current
1{lib, ...}: {
2 den.aspects.services.provides.mihomo.nixos = {config, ...}: let
3 RuleSet_classical = {
4 type = "http";
5 behavior = "classical";
6 interval = 43200;
7 format = "text";
8 proxy = "🎯 节点选择";
9 };
10 RuleSet_domain = {
11 type = "http";
12 behavior = "domain";
13 interval = 43200;
14 format = "text";
15 proxy = "🎯 节点选择";
16 };
17 RuleSet_ipcidr = {
18 type = "http";
19 behavior = "ipcidr";
20 interval = 43200;
21 format = "text";
22 proxy = "🎯 节点选择";
23 };
24 in {
25 services.mihomo.config = {
26 rules = [
27 # 自订类规则
28 "AND,((DOMAIN-SUFFIX,glacier.mxrouting.net),(DST-PORT,465/993)),DIRECT" # My Domain Email
29 "AND,((RULE-SET,my_hosts),(NOT,((DST-PORT,80/443)))),DIRECT" # My VPS
30 "AND,((DOMAIN-SUFFIX,codeberg.org),(DST-PORT,22)),DIRECT" # Codeberg SSH Port
31
32 # 非 IP 类规则
33 "RULE-SET,reject_non_ip,REJECT"
34 "RULE-SET,reject_domainset,REJECT"
35 "RULE-SET,reject_non_ip_drop,REJECT-DROP"
36 "RULE-SET,reject_non_ip_no_drop,REJECT"
37 "RULE-SET,tailscale,DIRECT"
38 "RULE-SET,cdn_domainset,🎯 节点选择"
39 "RULE-SET,cdn_non_ip,🎯 节点选择"
40 "RULE-SET,stream_non_ip,🇺🇸 - 自动选择"
41 "RULE-SET,telegram_non_ip,✈️ 电报信息"
42 "RULE-SET,apple_cdn,DIRECT"
43 "RULE-SET,steam_content,DIRECT"
44 "RULE-SET,download_domainset,🎯 节点选择"
45 "RULE-SET,download_non_ip,🎯 节点选择"
46 "RULE-SET,microsoft_cdn_non_ip,DIRECT"
47 "RULE-SET,apple_cn_non_ip,DIRECT"
48 "RULE-SET,apple_services,🍎 苹果服务"
49 "RULE-SET,microsoft_non_ip,Ⓜ️ 微软服务"
50 "RULE-SET,ai_non_ip,🤖 AIGC"
51 "RULE-SET,global_non_ip,🎯 节点选择"
52 "RULE-SET,domestic_non_ip,DIRECT"
53 "RULE-SET,direct_non_ip,DIRECT"
54 "RULE-SET,lan_non_ip,DIRECT"
55
56 # IP 类规则
57 "RULE-SET,reject_ip,REJECT"
58 "RULE-SET,telegram_ip,✈️ 电报信息"
59 "RULE-SET,stream_ip,🇺🇸 - 自动选择"
60 "RULE-SET,lan_ip,DIRECT"
61 "RULE-SET,domestic_ip,DIRECT"
62 "RULE-SET,china_ip,DIRECT"
63 "MATCH,🎯 节点选择"
64 ];
65 rule-providers = {
66 reject_non_ip_no_drop =
67 RuleSet_classical
68 // {
69 url = "https://ruleset.skk.moe/Clash/non_ip/reject-no-drop.txt";
70 path = "./rule_set/sukkaw_ruleset/reject_non_ip_no_drop.txt";
71 };
72 reject_non_ip_drop =
73 RuleSet_classical
74 // {
75 url = "https://ruleset.skk.moe/Clash/non_ip/reject-drop.txt";
76 path = "./rule_set/sukkaw_ruleset/reject_non_ip_drop.txt";
77 };
78 reject_non_ip =
79 RuleSet_classical
80 // {
81 url = "https://ruleset.skk.moe/Clash/non_ip/reject.txt";
82 path = "./rule_set/sukkaw_ruleset/reject_non_ip.txt";
83 };
84 reject_domainset =
85 RuleSet_domain
86 // {
87 url = "https://ruleset.skk.moe/Clash/domainset/reject.txt";
88 path = "./rule_set/sukkaw_ruleset/reject_domainset.txt";
89 };
90 reject_ip =
91 RuleSet_classical
92 // {
93 url = "https://ruleset.skk.moe/Clash/ip/reject.txt";
94 path = "./rule_set/sukkaw_ruleset/reject_ip.txt";
95 };
96 cdn_domainset =
97 RuleSet_domain
98 // {
99 url = "https://ruleset.skk.moe/Clash/domainset/cdn.txt";
100 path = "./rule_set/sukkaw_ruleset/cdn_domainset.txt";
101 };
102 cdn_non_ip =
103 RuleSet_domain
104 // {
105 url = "https://ruleset.skk.moe/Clash/non_ip/cdn.txt";
106 path = "./rule_set/sukkaw_ruleset/cdn_non_ip.txt";
107 };
108 stream_non_ip =
109 RuleSet_classical
110 // {
111 url = "https://ruleset.skk.moe/Clash/non_ip/stream.txt";
112 path = "./rule_set/sukkaw_ruleset/stream_non_ip.txt";
113 };
114 stream_ip =
115 RuleSet_classical
116 // {
117 url = "https://ruleset.skk.moe/Clash/ip/stream.txt";
118 path = "./rule_set/sukkaw_ruleset/stream_ip.txt";
119 };
120 ai_non_ip =
121 RuleSet_classical
122 // {
123 url = "https://ruleset.skk.moe/Clash/non_ip/ai.txt";
124 path = "./rule_set/sukkaw_ruleset/ai_non_ip.txt";
125 };
126 telegram_non_ip =
127 RuleSet_classical
128 // {
129 url = "https://ruleset.skk.moe/Clash/non_ip/telegram.txt";
130 path = "./rule_set/sukkaw_ruleset/telegram_non_ip.txt";
131 };
132 telegram_ip =
133 RuleSet_classical
134 // {
135 url = "https://ruleset.skk.moe/Clash/ip/telegram.txt";
136 path = "./rule_set/sukkaw_ruleset/telegram_ip.txt";
137 };
138 apple_cdn =
139 RuleSet_domain
140 // {
141 url = "https://ruleset.skk.moe/Clash/domainset/apple_cdn.txt";
142 path = "./rule_set/sukkaw_ruleset/apple_cdn.txt";
143 };
144 apple_services =
145 RuleSet_classical
146 // {
147 url = "https://ruleset.skk.moe/Clash/non_ip/apple_services.txt";
148 path = "./rule_set/sukkaw_ruleset/apple_services.txt";
149 };
150 apple_cn_non_ip =
151 RuleSet_classical
152 // {
153 url = "https://ruleset.skk.moe/Clash/non_ip/apple_cn.txt";
154 path = "./rule_set/sukkaw_ruleset/apple_cn_non_ip.txt";
155 };
156 microsoft_cdn_non_ip =
157 RuleSet_classical
158 // {
159 url = "https://ruleset.skk.moe/Clash/non_ip/microsoft_cdn.txt";
160 path = "./rule_set/sukkaw_ruleset/microsoft_cdn_non_ip.txt";
161 };
162 microsoft_non_ip =
163 RuleSet_classical
164 // {
165 url = "https://ruleset.skk.moe/Clash/non_ip/microsoft.txt";
166 path = "./rule_set/sukkaw_ruleset/microsoft_non_ip.txt";
167 };
168 download_domainset =
169 RuleSet_domain
170 // {
171 url = "https://ruleset.skk.moe/Clash/domainset/download.txt";
172 path = "./rule_set/sukkaw_ruleset/download_domainset.txt";
173 };
174 download_non_ip =
175 RuleSet_domain
176 // {
177 url = "https://ruleset.skk.moe/Clash/non_ip/download.txt";
178 path = "./rule_set/sukkaw_ruleset/download_non_ip.txt";
179 };
180 lan_non_ip =
181 RuleSet_classical
182 // {
183 url = "https://ruleset.skk.moe/Clash/non_ip/lan.txt";
184 path = "./rule_set/sukkaw_ruleset/lan_non_ip.txt";
185 };
186 lan_ip =
187 RuleSet_classical
188 // {
189 url = "https://ruleset.skk.moe/Clash/ip/lan.txt";
190 path = "./rule_set/sukkaw_ruleset/lan_ip.txt";
191 };
192 domestic_non_ip =
193 RuleSet_classical
194 // {
195 url = "https://ruleset.skk.moe/Clash/non_ip/domestic.txt";
196 path = "./rule_set/sukkaw_ruleset/domestic_non_ip.txt";
197 };
198 direct_non_ip =
199 RuleSet_classical
200 // {
201 url = "https://ruleset.skk.moe/Clash/non_ip/direct.txt";
202 path = "./rule_set/sukkaw_ruleset/direct_non_ip.txt";
203 };
204 global_non_ip =
205 RuleSet_classical
206 // {
207 url = "https://ruleset.skk.moe/Clash/non_ip/global.txt";
208 path = "./rule_set/sukkaw_ruleset/global_non_ip.txt";
209 };
210 domestic_ip =
211 RuleSet_classical
212 // {
213 url = "https://ruleset.skk.moe/Clash/ip/domestic.txt";
214 path = "./rule_set/sukkaw_ruleset/domestic_ip.txt";
215 };
216 china_ip =
217 RuleSet_ipcidr
218 // {
219 url = "https://ruleset.skk.moe/Clash/ip/china_ip.txt";
220 path = "./rule_set/sukkaw_ruleset/china_ip.txt";
221 };
222 steam_content = {
223 type = "inline";
224 behavior = "classical";
225 payload = [
226 "DOMAIN-SUFFIX,steamcontent.com"
227 ];
228 };
229 tailscale = {
230 type = "inline";
231 behavior = "classical";
232 payload = [
233 "PROCESS-NAME,tailscale,DIRECT"
234 "PROCESS-NAME,tailscaled,DIRECT"
235 "PROCESS-NAME,.tailscaled-wrapped,DIRECT"
236 ];
237 };
238 my_hosts = {
239 type = "inline";
240 behavior = "classical";
241 payload =
242 (
243 lib.optional
244 (builtins.hasAttr "hosts-pardofelis-ipv4" config.vaultix.placeholder)
245 "IP-CIDR,${config.vaultix.placeholder.hosts-pardofelis-ipv4}/32"
246 )
247 ++ [];
248 };
249 };
250 };
251 };
252}