2022-10-09 23:31:15 -04:00
|
|
|
package controller
|
2022-06-01 13:35:41 -04:00
|
|
|
|
|
|
|
|
import (
|
2022-12-18 10:31:06 -05:00
|
|
|
"crypto/rand"
|
|
|
|
|
"encoding/base64"
|
|
|
|
|
"encoding/hex"
|
2022-06-01 13:35:41 -04:00
|
|
|
"fmt"
|
2022-08-16 01:04:33 -04:00
|
|
|
"github.com/Yuzuki616/V2bX/api/panel"
|
2023-01-12 01:27:06 -05:00
|
|
|
"github.com/Yuzuki616/V2bX/common/file"
|
2022-07-28 11:00:05 -04:00
|
|
|
"github.com/Yuzuki616/V2bX/conf"
|
2023-01-12 01:27:06 -05:00
|
|
|
"github.com/Yuzuki616/V2bX/node/controller/lego"
|
2022-10-11 04:05:19 -04:00
|
|
|
"github.com/goccy/go-json"
|
2022-06-01 13:35:41 -04:00
|
|
|
"github.com/xtls/xray-core/common/net"
|
|
|
|
|
"github.com/xtls/xray-core/core"
|
2022-07-28 11:00:05 -04:00
|
|
|
coreConf "github.com/xtls/xray-core/infra/conf"
|
2022-06-01 13:35:41 -04:00
|
|
|
)
|
|
|
|
|
|
2022-10-09 20:59:00 -04:00
|
|
|
// buildInbound build Inbound config for different protocol
|
|
|
|
|
func buildInbound(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, tag string) (*core.InboundHandlerConfig, error) {
|
2022-12-18 10:31:06 -05:00
|
|
|
inbound := &coreConf.InboundDetourConfig{}
|
|
|
|
|
// Set network protocol
|
|
|
|
|
t := coreConf.TransportProtocol(nodeInfo.Network)
|
|
|
|
|
inbound.StreamSetting = &coreConf.StreamConfig{Network: &t}
|
|
|
|
|
var err error
|
|
|
|
|
switch nodeInfo.NodeType {
|
|
|
|
|
case "V2ray":
|
|
|
|
|
err = buildV2ray(config, nodeInfo, inbound)
|
|
|
|
|
case "Trojan":
|
|
|
|
|
err = buildTrojan(config, nodeInfo, inbound)
|
|
|
|
|
case "Shadowsocks":
|
|
|
|
|
err = buildShadowsocks(config, nodeInfo, inbound)
|
|
|
|
|
default:
|
2022-06-06 05:22:45 -04:00
|
|
|
return nil, fmt.Errorf("unsupported node type: %s, Only support: V2ray, Trojan, Shadowsocks", nodeInfo.NodeType)
|
2022-10-09 20:59:00 -04:00
|
|
|
}
|
2022-12-18 10:31:06 -05:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
// Set server port
|
|
|
|
|
inbound.PortList = &coreConf.PortList{
|
|
|
|
|
Range: []coreConf.PortRange{{From: uint32(nodeInfo.ServerPort), To: uint32(nodeInfo.ServerPort)}},
|
|
|
|
|
}
|
|
|
|
|
// Set Listen IP address
|
2022-06-01 13:35:41 -04:00
|
|
|
ipAddress := net.ParseAddress(config.ListenIP)
|
2022-12-18 10:31:06 -05:00
|
|
|
inbound.ListenOn = &coreConf.Address{Address: ipAddress}
|
|
|
|
|
// Set SniffingConfig
|
2022-07-28 11:00:05 -04:00
|
|
|
sniffingConfig := &coreConf.SniffingConfig{
|
2022-06-01 13:35:41 -04:00
|
|
|
Enabled: true,
|
2022-07-28 11:00:05 -04:00
|
|
|
DestOverride: &coreConf.StringList{"http", "tls"},
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
|
|
|
|
if config.DisableSniffing {
|
|
|
|
|
sniffingConfig.Enabled = false
|
|
|
|
|
}
|
2022-12-18 10:31:06 -05:00
|
|
|
inbound.SniffingConfig = sniffingConfig
|
2022-12-19 03:26:02 -05:00
|
|
|
if *inbound.StreamSetting.Network == "tcp" {
|
2022-12-18 10:31:06 -05:00
|
|
|
if inbound.StreamSetting.TCPSettings != nil {
|
|
|
|
|
inbound.StreamSetting.TCPSettings.AcceptProxyProtocol = config.EnableProxyProtocol
|
2022-06-02 13:22:56 -04:00
|
|
|
} else {
|
2022-07-28 11:00:05 -04:00
|
|
|
tcpSetting := &coreConf.TCPConfig{
|
2022-06-02 13:22:56 -04:00
|
|
|
AcceptProxyProtocol: config.EnableProxyProtocol,
|
2022-10-09 20:59:00 -04:00
|
|
|
} //Enable proxy protocol
|
2022-12-18 10:31:06 -05:00
|
|
|
inbound.StreamSetting.TCPSettings = tcpSetting
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
2022-12-19 03:26:02 -05:00
