From 85bde00ded7b03272a4e8d3c4c429d20354842ef Mon Sep 17 00:00:00 2001 From: yuzuki999 Date: Fri, 2 Jun 2023 22:55:53 +0800 Subject: [PATCH] move reality config to CertConfig --- common/builder/inbound.go | 44 ++++++++++++++++++++++---------------- conf/node.go | 3 +-- example/config.yml.example | 29 ++++++++++++------------- 3 files changed, 40 insertions(+), 36 deletions(-) diff --git a/common/builder/inbound.go b/common/builder/inbound.go index ada5f6d..e7597fd 100644 --- a/common/builder/inbound.go +++ b/common/builder/inbound.go @@ -4,6 +4,7 @@ import ( "crypto/rand" "encoding/base64" "encoding/hex" + "errors" "fmt" "github.com/Yuzuki616/V2bX/api/panel" "github.com/Yuzuki616/V2bX/common/file" @@ -64,9 +65,31 @@ func BuildInbound(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, tag s in.StreamSetting.WSSettings = &coreConf.WebSocketConfig{ AcceptProxyProtocol: config.EnableProxyProtocol} //Enable proxy protocol } - // Set TLS and XTLS settings + // Set TLS or Reality settings if nodeInfo.Tls != 0 { - if config.CertConfig.CertMode != "none" { + if config.CertConfig == nil { + return nil, errors.New("the CertConfig is not vail") + } + switch config.CertConfig.CertMode { + case "none", "": // disable + case "reality": + // Reality + in.StreamSetting.Security = "reality" + d, err := json.Marshal(config.CertConfig.RealityConfig.Dest) + if err != nil { + return nil, fmt.Errorf("marshal reality dest error: %s", err) + } + in.StreamSetting.REALITYSettings = &coreConf.REALITYConfig{ + Dest: d, + Xver: config.CertConfig.RealityConfig.Xver, + ServerNames: config.CertConfig.RealityConfig.ServerNames, + PrivateKey: config.CertConfig.RealityConfig.PrivateKey, + MinClientVer: config.CertConfig.RealityConfig.MinClientVer, + MaxClientVer: config.CertConfig.RealityConfig.MaxClientVer, + MaxTimeDiff: config.CertConfig.RealityConfig.MaxTimeDiff, + ShortIds: config.CertConfig.RealityConfig.ShortIds, + } + default: // Normal tls in.StreamSetting.Security = "tls" certFile, keyFile, err := getCertFile(config.CertConfig) @@ -83,23 +106,6 @@ func BuildInbound(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, tag s }, RejectUnknownSNI: config.CertConfig.RejectUnknownSni, } - } else if config.EnableReality { - // Reality - in.StreamSetting.Security = "reality" - d, err := json.Marshal(config.RealityConfig.Dest) - if err != nil { - return nil, fmt.Errorf("marshal reality dest error: %s", err) - } - in.StreamSetting.REALITYSettings = &coreConf.REALITYConfig{ - Dest: d, - Xver: config.RealityConfig.Xver, - ServerNames: config.RealityConfig.ServerNames, - PrivateKey: config.RealityConfig.PrivateKey, - MinClientVer: config.RealityConfig.MinClientVer, - MaxClientVer: config.RealityConfig.MaxClientVer, - MaxTimeDiff: config.RealityConfig.MaxTimeDiff, - ShortIds: config.RealityConfig.ShortIds, - } } } // Support ProxyProtocol for any transport protocol diff --git a/conf/node.go b/conf/node.go index f5e2e72..9ccf237 100644 --- a/conf/node.go +++ b/conf/node.go @@ -27,8 +27,6 @@ type ControllerConfig struct { EnableProxyProtocol bool `yaml:"EnableProxyProtocol"` DisableIVCheck bool `yaml:"DisableIVCheck"` DisableSniffing bool `yaml:"DisableSniffing"` - EnableReality bool `yaml:"EnableReality"` - RealityConfig RealityConfig `yaml:"RealityConfig"` EnableFallback bool `yaml:"EnableFallback"` FallBackConfigs []FallBackConfig `yaml:"FallBackConfigs"` CertConfig *CertConfig `yaml:"CertConfig"` @@ -90,6 +88,7 @@ type CertConfig struct { Provider string `yaml:"Provider"` // alidns, cloudflare, gandi, godaddy.... Email string `yaml:"Email"` DNSEnv map[string]string `yaml:"DNSEnv"` + RealityConfig *RealityConfig `yaml:"RealityConfig"` } type RealityConfig struct { diff --git a/example/config.yml.example b/example/config.yml.example index ee9db2c..aa1841c 100644 --- a/example/config.yml.example +++ b/example/config.yml.example @@ -28,20 +28,6 @@ Nodes: EnableVless: false # Enable Vless for V2ray Type EnableProxyProtocol: false # Only works for WebSocket and TCP EnableXtls: false # Enable xtls-rprx-vision, only vless - EnableReality: false # Enable reality - RealityConfig: # This config like RealityObject for xray-core, please check https://xtls.github.io/config/transport.html#realityobject - Dest: 80 # Same fallback dest - Xver: 0 # Same fallback xver - ServerNames: - - "example.com" - - "www.example.com" - PrivateKey: "" # Private key for server - MinClientVer: "" # Min client version - MaxClientVer: "" # Max client version - MaxTimeDiff: 0 # Max time difference, ms - ShortIds: # Short ids - - "" - - "0123456789abcdef" EnableFallback: false # Only support for Trojan and Vless FallBackConfigs: # Support multiple fallbacks - SNI: # TLS SNI(Server Name Indication), Empty for any @@ -76,7 +62,7 @@ Nodes: SpeedLimit: 0 # Speed limit, Mbps ExpireTime: 0 # Time limit, sec. CertConfig: - CertMode: dns # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config. + CertMode: dns # Option about how to get certificate: none, file, http, dns, reality. Choose "none" will forcedly disable the tls config. CertDomain: "node1.test.com" # Domain to cert CertFile: /etc/XrayR/cert/node1.test.com.cert # Provided if the CertMode is file KeyFile: /etc/XrayR/cert/node1.test.com.key @@ -85,6 +71,19 @@ Nodes: DNSEnv: # DNS ENV option used by DNS provider ALICLOUD_ACCESS_KEY: aaa ALICLOUD_SECRET_KEY: bbb + RealityConfig: # This config like RealityObject for xray-core, please check https://xtls.github.io/config/transport.html#realityobject + Dest: 80 # Same fallback dest + Xver: 0 # Same fallback xver + ServerNames: + - "example.com" + - "www.example.com" + PrivateKey: "" # Private key for server + MinClientVer: "" # Min client version + MaxClientVer: "" # Max client version + MaxTimeDiff: 0 # Max time difference, ms + ShortIds: # Short ids + - "" + - "0123456789abcdef" # - # ApiConfig: # ApiHost: "http://127.0.0.1:668"