配置文件说明
配置文件格式
主配置文件采用
yaml格式,命名为xxx.yml。默认XrayR会使用软件运行目录下的
config.yml作为配置文件。
配置文件基本格式,Nodes下可以同时添加多个面板,多个节点配置信息,只需添加相同格式的Nodes item即可。
Log:
Level: none # Log level: none, error, warning, info, debug
AccessPath: # /etc/XrayR/access.Log
ErrorPath: # /etc/XrayR/error.log
DnsConfigPath: # /etc/XrayR/dns.json # Path to dns config, check https://xtls.github.io/config/dns.html for help
RouteConfigPath: # /etc/XrayR/route.json # Path to route config, check https://xtls.github.io/config/routing.html for help
InboundConfigPath: # /etc/XrayR/custom_inbound.json # Path to custom inbound config, check https://xtls.github.io/config/inbound.html for help
OutboundConfigPath: # /etc/XrayR/custom_outbound.json # Path to custom outbound config, check https://xtls.github.io/config/outbound.html for help
ConnetionConfig:
Handshake: 4 # Handshake time limit, Second
ConnIdle: 10 # Connection idle time limit, Second
UplinkOnly: 2 # Time limit when the connection downstream is closed, Second
DownlinkOnly: 4 # Time limit when the connection is closed after the uplink is closed, Second
BufferSize: 64 # The internal cache size of each connection, kB
Nodes:
-
ApiConfig:
ApiHost: "http://127.0.0.1:667"
ApiKey: "123"
NodeID: 41
NodeType: V2ray # Node type: V2ray, Trojan, Shadowsocks, Shadowsocks-Plugin
Timeout: 30 # Timeout for the api request
EnableVless: false # Enable Vless for V2ray Type
EnableXTLS: false # Enable XTLS for V2ray and Trojan
SpeedLimit: 0 # Mbps, Local settings will replace remote settings, 0 means disable
DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
ControllerConfig:
ListenIP: 0.0.0.0 # IP address you want to listen
SendIP: 0.0.0.0 # IP address you want to send pacakage
UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
EnableDNS: false # Use custom DNS config, Please ensure that you set the dns.json well
DNSType: AsIs # AsIs, UseIP, UseIPv4, UseIPv6, DNS strategy
DisableUploadTraffic: false # Disable Upload Traffic to the panel
DisableGetRule: false # Disable Get Rule from the panel
DisableIVCheck: false # Disable the anti-reply protection for Shadowsocks
DisableSniffing: false # Disable domain sniffing
EnableProxyProtocol: false # Only works for WebSocket and TCP
EnableFallback: false # Only support for Trojan and Vless
FallBackConfigs: # Support multiple fallbacks
-
SNI: # TLS SNI(Server Name Indication), Empty for any
Path: # HTTP PATH, Empty for any
Dest: 80 # Required, Destination of fallback, check https://xtls.github.io/config/fallback/ for details.
ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for dsable
IpRecorderConfig:
Url: "http://127.0.0.1:123" # Report url
Token: "123" # Report token
Periodic: 60 # Report interval, sec.
Timeout: 10 # Report timeout, sec.
EnableIpSync: false # Enable online ip sync
CertConfig:
CertMode: dns # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config.
CertDomain: "node1.test.com" # Domain to cert
CertFile: /etc/XrayR/cert/node1.test.com.cert # Provided if the CertMode is file
KeyFile: /etc/XrayR/cert/node1.test.com.key
Provider: alidns # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
Email: test@me.com
DNSEnv: # DNS ENV option used by DNS provider
ALICLOUD_ACCESS_KEY: aaa
ALICLOUD_SECRET_KEY: bbb
-
ApiConfig:
ApiHost: "http://V2board.com"
ApiKey: "123"
NodeID: 42
NodeType: Trojan # Node type: V2ray, Shadowsocks, Trojan
Timeout: 30 # Timeout for the api request
EnableVless: false # Enable Vless for V2ray Type, Prefer remote configuration
EnableXTLS: false # Enable XTLS for V2ray and Trojan, Prefer remote configuration
ControllerConfig:
ListenIP: 0.0.0.0 # IP address you want to listen
UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
EnableDNS: false # Enable custom DNS config, Please ensure that you set the dns.json well
CertConfig:
CertMode: dns # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config.