|
|
|
} else if *inbound.StreamSetting.Network == "ws" {
|
2022-12-18 10:31:06 -05:00
|
|
|
inbound.StreamSetting.WSSettings = &coreConf.WebSocketConfig{
|
2022-10-09 20:59:00 -04:00
|
|
|
AcceptProxyProtocol: config.EnableProxyProtocol} //Enable proxy protocol
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
2022-12-18 10:31:06 -05:00
|
|
|
// Set TLS and XTLS settings
|
2022-06-01 13:35:41 -04:00
|
|
|
if nodeInfo.EnableTls && config.CertConfig.CertMode != "none" {
|
2023-03-22 21:08:01 -04:00
|
|
|
inbound.StreamSetting.Security = "tls"
|
2022-06-01 13:35:41 -04:00
|
|
|
certFile, keyFile, err := getCertFile(config.CertConfig)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2023-03-22 21:08:01 -04:00
|
|
|
tlsSettings := &coreConf.TLSConfig{
|
|
|
|
|
RejectUnknownSNI: config.CertConfig.RejectUnknownSni,
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
2023-03-22 21:08:01 -04:00
|
|
|
tlsSettings.Certs = append(tlsSettings.Certs, &coreConf.TLSCertConfig{CertFile: certFile, KeyFile: keyFile, OcspStapling: 3600})
|
|
|
|
|
inbound.StreamSetting.TLSSettings = tlsSettings
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
|
|
|
|
// Support ProxyProtocol for any transport protocol
|
2022-12-18 10:31:06 -05:00
|
|
|
if *inbound.StreamSetting.Network != "tcp" &&
|
|
|
|
|
*inbound.StreamSetting.Network != "ws" &&
|
2022-06-01 13:35:41 -04:00
|
|
|
config.EnableProxyProtocol {
|
2022-07-28 11:00:05 -04:00
|
|
|
sockoptConfig := &coreConf.SocketConfig{
|
2022-06-01 13:35:41 -04:00
|
|
|
AcceptProxyProtocol: config.EnableProxyProtocol,
|
2022-10-09 20:59:00 -04:00
|
|
|
} //Enable proxy protocol
|
2022-12-18 10:31:06 -05:00
|
|
|
inbound.StreamSetting.SocketSettings = sockoptConfig
|
|
|
|
|
}
|
|
|
|
|
inbound.Tag = tag
|
|
|
|
|
return inbound.Build()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func buildV2ray(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, inbound *coreConf.InboundDetourConfig) error {
|
|
|
|
|
if nodeInfo.EnableVless {
|
|
|
|
|
//Set vless
|
|
|
|
|
inbound.Protocol = "vless"
|
|
|
|
|
if config.EnableFallback {
|
|
|
|
|
// Set fallback
|
|
|
|
|
fallbackConfigs, err := buildVlessFallbacks(config.FallBackConfigs)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
s, err := json.Marshal(&coreConf.VLessInboundConfig{
|
|
|
|
|
Decryption: "none",
|
|
|
|
|
Fallbacks: fallbackConfigs,
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("marshal vless fallback config error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
inbound.Settings = (*json.RawMessage)(&s)
|
|
|
|
|
} else {
|
|
|
|
|
var err error
|
|
|
|
|
s, err := json.Marshal(&coreConf.VLessInboundConfig{
|
|
|
|
|
Decryption: "none",
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("marshal vless config error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
inbound.Settings = (*json.RawMessage)(&s)
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
// Set vmess
|
|
|
|
|
inbound.Protocol = "vmess"
|
|
|
|
|
var err error
|
|
|
|
|
s, err := json.Marshal(&coreConf.VMessInboundConfig{})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("marshal vmess settings error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
inbound.Settings = (*json.RawMessage)(&s)
|
|
|
|
|
}
|
|
|
|
|
switch nodeInfo.Network {
|
|
|
|
|
case "tcp":
|
|
|
|
|
err := json.Unmarshal(nodeInfo.NetworkSettings, &inbound.StreamSetting.TCPSettings)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("unmarshal tcp settings error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
