user = $user; $this->servers = $servers; } public function handle() { $servers = $this->servers; $user = $this->user; $appName = admin_setting('app_name', 'XBoard'); $defaultConfig = base_path() . '/resources/rules/default.clash.yaml'; $customClashConfig = base_path() . '/resources/rules/custom.clash.yaml'; $customConfig = base_path() . '/resources/rules/custom.clashmeta.yaml'; if (\File::exists($customConfig)) { $config = Yaml::parseFile($customConfig); } elseif(\File::exists($customClashConfig)) { $config = Yaml::parseFile($customClashConfig); } else{ $config = Yaml::parseFile($defaultConfig); } $proxy = []; $proxies = []; foreach ($servers as $item) { if ($item['type'] === 'shadowsocks') { array_push($proxy, self::buildShadowsocks($user['uuid'], $item)); array_push($proxies, $item['name']); } if ($item['type'] === 'vmess') { array_push($proxy, self::buildVmess($user['uuid'], $item)); array_push($proxies, $item['name']); } if ($item['type'] === 'trojan') { array_push($proxy, self::buildTrojan($user['uuid'], $item)); array_push($proxies, $item['name']); } if ($item['type'] === 'vless') { array_push($proxy, self::buildVless($user['uuid'], $item)); array_push($proxies, $item['name']); } if ($item['type'] === 'hysteria') { array_push($proxy, self::buildHysteria($user['uuid'], $item, $user)); array_push($proxies, $item['name']); } } $config['proxies'] = array_merge($config['proxies'] ? $config['proxies'] : [], $proxy); foreach ($config['proxy-groups'] as $k => $v) { if (!is_array($config['proxy-groups'][$k]['proxies'])) $config['proxy-groups'][$k]['proxies'] = []; $isFilter = false; foreach ($config['proxy-groups'][$k]['proxies'] as $src) { foreach ($proxies as $dst) { if (!$this->isRegex($src)) continue; $isFilter = true; $config['proxy-groups'][$k]['proxies'] = array_values(array_diff($config['proxy-groups'][$k]['proxies'], [$src])); if ($this->isMatch($src, $dst)) { array_push($config['proxy-groups'][$k]['proxies'], $dst); } } if ($isFilter) continue; } if ($isFilter) continue; $config['proxy-groups'][$k]['proxies'] = array_merge($config['proxy-groups'][$k]['proxies'], $proxies); } $config['proxy-groups'] = array_filter($config['proxy-groups'], function($group) { return $group['proxies']; }); $config['proxy-groups'] = array_values($config['proxy-groups']); // Force the current subscription domain to be a direct rule $subsDomain = request()->header('Host'); if ($subsDomain) { array_unshift($config['rules'], "DOMAIN,{$subsDomain},DIRECT"); } $yaml = Yaml::dump($config, 2, 4, Yaml::DUMP_EMPTY_ARRAY_AS_SEQUENCE); $yaml = str_replace('$app_name', admin_setting('app_name', 'XBoard'), $yaml); return response($yaml, 200) ->header('subscription-userinfo', "upload={$user['u']}; download={$user['d']}; total={$user['transfer_enable']}; expire={$user['expired_at']}") ->header('profile-update-interval', '24') ->header('content-disposition', 'attachment;filename*=UTF-8\'\'' . rawurlencode($appName)); } public static function buildShadowsocks($password, $server) { if ($server['cipher'] === '2022-blake3-aes-128-gcm') { $serverKey = Helper::getServerKey($server['created_at'], 16); $userKey = Helper::uuidToBase64($password, 16); $password = "{$serverKey}:{$userKey}"; } if ($server['cipher'] === '2022-blake3-aes-256-gcm') { $serverKey = Helper::getServerKey($server['created_at'], 32); $userKey = Helper::uuidToBase64($password, 32); $password = "{$serverKey}:{$userKey}"; } $array = []; $array['name'] = $server['name']; $array['type'] = 'ss'; $array['server'] = $server['host']; $array['port'] = $server['port']; $array['cipher'] = $server['cipher']; $array['password'] = $password; $array['udp'] = true; return $array; } public static function buildVmess($uuid, $server) { $array = []; $array['name'] = $server['name']; $array['type'] = 'vmess'; $array['server'] = $server['host']; $array['port'] = $server['port']; $array['uuid'] = $uuid; $array['alterId'] = 0; $array['cipher'] = 'auto'; $array['udp'] = true; if ($server['tls']) { $array['tls'] = true; if ($server['tlsSettings']) { $tlsSettings = $server['tlsSettings']; if (isset($tlsSettings['allowInsecure']) && !empty($tlsSettings['allowInsecure'])) $array['skip-cert-verify'] = ($tlsSettings['allowInsecure'] ? true : false); if (isset($tlsSettings['serverName']) && !empty($tlsSettings['serverName'])) $array['servername'] = $tlsSettings['serverName']; } } if ($server['network'] === 'tcp') { $tcpSettings = $server['networkSettings']; if (isset($tcpSettings['header']['type'])) $array['network'] = $tcpSettings['header']['type']; if (isset($tcpSettings['header']['request']['headers'])){ $headers = $$tcpSettings['header']['request']['headers']; $array['http-opts']['headers'] = $headers; } if (isset($tcpSettings['header']['request']['path'][0])){ $paths = $tcpSettings['header']['request']['path']; $array['http-opts']['path'] = $paths; } } if ($server['network'] === 'ws') { $array['network'] = 'ws'; if ($server['networkSettings']) { $wsSettings = $server['networkSettings']; $array['ws-opts'] = []; if (isset($wsSettings['path']) && !empty($wsSettings['path'])) $array['ws-opts']['path'] = $wsSettings['path']; if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host'])) $array['ws-opts']['headers'] = ['Host' => $wsSettings['headers']['Host']]; if (isset($wsSettings['path']) && !empty($wsSettings['path'])) $array['ws-path'] = $wsSettings['path']; if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host'])) $array['ws-headers'] = ['Host' => $wsSettings['headers']['Host']]; } } if ($server['network'] === 'grpc') { $array['network'] = 'grpc'; if ($server['networkSettings']) { $grpcSettings = $server['networkSettings']; $array['grpc-opts'] = []; if (isset($grpcSettings['serviceName'])) $array['grpc-opts']['grpc-service-name'] = $grpcSettings['serviceName']; } } return $array; } public static function buildVless($password, $server){ $array = []; $array['name'] = $server['name']; $array['type'] = 'vless'; $array['server'] = $server['host']; $array['port'] = $server['port']; $array['uuid'] = $password; $array['alterId'] = 0; $array['cipher'] = 'auto'; $array['udp'] = true; // XTLS流控算法 if($server['flow']) ($array['flow'] = $server['flow']); if ($server['tls']) { switch($server['tls']){ case 1: //开启TLS $array['tls'] = true; if ($server['tls_settings']) { $tlsSettings = $server['tls_settings']; if (isset($tlsSettings['allowInsecure']) && !empty($tlsSettings['allowInsecure'])) $array['skip-cert-verify'] = ($tlsSettings['allowInsecure'] ? true : false); if (isset($tlsSettings['server_name']) && !empty($tlsSettings['server_name'])) $array['servername'] = $tlsSettings['server_name']; } break; case 2: //开启reality $array['tls'] = true; $tls_settings = $server['tls_settings']; if (!empty($tls_settings['allowInsecure'])) $array['skip-cert-verify'] = (bool)$tls_settings['allowInsecure']; if(($tls_settings['public_key'] ?? null) && ($tls_settings['short_id'] ?? null) && ($tls_settings['server_name'] ?? null)){ $array['servername'] = $tls_settings['server_name']; $array['reality-opts'] = [ 'public-key' => $tls_settings['public_key'], 'short-id' => $tls_settings['short_id'] ]; $fingerprints = ['chrome', 'firefox', 'safari', 'ios', 'edge', 'qq']; //随机客户端指纹 $array['client-fingerprint'] = $fingerprints[rand(0,count($fingerprints) - 1)]; }; break; } } if ($server['network'] === 'ws') { $array['network'] = 'ws'; if ($server['network_settings']) { $wsSettings = $server['network_settings']; $array['ws-opts'] = []; if (isset($wsSettings['path']) && !empty($wsSettings['path'])) $array['ws-opts']['path'] = $wsSettings['path']; if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host'])) $array['ws-opts']['headers'] = ['Host' => $wsSettings['headers']['Host']]; if (isset($wsSettings['path']) && !empty($wsSettings['path'])) $array['ws-path'] = $wsSettings['path']; if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host'])) $array['ws-headers'] = ['Host' => $wsSettings['headers']['Host']]; } } if ($server['network'] === 'grpc') { $array['network'] = 'grpc'; if ($server['network_settings']) { $grpcSettings = $server['network_settings']; $array['grpc-opts'] = []; if (isset($grpcSettings['serviceName'])) { $array['grpc-opts']['grpc-service-name'] = $grpcSettings['serviceName']; }; } } return $array; } public static function buildTrojan($password, $server) { $array = []; $array['name'] = $server['name']; $array['type'] = 'trojan'; $array['server'] = $server['host']; $array['port'] = $server['port']; $array['password'] = $password; $array['udp'] = true; if (!empty($server['server_name'])) $array['sni'] = $server['server_name']; if (!empty($server['allow_insecure'])) $array['skip-cert-verify'] = ($server['allow_insecure'] ? true : false); // trojan-go配置 if(in_array($server['network'], ["grpc", "ws"])){ $array['network'] = $server['network']; // grpc配置 if($server['network'] === "grpc" && isset($server['networkSettings']['serviceName'])) $array['grpc-opts']['grpc-service-name'] = $server['networkSettings']['serviceName']; // ws配置 if($server['network'] === "ws") { if(isset($server['networkSettings']['path'])) { $array['ws-opts']['path'] = $server['networkSettings']['path']; } if(isset($server['networkSettings']['headers']['Host'])){ $array['ws-opts']['headers']['Host'] = $server['networkSettings']['headers']['Host']; } } }; return $array; } public static function buildHysteria($password, $server, $user) { $array = []; $array['name'] = $server['name']; $array['server'] = $server['host']; $array['port'] = $server['port']; if($server['server_name']) $array['sni'] = $server['server_name']; $array['up'] = $user->speed_limit ? min($server['up_mbps'], $user->speed_limit) : $server['up_mbps']; $array['down'] = $user->speed_limit ? min($server['down_mbps'], $user->speed_limit) : $server['down_mbps']; $array['skip-cert-verify'] = $server['insecure'] ? true : false; switch($server['version']){ case 1: $array['type'] = 'hysteria'; // 判断是否开启动态端口 if(isset($server['ports'])) $array['ports'] = $server['ports']; $array['auth_str'] = $password; $array['protocol'] = 'udp'; if($server['is_obfs']) $array['obfs'] = $server['server_key']; $array['fast-open'] = true; $array['disable_mtu_discovery'] = true; //禁止路径最大传输单元发现 $array['alpn'] = [ServerHysteria::$alpnMap[$server['alpn']]]; break; case 2: $array['type'] = 'hysteria2'; $array['password'] = $password; if($server['is_obfs']) { $array['obfs'] = 'salamander'; $array['obfs-password'] = $server['server_key']; } if(isset($server['ports'])) $array['ports'] = $server['ports']; break; } return $array; } private function isMatch($exp, $str) { return @preg_match($exp, $str); } private function isRegex($exp) { return @preg_match($exp, null) !== false; } }