| Age | Commit message (Collapse) | Author |
|---|
|
Add a configurable option to restart Xray when clients are auto-disabled and persist disable actions.
Changes include:
- New setting restartXrayOnClientDisable (default true), getters/setters in SettingService, UI toggle in general settings, and translations for multiple locales.
- AddTraffic signature updated to return a third bool (clientsDisabled). disableInvalidClients now calls Xray API to remove users, marks client_traffics.enable=false, updates inbound.Settings JSON so clients appear disabled in stored settings, and returns appropriate counts/errors.
- XrayTrafficJob now checks the clientsDisabled flag and restarts Xray when the setting is enabled (with fallback to mark Xray as needing restart on failure).
- XrayService.GetXrayConfig call adjusted to ignore AddTraffic returns.
- Subscription generation (subService/subJson/subClash) no longer filters clients by their enable flag when matching subId.
- Minor fixes: check_client_ip_job now checks scanner.Err and improved API error handling/logging.
These changes ensure auto-disabled clients are propagated to Xray and the stored inbound settings, and provide an option to restart Xray automatically after auto-disable events.
|
|
Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>
|
|
* feat: Add NordVPN NordLynx (WireGuard) integration with dedicated UI and backend services.
* remove limit=10 to get all servers
* feat: add city selector to NordVPN modal
* feat: auto-select best server on country/city change
* feat: simplify filter logic and enforce > 7% load
* fix
---------
Co-authored-by: Sanaei <ho3ein.sanaei@gmail.com>
|
|
* Add SSRF protection for custom geo downloads
Introduce SSRF-safe HTTP transport for custom geo operations by adding ssrfSafeTransport and isBlockedIP helpers. The transport resolves hosts and blocks loopback, private, link-local and unspecified addresses, returning ErrCustomGeoSSRFBlocked on violations. Update probeCustomGeoURLWithGET, probeCustomGeoURL and downloadToPathOnce to use the safe transport. Also add the new error ErrCustomGeoSSRFBlocked and necessary imports. Minor whitespace/formatting adjustments in subClashService.go, web/entity/entity.go and web/service/setting.go.
* Add path traversal protection for custom geo
Prevent path traversal when handling custom geo downloads by adding ErrCustomGeoPathTraversal and a validateDestPath() helper that ensures destination paths stay inside the bin folder. Call validateDestPath from downloadToPathOnce, Update and Delete paths and wrap errors appropriately. Reconstruct sanitized URLs in sanitizeURL to break taint propagation before use. Map the new path-traversal error to a user-facing i18n message in the controller.
* fix
|
|
* docs(agents): add AI agent guidance documentation
* feat(sub): add Clash/Mihomo YAML subscription service
Add SubClashService to convert subscription links to Clash/Mihomo
YAML format for direct client compatibility.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(sub): integrate Clash YAML endpoint into subscription system
- Add Clash route handler in SUBController
- Update BuildURLs to include Clash URL
- Pass Clash settings through subscription pipeline
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(web): add Clash settings to entity and service
- Add SubClashEnable, SubClashPath, SubClashURI fields
- Add getter methods for Clash configuration
- Set default Clash path to /clash/ and enable by default
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(ui): add Clash settings to subscription panels
- Add Clash enable switch in general subscription settings
- Add Clash path/URI configuration in formats panel
- Display Clash QR code on subscription page
- Rename JSON tab to "Formats" for clarity
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(js): add Clash support to frontend models
- Add subClashEnable, subClashPath, subClashURI to AllSetting
- Generate and display Clash QR code on subscription page
- Handle Clash URL in subscription data binding
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Sanaei <ho3ein.sanaei@gmail.com>
|
|
|
|
Add a createRobustFastHTTPClient helper to configure fasthttp.Client with better timeouts, connection limits, retries and optional SOCKS5 proxy dialing. Validate and sanitize proxy and API server URLs instead of returning early on invalid values, and build telego.Bot options dynamically. Reduce long-polling timeout to detect connection issues faster and adjust update retrieval comments. Implement exponential-backoff retry logic for SendMessage calls to handle transient connection/timeouts and improve delivery reliability; also reduce inter-message delay for better throughput.
