
|
|
||||||
// Enable WebSockets masquerade (requires a reverse proxy)
|
|
||||||
"wss": false
|
|
||||||
}},
|
|
||||||
|
|
||||||
// Internal DNS server with AdBlock and DoH (DNS-over-HTTPS)
|
|
||||||
"dns": {{
|
|
||||||
"enabled": false,
|
|
||||||
// Intercept all UDP port 53 traffic going through the server to prevent DNS leaks
|
|
||||||
"intercept_all_port53": true,
|
|
||||||
"local_port": 50053,
|
|
||||||
"doh_upstream": "https://cloudflare-dns.com/dns-query",
|
|
||||||
"adblock_urls": [],
|
|
||||||
"custom_domains": {{}}
|
|
||||||
}},
|
|
||||||
|
|
||||||
// License Key (if using premium features)
|
|
||||||
// "license_key": "YOUR_LICENSE_KEY_HERE",
|
|
||||||
|
|
||||||
"debug": false
|
"debug": false
|
||||||
}}"#, key)
|
}}"#, key)
|
||||||
} else if mode_str == "relay" {
|
} else if mode_str == "relay" {
|
||||||
|
|
@ -1506,31 +1455,17 @@ async fn run_app() -> Result<()> {
|
||||||
// DO NOT EDIT THIS COMMENT - Migrator relies on it
|
// DO NOT EDIT THIS COMMENT - Migrator relies on it
|
||||||
"version": "0.3.1",
|
"version": "0.3.1",
|
||||||
"mode": "client",
|
"mode": "client",
|
||||||
|
|
||||||
// Management API (used by ostp-control web panel)
|
|
||||||
"api": {{
|
|
||||||
"enabled": true,
|
|
||||||
"bind": "127.0.0.1:50001",
|
|
||||||
// Bearer token for API auth - keep this secret
|
|
||||||
"token": "{key}"
|
|
||||||
}},
|
|
||||||
|
|
||||||
// Logging
|
|
||||||
"log": {{
|
"log": {{
|
||||||
"level": "info"
|
"level": "info"
|
||||||
}},
|
}},
|
||||||
|
|
||||||
// Inbound listeners - what the client exposes locally
|
|
||||||
"inbounds": [
|
"inbounds": [
|
||||||
{{
|
{{
|
||||||
// TUN virtual adapter for full VPN mode (requires ostp-tun-helper)
|
|
||||||
"type": "tun",
|
"type": "tun",
|
||||||
"tag": "tun-in",
|
"tag": "tun-in",
|
||||||
"auto_route": false,
|
"auto_route": true,
|
||||||
"mtu": 1140
|
"mtu": 1140
|
||||||
}},
|
}},
|
||||||
{{
|
{{
|
||||||
// SOCKS5/HTTP proxy listener (browser/system proxy)
|
|
||||||
"type": "local_proxy",
|
"type": "local_proxy",
|
||||||
"tag": "socks-in",
|
"tag": "socks-in",
|
||||||
"protocol": "socks",
|
"protocol": "socks",
|
||||||
|
|
@ -1538,48 +1473,31 @@ async fn run_app() -> Result<()> {
|
||||||
"port": 1088
|
"port": 1088
|
||||||
}}
|
}}
|
||||||
],
|
],
|
||||||
|
|
||||||
// Outbound connections
|
|
||||||
"outbounds": [
|
"outbounds": [
|
||||||
{{
|
{{
|
||||||
// Primary OSTP proxy - connect to your server here
|
|
||||||
"type": "ostp",
|
"type": "ostp",
|
||||||
"tag": "proxy",
|
"tag": "proxy",
|
||||||
"server": "YOUR_SERVER_IP",
|
"server": "YOUR_SERVER_IP",
|
||||||
"port": 50000,
|
"port": 50000,
|
||||||
"access_key": "{key}",
|
"access_key": "{key}",
|
||||||
"transport": {{
|
"transport": {{
|
||||||
// "udp" (default, WebRTC masquerade) or "uot" (TCP-over-UDP)
|
|
||||||
"type": "udp"
|
"type": "udp"
|
||||||
}},
|
|
||||||
"multiplex": {{
|
|
||||||
"enabled": false,
|
|
||||||
"sessions": 1
|
|
||||||
}}
|
}}
|
||||||
}},
|
}},
|
||||||
{{
|
{{
|
||||||
// Direct (bypass) outbound
|
|
||||||
"type": "direct",
|
"type": "direct",
|
||||||
"tag": "direct"
|
"tag": "direct"
|
||||||
}},
|
}},
|
||||||
{{
|
{{
|
||||||
// Block outbound
|
|
||||||
"type": "block",
|
"type": "block",
|
||||||
"tag": "block"
|
"tag": "block"
|
||||||
}}
|
}}
|
||||||
],
|
],
|
||||||
|
|
||||||
// Routing rules - matched top-to-bottom, default_outbound is the fallback
|
|
||||||
"routing": {{
|
"routing": {{
|
||||||
"rules": [
|
"rules": [
|
||||||
{{
|
{{
|
||||||
// Bypass local addresses
|
|
||||||
"domain_suffix": ["localhost"],
|
"domain_suffix": ["localhost"],
|
||||||
"outbound": "direct"
|
"outbound": "direct"
|
||||||
}},
|
|
||||||
{{
|
|
||||||
"ip_cidr": ["127.0.0.0/8", "192.168.0.0/16", "10.0.0.0/8"],
|
|
||||||
"outbound": "direct"
|
|
||||||
}}
|
}}
|
||||||
],
|
],
|
||||||
"default_outbound": "proxy"
|
"default_outbound": "proxy"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue