Hexor/OutFleet
1
0
Fork 0
mirror of https://github.com/house-of-vanity/OutFleet.git synced 2025-10-23 08:49:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
RUST
OutFleet/LLM_PROJECT_CONTEXT.md
Ultradesu 8aff8f2fb5 init rust. WIP: tls for inbounds
2025-09-18 02:56:59 +03:00

4.7 KiB
Raw Permalink Blame History

LLM Project Context - Xray Admin Panel

Project Overview

Rust-based administration panel for managing xray-core VPN proxy servers. Uses real gRPC integration with xray-core library for server communication.

Current Architecture

Core Technologies

  • Language: Rust (edition 2021)
  • Web Framework: Axum with tower-http
  • Database: PostgreSQL with Sea-ORM
  • Xray Integration: xray-core 0.2.1 library with real gRPC communication
  • Frontend: Vanilla HTML/CSS/JS with toast notifications

Module Structure

src/
├── config/          # Configuration management (args, env, file)
├── database/        # Sea-ORM entities, repositories, migrations
├── services/        # Business logic (xray gRPC client, certificates)
├── web/             # Axum handlers and routes
└── main.rs          # Application entry point

Key Features Implemented

1. Database Entities

  • Users: Basic user management
  • Servers: Xray server definitions with gRPC endpoints
  • Certificates: TLS certificates with PEM storage (binary format)
  • InboundTemplates: Reusable inbound configurations
  • ServerInbounds: Template bindings to servers with ports/certificates

2. Xray gRPC Integration

Location: src/services/xray/client.rs

  • Real xray-core library integration (NOT mock/CLI)
  • Methods: add_inbound_with_certificate(), remove_inbound(), get_stats()
  • CRITICAL: TLS certificate configuration via streamSettings with proper protobuf messages
  • Supports VLESS, VMess, Trojan, Shadowsocks protocols

3. Certificate Management

Location: src/database/entities/certificate.rs

  • Self-signed certificate generation using rcgen
  • Binary storage (cert_data, key_data as Vec)
  • PEM conversion methods: certificate_pem(), private_key_pem()
  • Separate endpoints: /certificates/{id} (basic) and /certificates/{id}/details (with PEM)

4. Template-Based Architecture

Templates define reusable inbound configurations that can be bound to servers with:

  • Port overrides
  • Certificate assignments
  • Active/inactive states

Current Status & Issues

Working Features

  • Complete CRUD for all entities
  • Real xray gRPC communication with TLS certificate support
  • Toast notification system (absolute positioning)
  • Modal-based editing interface
  • Password masking in database URL logging
  • Certificate details display with PEM content

🔧 Recent Fixes

  • StreamConfig Integration: Fixed TLS certificate configuration in xray gRPC calls
  • Certificate Display: Added /certificates/{id}/details endpoint for PEM viewing
  • Active/Inactive Management: Inbounds automatically added/removed from xray when toggled

⚠️ Current Issue

User reported certificate details still showing "Not available" - this was just fixed with the new /certificates/{id}/details endpoint.

API Structure

Endpoints

/api/users/*           # User management
/api/servers/*         # Server management
/api/servers/{id}/inbounds/*  # Server inbound management
/api/certificates/*    # Certificate management (basic)
/api/certificates/{id}/details  # Certificate details with PEM
/api/templates/*       # Template management

Configuration

  • Default port: 8080 (user tested on 8082)
  • Database: PostgreSQL with auto-migration
  • Environment variables: XRAY_ADMIN__* prefix
  • Config file: config.toml support

Testing Commands

# Run application
cargo run -- --host 0.0.0.0 --port 8082

# Test xray integration
xray api lsi --server 100.91.97.36:10085

# Check compilation
cargo check

Key Implementation Details

Xray TLS Configuration

Location: src/services/xray/client.rs:185-194

let stream_config = StreamConfig {
    protocol_name: "tcp".to_string(),
    security_type: "tls".to_string(),
    security_settings: vec![tls_message],
    // ... other fields
};

Certificate Data Flow

  1. User creates certificate via web interface
  2. PEM data stored as binary in database (cert_data, key_data)
  3. When creating inbound, certificate fetched and converted back to PEM
  4. PEM passed to xray gRPC client for TLS configuration

Database Migrations

Auto-migration enabled by default. All entities use UUID primary keys with timestamps.

Development Notes

  • User prefers English in code/comments
  • No emoji usage unless explicitly requested
  • Prefer editing existing files over creating new ones
  • Real xray-core integration required (user specifically asked not to abandon it)
  • Application tested with actual xray server at 100.91.97.36:10085

Last Working State

All features implemented and compiling. StreamConfig properly configured for TLS certificate transmission to xray servers. Certificate viewing endpoint fixed for PEM display.