CertDomain: "node2.test.com" # Domain to cert
CertFile: /etc/XrayR/cert/node2.test.com.cert # Provided if the CertMode is file
KeyFile: /etc/XrayR/cert/node2.test.com.key
Provider: alidns # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
Email: test@me.com
DNSEnv: # DNS ENV option used by DNS provider
ALICLOUD_ACCESS_KEY: aaa
ALICLOUD_SECRET_KEY: bbb配置文件设置说明
基础配置
基础配置是对所有节点生效的配置。
Log:
Level: debug # Log level: none, error, warning, info, debug
AccessPath: # /etc/XrayR/access.Log
ErrorPath: # /etc/XrayR/error.log
DnsConfigPath: # /etc/XrayR/dns.json # Path to dns config, check https://xtls.github.io/config/dns.html for help
RouteConfigPath: # /etc/XrayR/route.json # Path to route config, check https://xtls.github.io/config/routing.html for help
InboundConfigPath: # /etc/XrayR/custom_inbound.json # Path to custom inbound config, check https://xtls.github.io/config/inbound.html for help
OutboundConfigPath: # /etc/XrayR/custom_outbound.json # Path to custom outbound config, check https://xtls.github.io/config/outbound.html for help
ConnetionConfig:
Handshake: 4 # Handshake time limit, Second
ConnIdle: 10 # Connection idle time limit, Second
UplinkOnly: 2 # Time limit when the connection downstream is closed, Second
DownlinkOnly: 4 # Time limit when the connection is closed after the uplink is closed, Second
BufferSize: 64 # The internal cache size of each connection, kB日志配置
日志配置用于控制XrayR-core的日志级别,access.log和error.log需要设置日志级别大于warning才会被记录。
Log:
Level: debug # Log level: none, error, warning, info, debug
AccessPath: # /etc/XrayR/access.Log
ErrorPath: # /etc/XrayR/error.log参数
选项
说明
Level
none,error,warning,info,debug
日志显示级别,none为不显示
AccessPath
无
Access日志的保存路径
ErrorPath
无
Error日志的保存路径
自定义DNS配置
指定自定义DNS配置文件的路径
DnsConfigPath: # /etc/XrayR/dns.json Path to dns config参数
选项
说明
DnsConfigPath
无
自定义DNS配置文件的路径
#### 自定义路由配置
指定路由配置文件文件路径
RouteConfigPath: # /etc/XrayR/route.json # Path to route config, check https://xtls.github.io/config/base/route/ for help参数
选项
说明
RouteConfigPath
无
自定义路由配置文件的路径
自定义入口设置
InboundConfigPath: # /etc/XrayR/custom_inbound.json # Path to custom inbound config, check https://xtls.github.io/config/inbound.html for help参数
选项
说明
InboundConfigPath
无
自定义入口配置文件的路径
#### 自定义出口配置
指定出口配置文件文件路径
OutboundConfigPath: # /etc/XrayR/custom_outbound.json # Path to custom outbound config, check https://xtls.github.io/config/base/outbound/ for help参数
选项
说明
OutboundConfigPath
无
自定义出口配置文件的路径
连接控制
自定义连接释放的相关配置,可以一定程度优化内存占用
ConnetionConfig:
Handshake: 4 # Handshake time limit, Second
ConnIdle: 10 # Connection idle time limit, Second
UplinkOnly: 2 # Time limit when the connection downstream is closed, Second
DownlinkOnly: 4 # Time limit when the connection is closed after the uplink is closed, Second
BufferSize: 64 # The internal cache size of each connection, kB参数
选项
说明
Handshake
无
连接建立时的握手时间限制。单位为秒。默认值为 4。在入站代理处理一个新连接时,在握手阶段如果使用的时间超过这个时间,则中断该连接。
ConnIdle
无
连接空闲的时间限制。单位为秒。默认值为 10。如果在 ConnIdle 时间内,没有任何数据被传输(包括上行和下行数据),则中断该连接。减少该值有可能可以优化内存占用,但是会导致用户连接延时变高。
UplinkOnly
无
当连接下行线路关闭后的时间限制。单位为秒。默认值为 2。当服务器(如远端网站)关闭下行连接时,出站代理会在等待UplinkOnly时间后中断连接。
DownlinkOnly
无
当连接上行线路关闭后的时间限制。单位为秒。默认值为 4。当服务器(如远端网站)关闭上行连接时,出站代理会在等待DownlinkOnly时间后中断连接。
BufferSize
无
每个连接的内部缓存大小。单位为 kB。当值为 0 时,内部缓存被禁用。减少该值有可能可以优化内存占用,但有可能导致CPU占用上升
提示: 1. 减少ConnIdle有可能可以优化高连接数量时的内存占用,但是会导致用户连接延时变高。 2. 在 HTTP 浏览的场景中,可以将 UplinkOnly 和 DownlinkOnly 设为 0,以提高连接关闭的效率,减少内存占用。 3. 减少BufferSize可以优化内存占用,但是可能会导致CPU占用上升。
节点配置
每个节点是一个独立的配置,互相不会影响,XrayR支持单实例多节点启动,同时对接多个节点。
Nodes:
-
PanelType: "SSpanel" # Panel type: SSpanel, V2board, PMpanel
ApiConfig:
ApiHost: "http://127.0.0.1:667"
ApiKey: "123"
NodeID: 41
NodeType: V2ray # Node type: V2ray, Trojan, Shadowsocks, Shadowsocks-Plugin
Timeout: 30 # Timeout for the api request, Default is 5 sec
EnableVless: false # Enable Vless for V2ray Type
EnableXTLS: false # Enable XTLS for V2ray and Trojan
SpeedLimit: 0 # Mbps, Local settings will replace remote settings, 0 means disable
DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
ControllerConfig:
ListenIP: 0.0.0.0 # IP address you want to listen
SendIP: 0.0.0.0 # IP address you want to send pacakage
UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
EnableDNS: false # Use custom DNS config, Please ensure that you set the dns.json well
DNSType: AsIs # AsIs, UseIP, UseIPv4, UseIPv6, DNS strategy
DisableUploadTraffic: false # Disable Upload Traffic to the panel
DisableGetRule: false # Disable Get Rule from the panel
EnableProxyProtocol: false # Only works for WebSocket and TCP
EnableFallback: false # Only support for Trojan and Vless
FallBackConfigs: # Support multiple fallbacks
-
SNI: # TLS SNI(Server Name Indication), Empty for any
Path: # HTTP PATH, Empty for any
Dest: 80 # Required, Destination of fallback, check https://xtls.github.io/config/fallback/ for details.
ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for dsable
IpRecorderConfig:
Url: "http://127.0.0.1:123" # Report url
Token: "123" # Report token
Periodic: 60 # Report interval, sec.
Timeout: 10 # Report timeout, sec.
EnableIpSync: false # Enable online ip sync
CertConfig:
CertMode: dns # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config.
CertDomain: "node1.test.com" # Domain to cert
CertFile: /etc/XrayR/cert/node1.test.com.cert # Provided if the CertMode is file
KeyFile: /etc/XrayR/cert/node1.test.com.key
Provider: alidns # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
Email: test@me.com
DNSEnv: # DNS ENV option used by DNS provider
ALICLOUD_ACCESS_KEY: aaa
ALICLOUD_SECRET_KEY: bbb
-
PanelType: "V2board" # Panel type: SSpanel, V2board, PMpanel
ApiConfig:
ApiHost: "http://V2board.com"
ApiKey: "123"
NodeID: 42
NodeType: Trojan # Node type: V2ray, Shadowsocks, Trojan
Timeout: 30 # Timeout for the api request
EnableVless: false # Enable Vless for V2ray Type
EnableXTLS: false # Enable XTLS for V2ray and Trojan
SpeedLimit: 0 # Local settings will replace remote settings, 0 means disable
DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
ControllerConfig:
ListenIP: 0.0.0.0 # IP address you want to listen
UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
EnableDNS: false # Enable custom DNS config, Please ensure that you set the dns.json well
CertConfig:
CertMode: dns # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config.
CertDomain: "node2.test.com" # Domain to cert
CertFile: /etc/XrayR/cert/node2.test.com.cert # Provided if the CertMode is file
KeyFile: /etc/XrayR/cert/node2.test.com.key
Provider: alidns # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
Email: test@me.com
DNSEnv: # DNS ENV option used by DNS provider
ALICLOUD_ACCESS_KEY: aaa
ALICLOUD_SECRET_KEY: bbb面板对接配置
ApiConfig:
ApiHost: "http://127.0.0.1:667"
ApiKey: "123"
NodeID: 41
NodeType: V2ray # Node type: V2ray, Trojan, Shadowsocks, Shadowsocks-Plugin
Timeout: 30 # Timeout for the api request, Default is 5 sec
EnableVless: false # Enable Vless for V2ray Type
EnableXTLS: false # Enable XTLS for V2ray and Trojan
SpeedLimit: 0 # Local settings will replace remote settings, 0 means disable
DeviceLimit: 0 # Local settings will replace remote settings, 0 means disable
RuleListPath: # /etc/XrayR/rulelist Path to local rulelist file
DisableCustomConfig: false # Disable custom config参数
选项
说明
ApiHost
无
对接前端面板地址
ApiKey
无
前端对接通讯秘钥
NodeID
无
节点ID
NodeType
V2ray,Shadowsocks,Trojan
节点类型
Timeout
无
设定单次访问API超时时间,默认5秒
EnableVless
true,false
是否给V2ray启用Vless协议
EnableXTLS
true,false
是否使用XTLS
SpeedLimit
float
单位Mbps, 本地限速设置,会覆盖远程设置,0为不启用
DeviceLimit
int
本地设备限制,会覆盖远程设置,0为不启用
RuleListPath
无
本地规则设置,指定本地规则文件路径,规则文件格式
DisableCustomConfig
true,false
是否启用custom_config,默认false
后端相关配置
ControllerConfig:
ListenIP: 0.0.0.0 # IP address you want to listen
SendIP: 0.0.0.0 # IP address you want to send pacakage
UpdatePeriodic: 60 # Time to update the nodeinfo, how many sec.
