diff --git a/.github/workflows/mkdocs.yml b/.github/workflows/mkdocs.yml index 6af76fe8..6b4d3ebf 100644 --- a/.github/workflows/mkdocs.yml +++ b/.github/workflows/mkdocs.yml @@ -4,7 +4,7 @@ on: branches: - dev paths: - - docs + - docs/** - .github/workflows/mkdocs.yml jobs: deploy: diff --git a/docs/configuration/inbound/direct.md b/docs/configuration/inbound/direct.md new file mode 100644 index 00000000..276a17ac --- /dev/null +++ b/docs/configuration/inbound/direct.md @@ -0,0 +1,82 @@ +`direct` inbound is a tunnel server. + +### Structure + +```json +{ + "inbounds": [ + { + "type": "direct", + "tag": "direct-in", + + "listen": "::", + "listen_port": 5353, + "tcp_fast_open": false, + "sniff": false, + "sniff_override_destination": false, + "domain_strategy": "prefer_ipv6", + "udp_timeout": 300, + + "network": "udp", + "override_address": "1.0.0.1", + "override_port": 53 + } + ] +} +``` + +### Listen Fields + +#### listen + +Listen address. + +#### listen_port + +Listen port. + +#### tcp_fast_open + +Enable tcp fast open for listener. + +#### sniff + +Enable sniffing. + +Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP. + +This does not break zero copy, like splice. + +#### sniff_override_destination + +Override the connection destination address with the sniffed domain. + +If the domain name is invalid (like tor), this will not work. + +#### domain_strategy + +One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. + +If set, the requested domain name will be resolved to IP before routing. + +If `sniff_override_destination` is in effect, its value will be taken as a fallback. + +#### udp_timeout + +UDP NAT expiration time in seconds, default is 300 (5 minutes). + +### Direct Fields + +#### network + +Listen network, one of `tcp` `udp`. + +Both if empty. + +#### override_address + +Override the connection destination address. + +#### override_port + +Override the connection destination port. \ No newline at end of file diff --git a/docs/configuration/inbound/http.md b/docs/configuration/inbound/http.md new file mode 100644 index 00000000..5ddd1a58 --- /dev/null +++ b/docs/configuration/inbound/http.md @@ -0,0 +1,72 @@ +`socks` inbound is a http server. + +### Structure + +```json +{ + "inbounds": [ + { + "type": "http", + "tag": "http-in", + + "listen": "::", + "listen_port": 2080, + "tcp_fast_open": false, + "sniff": false, + "sniff_override_destination": false, + "domain_strategy": "prefer_ipv6", + + "users": [ + { + "username": "admin", + "password": "admin" + } + ] + } + ] +} +``` + +### Listen Fields + +#### listen + +Listen address. + +#### listen_port + +Listen port. + +#### tcp_fast_open + +Enable tcp fast open for listener. + +#### sniff + +Enable sniffing. + +Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP. + +This does not break zero copy, like splice. + +#### sniff_override_destination + +Override the connection destination address with the sniffed domain. + +If the domain name is invalid (like tor), this will not work. + +#### domain_strategy + +One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. + +If set, the requested domain name will be resolved to IP before routing. + +If `sniff_override_destination` is in effect, its value will be taken as a fallback. + +### HTTP Fields + +#### users + +HTTP users. + +No authentication required if empty. \ No newline at end of file diff --git a/docs/configuration/inbound/index.md b/docs/configuration/inbound/index.md index 4d1f2ab1..1427f7c1 100644 --- a/docs/configuration/inbound/index.md +++ b/docs/configuration/inbound/index.md @@ -5,9 +5,22 @@ "inbounds": [ { "type": "", - "tag": "", - ... + "tag": "" } ] } -``` \ No newline at end of file +``` + +### Fields + +| Type | Format | +|---------------|------------------------------| +| `mixed` | [Mixed](./mixed) | +| `socks` | [Socks](./socks) | +| `http` | [HTTP](./http) | +| `direct` | [Direct](./direct) | +| `shadowsocks` | [Shadowsocks](./shadowsocks) | + +#### tag + +The tag of the inbound. \ No newline at end of file diff --git a/docs/configuration/inbound/mixed.md b/docs/configuration/inbound/mixed.md new file mode 100644 index 00000000..d2f23411 --- /dev/null +++ b/docs/configuration/inbound/mixed.md @@ -0,0 +1,72 @@ +`mixed` inbound is a socks4, socks4a, socks5 and http server. + +### Structure + +```json +{ + "inbounds": [ + { + "type": "mixed", + "tag": "mixed-in", + + "listen": "::", + "listen_port": 2080, + "tcp_fast_open": false, + "sniff": false, + "sniff_override_destination": false, + "domain_strategy": "prefer_ipv6", + + "users": [ + { + "username": "admin", + "password": "admin" + } + ] + } + ] +} +``` + +### Listen Fields + +#### listen + +Listen address. + +#### listen_port + +Listen port. + +#### tcp_fast_open + +Enable tcp fast open for listener. + +#### sniff + +Enable sniffing. + +Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP. + +This does not break zero copy, like splice. + +#### sniff_override_destination + +Override the connection destination address with the sniffed domain. + +If the domain name is invalid (like tor), this will not work. + +#### domain_strategy + +One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. + +If set, the requested domain name will be resolved to IP before routing. + +If `sniff_override_destination` is in effect, its value will be taken as a fallback. + +### Mixed Fields + +#### users + +Socks and HTTP users. + +No authentication required if empty. \ No newline at end of file diff --git a/docs/configuration/inbound/shadowsocks.md b/docs/configuration/inbound/shadowsocks.md new file mode 100644 index 00000000..1e75ebc6 --- /dev/null +++ b/docs/configuration/inbound/shadowsocks.md @@ -0,0 +1,136 @@ +`shadowsocks` inbound is a shadowsocks server. + +### Structure + +```json +{ + "inbounds": [ + { + "type": "shadowsocks", + "tag": "ss-in", + + "listen": "::", + "listen_port": 5353, + "tcp_fast_open": false, + "sniff": false, + "sniff_override_destination": false, + "domain_strategy": "prefer_ipv6", + "udp_timeout": 300, + "network": "udp", + + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==" + } + ] +} +``` + +### Listen Fields + +#### listen + +Listen address. + +#### listen_port + +Listen port. + +#### tcp_fast_open + +Enable tcp fast open for listener. + +#### sniff + +Enable sniffing. + +Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP. + +This does not break zero copy, like splice. + +#### sniff_override_destination + +Override the connection destination address with the sniffed domain. + +If the domain name is invalid (like tor), this will not work. + +#### domain_strategy + +One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. + +If set, the requested domain name will be resolved to IP before routing. + +If `sniff_override_destination` is in effect, its value will be taken as a fallback. + +#### udp_timeout + +UDP NAT expiration time in seconds, default is 300 (5 minutes). + +### Shadowsocks Fields + +#### network + +Listen network, one of `tcp` `udp`. + +Both if empty. + +#### method + +| Method | Key Length | +|-------------------------------|------------| +| 2022-blake3-aes-128-gcm | 16 | +| 2022-blake3-aes-256-gcm | 32 | +| 2022-blake3-chacha20-poly1305 | 32 | +| none | / | +| aes-128-gcm | / | +| aes-192-gcm | / | +| aes-256-gcm | / | +| chacha20-ietf-poly1305 | / | +| xchacha20-ietf-poly1305 | / | + +#### password + +| Method | Password Format | +|---------------|-------------------------------------| +| none | / | +| 2022 methods | `openssl rand -base64 ` | +| other methods | any string | + +### Multi-User Structure + +```json +{ + "inbounds": [ + { + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==", + "users": [ + { + "name": "sekai", + "password": "PCD2Z4o12bKUoFa3cC97Hw==" + } + ] + } + ] +} +``` + +### Relay