den
  1{lib, ...}: {
  2  den.aspects.services.provides.mihomo.nixos = {config, ...}: let
  3    RuleSet_classical = {
  4      type = "http";
  5      behavior = "classical";
  6      interval = 43200;
  7      format = "text";
  8      proxy = "🎯 ";
  9    };
 10    RuleSet_domain = {
 11      type = "http";
 12      behavior = "domain";
 13      interval = 43200;
 14      format = "text";
 15      proxy = "🎯 ";
 16    };
 17    RuleSet_ipcidr = {
 18      type = "http";
 19      behavior = "ipcidr";
 20      interval = 43200;
 21      format = "text";
 22      proxy = "🎯 ";
 23    };
 24  in {
 25    services.mihomo.config = {
 26      rules = [
 27        # 自订类规则
 28        "AND,((DOMAIN-SUFFIX,glacier.mxrouting.net),(DST-PORT,465/993)),DIRECT" # My Domain Email
 29        "AND,((RULE-SET,my_hosts),(NOT,((DST-PORT,80/443)))),DIRECT" # My VPS
 30        "AND,((DOMAIN-SUFFIX,codeberg.org),(DST-PORT,22)),DIRECT" # Codeberg SSH Port
 31
 32        # 非 IP 类规则
 33        "RULE-SET,reject_non_ip,REJECT"
 34        "RULE-SET,reject_domainset,REJECT"
 35        "RULE-SET,reject_non_ip_drop,REJECT-DROP"
 36        "RULE-SET,reject_non_ip_no_drop,REJECT"
 37        "RULE-SET,cdn_domainset,🎯 "
 38        "RULE-SET,cdn_non_ip,🎯 "
 39        "RULE-SET,stream_non_ip,🇺🇸 - "
 40        "RULE-SET,telegram_non_ip, "
 41        "RULE-SET,apple_cdn,DIRECT"
 42        "RULE-SET,steam_content,DIRECT"
 43        "RULE-SET,download_domainset,🎯 "
 44        "RULE-SET,download_non_ip,🎯 "
 45        "RULE-SET,microsoft_cdn_non_ip,DIRECT"
 46        "RULE-SET,apple_cn_non_ip,DIRECT"
 47        "RULE-SET,apple_services,🍎 "
 48        "RULE-SET,microsoft_non_ip, "
 49        "RULE-SET,ai_non_ip,🤖 AIGC"
 50        "RULE-SET,global_non_ip,🎯 "
 51        "RULE-SET,domestic_non_ip,DIRECT"
 52        "RULE-SET,direct_non_ip,DIRECT"
 53        "RULE-SET,lan_non_ip,DIRECT"
 54
 55        # IP 类规则
 56        "RULE-SET,reject_ip,REJECT"
 57        "RULE-SET,telegram_ip, "
 58        "RULE-SET,stream_ip,🇺🇸 - "
 59        "RULE-SET,lan_ip,DIRECT"
 60        "RULE-SET,domestic_ip,DIRECT"
 61        "RULE-SET,china_ip,DIRECT"
 62        "MATCH,🎯 "
 63      ];
 64      rule-providers = {
 65        reject_non_ip_no_drop =
 66          RuleSet_classical
 67          // {
 68            url = "https://ruleset.skk.moe/Clash/non_ip/reject-no-drop.txt";
 69            path = "./rule_set/sukkaw_ruleset/reject_non_ip_no_drop.txt";
 70          };
 71        reject_non_ip_drop =
 72          RuleSet_classical
 73          // {
 74            url = "https://ruleset.skk.moe/Clash/non_ip/reject-drop.txt";
 75            path = "./rule_set/sukkaw_ruleset/reject_non_ip_drop.txt";
 76          };
 77        reject_non_ip =
 78          RuleSet_classical
 79          // {
 80            url = "https://ruleset.skk.moe/Clash/non_ip/reject.txt";
 81            path = "./rule_set/sukkaw_ruleset/reject_non_ip.txt";
 82          };
 83        reject_domainset =
 84          RuleSet_domain
 85          // {
 86            url = "https://ruleset.skk.moe/Clash/domainset/reject.txt";
 87            path = "./rule_set/sukkaw_ruleset/reject_domainset.txt";
 88          };
 89        reject_ip =
 90          RuleSet_classical
 91          // {
 92            url = "https://ruleset.skk.moe/Clash/ip/reject.txt";
 93            path = "./rule_set/sukkaw_ruleset/reject_ip.txt";
 94          };
 95        cdn_domainset =
 96          RuleSet_domain
 97          // {
 98            url = "https://ruleset.skk.moe/Clash/domainset/cdn.txt";
 99            path = "./rule_set/sukkaw_ruleset/cdn_domainset.txt";
100          };
101        cdn_non_ip =
102          RuleSet_domain
103          // {
104            url = "https://ruleset.skk.moe/Clash/non_ip/cdn.txt";
105            path = "./rule_set/sukkaw_ruleset/cdn_non_ip.txt";
106          };
107        stream_non_ip =
108          RuleSet_classical
109          // {
110            url = "https://ruleset.skk.moe/Clash/non_ip/stream.txt";
111            path = "./rule_set/sukkaw_ruleset/stream_non_ip.txt";
112          };
113        stream_ip =
114          RuleSet_classical
115          // {
116            url = "https://ruleset.skk.moe/Clash/ip/stream.txt";
117            path = "./rule_set/sukkaw_ruleset/stream_ip.txt";
118          };
119        ai_non_ip =
120          RuleSet_classical
121          // {
122            url = "https://ruleset.skk.moe/Clash/non_ip/ai.txt";
