current
  1{lib, ...}: {
  2  den.aspects.services.provides.mihomo.nixos = {config, ...}: let
  3    RuleSet_classical = {
  4      type = "http";
  5      behavior = "classical";
  6      interval = 43200;
  7      format = "text";
  8      proxy = "🎯 ";
  9    };
 10    RuleSet_domain = {
 11      type = "http";
 12      behavior = "domain";
 13      interval = 43200;
 14      format = "text";
 15      proxy = "🎯 ";
 16    };
 17    RuleSet_ipcidr = {
 18      type = "http";
 19      behavior = "ipcidr";
 20      interval = 43200;
 21      format = "text";
 22      proxy = "🎯 ";
 23    };
 24  in {
 25    services.mihomo.config = {
 26      rules = [
 27        # 自订类规则
 28        "AND,((DOMAIN-SUFFIX,glacier.mxrouting.net),(DST-PORT,465/993)),DIRECT" # My Domain Email
 29        "AND,((RULE-SET,my_hosts),(NOT,((DST-PORT,80/443)))),DIRECT" # My VPS
 30        "AND,((DOMAIN-SUFFIX,codeberg.org),(DST-PORT,22)),DIRECT" # Codeberg SSH Port
 31
 32        # 非 IP 类规则
 33        "RULE-SET,reject_non_ip,REJECT"
 34        "RULE-SET,reject_domainset,REJECT"
 35        "RULE-SET,reject_non_ip_drop,REJECT-DROP"
 36        "RULE-SET,reject_non_ip_no_drop,REJECT"
 37        "RULE-SET,tailscale,DIRECT"
 38        "RULE-SET,cdn_domainset,🎯 "
 39        "RULE-SET,cdn_non_ip,🎯 "
 40        "RULE-SET,stream_non_ip,🇺🇸 - "
 41        "RULE-SET,telegram_non_ip, "
 42        "RULE-SET,apple_cdn,DIRECT"
 43        "RULE-SET,steam_content,DIRECT"
 44        "RULE-SET,download_domainset,🎯 "
 45        "RULE-SET,download_non_ip,🎯 "
 46        "RULE-SET,microsoft_cdn_non_ip,DIRECT"
 47        "RULE-SET,apple_cn_non_ip,DIRECT"
 48        "RULE-SET,apple_services,🍎 "
 49        "RULE-SET,microsoft_non_ip, "
 50        "RULE-SET,ai_non_ip,🤖 AIGC"
 51        "RULE-SET,global_non_ip,🎯 "
 52        "RULE-SET,domestic_non_ip,DIRECT"
 53        "RULE-SET,direct_non_ip,DIRECT"
 54        "RULE-SET,lan_non_ip,DIRECT"
 55
 56        # IP 类规则
 57        "RULE-SET,reject_ip,REJECT"
 58        "RULE-SET,telegram_ip, "
 59        "RULE-SET,stream_ip,🇺🇸 - "
 60        "RULE-SET,lan_ip,DIRECT"
 61        "RULE-SET,domestic_ip,DIRECT"
 62        "RULE-SET,china_ip,DIRECT"
 63        "MATCH,🎯 "
 64      ];
 65      rule-providers = {
 66        reject_non_ip_no_drop =
 67          RuleSet_classical
 68          // {
 69            url = "https://ruleset.skk.moe/Clash/non_ip/reject-no-drop.txt";
 70            path = "./rule_set/sukkaw_ruleset/reject_non_ip_no_drop.txt";
 71          };
 72        reject_non_ip_drop =
 73          RuleSet_classical
 74          // {
 75            url = "https://ruleset.skk.moe/Clash/non_ip/reject-drop.txt";
 76            path = "./rule_set/sukkaw_ruleset/reject_non_ip_drop.txt";
 77          };
 78        reject_non_ip =
 79          RuleSet_classical
 80          // {
 81            url = "https://ruleset.skk.moe/Clash/non_ip/reject.txt";
 82            path = "./rule_set/sukkaw_ruleset/reject_non_ip.txt";
 83          };
 84        reject_domainset =
 85          RuleSet_domain
 86          // {
 87            url = "https://ruleset.skk.moe/Clash/domainset/reject.txt";
 88            path = "./rule_set/sukkaw_ruleset/reject_domainset.txt";
 89          };
 90        reject_ip =
 91          RuleSet_classical
 92          // {
 93            url = "https://ruleset.skk.moe/Clash/ip/reject.txt";
 94            path = "./rule_set/sukkaw_ruleset/reject_ip.txt";
 95          };
 96        cdn_domainset =
 97          RuleSet_domain
 98          // {
 99            url = "https://ruleset.skk.moe/Clash/domainset/cdn.txt";
100            path = "./rule_set/sukkaw_ruleset/cdn_domainset.txt";
101          };
102        cdn_non_ip =
103          RuleSet_domain
104          // {
105            url = "https://ruleset.skk.moe/Clash/non_ip/cdn.txt";
106            path = "./rule_set/sukkaw_ruleset/cdn_non_ip.txt";
107          };
108        stream_non_ip =
109          RuleSet_classical
110          // {
111            url = "https://ruleset.skk.moe/Clash/non_ip/stream.txt";
112            path = "./rule_set/sukkaw_ruleset/stream_non_ip.txt";
113          };
114        stream_ip =
115          RuleSet_classical
116          // {
117            url = "https://ruleset.skk.moe/Clash/ip/stream.txt";
118            path = "./rule_set/sukkaw_ruleset/stream_ip.txt";
119          };
120        ai_non_ip =
121          RuleSet_classical
122          // {
123            url = "https://ruleset.skk.moe/Clash/non_ip/ai.txt";
124            path = "./rule_set/sukkaw_ruleset/ai_non_ip.txt";
125          };
126        telegram_non_ip =
127          RuleSet_classical
128          // {
129            url = "https://ruleset.skk.moe/Clash/non_ip/telegram.txt";
130            path = "./rule_set/sukkaw_ruleset/telegram_non_ip.txt";
131          };
132        telegram_ip =
133          RuleSet_classical
134          // {
135            url = "https://ruleset.skk.moe/Clash/ip/telegram.txt";
136            path = "./rule_set/sukkaw_ruleset/telegram_ip.txt";
137          };
138        apple_cdn =
139          RuleSet_domain
140          // {
141            url = "https://ruleset.skk.moe/Clash/domainset/apple_cdn.txt";
142            path = "./rule_set/sukkaw_ruleset/apple_cdn.txt";
143          };
144        apple_services =
145          RuleSet_classical
146          // {
147            url = "https://ruleset.skk.moe/Clash/non_ip/apple_services.txt";
148            path = "./rule_set/sukkaw_ruleset/apple_services.txt";
149          };
150        apple_cn_non_ip =
151          RuleSet_classical
152          // {
153            url = "https://ruleset.skk.moe/Clash/non_ip/apple_cn.txt";
154            path = "./rule_set/sukkaw_ruleset/apple_cn_non_ip.txt";
155          };
156        microsoft_cdn_non_ip =
157          RuleSet_classical
158          // {
159            url = "https://ruleset.skk.moe/Clash/non_ip/microsoft_cdn.txt";
160            path = "./rule_set/sukkaw_ruleset/microsoft_cdn_non_ip.txt";
161          };
162        microsoft_non_ip =
163          RuleSet_classical
164          // {
165            url = "https://ruleset.skk.moe/Clash/non_ip/microsoft.txt";
166            path = "./rule_set/sukkaw_ruleset/microsoft_non_ip.txt";
167          };
168        download_domainset =
169          RuleSet_domain
170          // {
171            url = "https://ruleset.skk.moe/Clash/domainset/download.txt";
172            path = "./rule_set/sukkaw_ruleset/download_domainset.txt";
173          };
174        download_non_ip =
175          RuleSet_domain
176          // {
177            url = "https://ruleset.skk.moe/Clash/non_ip/download.txt";
178            path = "./rule_set/sukkaw_ruleset/download_non_ip.txt";
179          };
180        lan_non_ip =
181          RuleSet_classical
182          // {
183            url = "https://ruleset.skk.moe/Clash/non_ip/lan.txt";
184            path = "./rule_set/sukkaw_ruleset/lan_non_ip.txt";
185          };
186        lan_ip =
187          RuleSet_classical
188          // {
189            url = "https://ruleset.skk.moe/Clash/ip/lan.txt";
190            path = "./rule_set/sukkaw_ruleset/lan_ip.txt";
191          };
192        domestic_non_ip =
193          RuleSet_classical
194          // {
195            url = "https://ruleset.skk.moe/Clash/non_ip/domestic.txt";
196            path = "./rule_set/sukkaw_ruleset/domestic_non_ip.txt";
197          };
198        direct_non_ip =
199          RuleSet_classical
200          // {
201            url = "https://ruleset.skk.moe/Clash/non_ip/direct.txt";
202            path = "./rule_set/sukkaw_ruleset/direct_non_ip.txt";
203          };
204        global_non_ip =
205          RuleSet_classical
206          // {
207            url = "https://ruleset.skk.moe/Clash/non_ip/global.txt";
208            path = "./rule_set/sukkaw_ruleset/global_non_ip.txt";
209          };
210        domestic_ip =
211          RuleSet_classical
212          // {
213            url = "https://ruleset.skk.moe/Clash/ip/domestic.txt";
214            path = "./rule_set/sukkaw_ruleset/domestic_ip.txt";
215          };
216        china_ip =
217          RuleSet_ipcidr
218          // {
219            url = "https://ruleset.skk.moe/Clash/ip/china_ip.txt";
220            path = "./rule_set/sukkaw_ruleset/china_ip.txt";
221          };
222        steam_content = {
223          type = "inline";
224          behavior = "classical";
225          payload = [
226            "DOMAIN-SUFFIX,steamcontent.com"
227          ];
228        };
229        tailscale = {
230          type = "inline";
231          behavior = "classical";
232          payload = [
233            "PROCESS-NAME,tailscale,DIRECT"
234            "PROCESS-NAME,tailscaled,DIRECT"
235            "PROCESS-NAME,.tailscaled-wrapped,DIRECT"
236          ];
237        };
238        my_hosts = {
239          type = "inline";
240          behavior = "classical";
241          payload =
242            (
243              lib.optional
244              (builtins.hasAttr "hosts-pardofelis-ipv4" config.vaultix.placeholder)
245              "IP-CIDR,${config.vaultix.placeholder.hosts-pardofelis-ipv4}/32"
246            )
247            ++ [];
248        };
249      };
250    };
251  };
252}