mirror of
https://github.com/awfufu/traudit
synced 2026-03-01 13:39:44 +08:00
45 lines
1.1 KiB
YAML
45 lines
1.1 KiB
YAML
# Traudit Configuration Example
|
|
|
|
database:
|
|
type: clickhouse
|
|
# dsn: "http://user:password@ip:port/database"
|
|
dsn: http://traudit:traudit114514@127.0.0.1:8123/traudit
|
|
batch_size: 50
|
|
batch_timeout_secs: 100
|
|
|
|
services:
|
|
# Receives traffic from FRP with v2 Proxy Protocol header, audits it,
|
|
# strips the header, and forwards pure TCP to local SSHD.
|
|
- name: "ssh"
|
|
forward_to: "127.0.0.1:22"
|
|
type: "tcp"
|
|
binds:
|
|
# Entry 1: Public traffic from FRP
|
|
- addr: "0.0.0.0:2223"
|
|
proxy: "v2"
|
|
real_ip:
|
|
from: "proxy_protocol"
|
|
trust_private_ranges: true
|
|
|
|
# Entry 2: LAN direct traffic (no Proxy Protocol)
|
|
- addr: "0.0.0.0:2222"
|
|
real_ip:
|
|
from: "remote_addr"
|
|
trust_private_ranges: true
|
|
|
|
- name: "web"
|
|
forward_to: "127.0.0.1:8080"
|
|
type: "http"
|
|
binds:
|
|
- addr: 0.0.0.0:443
|
|
tls:
|
|
cert: "/path/to/cert.crt"
|
|
key: "/path/to/key.key"
|
|
proxy: v2
|
|
real_ip:
|
|
from: "proxy_protocol"
|
|
trust_private_ranges: true
|
|
trusted_proxies:
|
|
- 1.2.3.4
|
|
|