123            path = "./rule_set/sukkaw_ruleset/ai_non_ip.txt";
124          };
125        telegram_non_ip =
126          RuleSet_classical
127          // {
128            url = "https://ruleset.skk.moe/Clash/non_ip/telegram.txt";
129            path = "./rule_set/sukkaw_ruleset/telegram_non_ip.txt";
130          };
131        telegram_ip =
132          RuleSet_classical
133          // {
134            url = "https://ruleset.skk.moe/Clash/ip/telegram.txt";
135            path = "./rule_set/sukkaw_ruleset/telegram_ip.txt";
136          };
137        apple_cdn =
138          RuleSet_domain
139          // {
140            url = "https://ruleset.skk.moe/Clash/domainset/apple_cdn.txt";
141            path = "./rule_set/sukkaw_ruleset/apple_cdn.txt";
142          };
143        apple_services =
144          RuleSet_classical
145          // {
146            url = "https://ruleset.skk.moe/Clash/non_ip/apple_services.txt";
147            path = "./rule_set/sukkaw_ruleset/apple_services.txt";
148          };
149        apple_cn_non_ip =
150          RuleSet_classical
151          // {
152            url = "https://ruleset.skk.moe/Clash/non_ip/apple_cn.txt";
153            path = "./rule_set/sukkaw_ruleset/apple_cn_non_ip.txt";
154          };
155        microsoft_cdn_non_ip =
156          RuleSet_classical
157          // {
158            url = "https://ruleset.skk.moe/Clash/non_ip/microsoft_cdn.txt";
159            path = "./rule_set/sukkaw_ruleset/microsoft_cdn_non_ip.txt";
160          };
161        microsoft_non_ip =
162          RuleSet_classical
163          // {
164            url = "https://ruleset.skk.moe/Clash/non_ip/microsoft.txt";
165            path = "./rule_set/sukkaw_ruleset/microsoft_non_ip.txt";
166          };
167        download_domainset =
168          RuleSet_domain
169          // {
170            url = "https://ruleset.skk.moe/Clash/domainset/download.txt";
171            path = "./rule_set/sukkaw_ruleset/download_domainset.txt";
172          };
173        download_non_ip =
174          RuleSet_domain
175          // {
176            url = "https://ruleset.skk.moe/Clash/non_ip/download.txt";
177            path = "./rule_set/sukkaw_ruleset/download_non_ip.txt";
178          };
179        lan_non_ip =
180          RuleSet_classical
181          // {
182            url = "https://ruleset.skk.moe/Clash/non_ip/lan.txt";
183            path = "./rule_set/sukkaw_ruleset/lan_non_ip.txt";
184          };
185        lan_ip =
186          RuleSet_classical
187          // {
188            url = "https://ruleset.skk.moe/Clash/ip/lan.txt";
189            path = "./rule_set/sukkaw_ruleset/lan_ip.txt";
190          };
191        domestic_non_ip =
192          RuleSet_classical
193          // {
194            url = "https://ruleset.skk.moe/Clash/non_ip/domestic.txt";
195            path = "./rule_set/sukkaw_ruleset/domestic_non_ip.txt";
196          };
197        direct_non_ip =
198          RuleSet_classical
199          // {
200            url = "https://ruleset.skk.moe/Clash/non_ip/direct.txt";
201            path = "./rule_set/sukkaw_ruleset/direct_non_ip.txt";
202          };
203        global_non_ip =
204          RuleSet_classical
205          // {
206            url = "https://ruleset.skk.moe/Clash/non_ip/global.txt";
207            path = "./rule_set/sukkaw_ruleset/global_non_ip.txt";
208          };
209        domestic_ip =
210          RuleSet_classical
211          // {
212            url = "https://ruleset.skk.moe/Clash/ip/domestic.txt";
213            path = "./rule_set/sukkaw_ruleset/domestic_ip.txt";
214          };
215        china_ip =
216          RuleSet_ipcidr
217          // {
218            url = "https://ruleset.skk.moe/Clash/ip/china_ip.txt";
219            path = "./rule_set/sukkaw_ruleset/china_ip.txt";
220          };
221        steam_content = {
222          type = "inline";
223          behavior = "classical";
224          payload = [
225            "DOMAIN-SUFFIX,steamcontent.com"
226          ];
227        };
228        my_hosts = {
229          type = "inline";
230          behavior = "classical";
231          payload =
232            (
233              lib.optional
234              (builtins.hasAttr "hosts-pardofelis-ipv4" config.vaultix.placeholder)
235              "IP-CIDR,${config.vaultix.placeholder.hosts-pardofelis-ipv4}/32"
236            )
237            ++ [];
238        };
239      };
240    };
241  };
242}