diff --git a/apps/frpc/0.55.1/data/frpc_full.toml b/apps/frpc/0.55.1/data/frpc_full.toml
index 05d6cbe2..67fd84ec 100644
--- a/apps/frpc/0.55.1/data/frpc_full.toml
+++ b/apps/frpc/0.55.1/data/frpc_full.toml
@@ -1,3 +1,5 @@
+# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+
 # your proxy name will be changed to {user}.{proxy}
 user = "your_name"
 
@@ -36,7 +38,7 @@ auth.token = "12345678"
 # auth.oidc.clientSecret = ""
 # oidc.audience specifies the audience of the token in OIDC authentication.
 # auth.oidc.audience = ""
-# oidc_scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
+# oidc.scope specifies the permissions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
 # auth.oidc.scope = ""
 # oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint.
 # It will be used to get an OIDC token.
@@ -110,7 +112,7 @@ transport.tls.enable = true
 # transport.tls.disableCustomTLSFirstByte = true
 
 # Heartbeat configure, it's not recommended to modify the default value.
-# The default value of heartbeat_interval is 10 and heartbeat_timeout is 90. Set negative value
+# The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value
 # to disable it.
 # transport.heartbeatInterval = 30
 # transport.heartbeatTimeout = 90
@@ -162,18 +164,23 @@ healthCheck.type = "tcp"
 healthCheck.timeoutSeconds = 3
 # If continuous failed in 3 times, the proxy will be removed from frps
 healthCheck.maxFailed = 3
-# every 10 seconds will do a health check
+# Every 10 seconds will do a health check
 healthCheck.intervalSeconds = 10
-# additional meta info for each proxy
+# Additional meta info for each proxy. It will be passed to the server-side plugin for use.
 metadatas.var1 = "abc"
 metadatas.var2 = "123"
+# You can add some extra information to the proxy through annotations.
+# These annotations will be displayed on the frps dashboard.
+[proxies.annotations]
+key1 = "value1"
+"prefix/key2" = "value2"
 
 [[proxies]]
 name = "ssh_random"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 22
-# If remote_port is 0, frps will assign a random port for you
+# If remotePort is 0, frps will assign a random port for you
 remotePort = 0
 
 [[proxies]]
@@ -183,14 +190,14 @@ localIP = "114.114.114.114"
 localPort = 53
 remotePort = 6002
 
-# Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
+# Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
 [[proxies]]
 name = "web01"
 type = "http"
 localIP = "127.0.0.1"
 localPort = 80
 # http username and password are safety certification for http protocol
-# if not set, you can access this custom_domains without certification
+# if not set, you can access this customDomains without certification
 httpUser = "admin"
 httpPassword = "admin"
 # if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com
@@ -199,9 +206,8 @@ customDomains = ["web01.yourdomain.com"]
 # locations is only available for http type
 locations = ["/", "/pic"]
 # route requests to this service if http basic auto user is abc
-# route_by_http_user = abc
+# routeByHTTPUser = abc
 hostHeaderRewrite = "example.com"
-# params with prefix "header_" will be used to update http request headers
 requestHeaders.set.x-from-where = "frp"
 healthCheck.type = "http"
 # frpc will send a GET http request '/status' to local http service
@@ -235,7 +241,7 @@ customDomains = ["tunnel1"]
 name = "plugin_unix_domain_socket"
 type = "tcp"
 remotePort = 6003
-# if plugin is defined, local_ip and local_port is useless
+# if plugin is defined, localIP and localPort is useless
 # plugin will handle connections got from frps
 [proxies.plugin]
 type = "unix_domain_socket"
@@ -306,7 +312,7 @@ requestHeaders.set.x-from-where = "frp"
 
 [[proxies]]
 name = "secret_tcp"
-# If the type is secret tcp, remote_port is useless
+# If the type is secret tcp, remotePort is useless
 # Who want to connect local port should deploy another frpc with stcp proxy and role is visitor
 type = "stcp"
 # secretKey is used for authentication for visitors
@@ -353,8 +359,8 @@ bindAddr = "127.0.0.1"
 bindPort = 9001
 # when automatic tunnel persistence is required, set it to true
 keepTunnelOpen = false
-# effective when keep_tunnel_open is set to true, the number of attempts to punch through per hour
+# effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour
 maxRetriesAnHour = 8
 minRetryInterval = 90
 # fallbackTo = "stcp_visitor"
-# fallbackTimeoutMs = 500
+# fallbackTimeoutMs = 500
\ No newline at end of file
diff --git a/apps/frpc/0.55.1/data/frps.toml b/apps/frpc/0.55.1/data/frps.toml
index a732825b..cc3f831d 100644
--- a/apps/frpc/0.55.1/data/frps.toml
+++ b/apps/frpc/0.55.1/data/frps.toml
@@ -19,10 +19,11 @@ kcpBindPort = 7000
 #subDomainHost = "example.com"
 
 # tls
-tls.force = false
-#transport.tls.certFile = "/etc/frp/server.crt"
-#transport.tls.keyFile = "/etc/frp/server.key"
-#transport.tls.trustedCaFile = "/etc/frp/ca.crt"
+transport.tls.force = true
+#tls.force = false # 版本0.52.0到0.55.0用这个
+#transport.tls.certFile = "/etc/frp/ssl/server.crt"
+#transport.tls.keyFile = "/etc/frp/ssl/server.key"
+#transport.tls.trustedCaFile = "/etc/frp/ssl/ca.crt"
 
 # dashboard
 webServer.addr = "0.0.0.0"
diff --git a/apps/frpc/0.55.1/data/frps_full.toml b/apps/frpc/0.55.1/data/frps_full.toml
index 180a3b24..f739d4d4 100644
--- a/apps/frpc/0.55.1/data/frps_full.toml
+++ b/apps/frpc/0.55.1/data/frps_full.toml
@@ -1,10 +1,12 @@
+# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+
 # A literal address or host name for IPv6 must be enclosed
 # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
-# For single "bind_addr" field, no need square brackets, like "bind_addr = ::".
+# For single "bindAddr" field, no need square brackets, like `bindAddr = "::"`.
 bindAddr = "0.0.0.0"
 bindPort = 7000
 
-# udp port used for kcp protocol, it can be same with 'bind_port'.
+# udp port used for kcp protocol, it can be same with 'bindPort'.
 # if not set, kcp is disabled in frps.
 kcpBindPort = 7000
 
@@ -12,8 +14,8 @@ kcpBindPort = 7000
 # if not set, quic is disabled in frps.
 # quicBindPort = 7002
 
-# Specify which address proxy will listen for, default value is same with bind_addr
-# proxy_bind_addr = "127.0.0.1"
+# Specify which address proxy will listen for, default value is same with bindAddr
+# proxyBindAddr = "127.0.0.1"
 
 # quic protocol options
 # transport.quic.keepalivePeriod = 10
@@ -21,7 +23,7 @@ kcpBindPort = 7000
 # transport.quic.maxIncomingStreams = 100000
 
 # Heartbeat configure, it's not recommended to modify the default value
-# The default value of heartbeat_timeout is 90. Set negative value to disable it.
+# The default value of heartbeatTimeout is 90. Set negative value to disable it.
 # transport.heartbeatTimeout = 90
 
 # Pool count in each proxy will keep no more than maxPoolCount.
@@ -39,14 +41,14 @@ transport.maxPoolCount = 5
 # transport.tcpKeepalive = 7200
 
 # transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false.
-tls.force = false
+transport.tls.force = false
 
 # transport.tls.certFile = "server.crt"
 # transport.tls.keyFile = "server.key"
 # transport.tls.trustedCaFile = "ca.crt"
 
 # If you want to support virtual host, you must set the http port for listening (optional)
-# Note: http port and https port can be same with bind_port
+# Note: http port and https port can be same with bindPort
 vhostHTTPPort = 80
 vhostHTTPSPort = 443
 
@@ -59,7 +61,7 @@ vhostHTTPSPort = 443
 # HTTP CONNECT requests. By default, this value is 0.
 # tcpmuxHTTPConnectPort = 1337
 
-# If tcpmux_passthrough is true, frps won't do any update on traffic.
+# If tcpmuxPassthrough is true, frps won't do any update on traffic.
 # tcpmuxPassthrough = false
 
 # Configure the web server to enable the dashboard for frps.
@@ -127,7 +129,7 @@ allowPorts = [
 maxPortsPerClient = 0
 
 # If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file
-# When subdomain is est, the host used by routing is test.frps.com
+# When subdomain is test, the host used by routing is test.frps.com
 subDomainHost = "frps.com"
 
 # custom 404 page for HTTP requests
@@ -141,6 +143,14 @@ udpPacketSize = 1500
 # Retention time for NAT hole punching strategy data.
 natholeAnalysisDataReserveHours = 168
 
+# ssh tunnel gateway
+# If you want to enable this feature, the bindPort parameter is required, while others are optional.
+# By default, this feature is disabled. It will be enabled if bindPort is greater than 0.
+# sshTunnelGateway.bindPort = 2200
+# sshTunnelGateway.privateKeyFile = "/home/frp-user/.ssh/id_rsa"
+# sshTunnelGateway.autoGenPrivateKeyPath = ""
+# sshTunnelGateway.authorizedKeysFile = "/home/frp-user/.ssh/authorized_keys"
+
 [[httpPlugins]]
 name = "user-manager"
 addr = "127.0.0.1:9000"
@@ -151,4 +161,4 @@ ops = ["Login"]
 name = "port-manager"
 addr = "127.0.0.1:9001"
 path = "/handler"
-ops = ["NewProxy"]
+ops = ["NewProxy"]
\ No newline at end of file
diff --git a/apps/frpc/latest/data/frpc_full.toml b/apps/frpc/latest/data/frpc_full.toml
index 05d6cbe2..67fd84ec 100644
--- a/apps/frpc/latest/data/frpc_full.toml
+++ b/apps/frpc/latest/data/frpc_full.toml
@@ -1,3 +1,5 @@
+# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+
 # your proxy name will be changed to {user}.{proxy}
 user = "your_name"
 
@@ -36,7 +38,7 @@ auth.token = "12345678"
 # auth.oidc.clientSecret = ""
 # oidc.audience specifies the audience of the token in OIDC authentication.
 # auth.oidc.audience = ""
-# oidc_scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
+# oidc.scope specifies the permissions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
 # auth.oidc.scope = ""
 # oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint.
 # It will be used to get an OIDC token.
@@ -110,7 +112,7 @@ transport.tls.enable = true
 # transport.tls.disableCustomTLSFirstByte = true
 
 # Heartbeat configure, it's not recommended to modify the default value.
-# The default value of heartbeat_interval is 10 and heartbeat_timeout is 90. Set negative value
+# The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value
 # to disable it.
 # transport.heartbeatInterval = 30
 # transport.heartbeatTimeout = 90
@@ -162,18 +164,23 @@ healthCheck.type = "tcp"
 healthCheck.timeoutSeconds = 3
 # If continuous failed in 3 times, the proxy will be removed from frps
 healthCheck.maxFailed = 3
-# every 10 seconds will do a health check
+# Every 10 seconds will do a health check
 healthCheck.intervalSeconds = 10
-# additional meta info for each proxy
+# Additional meta info for each proxy. It will be passed to the server-side plugin for use.
 metadatas.var1 = "abc"
 metadatas.var2 = "123"
+# You can add some extra information to the proxy through annotations.
+# These annotations will be displayed on the frps dashboard.
+[proxies.annotations]
+key1 = "value1"
+"prefix/key2" = "value2"
 
 [[proxies]]
 name = "ssh_random"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 22
-# If remote_port is 0, frps will assign a random port for you
+# If remotePort is 0, frps will assign a random port for you
 remotePort = 0
 
 [[proxies]]
@@ -183,14 +190,14 @@ localIP = "114.114.114.114"
 localPort = 53
 remotePort = 6002
 
-# Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
+# Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
 [[proxies]]
 name = "web01"
 type = "http"
 localIP = "127.0.0.1"
 localPort = 80
 # http username and password are safety certification for http protocol
-# if not set, you can access this custom_domains without certification
+# if not set, you can access this customDomains without certification
 httpUser = "admin"
 httpPassword = "admin"
 # if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com
@@ -199,9 +206,8 @@ customDomains = ["web01.yourdomain.com"]
 # locations is only available for http type
 locations = ["/", "/pic"]
 # route requests to this service if http basic auto user is abc
-# route_by_http_user = abc
+# routeByHTTPUser = abc
 hostHeaderRewrite = "example.com"
-# params with prefix "header_" will be used to update http request headers
 requestHeaders.set.x-from-where = "frp"
 healthCheck.type = "http"
 # frpc will send a GET http request '/status' to local http service
@@ -235,7 +241,7 @@ customDomains = ["tunnel1"]
 name = "plugin_unix_domain_socket"
 type = "tcp"
 remotePort = 6003
-# if plugin is defined, local_ip and local_port is useless
+# if plugin is defined, localIP and localPort is useless
 # plugin will handle connections got from frps
 [proxies.plugin]
 type = "unix_domain_socket"
@@ -306,7 +312,7 @@ requestHeaders.set.x-from-where = "frp"
 
 [[proxies]]
 name = "secret_tcp"
-# If the type is secret tcp, remote_port is useless
+# If the type is secret tcp, remotePort is useless
 # Who want to connect local port should deploy another frpc with stcp proxy and role is visitor
 type = "stcp"
 # secretKey is used for authentication for visitors
@@ -353,8 +359,8 @@ bindAddr = "127.0.0.1"
 bindPort = 9001
 # when automatic tunnel persistence is required, set it to true
 keepTunnelOpen = false
-# effective when keep_tunnel_open is set to true, the number of attempts to punch through per hour
+# effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour
 maxRetriesAnHour = 8
 minRetryInterval = 90
 # fallbackTo = "stcp_visitor"
-# fallbackTimeoutMs = 500
+# fallbackTimeoutMs = 500
\ No newline at end of file
diff --git a/apps/frpc/latest/data/frps.toml b/apps/frpc/latest/data/frps.toml
index a732825b..cc3f831d 100644
--- a/apps/frpc/latest/data/frps.toml
+++ b/apps/frpc/latest/data/frps.toml
@@ -19,10 +19,11 @@ kcpBindPort = 7000
 #subDomainHost = "example.com"
 
 # tls
-tls.force = false
-#transport.tls.certFile = "/etc/frp/server.crt"
-#transport.tls.keyFile = "/etc/frp/server.key"
-#transport.tls.trustedCaFile = "/etc/frp/ca.crt"
+transport.tls.force = true
+#tls.force = false # 版本0.52.0到0.55.0用这个
+#transport.tls.certFile = "/etc/frp/ssl/server.crt"
+#transport.tls.keyFile = "/etc/frp/ssl/server.key"
+#transport.tls.trustedCaFile = "/etc/frp/ssl/ca.crt"
 
 # dashboard
 webServer.addr = "0.0.0.0"
diff --git a/apps/frpc/latest/data/frps_full.toml b/apps/frpc/latest/data/frps_full.toml
index 180a3b24..f739d4d4 100644
--- a/apps/frpc/latest/data/frps_full.toml
+++ b/apps/frpc/latest/data/frps_full.toml
@@ -1,10 +1,12 @@
+# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+
 # A literal address or host name for IPv6 must be enclosed
 # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
-# For single "bind_addr" field, no need square brackets, like "bind_addr = ::".
+# For single "bindAddr" field, no need square brackets, like `bindAddr = "::"`.
 bindAddr = "0.0.0.0"
 bindPort = 7000
 
-# udp port used for kcp protocol, it can be same with 'bind_port'.
+# udp port used for kcp protocol, it can be same with 'bindPort'.
 # if not set, kcp is disabled in frps.
 kcpBindPort = 7000
 
@@ -12,8 +14,8 @@ kcpBindPort = 7000
 # if not set, quic is disabled in frps.
 # quicBindPort = 7002
 
-# Specify which address proxy will listen for, default value is same with bind_addr
-# proxy_bind_addr = "127.0.0.1"
+# Specify which address proxy will listen for, default value is same with bindAddr
+# proxyBindAddr = "127.0.0.1"
 
 # quic protocol options
 # transport.quic.keepalivePeriod = 10
@@ -21,7 +23,7 @@ kcpBindPort = 7000
 # transport.quic.maxIncomingStreams = 100000
 
 # Heartbeat configure, it's not recommended to modify the default value
-# The default value of heartbeat_timeout is 90. Set negative value to disable it.
+# The default value of heartbeatTimeout is 90. Set negative value to disable it.
 # transport.heartbeatTimeout = 90
 
 # Pool count in each proxy will keep no more than maxPoolCount.
@@ -39,14 +41,14 @@ transport.maxPoolCount = 5
 # transport.tcpKeepalive = 7200
 
 # transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false.
-tls.force = false
+transport.tls.force = false
 
 # transport.tls.certFile = "server.crt"
 # transport.tls.keyFile = "server.key"
 # transport.tls.trustedCaFile = "ca.crt"
 
 # If you want to support virtual host, you must set the http port for listening (optional)
-# Note: http port and https port can be same with bind_port
+# Note: http port and https port can be same with bindPort
 vhostHTTPPort = 80
 vhostHTTPSPort = 443
 
@@ -59,7 +61,7 @@ vhostHTTPSPort = 443
 # HTTP CONNECT requests. By default, this value is 0.
 # tcpmuxHTTPConnectPort = 1337
 
-# If tcpmux_passthrough is true, frps won't do any update on traffic.
+# If tcpmuxPassthrough is true, frps won't do any update on traffic.
 # tcpmuxPassthrough = false
 
 # Configure the web server to enable the dashboard for frps.
@@ -127,7 +129,7 @@ allowPorts = [
 maxPortsPerClient = 0
 
 # If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file
-# When subdomain is est, the host used by routing is test.frps.com
+# When subdomain is test, the host used by routing is test.frps.com
 subDomainHost = "frps.com"
 
 # custom 404 page for HTTP requests
@@ -141,6 +143,14 @@ udpPacketSize = 1500
 # Retention time for NAT hole punching strategy data.
 natholeAnalysisDataReserveHours = 168
 
+# ssh tunnel gateway
+# If you want to enable this feature, the bindPort parameter is required, while others are optional.
+# By default, this feature is disabled. It will be enabled if bindPort is greater than 0.
+# sshTunnelGateway.bindPort = 2200
+# sshTunnelGateway.privateKeyFile = "/home/frp-user/.ssh/id_rsa"
+# sshTunnelGateway.autoGenPrivateKeyPath = ""
+# sshTunnelGateway.authorizedKeysFile = "/home/frp-user/.ssh/authorized_keys"
+
 [[httpPlugins]]
 name = "user-manager"
 addr = "127.0.0.1:9000"
@@ -151,4 +161,4 @@ ops = ["Login"]
 name = "port-manager"
 addr = "127.0.0.1:9001"
 path = "/handler"
-ops = ["NewProxy"]
+ops = ["NewProxy"]
\ No newline at end of file
diff --git a/apps/frps/0.55.1/data/frpc_full.toml b/apps/frps/0.55.1/data/frpc_full.toml
index 05d6cbe2..67fd84ec 100644
--- a/apps/frps/0.55.1/data/frpc_full.toml
+++ b/apps/frps/0.55.1/data/frpc_full.toml
@@ -1,3 +1,5 @@
+# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+
 # your proxy name will be changed to {user}.{proxy}
 user = "your_name"
 
