diff --git a/DockerInit.sh b/DockerInit.sh
index 97f8c302..0e033f63 100755
--- a/DockerInit.sh
+++ b/DockerInit.sh
@@ -37,4 +37,4 @@ curl -sfLRo geoip_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/release
curl -sfLRo geosite_IR.dat https://github.com/chocolate4u/Iran-v2ray-rules/releases/latest/download/geosite.dat
curl -sfLRo geoip_RU.dat https://github.com/runetfreedom/russia-v2ray-rules-dat/releases/latest/download/geoip.dat
curl -sfLRo geosite_RU.dat https://github.com/runetfreedom/russia-v2ray-rules-dat/releases/latest/download/geosite.dat
-cd ../../
\ No newline at end of file
+cd ../../
diff --git a/go.mod b/go.mod
index 406a86a8..07a84a58 100644
--- a/go.mod
+++ b/go.mod
@@ -15,9 +15,9 @@ require (
github.com/mymmrac/telego v1.8.0
github.com/nicksnyder/go-i18n/v2 v2.6.1
github.com/op/go-logging v0.0.0-20160315200505-970db520ece7
- github.com/pelletier/go-toml/v2 v2.3.0
+ github.com/pelletier/go-toml/v2 v2.3.1
github.com/robfig/cron/v3 v3.0.1
- github.com/shirou/gopsutil/v4 v4.26.3
+ github.com/shirou/gopsutil/v4 v4.26.4
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
github.com/valyala/fasthttp v1.70.0
github.com/xlzd/gotp v0.1.0
@@ -26,7 +26,7 @@ require (
golang.org/x/crypto v0.50.0
golang.org/x/sys v0.43.0
golang.org/x/text v0.36.0
- google.golang.org/grpc v1.80.0
+ google.golang.org/grpc v1.81.0
gorm.io/driver/sqlite v1.6.0
gorm.io/gorm v1.31.1
)
@@ -36,10 +36,10 @@ require (
github.com/andybalholm/brotli v1.2.1 // indirect
github.com/apernet/quic-go v0.59.1-0.20260217092621-db4786c77a22 // indirect
github.com/bytedance/gopkg v0.1.4 // indirect
- github.com/bytedance/sonic v1.15.0 // indirect
+ github.com/bytedance/sonic v1.15.1 // indirect
github.com/bytedance/sonic/loader v0.5.1 // indirect
github.com/cloudflare/circl v1.6.3 // indirect
- github.com/cloudwego/base64x v0.1.6 // indirect
+ github.com/cloudwego/base64x v0.1.7 // indirect
github.com/ebitengine/purego v0.10.0 // indirect
github.com/gabriel-vasile/mimetype v1.4.13 // indirect
github.com/gin-contrib/sse v1.1.1 // indirect
@@ -57,12 +57,12 @@ require (
github.com/jinzhu/now v1.1.5 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/juju/ratelimit v1.0.2 // indirect
- github.com/klauspost/compress v1.18.5 // indirect
+ github.com/klauspost/compress v1.18.6 // indirect
github.com/klauspost/cpuid/v2 v2.3.0 // indirect
github.com/leodido/go-urn v1.4.0 // indirect
github.com/lufia/plan9stats v0.0.0-20260330125221-c963978e514e // indirect
- github.com/mattn/go-isatty v0.0.21 // indirect
- github.com/mattn/go-sqlite3 v1.14.42 // indirect
+ github.com/mattn/go-isatty v0.0.22 // indirect
+ github.com/mattn/go-sqlite3 v1.14.44 // indirect
github.com/miekg/dns v1.1.72 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
@@ -84,7 +84,7 @@ require (
github.com/vishvananda/netns v0.0.5 // indirect
github.com/xtls/reality v0.0.0-20260322125925-9234c772ba8f // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
- go.mongodb.org/mongo-driver/v2 v2.5.1 // indirect
+ go.mongodb.org/mongo-driver/v2 v2.6.0 // indirect
go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect
golang.org/x/arch v0.26.0 // indirect
golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f // indirect
@@ -95,7 +95,7 @@ require (
golang.org/x/tools v0.44.0 // indirect
golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
golang.zx2c4.com/wireguard v0.0.0-20250521234502-f333402bd9cb // indirect
- google.golang.org/genproto/googleapis/rpc v0.0.0-20260420184626-e10c466a9529 // indirect
+ google.golang.org/genproto/googleapis/rpc v0.0.0-20260427160629-7cedc36a6bc4 // indirect
google.golang.org/protobuf v1.36.11 // indirect
gvisor.dev/gvisor v0.0.0-20260122175437-89a5d21be8f0 // indirect
lukechampine.com/blake3 v1.4.1 // indirect
diff --git a/go.sum b/go.sum
index acee05e0..11e890f7 100644
--- a/go.sum
+++ b/go.sum
@@ -10,16 +10,16 @@ github.com/apernet/quic-go v0.59.1-0.20260217092621-db4786c77a22 h1:00ziBGnLWQEc
github.com/apernet/quic-go v0.59.1-0.20260217092621-db4786c77a22/go.mod h1:Npbg8qBtAZlsAB3FWmqwlVh5jtVG6a4DlYsOylUpvzA=
github.com/bytedance/gopkg v0.1.4 h1:oZnQwnX82KAIWb7033bEwtxvTqXcYMxDBaQxo5JJHWM=
github.com/bytedance/gopkg v0.1.4/go.mod h1:v1zWfPm21Fb+OsyXN2VAHdL6TBb2L88anLQgdyje6R4=
-github.com/bytedance/sonic v1.15.0 h1:/PXeWFaR5ElNcVE84U0dOHjiMHQOwNIx3K4ymzh/uSE=
-github.com/bytedance/sonic v1.15.0/go.mod h1:tFkWrPz0/CUCLEF4ri4UkHekCIcdnkqXw9VduqpJh0k=
+github.com/bytedance/sonic v1.15.1 h1:nJD5PmM0vY7J8CT6MxoqbVAAMhkSmV2HgRAUrrpLoOw=
+github.com/bytedance/sonic v1.15.1/go.mod h1:mT2NbXunuaEbnZ+mRIX/vYqKISmgEuHFDI4UzmKx2SA=
github.com/bytedance/sonic/loader v0.5.1 h1:Ygpfa9zwRCCKSlrp5bBP/b/Xzc3VxsAW+5NIYXrOOpI=
github.com/bytedance/sonic/loader v0.5.1/go.mod h1:AR4NYCk5DdzZizZ5djGqQ92eEhCCcdf5x77udYiSJRo=
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/cloudflare/circl v1.6.3 h1:9GPOhQGF9MCYUeXyMYlqTR6a5gTrgR/fBLXvUgtVcg8=
github.com/cloudflare/circl v1.6.3/go.mod h1:2eXP6Qfat4O/Yhh8BznvKnJ+uzEoTQ6jVKJRn81BiS4=
-github.com/cloudwego/base64x v0.1.6 h1:t11wG9AECkCDk5fMSoxmufanudBtJ+/HemLstXDLI2M=
-github.com/cloudwego/base64x v0.1.6/go.mod h1:OFcloc187FXDaYHvrNIjxSe8ncn0OOM8gEHfghB2IPU=
+github.com/cloudwego/base64x v0.1.7 h1:NppS+Fgzg5ovhn4NkUXaDT3x9jldgH5ToMCqzBSi2zI=
+github.com/cloudwego/base64x v0.1.7/go.mod h1:Cu1PV9zfrSf7ET2tIbWbbEy7jO7HHJ13q4X2SQ8aWYg=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -107,8 +107,8 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
github.com/juju/ratelimit v1.0.2 h1:sRxmtRiajbvrcLQT7S+JbqU0ntsb9W2yhSdNN8tWfaI=
github.com/juju/ratelimit v1.0.2/go.mod h1:qapgC/Gy+xNh9UxzV13HGGl/6UXNN+ct+vwSgWNm/qk=
-github.com/klauspost/compress v1.18.5 h1:/h1gH5Ce+VWNLSWqPzOVn6XBO+vJbCNGvjoaGBFW2IE=
-github.com/klauspost/compress v1.18.5/go.mod h1:cwPg85FWrGar70rWktvGQj8/hthj3wpl0PGDogxkrSQ=
+github.com/klauspost/compress v1.18.6 h1:2jupLlAwFm95+YDR+NwD2MEfFO9d4z4Prjl1XXDjuao=
+github.com/klauspost/compress v1.18.6/go.mod h1:cwPg85FWrGar70rWktvGQj8/hthj3wpl0PGDogxkrSQ=
github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
github.com/klauspost/cpuid/v2 v2.3.0/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
@@ -119,10 +119,10 @@ github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
github.com/lufia/plan9stats v0.0.0-20260330125221-c963978e514e h1:Q6MvJtQK/iRcRtzAscm/zF23XxJlbECiGPyRicsX+Ak=
github.com/lufia/plan9stats v0.0.0-20260330125221-c963978e514e/go.mod h1:autxFIvghDt3jPTLoqZ9OZ7s9qTGNAWmYCjVFWPX/zg=
-github.com/mattn/go-isatty v0.0.21 h1:xYae+lCNBP7QuW4PUnNG61ffM4hVIfm+zUzDuSzYLGs=
-github.com/mattn/go-isatty v0.0.21/go.mod h1:ZXfXG4SQHsB/w3ZeOYbR0PrPwLy+n6xiMrJlRFqopa4=
-github.com/mattn/go-sqlite3 v1.14.42 h1:MigqEP4ZmHw3aIdIT7T+9TLa90Z6smwcthx+Azv4Cgo=
-github.com/mattn/go-sqlite3 v1.14.42/go.mod h1:pjEuOr8IwzLJP2MfGeTb0A35jauH+C2kbHKBr7yXKVQ=
+github.com/mattn/go-isatty v0.0.22 h1:j8l17JJ9i6VGPUFUYoTUKPSgKe/83EYU2zBC7YNKMw4=
+github.com/mattn/go-isatty v0.0.22/go.mod h1:ZXfXG4SQHsB/w3ZeOYbR0PrPwLy+n6xiMrJlRFqopa4=
+github.com/mattn/go-sqlite3 v1.14.44 h1:3VSe+xafpbzsLbdr2AWlAZk9yRHiBhTBakioXaCKTF8=
+github.com/mattn/go-sqlite3 v1.14.44/go.mod h1:pjEuOr8IwzLJP2MfGeTb0A35jauH+C2kbHKBr7yXKVQ=
github.com/miekg/dns v1.1.72 h1:vhmr+TF2A3tuoGNkLDFK9zi36F2LS+hKTRW0Uf8kbzI=
github.com/miekg/dns v1.1.72/go.mod h1:+EuEPhdHOsfk6Wk5TT2CzssZdqkmFhf8r+aVyDEToIs=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -138,8 +138,8 @@ github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 h1:lDH9UUVJtmYCjyT0C
github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8=
github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
-github.com/pelletier/go-toml/v2 v2.3.0 h1:k59bC/lIZREW0/iVaQR8nDHxVq8OVlIzYCOJf421CaM=
-github.com/pelletier/go-toml/v2 v2.3.0/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
+github.com/pelletier/go-toml/v2 v2.3.1 h1:MYEvvGnQjeNkRF1qUuGolNtNExTDwct51yp7olPtrEc=
+github.com/pelletier/go-toml/v2 v2.3.1/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
github.com/pires/go-proxyproto v0.12.0 h1:TTCxD66dU898tahivkqc3hoceZp7P44FnorWyo9d5vM=
github.com/pires/go-proxyproto v0.12.0/go.mod h1:qUvfqUMEoX7T8g0q7TQLDnhMjdTrxnG0hvpMn+7ePNI=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -160,8 +160,8 @@ github.com/sagernet/sing v0.8.9 h1:iX8FyMrWNl/divVgTe7cLT9n36v6bfzfnCYlcM1cLaU=
github.com/sagernet/sing v0.8.9/go.mod h1:ARkL0gM13/Iv5VCZmci/NuoOlePoIsW0m7BWfln/Hak=
github.com/sagernet/sing-shadowsocks v0.2.9 h1:Paep5zCszRKsEn8587O0MnhFWKJwDW1Y4zOYYlIxMkM=
github.com/sagernet/sing-shadowsocks v0.2.9/go.mod h1:TE/Z6401Pi8tgr0nBZcM/xawAI6u3F6TTbz4nH/qw+8=
-github.com/shirou/gopsutil/v4 v4.26.3 h1:2ESdQt90yU3oXF/CdOlRCJxrP+Am1aBYubTMTfxJ1qc=
-github.com/shirou/gopsutil/v4 v4.26.3/go.mod h1:LZ6ewCSkBqUpvSOf+LsTGnRinC6iaNUNMGBtDkJBaLQ=
+github.com/shirou/gopsutil/v4 v4.26.4 h1:B4SXVbcwTyrocPHEmWBC4uCYr4Xcu3MK1TXqbprAOWY=
+github.com/shirou/gopsutil/v4 v4.26.4/go.mod h1:LZ6ewCSkBqUpvSOf+LsTGnRinC6iaNUNMGBtDkJBaLQ=
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0=
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -203,20 +203,20 @@ github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZ
github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E=
github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
-go.mongodb.org/mongo-driver/v2 v2.5.1 h1:j2U/Qp+wvueSpqitLCSZPT/+ZpVc1xzuwdHWwl7d8ro=
-go.mongodb.org/mongo-driver/v2 v2.5.1/go.mod h1:yOI9kBsufol30iFsl1slpdq1I0eHPzybRWdyYUs8K/0=
+go.mongodb.org/mongo-driver/v2 v2.6.0 h1:b9sJOYrkmt4l8bY43ZenFBcPlhYIjaOfYHLtbB/5qi8=
+go.mongodb.org/mongo-driver/v2 v2.6.0/go.mod h1:yOI9kBsufol30iFsl1slpdq1I0eHPzybRWdyYUs8K/0=
go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
-go.opentelemetry.io/otel v1.39.0 h1:8yPrr/S0ND9QEfTfdP9V+SiwT4E0G7Y5MO7p85nis48=
-go.opentelemetry.io/otel v1.39.0/go.mod h1:kLlFTywNWrFyEdH0oj2xK0bFYZtHRYUdv1NklR/tgc8=
-go.opentelemetry.io/otel/metric v1.39.0 h1:d1UzonvEZriVfpNKEVmHXbdf909uGTOQjA0HF0Ls5Q0=
-go.opentelemetry.io/otel/metric v1.39.0/go.mod h1:jrZSWL33sD7bBxg1xjrqyDjnuzTUB0x1nBERXd7Ftcs=
-go.opentelemetry.io/otel/sdk v1.39.0 h1:nMLYcjVsvdui1B/4FRkwjzoRVsMK8uL/cj0OyhKzt18=
-go.opentelemetry.io/otel/sdk v1.39.0/go.mod h1:vDojkC4/jsTJsE+kh+LXYQlbL8CgrEcwmt1ENZszdJE=
-go.opentelemetry.io/otel/sdk/metric v1.39.0 h1:cXMVVFVgsIf2YL6QkRF4Urbr/aMInf+2WKg+sEJTtB8=
-go.opentelemetry.io/otel/sdk/metric v1.39.0/go.mod h1:xq9HEVH7qeX69/JnwEfp6fVq5wosJsY1mt4lLfYdVew=
-go.opentelemetry.io/otel/trace v1.39.0 h1:2d2vfpEDmCJ5zVYz7ijaJdOF59xLomrvj7bjt6/qCJI=
-go.opentelemetry.io/otel/trace v1.39.0/go.mod h1:88w4/PnZSazkGzz/w84VHpQafiU4EtqqlVdxWy+rNOA=
+go.opentelemetry.io/otel v1.43.0 h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I=
+go.opentelemetry.io/otel v1.43.0/go.mod h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0=
+go.opentelemetry.io/otel/metric v1.43.0 h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM=
+go.opentelemetry.io/otel/metric v1.43.0/go.mod h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY=
+go.opentelemetry.io/otel/sdk v1.43.0 h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg=
+go.opentelemetry.io/otel/sdk v1.43.0/go.mod h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg=
+go.opentelemetry.io/otel/sdk/metric v1.43.0 h1:S88dyqXjJkuBNLeMcVPRFXpRw2fuwdvfCGLEo89fDkw=
+go.opentelemetry.io/otel/sdk/metric v1.43.0/go.mod h1:C/RJtwSEJ5hzTiUz5pXF1kILHStzb9zFlIEe85bhj6A=
+go.opentelemetry.io/otel/trace v1.43.0 h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A=
+go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0=
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
go.uber.org/mock v0.6.0 h1:hyF9dfmbgIX5EfOdasqLsWD6xqpNZlXblLB/Dbnwv3Y=
@@ -256,10 +256,10 @@ golang.zx2c4.com/wireguard v0.0.0-20250521234502-f333402bd9cb h1:whnFRlWMcXI9d+Z
golang.zx2c4.com/wireguard v0.0.0-20250521234502-f333402bd9cb/go.mod h1:rpwXGsirqLqN2L0JDJQlwOboGHmptD5ZD6T2VmcqhTw=
gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4=
gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20260420184626-e10c466a9529 h1:XF8+t6QQiS0o9ArVan/HW8Q7cycNPGsJf6GA2nXxYAg=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20260420184626-e10c466a9529/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
-google.golang.org/grpc v1.80.0 h1:Xr6m2WmWZLETvUNvIUmeD5OAagMw3FiKmMlTdViWsHM=
-google.golang.org/grpc v1.80.0/go.mod h1:ho/dLnxwi3EDJA4Zghp7k2Ec1+c2jqup0bFkw07bwF4=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20260427160629-7cedc36a6bc4 h1:tEkOQcXgF6dH1G+MVKZrfpYvozGrzb91k6ha7jireSM=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20260427160629-7cedc36a6bc4/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
+google.golang.org/grpc v1.81.0 h1:W3G9N3KQf3BU+YuCtGKJk0CmxQNbAISICD/9AORxLIw=
+google.golang.org/grpc v1.81.0/go.mod h1:xGH9GfzOyMTGIOXBJmXt+BX/V0kcdQbdcuwQ/zNw42I=
google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/install.sh b/install.sh
index aa4f5dfb..4a0ce55d 100644
--- a/install.sh
+++ b/install.sh
@@ -18,7 +18,7 @@ xui_service="${XUI_SERVICE:=/etc/systemd/system}"
if [[ -f /etc/os-release ]]; then
source /etc/os-release
release=$ID
- elif [[ -f /usr/lib/os-release ]]; then
+elif [[ -f /usr/lib/os-release ]]; then
source /usr/lib/os-release
release=$ID
else
@@ -59,16 +59,16 @@ is_domain() {
# Port helpers
is_port_in_use() {
local port="$1"
- if command -v ss >/dev/null 2>&1; then
- ss -ltn 2>/dev/null | awk -v p=":${port}$" '$4 ~ p {exit 0} END {exit 1}'
+ if command -v ss > /dev/null 2>&1; then
+ ss -ltn 2> /dev/null | awk -v p=":${port}$" '$4 ~ p {exit 0} END {exit 1}'
return
fi
- if command -v netstat >/dev/null 2>&1; then
- netstat -lnt 2>/dev/null | awk -v p=":${port} " '$4 ~ p {exit 0} END {exit 1}'
+ if command -v netstat > /dev/null 2>&1; then
+ netstat -lnt 2> /dev/null | awk -v p=":${port} " '$4 ~ p {exit 0} END {exit 1}'
return
fi
