# Railway sing-box Shadowsocks Test Node This is a minimal sing-box Shadowsocks server for testing Burrow against a real internet-hosted node on Railway. Railway public networking exposes raw TCP through TCP Proxy. That is enough for plain Shadowsocks TCP testing. It is not a full UDP validation environment, so use Burrow's local self-tests or a VPS for native UDP testing. ## Deploy 1. Create a new Railway service from this repo. 2. Set the service root directory to: ```text deploy/railway-sing-box ``` 3. Add Railway variables: ```text SS_PASSWORD= SS_METHOD=chacha20-ietf-poly1305 SS_LISTEN_HOST=0.0.0.0 SS_LISTEN_PORT=8388 ``` `SS_METHOD`, `SS_LISTEN_HOST`, and `SS_LISTEN_PORT` are optional; those are the defaults. 4. Deploy the service. 5. In the service settings, create a TCP Proxy with internal port `8388`. 6. Railway will show an external proxy host and port, for example: ```text shuttle.proxy.rlwy.net:15140 ``` ## Burrow Test URI Build the Shadowsocks URI with: ```sh uv run python - <<'PY' import base64 import urllib.parse method = "chacha20-ietf-poly1305" password = "" host = "" port = "" name = "railway-sing-box-ss" userinfo = base64.urlsafe_b64encode(f"{method}:{password}".encode()).decode().rstrip("=") print(f"ss://{userinfo}@{host}:{port}#{urllib.parse.quote(name)}") PY ``` Use the generated `ss://` URI in a Burrow proxy subscription or local test payload. ## Notes - Railway's TCP Proxy external port is assigned by Railway. Use that external port in the client URI, not `8388`. - This is intentionally a plain Shadowsocks node. Once plain TCP works, add extra protocol features in separate test deployments so failures stay easy to isolate.