@@ -36,7 +38,7 @@ auth.token = "12345678"
 # auth.oidc.clientSecret = ""
 # oidc.audience specifies the audience of the token in OIDC authentication.
 # auth.oidc.audience = ""
-# oidc_scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
+# oidc.scope specifies the permissions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
 # auth.oidc.scope = ""
 # oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint.
 # It will be used to get an OIDC token.
@@ -110,7 +112,7 @@ transport.tls.enable = true
 # transport.tls.disableCustomTLSFirstByte = true
 
 # Heartbeat configure, it's not recommended to modify the default value.
-# The default value of heartbeat_interval is 10 and heartbeat_timeout is 90. Set negative value
+# The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value
 # to disable it.
 # transport.heartbeatInterval = 30
 # transport.heartbeatTimeout = 90
@@ -162,18 +164,23 @@ healthCheck.type = "tcp"
 healthCheck.timeoutSeconds = 3
 # If continuous failed in 3 times, the proxy will be removed from frps
 healthCheck.maxFailed = 3
-# every 10 seconds will do a health check
+# Every 10 seconds will do a health check
 healthCheck.intervalSeconds = 10
-# additional meta info for each proxy
+# Additional meta info for each proxy. It will be passed to the server-side plugin for use.
 metadatas.var1 = "abc"
 metadatas.var2 = "123"
+# You can add some extra information to the proxy through annotations.
+# These annotations will be displayed on the frps dashboard.
+[proxies.annotations]
+key1 = "value1"
+"prefix/key2" = "value2"
 
 [[proxies]]
 name = "ssh_random"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 22
-# If remote_port is 0, frps will assign a random port for you
+# If remotePort is 0, frps will assign a random port for you
 remotePort = 0
 
 [[proxies]]
@@ -183,14 +190,14 @@ localIP = "114.114.114.114"
 localPort = 53
 remotePort = 6002
 
-# Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
+# Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
 [[proxies]]
 name = "web01"
 type = "http"
 localIP = "127.0.0.1"
 localPort = 80
 # http username and password are safety certification for http protocol
-# if not set, you can access this custom_domains without certification
+# if not set, you can access this customDomains without certification
 httpUser = "admin"
 httpPassword = "admin"
 # if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com
@@ -199,9 +206,8 @@ customDomains = ["web01.yourdomain.com"]
 # locations is only available for http type
 locations = ["/", "/pic"]
 # route requests to this service if http basic auto user is abc
-# route_by_http_user = abc
+# routeByHTTPUser = abc
 hostHeaderRewrite = "example.com"
-# params with prefix "header_" will be used to update http request headers
 requestHeaders.set.x-from-where = "frp"
 healthCheck.type = "http"
 # frpc will send a GET http request '/status' to local http service
@@ -235,7 +241,7 @@ customDomains = ["tunnel1"]
 name = "plugin_unix_domain_socket"
 type = "tcp"
 remotePort = 6003
-# if plugin is defined, local_ip and local_port is useless
+# if plugin is defined, localIP and localPort is useless
 # plugin will handle connections got from frps
 [proxies.plugin]
 type = "unix_domain_socket"
@@ -306,7 +312,7 @@ requestHeaders.set.x-from-where = "frp"
 
 [[proxies]]
 name = "secret_tcp"
-# If the type is secret tcp, remote_port is useless
+# If the type is secret tcp, remotePort is useless
 # Who want to connect local port should deploy another frpc with stcp proxy and role is visitor
 type = "stcp"
 # secretKey is used for authentication for visitors
@@ -353,8 +359,8 @@ bindAddr = "127.0.0.1"
 bindPort = 9001
 # when automatic tunnel persistence is required, set it to true
 keepTunnelOpen = false
-# effective when keep_tunnel_open is set to true, the number of attempts to punch through per hour
+# effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour
 maxRetriesAnHour = 8
 minRetryInterval = 90
 # fallbackTo = "stcp_visitor"
-# fallbackTimeoutMs = 500
+# fallbackTimeoutMs = 500
\ No newline at end of file
diff --git a/apps/frps/0.55.1/data/frps.toml b/apps/frps/0.55.1/data/frps.toml
index 6a2f2cc2..cc3f831d 100644
--- a/apps/frps/0.55.1/data/frps.toml
+++ b/apps/frps/0.55.1/data/frps.toml
@@ -19,7 +19,8 @@ kcpBindPort = 7000
 #subDomainHost = "example.com"
 
