File tree Expand file tree Collapse file tree 7 files changed +138
-33
lines changed Expand file tree Collapse file tree 7 files changed +138
-33
lines changed Original file line number Diff line number Diff line change 1414 "type" : " shadowsocks"
1515 "listen" : " ::"
1616 "listen_port" : 8080 ,
17+ "tcp_fast_open" : true ,
18+ "tcp_multi_path" : true ,
1719 "sniff" : true ,
1820 "network" : " tcp"
1921 "method" : " 2022-blake3-aes-128-gcm"
20- "password" : " 8JCsPssfgS8tiRwiMlhARg=="
22+ "password" : " 8JCsPssfgS8tiRwiMlhARg=="
23+ "multiplex" : {
24+ "enabled" : true
25+ }
2126 }
2227 ],
2328 "outbounds" : [
Load Diff This file was deleted.
Load Diff This file was deleted.
Original file line number Diff line number Diff line change 1+ [Unit]
2+ Description =sing-box service
3+ Documentation =https://sing-box.sagernet.org
4+ After =network.target nss-lookup.target network-online.target
5+
6+ [Service]
7+ AmbientCapabilities =CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
8+ CapabilityBoundingSet =CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
9+ ConfigurationDirectory =sing-box
10+ DynamicUser =true
11+ ExecReload =/bin/kill -HUP $MAINPID
12+ ExecStart =/usr/bin/sing-box -D ${STATE_DIRECTORY} -C ${CONFIGURATION_DIRECTORY} run
13+ LimitNOFILE =infinity
14+ LockPersonality =true
15+ MemoryDenyWriteExecute =true
16+ NoNewPrivileges =true
17+ PrivateTmp =true
18+ ProcSubset =pid
19+ ProtectClock =true
20+ ProtectControlGroups =true
21+ ProtectHome =true
22+ ProtectHostname =true
23+ ProtectKernelLogs =true
24+ ProtectKernelModules =true
25+ ProtectKernelTunables =true
26+ ProtectProc =noaccess
27+ ProtectSystem =full
28+ Restart =on-failure
29+ RestartSec =10s
30+ RestrictNamespaces =true
31+ RestrictRealtime =true
32+ StateDirectory =sing-box
33+ SystemCallArchitectures =native
34+ SystemCallFilter =@system-service
35+
36+ [Install]
37+ WantedBy =multi-user.target
Original file line number Diff line number Diff line change 1+ [Unit]
2+ Description =sing-box service (%i)
3+ Documentation =https://sing-box.sagernet.org
4+ After =network.target nss-lookup.target network-online.target
5+
6+ [Service]
7+ AmbientCapabilities =CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
8+ CapabilityBoundingSet =CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE CAP_DAC_READ_SEARCH
9+ ConfigurationDirectory =sing-box
10+ DynamicUser =true
11+ ExecReload =/bin/kill -HUP $MAINPID
12+ ExecStart =/usr/bin/sing-box -D ${STATE_DIRECTORY} -c ${CONFIGURATION_DIRECTORY}/%i.json run
13+ LimitNOFILE =infinity
14+ LockPersonality =true
15+ MemoryDenyWriteExecute =true
16+ NoNewPrivileges =true
17+ PrivateTmp =true
18+ ProcSubset =pid
19+ ProtectClock =true
20+ ProtectControlGroups =true
21+ ProtectHome =true
22+ ProtectHostname =true
23+ ProtectKernelLogs =true
24+ ProtectKernelModules =true
25+ ProtectKernelTunables =true
26+ ProtectProc =noaccess
27+ ProtectSystem =full
28+ Restart =on-failure
29+ RestartSec =10s
30+ RestrictNamespaces =true
31+ RestrictRealtime =true
32+ StateDirectory =sing-box-%i
33+ SystemCallArchitectures =native
34+ SystemCallFilter =@system-service
35+
36+ [Install]
37+ WantedBy =multi-user.target
38+ DefaultInstance =sing-box.service
Original file line number Diff line number Diff line change 1+ [Unit]
2+ Description =sing-box user service
3+ Documentation =https://sing-box.sagernet.org
4+ After =basic.target
5+
6+ [Service]
7+ ConfigurationDirectory =sing-box
8+ ExecReload =/bin/kill -HUP $MAINPID
9+ ExecStart =/usr/bin/sing-box -D ${STATE_DIRECTORY} -C ${CONFIGURATION_DIRECTORY} run
10+ LimitNOFILE =infinity
11+ LockPersonality =true
12+ MemoryDenyWriteExecute =true
13+ NoNewPrivileges =true
14+ PrivateDevices =true
15+ PrivateTmp =true
16+ PrivateUsers =true
17+ ProcSubset =pid
18+ ProtectProc =noaccess
19+ Restart =on-failure
20+ RestartSec =10s
21+ RestrictNamespaces =true
22+ RestrictRealtime =true
23+ StateDirectory =sing-box
24+ SystemCallArchitectures =native
25+ SystemCallFilter =@system-service
26+
27+ [Install]
28+ WantedBy =default.target
Original file line number Diff line number Diff line change 1+ [Unit]
2+ Description =sing-box user service (%i)
3+ Documentation =https://sing-box.sagernet.org
4+ After =basic.target
5+
6+ [Service]
7+ ConfigurationDirectory =sing-box
8+ ExecReload =/bin/kill -HUP $MAINPID
9+ ExecStart =/usr/bin/sing-box -D ${STATE_DIRECTORY} -c ${CONFIGURATION_DIRECTORY}/%i.json run
10+ LimitNOFILE =infinity
11+ LockPersonality =true
12+ MemoryDenyWriteExecute =true
13+ NoNewPrivileges =true
14+ PrivateDevices =true
15+ PrivateTmp =true
16+ PrivateUsers =true
17+ ProcSubset =pid
18+ ProtectProc =noaccess
19+ Restart =on-failure
20+ RestartSec =10s
21+ RestrictNamespaces =true
22+ RestrictRealtime =true
23+ StateDirectory =sing-box-%i
24+ SystemCallArchitectures =native
25+ SystemCallFilter =@system-service
26+
27+ [Install]
28+ WantedBy =default.target
29+ DefaultInstance =sing-box.service
You can’t perform that action at this time.
0 commit comments