- if command -v lsof >/dev/null 2>&1; then
- lsof -nP -iTCP:${port} -sTCP:LISTEN >/dev/null 2>&1 && return 0
+ if command -v lsof > /dev/null 2>&1; then
+ lsof -nP -iTCP:${port} -sTCP:LISTEN > /dev/null 2>&1 && return 0
fi
return 1
}
@@ -77,35 +77,35 @@ install_base() {
case "${release}" in
ubuntu | debian | armbian)
apt-get update && apt-get install -y -q cron curl tar tzdata socat ca-certificates openssl
- ;;
+ ;;
fedora | amzn | virtuozzo | rhel | almalinux | rocky | ol)
dnf -y update && dnf install -y -q cronie curl tar tzdata socat ca-certificates openssl
- ;;
+ ;;
centos)
if [[ "${VERSION_ID}" =~ ^7 ]]; then
yum -y update && yum install -y cronie curl tar tzdata socat ca-certificates openssl
else
dnf -y update && dnf install -y -q cronie curl tar tzdata socat ca-certificates openssl
fi
- ;;
+ ;;
arch | manjaro | parch)
pacman -Syu && pacman -Syu --noconfirm cronie curl tar tzdata socat ca-certificates openssl
- ;;
+ ;;
opensuse-tumbleweed | opensuse-leap)
zypper refresh && zypper -q install -y cron curl tar timezone socat ca-certificates openssl
- ;;
+ ;;
alpine)
apk update && apk add dcron curl tar tzdata socat ca-certificates openssl
- ;;
+ ;;
*)
apt-get update && apt-get install -y -q cron curl tar tzdata socat ca-certificates openssl
- ;;
+ ;;
esac
}
gen_random_string() {
local length="$1"
- openssl rand -base64 $(( length * 2 )) \
+ openssl rand -base64 $((length * 2)) \
| tr -dc 'a-zA-Z0-9' \
| head -c "$length"
}
@@ -113,7 +113,7 @@ gen_random_string() {
install_acme() {
echo -e "${green}Installing acme.sh for SSL certificate management...${plain}"
cd ~ || return 1
- curl -s https://get.acme.sh | sh >/dev/null 2>&1
+ curl -s https://get.acme.sh | sh > /dev/null 2>&1
if [ $? -ne 0 ]; then
echo -e "${red}Failed to install acme.sh${plain}"
return 1
@@ -128,60 +128,60 @@ setup_ssl_certificate() {
local server_ip="$2"
local existing_port="$3"
local existing_webBasePath="$4"
-
+
echo -e "${green}Setting up SSL certificate...${plain}"
-
+
# Check if acme.sh is installed
- if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
+ if ! command -v ~/.acme.sh/acme.sh &> /dev/null; then
install_acme
if [ $? -ne 0 ]; then
echo -e "${yellow}Failed to install acme.sh, skipping SSL setup${plain}"
return 1
fi
fi
-
+
# Create certificate directory
local certPath="/root/cert/${domain}"
mkdir -p "$certPath"
-
+
# Issue certificate
echo -e "${green}Issuing SSL certificate for ${domain}...${plain}"
echo -e "${yellow}Note: Port 80 must be open and accessible from the internet${plain}"
-
- ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force >/dev/null 2>&1
+
+ ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force > /dev/null 2>&1
~/.acme.sh/acme.sh --issue -d ${domain} --listen-v6 --standalone --httpport 80 --force
-
+
if [ $? -ne 0 ]; then
echo -e "${yellow}Failed to issue certificate for ${domain}${plain}"
echo -e "${yellow}Please ensure port 80 is open and try again later with: x-ui${plain}"
- rm -rf ~/.acme.sh/${domain} 2>/dev/null
- rm -rf "$certPath" 2>/dev/null
+ rm -rf ~/.acme.sh/${domain} 2> /dev/null
+ rm -rf "$certPath" 2> /dev/null
return 1
fi
-
+
# Install certificate
~/.acme.sh/acme.sh --installcert -d ${domain} \
--key-file /root/cert/${domain}/privkey.pem \
--fullchain-file /root/cert/${domain}/fullchain.pem \
- --reloadcmd "systemctl restart x-ui" >/dev/null 2>&1
-
+ --reloadcmd "systemctl restart x-ui" > /dev/null 2>&1
+
if [ $? -ne 0 ]; then
echo -e "${yellow}Failed to install certificate${plain}"
return 1
fi
-
+
# Enable auto-renew
- ~/.acme.sh/acme.sh --upgrade --auto-upgrade >/dev/null 2>&1
+ ~/.acme.sh/acme.sh --upgrade --auto-upgrade > /dev/null 2>&1
# Secure permissions: private key readable only by owner
- chmod 600 $certPath/privkey.pem 2>/dev/null
- chmod 644 $certPath/fullchain.pem 2>/dev/null
-
+ chmod 600 $certPath/privkey.pem 2> /dev/null
+ chmod 644 $certPath/fullchain.pem 2> /dev/null
+
# Set certificate for panel
local webCertFile="/root/cert/${domain}/fullchain.pem"
local webKeyFile="/root/cert/${domain}/privkey.pem"
-
+
if [[ -f "$webCertFile" && -f "$webKeyFile" ]]; then
- ${xui_folder}/x-ui cert -webCert "$webCertFile" -webCertKey "$webKeyFile" >/dev/null 2>&1
+ ${xui_folder}/x-ui cert -webCert "$webCertFile" -webCertKey "$webKeyFile" > /dev/null 2>&1
echo -e "${green}SSL certificate installed and configured successfully!${plain}"
return 0
else
@@ -194,14 +194,14 @@ setup_ssl_certificate() {
# Requires acme.sh and port 80 open for HTTP-01 challenge
setup_ip_certificate() {
local ipv4="$1"
- local ipv6="$2" # optional
+ local ipv6="$2" # optional
echo -e "${green}Setting up Let's Encrypt IP certificate (shortlived profile)...${plain}"
echo -e "${yellow}Note: IP certificates are valid for ~6 days and will auto-renew.${plain}"
echo -e "${yellow}Default listener is port 80. If you choose another port, ensure external port 80 forwards to it.${plain}"
# Check for acme.sh
- if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
+ if ! command -v ~/.acme.sh/acme.sh &> /dev/null; then
install_acme
if [ $? -ne 0 ]; then
echo -e "${red}Failed to install acme.sh${plain}"
@@ -273,8 +273,8 @@ setup_ip_certificate() {
# Issue certificate with shortlived profile
echo -e "${green}Issuing IP certificate for ${ipv4}...${plain}"
- ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force >/dev/null 2>&1
-
+ ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force > /dev/null 2>&1
+
~/.acme.sh/acme.sh --issue \
${domain_args} \
--standalone \
@@ -288,9 +288,9 @@ setup_ip_certificate() {
echo -e "${red}Failed to issue IP certificate${plain}"
echo -e "${yellow}Please ensure port ${WebPort} is reachable (or forwarded from external port 80)${plain}"
# Cleanup acme.sh data for both IPv4 and IPv6 if specified
- rm -rf ~/.acme.sh/${ipv4} 2>/dev/null
- [[ -n "$ipv6" ]] && rm -rf ~/.acme.sh/${ipv6} 2>/dev/null
- rm -rf ${certDir} 2>/dev/null
+ rm -rf ~/.acme.sh/${ipv4} 2> /dev/null
+ [[ -n "$ipv6" ]] && rm -rf ~/.acme.sh/${ipv6} 2> /dev/null
+ rm -rf ${certDir} 2> /dev/null
return 1
fi
@@ -308,25 +308,25 @@ setup_ip_certificate() {
if [[ ! -f "${certDir}/fullchain.pem" || ! -f "${certDir}/privkey.pem" ]]; then
echo -e "${red}Certificate files not found after installation${plain}"
# Cleanup acme.sh data for both IPv4 and IPv6 if specified
- rm -rf ~/.acme.sh/${ipv4} 2>/dev/null
- [[ -n "$ipv6" ]] && rm -rf ~/.acme.sh/${ipv6} 2>/dev/null
- rm -rf ${certDir} 2>/dev/null
+ rm -rf ~/.acme.sh/${ipv4} 2> /dev/null
+ [[ -n "$ipv6" ]] && rm -rf ~/.acme.sh/${ipv6} 2> /dev/null
+ rm -rf ${certDir} 2> /dev/null
return 1
fi
-
+
echo -e "${green}Certificate files installed successfully${plain}"
# Enable auto-upgrade for acme.sh (ensures cron job runs)
- ~/.acme.sh/acme.sh --upgrade --auto-upgrade >/dev/null 2>&1
+ ~/.acme.sh/acme.sh --upgrade --auto-upgrade > /dev/null 2>&1
# Secure permissions: private key readable only by owner
- chmod 600 ${certDir}/privkey.pem 2>/dev/null
- chmod 644 ${certDir}/fullchain.pem 2>/dev/null
+ chmod 600 ${certDir}/privkey.pem 2> /dev/null
+ chmod 644 ${certDir}/fullchain.pem 2> /dev/null
# Configure panel to use the certificate
echo -e "${green}Setting certificate paths for the panel...${plain}"
${xui_folder}/x-ui cert -webCert "${certDir}/fullchain.pem" -webCertKey "${certDir}/privkey.pem"
-
+
if [ $? -ne 0 ]; then
echo -e "${yellow}Warning: Could not set certificate paths automatically${plain}"
echo -e "${yellow}Certificate files are at:${plain}"
@@ -346,9 +346,9 @@ setup_ip_certificate() {
ssl_cert_issue() {
local existing_webBasePath=$(${xui_folder}/x-ui setting -show true | grep 'webBasePath:' | awk -F': ' '{print $2}' | tr -d '[:space:]' | sed 's#^/##')
local existing_port=$(${xui_folder}/x-ui setting -show true | grep 'port:' | awk -F': ' '{print $2}' | tr -d '[:space:]')
-
+
# check for acme.sh first
- if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
+ if ! command -v ~/.acme.sh/acme.sh &> /dev/null; then
echo "acme.sh could not be found. Installing now..."
cd ~ || return 1
curl -s https://get.acme.sh | sh
@@ -364,18 +364,18 @@ ssl_cert_issue() {
local domain=""
while true; do
read -rp "Please enter your domain name: " domain
- domain="${domain// /}" # Trim whitespace
-
+ domain="${domain// /}" # Trim whitespace
+
if [[ -z "$domain" ]]; then
echo -e "${red}Domain name cannot be empty. Please try again.${plain}"
continue
fi
-
+
if ! is_domain "$domain"; then
echo -e "${red}Invalid domain format: ${domain}. Please enter a valid domain name.${plain}"
continue
fi
-
+
break
done
echo -e "${green}Your domain is: ${domain}, checking it...${plain}"
@@ -383,9 +383,9 @@ ssl_cert_issue() {
# detect existing certificate and reuse it if present
local cert_exists=0
- if ~/.acme.sh/acme.sh --list 2>/dev/null | awk '{print $1}' | grep -Fxq "${domain}"; then
+ if ~/.acme.sh/acme.sh --list 2> /dev/null | awk '{print $1}' | grep -Fxq "${domain}"; then
cert_exists=1
- local certInfo=$(~/.acme.sh/acme.sh --list 2>/dev/null | grep -F "${domain}")
+ local certInfo=$(~/.acme.sh/acme.sh --list 2> /dev/null | grep -F "${domain}")
echo -e "${yellow}Existing certificate found for ${domain}, will reuse it.${plain}"
[[ -n "${certInfo}" ]] && echo "$certInfo"
else
@@ -412,7 +412,7 @@ ssl_cert_issue() {
# Stop panel temporarily
echo -e "${yellow}Stopping panel temporarily...${plain}"
- systemctl stop x-ui 2>/dev/null || rc-service x-ui stop 2>/dev/null
+ systemctl stop x-ui 2> /dev/null || rc-service x-ui stop 2> /dev/null
if [[ ${cert_exists} -eq 0 ]]; then
# issue the certificate
@@ -421,7 +421,7 @@ ssl_cert_issue() {
if [ $? -ne 0 ]; then
echo -e "${red}Issuing certificate failed, please check logs.${plain}"
rm -rf ~/.acme.sh/${domain}
- systemctl start x-ui 2>/dev/null || rc-service x-ui start 2>/dev/null
+ systemctl start x-ui 2> /dev/null || rc-service x-ui start 2> /dev/null
return 1
else
echo -e "${green}Issuing certificate succeeded, installing certificates...${plain}"
@@ -441,18 +441,18 @@ ssl_cert_issue() {
echo -e "${green}\t0.${plain} Keep default reloadcmd"
read -rp "Choose an option: " choice
case "$choice" in
- 1)
- echo -e "${green}Reloadcmd is: systemctl reload nginx ; systemctl restart x-ui${plain}"
- reloadCmd="systemctl reload nginx ; systemctl restart x-ui"
- ;;
- 2)
- echo -e "${yellow}It's recommended to put x-ui restart at the end${plain}"
- read -rp "Please enter your custom reloadcmd: " reloadCmd
- echo -e "${green}Reloadcmd is: ${reloadCmd}${plain}"
- ;;
- *)
- echo -e "${green}Keeping default reloadcmd${plain}"
- ;;
+ 1)
+ echo -e "${green}Reloadcmd is: systemctl reload nginx ; systemctl restart x-ui${plain}"
+ reloadCmd="systemctl reload nginx ; systemctl restart x-ui"
+ ;;
+ 2)
+ echo -e "${yellow}It's recommended to put x-ui restart at the end${plain}"
+ read -rp "Please enter your custom reloadcmd: " reloadCmd
+ echo -e "${green}Reloadcmd is: ${reloadCmd}${plain}"
+ ;;
+ *)
+ echo -e "${green}Keeping default reloadcmd${plain}"
+ ;;
esac
fi
@@ -469,14 +469,14 @@ ssl_cert_issue() {
installWroteFiles=1
fi
- if [[ -f "/root/cert/${domain}/privkey.pem" && -f "/root/cert/${domain}/fullchain.pem" && ( ${installRc} -eq 0 || ${installWroteFiles} -eq 1 ) ]]; then
+ if [[ -f "/root/cert/${domain}/privkey.pem" && -f "/root/cert/${domain}/fullchain.pem" && (${installRc} -eq 0 || ${installWroteFiles} -eq 1) ]]; then
echo -e "${green}Installing certificate succeeded, enabling auto renew...${plain}"
else
echo -e "${red}Installing certificate failed, exiting.${plain}"
if [[ ${cert_exists} -eq 0 ]]; then
rm -rf ~/.acme.sh/${domain}
fi
- systemctl start x-ui 2>/dev/null || rc-service x-ui start 2>/dev/null
+ systemctl start x-ui 2> /dev/null || rc-service x-ui start 2> /dev/null
return 1
fi
@@ -486,18 +486,18 @@ ssl_cert_issue() {
echo -e "${yellow}Auto renew setup had issues, certificate details:${plain}"
ls -lah /root/cert/${domain}/
# Secure permissions: private key readable only by owner
- chmod 600 $certPath/privkey.pem 2>/dev/null
- chmod 644 $certPath/fullchain.pem 2>/dev/null
+ chmod 600 $certPath/privkey.pem 2> /dev/null
+ chmod 644 $certPath/fullchain.pem 2> /dev/null
else
echo -e "${green}Auto renew succeeded, certificate details:${plain}"
ls -lah /root/cert/${domain}/
# Secure permissions: private key readable only by owner
- chmod 600 $certPath/privkey.pem 2>/dev/null
- chmod 644 $certPath/fullchain.pem 2>/dev/null
+ chmod 600 $certPath/privkey.pem 2> /dev/null
+ chmod 644 $certPath/fullchain.pem 2> /dev/null
fi
# start panel
- systemctl start x-ui 2>/dev/null || rc-service x-ui start 2>/dev/null
+ systemctl start x-ui 2> /dev/null || rc-service x-ui start 2> /dev/null
# Prompt user to set panel paths after successful certificate installation
read -rp "Would you like to set this certificate for the panel? (y/n): " setPanel
@@ -513,14 +513,14 @@ ssl_cert_issue() {
echo ""
echo -e "${green}Access URL: https://${domain}:${existing_port}/${existing_webBasePath}${plain}"
echo -e "${yellow}Panel will restart to apply SSL certificate...${plain}"
- systemctl restart x-ui 2>/dev/null || rc-service x-ui restart 2>/dev/null
+ systemctl restart x-ui 2> /dev/null || rc-service x-ui restart 2> /dev/null
else
echo -e "${red}Error: Certificate or private key file not found for domain: $domain.${plain}"
fi
else
echo -e "${yellow}Skipping panel path setting.${plain}"
fi
-
+
return 0
}
@@ -528,7 +528,7 @@ ssl_cert_issue() {
# Sets global `SSL_HOST` to the chosen domain/IP for Access URL usage
prompt_and_setup_ssl() {
local panel_port="$1"
- local web_base_path="$2" # expected without leading slash
+ local web_base_path="$2" # expected without leading slash
local server_ip="$3"
local ssl_choice=""
@@ -539,124 +539,124 @@ prompt_and_setup_ssl() {
echo -e "${green}3.${plain} Custom SSL Certificate (Path to existing files)"
echo -e "${blue}Note:${plain} Options 1 & 2 require port 80 open. Option 3 requires manual paths."
read -rp "Choose an option (default 2 for IP): " ssl_choice
- ssl_choice="${ssl_choice// /}" # Trim whitespace
-
+ ssl_choice="${ssl_choice// /}" # Trim whitespace
+
# Default to 2 (IP cert) if input is empty or invalid (not 1 or 3)
if [[ "$ssl_choice" != "1" && "$ssl_choice" != "3" ]]; then
ssl_choice="2"
fi
case "$ssl_choice" in
- 1)
- # User chose Let's Encrypt domain option
- echo -e "${green}Using Let's Encrypt for domain certificate...${plain}"
- if ssl_cert_issue; then
- local cert_domain="${SSL_ISSUED_DOMAIN}"
- if [[ -z "${cert_domain}" ]]; then
- cert_domain=$(~/.acme.sh/acme.sh --list 2>/dev/null | tail -1 | awk '{print $1}')
- fi
+ 1)
+ # User chose Let's Encrypt domain option
+ echo -e "${green}Using Let's Encrypt for domain certificate...${plain}"
+ if ssl_cert_issue; then
+ local cert_domain="${SSL_ISSUED_DOMAIN}"
+ if [[ -z "${cert_domain}" ]]; then
+ cert_domain=$(~/.acme.sh/acme.sh --list 2> /dev/null | tail -1 | awk '{print $1}')
+ fi
- if [[ -n "${cert_domain}" ]]; then
- SSL_HOST="${cert_domain}"
- echo -e "${green}✓ SSL certificate configured successfully with domain: ${cert_domain}${plain}"
+ if [[ -n "${cert_domain}" ]]; then
+ SSL_HOST="${cert_domain}"
+ echo -e "${green}✓ SSL certificate configured successfully with domain: ${cert_domain}${plain}"
+ else
+ echo -e "${yellow}SSL setup may have completed, but domain extraction failed${plain}"
+ SSL_HOST="${server_ip}"
+ fi
else
- echo -e "${yellow}SSL setup may have completed, but domain extraction failed${plain}"
+ echo -e "${red}SSL certificate setup failed for domain mode.${plain}"
SSL_HOST="${server_ip}"
fi
- else
- echo -e "${red}SSL certificate setup failed for domain mode.${plain}"
- SSL_HOST="${server_ip}"
- fi
- ;;
- 2)
- # User chose Let's Encrypt IP certificate option
- echo -e "${green}Using Let's Encrypt for IP certificate (shortlived profile)...${plain}"
-
- # Ask for optional IPv6
- local ipv6_addr=""
- read -rp "Do you have an IPv6 address to include? (leave empty to skip): " ipv6_addr
- ipv6_addr="${ipv6_addr// /}" # Trim whitespace
-
- # Stop panel if running (port 80 needed)
- if [[ $release == "alpine" ]]; then
- rc-service x-ui stop >/dev/null 2>&1
- else
- systemctl stop x-ui >/dev/null 2>&1
- fi
-
- setup_ip_certificate "${server_ip}" "${ipv6_addr}"
- if [ $? -eq 0 ]; then
- SSL_HOST="${server_ip}"
- echo -e "${green}✓ Let's Encrypt IP certificate configured successfully${plain}"
- else
- echo -e "${red}✗ IP certificate setup failed. Please check port 80 is open.${plain}"
- SSL_HOST="${server_ip}"
- fi
- ;;
- 3)
- # User chose Custom Paths (User Provided) option
- echo -e "${green}Using custom existing certificate...${plain}"
- local custom_cert=""
- local custom_key=""
- local custom_domain=""
+ ;;
+ 2)
+ # User chose Let's Encrypt IP certificate option
+ echo -e "${green}Using Let's Encrypt for IP certificate (shortlived profile)...${plain}"
- # 3.1 Request Domain to compose Panel URL later
- read -rp "Please enter domain name certificate issued for: " custom_domain
- custom_domain="${custom_domain// /}" # Remove spaces
+ # Ask for optional IPv6
+ local ipv6_addr=""
+ read -rp "Do you have an IPv6 address to include? (leave empty to skip): " ipv6_addr
+ ipv6_addr="${ipv6_addr// /}" # Trim whitespace
- # 3.2 Loop for Certificate Path
- while true; do
- read -rp "Input certificate path (keywords: .crt / fullchain): " custom_cert
- # Strip quotes if present
- custom_cert=$(echo "$custom_cert" | tr -d '"' | tr -d "'")
-
- if [[ -f "$custom_cert" && -r "$custom_cert" && -s "$custom_cert" ]]; then
- break
- elif [[ ! -f "$custom_cert" ]]; then
- echo -e "${red}Error: File does not exist! Try again.${plain}"
- elif [[ ! -r "$custom_cert" ]]; then
- echo -e "${red}Error: File exists but is not readable (check permissions)!${plain}"
+ # Stop panel if running (port 80 needed)
+ if [[ $release == "alpine" ]]; then
+ rc-service x-ui stop > /dev/null 2>&1
else
- echo -e "${red}Error: File is empty!${plain}"
+ systemctl stop x-ui > /dev/null 2>&1
fi
- done
- # 3.3 Loop for Private Key Path
- while true; do
- read -rp "Input private key path (keywords: .key / privatekey): " custom_key
- # Strip quotes if present
- custom_key=$(echo "$custom_key" | tr -d '"' | tr -d "'")
-
- if [[ -f "$custom_key" && -r "$custom_key" && -s "$custom_key" ]]; then
- break
- elif [[ ! -f "$custom_key" ]]; then
- echo -e "${red}Error: File does not exist! Try again.${plain}"
- elif [[ ! -r "$custom_key" ]]; then
- echo -e "${red}Error: File exists but is not readable (check permissions)!${plain}"
+ setup_ip_certificate "${server_ip}" "${ipv6_addr}"
+ if [ $? -eq 0 ]; then
+ SSL_HOST="${server_ip}"
+ echo -e "${green}✓ Let's Encrypt IP certificate configured successfully${plain}"
else
- echo -e "${red}Error: File is empty!${plain}"
+ echo -e "${red}✗ IP certificate setup failed. Please check port 80 is open.${plain}"
+ SSL_HOST="${server_ip}"
fi
- done
+ ;;
+ 3)
+ # User chose Custom Paths (User Provided) option
+ echo -e "${green}Using custom existing certificate...${plain}"
+ local custom_cert=""
+ local custom_key=""
+ local custom_domain=""
- # 3.4 Apply Settings via x-ui binary
- ${xui_folder}/x-ui cert -webCert "$custom_cert" -webCertKey "$custom_key" >/dev/null 2>&1
-
- # Set SSL_HOST for composing Panel URL
- if [[ -n "$custom_domain" ]]; then
- SSL_HOST="$custom_domain"
- else
+ # 3.1 Request Domain to compose Panel URL later
+ read -rp "Please enter domain name certificate issued for: " custom_domain
+ custom_domain="${custom_domain// /}" # Remove spaces
+
+ # 3.2 Loop for Certificate Path
+ while true; do
+ read -rp "Input certificate path (keywords: .crt / fullchain): " custom_cert
+ # Strip quotes if present
+ custom_cert=$(echo "$custom_cert" | tr -d '"' | tr -d "'")
+
+ if [[ -f "$custom_cert" && -r "$custom_cert" && -s "$custom_cert" ]]; then
+ break
+ elif [[ ! -f "$custom_cert" ]]; then
+ echo -e "${red}Error: File does not exist! Try again.${plain}"
+ elif [[ ! -r "$custom_cert" ]]; then
+ echo -e "${red}Error: File exists but is not readable (check permissions)!${plain}"
+ else
+ echo -e "${red}Error: File is empty!${plain}"
+ fi
+ done
+
+ # 3.3 Loop for Private Key Path
+ while true; do
+ read -rp "Input private key path (keywords: .key / privatekey): " custom_key
+ # Strip quotes if present
+ custom_key=$(echo "$custom_key" | tr -d '"' | tr -d "'")
+
+ if [[ -f "$custom_key" && -r "$custom_key" && -s "$custom_key" ]]; then
+ break
+ elif [[ ! -f "$custom_key" ]]; then
+ echo -e "${red}Error: File does not exist! Try again.${plain}"
+ elif [[ ! -r "$custom_key" ]]; then
+ echo -e "${red}Error: File exists but is not readable (check permissions)!${plain}"
+ else
+ echo -e "${red}Error: File is empty!${plain}"
+ fi
+ done
+
+ # 3.4 Apply Settings via x-ui binary
+ ${xui_folder}/x-ui cert -webCert "$custom_cert" -webCertKey "$custom_key" > /dev/null 2>&1
+
+ # Set SSL_HOST for composing Panel URL
+ if [[ -n "$custom_domain" ]]; then
+ SSL_HOST="$custom_domain"
+ else
+ SSL_HOST="${server_ip}"
+ fi
+
+ echo -e "${green}✓ Custom certificate paths applied.${plain}"
+ echo -e "${yellow}Note: You are responsible for renewing these files externally.${plain}"
+
+ systemctl restart x-ui > /dev/null 2>&1 || rc-service x-ui restart > /dev/null 2>&1
+ ;;
+ *)
+ echo -e "${red}Invalid option. Skipping SSL setup.${plain}"
SSL_HOST="${server_ip}"
- fi
-
- echo -e "${green}✓ Custom certificate paths applied.${plain}"
- echo -e "${yellow}Note: You are responsible for renewing these files externally.${plain}"
-
- systemctl restart x-ui >/dev/null 2>&1 || rc-service x-ui restart >/dev/null 2>&1
- ;;
- *)
- echo -e "${red}Invalid option. Skipping SSL setup.${plain}"
- SSL_HOST="${server_ip}"
- ;;
+ ;;
esac
}
@@ -676,7 +676,7 @@ config_after_install() {
)
local server_ip=""
for ip_address in "${URL_lists[@]}"; do
- local response=$(curl -s -w "\n%{http_code}" --max-time 3 "${ip_address}" 2>/dev/null)
+ local response=$(curl -s -w "\n%{http_code}" --max-time 3 "${ip_address}" 2> /dev/null)
local http_code=$(echo "$response" | tail -n1)
local ip_result=$(echo "$response" | head -n-1 | tr -d '[:space:]')
if [[ "${http_code}" == "200" && -n "${ip_result}" ]]; then
@@ -684,13 +684,13 @@ config_after_install() {
break
fi
done
-
+
if [[ ${#existing_webBasePath} -lt 4 ]]; then
if [[ "$existing_hasDefaultCredential" == "true" ]]; then
local config_webBasePath=$(gen_random_string 18)
local config_username=$(gen_random_string 10)
local config_password=$(gen_random_string 10)
-
+
read -rp "Would you like to customize the Panel Port settings? (If not, a random port will be applied) [y/n]: " config_confirm
if [[ "${config_confirm}" == "y" || "${config_confirm}" == "Y" ]]; then
read -rp "Please set up the panel port: " config_port
@@ -699,9 +699,9 @@ config_after_install() {
local config_port=$(shuf -i 1024-62000 -n 1)
echo -e "${yellow}Generated random port: ${config_port}${plain}"
fi
-
+
${xui_folder}/x-ui setting -username "${config_username}" -password "${config_password}" -port "${config_port}" -webBasePath "${config_webBasePath}"
-
+
echo ""
echo -e "${green}═══════════════════════════════════════════${plain}"
echo -e "${green} SSL Certificate Setup (MANDATORY) ${plain}"
@@ -711,7 +711,7 @@ config_after_install() {
echo ""
prompt_and_setup_ssl "${config_port}" "${config_webBasePath}" "${server_ip}"
-
+
# Display final credentials and access information
echo ""
echo -e "${green}═══════════════════════════════════════════${plain}"
@@ -750,7 +750,7 @@ config_after_install() {
if [[ "$existing_hasDefaultCredential" == "true" ]]; then
local config_username=$(gen_random_string 10)
local config_password=$(gen_random_string 10)
-
+
echo -e "${yellow}Default credentials detected. Security update required...${plain}"
${xui_folder}/x-ui setting -username "${config_username}" -password "${config_password}"
echo -e "Generated new random login credentials:"
@@ -778,13 +778,13 @@ config_after_install() {
echo -e "${green}SSL certificate already configured. No action needed.${plain}"
fi
fi
-
+
${xui_folder}/x-ui migrate
}
install_x-ui() {
cd ${xui_folder%/x-ui}/
-
+
# Download resources
if [ $# == 0 ]; then
tag_version=$(curl -Ls "https://api.github.com/repos/MHSanaei/3x-ui/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
@@ -806,12 +806,12 @@ install_x-ui() {
tag_version=$1
tag_version_numeric=${tag_version#v}
min_version="2.3.5"
-
+
if [[ "$(printf '%s\n' "$min_version" "$tag_version_numeric" | sort -V | head -n1)" != "$min_version" ]]; then
echo -e "${red}Please use a newer version (at least v2.3.5). Exiting installation.${plain}"
exit 1
fi
-
+
url="https://github.com/MHSanaei/3x-ui/releases/download/${tag_version}/x-ui-linux-$(arch).tar.gz"
echo -e "Beginning to install x-ui $1"
curl -4fLRo ${xui_folder}-linux-$(arch).tar.gz ${url}
@@ -825,7 +825,7 @@ install_x-ui() {
echo -e "${red}Failed to download x-ui.sh${plain}"
exit 1
fi
-
+
# Stop x-ui service and remove old resources
if [[ -e ${xui_folder}/ ]]; then
if [[ $release == "alpine" ]]; then
@@ -835,22 +835,22 @@ install_x-ui() {
fi
rm ${xui_folder}/ -rf
fi
-
+
# Extract resources and set permissions
tar zxvf x-ui-linux-$(arch).tar.gz
rm x-ui-linux-$(arch).tar.gz -f
-
+
cd x-ui
chmod +x x-ui
chmod +x x-ui.sh
-
+
# Check the system's architecture and rename the file accordingly
if [[ $(arch) == "armv5" || $(arch) == "armv6" || $(arch) == "armv7" ]]; then
mv bin/xray-linux-$(arch) bin/xray-linux-arm
chmod +x bin/xray-linux-arm
fi
chmod +x x-ui bin/xray-linux-$(arch)
-
+
# Update x-ui cli and se set permission
mv -f /usr/bin/x-ui-temp /usr/bin/x-ui
chmod +x /usr/bin/x-ui
@@ -870,7 +870,7 @@ install_x-ui() {
echo -e "${green}Created /etc/.gitignore and added x-ui.db for etckeeper${plain}"
fi
fi
-
+
if [[ $release == "alpine" ]]; then
curl -4fLRo /etc/init.d/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.rc
if [[ $? -ne 0 ]]; then
@@ -883,73 +883,73 @@ install_x-ui() {
else
# Install systemd service file
service_installed=false
-
+
if [ -f "x-ui.service" ]; then
echo -e "${green}Found x-ui.service in extracted files, installing...${plain}"
- cp -f x-ui.service ${xui_service}/ >/dev/null 2>&1
+ cp -f x-ui.service ${xui_service}/ > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
service_installed=true
fi
fi
-
+
if [ "$service_installed" = false ]; then
case "${release}" in
ubuntu | debian | armbian)
if [ -f "x-ui.service.debian" ]; then
echo -e "${green}Found x-ui.service.debian in extracted files, installing...${plain}"
- cp -f x-ui.service.debian ${xui_service}/x-ui.service >/dev/null 2>&1
+ cp -f x-ui.service.debian ${xui_service}/x-ui.service > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
service_installed=true
fi
fi
- ;;
+ ;;
arch | manjaro | parch)
if [ -f "x-ui.service.arch" ]; then
echo -e "${green}Found x-ui.service.arch in extracted files, installing...${plain}"
- cp -f x-ui.service.arch ${xui_service}/x-ui.service >/dev/null 2>&1
+ cp -f x-ui.service.arch ${xui_service}/x-ui.service > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
service_installed=true
fi
fi
- ;;
+ ;;
*)
if [ -f "x-ui.service.rhel" ]; then
echo -e "${green}Found x-ui.service.rhel in extracted files, installing...${plain}"
- cp -f x-ui.service.rhel ${xui_service}/x-ui.service >/dev/null 2>&1
+ cp -f x-ui.service.rhel ${xui_service}/x-ui.service > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
service_installed=true
fi
fi
- ;;
+ ;;
esac
fi
-
+
# If service file not found in tar.gz, download from GitHub
if [ "$service_installed" = false ]; then
echo -e "${yellow}Service files not found in tar.gz, downloading from GitHub...${plain}"
case "${release}" in
ubuntu | debian | armbian)
- curl -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.debian >/dev/null 2>&1
- ;;
+ curl -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.debian > /dev/null 2>&1
+ ;;
arch | manjaro | parch)
- curl -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.arch >/dev/null 2>&1
- ;;
+ curl -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.arch > /dev/null 2>&1
+ ;;
*)
- curl -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.rhel >/dev/null 2>&1
- ;;
+ curl -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.rhel > /dev/null 2>&1
+ ;;
esac
-
+
if [[ $? -ne 0 ]]; then
echo -e "${red}Failed to install x-ui.service from GitHub${plain}"
exit 1
fi
service_installed=true
fi
-
+
if [ "$service_installed" = true ]; then
echo -e "${green}Setting up systemd unit...${plain}"
- chown root:root ${xui_service}/x-ui.service >/dev/null 2>&1
- chmod 644 ${xui_service}/x-ui.service >/dev/null 2>&1
+ chown root:root ${xui_service}/x-ui.service > /dev/null 2>&1
+ chmod 644 ${xui_service}/x-ui.service > /dev/null 2>&1
systemctl daemon-reload
systemctl enable x-ui
systemctl start x-ui
@@ -958,7 +958,7 @@ install_x-ui() {
exit 1
fi
fi
-
+
echo -e "${green}x-ui ${tag_version}${plain} installation finished, it is running now..."
echo -e ""
echo -e "┌───────────────────────────────────────────────────────┐
diff --git a/sub/subClashService.go b/sub/subClashService.go
index 7b6b8214..e2f61bec 100644
--- a/sub/subClashService.go
+++ b/sub/subClashService.go
@@ -55,7 +55,7 @@ func (s *SubClashService) GetClash(subId string, host string) (string, string, e
}
}
for _, client := range clients {
- if client.Enable && client.SubID == subId {
+ if client.SubID == subId {
clientTraffics = append(clientTraffics, s.SubService.getClientTraffics(inbound.ClientStats, client.Email))
proxies = append(proxies, s.getProxies(inbound, client, host)...)
}
diff --git a/sub/subController.go b/sub/subController.go
index 0e9e2c97..a765ef06 100644
--- a/sub/subController.go
+++ b/sub/subController.go
@@ -138,6 +138,7 @@ func (a *SUBController) subs(c *gin.Context) {
"host": page.Host,
"base_path": page.BasePath,
"sId": page.SId,
+ "enabled": page.Enabled,
"download": page.Download,
"upload": page.Upload,
"total": page.Total,
diff --git a/sub/subJsonService.go b/sub/subJsonService.go
index a51f10bb..38f1ddc8 100644
--- a/sub/subJsonService.go
+++ b/sub/subJsonService.go
@@ -116,7 +116,7 @@ func (s *SubJsonService) GetJson(subId string, host string) (string, string, err
}
for _, client := range clients {
- if client.Enable && client.SubID == subId {
+ if client.SubID == subId {
clientTraffics = append(clientTraffics, s.SubService.getClientTraffics(inbound.ClientStats, client.Email))
newConfigs := s.getConfig(inbound, client, host)
configArray = append(configArray, newConfigs...)
diff --git a/sub/subService.go b/sub/subService.go
index 19ca21d9..12d9bfb5 100644
--- a/sub/subService.go
+++ b/sub/subService.go
@@ -46,6 +46,7 @@ func (s *SubService) GetSubs(subId string, host string) ([]string, int64, xray.C
var result []string
var traffic xray.ClientTraffic
var lastOnline int64
+ var hasEnabledClient bool
var clientTraffics []xray.ClientTraffic
inbounds, err := s.getInboundsBySubId(subId)
if err != nil {
@@ -77,7 +78,10 @@ func (s *SubService) GetSubs(subId string, host string) ([]string, int64, xray.C
}
}
for _, client := range clients {
- if client.Enable && client.SubID == subId {
+ if client.SubID == subId {
+ if client.Enable {
+ hasEnabledClient = true
+ }
link := s.getLink(inbound, client.Email)
result = append(result, link)
ct := s.getClientTraffics(inbound.ClientStats, client.Email)
@@ -111,6 +115,7 @@ func (s *SubService) GetSubs(subId string, host string) ([]string, int64, xray.C
}
}
}
+ traffic.Enable = hasEnabledClient
return result, lastOnline, traffic, nil
}
@@ -1304,6 +1309,7 @@ type PageData struct {
Host string
BasePath string
SId string
+ Enabled bool
Download string
Upload string
Total string
@@ -1453,6 +1459,7 @@ func (s *SubService) BuildPageData(subId string, hostHeader string, traffic xray
Host: hostHeader,
BasePath: basePath,
SId: subId,
+ Enabled: traffic.Enable,
Download: download,
Upload: upload,
Total: total,
diff --git a/update.sh b/update.sh
index c9985d82..8336518b 100755
--- a/update.sh
+++ b/update.sh
@@ -12,16 +12,16 @@ xui_service="${XUI_SERVICE:=/etc/systemd/system}"
# Don't edit this config
b_source="${BASH_SOURCE[0]}"
while [ -h "$b_source" ]; do
- b_dir="$(cd -P "$(dirname "$b_source")" >/dev/null 2>&1 && pwd || pwd -P)"
+ b_dir="$(cd -P "$(dirname "$b_source")" > /dev/null 2>&1 && pwd || pwd -P)"
b_source="$(readlink "$b_source")"
[[ $b_source != /* ]] && b_source="$b_dir/$b_source"
done
-cur_dir="$(cd -P "$(dirname "$b_source")" >/dev/null 2>&1 && pwd || pwd -P)"
+cur_dir="$(cd -P "$(dirname "$b_source")" > /dev/null 2>&1 && pwd || pwd -P)"
script_name=$(basename "$0")
# Check command exist function
_command_exists() {
- type "$1" &>/dev/null
+ type "$1" &> /dev/null
}
# Fail, log and exit script function
@@ -44,7 +44,7 @@ fi
if [[ -f /etc/os-release ]]; then
source /etc/os-release
release=$ID
- elif [[ -f /usr/lib/os-release ]]; then
+elif [[ -f /usr/lib/os-release ]]; then
source /usr/lib/os-release
release=$ID
else
@@ -61,7 +61,7 @@ arch() {
armv6* | armv6) echo 'armv6' ;;
armv5* | armv5) echo 'armv5' ;;
s390x) echo 's390x' ;;
- *) echo -e "${red}Unsupported CPU architecture!${plain}" && rm -f "${cur_dir}/${script_name}" >/dev/null 2>&1 && exit 2;;
+ *) echo -e "${red}Unsupported CPU architecture!${plain}" && rm -f "${cur_dir}/${script_name}" > /dev/null 2>&1 && exit 2 ;;
esac
}
@@ -84,23 +84,23 @@ is_domain() {
# Port helpers
is_port_in_use() {
local port="$1"
- if command -v ss >/dev/null 2>&1; then
- ss -ltn 2>/dev/null | awk -v p=":${port}$" '$4 ~ p {exit 0} END {exit 1}'
+ if command -v ss > /dev/null 2>&1; then
+ ss -ltn 2> /dev/null | awk -v p=":${port}$" '$4 ~ p {exit 0} END {exit 1}'
return
fi
- if command -v netstat >/dev/null 2>&1; then
- netstat -lnt 2>/dev/null | awk -v p=":${port} " '$4 ~ p {exit 0} END {exit 1}'
+ if command -v netstat > /dev/null 2>&1; then
+ netstat -lnt 2> /dev/null | awk -v p=":${port} " '$4 ~ p {exit 0} END {exit 1}'
return
fi
- if command -v lsof >/dev/null 2>&1; then
- lsof -nP -iTCP:${port} -sTCP:LISTEN >/dev/null 2>&1 && return 0
+ if command -v lsof > /dev/null 2>&1; then
+ lsof -nP -iTCP:${port} -sTCP:LISTEN > /dev/null 2>&1 && return 0
fi
return 1
}
gen_random_string() {
local length="$1"
- openssl rand -base64 $(( length * 2 )) \
+ openssl rand -base64 $((length * 2)) \
| tr -dc 'a-zA-Z0-9' \
| head -c "$length"
}
@@ -109,37 +109,37 @@ install_base() {
echo -e "${green}Updating and install dependency packages...${plain}"
case "${release}" in
ubuntu | debian | armbian)
- apt-get update >/dev/null 2>&1 && apt-get install -y -q cron curl tar tzdata socat openssl >/dev/null 2>&1
- ;;
+ apt-get update > /dev/null 2>&1 && apt-get install -y -q cron curl tar tzdata socat openssl > /dev/null 2>&1
+ ;;
fedora | amzn | virtuozzo | rhel | almalinux | rocky | ol)
- dnf -y update >/dev/null 2>&1 && dnf install -y -q cronie curl tar tzdata socat openssl >/dev/null 2>&1
- ;;
+ dnf -y update > /dev/null 2>&1 && dnf install -y -q cronie curl tar tzdata socat openssl > /dev/null 2>&1
+ ;;
centos)
if [[ "${VERSION_ID}" =~ ^7 ]]; then
- yum -y update >/dev/null 2>&1 && yum install -y -q cronie curl tar tzdata socat openssl >/dev/null 2>&1
+ yum -y update > /dev/null 2>&1 && yum install -y -q cronie curl tar tzdata socat openssl > /dev/null 2>&1
else
- dnf -y update >/dev/null 2>&1 && dnf install -y -q cronie curl tar tzdata socat openssl >/dev/null 2>&1
+ dnf -y update > /dev/null 2>&1 && dnf install -y -q cronie curl tar tzdata socat openssl > /dev/null 2>&1
fi
- ;;
+ ;;
arch | manjaro | parch)
- pacman -Syu >/dev/null 2>&1 && pacman -Syu --noconfirm cronie curl tar tzdata socat openssl >/dev/null 2>&1
- ;;
+ pacman -Syu > /dev/null 2>&1 && pacman -Syu --noconfirm cronie curl tar tzdata socat openssl > /dev/null 2>&1
+ ;;
opensuse-tumbleweed | opensuse-leap)
- zypper refresh >/dev/null 2>&1 && zypper -q install -y cron curl tar timezone socat openssl >/dev/null 2>&1
- ;;
+ zypper refresh > /dev/null 2>&1 && zypper -q install -y cron curl tar timezone socat openssl > /dev/null 2>&1
+ ;;
alpine)
- apk update >/dev/null 2>&1 && apk add dcron curl tar tzdata socat openssl>/dev/null 2>&1
- ;;
+ apk update > /dev/null 2>&1 && apk add dcron curl tar tzdata socat openssl > /dev/null 2>&1
+ ;;
*)
- apt-get update >/dev/null 2>&1 && apt install -y -q cron curl tar tzdata socat openssl >/dev/null 2>&1
- ;;
+ apt-get update > /dev/null 2>&1 && apt install -y -q cron curl tar tzdata socat openssl > /dev/null 2>&1
+ ;;
esac
}
install_acme() {
echo -e "${green}Installing acme.sh for SSL certificate management...${plain}"
cd ~ || return 1
- curl -s https://get.acme.sh | sh >/dev/null 2>&1
+ curl -s https://get.acme.sh | sh > /dev/null 2>&1
if [ $? -ne 0 ]; then
echo -e "${red}Failed to install acme.sh${plain}"
return 1
@@ -154,59 +154,59 @@ setup_ssl_certificate() {
local server_ip="$2"
local existing_port="$3"
local existing_webBasePath="$4"
-
+
echo -e "${green}Setting up SSL certificate...${plain}"
-
+
# Check if acme.sh is installed
- if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
+ if ! command -v ~/.acme.sh/acme.sh &> /dev/null; then
install_acme
if [ $? -ne 0 ]; then
echo -e "${yellow}Failed to install acme.sh, skipping SSL setup${plain}"
return 1
fi
fi
-
+
# Create certificate directory
local certPath="/root/cert/${domain}"
mkdir -p "$certPath"
-
+
# Issue certificate
echo -e "${green}Issuing SSL certificate for ${domain}...${plain}"
echo -e "${yellow}Note: Port 80 must be open and accessible from the internet${plain}"
-
- ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force >/dev/null 2>&1
+
+ ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force > /dev/null 2>&1
~/.acme.sh/acme.sh --issue -d ${domain} --listen-v6 --standalone --httpport 80 --force
-
+
if [ $? -ne 0 ]; then
echo -e "${yellow}Failed to issue certificate for ${domain}${plain}"
echo -e "${yellow}Please ensure port 80 is open and try again later with: x-ui${plain}"
- rm -rf ~/.acme.sh/${domain} 2>/dev/null
- rm -rf "$certPath" 2>/dev/null
+ rm -rf ~/.acme.sh/${domain} 2> /dev/null
+ rm -rf "$certPath" 2> /dev/null
return 1
fi
-
+
# Install certificate
~/.acme.sh/acme.sh --installcert -d ${domain} \
--key-file /root/cert/${domain}/privkey.pem \
--fullchain-file /root/cert/${domain}/fullchain.pem \
- --reloadcmd "systemctl restart x-ui" >/dev/null 2>&1
-
+ --reloadcmd "systemctl restart x-ui" > /dev/null 2>&1
+
if [ $? -ne 0 ]; then
echo -e "${yellow}Failed to install certificate${plain}"
return 1
fi
-
+
# Enable auto-renew
- ~/.acme.sh/acme.sh --upgrade --auto-upgrade >/dev/null 2>&1
- chmod 600 $certPath/privkey.pem 2>/dev/null
- chmod 644 $certPath/fullchain.pem 2>/dev/null
-
+ ~/.acme.sh/acme.sh --upgrade --auto-upgrade > /dev/null 2>&1
+ chmod 600 $certPath/privkey.pem 2> /dev/null
+ chmod 644 $certPath/fullchain.pem 2> /dev/null
+
# Set certificate for panel
local webCertFile="/root/cert/${domain}/fullchain.pem"
local webKeyFile="/root/cert/${domain}/privkey.pem"
-
+
if [[ -f "$webCertFile" && -f "$webKeyFile" ]]; then
- ${xui_folder}/x-ui cert -webCert "$webCertFile" -webCertKey "$webKeyFile" >/dev/null 2>&1
+ ${xui_folder}/x-ui cert -webCert "$webCertFile" -webCertKey "$webKeyFile" > /dev/null 2>&1
echo -e "${green}SSL certificate installed and configured successfully!${plain}"
return 0
else
@@ -219,14 +219,14 @@ setup_ssl_certificate() {
# Requires acme.sh and port 80 open for HTTP-01 challenge
setup_ip_certificate() {
local ipv4="$1"
- local ipv6="$2" # optional
+ local ipv6="$2" # optional
echo -e "${green}Setting up Let's Encrypt IP certificate (shortlived profile)...${plain}"
echo -e "${yellow}Note: IP certificates are valid for ~6 days and will auto-renew.${plain}"
echo -e "${yellow}Default listener is port 80. If you choose another port, ensure external port 80 forwards to it.${plain}"
# Check for acme.sh
- if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
+ if ! command -v ~/.acme.sh/acme.sh &> /dev/null; then
install_acme
if [ $? -ne 0 ]; then
echo -e "${red}Failed to install acme.sh${plain}"
@@ -298,8 +298,8 @@ setup_ip_certificate() {
# Issue certificate with shortlived profile
echo -e "${green}Issuing IP certificate for ${ipv4}...${plain}"
- ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force >/dev/null 2>&1
-
+ ~/.acme.sh/acme.sh --set-default-ca --server letsencrypt --force > /dev/null 2>&1
+
~/.acme.sh/acme.sh --issue \
${domain_args} \
--standalone \
@@ -313,9 +313,9 @@ setup_ip_certificate() {
echo -e "${red}Failed to issue IP certificate${plain}"
echo -e "${yellow}Please ensure port ${WebPort} is reachable (or forwarded from external port 80)${plain}"
# Cleanup acme.sh data for both IPv4 and IPv6 if specified
- rm -rf ~/.acme.sh/${ipv4} 2>/dev/null
- [[ -n "$ipv6" ]] && rm -rf ~/.acme.sh/${ipv6} 2>/dev/null
- rm -rf ${certDir} 2>/dev/null
+ rm -rf ~/.acme.sh/${ipv4} 2> /dev/null
+ [[ -n "$ipv6" ]] && rm -rf ~/.acme.sh/${ipv6} 2> /dev/null
+ rm -rf ${certDir} 2> /dev/null
return 1
fi
@@ -333,19 +333,19 @@ setup_ip_certificate() {
if [[ ! -f "${certDir}/fullchain.pem" || ! -f "${certDir}/privkey.pem" ]]; then
echo -e "${red}Certificate files not found after installation${plain}"
# Cleanup acme.sh data for both IPv4 and IPv6 if specified
- rm -rf ~/.acme.sh/${ipv4} 2>/dev/null
- [[ -n "$ipv6" ]] && rm -rf ~/.acme.sh/${ipv6} 2>/dev/null
- rm -rf ${certDir} 2>/dev/null
+ rm -rf ~/.acme.sh/${ipv4} 2> /dev/null
+ [[ -n "$ipv6" ]] && rm -rf ~/.acme.sh/${ipv6} 2> /dev/null
+ rm -rf ${certDir} 2> /dev/null
return 1
fi
-
+
echo -e "${green}Certificate files installed successfully${plain}"
# Enable auto-upgrade for acme.sh (ensures cron job runs)
- ~/.acme.sh/acme.sh --upgrade --auto-upgrade >/dev/null 2>&1
+ ~/.acme.sh/acme.sh --upgrade --auto-upgrade > /dev/null 2>&1
- chmod 600 ${certDir}/privkey.pem 2>/dev/null
- chmod 644 ${certDir}/fullchain.pem 2>/dev/null
+ chmod 600 ${certDir}/privkey.pem 2> /dev/null
+ chmod 644 ${certDir}/fullchain.pem 2> /dev/null
# Configure panel to use the certificate
echo -e "${green}Setting certificate paths for the panel...${plain}"
@@ -369,9 +369,9 @@ setup_ip_certificate() {
ssl_cert_issue() {
local existing_webBasePath=$(${xui_folder}/x-ui setting -show true | grep 'webBasePath:' | awk -F': ' '{print $2}' | tr -d '[:space:]' | sed 's#^/##')
local existing_port=$(${xui_folder}/x-ui setting -show true | grep 'port:' | awk -F': ' '{print $2}' | tr -d '[:space:]')
-
+
# check for acme.sh first
- if ! command -v ~/.acme.sh/acme.sh &>/dev/null; then
+ if ! command -v ~/.acme.sh/acme.sh &> /dev/null; then
echo "acme.sh could not be found. Installing now..."
cd ~ || return 1
curl -s https://get.acme.sh | sh
@@ -387,18 +387,18 @@ ssl_cert_issue() {
local domain=""
while true; do
read -rp "Please enter your domain name: " domain
- domain="${domain// /}" # Trim whitespace
-
+ domain="${domain// /}" # Trim whitespace
+
if [[ -z "$domain" ]]; then
echo -e "${red}Domain name cannot be empty. Please try again.${plain}"
continue
fi
-
+
if ! is_domain "$domain"; then
echo -e "${red}Invalid domain format: ${domain}. Please enter a valid domain name.${plain}"
continue
fi
-
+
break
done
echo -e "${green}Your domain is: ${domain}, checking it...${plain}"
@@ -406,9 +406,9 @@ ssl_cert_issue() {
# detect existing certificate and reuse it if present
local cert_exists=0
- if ~/.acme.sh/acme.sh --list 2>/dev/null | awk '{print $1}' | grep -Fxq "${domain}"; then
+ if ~/.acme.sh/acme.sh --list 2> /dev/null | awk '{print $1}' | grep -Fxq "${domain}"; then
cert_exists=1
- local certInfo=$(~/.acme.sh/acme.sh --list 2>/dev/null | grep -F "${domain}")
+ local certInfo=$(~/.acme.sh/acme.sh --list 2> /dev/null | grep -F "${domain}")
echo -e "${yellow}Existing certificate found for ${domain}, will reuse it.${plain}"
[[ -n "${certInfo}" ]] && echo "$certInfo"
else
@@ -435,7 +435,7 @@ ssl_cert_issue() {
# Stop panel temporarily
echo -e "${yellow}Stopping panel temporarily...${plain}"
- systemctl stop x-ui 2>/dev/null || rc-service x-ui stop 2>/dev/null
+ systemctl stop x-ui 2> /dev/null || rc-service x-ui stop 2> /dev/null
if [[ ${cert_exists} -eq 0 ]]; then
# issue the certificate
@@ -444,7 +444,7 @@ ssl_cert_issue() {
if [ $? -ne 0 ]; then
echo -e "${red}Issuing certificate failed, please check logs.${plain}"
rm -rf ~/.acme.sh/${domain}
- systemctl start x-ui 2>/dev/null || rc-service x-ui start 2>/dev/null
+ systemctl start x-ui 2> /dev/null || rc-service x-ui start 2> /dev/null
return 1
else
echo -e "${green}Issuing certificate succeeded, installing certificates...${plain}"
@@ -464,18 +464,18 @@ ssl_cert_issue() {
echo -e "${green}\t0.${plain} Keep default reloadcmd"
read -rp "Choose an option: " choice
case "$choice" in
- 1)
- echo -e "${green}Reloadcmd is: systemctl reload nginx ; systemctl restart x-ui${plain}"
- reloadCmd="systemctl reload nginx ; systemctl restart x-ui"
- ;;
- 2)
- echo -e "${yellow}It's recommended to put x-ui restart at the end${plain}"
- read -rp "Please enter your custom reloadcmd: " reloadCmd
- echo -e "${green}Reloadcmd is: ${reloadCmd}${plain}"
- ;;
- *)
- echo -e "${green}Keeping default reloadcmd${plain}"
- ;;
+ 1)
+ echo -e "${green}Reloadcmd is: systemctl reload nginx ; systemctl restart x-ui${plain}"
+ reloadCmd="systemctl reload nginx ; systemctl restart x-ui"
+ ;;
+ 2)
+ echo -e "${yellow}It's recommended to put x-ui restart at the end${plain}"
+ read -rp "Please enter your custom reloadcmd: " reloadCmd
+ echo -e "${green}Reloadcmd is: ${reloadCmd}${plain}"
+ ;;
+ *)
+ echo -e "${green}Keeping default reloadcmd${plain}"
+ ;;
esac
fi
@@ -492,14 +492,14 @@ ssl_cert_issue() {
installWroteFiles=1
fi
- if [[ -f "/root/cert/${domain}/privkey.pem" && -f "/root/cert/${domain}/fullchain.pem" && ( ${installRc} -eq 0 || ${installWroteFiles} -eq 1 ) ]]; then
+ if [[ -f "/root/cert/${domain}/privkey.pem" && -f "/root/cert/${domain}/fullchain.pem" && (${installRc} -eq 0 || ${installWroteFiles} -eq 1) ]]; then
echo -e "${green}Installing certificate succeeded, enabling auto renew...${plain}"
else
echo -e "${red}Installing certificate failed, exiting.${plain}"
if [[ ${cert_exists} -eq 0 ]]; then
rm -rf ~/.acme.sh/${domain}
fi
- systemctl start x-ui 2>/dev/null || rc-service x-ui start 2>/dev/null
+ systemctl start x-ui 2> /dev/null || rc-service x-ui start 2> /dev/null
return 1
fi
@@ -518,7 +518,7 @@ ssl_cert_issue() {
fi
# Restart panel
- systemctl start x-ui 2>/dev/null || rc-service x-ui start 2>/dev/null
+ systemctl start x-ui 2> /dev/null || rc-service x-ui start 2> /dev/null
# Prompt user to set panel paths after successful certificate installation
read -rp "Would you like to set this certificate for the panel? (y/n): " setPanel
@@ -534,21 +534,21 @@ ssl_cert_issue() {
echo ""
echo -e "${green}Access URL: https://${domain}:${existing_port}/${existing_webBasePath}${plain}"
echo -e "${yellow}Panel will restart to apply SSL certificate...${plain}"
- systemctl restart x-ui 2>/dev/null || rc-service x-ui restart 2>/dev/null
+ systemctl restart x-ui 2> /dev/null || rc-service x-ui restart 2> /dev/null
else
echo -e "${red}Error: Certificate or private key file not found for domain: $domain.${plain}"
fi
else
echo -e "${yellow}Skipping panel path setting.${plain}"
fi
-
+
return 0
}
# Unified interactive SSL setup (domain or IP)
# Sets global `SSL_HOST` to the chosen domain/IP
prompt_and_setup_ssl() {
local panel_port="$1"
- local web_base_path="$2" # expected without leading slash
+ local web_base_path="$2" # expected without leading slash
local server_ip="$3"
local ssl_choice=""
@@ -559,132 +559,132 @@ prompt_and_setup_ssl() {
echo -e "${green}3.${plain} Custom SSL Certificate (Path to existing files)"
echo -e "${blue}Note:${plain} Options 1 & 2 require port 80 open. Option 3 requires manual paths."
read -rp "Choose an option (default 2 for IP): " ssl_choice
- ssl_choice="${ssl_choice// /}" # Trim whitespace
-
+ ssl_choice="${ssl_choice// /}" # Trim whitespace
+
# Default to 2 (IP cert) if input is empty or invalid (not 1 or 3)
if [[ "$ssl_choice" != "1" && "$ssl_choice" != "3" ]]; then
ssl_choice="2"
fi
case "$ssl_choice" in
- 1)
- # User chose Let's Encrypt domain option
- echo -e "${green}Using Let's Encrypt for domain certificate...${plain}"
- if ssl_cert_issue; then
- local cert_domain="${SSL_ISSUED_DOMAIN}"
- if [[ -z "${cert_domain}" ]]; then
- cert_domain=$(~/.acme.sh/acme.sh --list 2>/dev/null | tail -1 | awk '{print $1}')
- fi
+ 1)
+ # User chose Let's Encrypt domain option
+ echo -e "${green}Using Let's Encrypt for domain certificate...${plain}"
+ if ssl_cert_issue; then
+ local cert_domain="${SSL_ISSUED_DOMAIN}"
+ if [[ -z "${cert_domain}" ]]; then
+ cert_domain=$(~/.acme.sh/acme.sh --list 2> /dev/null | tail -1 | awk '{print $1}')
+ fi
- if [[ -n "${cert_domain}" ]]; then
- SSL_HOST="${cert_domain}"
- echo -e "${green}✓ SSL certificate configured successfully with domain: ${cert_domain}${plain}"
+ if [[ -n "${cert_domain}" ]]; then
+ SSL_HOST="${cert_domain}"
+ echo -e "${green}✓ SSL certificate configured successfully with domain: ${cert_domain}${plain}"
+ else
+ echo -e "${yellow}SSL setup may have completed, but domain extraction failed${plain}"
+ SSL_HOST="${server_ip}"
+ fi
else
- echo -e "${yellow}SSL setup may have completed, but domain extraction failed${plain}"
+ echo -e "${red}SSL certificate setup failed for domain mode.${plain}"
SSL_HOST="${server_ip}"
fi
- else
- echo -e "${red}SSL certificate setup failed for domain mode.${plain}"
- SSL_HOST="${server_ip}"
- fi
- ;;
- 2)
- # User chose Let's Encrypt IP certificate option
- echo -e "${green}Using Let's Encrypt for IP certificate (shortlived profile)...${plain}"
-
- # Ask for optional IPv6
- local ipv6_addr=""
- read -rp "Do you have an IPv6 address to include? (leave empty to skip): " ipv6_addr
- ipv6_addr="${ipv6_addr// /}" # Trim whitespace
-
- # Stop panel if running (port 80 needed)
- if [[ $release == "alpine" ]]; then
- rc-service x-ui stop >/dev/null 2>&1
- else
- systemctl stop x-ui >/dev/null 2>&1
- fi
-
- setup_ip_certificate "${server_ip}" "${ipv6_addr}"
- if [ $? -eq 0 ]; then
- SSL_HOST="${server_ip}"
- echo -e "${green}✓ Let's Encrypt IP certificate configured successfully${plain}"
- else
- echo -e "${red}✗ IP certificate setup failed. Please check port 80 is open.${plain}"
- SSL_HOST="${server_ip}"
- fi
-
- # Restart panel after SSL is configured (restart applies new cert settings)
- if [[ $release == "alpine" ]]; then
- rc-service x-ui restart >/dev/null 2>&1
- else
- systemctl restart x-ui >/dev/null 2>&1
- fi
+ ;;
+ 2)
+ # User chose Let's Encrypt IP certificate option
+ echo -e "${green}Using Let's Encrypt for IP certificate (shortlived profile)...${plain}"
- ;;
- 3)
- # User chose Custom Paths (User Provided) option
- echo -e "${green}Using custom existing certificate...${plain}"
- local custom_cert=""
- local custom_key=""
- local custom_domain=""
+ # Ask for optional IPv6
+ local ipv6_addr=""
+ read -rp "Do you have an IPv6 address to include? (leave empty to skip): " ipv6_addr
+ ipv6_addr="${ipv6_addr// /}" # Trim whitespace
- # 3.1 Request Domain to compose Panel URL later
- read -rp "Please enter domain name certificate issued for: " custom_domain
- custom_domain="${custom_domain// /}" # Remove spaces
-
- # 3.2 Loop for Certificate Path
- while true; do
- read -rp "Input certificate path (keywords: .crt / fullchain): " custom_cert
- # Strip quotes if present
- custom_cert=$(echo "$custom_cert" | tr -d '"' | tr -d "'")
-
- if [[ -f "$custom_cert" && -r "$custom_cert" && -s "$custom_cert" ]]; then
- break
- elif [[ ! -f "$custom_cert" ]]; then
- echo -e "${red}Error: File does not exist! Try again.${plain}"
- elif [[ ! -r "$custom_cert" ]]; then
- echo -e "${red}Error: File exists but is not readable (check permissions)!${plain}"
+ # Stop panel if running (port 80 needed)
+ if [[ $release == "alpine" ]]; then
+ rc-service x-ui stop > /dev/null 2>&1
else
- echo -e "${red}Error: File is empty!${plain}"
+ systemctl stop x-ui > /dev/null 2>&1
fi
- done
- # 3.3 Loop for Private Key Path
- while true; do
- read -rp "Input private key path (keywords: .key / privatekey): " custom_key
- # Strip quotes if present
- custom_key=$(echo "$custom_key" | tr -d '"' | tr -d "'")
-
- if [[ -f "$custom_key" && -r "$custom_key" && -s "$custom_key" ]]; then
- break
- elif [[ ! -f "$custom_key" ]]; then
- echo -e "${red}Error: File does not exist! Try again.${plain}"
- elif [[ ! -r "$custom_key" ]]; then
- echo -e "${red}Error: File exists but is not readable (check permissions)!${plain}"
+ setup_ip_certificate "${server_ip}" "${ipv6_addr}"
+ if [ $? -eq 0 ]; then
+ SSL_HOST="${server_ip}"
+ echo -e "${green}✓ Let's Encrypt IP certificate configured successfully${plain}"
else
- echo -e "${red}Error: File is empty!${plain}"
+ echo -e "${red}✗ IP certificate setup failed. Please check port 80 is open.${plain}"
+ SSL_HOST="${server_ip}"
fi
- done
- # 3.4 Apply Settings via x-ui binary
- ${xui_folder}/x-ui cert -webCert "$custom_cert" -webCertKey "$custom_key" >/dev/null 2>&1
+ # Restart panel after SSL is configured (restart applies new cert settings)
+ if [[ $release == "alpine" ]]; then
+ rc-service x-ui restart > /dev/null 2>&1
+ else
+ systemctl restart x-ui > /dev/null 2>&1
+ fi
- # Set SSL_HOST for composing Panel URL
- if [[ -n "$custom_domain" ]]; then
- SSL_HOST="$custom_domain"
- else
+ ;;
+ 3)
+ # User chose Custom Paths (User Provided) option
+ echo -e "${green}Using custom existing certificate...${plain}"
+ local custom_cert=""
+ local custom_key=""
+ local custom_domain=""
+
+ # 3.1 Request Domain to compose Panel URL later
+ read -rp "Please enter domain name certificate issued for: " custom_domain
+ custom_domain="${custom_domain// /}" # Remove spaces
+
+ # 3.2 Loop for Certificate Path
+ while true; do
+ read -rp "Input certificate path (keywords: .crt / fullchain): " custom_cert
+ # Strip quotes if present
+ custom_cert=$(echo "$custom_cert" | tr -d '"' | tr -d "'")
+
+ if [[ -f "$custom_cert" && -r "$custom_cert" && -s "$custom_cert" ]]; then
+ break
+ elif [[ ! -f "$custom_cert" ]]; then
+ echo -e "${red}Error: File does not exist! Try again.${plain}"
+ elif [[ ! -r "$custom_cert" ]]; then
+ echo -e "${red}Error: File exists but is not readable (check permissions)!${plain}"
+ else
+ echo -e "${red}Error: File is empty!${plain}"
+ fi
+ done
+
+ # 3.3 Loop for Private Key Path
+ while true; do
+ read -rp "Input private key path (keywords: .key / privatekey): " custom_key
+ # Strip quotes if present
+ custom_key=$(echo "$custom_key" | tr -d '"' | tr -d "'")
+
+ if [[ -f "$custom_key" && -r "$custom_key" && -s "$custom_key" ]]; then
+ break
+ elif [[ ! -f "$custom_key" ]]; then
+ echo -e "${red}Error: File does not exist! Try again.${plain}"
+ elif [[ ! -r "$custom_key" ]]; then
+ echo -e "${red}Error: File exists but is not readable (check permissions)!${plain}"
+ else
+ echo -e "${red}Error: File is empty!${plain}"
+ fi
+ done
+
+ # 3.4 Apply Settings via x-ui binary
+ ${xui_folder}/x-ui cert -webCert "$custom_cert" -webCertKey "$custom_key" > /dev/null 2>&1
+
+ # Set SSL_HOST for composing Panel URL
+ if [[ -n "$custom_domain" ]]; then
+ SSL_HOST="$custom_domain"
+ else
+ SSL_HOST="${server_ip}"
+ fi
+
+ echo -e "${green}✓ Custom certificate paths applied.${plain}"
+ echo -e "${yellow}Note: You are responsible for renewing these files externally.${plain}"
+
+ systemctl restart x-ui > /dev/null 2>&1 || rc-service x-ui restart > /dev/null 2>&1
+ ;;
+ *)
+ echo -e "${red}Invalid option. Skipping SSL setup.${plain}"
SSL_HOST="${server_ip}"
- fi
-
- echo -e "${green}✓ Custom certificate paths applied.${plain}"
- echo -e "${yellow}Note: You are responsible for renewing these files externally.${plain}"
-
- systemctl restart x-ui >/dev/null 2>&1 || rc-service x-ui restart >/dev/null 2>&1
- ;;
- *)
- echo -e "${red}Invalid option. Skipping SSL setup.${plain}"
- SSL_HOST="${server_ip}"
- ;;
+ ;;
esac
}
@@ -692,12 +692,12 @@ config_after_update() {
echo -e "${yellow}x-ui settings:${plain}"
${xui_folder}/x-ui setting -show true
${xui_folder}/x-ui migrate
-
+
# Properly detect empty cert by checking if cert: line exists and has content after it
- local existing_cert=$(${xui_folder}/x-ui setting -getCert true 2>/dev/null | grep 'cert:' | awk -F': ' '{print $2}' | tr -d '[:space:]')
+ local existing_cert=$(${xui_folder}/x-ui setting -getCert true 2> /dev/null | grep 'cert:' | awk -F': ' '{print $2}' | tr -d '[:space:]')
local existing_port=$(${xui_folder}/x-ui setting -show true | grep -Eo 'port: .+' | awk '{print $2}')
local existing_webBasePath=$(${xui_folder}/x-ui setting -show true | grep -Eo 'webBasePath: .+' | awk '{print $2}' | sed 's#^/##')
-
+
# Get server IP
local URL_lists=(
"https://api4.ipify.org"
@@ -709,7 +709,7 @@ config_after_update() {
)
local server_ip=""
for ip_address in "${URL_lists[@]}"; do
- local response=$(curl -s -w "\n%{http_code}" --max-time 3 "${ip_address}" 2>/dev/null)
+ local response=$(curl -s -w "\n%{http_code}" --max-time 3 "${ip_address}" 2> /dev/null)
local http_code=$(echo "$response" | tail -n1)
local ip_result=$(echo "$response" | head -n-1 | tr -d '[:space:]')
if [[ "${http_code}" == "200" && -n "${ip_result}" ]]; then
@@ -717,7 +717,7 @@ config_after_update() {
break
fi
done
-
+
# Handle missing/short webBasePath
if [[ ${#existing_webBasePath} -lt 4 ]]; then
echo -e "${yellow}WebBasePath is missing or too short. Generating a new one...${plain}"
@@ -726,7 +726,7 @@ config_after_update() {
existing_webBasePath="${config_webBasePath}"
echo -e "${green}New WebBasePath: ${config_webBasePath}${plain}"
fi
-
+
# Check and prompt for SSL if missing
if [[ -z "$existing_cert" ]]; then
echo ""
@@ -736,16 +736,16 @@ config_after_update() {
echo -e "${yellow}For security, SSL certificate is MANDATORY for all panels.${plain}"
echo -e "${yellow}Let's Encrypt now supports both domains and IP addresses!${plain}"
echo ""
-
+
if [[ -z "${server_ip}" ]]; then
echo -e "${red}Failed to detect server IP${plain}"
echo -e "${yellow}Please configure SSL manually using: x-ui${plain}"
return
fi
-
+
# Prompt and setup SSL (domain or IP)
prompt_and_setup_ssl "${existing_port}" "${existing_webBasePath}" "${server_ip}"
-
+
echo ""
echo -e "${green}═══════════════════════════════════════════${plain}"
echo -e "${green} Panel Access Information ${plain}"
@@ -768,17 +768,17 @@ config_after_update() {
update_x-ui() {
cd ${xui_folder%/x-ui}/
-
+
if [ -f "${xui_folder}/x-ui" ]; then
current_xui_version=$(${xui_folder}/x-ui -v)
echo -e "${green}Current x-ui version: ${current_xui_version}${plain}"
else
_fail "ERROR: Current x-ui version: unknown"
fi
-
+
echo -e "${green}Downloading new x-ui version...${plain}"
-
- tag_version=$(${curl_bin} -Ls "https://api.github.com/repos/MHSanaei/3x-ui/releases/latest" 2>/dev/null | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
+
+ tag_version=$(${curl_bin} -Ls "https://api.github.com/repos/MHSanaei/3x-ui/releases/latest" 2> /dev/null | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
if [[ ! -n "$tag_version" ]]; then
echo -e "${yellow}Trying to fetch version with IPv4...${plain}"
tag_version=$(${curl_bin} -4 -Ls "https://api.github.com/repos/MHSanaei/3x-ui/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
@@ -787,110 +787,110 @@ update_x-ui() {
fi
fi
echo -e "Got x-ui latest version: ${tag_version}, beginning the installation..."
- ${curl_bin} -fLRo ${xui_folder}-linux-$(arch).tar.gz https://github.com/MHSanaei/3x-ui/releases/download/${tag_version}/x-ui-linux-$(arch).tar.gz 2>/dev/null
+ ${curl_bin} -fLRo ${xui_folder}-linux-$(arch).tar.gz https://github.com/MHSanaei/3x-ui/releases/download/${tag_version}/x-ui-linux-$(arch).tar.gz 2> /dev/null
if [[ $? -ne 0 ]]; then
echo -e "${yellow}Trying to fetch version with IPv4...${plain}"
- ${curl_bin} -4fLRo ${xui_folder}-linux-$(arch).tar.gz https://github.com/MHSanaei/3x-ui/releases/download/${tag_version}/x-ui-linux-$(arch).tar.gz 2>/dev/null
+ ${curl_bin} -4fLRo ${xui_folder}-linux-$(arch).tar.gz https://github.com/MHSanaei/3x-ui/releases/download/${tag_version}/x-ui-linux-$(arch).tar.gz 2> /dev/null
if [[ $? -ne 0 ]]; then
_fail "ERROR: Failed to download x-ui, please be sure that your server can access GitHub"
fi
fi
-
+
if [[ -e ${xui_folder}/ ]]; then
echo -e "${green}Stopping x-ui...${plain}"
if [[ $release == "alpine" ]]; then
if [ -f "/etc/init.d/x-ui" ]; then
- rc-service x-ui stop >/dev/null 2>&1
- rc-update del x-ui >/dev/null 2>&1
+ rc-service x-ui stop > /dev/null 2>&1
+ rc-update del x-ui > /dev/null 2>&1
echo -e "${green}Removing old service unit version...${plain}"
- rm -f /etc/init.d/x-ui >/dev/null 2>&1
+ rm -f /etc/init.d/x-ui > /dev/null 2>&1
else
- rm x-ui-linux-$(arch).tar.gz -f >/dev/null 2>&1
+ rm x-ui-linux-$(arch).tar.gz -f > /dev/null 2>&1
_fail "ERROR: x-ui service unit not installed."
fi
else
if [ -f "${xui_service}/x-ui.service" ]; then
- systemctl stop x-ui >/dev/null 2>&1
- systemctl disable x-ui >/dev/null 2>&1
+ systemctl stop x-ui > /dev/null 2>&1
+ systemctl disable x-ui > /dev/null 2>&1
echo -e "${green}Removing old systemd unit version...${plain}"
- rm ${xui_service}/x-ui.service -f >/dev/null 2>&1
- systemctl daemon-reload >/dev/null 2>&1
+ rm ${xui_service}/x-ui.service -f > /dev/null 2>&1
+ systemctl daemon-reload > /dev/null 2>&1
else
- rm x-ui-linux-$(arch).tar.gz -f >/dev/null 2>&1
+ rm x-ui-linux-$(arch).tar.gz -f > /dev/null 2>&1
_fail "ERROR: x-ui systemd unit not installed."
fi
fi
echo -e "${green}Removing old x-ui version...${plain}"
- rm ${xui_folder} -f >/dev/null 2>&1
- rm ${xui_folder}/x-ui.service -f >/dev/null 2>&1
- rm ${xui_folder}/x-ui.service.debian -f >/dev/null 2>&1
- rm ${xui_folder}/x-ui.service.arch -f >/dev/null 2>&1
- rm ${xui_folder}/x-ui.service.rhel -f >/dev/null 2>&1
- rm ${xui_folder}/x-ui -f >/dev/null 2>&1
- rm ${xui_folder}/x-ui.sh -f >/dev/null 2>&1
+ rm ${xui_folder} -f > /dev/null 2>&1
+ rm ${xui_folder}/x-ui.service -f > /dev/null 2>&1
+ rm ${xui_folder}/x-ui.service.debian -f > /dev/null 2>&1
+ rm ${xui_folder}/x-ui.service.arch -f > /dev/null 2>&1
+ rm ${xui_folder}/x-ui.service.rhel -f > /dev/null 2>&1
+ rm ${xui_folder}/x-ui -f > /dev/null 2>&1
+ rm ${xui_folder}/x-ui.sh -f > /dev/null 2>&1
echo -e "${green}Removing old xray version...${plain}"
- rm ${xui_folder}/bin/xray-linux-amd64 -f >/dev/null 2>&1
+ rm ${xui_folder}/bin/xray-linux-amd64 -f > /dev/null 2>&1
echo -e "${green}Removing old README and LICENSE file...${plain}"
- rm ${xui_folder}/bin/README.md -f >/dev/null 2>&1
- rm ${xui_folder}/bin/LICENSE -f >/dev/null 2>&1
+ rm ${xui_folder}/bin/README.md -f > /dev/null 2>&1
+ rm ${xui_folder}/bin/LICENSE -f > /dev/null 2>&1
else
- rm x-ui-linux-$(arch).tar.gz -f >/dev/null 2>&1
+ rm x-ui-linux-$(arch).tar.gz -f > /dev/null 2>&1
_fail "ERROR: x-ui not installed."
fi
-
+
echo -e "${green}Installing new x-ui version...${plain}"
- tar zxvf x-ui-linux-$(arch).tar.gz >/dev/null 2>&1
- rm x-ui-linux-$(arch).tar.gz -f >/dev/null 2>&1
- cd x-ui >/dev/null 2>&1
- chmod +x x-ui >/dev/null 2>&1
-
+ tar zxvf x-ui-linux-$(arch).tar.gz > /dev/null 2>&1
+ rm x-ui-linux-$(arch).tar.gz -f > /dev/null 2>&1
+ cd x-ui > /dev/null 2>&1
+ chmod +x x-ui > /dev/null 2>&1
+
# Check the system's architecture and rename the file accordingly
if [[ $(arch) == "armv5" || $(arch) == "armv6" || $(arch) == "armv7" ]]; then
- mv bin/xray-linux-$(arch) bin/xray-linux-arm >/dev/null 2>&1
- chmod +x bin/xray-linux-arm >/dev/null 2>&1
+ mv bin/xray-linux-$(arch) bin/xray-linux-arm > /dev/null 2>&1
+ chmod +x bin/xray-linux-arm > /dev/null 2>&1
fi
-
- chmod +x x-ui bin/xray-linux-$(arch) >/dev/null 2>&1
-
+
+ chmod +x x-ui bin/xray-linux-$(arch) > /dev/null 2>&1
+
echo -e "${green}Downloading and installing x-ui.sh script...${plain}"
- ${curl_bin} -fLRo /usr/bin/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.sh >/dev/null 2>&1
+ ${curl_bin} -fLRo /usr/bin/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.sh > /dev/null 2>&1
if [[ $? -ne 0 ]]; then
echo -e "${yellow}Trying to fetch x-ui with IPv4...${plain}"
- ${curl_bin} -4fLRo /usr/bin/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.sh >/dev/null 2>&1
+ ${curl_bin} -4fLRo /usr/bin/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.sh > /dev/null 2>&1
if [[ $? -ne 0 ]]; then
_fail "ERROR: Failed to download x-ui.sh script, please be sure that your server can access GitHub"
fi
fi
-
- chmod +x ${xui_folder}/x-ui.sh >/dev/null 2>&1
- chmod +x /usr/bin/x-ui >/dev/null 2>&1
- mkdir -p /var/log/x-ui >/dev/null 2>&1
-
+
+ chmod +x ${xui_folder}/x-ui.sh > /dev/null 2>&1
+ chmod +x /usr/bin/x-ui > /dev/null 2>&1
+ mkdir -p /var/log/x-ui > /dev/null 2>&1
+
echo -e "${green}Changing owner...${plain}"
- chown -R root:root ${xui_folder} >/dev/null 2>&1
-
+ chown -R root:root ${xui_folder} > /dev/null 2>&1
+
if [ -f "${xui_folder}/bin/config.json" ]; then
echo -e "${green}Changing on config file permissions...${plain}"
- chmod 640 ${xui_folder}/bin/config.json >/dev/null 2>&1
+ chmod 640 ${xui_folder}/bin/config.json > /dev/null 2>&1
fi
-
+
if [[ $release == "alpine" ]]; then
echo -e "${green}Downloading and installing startup unit x-ui.rc...${plain}"
- ${curl_bin} -fLRo /etc/init.d/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.rc >/dev/null 2>&1
+ ${curl_bin} -fLRo /etc/init.d/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.rc > /dev/null 2>&1
if [[ $? -ne 0 ]]; then
- ${curl_bin} -4fLRo /etc/init.d/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.rc >/dev/null 2>&1
+ ${curl_bin} -4fLRo /etc/init.d/x-ui https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.rc > /dev/null 2>&1
if [[ $? -ne 0 ]]; then
_fail "ERROR: Failed to download startup unit x-ui.rc, please be sure that your server can access GitHub"
fi
fi
- chmod +x /etc/init.d/x-ui >/dev/null 2>&1
- chown root:root /etc/init.d/x-ui >/dev/null 2>&1
- rc-update add x-ui >/dev/null 2>&1
- rc-service x-ui start >/dev/null 2>&1
+ chmod +x /etc/init.d/x-ui > /dev/null 2>&1
+ chown root:root /etc/init.d/x-ui > /dev/null 2>&1
+ rc-update add x-ui > /dev/null 2>&1
+ rc-service x-ui start > /dev/null 2>&1
else
if [ -f "x-ui.service" ]; then
echo -e "${green}Installing systemd unit...${plain}"
- cp -f x-ui.service ${xui_service}/ >/dev/null 2>&1
+ cp -f x-ui.service ${xui_service}/ > /dev/null 2>&1
if [[ $? -ne 0 ]]; then
echo -e "${red}Failed to copy x-ui.service${plain}"
exit 1
@@ -901,62 +901,62 @@ update_x-ui() {
ubuntu | debian | armbian)
if [ -f "x-ui.service.debian" ]; then
echo -e "${green}Installing debian-like systemd unit...${plain}"
- cp -f x-ui.service.debian ${xui_service}/x-ui.service >/dev/null 2>&1
+ cp -f x-ui.service.debian ${xui_service}/x-ui.service > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
service_installed=true
fi
fi
- ;;
+ ;;
arch | manjaro | parch)
if [ -f "x-ui.service.arch" ]; then
echo -e "${green}Installing arch-like systemd unit...${plain}"
- cp -f x-ui.service.arch ${xui_service}/x-ui.service >/dev/null 2>&1
+ cp -f x-ui.service.arch ${xui_service}/x-ui.service > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
service_installed=true
fi
fi
- ;;
+ ;;
*)
if [ -f "x-ui.service.rhel" ]; then
echo -e "${green}Installing rhel-like systemd unit...${plain}"
- cp -f x-ui.service.rhel ${xui_service}/x-ui.service >/dev/null 2>&1
+ cp -f x-ui.service.rhel ${xui_service}/x-ui.service > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
service_installed=true
fi
fi
- ;;
+ ;;
esac
-
+
# If service file not found in tar.gz, download from GitHub
if [ "$service_installed" = false ]; then
echo -e "${yellow}Service files not found in tar.gz, downloading from GitHub...${plain}"
case "${release}" in
ubuntu | debian | armbian)
- ${curl_bin} -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.debian >/dev/null 2>&1
- ;;
+ ${curl_bin} -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.debian > /dev/null 2>&1
+ ;;
arch | manjaro | parch)
- ${curl_bin} -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.arch >/dev/null 2>&1
- ;;
+ ${curl_bin} -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.arch > /dev/null 2>&1
+ ;;
*)
- ${curl_bin} -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.rhel >/dev/null 2>&1
- ;;
+ ${curl_bin} -4fLRo ${xui_service}/x-ui.service https://raw.githubusercontent.com/MHSanaei/3x-ui/main/x-ui.service.rhel > /dev/null 2>&1
+ ;;
esac
-
+
if [[ $? -ne 0 ]]; then
echo -e "${red}Failed to install x-ui.service from GitHub${plain}"
exit 1
fi
fi
fi
- chown root:root ${xui_service}/x-ui.service >/dev/null 2>&1
- chmod 644 ${xui_service}/x-ui.service >/dev/null 2>&1
- systemctl daemon-reload >/dev/null 2>&1
- systemctl enable x-ui >/dev/null 2>&1
- systemctl start x-ui >/dev/null 2>&1
+ chown root:root ${xui_service}/x-ui.service > /dev/null 2>&1
+ chmod 644 ${xui_service}/x-ui.service > /dev/null 2>&1
+ systemctl daemon-reload > /dev/null 2>&1
+ systemctl enable x-ui > /dev/null 2>&1
+ systemctl start x-ui > /dev/null 2>&1
fi
-
+
config_after_update
-
+
echo -e "${green}x-ui ${tag_version}${plain} updating finished, it is running now..."
echo -e ""
echo -e "┌───────────────────────────────────────────────────────┐
diff --git a/web/assets/js/model/inbound.js b/web/assets/js/model/inbound.js
index f695d251..dfffeffe 100644
--- a/web/assets/js/model/inbound.js
+++ b/web/assets/js/model/inbound.js
@@ -697,7 +697,6 @@ class TlsStreamSettings extends XrayCommonClass {
certificates = [new TlsStreamSettings.Cert()],
alpn = [ALPN_OPTION.H2, ALPN_OPTION.HTTP1],
echServerKeys = '',
- echForceQuery = 'none',
settings = new TlsStreamSettings.Settings()
) {
super();
@@ -711,7 +710,6 @@ class TlsStreamSettings extends XrayCommonClass {
this.certs = certificates;
this.alpn = alpn;
this.echServerKeys = echServerKeys;
- this.echForceQuery = echForceQuery;
this.settings = settings;
}
@@ -744,7 +742,6 @@ class TlsStreamSettings extends XrayCommonClass {
certs,
json.alpn,
json.echServerKeys,
- json.echForceQuery,
settings,
);
}
@@ -761,7 +758,6 @@ class TlsStreamSettings extends XrayCommonClass {
certificates: TlsStreamSettings.toJsonArray(this.certs),
alpn: this.alpn,
echServerKeys: this.echServerKeys,
- echForceQuery: this.echForceQuery,
settings: this.settings,
};
}
@@ -875,7 +871,7 @@ class RealityStreamSettings extends XrayCommonClass {
if (!target && !serverNames) {
const randomTarget = typeof getRandomRealityTarget !== 'undefined'
? getRandomRealityTarget()
- : { target: 'www.apple.com:443', sni: 'www.apple.com,apple.com' };
+ : { target: 'www.amazon.com:443', sni: 'www.amazon.com,amazon.com' };
target = randomTarget.target;
serverNames = randomTarget.sni;
}
@@ -1211,15 +1207,15 @@ class QuicParams extends XrayCommonClass {
constructor(
congestion = 'bbr',
debug = false,
- brutalUp = '',
- brutalDown = '',
+ brutalUp = 65537,
+ brutalDown = 65537,
udpHop = undefined,
initStreamReceiveWindow = 8388608,
maxStreamReceiveWindow = 8388608,
initConnectionReceiveWindow = 20971520,
maxConnectionReceiveWindow = 20971520,
maxIdleTimeout = 30,
- keepAlivePeriod = 0,
+ keepAlivePeriod = 5,
disablePathMTUDiscovery = false,
maxIncomingStreams = 1024,
) {
@@ -1269,8 +1265,10 @@ class QuicParams extends XrayCommonClass {
toJson() {
const result = { congestion: this.congestion };
if (this.debug) result.debug = this.debug;
- if (this.brutalUp) result.brutalUp = this.brutalUp;
- if (this.brutalDown) result.brutalDown = this.brutalDown;
+ if (['brutal', 'force-brutal'].includes(this.congestion)) {
+ if (this.brutalUp) result.brutalUp = this.brutalUp;
+ if (this.brutalDown) result.brutalDown = this.brutalDown;
+ }
if (this.udpHop) result.udpHop = { ports: this.udpHop.ports, interval: this.udpHop.interval };
if (this.initStreamReceiveWindow > 0) result.initStreamReceiveWindow = this.initStreamReceiveWindow;
if (this.maxStreamReceiveWindow > 0) result.maxStreamReceiveWindow = this.maxStreamReceiveWindow;
diff --git a/web/assets/js/model/outbound.js b/web/assets/js/model/outbound.js
index 6be2ec1b..1c2d67d9 100644
--- a/web/assets/js/model/outbound.js
+++ b/web/assets/js/model/outbound.js
@@ -6,10 +6,10 @@ const Protocols = {
VLESS: "vless",
Trojan: "trojan",
Shadowsocks: "shadowsocks",
+ Wireguard: "wireguard",
+ Hysteria: "hysteria",
Socks: "socks",
HTTP: "http",
- Wireguard: "wireguard",
- Hysteria: "hysteria"
};
const SSMethods = {
@@ -500,7 +500,7 @@ class HysteriaStreamSettings extends CommonClass {
initConnectionReceiveWindow = 20971520,
maxConnectionReceiveWindow = 20971520,
maxIdleTimeout = 30,
- keepAlivePeriod = 0,
+ keepAlivePeriod = 2,
disablePathMTUDiscovery = false
) {
super();
@@ -789,9 +789,17 @@ class QuicParams extends CommonClass {
constructor(
congestion = 'bbr',
debug = false,
- brutalUp = '',
- brutalDown = '',
+ brutalUp = 65537,
+ brutalDown = 65537,
udpHop = undefined,
+ initStreamReceiveWindow = 8388608,
+ maxStreamReceiveWindow = 8388608,
+ initConnectionReceiveWindow = 20971520,
+ maxConnectionReceiveWindow = 20971520,
+ maxIdleTimeout = 30,
+ keepAlivePeriod = 5,
+ disablePathMTUDiscovery = false,
+ maxIncomingStreams = 1024,
) {
super();
this.congestion = congestion;
@@ -799,6 +807,14 @@ class QuicParams extends CommonClass {
this.brutalUp = brutalUp;
this.brutalDown = brutalDown;
this.udpHop = udpHop;
+ this.initStreamReceiveWindow = initStreamReceiveWindow;
+ this.maxStreamReceiveWindow = maxStreamReceiveWindow;
+ this.initConnectionReceiveWindow = initConnectionReceiveWindow;
+ this.maxConnectionReceiveWindow = maxConnectionReceiveWindow;
+ this.maxIdleTimeout = maxIdleTimeout;
+ this.keepAlivePeriod = keepAlivePeriod;
+ this.disablePathMTUDiscovery = disablePathMTUDiscovery;
+ this.maxIncomingStreams = maxIncomingStreams;
}
get hasUdpHop() {
@@ -817,15 +833,33 @@ class QuicParams extends CommonClass {
json.brutalUp,
json.brutalDown,
json.udpHop ? { ports: json.udpHop.ports, interval: json.udpHop.interval } : undefined,
+ json.initStreamReceiveWindow,
+ json.maxStreamReceiveWindow,
+ json.initConnectionReceiveWindow,
+ json.maxConnectionReceiveWindow,
+ json.maxIdleTimeout,
+ json.keepAlivePeriod,
+ json.disablePathMTUDiscovery,
+ json.maxIncomingStreams,
);
}
toJson() {
const result = { congestion: this.congestion };
if (this.debug) result.debug = this.debug;
- if (this.brutalUp) result.brutalUp = this.brutalUp;
- if (this.brutalDown) result.brutalDown = this.brutalDown;
+ if (['brutal', 'force-brutal'].includes(this.congestion)) {
+ if (this.brutalUp) result.brutalUp = this.brutalUp;
+ if (this.brutalDown) result.brutalDown = this.brutalDown;
+ }
if (this.udpHop) result.udpHop = { ports: this.udpHop.ports, interval: this.udpHop.interval };
+ if (this.initStreamReceiveWindow > 0) result.initStreamReceiveWindow = this.initStreamReceiveWindow;
+ if (this.maxStreamReceiveWindow > 0) result.maxStreamReceiveWindow = this.maxStreamReceiveWindow;
+ if (this.initConnectionReceiveWindow > 0) result.initConnectionReceiveWindow = this.initConnectionReceiveWindow;
+ if (this.maxConnectionReceiveWindow > 0) result.maxConnectionReceiveWindow = this.maxConnectionReceiveWindow;
+ if (this.maxIdleTimeout !== 30 && this.maxIdleTimeout > 0) result.maxIdleTimeout = this.maxIdleTimeout;
+ if (this.keepAlivePeriod > 0) result.keepAlivePeriod = this.keepAlivePeriod;
+ if (this.disablePathMTUDiscovery) result.disablePathMTUDiscovery = this.disablePathMTUDiscovery;
+ if (this.maxIncomingStreams > 0) result.maxIncomingStreams = this.maxIncomingStreams;
return result;
}
}
@@ -1425,14 +1459,16 @@ Outbound.FreedomSettings = class extends CommonClass {
redirect = '',
fragment = {},
noises = [],
- ipsBlocked = [],
+ finalRules = [],
) {
super();
this.domainStrategy = domainStrategy;
this.redirect = redirect;
this.fragment = fragment || {};
this.noises = Array.isArray(noises) ? noises : [];
- this.ipsBlocked = Array.isArray(ipsBlocked) ? ipsBlocked : [];
+ this.finalRules = Array.isArray(finalRules)
+ ? finalRules.map(rule => rule instanceof Outbound.FreedomSettings.FinalRule ? rule : Outbound.FreedomSettings.FinalRule.fromJson(rule))
+ : [];
}
addNoise() {
@@ -1443,13 +1479,30 @@ Outbound.FreedomSettings = class extends CommonClass {
this.noises.splice(index, 1);
}
+ addFinalRule(action = 'block') {
+ this.finalRules.push(new Outbound.FreedomSettings.FinalRule(action));
+ }
+
+ delFinalRule(index) {
+ this.finalRules.splice(index, 1);
+ }
+
static fromJson(json = {}) {
+ const finalRules = Array.isArray(json.finalRules)
+ ? json.finalRules.map(rule => Outbound.FreedomSettings.FinalRule.fromJson(rule))
+ : [];
+
+ // Backward compatibility: map legacy ipsBlocked entries to blocking finalRules.
+ if (finalRules.length === 0 && Array.isArray(json.ipsBlocked) && json.ipsBlocked.length > 0) {
+ finalRules.push(new Outbound.FreedomSettings.FinalRule('block', '', '', json.ipsBlocked, ''));
+ }
+
return new Outbound.FreedomSettings(
json.domainStrategy,
json.redirect,
json.fragment ? Outbound.FreedomSettings.Fragment.fromJson(json.fragment) : {},
json.noises ? json.noises.map(noise => Outbound.FreedomSettings.Noise.fromJson(noise)) : [],
- json.ipsBlocked || [],
+ finalRules,
);
}
@@ -1459,7 +1512,7 @@ Outbound.FreedomSettings = class extends CommonClass {
redirect: ObjectUtil.isEmpty(this.redirect) ? undefined : this.redirect,
fragment: Object.keys(this.fragment).length === 0 ? undefined : this.fragment,
noises: this.noises.length === 0 ? undefined : Outbound.FreedomSettings.Noise.toJsonArray(this.noises),
- ipsBlocked: this.ipsBlocked.length === 0 ? undefined : this.ipsBlocked,
+ finalRules: this.finalRules.length === 0 ? undefined : Outbound.FreedomSettings.FinalRule.toJsonArray(this.finalRules),
};
}
};
@@ -1521,6 +1574,37 @@ Outbound.FreedomSettings.Noise = class extends CommonClass {
}
};
+Outbound.FreedomSettings.FinalRule = class extends CommonClass {
+ constructor(action = 'block', network = '', port = '', ip = [], blockDelay = '') {
+ super();
+ this.action = action;
+ this.network = network;
+ this.port = port;
+ this.ip = Array.isArray(ip) ? ip : [];
+ this.blockDelay = blockDelay;
+ }
+
+ static fromJson(json = {}) {
+ return new Outbound.FreedomSettings.FinalRule(
+ json.action,
+ Array.isArray(json.network) ? json.network.join(',') : json.network,
+ json.port,
+ json.ip || [],
+ json.blockDelay,
+ );
+ }
+
+ toJson() {
+ return {
+ action: ['allow', 'block'].includes(this.action) ? this.action : 'block',
+ network: ObjectUtil.isEmpty(this.network) ? undefined : this.network,
+ port: ObjectUtil.isEmpty(this.port) ? undefined : this.port,
+ ip: this.ip.length === 0 ? undefined : this.ip,
+ blockDelay: this.action === 'block' && !ObjectUtil.isEmpty(this.blockDelay) ? this.blockDelay : undefined,
+ };
+ }
+};
+
Outbound.BlackholeSettings = class extends CommonClass {
constructor(type) {
super();
diff --git a/web/assets/js/model/reality_targets.js b/web/assets/js/model/reality_targets.js
index d17bcfc1..34777b5b 100644
--- a/web/assets/js/model/reality_targets.js
+++ b/web/assets/js/model/reality_targets.js
@@ -1,7 +1,5 @@
// List of popular services for VLESS Reality Target/SNI randomization
const REALITY_TARGETS = [
- { target: 'www.apple.com:443', sni: 'www.apple.com' },
- { target: 'www.icloud.com:443', sni: 'www.icloud.com' },
{ target: 'www.amazon.com:443', sni: 'www.amazon.com' },
{ target: 'aws.amazon.com:443', sni: 'aws.amazon.com' },
{ target: 'www.oracle.com:443', sni: 'www.oracle.com' },
diff --git a/web/assets/js/model/setting.js b/web/assets/js/model/setting.js
index d61d4b8e..d5b7d523 100644
--- a/web/assets/js/model/setting.js
+++ b/web/assets/js/model/setting.js
@@ -43,6 +43,7 @@ class AllSetting {
this.subDomain = "";
this.externalTrafficInformEnable = false;
this.externalTrafficInformURI = "";
+ this.restartXrayOnClientDisable = true;
this.subCertFile = "";
this.subKeyFile = "";
this.subUpdates = 12;
diff --git a/web/assets/js/subscription.js b/web/assets/js/subscription.js
index d08bfd28..aa09e1c4 100644
--- a/web/assets/js/subscription.js
+++ b/web/assets/js/subscription.js
@@ -7,6 +7,7 @@
const data = {
sId: el.getAttribute('data-sid') || '',
+ enabled: (el.getAttribute('data-enabled') || '').toLowerCase() === 'true',
subUrl: el.getAttribute('data-sub-url') || '',
subJsonUrl: el.getAttribute('data-subjson-url') || '',
subClashUrl: el.getAttribute('data-subclash-url') || '',
@@ -128,9 +129,10 @@
},
isActive() {
const now = Date.now();
+ const enabledOk = this.app.enabled;
const expiryOk = !this.app.expireMs || this.app.expireMs >= now;
const trafficOk = !this.app.totalByte || (this.app.uploadByte + this.app.downloadByte) <= this.app.totalByte;
- return expiryOk && trafficOk;
+ return enabledOk && expiryOk && trafficOk;
},
shadowrocketUrl() {
const rawUrl = this.app.subUrl + '?flag=shadowrocket';
diff --git a/web/controller/util.go b/web/controller/util.go
index 3d266f29..e1d53ba6 100644
--- a/web/controller/util.go
+++ b/web/controller/util.go
@@ -1,8 +1,10 @@
package controller
import (
+ "fmt"
"net"
"net/http"
+ "net/netip"
"strings"
"github.com/mhsanaei/3x-ui/v2/config"
@@ -14,18 +16,58 @@ import (
// getRemoteIp extracts the real IP address from the request headers or remote address.
func getRemoteIp(c *gin.Context) string {
- value := c.GetHeader("X-Real-IP")
- if value != "" {
- return value
+ if ip, ok := extractTrustedIP(c.GetHeader("X-Real-IP")); ok {
+ return ip
}
- value = c.GetHeader("X-Forwarded-For")
- if value != "" {
- ips := strings.Split(value, ",")
- return ips[0]
+
+ if xff := c.GetHeader("X-Forwarded-For"); xff != "" {
+ for _, part := range strings.Split(xff, ",") {
+ if ip, ok := extractTrustedIP(part); ok {
+ return ip
+ }
+ }
}
- addr := c.Request.RemoteAddr
- ip, _, _ := net.SplitHostPort(addr)
- return ip
+
+ if ip, ok := extractTrustedIP(c.Request.RemoteAddr); ok {
+ return ip
+ }
+
+ return "unknown"
+}
+
+func extractTrustedIP(value string) (string, bool) {
+ candidate := strings.TrimSpace(value)
+ if candidate == "" {
+ return "", false
+ }
+
+ if ip, ok := parseIPCandidate(candidate); ok {
+ return ip.String(), true
+ }
+
+ if host, _, err := net.SplitHostPort(candidate); err == nil {
+ if ip, ok := parseIPCandidate(host); ok {
+ return ip.String(), true
+ }
+ }
+
+ if strings.Count(candidate, ":") == 1 {
+ if host, _, err := net.SplitHostPort(fmt.Sprintf("[%s]", candidate)); err == nil {
+ if ip, ok := parseIPCandidate(host); ok {
+ return ip.String(), true
+ }
+ }
+ }
+
+ return "", false
+}
+
+func parseIPCandidate(value string) (netip.Addr, bool) {
+ ip, err := netip.ParseAddr(strings.TrimSpace(value))
+ if err != nil {
+ return netip.Addr{}, false
+ }
+ return ip.Unmap(), true
}
// jsonMsg sends a JSON response with a message and error status.
