socks-proxy-balancer/config.example.yaml at main · sepgh/socks-proxy-balancer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
# SOCKS Proxy Load Balancer Configuration Example
# Copy this file to config.yaml and customize for your setup

# SOCKS server binding configuration
listen_host: "127.0.0.1"
listen_port: 1080

# Health check intervals (in seconds)
health_check_interval_seconds: 30          # Check all proxies every 30 seconds
current_proxy_check_interval_seconds: 10   # Check current proxy every 10 seconds

# Connection settings
connection_timeout_ms: 5000                # Connection timeout for tests
test_url: "http://www.google.com"          # URL to test proxy connectivity
test_rounds: 3                             # Number of test rounds for averaging latency

# Logging configuration
log_subprocess_output: false               # Log subprocess output (default: false, set true for debugging)

# Network monitoring (optional)
# Monitors network interface to avoid rotation when network is down
# Leave empty/null to monitor any available interface
# Examples: "eth0" (Linux), "en0" (macOS), "Ethernet" (Windows)
network_interface: null

# Only when "(latency of current config) - (latency of faster tested config) > threshold" we switch to the
# faster config. It's in MS format
switch_threshold_ms: 100

# Status HTTP API (disabled by default)
# When enabled, exposes a GET /status endpoint returning JSON with:
#   - selected_proxy: currently active proxy name
#   - selected_since: ISO-8601 timestamp of selection
#   - selected_duration_seconds: how long the current proxy has been active
#   - listen_host / listen_port: SOCKS server binding
#   - proxy_latencies: last measured latency for each proxy
# Example: curl http://127.0.0.1:9080/status
status_enabled: false
status_host: "127.0.0.1"
status_port: 9080

# Socket buffer sizes (bytes). Applies to both client and backend sockets.
# Larger buffers may improve throughput. Default: 131072 (128KB)
so_rcvbuf: 131072
so_sndbuf: 131072

# File logging (disabled by default, console logging is always active)
# When enabled, logs are written to the specified file with time-based rotation.
# Rotated files are compressed (.gz) and kept for 30 periods.
log_file_enabled: false
log_file_path: "/var/log/proxy-balancer/proxy-balancer.log"
log_file_rotation_hours: 24    # Rotation interval: 1=hourly, 24=daily

# Proxy configurations
proxies:
  # Example 1: Direct SOCKS Proxy
  # Use this for existing SOCKS proxies that are already running
  - type: "direct"
    name: "public-socks-proxy"
    enabled: true
    config:
      host: "proxy.example.com"
      port: 1080

  # Example 2: Process-Based Proxy (Generic)
  # Use this for any proxy tool that needs to be started as a subprocess
  - type: "process"
    name: "xray-vless"
    enabled: true
    config:
      command: "/usr/local/bin/xray"
      args:
        - "run"
        - "-c"
        - "/etc/xray/config.json"
      host: "127.0.0.1"
      port: 10808
      startup_delay_ms: 3000
      working_dir: "/etc/xray"  # Optional
      env:                       # Optional environment variables
        XRAY_LOCATION_ASSET: "/usr/local/share/xray"

  # Example 3: Process-Based Proxy with Port Placeholder
  # The {PORT} placeholder will be replaced with the actual port number
  - type: "process"
    name: "dnstt-client"
    enabled: true
    config:
      command: "/usr/local/bin/dnstt-client"
      args:
        - "-doh"
        - "https://dns.example.com/dns-query"
        - "-pubkey-file"
        - "/etc/dnstt/server.pub"
        - "tunnel.example.com"
        - "127.0.0.1:{PORT}"  # {PORT} will be replaced with 7000
      host: "127.0.0.1"
      port: 7000
      startup_delay_ms: 2000

  # Example 4: Sing-box Process
  - type: "process"
    name: "singbox-vmess"
    enabled: false  # Disabled by default
    config:
      command: "/usr/local/bin/sing-box"
      args:
        - "run"
        - "-c"
        - "/etc/sing-box/config.json"
      host: "127.0.0.1"
      port: 10809
      startup_delay_ms: 2000

  # Example 5: SlipStream Proxy
  # For SlipStream with manual DNS resolver configuration
  - type: "slipstream"
    name: "slipstream-manual"
    enabled: false
    config:
      binary_path: "/usr/local/bin/slipstream"
      resolver_ip: "8.8.8.8"              # Google DNS
      resolver_port: 53                    # Default DNS port
      domain: "tunnel.example.com"         # Your SlipStream domain
      cert_path: "/etc/slipstream/cert.pem"  # Certificate file (must exist)
      host: "127.0.0.1"
      port: 8000
      startup_delay_ms: 2000

  # Example 6: DNS-Tested SlipStream Proxy (Recommended)
  # Automatically tests multiple DNS resolvers and uses the fastest one
  - type: "dns-tested-slipstream"
    name: "slipstream-auto"
    enabled: true
    config:
      binary_path: "/usr/local/bin/slipstream"
      domain: "tunnel.example.com"
      cert_path: "/etc/slipstream/cert.pem"
      host: "127.0.0.1"
      port: 8001
      startup_delay_ms: 2000

      # List of DNS endpoints to test (inline format)
      dns_endpoints:
        - "8.8.8.8:53"          # Google DNS Primary
        - "8.8.4.4:53"          # Google DNS Secondary
        - "1.1.1.1:53"          # Cloudflare DNS Primary
        - "1.0.0.1:53"          # Cloudflare DNS Secondary
        - "9.9.9.9:53"          # Quad9 DNS
        - "208.67.222.222:53"   # OpenDNS Primary
        - "208.67.220.220:53"   # OpenDNS Secondary

      # DNS testing configuration
      dns_test_timeout_ms: 3000
      dns_test_domain: "www.google.com"

  # Example 7: DNS-Tested SlipStream with File-Based DNS List
  # Load DNS endpoints from a file instead of inline list
  - type: "dns-tested-slipstream"
    name: "slipstream-from-file"
    enabled: false
    config:
      binary_path: "/usr/local/bin/slipstream"
      domain: "tunnel.example.com"
      cert_path: "/etc/slipstream/cert.pem"
      host: "127.0.0.1"
      port: 8002
      startup_delay_ms: 2000

      # Load DNS endpoints from file (one per line)
      dns_endpoints_file: "/etc/slipstream/dns-servers.txt"

      dns_test_timeout_ms: 3000
      dns_test_domain: "www.google.com"

# Notes:
# - Only enabled proxies will be started and tested
# - The load balancer automatically selects the fastest working proxy
# - Proxies are continuously monitored and switched if they fail
# - Use test_rounds > 1 for more accurate latency measurements
# - DNS-tested SlipStream automatically finds the best DNS resolver
# - Port placeholder {PORT} works in both command and args
# - Certificate and binary paths are validated on startup