Structure + +```json +{ + "inbounds": [ + { + "method": "2022-blake3-aes-128-gcm", + "password": "8JCsPssfgS8tiRwiMlhARg==", + "destinations": [ + { + "name": "test", + "server": "example.com", + "server_port": 8080, + "password": "PCD2Z4o12bKUoFa3cC97Hw==" + } + ] + } + ] +} +``` \ No newline at end of file diff --git a/docs/configuration/inbound/socks.md b/docs/configuration/inbound/socks.md new file mode 100644 index 00000000..77c28205 --- /dev/null +++ b/docs/configuration/inbound/socks.md @@ -0,0 +1,72 @@ +`socks` inbound is a socks4, socks4a, socks5 server. + +### Structure + +```json +{ + "inbounds": [ + { + "type": "socks", + "tag": "socks-in", + + "listen": "::", + "listen_port": 2080, + "tcp_fast_open": false, + "sniff": false, + "sniff_override_destination": false, + "domain_strategy": "prefer_ipv6", + + "users": [ + { + "username": "admin", + "password": "admin" + } + ] + } + ] +} +``` + +### Listen Fields + +#### listen + +Listen address. + +#### listen_port + +Listen port. + +#### tcp_fast_open + +Enable tcp fast open for listener. + +#### sniff + +Enable sniffing. + +Reads domain names for routing, supports HTTP TLS for TCP, QUIC for UDP. + +This does not break zero copy, like splice. + +#### sniff_override_destination + +Override the connection destination address with the sniffed domain. + +If the domain name is invalid (like tor), this will not work. + +#### domain_strategy + +One of `prefer_ipv4` `prefer_ipv6` `ipv4_only` `ipv6_only`. + +If set, the requested domain name will be resolved to IP before routing. + +If `sniff_override_destination` is in effect, its value will be taken as a fallback. + +### Socks Fields + +#### users + +Socks users. + +No authentication required if empty. \ No newline at end of file diff --git a/docs/index.md b/docs/index.md index 9ff00dc9..655c2dd7 100644 --- a/docs/index.md +++ b/docs/index.md @@ -2,4 +2,37 @@ Welcome to the wiki page for the sing-box project. -The universal proxy platform. \ No newline at end of file +The universal proxy platform. + +## Installation + +sing-box requires Golang 1.18 or a higher version. + +```bash +$ go install github.com/sagernet/sing-box@latest +``` + +The binary is built under $GOPATH/bin + +```bash +$ sing-box version +``` + +## License + +``` +Copyright (C) 2022 by nekohasekai + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see . +``` diff --git a/docs/installation.md b/docs/installation.md deleted file mode 100644 index a1c9288b..00000000 --- a/docs/installation.md +++ /dev/null @@ -1,13 +0,0 @@ -# Installation - -sing-box requires Golang 1.18 or a higher version. - -```bash -$ go install github.com/sagernet/sing-box@latest -``` - -The binary is built under $GOPATH/bin - -```bash -$ sing-box version -``` diff --git a/docs/license.md b/docs/license.md deleted file mode 100644 index 9e5712bc..00000000 --- a/docs/license.md +++ /dev/null @@ -1,18 +0,0 @@ -# License - -``` -Copyright (C) 2022 by nekohasekai - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program. If not, see . -``` \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index 05048a78..3ada803a 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -28,10 +28,7 @@ theme: - navigation.sections - header.autohide nav: - - Getting Started: - - index.md - - Installation: installation.md - - License: license.md + - Getting Started: index.md - Configuration: - configuration/index.md - Log: configuration/log.md @@ -41,6 +38,11 @@ nav: - DNS Rule: configuration/dns/rule.md - Inbound: - configuration/inbound/index.md + - Mixed: configuration/inbound/mixed.md + - Socks: configuration/inbound/socks.md + - HTTP: configuration/inbound/http.md + - Direct: configuration/inbound/direct.md + - Shadowsocks: configuration/inbound/shadowsocks.md markdown_extensions: - pymdownx.highlight: anchor_linenums: true