diff --git a/web/entity/entity.go b/web/entity/entity.go
index 7f37f564..8b340279 100644
--- a/web/entity/entity.go
+++ b/web/entity/entity.go
@@ -71,6 +71,7 @@ type AllSetting struct {
SubUpdates int `json:"subUpdates" form:"subUpdates"` // Subscription update interval in minutes
ExternalTrafficInformEnable bool `json:"externalTrafficInformEnable" form:"externalTrafficInformEnable"` // Enable external traffic reporting
ExternalTrafficInformURI string `json:"externalTrafficInformURI" form:"externalTrafficInformURI"` // URI for external traffic reporting
+ RestartXrayOnClientDisable bool `json:"restartXrayOnClientDisable" form:"restartXrayOnClientDisable"` // Restart Xray when clients are auto-disabled by expiry/traffic limit
SubEncrypt bool `json:"subEncrypt" form:"subEncrypt"` // Encrypt subscription responses
SubShowInfo bool `json:"subShowInfo" form:"subShowInfo"` // Show client information in subscriptions
SubURI string `json:"subURI" form:"subURI"` // Subscription server URI
diff --git a/web/html/common/page.html b/web/html/common/page.html
index 058682d5..47b2b654 100644
--- a/web/html/common/page.html
+++ b/web/html/common/page.html
@@ -1,6 +1,7 @@
{{ define "page/head_start" }}
+
@@ -12,6 +13,7 @@
[v-cloak] {
display: none;
}
+
/* vazirmatn-regular - arabic_latin_latin-ext */
@font-face {
font-display: swap;
@@ -21,10 +23,11 @@
src: url('{{ .base_path }}assets/Vazirmatn-UI-NL-Regular.woff2') format('woff2');
unicode-range: U+0600-06FF, U+200C-200E, U+2010-2011, U+204F, U+2E41, U+FB50-FDFF, U+FE80-FEFC, U+0030-0039;
}
+
body {
font-family: system-ui, -apple-system, BlinkMacSystemFont, 'Vazirmatn', 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;
}
-
+
/* mobile touch scrolling for tabs */
@media (max-width: 576px) {
.ant-tabs-nav-container {
@@ -34,59 +37,69 @@
overscroll-behavior-x: contain;
white-space: nowrap;
max-width: 100%;
- padding: 0 !important; /* Remove padding for arrows */
+ padding: 0 !important;
+ /* Remove padding for arrows */
}
+
.ant-tabs-nav-wrap {
overflow: visible !important;
padding: 0 !important;
}
+
.ant-tabs-nav-scroll {
overflow: visible !important;
box-shadow: none !important;
}
+
.ant-tabs-nav {
- display: flex !important;
- transform: none !important; /* Disable JS transform */
- width: auto !important;
- margin: 0 !important;
+ display: flex !important;
+ transform: none !important;
+ /* Disable JS transform */
+ width: auto !important;
+ margin: 0 !important;
}
+
.ant-tabs-tab-prev,
.ant-tabs-tab-next {
- display: none !important; /* Hide arrows */
+ display: none !important;
+ /* Hide arrows */
}
+
.ant-tabs-nav-container::-webkit-scrollbar {
display: none;
}
}
{{ .host }} – {{ i18n .title}}
-{{ end }}
+ {{ end }}
-{{ define "page/head_end" }}
+ {{ define "page/head_end" }}
{{ end }}
{{ define "page/body_start" }}
+
-{{ end }}
+ {{ end }}
-{{ define "page/body_scripts" }}
-
-
-
-
-
-
-
-
-
-{{ end }}
-
-{{ define "page/body_end" }}
+ {{ define "page/body_scripts" }}
+
+
+
+
+
+
+
+
+
+ {{ end }}
+
+ {{ define "page/body_end" }}
+
{{ end }}
\ No newline at end of file
diff --git a/web/html/component/aClientTable.html b/web/html/component/aClientTable.html
index 19915f51..977638f2 100644
--- a/web/html/component/aClientTable.html
+++ b/web/html/component/aClientTable.html
@@ -2,30 +2,39 @@
{{ i18n "qrCode" }}
-
+
{{ i18n "pages.client.edit" }}
-
+
{{ i18n "info" }}
-
+
{{ i18n "pages.inbounds.resetTraffic" }}
-
+
-
+
{{ i18n "delete"}}
-
+
-
+
@@ -34,7 +43,7 @@
-
+
{{ i18n "lastOnline" }}: [[ formatLastOnline(client.email) ]]
@@ -53,7 +62,8 @@
{{ i18n "disabled" }}
{{ i18n "online" }}
-
+
[[ client.email ]]
@@ -127,11 +137,16 @@
{{ i18n "pages.client.delayedStart" }}
[[ IntlUtil.formatDate(client.expiryTime) ]]
- [[ IntlUtil.formatRelativeTime(client.expiryTime) ]]
+ [[
+ IntlUtil.formatRelativeTime(client.expiryTime) ]]
-
+
@@ -161,7 +176,8 @@
{{ i18n "delete"}}
-
+
{{ i18n "enable"}}
@@ -175,9 +191,11 @@
| {{ i18n "pages.inbounds.traffic" }} |
- | [[ SizeFormatter.sizeFormat(getUpStats(record, client.email) + getDownStats(record, client.email)) ]] |
+ [[
+ SizeFormatter.sizeFormat(getUpStats(record, client.email) + getDownStats(record, client.email)) ]] |
-
+
|
@@ -193,11 +211,14 @@
|
-
+
-
+
|
[[ client._totalGB + "GB" ]]
@@ -212,14 +233,16 @@
|
- | [[ IntlUtil.formatRelativeTime(client.expiryTime) ]] |
+ [[
+ IntlUtil.formatRelativeTime(client.expiryTime) ]] |
{{ i18n "pages.client.delayedStart" }}
[[ IntlUtil.formatDate(client.expiryTime) ]]
-
+
|
[[ client.reset + "d" ]] |
@@ -231,11 +254,16 @@
{{ i18n "pages.client.delayedStart" }}
[[ IntlUtil.formatDate(client.expiryTime) ]]
- [[ IntlUtil.formatRelativeTime(client.expiryTime) ]]
+ [[
+ IntlUtil.formatRelativeTime(client.expiryTime) ]]
-
+
@@ -244,7 +272,8 @@
-
+
@@ -267,4 +296,4 @@
-
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/component/aCustomStatistic.html b/web/html/component/aCustomStatistic.html
index 0bff128d..be20a39a 100644
--- a/web/html/component/aCustomStatistic.html
+++ b/web/html/component/aCustomStatistic.html
@@ -1,13 +1,13 @@
{{define "component/customStatistic"}}
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
{{end}}
@@ -16,9 +16,11 @@
.dark .ant-statistic-content {
color: var(--dark-color-text-primary)
}
+
.dark .ant-statistic-title {
color: rgba(255, 255, 255, 0.55)
}
+
.ant-statistic-content {
font-size: 16px;
}
@@ -36,7 +38,7 @@
required: false
}
},
- template: `{{template "component/customStatistic"}}`,
+ template: `{{template "component/customStatistic" .}}`,
});
{{end}}
\ No newline at end of file
diff --git a/web/html/component/aPersianDatepicker.html b/web/html/component/aPersianDatepicker.html
index ebd85a08..cb4c2918 100644
--- a/web/html/component/aPersianDatepicker.html
+++ b/web/html/component/aPersianDatepicker.html
@@ -34,7 +34,7 @@
required: false,
},
},
- template: `{{template "component/persianDatepickerTemplate"}}`,
+ template: `{{template "component/persianDatepickerTemplate" .}}`,
data() {
return {
date: '',
@@ -42,7 +42,7 @@
};
},
watch: {
- value: function (date) {
+ value: function(date) {
this.date = this.convertToJalalian(date)
}
},
@@ -52,7 +52,8 @@
},
methods: {
convertToGregorian(date) {
- return date ? moment(moment(date, 'jYYYY/jMM/jDD HH:mm:ss').format('YYYY-MM-DD HH:mm:ss')) : null
+ return date ? moment(moment(date, 'jYYYY/jMM/jDD HH:mm:ss').format('YYYY-MM-DD HH:mm:ss')) :
+ null
},
convertToJalalian(date) {
return date && moment.isMoment(date) ? date.format('jYYYY/jMM/jDD HH:mm:ss') : null
diff --git a/web/html/component/aSettingListItem.html b/web/html/component/aSettingListItem.html
index 27a7abac..7ad13456 100644
--- a/web/html/component/aSettingListItem.html
+++ b/web/html/component/aSettingListItem.html
@@ -26,7 +26,7 @@
type: String,
required: false,
defaultValue: "default",
- validator: function (value) {
+ validator: function(value) {
return ['small', 'default'].includes(value)
}
}
@@ -46,4 +46,4 @@
}
})
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/component/aSidebar.html b/web/html/component/aSidebar.html
index b69c8f3f..08b39dc3 100644
--- a/web/html/component/aSidebar.html
+++ b/web/html/component/aSidebar.html
@@ -43,8 +43,7 @@
Vue.component('a-sidebar', {
data() {
return {
- tabs: [
- {
+ tabs: [{
key: '{{ .base_path }}panel/',
icon: 'dashboard',
title: '{{ i18n "menu.dashboard"}}'
@@ -79,8 +78,8 @@
},
methods: {
openLink(key) {
- return key.startsWith('http') ?
- window.open(key) :
+ return key.startsWith('http') ?
+ window.open(key) :
location.href = key
},
closeDrawer() {
@@ -97,7 +96,7 @@
}
}
},
- template: `{{template "component/sidebar/content"}}`,
+ template: `{{template "component/sidebar/content" .}}`,
});
{{end}}
\ No newline at end of file
diff --git a/web/html/component/aTableSortable.html b/web/html/component/aTableSortable.html
index 46b18c7d..fdbc247e 100644
--- a/web/html/component/aTableSortable.html
+++ b/web/html/component/aTableSortable.html
@@ -213,7 +213,7 @@
});
Vue.component('a-table-sort-trigger', {
- template: `{{template "component/sortableTableTrigger"}}`,
+ template: `{{template "component/sortableTableTrigger" .}}`,
props: {
'item-index': { type: undefined, required: false },
},
diff --git a/web/html/component/aThemeSwitch.html b/web/html/component/aThemeSwitch.html
index ca340da3..2712b1f7 100644
--- a/web/html/component/aThemeSwitch.html
+++ b/web/html/component/aThemeSwitch.html
@@ -24,9 +24,11 @@
{{define "component/themeSwitchTemplateLogin"}}
-
+
-
+
{{ i18n "menu.dark" }}
@@ -93,7 +95,7 @@
}
const themeSwitcher = createThemeSwitcher();
Vue.component('a-theme-switch', {
- template: `{{template "component/themeSwitchTemplate"}}`,
+ template: `{{template "component/themeSwitchTemplate" .}}`,
data: () => ({
themeSwitcher
}),
@@ -105,7 +107,7 @@
}
});
Vue.component('a-theme-switch-login', {
- template: `{{template "component/themeSwitchTemplateLogin"}}`,
+ template: `{{template "component/themeSwitchTemplateLogin" .}}`,
data: () => ({
themeSwitcher
}),
diff --git a/web/html/form/client.html b/web/html/form/client.html
index 9c6a7f8a..989bb471 100644
--- a/web/html/form/client.html
+++ b/web/html/form/client.html
@@ -1,11 +1,5 @@
{{define "form/client"}}
-
+
@@ -16,33 +10,22 @@
{{ i18n "pages.inbounds.emailDesc" }}
{{ i18n "pages.inbounds.email" }}
-
+
-
+
{{ i18n "reset" }}
{{ i18n "password" }}
-
-
+
+
@@ -55,42 +38,26 @@
{{ i18n "reset" }}
Auth Password
-
+
-
+
{{ i18n "reset" }}
ID
-
+
-
-
- [[ key ]]
+
+
+ [[ key ]]
@@ -100,10 +67,7 @@
{{ i18n "pages.inbounds.subscriptionDesc" }}
Subscription
-
+
@@ -118,11 +82,7 @@
-
+
@@ -139,9 +99,7 @@
-
+
@@ -160,25 +118,15 @@
-
+
-
+
{{ i18n "none" }}
- [[ key ]]
+ [[ key ]]
@@ -201,45 +149,28 @@
{{ i18n "pages.inbounds.resetTraffic" }}
-
+
-
+
- {{ i18n "pages.inbounds.leaveBlankToNeverExpire" }}
+ {{ i18n "pages.inbounds.leaveBlankToNeverExpire" }}
{{ i18n "pages.inbounds.expireDate" }}
-
-
+
+
Expired
@@ -253,4 +184,4 @@
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/inbound.html b/web/html/form/inbound.html
index 736a1fd4..61d7bc57 100644
--- a/web/html/form/inbound.html
+++ b/web/html/form/inbound.html
@@ -102,69 +102,69 @@
- {{template "form/vmess"}}
+ {{template "form/vmess" .}}
- {{template "form/vless"}}
+ {{template "form/vless" .}}
- {{template "form/trojan"}}
+ {{template "form/trojan" .}}
- {{template "form/shadowsocks"}}
+ {{template "form/shadowsocks" .}}
- {{template "form/tunnel"}}
+ {{template "form/tunnel" .}}
- {{template "form/mixed"}}
+ {{template "form/mixed" .}}
- {{template "form/http"}}
+ {{template "form/http" .}}
- {{template "form/wireguard"}}
+ {{template "form/wireguard" .}}
- {{template "form/tun"}}
+ {{template "form/tun" .}}
- {{template "form/hysteria"}}
+ {{template "form/hysteria" .}}
- {{template "form/streamSettings"}}
- {{template "form/externalProxy" }}
+ {{template "form/streamSettings" .}}
+ {{template "form/externalProxy" .}}
- {{template "form/tlsSettings"}}
+ {{template "form/tlsSettings" .}}
- {{template "form/sniffing"}}
+ {{template "form/sniffing" .}}
diff --git a/web/html/form/outbound.html b/web/html/form/outbound.html
index a425f3d4..519c4cbc 100644
--- a/web/html/form/outbound.html
+++ b/web/html/form/outbound.html
@@ -1,36 +1,18 @@
{{define "form/outbound"}}
-
+
-
+
-
- [[ y ]]
+
+ [[ y ]]
-
-
+
+
@@ -39,109 +21,124 @@
-
- [[ s ]]
+
+ [[ s ]]
-
-
-
+
+
+
+
+ Final Rule [[ index + 1 ]]
+
+
+
+
+
+ allow
+ block
+
+
+
+
+
+
+
+ Optional: tcp, udp, tcp,udp
+
+ Network
+
+
+
+
+
+
+
+
+
+
+ Optional: same format as routing port, e.g. 53,443,1000-2000
+
+ Port
+
+
+
+
+
+
+
+
+
+
+ Optional IP/CIDR/geoip list, e.g. geoip:cn, 10.0.0.0/8
+
+ IP
+
+
+
+
+
+
+
+
+
+
+
-
+
-
- [[ s ]]
+
+ [[ s ]]
-
+
-
+
-
+
-
+
-
+
Noise [[ index + 1 ]]
-
+ :style="{ color: 'rgb(255, 77, 79)', cursor: 'pointer' }">
-
- [[ s ]]
+
+ [[ s ]]
@@ -151,13 +148,8 @@
-
- [[ s ]]
+
+ [[ s ]]
@@ -167,13 +159,8 @@
-
- [[ s ]]
+
+ [[ s ]]
@@ -181,47 +168,25 @@
-
- [[ s ]]
+
+ [[ s ]]
-
+
-
+
Rule [[ index + 1 ]]
-
+
-
- [[ action ]]
+
+ [[ action ]]
@@ -235,10 +200,7 @@
-
+
@@ -251,10 +213,7 @@
-
+
@@ -280,10 +239,8 @@
{{ i18n "reset" }}
{{ i18n "pages.xray.wireguard.secretKey" }}
-
+
@@ -293,28 +250,15 @@
-
- [[ wds ]]
+
+ [[ wds ]]
-
+
-
+
@@ -331,27 +275,15 @@
-
+
-
+
Peer [[ index + 1 ]]
-
+ :style="{ color: 'rgb(255, 77, 79)', cursor: 'pointer' }">
@@ -365,33 +297,17 @@
{{ i18n "pages.xray.wireguard.allowedIPs" }}
-
+
-
+
-
+
-
+
@@ -402,18 +318,12 @@
-
+
-
+
@@ -421,13 +331,8 @@
-
- [[ key ]]
+
+ [[ key ]]
@@ -440,71 +345,35 @@
-
- {{ i18n "none" }}
- [[ key ]]
+
+ {{ i18n "none" }}
+ [[ key ]]
-
+
-
+
-
+
-
+
-
+
@@ -524,9 +393,7 @@
-
+
@@ -535,26 +402,16 @@
-
- [[ method_name ]]
+
+ [[ method_name
+ ]]
-
+
@@ -562,42 +419,29 @@
-
+
-
+
TCP (RAW)
mKCP
WebSocket
gRPC
HTTPUpgrade
XHTTP
- Hysteria2
+ Hysteria2
-
+
@@ -612,40 +456,22 @@
-
+
-
+
-
+
-
+
-
+
-
+
@@ -658,10 +484,7 @@
-
+
@@ -697,64 +520,34 @@
-
- [[ key ]]
+
+ [[ key ]]
-
+
-
-
+
+
-
-
+
+
-
-
+
+
-
+
-
+
-
+
-
+
@@ -764,88 +557,49 @@
-
+
BBR (Auto)
Brutal
-
+
-
+
-
+
-
-
+
+
-
-
+
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
@@ -853,39 +607,21 @@
-
-
+
+
-
+
TCP Mask [[ index + 1 ]]
-
+
-
+
Fragment
Header Custom
Sudoku
@@ -938,21 +674,14 @@
-
+
Clients Group [[ gi + 1 ]]
-
+
@@ -983,21 +712,14 @@
-
+
Servers Group [[ gi + 1 ]]
-
+
@@ -1020,9 +742,9 @@
-
-
-
+
+
+
@@ -1030,72 +752,34 @@
-
-
+
+
-
-
+
+
UDP Mask [[ index + 1 ]]
-
+
-
-
- Salamander (Hysteria2)
+ :dropdown-class-name="themeSwitcher.currentTheme">
+
+ Salamander (Hysteria2)
- mKCP AES-128-GCM
- Header DNS
- Header DTLS 1.2
- Header SRTP
- Header uTP
- Header WeChat Video
- Header WireGuard
- mKCP Original
+ mKCP AES-128-GCM
+ Header DNS
+ Header DTLS 1.2
+ Header SRTP
+ Header uTP
+ Header WeChat Video
+ Header WireGuard
+ mKCP Original
xDNS
xICMP
Header Custom
@@ -1103,30 +787,16 @@
-
-
+
+
-
+
-
+
@@ -1134,28 +804,18 @@
-
+
Noise [[ index + 1 ]]
-
+
-
+
Array
String
Hex
@@ -1167,10 +827,7 @@
-
+
@@ -1183,28 +840,18 @@
-
+
Client [[ index + 1 ]]
-
+
-
+
Array
String
Hex
@@ -1225,28 +872,18 @@
-
+
Server [[ index + 1 ]]
-
+
-
+
Array
String
Hex
@@ -1268,16 +905,10 @@
-
+
-
+
@@ -1290,10 +921,8 @@
-
+
Reno
BBR
Brutal
@@ -1305,10 +934,10 @@
-
+
-
+
@@ -1316,35 +945,43 @@
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
@@ -1353,15 +990,10 @@
-
+
{{ i18n "none" }}
TLS
- Reality
+ Reality
@@ -1369,41 +1001,26 @@
-
+
None
- [[ key ]]
+ [[ key ]]
-
- [[ alpn ]]
+
+ [[ alpn ]]
-
+
-
+
@@ -1411,18 +1028,11 @@
-
+
-
- [[ key ]]
+
+ [[ key ]]
@@ -1432,14 +1042,10 @@
-
+
-
+
@@ -1450,30 +1056,18 @@
-
- [[ tag ]]
+
+ [[ tag ]]
-
- [[ key ]]
+
+ [[ key ]]
-
+
@@ -1485,19 +1079,11 @@