 # tls
-tls.force = false
+transport.tls.force = true
+#tls.force = false # 版本0.52.0到0.55.0用这个
 #transport.tls.certFile = "/etc/frp/ssl/server.crt"
 #transport.tls.keyFile = "/etc/frp/ssl/server.key"
 #transport.tls.trustedCaFile = "/etc/frp/ssl/ca.crt"
diff --git a/apps/frps/0.55.1/data/frps_full.toml b/apps/frps/0.55.1/data/frps_full.toml
index 180a3b24..f739d4d4 100644
--- a/apps/frps/0.55.1/data/frps_full.toml
+++ b/apps/frps/0.55.1/data/frps_full.toml
@@ -1,10 +1,12 @@
+# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+
 # A literal address or host name for IPv6 must be enclosed
 # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
-# For single "bind_addr" field, no need square brackets, like "bind_addr = ::".
+# For single "bindAddr" field, no need square brackets, like `bindAddr = "::"`.
 bindAddr = "0.0.0.0"
 bindPort = 7000
 
-# udp port used for kcp protocol, it can be same with 'bind_port'.
+# udp port used for kcp protocol, it can be same with 'bindPort'.
 # if not set, kcp is disabled in frps.
 kcpBindPort = 7000
 
@@ -12,8 +14,8 @@ kcpBindPort = 7000
 # if not set, quic is disabled in frps.
 # quicBindPort = 7002
 
-# Specify which address proxy will listen for, default value is same with bind_addr
-# proxy_bind_addr = "127.0.0.1"
+# Specify which address proxy will listen for, default value is same with bindAddr
+# proxyBindAddr = "127.0.0.1"
 
 # quic protocol options
 # transport.quic.keepalivePeriod = 10
@@ -21,7 +23,7 @@ kcpBindPort = 7000
 # transport.quic.maxIncomingStreams = 100000
 
 # Heartbeat configure, it's not recommended to modify the default value
-# The default value of heartbeat_timeout is 90. Set negative value to disable it.
+# The default value of heartbeatTimeout is 90. Set negative value to disable it.
 # transport.heartbeatTimeout = 90
 
 # Pool count in each proxy will keep no more than maxPoolCount.
@@ -39,14 +41,14 @@ transport.maxPoolCount = 5
 # transport.tcpKeepalive = 7200
 
 # transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false.
-tls.force = false
+transport.tls.force = false
 
 # transport.tls.certFile = "server.crt"
 # transport.tls.keyFile = "server.key"
 # transport.tls.trustedCaFile = "ca.crt"
 
 # If you want to support virtual host, you must set the http port for listening (optional)
-# Note: http port and https port can be same with bind_port
+# Note: http port and https port can be same with bindPort
 vhostHTTPPort = 80
 vhostHTTPSPort = 443
 
@@ -59,7 +61,7 @@ vhostHTTPSPort = 443
 # HTTP CONNECT requests. By default, this value is 0.
 # tcpmuxHTTPConnectPort = 1337
 
-# If tcpmux_passthrough is true, frps won't do any update on traffic.
+# If tcpmuxPassthrough is true, frps won't do any update on traffic.
 # tcpmuxPassthrough = false
 
 # Configure the web server to enable the dashboard for frps.
@@ -127,7 +129,7 @@ allowPorts = [
 maxPortsPerClient = 0
 
 # If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file
-# When subdomain is est, the host used by routing is test.frps.com
+# When subdomain is test, the host used by routing is test.frps.com
 subDomainHost = "frps.com"
 
 # custom 404 page for HTTP requests
@@ -141,6 +143,14 @@ udpPacketSize = 1500
 # Retention time for NAT hole punching strategy data.
 natholeAnalysisDataReserveHours = 168
 
+# ssh tunnel gateway
+# If you want to enable this feature, the bindPort parameter is required, while others are optional.
+# By default, this feature is disabled. It will be enabled if bindPort is greater than 0.
+# sshTunnelGateway.bindPort = 2200
+# sshTunnelGateway.privateKeyFile = "/home/frp-user/.ssh/id_rsa"
+# sshTunnelGateway.autoGenPrivateKeyPath = ""
+# sshTunnelGateway.authorizedKeysFile = "/home/frp-user/.ssh/authorized_keys"
+
 [[httpPlugins]]
 name = "user-manager"
 addr = "127.0.0.1:9000"
@@ -151,4 +161,4 @@ ops = ["Login"]
 name = "port-manager"
 addr = "127.0.0.1:9001"
 path = "/handler"
-ops = ["NewProxy"]
+ops = ["NewProxy"]
\ No newline at end of file
diff --git a/apps/frps/latest/data/frpc_full.toml b/apps/frps/latest/data/frpc_full.toml
index 05d6cbe2..67fd84ec 100644
--- a/apps/frps/latest/data/frpc_full.toml
+++ b/apps/frps/latest/data/frpc_full.toml
@@ -1,3 +1,5 @@
+# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+
 # your proxy name will be changed to {user}.{proxy}
 user = "your_name"
 
