服务端配置

frp 服务端详细配置说明。

ServerConfig

Field	Type	Description	Required
auth	AuthServerConfig	鉴权配置。	No
bindAddr	string	服务端监听地址，用于接收 frpc 的连接，默认监听 0.0.0.0。	No
bindPort	int	服务端监听端口，默认值为 7000。	No
kcpBindPort	int	服务端监听 KCP 协议端口，用于接收配置了使用 KCP 协议的 frpc 连接。	No
quicBindPort	int	服务端监听 QUIC 协议端口，用于接收配置了使用 QUIC 协议的 frpc 连接。	No
proxyBindAddr	string	代理监听地址，可以使代理监听在不同的网卡地址，默认情况下同 bindAddr。	No
vhostHTTPPort	int	HTTP 类型代理监听的端口，启用后才能支持 HTTP 类型的代理。	No
vhostHTTPTimeout	int	HTTP 类型代理在服务端的 ResponseHeader 超时时间，默认为 60s。	No
vhostHTTPSPort	int	HTTPS 类型代理监听的端口，启用后才能支持 HTTPS 类型的代理。	No
tcpmuxHTTPConnectPort	int	tcpmux 类型且复用器为 httpconnect 的代理监听的端口。	No
tcpmuxPassthrough	bool	对于 tcpmux 类型的代理是否透传 CONNECT 请求。	No
subDomainHost	string	二级域名后缀。	No
custom404Page	string	自定义 404 错误页面地址。	No
webServer	WebServerConfig	服务端 Dashboard 配置。	No
enablePrometheus	bool	是否提供 Prometheus 监控接口，需要同时启用了 webServer 后才会生效。	No
log	LogConfig	日志配置。	No
transport	ServerTransportConfig	网络层配置。	No
detailedErrorsToClient	bool	服务端返回详细错误信息给客户端，默认为 true。	No
maxPortsPerClient	int	限制单个客户端最大同时存在的代理数，默认无限制。	No
userConnTimeout	int	用户建立连接后等待客户端响应的超时时间，单位秒，默认为 10 秒。	No
udpPacketSize	int	代理 UDP 服务时支持的最大包长度，默认为 1500，服务端和客户端的值需要一致。	No
natholeAnalysisDataReserveHours	int	打洞策略数据的保留时间，默认为 168 小时，即 7 天。	No
allowPorts	[]PortsRange	允许代理绑定的服务端端口。	No
httpPlugins	[]HTTPPluginOptions	服务端 HTTP 插件配置。	No

AuthServerConfig

Field	Type	Description	Required
method	string	鉴权方式，可选值为 token 或 oidc，默认为 token。	No
additionalScopes	[]string	鉴权信息附加范围，可选值为 HeartBeats 和 NewWorkConns	No
token	string	在 method 为 token 时生效，客户端需要设置一样的值才能鉴权通过。	No
oidc	AuthOIDCServerConfig	oidc 鉴权配置。	No

AuthOIDCServerConfig

Field	Type	Required
issuer	string	No
audience	string	No
skipExpiryCheck	bool	No
skipIssuerCheck	bool	No

ServerTransportConfig

Field	Type	Description	Required
tcpMuxKeepaliveInterval	int	tcp mux 的心跳检查间隔时间，单位秒。	No
tcpKeepalive	int	和客户端底层 TCP 连接的 keepalive 间隔时间，单位秒，配置为负数表示不启用。	No
maxPoolCount	int	允许客户端设置的最大连接池大小，如果客户端配置的值大于此值，会被强制修改为最大值，默认为 5。	No
heartbeatTimeout	int	服务端和客户端心跳连接的超时时间，单位秒，默认为 90 秒。	No
quic	QUICOptions	QUIC 协议配置参数。	No
tls	TLSServerConfig	服务端 TLS 协议配置。	No

TLSServerConfig

Field	Type	Description	Required
force	bool	是否只接受启用了 TLS 的客户端连接。	No
	TLSConfig	TLS 协议配置，内嵌结构。	No

HTTPPluginOptions

Field	Type	Description	Required
name	string	插件名称。	Yes
addr	string	插件接口的地址。	Yes
path	string	插件接口的 Path。	Yes
ops	[]string	插件需要生效的操作列表，具体可选值请参考服务端插件的说明文档。	Yes
tlsVerify	bool	当插件地址为 HTTPS 协议时，是否校验插件的 TLS 证书，默认为不校验。	No

最后修改 November 15, 2023: fix 404 (#71) (626ce4d)

Server side Configuration

frp Server side Detailed Configuration description.