-
- CF-Connecting-IP
+
+ CF-Connecting-IP
X-Real-IP
- True-Client-IP
+ True-Client-IP
X-Client-IP
@@ -1510,29 +1096,14 @@
-
+
-
+
-
- [[ c ]]
+
+ [[ c ]]
@@ -1541,18 +1112,12 @@
-
+
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/dokodemo.html b/web/html/form/protocol/dokodemo.html
index b73a7641..1dbace29 100644
--- a/web/html/form/protocol/dokodemo.html
+++ b/web/html/form/protocol/dokodemo.html
@@ -25,13 +25,13 @@
TCP
UDP
-
+
- {{template "form/streamSockopt"}}
+ {{template "form/streamSockopt" .}}
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/http.html b/web/html/form/protocol/http.html
index fb1d74b0..dd0512f5 100644
--- a/web/html/form/protocol/http.html
+++ b/web/html/form/protocol/http.html
@@ -5,7 +5,8 @@
{{ i18n "username" }} |
{{ i18n "password" }} |
-
+
|
@@ -23,4 +24,4 @@
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/hysteria.html b/web/html/form/protocol/hysteria.html
index f612f056..5613dfc5 100644
--- a/web/html/form/protocol/hysteria.html
+++ b/web/html/form/protocol/hysteria.html
@@ -1,9 +1,7 @@
{{define "form/hysteria"}}
-
+
- {{template "form/client"}}
+ {{template "form/client" .}}
@@ -22,11 +20,9 @@
-
+
-
+
{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/shadowsocks.html b/web/html/form/protocol/shadowsocks.html
index 31d94f81..12371399 100644
--- a/web/html/form/protocol/shadowsocks.html
+++ b/web/html/form/protocol/shadowsocks.html
@@ -1,12 +1,8 @@
{{define "form/shadowsocks"}}
-
+
- {{template "form/client"}}
+ {{template "form/client" .}}
@@ -16,10 +12,8 @@
{{ i18n "pages.inbounds.email" }} |
Password |
-
+
| [[ client.email ]] |
[[ client.password ]] |
@@ -27,20 +21,11 @@
-
+
-
- [[ method_name ]]
+
+ [[ method_name ]]
@@ -50,20 +35,15 @@
{{ i18n "reset" }}
Password
-
+
-
+
TCP,UDP
TCP
UDP
@@ -73,4 +53,4 @@
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/socks.html b/web/html/form/protocol/socks.html
index 6ffa32a8..8a968453 100644
--- a/web/html/form/protocol/socks.html
+++ b/web/html/form/protocol/socks.html
@@ -1,9 +1,5 @@
{{define "form/mixed"}}
-
+
@@ -11,10 +7,8 @@
-
+
@@ -22,42 +16,21 @@
| {{ i18n "username" }} |
{{ i18n "password" }} |
-
+
|
-
-
- [[ index+1 ]]
+
+
+ [[ index+1 ]]
-
+
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/trojan.html b/web/html/form/protocol/trojan.html
index 234e7adc..5d36808d 100644
--- a/web/html/form/protocol/trojan.html
+++ b/web/html/form/protocol/trojan.html
@@ -1,7 +1,7 @@
{{define "form/trojan"}}
- {{template "form/client"}}
+ {{template "form/client" .}}
@@ -19,35 +19,35 @@
-
-
-
-
-
+
+
+
+
+
-
-
- Fallback [[ index + 1 ]]
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- {{end}}
\ No newline at end of file
+
+
+ Fallback [[ index + 1 ]]
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/tun.html b/web/html/form/protocol/tun.html
index 236f65cf..d1b95025 100644
--- a/web/html/form/protocol/tun.html
+++ b/web/html/form/protocol/tun.html
@@ -1,9 +1,5 @@
{{define "form/tun"}}
-
+
@@ -26,38 +22,18 @@
-
+
-
+
-
+
-
+
@@ -69,26 +45,14 @@
-
+
-
+
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/vless.html b/web/html/form/protocol/vless.html
index 1ff83839..f8ee1542 100644
--- a/web/html/form/protocol/vless.html
+++ b/web/html/form/protocol/vless.html
@@ -1,7 +1,7 @@
{{define "form/vless"}}
- {{template "form/client"}}
+ {{template "form/client" .}}
@@ -12,8 +12,7 @@
{{ i18n "pages.inbounds.email" }} |
ID |
-
+
| [[ client.email ]] |
[[ client.id ]] |
@@ -21,104 +20,104 @@
-
-
-
- None
- X25519 (not
- Post-Quantum)
- ML-KEM-768
- (Post-Quantum)
-
-
-
-
-
-
-
-
-
-
- Get New
- keys
- Clear
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+ None
+ X25519 (not
+ Post-Quantum)
+ ML-KEM-768
+ (Post-Quantum)
+
+
+
+
+
+
+
+
+
+
+ Get New
+ keys
+ Clear
+
+
+
+
+
+
+
+
+
+
+
-
-
- Fallback [[ index + 1 ]]
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Rand
-
-
- Reset
-
-
-
-
-
-
- {{end}}
\ No newline at end of file
+
+
+ Fallback [[ index + 1 ]]
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Rand
+
+
+ Reset
+
+
+
+
+
+
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/protocol/vmess.html b/web/html/form/protocol/vmess.html
index 63f05d5b..1beb4259 100644
--- a/web/html/form/protocol/vmess.html
+++ b/web/html/form/protocol/vmess.html
@@ -1,7 +1,7 @@
{{define "form/vmess"}}
- {{template "form/client"}}
+ {{template "form/client" .}}
@@ -12,8 +12,8 @@
ID |
{{ i18n "security" }} |
-
+
| [[ client.email ]] |
[[ client.id ]] |
[[ client.security ]] |
diff --git a/web/html/form/sniffing.html b/web/html/form/sniffing.html
index f9cf6b9c..7d13a099 100644
--- a/web/html/form/sniffing.html
+++ b/web/html/form/sniffing.html
@@ -1,9 +1,5 @@
{{define "form/sniffing"}}
-
+
{{ i18n "enabled" }}
@@ -19,9 +15,7 @@
- [[ value ]]
+ [[ value ]]
@@ -31,23 +25,13 @@
-
+
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/external_proxy.html b/web/html/form/stream/external_proxy.html
index 5447abfd..5c13df1b 100644
--- a/web/html/form/stream/external_proxy.html
+++ b/web/html/form/stream/external_proxy.html
@@ -1,67 +1,31 @@
{{define "form/externalProxy"}}
-
+
-
+
-
+
-
- {{ i18n "pages.inbounds.same" }}
+
+ {{ i18n "pages.inbounds.same" }}
{{ i18n "none" }}
TLS
-
+
-
+
-
+
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_finalmask.html b/web/html/form/stream/stream_finalmask.html
index 9fc8e3c9..0e28b476 100644
--- a/web/html/form/stream/stream_finalmask.html
+++ b/web/html/form/stream/stream_finalmask.html
@@ -1,446 +1,339 @@
{{define "form/streamFinalMask"}}
-
+
-
-
-
-
-
-
- TCP Mask [[ index + 1 ]]
-
-
-
-
- Fragment
- Header Custom
- Sudoku
-
-
-
-
-
-
-
- tlshello
- 1-3
- 1-5
+
+
+
+
+
+
+ TCP Mask [[ index + 1 ]]
+
+
+
+
+ Fragment
+ Header Custom
+ Sudoku
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+ tlshello
+ 1-3
+ 1-5
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
- Clients Group [[ gi + 1 ]]
-
-
-
-
-
- Array
- String
- Hex
- Base64
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Clients Group [[ gi + 1 ]]
+
+
+
+
+
+ Array
+ String
+ Hex
+ Base64
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Servers Group [[ gi + 1 ]]
+
+
+
+
+
+ Array
+ String
+ Hex
+ Base64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
- Servers Group [[ gi + 1 ]]
-
-
-
-
-
- Array
- String
- Hex
- Base64
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
-
-
-
-
-
-
- UDP Mask [[ index + 1 ]]
-
-
-
-
-
- Salamander (Hysteria2)
-
-
- mKCP AES-128-GCM
- Header DNS
- Header DTLS 1.2
- Header SRTP
- Header uTP
- Header WeChat Video
- Header WireGuard
- mKCP Original
- xDNS
- xICMP
- Header Custom
- Noise
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+ UDP Mask [[ index + 1 ]]
+
+
+
+
+
+ Salamander (Hysteria2)
+
+
+ mKCP AES-128-GCM
+ Header DNS
+ Header DTLS 1.2
+ Header SRTP
+ Header uTP
+ Header WeChat Video
+ Header WireGuard
+ mKCP Original
+ xDNS
+ xICMP
+ Header Custom
+ Noise
+
+
-
-
-
-
+
+
-
-
+
+
-
-
- Noise [[ index + 1 ]]
-
-
-
-
- Array
- String
- Hex
- Base64
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
-
-
-
-
-
-
-
- Client [[ index + 1 ]]
-
-
-
-
- Array
- String
- Hex
- Base64
-
+
+
+
-
-
-
+
+
+
+
+
+ Noise [[ index + 1 ]]
+
+
+
+
+ Array
+ String
+ Hex
+ Base64
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
- Server [[ index + 1 ]]
-
-
-
-
- Array
- String
- Hex
- Base64
-
+
+
+
-
-
-
+
+
+ Client [[ index + 1 ]]
+
+
+
+
+ Array
+ String
+ Hex
+ Base64
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+ Server [[ index + 1 ]]
+
+
+
+
+ Array
+ String
+ Hex
+ Base64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
+
+
@@ -450,10 +343,8 @@
-
+
Reno
BBR
Brutal
@@ -465,10 +356,10 @@
-
+
-
+
@@ -486,27 +377,32 @@
-
+
-
+
-
+
-
+
-
+
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_grpc.html b/web/html/form/stream/stream_grpc.html
index e88fc067..1d814126 100644
--- a/web/html/form/stream/stream_grpc.html
+++ b/web/html/form/stream/stream_grpc.html
@@ -1,9 +1,5 @@
{{define "form/streamGRPC"}}
-
+
@@ -14,4 +10,4 @@
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_httpupgrade.html b/web/html/form/stream/stream_httpupgrade.html
index 067adf8d..3b2398b6 100644
--- a/web/html/form/stream/stream_httpupgrade.html
+++ b/web/html/form/stream/stream_httpupgrade.html
@@ -1,13 +1,7 @@
{{define "form/streamHTTPUpgrade"}}
-
+
-
+
@@ -16,39 +10,20 @@
-
+
-
-
- [[ index+1 ]]
+
+
+ [[ index+1 ]]
-
-
+
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_hysteria.html b/web/html/form/stream/stream_hysteria.html
index 960239bd..67226fa3 100644
--- a/web/html/form/stream/stream_hysteria.html
+++ b/web/html/form/stream/stream_hysteria.html
@@ -1,14 +1,7 @@
{{define "form/streamHysteria"}}
-
+
-
+
@@ -16,85 +9,50 @@
Masquerade
-
+
File
Proxy
String
-
+
-
+
-
+
-
+
-
+
- +
+ +
-
-
- [[ index+1 ]]
+
+
+ [[ index+1 ]]
-
- -
+
+ -
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_kcp.html b/web/html/form/stream/stream_kcp.html
index e8fea76d..3d89387f 100644
--- a/web/html/form/stream/stream_kcp.html
+++ b/web/html/form/stream/stream_kcp.html
@@ -1,46 +1,22 @@
{{define "form/streamKCP"}}
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_settings.html b/web/html/form/stream/stream_settings.html
index 28ce5efd..2a918305 100644
--- a/web/html/form/stream/stream_settings.html
+++ b/web/html/form/stream/stream_settings.html
@@ -1,18 +1,10 @@
{{define "form/streamSettings"}}
-
+
-
+
TCP (RAW)
mKCP
WebSocket
@@ -25,42 +17,42 @@
- {{template "form/streamTCP"}}
+ {{template "form/streamTCP" .}}
- {{template "form/streamKCP"}}
+ {{template "form/streamKCP" .}}
- {{template "form/streamWS"}}
+ {{template "form/streamWS" .}}
- {{template "form/streamGRPC"}}
+ {{template "form/streamGRPC" .}}
- {{template "form/streamHysteria"}}
+ {{template "form/streamHysteria" .}}
- {{template "form/streamHTTPUpgrade"}}
+ {{template "form/streamHTTPUpgrade" .}}
- {{template "form/streamXHTTP"}}
+ {{template "form/streamXHTTP" .}}
- {{template "form/streamSockopt"}}
+ {{template "form/streamSockopt" .}}
- {{template "form/streamFinalMask"}}
-{{end}}
+ {{template "form/streamFinalMask" .}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_sockopt.html b/web/html/form/stream/stream_sockopt.html
index 84a96c2b..dd7acbd2 100644
--- a/web/html/form/stream/stream_sockopt.html
+++ b/web/html/form/stream/stream_sockopt.html
@@ -1,49 +1,27 @@
{{define "form/streamSockopt"}}
-
+
-
+
-
+
-
+
-
+
-
+
-
+
@@ -61,33 +39,20 @@
-
- [[ key ]]
+
+ [[ key ]]
-
- [[ key ]]
+
+ [[ key ]]
-
+
Off
Redirect
TProxy
@@ -100,15 +65,9 @@
-
- CF-Connecting-IP
+
+ CF-Connecting-IP
X-Real-IP
True-Client-IP
X-Client-IP
@@ -116,4 +75,4 @@
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_tcp.html b/web/html/form/stream/stream_tcp.html
index 47d1d515..2fb69cb0 100644
--- a/web/html/form/stream/stream_tcp.html
+++ b/web/html/form/stream/stream_tcp.html
@@ -1,31 +1,19 @@
{{define "form/streamTCP"}}
-
+
-
+
-
+
- {{ i18n "pages.inbounds.stream.general.request" }}
+ {{ i18n "pages.inbounds.stream.general.request" }}
@@ -33,66 +21,35 @@
- {{ i18n "pages.inbounds.stream.tcp.path" }}
-
+ {{ i18n "pages.inbounds.stream.tcp.path" }}
+
-
+
-
+
-
-
- [[ index+1 ]]
+
+
+ [[ index+1 ]]
-
-
+
+
- {{ i18n "pages.inbounds.stream.general.response" }}
+ {{ i18n "pages.inbounds.stream.general.response" }}
@@ -103,40 +60,22 @@
-
+
-
-
- [[ index+1 ]]
+
+
+ [[ index+1 ]]
-
+
-
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_ws.html b/web/html/form/stream/stream_ws.html
index cd0c30e5..bedd1681 100644
--- a/web/html/form/stream/stream_ws.html
+++ b/web/html/form/stream/stream_ws.html
@@ -1,9 +1,5 @@
{{define "form/streamWS"}}
-
+
@@ -14,42 +10,22 @@
-
+
-
+
-
- [[ index+1 ]]
+
+ [[ index+1 ]]
-
-
+
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/stream/stream_xhttp.html b/web/html/form/stream/stream_xhttp.html
index 8ae3a40c..342a46f1 100644
--- a/web/html/form/stream/stream_xhttp.html
+++ b/web/html/form/stream/stream_xhttp.html
@@ -1,9 +1,5 @@
{{define "form/streamXHTTP"}}
-
+
@@ -11,69 +7,34 @@
-
+
-
-
- [[ index+1 ]]
+
+
+ [[ index+1 ]]
-
-
+
+
-
- [[ key ]]
+
+ [[ key ]]
-
-
+
+
-
+
-
+
@@ -84,22 +45,13 @@
-
+
-
+
-
+
Default (queryInHeader)
queryInHeader
header
@@ -108,10 +60,7 @@
-
+
Default (repeat-x)
repeat-x
tokenish
@@ -119,10 +68,7 @@
-
+
Default (POST)
POST
PUT
@@ -130,10 +76,7 @@
-
+
Default (path)
path
header
@@ -141,20 +84,12 @@
query
-
-
+
+
-
+
Default (path)
path
header
@@ -162,23 +97,12 @@
query
-
-
+
+
-
-
+
+
Default (body)
body
header
@@ -186,27 +110,17 @@
query
-
-
+
+
-
-
+
+
-{{end}}
+{{end}}
\ No newline at end of file
diff --git a/web/html/form/tls_settings.html b/web/html/form/tls_settings.html
index 2462e901..c34a6b2b 100644
--- a/web/html/form/tls_settings.html
+++ b/web/html/form/tls_settings.html
@@ -1,14 +1,12 @@
{{define "form/tlsSettings"}}
-
+
{{ i18n "none" }}
- Reality
+ Reality
TLS
@@ -21,8 +19,7 @@
-
+
Auto
[[
value ]]
@@ -30,14 +27,12 @@
-
[[ key
]]
-
[[ key
]]
@@ -45,8 +40,7 @@
-
None
[[ key
@@ -54,9 +48,7 @@
-
+
[[ alpn
]]
@@ -75,8 +67,7 @@
- {{
+ {{
i18n "pages.inbounds.certificatePath" }}
{{
@@ -87,8 +78,7 @@
-
@@ -100,8 +90,7 @@
-
+
{{ i18n "pages.inbounds.setDefaultCert" }}
@@ -117,8 +106,7 @@
-
+
[[ key
]]
@@ -133,13 +121,6 @@
-
-
- [[
- key ]]
-
-
Get New
@@ -151,7 +132,7 @@
- {{template "form/realitySettings"}}
+ {{template "form/realitySettings" .}}
{{end}}
\ No newline at end of file
diff --git a/web/html/inbounds.html b/web/html/inbounds.html
index 821bae7b..e0a80b2b 100644
--- a/web/html/inbounds.html
+++ b/web/html/inbounds.html
@@ -2,18 +2,14 @@
{{ template "page/head_end" .}}
{{ template "page/body_start" .}}
-
+
-
+
-
+
@@ -25,8 +21,7 @@
-
@@ -34,8 +29,7 @@
-
@@ -44,19 +38,15 @@
-
+
-
@@ -70,25 +60,20 @@
-
[[ total.clients ]]
-
+
- [[
+ [[
clientEmail ]]
[[
total.deactive.length ]]
-
+
- [[
+ [[
clientEmail ]]
[[
@@ -97,19 +82,15 @@
- [[
+ [[
clientEmail ]]
- [[
+ [[
total.expiring.length ]]
-
+
- [[
+ [[
clientEmail ]]
[[
@@ -127,8 +108,7 @@
-
+
{{ i18n
"pages.inbounds.addInbound" }}
@@ -137,8 +117,7 @@
{{ i18n
"pages.inbounds.generalActions" }}
-
+
{{ i18n "pages.inbounds.importInbound" }}
@@ -160,8 +139,7 @@
{{ i18n "pages.inbounds.resetAllClientTraffics" }}
-
+
{{ i18n "pages.inbounds.delDepletedClients" }}
@@ -171,14 +149,11 @@
-
-
+
+
-
+
{{ i18n "pages.inbounds.autoRefresh" }}
+
-
-
+
{{ i18n "none" }}
+ {{ i18n "subscription.active"
+ }}
{{ i18n "disabled"
}}
{{ i18n "depleted"
@@ -227,12 +196,9 @@
}}
-
-
@@ -280,8 +245,7 @@
{{ i18n "pages.inbounds.export"}} - {{ i18n
"pages.settings.subSettings" }}
-
+
{{ i18n "pages.inbounds.delDepletedClients" }}
@@ -332,16 +296,12 @@
[[
clientCount[dbInbound.id].clients ]]
-
+
-