@@ -36,7 +38,7 @@ auth.token = "12345678"
 # auth.oidc.clientSecret = ""
 # oidc.audience specifies the audience of the token in OIDC authentication.
 # auth.oidc.audience = ""
-# oidc_scope specifies the permisssions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
+# oidc.scope specifies the permissions of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "".
 # auth.oidc.scope = ""
 # oidc.tokenEndpointURL specifies the URL which implements OIDC Token Endpoint.
 # It will be used to get an OIDC token.
@@ -110,7 +112,7 @@ transport.tls.enable = true
 # transport.tls.disableCustomTLSFirstByte = true
 
 # Heartbeat configure, it's not recommended to modify the default value.
-# The default value of heartbeat_interval is 10 and heartbeat_timeout is 90. Set negative value
+# The default value of heartbeatInterval is 10 and heartbeatTimeout is 90. Set negative value
 # to disable it.
 # transport.heartbeatInterval = 30
 # transport.heartbeatTimeout = 90
@@ -162,18 +164,23 @@ healthCheck.type = "tcp"
 healthCheck.timeoutSeconds = 3
 # If continuous failed in 3 times, the proxy will be removed from frps
 healthCheck.maxFailed = 3
-# every 10 seconds will do a health check
+# Every 10 seconds will do a health check
 healthCheck.intervalSeconds = 10
-# additional meta info for each proxy
+# Additional meta info for each proxy. It will be passed to the server-side plugin for use.
 metadatas.var1 = "abc"
 metadatas.var2 = "123"
+# You can add some extra information to the proxy through annotations.
+# These annotations will be displayed on the frps dashboard.
+[proxies.annotations]
+key1 = "value1"
+"prefix/key2" = "value2"
 
 [[proxies]]
 name = "ssh_random"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 22
-# If remote_port is 0, frps will assign a random port for you
+# If remotePort is 0, frps will assign a random port for you
 remotePort = 0
 
 [[proxies]]
@@ -183,14 +190,14 @@ localIP = "114.114.114.114"
 localPort = 53
 remotePort = 6002
 
-# Resolve your domain names to [server_addr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
+# Resolve your domain names to [serverAddr] so you can use http://web01.yourdomain.com to browse web01 and http://web02.yourdomain.com to browse web02
 [[proxies]]
 name = "web01"
 type = "http"
 localIP = "127.0.0.1"
 localPort = 80
 # http username and password are safety certification for http protocol
-# if not set, you can access this custom_domains without certification
+# if not set, you can access this customDomains without certification
 httpUser = "admin"
 httpPassword = "admin"
 # if domain for frps is frps.com, then you can access [web01] proxy by URL http://web01.frps.com
@@ -199,9 +206,8 @@ customDomains = ["web01.yourdomain.com"]
 # locations is only available for http type
 locations = ["/", "/pic"]
 # route requests to this service if http basic auto user is abc
-# route_by_http_user = abc
+# routeByHTTPUser = abc
 hostHeaderRewrite = "example.com"
-# params with prefix "header_" will be used to update http request headers
 requestHeaders.set.x-from-where = "frp"
 healthCheck.type = "http"
 # frpc will send a GET http request '/status' to local http service
@@ -235,7 +241,7 @@ customDomains = ["tunnel1"]
 name = "plugin_unix_domain_socket"
 type = "tcp"
 remotePort = 6003
-# if plugin is defined, local_ip and local_port is useless
+# if plugin is defined, localIP and localPort is useless
 # plugin will handle connections got from frps
 [proxies.plugin]
 type = "unix_domain_socket"
@@ -306,7 +312,7 @@ requestHeaders.set.x-from-where = "frp"
 
 [[proxies]]
 name = "secret_tcp"
-# If the type is secret tcp, remote_port is useless
+# If the type is secret tcp, remotePort is useless
 # Who want to connect local port should deploy another frpc with stcp proxy and role is visitor
 type = "stcp"
 # secretKey is used for authentication for visitors
@@ -353,8 +359,8 @@ bindAddr = "127.0.0.1"
 bindPort = 9001
 # when automatic tunnel persistence is required, set it to true
 keepTunnelOpen = false
-# effective when keep_tunnel_open is set to true, the number of attempts to punch through per hour
+# effective when keepTunnelOpen is set to true, the number of attempts to punch through per hour
 maxRetriesAnHour = 8
 minRetryInterval = 90
 # fallbackTo = "stcp_visitor"
-# fallbackTimeoutMs = 500
+# fallbackTimeoutMs = 500
\ No newline at end of file
diff --git a/apps/frps/latest/data/frps.toml b/apps/frps/latest/data/frps.toml
index 6a2f2cc2..cc3f831d 100644
--- a/apps/frps/latest/data/frps.toml
+++ b/apps/frps/latest/data/frps.toml
@@ -19,7 +19,8 @@ kcpBindPort = 7000
 #subDomainHost = "example.com"
 
