tcjlj/Xboard
1
0
Fork 0
mirror of https://github.com/cedar2025/Xboard.git synced 2025-01-22 10:38:14 -05:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
dev
Xboard/app/Protocols/ClashMeta.php
Xboard d3bc8ff8fe
Some checks are pending
Docker Build and Publish / build (push) Waiting to run
Details
Merge pull request #192 from yushum/patch-1 
Update websocket settings
2025-01-16 12:52:30 +08:00

337 lines
14 KiB
PHP
Raw Permalink Blame History

<?php
namespace App\Protocols;
use App\Models\ServerHysteria;
use App\Utils\Helper;
use Symfony\Component\Yaml\Yaml;
class ClashMeta
{
public $flag = 'meta,verge';
private $servers;
private $user;
public function __construct($user, $servers, array $options = null)
{
$this->user = $user;
$this->servers = $servers;
}
public function handle()
{
$servers = $this->servers;
$user = $this->user;
$appName = admin_setting('app_name', 'XBoard');
$defaultConfig = base_path() . '/resources/rules/default.clash.yaml';
$customClashConfig = base_path() . '/resources/rules/custom.clash.yaml';
$customConfig = base_path() . '/resources/rules/custom.clashmeta.yaml';
if (\File::exists($customConfig)) {
$config = Yaml::parseFile($customConfig);
} elseif(\File::exists($customClashConfig)) {
$config = Yaml::parseFile($customClashConfig);
} else{
$config = Yaml::parseFile($defaultConfig);
}
$proxy = [];
$proxies = [];
foreach ($servers as $item) {
if ($item['type'] === 'shadowsocks') {
array_push($proxy, self::buildShadowsocks($item['password'], $item));
array_push($proxies, $item['name']);
}
if ($item['type'] === 'vmess') {
array_push($proxy, self::buildVmess($user['uuid'], $item));
array_push($proxies, $item['name']);
}
if ($item['type'] === 'trojan') {
array_push($proxy, self::buildTrojan($user['uuid'], $item));
array_push($proxies, $item['name']);
}
if ($item['type'] === 'vless') {
array_push($proxy, self::buildVless($user['uuid'], $item));
array_push($proxies, $item['name']);
}
if ($item['type'] === 'hysteria') {
array_push($proxy, self::buildHysteria($user['uuid'], $item, $user));
array_push($proxies, $item['name']);
}
}
$config['proxies'] = array_merge($config['proxies'] ? $config['proxies'] : [], $proxy);
foreach ($config['proxy-groups'] as $k => $v) {
if (!is_array($config['proxy-groups'][$k]['proxies'])) $config['proxy-groups'][$k]['proxies'] = [];
$isFilter = false;
foreach ($config['proxy-groups'][$k]['proxies'] as $src) {
foreach ($proxies as $dst) {
if (!$this->isRegex($src)) continue;
$isFilter = true;
$config['proxy-groups'][$k]['proxies'] = array_values(array_diff($config['proxy-groups'][$k]['proxies'], [$src]));
if ($this->isMatch($src, $dst)) {
array_push($config['proxy-groups'][$k]['proxies'], $dst);
}
}
if ($isFilter) continue;
}
if ($isFilter) continue;
$config['proxy-groups'][$k]['proxies'] = array_merge($config['proxy-groups'][$k]['proxies'], $proxies);
}
$config['proxy-groups'] = array_filter($config['proxy-groups'], function($group) {
return $group['proxies'];
});
$config['proxy-groups'] = array_values($config['proxy-groups']);
$config = $this->buildRules($config);
$yaml = Yaml::dump($config, 2, 4, Yaml::DUMP_EMPTY_ARRAY_AS_SEQUENCE);
$yaml = str_replace('$app_name', admin_setting('app_name', 'XBoard'), $yaml);
return response($yaml, 200)
->header('subscription-userinfo', "upload={$user['u']}; download={$user['d']}; total={$user['transfer_enable']}; expire={$user['expired_at']}")
->header('profile-update-interval', '24')
->header('content-disposition', 'attachment;filename*=UTF-8\'\'' . rawurlencode($appName))
->header('profile-web-page-url', admin_setting('app_url'));
}
/**
* Build the rules for Clash.
*/
public function buildRules($config)
{
// Force the current subscription domain to be a direct rule
$subsDomain = request()->header('Host');
if ($subsDomain) {
array_unshift($config['rules'], "DOMAIN,{$subsDomain},DIRECT");
}
// Force the nodes ip to be a direct rule
collect($this->servers)->pluck('host')->map(function($host){
$host = trim($host);
return filter_var($host, FILTER_VALIDATE_IP) ? [$host] : Helper::getIpByDomainName($host);
})->flatten()->unique()->each(function($nodeIP) use ( &$config ) {
array_unshift($config['rules'], "IP-CIDR,{$nodeIP}/32,DIRECT,no-resolve");
});
return $config;
}
public static function buildShadowsocks($password, $server)
{
$array = [];
$array['name'] = $server['name'];
$array['type'] = 'ss';
$array['server'] = $server['host'];
$array['port'] = $server['port'];
$array['cipher'] = $server['cipher'];
$array['password'] = $password;
$array['udp'] = true;
return $array;
}
public static function buildVmess($uuid, $server)
{
$array = [];
$array['name'] = $server['name'];
$array['type'] = 'vmess';
$array['server'] = $server['host'];
$array['port'] = $server['port'];
$array['uuid'] = $uuid;
$array['alterId'] = 0;
$array['cipher'] = 'auto';
$array['udp'] = true;
if ($server['tls']) {
$array['tls'] = true;
if ($server['tlsSettings']) {
$tlsSettings = $server['tlsSettings'];
if (isset($tlsSettings['allowInsecure']) && !empty($tlsSettings['allowInsecure']))
$array['skip-cert-verify'] = ($tlsSettings['allowInsecure'] ? true : false);
if (isset($tlsSettings['serverName']) && !empty($tlsSettings['serverName']))
$array['servername'] = $tlsSettings['serverName'];
}
}
if ($server['network'] === 'tcp') {
$tcpSettings = $server['networkSettings'];
if (isset($tcpSettings['header']['type'])) $array['network'] = $tcpSettings['header']['type'];
if (isset($tcpSettings['header']['request']['headers'])){
$headers = $$tcpSettings['header']['request']['headers'];
$array['http-opts']['headers'] = $headers;
}
if (isset($tcpSettings['header']['request']['path'][0])){
$paths = $tcpSettings['header']['request']['path'];
$array['http-opts']['path'] = $paths;
}
}
if ($server['network'] === 'ws') {
$array['network'] = 'ws';
if ($server['networkSettings']) {
$wsSettings = $server['networkSettings'];
$array['ws-opts'] = [];
if (isset($wsSettings['path']) && !empty($wsSettings['path']))
$array['ws-opts']['path'] = $wsSettings['path'];
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
$array['ws-opts']['headers'] = ['Host' => $wsSettings['headers']['Host']];
if (isset($wsSettings['path']) && !empty($wsSettings['path']))
$array['ws-path'] = $wsSettings['path'];
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
$array['ws-headers'] = ['Host' => $wsSettings['headers']['Host']];
}
}
if ($server['network'] === 'grpc') {
$array['network'] = 'grpc';
if ($server['networkSettings']) {
$grpcSettings = $server['networkSettings'];
$array['grpc-opts'] = [];
if (isset($grpcSettings['serviceName'])) $array['grpc-opts']['grpc-service-name'] = $grpcSettings['serviceName'];
}
}
return $array;
}
public static function buildVless($password, $server){
$array = [];
$array['name'] = $server['name'];
$array['type'] = 'vless';
$array['server'] = $server['host'];
$array['port'] = $server['port'];
$array['uuid'] = $password;
$array['udp'] = true;
// XTLS流控算法
if($server['flow']) ($array['flow'] = $server['flow']);
if ($server['tls']) {
switch($server['tls']){
case 1: //开启TLS
$array['tls'] = true;
if ($server['tls_settings']) {
$tlsSettings = $server['tls_settings'];
if (isset($tlsSettings['allow_insecure']) && !empty($tlsSettings['allow_insecure']))
$array['skip-cert-verify'] = ($tlsSettings['allow_insecure'] ? true : false);
if (isset($tlsSettings['server_name']) && !empty($tlsSettings['server_name']))
$array['servername'] = $tlsSettings['server_name'];
}
break;
case 2: //开启reality
$array['tls'] = true;
$tls_settings = $server['tls_settings'];
if (!empty($tls_settings['allowInsecure'])) $array['skip-cert-verify'] = (bool)$tls_settings['allowInsecure'];
if(($tls_settings['public_key'] ?? null)
&& ($tls_settings['short_id'] ?? null)
&& ($tls_settings['server_name'] ?? null)){
$array['servername'] = $tls_settings['server_name'];
$array['reality-opts'] = [
'public-key' => $tls_settings['public_key'],
'short-id' => $tls_settings['short_id']
];
$fingerprints = ['chrome', 'firefox', 'safari', 'ios', 'edge', 'qq']; //随机客户端指纹
$array['client-fingerprint'] = $fingerprints[rand(0,count($fingerprints) - 1)];
};
break;
}
}
if ($server['network'] === 'ws') {
$array['network'] = 'ws';
if ($server['network_settings']) {
$wsSettings = $server['network_settings'];
$array['ws-opts'] = [];
if (isset($wsSettings['path']) && !empty($wsSettings['path']))
$array['ws-opts']['path'] = $wsSettings['path'];
if (isset($wsSettings['headers']['Host']) && !empty($wsSettings['headers']['Host']))
$array['ws-opts']['headers'] = ['Host' => $wsSettings['headers']['Host']];
$array['ws-opts']['max-early-data'] = 2560;
$array['ws-opts']['early-data-header-name'] = 'Sec-WebSocket-Protocol';
}
}
if ($server['network'] === 'grpc') {
$array['network'] = 'grpc';
if ($server['network_settings']) {
$grpcSettings = $server['network_settings'];
$array['grpc-opts'] = [];
if (isset($grpcSettings['serviceName'])) {
$array['grpc-opts']['grpc-service-name'] = $grpcSettings['serviceName'];
};
}
}
return $array;
}
public static function buildTrojan($password, $server)
{
$array = [];
$array['name'] = $server['name'];
$array['type'] = 'trojan';
$array['server'] = $server['host'];
$array['port'] = $server['port'];
$array['password'] = $password;
$array['udp'] = true;
if (!empty($server['server_name'])) $array['sni'] = $server['server_name'];
if (!empty($server['allow_insecure'])) $array['skip-cert-verify'] = ($server['allow_insecure'] ? true : false);
// trojan-go配置
if(in_array($server['network'], ["grpc", "ws"])){
$array['network'] = $server['network'];
// grpc配置
if($server['network'] === "grpc" && isset($server['networkSettings']['serviceName'])) $array['grpc-opts']['grpc-service-name'] = $server['networkSettings']['serviceName'];
// ws配置
if($server['network'] === "ws") {
if(isset($server['networkSettings']['path'])) {
$array['ws-opts']['path'] = $server['networkSettings']['path'];
}
if(isset($server['networkSettings']['headers']['Host'])){
$array['ws-opts']['headers']['Host'] = $server['networkSettings']['headers']['Host'];
}
}
};
return $array;
}
public static function buildHysteria($password, $server, $user)
{
$array = [];
$array['name'] = $server['name'];
$array['server'] = $server['host'];
$array['port'] = $server['port'];
if($server['server_name']) $array['sni'] = $server['server_name'];
$array['up'] = $user->speed_limit ? min($server['up_mbps'], $user->speed_limit) : $server['up_mbps'];
$array['down'] = $user->speed_limit ? min($server['down_mbps'], $user->speed_limit) : $server['down_mbps'];
$array['skip-cert-verify'] = $server['insecure'] ? true : false;
switch($server['version']){
case 1:
$array['type'] = 'hysteria';
// 判断是否开启动态端口
if(isset($server['ports'])) $array['ports'] = $server['ports'];
$array['auth_str'] = $password;
$array['protocol'] = 'udp';
if($server['is_obfs']) $array['obfs'] = $server['server_key'];
$array['fast-open'] = true;
$array['disable_mtu_discovery'] = true; //禁止路径最大传输单元发现
$array['alpn'] = [ServerHysteria::$alpnMap[$server['alpn']]];
break;
case 2:
$array['type'] = 'hysteria2';
$array['password'] = $password;
if($server['is_obfs']) {
$array['obfs'] = 'salamander';
$array['obfs-password'] = $server['server_key'];
}
if(isset($server['ports'])) $array['ports'] = $server['ports'];
break;
}
return $array;
}
private function isMatch($exp, $str)
{
return @preg_match($exp, $str);
}
private function isRegex($exp)
{
return @preg_match($exp, null) !== false;
}
}
Reference in New Issue View Git Blame Copy Permalink