# Wormhole SOCKS5 Server Configuration
serviceType: server

proxy:
  address: 0.0.0.0  # IPv4监听地址
  port: 1080
  enableIPv6: true   # 启用IPv6支持
  addressv6: "::"    # IPv6监听地址

auth:
  username: admin
  password: secure123
  methods:
    - password

# 增加超时时间以处理Docker的大文件下载
timeout: 300s  # 5分钟超时，适合Docker镜像下载
maxConns: 5000
logLevel: info

healthCheck:
  enabled: true
  address: 127.0.0.1
  port: 8090

# Optimization Features (将在迁移中实现)
optimizedServer:
  enabled: true
  maxIdleTime: 10m  # 增加空闲时间
  bufferSize: 131072  # 增加缓冲区到128KB，适合大文件传输
  logConnections: true
  
  # DNS Caching (暂时禁用，避免端口冲突)
  dnsCache:
    enabled: true
    maxSize: 10000
    ttl: 10m
  
  # Rate Limiting - 放宽限制以支持Docker下载
  rateLimit:
    enabled: true
    requestsPerSecond: 200  # 增加到200 RPS
    burstSize: 500  # 增加突发大小
    perIPRequestsPerSec: 50  # 单IP增加到50 RPS
    perIPBurstSize: 100  # 单IP突发增加到100
    cleanupInterval: 5m
  
  # Connection Pool - 优化Docker连接
  connectionPool:
    enabled: true
    maxSize: 2000  # 增加连接池大小
    maxLifetime: 60m  # 增加连接生命周期到1小时
    maxIdle: 15m  # 增加空闲时间到15分钟
    initialSize: 0
  
  # Memory Optimization
  memory:
    enabled: true
    bufferSizes: [1024, 2048, 4096, 8192, 16384, 32768, 65536, 131072]  # 增加更大的缓冲区
    monitorInterval: 30s
    enableAutoGC: true
    heapAllocThresholdMB: 200  # 增加GC阈值
    heapSysThresholdMB: 400
    forceGCThresholdMB: 800
  
  # Transparent Proxy (requires root permissions)
  transparent:
    enabled: false
    transparentPort: 8888
    dnsPort: 15353  # 服务器端DNS端口，避免与客户端5353端口冲突
    bypassIPs:
      - "127.0.0.1"
      - "192.168.1.0/24"
    bypassDomains:
      - "localhost"
      - "*.local"
  
  # Access Control - 允许连接到所有地址
  accessControl:
    allowedIPs:
      - "0.0.0.0/0"  # 允许所有IPv4地址
      - "::/0"       # 允许所有IPv6地址
    
    # 明确允许的域名（如果有域名过滤的话）
    allowedDomains:
      - "*"  # 允许所有域名
      - "*.docker.io"
      - "registry-1.docker.io"
      - "auth.docker.io"
      - "registry.docker.io"
      - "index.docker.io"
      - "*.docker.com"
      - "hub.docker.com"
      - "*.github.com"
      - "*.google.com"
      - "*.googleapis.com"
      - "*.cloudflare.com"
      - "*.amazonaws.com"
      - "*.azurecr.io"
    
    # 阻止的域名（黑名单）
    blockedDomains: []
    
    # 阻止的IP（黑名单）  
    blockedIPs: []
  
  # Performance Monitoring
  metrics:
    enabled: true
    interval: 5m

# Docker专用优化配置
docker:
  # 针对Docker镜像下载的特殊优化
  enabled: true
  # 大文件传输超时 (Docker镜像可能很大)
  largeFileTimeout: 1800s  # 30分钟
  # 针对Docker registry的keep-alive设置
  keepAliveTimeout: 300s   # 5分钟
  # 最大并发下载数
  maxConcurrentDownloads: 10