EnableDNS: false # Use custom DNS config, Please ensure that you set the dns.json well
DNSType: AsIs # AsIs, UseIP, UseIPv4, UseIPv6, DNS strategy
DisableUploadTraffic: false # Disable Upload Traffic to the panel
DisableGetRule: false # Disable Get Rule from the panel
DisableIVCheck: false # Disable the anti-reply protection for Shadowsocks
DisableSniffing: false # Disable domain sniffing
EnableProxyProtocol: false # Only works for WebSocket and TCP
EnableFallback: false # Only support for Trojan and Vless
FallBackConfigs: # Support multiple fallbacks
-
SNI: # TLS SNI(Server Name Indication), Empty for any
Path: # HTTP PATH, Empty for any
Dest: 80 # Required, Destination of fallback, check https://xtls.github.io/config/fallback/ for details.
ProxyProtocolVer: 0 # Send PROXY protocol version, 0 for dsable参数
选项
说明
ListenIP
无
选择监听的IP地址,0.0.0.0会同时监听v6和v4
SendIP
无
用于发送数据的 IP 地址
UpdatePeriodic
无
从前端更新节点、用户信息和上报用户使用信息的间隔,默认60秒
EnableDNS
true,false
是否为当前节点启用自定义DNS,默认使用系统DNS
DNSType
AsIs,UseIP,UseIPv4,UseIPv6
DNS解析类型,AsIs:使用系统DNS,UseIP,UseIPv4,UseIPv6为使用自定义DNS,请确保EnableDNS为true,且正确配置了DnsConfigPath
DisableUploadTraffic
false, true
是否禁止上传节点流量,默认false
DisableGetRule
false, true
是否禁止获取远程规则,默认false
DisableIVCheck
false, true
是否关闭Shadowsocks用于防止重放攻击的布隆过滤器,默认false
DisableSniffing
false, true
是否关闭domain sniffing,默认false
EnableProxyProtocol
true,false
是否为当前节点启用ProxyProtocol获取中转IP,只对TCP和WS有效
EnableFallback
true,false
是否为当前节点启用Fallback,只对Vless和Trojan协议有效
外部记录器配置
IpRecorderConfig:
Url: "http://127.0.0.1:123" # Report url
Token: "123" # Report token
Periodic: 60 # Report interval, sec.
Timeout: 10 # Report timeout, sec.
EnableIpSync: false # Enable online ip sync参数
选项
说明
Url
无
外部记录器地址
Token
无
外部记录器令牌
Periodic
无
与外部记录器同步数据的间隔
Timeout
无
超时时间
EnableIpSync
无
启用同步在线设备(跨节点设备限制)
证书申请相关配置
XrayR 支持多种自动申请证书配置。申请到的证书将会放在配置文件(config.yml)文件夹下。
CertConfig:
CertMode: dns # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config.
CertDomain: "node2.test.com" # Domain to cert
CertFile: /etc/XrayR/cert/node2.test.com.cert # Provided if the CertMode is file
KeyFile: /etc/XrayR/cert/node2.test.com.key
Provider: alidns # DNS cert provider, Get the full support list here: https://go-acme.github.io/lego/dns/
Email: test@me.com
DNSEnv: # DNS ENV option used by DNS provider
ALICLOUD_ACCESS_KEY: aaa
ALICLOUD_SECRET_KEY: bbb参数
选项
说明
CertMode
none,file,http,dns
获取证书的方式。file:手动提供,并制定路径。http:通过http申请,需要80端口。dns:使用dns模式申请,需要制定相关dns服务商配置。none:强制关闭tls设置,交由nginx或者caddy处理。
CertDomain
无
申请证书域名
CertFile
无
手动指定的证书路径
KeyFile
无
手动指定的私钥路径
DNSEnv
无
采用DNS申请证书需要的环境变量,请参考上文链接内,自己的dns提供商所需要的参数,填写于此。请注意一行一个,填写时需符合yaml文件格式。
Last updated