 # tls
-tls.force = false
+transport.tls.force = true
+#tls.force = false # 版本0.52.0到0.55.0用这个
 #transport.tls.certFile = "/etc/frp/ssl/server.crt"
 #transport.tls.keyFile = "/etc/frp/ssl/server.key"
 #transport.tls.trustedCaFile = "/etc/frp/ssl/ca.crt"
diff --git a/apps/frps/latest/data/frps_full.toml b/apps/frps/latest/data/frps_full.toml
index 180a3b24..f739d4d4 100644
--- a/apps/frps/latest/data/frps_full.toml
+++ b/apps/frps/latest/data/frps_full.toml
@@ -1,10 +1,12 @@
+# This configuration file is for reference only. Please do not use this configuration directly to run the program as it may have various issues.
+
 # A literal address or host name for IPv6 must be enclosed
 # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80"
-# For single "bind_addr" field, no need square brackets, like "bind_addr = ::".
+# For single "bindAddr" field, no need square brackets, like `bindAddr = "::"`.
 bindAddr = "0.0.0.0"
 bindPort = 7000
 
-# udp port used for kcp protocol, it can be same with 'bind_port'.
+# udp port used for kcp protocol, it can be same with 'bindPort'.
 # if not set, kcp is disabled in frps.
 kcpBindPort = 7000
 
@@ -12,8 +14,8 @@ kcpBindPort = 7000
 # if not set, quic is disabled in frps.
 # quicBindPort = 7002
 
-# Specify which address proxy will listen for, default value is same with bind_addr
-# proxy_bind_addr = "127.0.0.1"
+# Specify which address proxy will listen for, default value is same with bindAddr
+# proxyBindAddr = "127.0.0.1"
 
 # quic protocol options
 # transport.quic.keepalivePeriod = 10
@@ -21,7 +23,7 @@ kcpBindPort = 7000
 # transport.quic.maxIncomingStreams = 100000
 
 # Heartbeat configure, it's not recommended to modify the default value
-# The default value of heartbeat_timeout is 90. Set negative value to disable it.
+# The default value of heartbeatTimeout is 90. Set negative value to disable it.
 # transport.heartbeatTimeout = 90
 
 # Pool count in each proxy will keep no more than maxPoolCount.
@@ -39,14 +41,14 @@ transport.maxPoolCount = 5
 # transport.tcpKeepalive = 7200
 
 # transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false.
-tls.force = false
+transport.tls.force = false
 
 # transport.tls.certFile = "server.crt"
 # transport.tls.keyFile = "server.key"
 # transport.tls.trustedCaFile = "ca.crt"
 
 # If you want to support virtual host, you must set the http port for listening (optional)
-# Note: http port and https port can be same with bind_port
+# Note: http port and https port can be same with bindPort
 vhostHTTPPort = 80
 vhostHTTPSPort = 443
 
@@ -59,7 +61,7 @@ vhostHTTPSPort = 443
 # HTTP CONNECT requests. By default, this value is 0.
 # tcpmuxHTTPConnectPort = 1337
 
-# If tcpmux_passthrough is true, frps won't do any update on traffic.
+# If tcpmuxPassthrough is true, frps won't do any update on traffic.
 # tcpmuxPassthrough = false
 
 # Configure the web server to enable the dashboard for frps.
@@ -127,7 +129,7 @@ allowPorts = [
 maxPortsPerClient = 0
 
 # If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file
-# When subdomain is est, the host used by routing is test.frps.com
+# When subdomain is test, the host used by routing is test.frps.com
 subDomainHost = "frps.com"
 
 # custom 404 page for HTTP requests
@@ -141,6 +143,14 @@ udpPacketSize = 1500
 # Retention time for NAT hole punching strategy data.
 natholeAnalysisDataReserveHours = 168
 
+# ssh tunnel gateway
+# If you want to enable this feature, the bindPort parameter is required, while others are optional.
+# By default, this feature is disabled. It will be enabled if bindPort is greater than 0.
+# sshTunnelGateway.bindPort = 2200
+# sshTunnelGateway.privateKeyFile = "/home/frp-user/.ssh/id_rsa"
+# sshTunnelGateway.autoGenPrivateKeyPath = ""
+# sshTunnelGateway.authorizedKeysFile = "/home/frp-user/.ssh/authorized_keys"
+
 [[httpPlugins]]
 name = "user-manager"
 addr = "127.0.0.1:9000"
@@ -151,4 +161,4 @@ ops = ["Login"]
 name = "port-manager"
 addr = "127.0.0.1:9001"
 path = "/handler"
-ops = ["NewProxy"]
+ops = ["NewProxy"]
\ No newline at end of file