ServerConfig

Field	Type	Description	Required
auth	AuthServerConfig	Authentication Configuration.	No
bindAddr	string	Server side listening address, which is used to receive frpc connections. Default listening 0.0.0.0。	No
bindPort	int	Server side listening port, default is 7000.	No
kcpBindPort	int	Server side 监听 KCP Protocol port, which is used to receive Configuration frpc with Use KCP protocol. Connect.	No
quicBindPort	int	Server side snooping QUIC. Protocol port, which is used to receive Configuration frpc with Use QUIC protocol. Connect.	No
proxyBindAddr	string	Agent snooping address, which enables Agent. Monitoring is at different network card addresses and is the same as bindAddr by default.	No
vhostHTTPPort	int	The port of HTTP type Agent listening, which is enabled before HTTP is supported. Agent of type.	No
vhostHTTPTimeout	int	The port of HTTP type Agent listening, which is enabled before HTTP is supported. Agent of type.	No
vhostHTTPSPort	int	The port of HTTPS type Agent listening, which is enabled before HTTPS is supported. Agent of type.	No
tcpmuxHTTPConnectPort	int	Tcpmux type and the multiplexer is a port that httpconnect's Agent listens on.	No
tcpmuxPassthrough	bool	Whether the Agent of type tcpmux transparently transmits the CONNECT request.	No
subDomainHost	string	Secondary domain name suffix.	No
custom404Page	string	Customize the 404 error page address.	No
webServer	WebServerConfig	Server side Dashboard Configuration。	No
enablePrometheus	bool	Whether or not to provide Prometheus Monitor and. The control API will not take effect until webServer is enabled at the same time.	No
log	LogConfig	Log Configuration.	No
transport	ServerTransportConfig	Network layer Configuration.	No
detailedErrorsToClient	bool	Server side returns detailed error information to Client, which defaults to true.	No
maxPortsPerClient	int	Limit the maximum number of simultaneous Agent of a single Client. There is no limit by default.	No
userConnTimeout	int	Timeout (in seconds) for users to wait for a Client response after establishing a connection. Default is. Ten seconds.	No
udpPacketSize	int	The maximum packet length supported for Agent UDP service. The default is 1500 Server. The values of side and Client need to be consistent.	No
natholeAnalysisDataReserveHours	int	The retention time of hole policy data defaults to 168 hours, or 7 days.	No
allowPorts	[]PortsRange	The Server side port that allows Agent binding.	No
httpPlugins	[]HTTPPluginOptions	Server side HTTP Plug-inConfiguration。	No

AuthServerConfig

Field	Type	Description	Required
method	string	Authentication method. Available values are token or oidc. Default is token.	No
additionalScopes	[]string	Additional range of authentication information. Available values are HeartBeats and NewWorkConns.	No
token	string	Token in method. The Client needs to be set to the same value to pass authentication.	No
oidc	AuthOIDCServerConfig	oidc 鉴权Configuration。	No

AuthOIDCServerConfig

Field	Type	Required
issuer	string	No
audience	string	No
skipExpiryCheck	bool	No
skipIssuerCheck	bool	No

ServerTransportConfig

Field	Type	Description	Required
tcpMuxKeepaliveInterval	int	The interval between heartbeats for tcp mux, in seconds.	No
tcpKeepalive	int	Keepalive connected to the underlying TCP of Client. Interval time (in seconds). A negative number of Configuration means it is not enabled.	No
maxPoolCount	int	Allows the maximum connection pool size set by Client. If the value of ClientConfiguration is greater than this value, it will be forced to change to the maximum value. Default is. five.	No
heartbeatTimeout	int	Timeout for Server side and Client heartbeat connections (in seconds). Default is. 90 seconds.	No
quic	QUICOptions	QUIC protocol Configuration parameter.	No
tls	TLSServerConfig	Server side TLS Agreement Configuration。	No

TLSServerConfig

Field	Type	Description	Required
force	bool	Whether only Client connections with TLS enabled are accepted.	No
	TLSConfig	TLS protocol Configuration, embedded structure.	No

HTTPPluginOptions

Field	Type	Description	Required
name	string	Plug-in名称。	Yes
addr	string	Plug-in接口的地址。	Yes
path	string	Plug-in接口的 Path。	Yes
ops	[]string	Plug-in requires a list of operations to take effect. For more information, please see ReferencServer. Description of side Plug-in Document.	Yes
tlsVerify	bool	Whether to verify the TLS of Plug-in when the Plug-in address is HTTPS protocol. The certificate is not verified by default.	No

Last modified November 15, 2023: fix 404 (#71) (626ce4d)