|
|
|
|
* add outbound testing functionality with configurable test URL
* use no kernel tun for conflict errors
|
|
* feat: more subscription information fields
* fix: incorrect translation
* feat: implement field for Happ custom routing rules
|
|
|
|
|
|
* add ldap component
* fix: fix russian comments, tls cert verify default true
* feat: remove replaces go mod for local dev
|
|
|
|
|
|
|
|
|
|
after this subEnable by default is true
and subJsonEnable is false
|
|
|
|
* chore: add `resetTwoFactor` argument for main.go
fixes #3025
* chore: reset two-factor authentication after changing admin credentials
* chore: reset two-factor authentication after changing admin credentials
---------
Co-authored-by: somebodywashere <68244480+somebodywashere@users.noreply.github.com>
Co-authored-by: Sanaei <ho3ein.sanaei@gmail.com>
|
|
* chore: implement 2fa auth
from #2786
* chore: format code
* chore: replace two factor token input with qr-code
* chore: requesting confirmation of setting/removing two-factor authentication
otpauth library was taken from cdnjs
* chore: revert changes in `ClipboardManager`
don't need it.
* chore: removing twoFactor prop in settings page
* chore: remove `twoFactorQr` object in `mounted` function
|
|
* feat: custom subscription title in panel
* feat: added translations
|
|
|
|
|
|
* Add Setting entity + GUI field in panel settings
* Add a missing 'Traffic' in InformEnabale field
* Add ExternalTrafficURL Post request call
* Add translation + cleanup
* Move options to General tab
---------
Co-authored-by: root <root@vm3562019.stark-industries.solutions>
Co-authored-by: root <root@vm3688062.stark-industries.solutions>
|
|
* Revert "json post base path bug fixed (#2647)"
This reverts commit 04cf250a547bb64265d256e7d15af7cea5ecfa67.
* Revert "Group Management of Subscription Clients"
* Revert "fix getSubGroupClients for enable/disable and edit clients."
* Revert "Enhance database initialization in db.go (#2645)"
This reverts commit 66fe84181b9c4e2f6c6be943a7f486b4308c32ff.
* Revert "Add checkpoint handling in CloseDB function (#2646)"
This reverts commit 4dd40f6f192e3f94f2ea4fe9e942e6663b5a1527.
* Revert "Improved database model migration and added indexing (#2655)"
This reverts commit b922d986d6783ce28d00ca948024dee44a11f29e.
|
|
* add group user with the same subscription id to all inbounds
* code format compare
* add await for reset client traffic
* en language changed
* added client traffic syncer job
* handle exist email duplicate in sub group
* multi reset and delete request for clients group
* add client traffic syncer setting option
* vi translate file updated
* auto open qr-modal bug fixed
|
|
|
|
we need this if we want to add SSH port forwarding
|
|
|
|
+ type
|
|
|
|
freedom
|
|
|
|
|
|
|
|
* Add webBasePath update feature to CLI
* Add certificate setting update to CLI
* Revert "Add certificate setting update to CLI"
This reverts commit 2a937d59d7c1f3edeb66782a4b235bafc89dfff6.
* Add certificate setting update to CLI
(cherry picked from commit 2a937d59d7c1f3edeb66782a4b235bafc89dfff6)
|
|
|
|
* [iplimit] fix access log path in settings service
better to avoid hardcoding the access log path to enhance flexibility. not all users prefer the default './access.log'
* [iplimit] fix iplimit
|
|
|
|
Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>
|
|
* [refactor] api controller
* [fix] access log path
better to not hardcode the access log path, maybe some ppl dont want to use the default ./access.log
* [fix] set select options from logs paths in xray settings
* [update] .gitignore
* [lint] all .go files
* [update] use status code for jsonMsg and 401 to unauthorize
* [update] handle response status code via axios
* [fix] set correct value if log paths is set to 'none'
we also use the default value for the paths if its set to none
* [fix] iplimit - only warning access log if f2b is installed
|
|
Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>
|
|
Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>
|
|
* socks5 option added to telegram bot settings
* update socks5 proxy settings translations
|
|
* added datepicker option in setting page
jalalian datepicker component was added
translate files for datepicker updated
* dark mode bug fixed
|
|
|
|
|
|
|
|
Co-Authored-By: SudoSpace <79229394+sudospaes@users.noreply.github.com>
|
