mtg-multi

command module

v1.7.0 Latest Latest Go to latest Published: Apr 9, 2026 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/dolonet/mtg-multi

Links

Open Source Insights

README ¶

mtg-multi

Fork of 9seconds/mtg with multi-secret support and per-user stats.

English | Русский

What's different

Multiple secrets. Upstream mtg allows only one secret per instance. mtg-multi lets you define named secrets in the config — one per user. All secrets must share the same hostname.

[secrets]
alice = "ee367a189aee18fa31c190054efd4a8e9573746f726167652e676f6f676c65617069732e636f6d"
bob   = "ee0123456789abcdef0123456789abcd9573746f726167652e676f6f676c65617069732e636f6d"

Stats API. A lightweight HTTP endpoint that shows live per-user traffic.

api-bind-to = "127.0.0.1:9090"

GET /stats

{
  "started_at": "2026-03-29T10:30:00Z",
  "uptime_seconds": 3600,
  "total_connections": 15,
  "users": {
    "alice": {
      "connections": 8,
      "bytes_in": 1048576,
      "bytes_out": 2097152,
      "last_seen": "2026-03-29T11:25:30Z"
    }
  }
}

Connection throttling. Automatic per-user connection limits to protect the server from overload. A background goroutine recomputes caps every few seconds using a fair-share algorithm: small users keep their connections, remaining budget is split equally among heavy consumers. New connections from over-cap users are rejected; existing connections are not killed.

[throttle]
max-connections = 5000
check-interval = "5s"

Example: limit = 100, users A=1, B=1, C=90, D=110. A and B stay at 1. Remaining budget 98 is split: C and D are capped at 49 each.

Throttle state is exposed via the Stats API:

{
  "throttle": {
    "active": true,
    "limit": 5000,
    "caps": { "heavy-user": 2450 }
  }
}

Public IP override. Useful when auto-detection via ifconfig.co is unavailable.

public-ipv4 = "1.2.3.4"
public-ipv6 = "2001:db8::1"

Everything else — domain fronting, doppelganger, proxy chaining, blocklists, metrics — works exactly as in upstream. See the upstream README for details.

Quick start

Download a binary from Releases or build from source:

git clone https://github.com/dolonet/mtg-multi.git
cd mtg-multi
mise install && mise tasks run build

Generate secrets:

mtg-multi generate-secret --hex storage.googleapis.com

Minimal config:

bind-to = "0.0.0.0:443"
api-bind-to = "127.0.0.1:9090"

[throttle]
max-connections = 5000

# [secrets] must be the last section in the global scope —
# in TOML, all keys after a [section] become part of that table.
[secrets]
alice = "ee..."
bob   = "ee..."

Run:

mtg-multi run /etc/mtg/config.toml

See example.config.toml for all available options.

Чем отличается

Несколько секретов. В оригинальном mtg — один секрет на инстанс. mtg-multi позволяет задать именованные секреты в конфиге, по одному на пользователя. Все секреты должны использовать один и тот же hostname.

[secrets]
alice = "ee367a189aee18fa31c190054efd4a8e9573746f726167652e676f6f676c65617069732e636f6d"
bob   = "ee0123456789abcdef0123456789abcd9573746f726167652e676f6f676c65617069732e636f6d"

Stats API. HTTP-эндпоинт с live-статистикой трафика по пользователям.

api-bind-to = "127.0.0.1:9090"

GET /stats

{
  "started_at": "2026-03-29T10:30:00Z",
  "uptime_seconds": 3600,
  "total_connections": 15,
  "users": {
    "alice": {
      "connections": 8,
      "bytes_in": 1048576,
      "bytes_out": 2097152,
      "last_seen": "2026-03-29T11:25:30Z"
    }
  }
}

Троттлинг подключений. Автоматические per-user лимиты для защиты сервера от перегрузки. Фоновая горутина каждые несколько секунд пересчитывает капы по алгоритму fair-share: маленькие пользователи сохраняют свои подключения, оставшийся бюджет делится поровну между крупными потребителями. Новые подключения сверх капа отклоняются; существующие не разрываются.

[throttle]
max-connections = 5000
check-interval = "5s"

Пример: лимит = 100, пользователи A=1, B=1, C=90, D=110. A и B остаются на 1. Оставшийся бюджет 98 делится: C и D получают кап 49.

Состояние троттлинга доступно через Stats API:

{
  "throttle": {
    "active": true,
    "limit": 5000,
    "caps": { "heavy-user": 2450 }
  }
}

Ручное указание публичного IP. Для случаев, когда ifconfig.co недоступен с сервера.

public-ipv4 = "1.2.3.4"
public-ipv6 = "2001:db8::1"

Всё остальное — domain fronting, doppelganger, цепочки прокси, блоклисты, метрики — работает как в оригинале. Подробности в README upstream.

Быстрый старт

Скачайте бинарник из Releases или соберите из исходников:

git clone https://github.com/dolonet/mtg-multi.git
cd mtg-multi
mise install && mise tasks run build

Генерация секрета:

mtg-multi generate-secret --hex storage.googleapis.com

Минимальный конфиг:

bind-to = "0.0.0.0:443"
api-bind-to = "127.0.0.1:9090"

[throttle]
max-connections = 5000

# [secrets] должен быть последней секцией в глобальном scope —
# в TOML все ключи после [section] становятся частью этой таблицы.
[secrets]
alice = "ee..."
bob   = "ee..."

Запуск:

mtg-multi run /etc/mtg/config.toml

Все доступные опции — в example.config.toml.

Documentation ¶

Overview ¶

mtg is just a command-line application that starts a proxy.

Application logic is how to read a config and configure mtglib.Proxy. So, probably you need to read the documentation for mtglib package first.

mtglib is a core of the application. The rest of the packages provide some default implementations for the interfaces, defined in mtglib.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
antireplay Antireplay package has cache implementations that are effective against replay attacks.	Antireplay package has cache implementations that are effective against replay attacks.
benchmarks
cmd/echo command Echo server — runs on Amsterdam, simulates Telegram DC.	Echo server — runs on Amsterdam, simulates Telegram DC.
cmd/realnet command
cmd/relay command Relay server — the process we measure.	Relay server — the process we measure.
essentials This is a minimal package that contains _essentials_ of mtglib and its complimentary packages.	This is a minimal package that contains _essentials_ of mtglib and its complimentary packages.
events Events has a default implementations of EventStream for mtglib.	Events has a default implementations of EventStream for mtglib.
internal
cli
config
proxyprotocol
testlib
utils
ipblocklist Package ipblocklist contains default implementation of the mtglib.IPBlocklist for mtg.	Package ipblocklist contains default implementation of the mtglib.IPBlocklist for mtg.
files files defines a set of abstraction for 'files': an openable entities that could be read after.	files defines a set of abstraction for 'files': an openable entities that could be read after.
logger Package logger has implementation of loggers for mtglib.Logger interface.	Package logger has implementation of loggers for mtglib.Logger interface.
mtglib mtglib defines a package with MTPROTO proxy.	mtglib defines a package with MTPROTO proxy.
internal/dc
internal/doppel
internal/obfuscation
internal/relay
internal/tls
internal/tls/fake
network Network contains a default implementation of the network.	Network contains a default implementation of the network.
v2 Network contains a default implementation of the network.	Network contains a default implementation of the network.
stats Stats package has implementations of events.Observer for different monitoring systems.	Stats package has implementations of events.Observer for different monitoring systems.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL