move reality config to CertConfig

common/builder/inbound.go

@@ -4,6 +4,7 @@ import (
 	"crypto/rand"
 	"encoding/base64"
 	"encoding/hex"
+	"errors"
 	"fmt"
 	"github.com/Yuzuki616/V2bX/api/panel"
 	"github.com/Yuzuki616/V2bX/common/file"
@@ -64,9 +65,31 @@ func BuildInbound(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, tag s
 		in.StreamSetting.WSSettings = &coreConf.WebSocketConfig{
 			AcceptProxyProtocol: config.EnableProxyProtocol} //Enable proxy protocol
 	}
-	// Set TLS and XTLS settings
+	// Set TLS or Reality settings
 	if nodeInfo.Tls != 0 {
-		if config.CertConfig.CertMode != "none" {
+		if config.CertConfig == nil {
+			return nil, errors.New("the CertConfig is not vail")
+		}
+		switch config.CertConfig.CertMode {
+		case "none", "": // disable
+		case "reality":
+			// Reality
+			in.StreamSetting.Security = "reality"
+			d, err := json.Marshal(config.CertConfig.RealityConfig.Dest)
+			if err != nil {
+				return nil, fmt.Errorf("marshal reality dest error: %s", err)
+			}
+			in.StreamSetting.REALITYSettings = &coreConf.REALITYConfig{
+				Dest:         d,
+				Xver:         config.CertConfig.RealityConfig.Xver,
+				ServerNames:  config.CertConfig.RealityConfig.ServerNames,
+				PrivateKey:   config.CertConfig.RealityConfig.PrivateKey,
+				MinClientVer: config.CertConfig.RealityConfig.MinClientVer,
+				MaxClientVer: config.CertConfig.RealityConfig.MaxClientVer,
+				MaxTimeDiff:  config.CertConfig.RealityConfig.MaxTimeDiff,
+				ShortIds:     config.CertConfig.RealityConfig.ShortIds,
+			}
+		default:
 			// Normal tls
 			in.StreamSetting.Security = "tls"
 			certFile, keyFile, err := getCertFile(config.CertConfig)
@@ -83,23 +106,6 @@ func BuildInbound(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, tag s
 				},
 				RejectUnknownSNI: config.CertConfig.RejectUnknownSni,
 			}
-		} else if config.EnableReality {
-			// Reality
-			in.StreamSetting.Security = "reality"
-			d, err := json.Marshal(config.RealityConfig.Dest)
-			if err != nil {
-				return nil, fmt.Errorf("marshal reality dest error: %s", err)
-			}
-			in.StreamSetting.REALITYSettings = &coreConf.REALITYConfig{
-				Dest:         d,
-				Xver:         config.RealityConfig.Xver,
-				ServerNames:  config.RealityConfig.ServerNames,
-				PrivateKey:   config.RealityConfig.PrivateKey,
-				MinClientVer: config.RealityConfig.MinClientVer,
-				MaxClientVer: config.RealityConfig.MaxClientVer,
-				MaxTimeDiff:  config.RealityConfig.MaxTimeDiff,
-				ShortIds:     config.RealityConfig.ShortIds,
-			}
 		}
 	}
 	// Support ProxyProtocol for any transport protocol

conf/node.go

@@ -27,8 +27,6 @@ type ControllerConfig struct {
 	EnableProxyProtocol  bool             `yaml:"EnableProxyProtocol"`
 	DisableIVCheck       bool             `yaml:"DisableIVCheck"`
 	DisableSniffing      bool             `yaml:"DisableSniffing"`
-	EnableReality        bool             `yaml:"EnableReality"`
-	RealityConfig        RealityConfig    `yaml:"RealityConfig"`
 	EnableFallback       bool             `yaml:"EnableFallback"`
 	FallBackConfigs      []FallBackConfig `yaml:"FallBackConfigs"`
 	CertConfig           *CertConfig      `yaml:"CertConfig"`
@@ -90,6 +88,7 @@ type CertConfig struct {
 	Provider         string            `yaml:"Provider"` // alidns, cloudflare, gandi, godaddy....
 	Email            string            `yaml:"Email"`
 	DNSEnv           map[string]string `yaml:"DNSEnv"`
+	RealityConfig    *RealityConfig    `yaml:"RealityConfig"`
 }
 
 type RealityConfig struct {

example/config.yml.example

@@ -28,20 +28,6 @@ Nodes:
       EnableVless: false # Enable Vless for V2ray Type
       EnableProxyProtocol: false # Only works for WebSocket and TCP
       EnableXtls: false  # Enable xtls-rprx-vision, only vless
-      EnableReality: false # Enable reality
-      RealityConfig: # This config like RealityObject for xray-core, please check https://xtls.github.io/config/transport.html#realityobject
-        Dest: 80 # Same fallback dest
-        Xver: 0 # Same fallback xver
-        ServerNames:
-          - "example.com"
-          - "www.example.com"
-        PrivateKey: "" # Private key for server
-        MinClientVer: "" # Min client version
-        MaxClientVer: "" # Max client version
-        MaxTimeDiff: 0 # Max time difference, ms
-        ShortIds: # Short ids
-          - ""
-          - "0123456789abcdef"
       EnableFallback: false # Only support for Trojan and Vless
       FallBackConfigs: # Support multiple fallbacks
         - SNI: # TLS SNI(Server Name Indication), Empty for any
@@ -76,7 +62,7 @@ Nodes:
           SpeedLimit: 0 # Speed limit, Mbps
           ExpireTime: 0 # Time limit, sec.
       CertConfig:
-        CertMode: dns # Option about how to get certificate: none, file, http, dns. Choose "none" will forcedly disable the tls config.
+        CertMode: dns # Option about how to get certificate: none, file, http, dns, reality. Choose "none" will forcedly disable the tls config.
         CertDomain: "node1.test.com" # Domain to cert
         CertFile: /etc/XrayR/cert/node1.test.com.cert # Provided if the CertMode is file
         KeyFile: /etc/XrayR/cert/node1.test.com.key
@@ -85,6 +71,19 @@ Nodes:
         DNSEnv: # DNS ENV option used by DNS provider
           ALICLOUD_ACCESS_KEY: aaa
           ALICLOUD_SECRET_KEY: bbb
+        RealityConfig: # This config like RealityObject for xray-core, please check https://xtls.github.io/config/transport.html#realityobject
+          Dest: 80 # Same fallback dest
+          Xver: 0 # Same fallback xver
+          ServerNames:
+            - "example.com"
+            - "www.example.com"
+          PrivateKey: "" # Private key for server
+          MinClientVer: "" # Min client version
+          MaxClientVer: "" # Max client version
+          MaxTimeDiff: 0 # Max time difference, ms
+          ShortIds: # Short ids
+            - ""
+            - "0123456789abcdef"
   # -
   #   ApiConfig:
   #     ApiHost: "http://127.0.0.1:668"