case "ws":
|
|
|
|
|
err := json.Unmarshal(nodeInfo.NetworkSettings, &inbound.StreamSetting.WSSettings)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("unmarshal ws settings error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
case "grpc":
|
|
|
|
|
err := json.Unmarshal(nodeInfo.NetworkSettings, &inbound.StreamSetting.GRPCConfig)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("unmarshal grpc settings error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func buildTrojan(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, inbound *coreConf.InboundDetourConfig) error {
|
|
|
|
|
inbound.Protocol = "trojan"
|
|
|
|
|
if config.EnableFallback {
|
|
|
|
|
// Set fallback
|
|
|
|
|
fallbackConfigs, err := buildTrojanFallbacks(config.FallBackConfigs)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
s, err := json.Marshal(&coreConf.TrojanServerConfig{
|
|
|
|
|
Fallbacks: fallbackConfigs,
|
|
|
|
|
})
|
|
|
|
|
inbound.Settings = (*json.RawMessage)(&s)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("marshal trojan fallback config error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
s := []byte("{}")
|
|
|
|
|
inbound.Settings = (*json.RawMessage)(&s)
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
2022-12-18 10:31:06 -05:00
|
|
|
t := coreConf.TransportProtocol(nodeInfo.Network)
|
|
|
|
|
inbound.StreamSetting = &coreConf.StreamConfig{Network: &t}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func buildShadowsocks(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, inbound *coreConf.InboundDetourConfig) error {
|
|
|
|
|
inbound.Protocol = "shadowsocks"
|
|
|
|
|
settings := &coreConf.ShadowsocksServerConfig{
|
|
|
|
|
Cipher: nodeInfo.Cipher,
|
|
|
|
|
}
|
|
|
|
|
p := make([]byte, 32)
|
|
|
|
|
_, err := rand.Read(p)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("generate random password error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
randomPasswd := hex.EncodeToString(p)
|
|
|
|
|
cipher := nodeInfo.Cipher
|
|
|
|
|
if nodeInfo.ServerKey != "" {
|
|
|
|
|
settings.Password = nodeInfo.ServerKey
|
|
|
|
|
randomPasswd = base64.StdEncoding.EncodeToString([]byte(randomPasswd))
|
|
|
|
|
cipher = ""
|
|
|
|
|
}
|
|
|
|
|
defaultSSuser := &coreConf.ShadowsocksUserConfig{
|
|
|
|
|
Cipher: cipher,
|
|
|
|
|
Password: randomPasswd,
|
|
|
|
|
}
|
|
|
|
|
settings.Users = append(settings.Users, defaultSSuser)
|
|
|
|
|
settings.NetworkList = &coreConf.NetworkList{"tcp", "udp"}
|
|
|
|
|
settings.IVCheck = true
|
|
|
|
|
if config.DisableIVCheck {
|
|
|
|
|
settings.IVCheck = false
|
|
|
|
|
}
|
|
|
|
|
t := coreConf.TransportProtocol("tcp")
|
|
|
|
|
inbound.StreamSetting = &coreConf.StreamConfig{Network: &t}
|
|
|
|
|
s, err := json.Marshal(settings)
|
|
|
|
|
inbound.Settings = (*json.RawMessage)(&s)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("marshal shadowsocks settings error: %s", err)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
|
|
|
|
|
2022-07-28 11:00:05 -04:00
|
|
|
func getCertFile(certConfig *conf.CertConfig) (certFile string, keyFile string, err error) {
|
2023-01-12 01:27:06 -05:00
|
|
|
if certConfig.CertFile == "" || certConfig.KeyFile == "" {
|
|
|
|
|
return "", "", fmt.Errorf("cert file path or key file path not exist")
|
|
|
|
|
}
|
|
|
|
|
switch certConfig.CertMode {
|
|
|
|
|
case "file":
|
2022-06-01 13:35:41 -04:00
|
|
|
return certConfig.CertFile, certConfig.KeyFile, nil
|
2023-01-12 01:27:06 -05:00
|
|
|
case "dns", "http":
|
|
|
|
|
if file.IsExist(certConfig.CertFile) && file.IsExist(certConfig.KeyFile) {
|
|
|
|
|
return certConfig.CertFile, certConfig.KeyFile, nil
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
2023-01-12 01:27:06 -05:00
|
|
|
l, err := lego.New(certConfig)
|
2022-06-01 13:35:41 -04:00
|
|
|
if err != nil {
|
2023-01-12 01:27:06 -05:00
|
|
|
return "", "", fmt.Errorf("create lego object error: %s", err)
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
2023-01-12 01:27:06 -05:00
|
|
|
err = l.CreateCert()
|
2022-06-01 13:35:41 -04:00
|
|
|
if err != nil {
|
2023-01-12 01:27:06 -05:00
|
|
|
return "", "", fmt.Errorf("create cert error: %s", err)
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
2023-01-12 01:27:06 -05:00
|
|
|
return certConfig.CertFile, certConfig.KeyFile, nil
|
2022-06-01 13:35:41 -04:00
|
|
|
}
|
|
|
|
|
return "", "", fmt.Errorf("unsupported certmode: %s", certConfig.CertMode)
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-28 11:00:05 -04:00
|
|
|
func buildVlessFallbacks(fallbackConfigs []*conf.FallBackConfig) ([]*coreConf.VLessInboundFallback, error) {
|
2022-06-01 13:35:41 -04:00
|
|
|
if fallbackConfigs == nil {
|
|
|
|
|
return nil, fmt.Errorf("you must provide FallBackConfigs")
|
|
|
|
|
}
|
2022-07-28 11:00:05 -04:00
|
|
|
vlessFallBacks := make([]*coreConf.VLessInboundFallback, len(fallbackConfigs))
|
2022-06-01 13:35:41 -04:00
|
|
|
for i, c := range fallbackConfigs {
|
|
|
|
|
if c.Dest == "" {
|
|
|
|
|
return nil, fmt.Errorf("dest is required for fallback fialed")
|
|
|
|
|
}
|
|
|
|
|
var dest json.RawMessage
|
|
|
|
|
dest, err := json.Marshal(c.Dest)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("marshal dest %s config fialed: %s", dest, err)
|
|
|
|
|
}
|
2022-07-28 11:00:05 -04:00
|
|
|
vlessFallBacks[i] = &coreConf.VLessInboundFallback{
|
2022-06-01 13:35:41 -04:00
|
|
|
Name: c.SNI,
|
|
|
|
|
Alpn: c.Alpn,
|
|
|
|
|
Path: c.Path,
|
|
|
|
|
Dest: dest,
|
|
|
|
|
Xver: c.ProxyProtocolVer,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return vlessFallBacks, nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-28 11:00:05 -04:00
|
|
|
func buildTrojanFallbacks(fallbackConfigs []*conf.FallBackConfig) ([]*coreConf.TrojanInboundFallback, error) {
|
2022-06-01 13:35:41 -04:00
|
|
|
if fallbackConfigs == nil {
|
|
|
|
|
return nil, fmt.Errorf("you must provide FallBackConfigs")
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-28 11:00:05 -04:00
|
|
|
trojanFallBacks := make([]*coreConf.TrojanInboundFallback, len(fallbackConfigs))
|
2022-06-01 13:35:41 -04:00
|
|
|
for i, c := range fallbackConfigs {
|
|
|
|
|
|
|
|
|
|
if c.Dest == "" {
|
|
|
|
|
return nil, fmt.Errorf("dest is required for fallback fialed")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var dest json.RawMessage
|
|
|
|
|
dest, err := json.Marshal(c.Dest)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("marshal dest %s config fialed: %s", dest, err)
|
|
|
|
|
}
|
2022-07-28 11:00:05 -04:00
|
|
|
trojanFallBacks[i] = &coreConf.TrojanInboundFallback{
|
2022-06-01 13:35:41 -04:00
|
|
|
Name: c.SNI,
|
|
|
|
|
Alpn: c.Alpn,
|
|
|
|
|
Path: c.Path,
|
|
|
|
|
Dest: dest,
|
|
|
|
|
Xver: c.ProxyProtocolVer,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return trojanFallBacks, nil
|
|
|
|
|
}
|
