3x-ui

mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-05-26 07:08:01 +00:00

Author	SHA1	Message	Date
Sanaei	85e2ded0e1	Feat/multi inbound clients (#4469 ) * feat(clients): add shadow tables for first-class client promotion Introduces three new GORM-backed tables (clients, client_inbounds, inbound_fallback_children) and a populate-only seeder that backfills them from each inbound's existing settings.clients JSON. Duplicate emails across inbounds auto-merge under one client row, with each field conflict logged. Existing services are unchanged and continue reading from settings.clients — this commit is groundwork only. * feat(clients): make clients+client_inbounds the runtime source of truth Adds ClientService.SyncInbound that reconciles the new tables from each inbound's clients list whenever existing service paths mutate settings.clients. Wires it into AddInbound, UpdateInbound, AddInboundClient, UpdateInboundClient, DelInboundClient, DelInboundClientByEmail, DelDepletedClients, autoRenewClients, and the timestamp-backfill path in adjustTraffics, plus DetachInbound on DelInbound. GetXrayConfig now builds settings.clients from the new tables before writing config.json, and getInboundsBySubId joins through them instead of JSON_EACH on settings JSON. Live Xray config and subscription endpoints are now driven by the relational view; settings.clients JSON stays in step as a side effect of every write. * feat(clients): add top-level Clients tab and CRUD API Adds /panel/api/clients endpoints (list, get, add, update, del, attach, detach) backed by ClientService methods that orchestrate the per-inbound Add/Update/Del flows so a single client row is created once and attached to many inbounds in one operation. The frontend gains a dedicated Clients page (frontend/clients.html + src/pages/clients/) with an AntD table, multi-inbound attach modal, and full CRUD. Axios interceptor learns to honour Content-Type: application/json so the JSON endpoints work alongside the legacy form-encoded ones. The legacy per-inbound client modal stays untouched in this PR — both flows now write to the same source of truth. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(inbounds): add Port-with-Fallback inbound type Adds a new "portfallback" protocol that emits as a VLESS-TLS inbound under the hood but is paired with a sidecar table of child inbounds. Panel auto-builds settings.fallbacks at Xray-config-gen time from the sidecar — each child's listen+port becomes the fallback dest, with SNI/ALPN/path/xver match criteria pulled from the row. No more typing loopback ports by hand or keeping settings.fallbacks in sync. Backend: new FallbackService (Get/SetChildren, BuildFallbacksJSON); two new routes (GET/POST /panel/api/inbounds/:id/fallbackChildren); xray.GetXrayConfig injects fallbacks for PortFallback inbounds; the inbound model emits protocol="vless" so Xray accepts the config. Frontend: PORTFALLBACK joins the protocol dropdown; selecting it shows the standard VLESS controls plus a Fallback Children table (inbound picker + per-row SNI/ALPN/path/xver). Children are loaded on edit and replaced atomically on save. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(clients): add Reset Traffic, QR Code, Info actions + Online/Remaining columns The Clients page table gains: - Online column — green/grey tag driven by /panel/api/inbounds/onlines, polled every 10s. - Remaining column — bytes-remaining tag, coloured green/orange/red against quota, purple infinity when unlimited. - Action icons per row: QR, Info, Reset traffic, Edit, Delete. ClientInfoModal shows the full client detail (uuid/password/auth, traffic ↑/↓ + remaining + all-time, expiry absolute + relative, attached inbounds chip list, online + last-online). ClientQrModal fetches links for the client's subId via /panel/api/inbounds/getSubLinks/:subId and renders each one through the existing QrPanel component. Reset Traffic confirms then calls the existing per-inbound endpoint on the client's first attached inbound (the traffic row is keyed on email globally, so any attached inbound resets the shared counter). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): expose Attached inbounds in edit mode The multi-select was gated on add-only, so editing a client had no way to change which inbounds it belonged to. The picker now shows in both modes, and on submit the modal diffs the picked set against the original attachedIds — additions go through the /attach endpoint, removals through /detach, both after the field update lands so the new attachments get the latest values. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): unbreak template parsing + stale i18n keys - InboundFormModal: split the multi-line help string in the PortFallback section onto one line — Vue's template parser was bailing on Unterminated string constant because a single-quoted literal spanned two lines inside a {{ }} interpolation. - ClientInfoModal: t('disable') was missing at the root level, so vue-i18n returned the key path literally. Use t('disabled') which exists. - Linter cleanup elsewhere: pages.client.* references renamed to pages.clients.* to match the merged i18n block; whitespace normalisation in a few unrelated Vue templates. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * 1 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(traffic): drop all-time traffic tracking Removes the AllTime field from Inbound and ClientTraffic and migrates existing DBs by dropping the all_time columns on startup. The counter duplicated up+down without adding signal, and the per-event accumulator ran on every traffic write. Frontend: drop the All-time column from the inbound list and the client-row table, the All-time row from the client info modal, and the All-Time Total Usage tile from the inbounds summary card. The allTimeTraffic/allTimeTrafficUsage i18n keys are removed across every locale. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(clients): mobile cards, multi-select, bulk add Adds the same row-card layout the inbounds page uses on mobile: the table is suppressed under the mobile breakpoint and each client renders as a compact card with a status dot, email, Info button, Enable switch, and overflow menu. All the per-client detail (traffic, remaining, expiry, attached inbounds, flow, created/updated, URL, subscription) opens through the existing info modal. Multi-select with bulk delete wires AntD row-selection on desktop and a per-card checkbox on mobile; a Delete (N) button appears in the toolbar when anything is selected. Bulk add reuses the five email-generation modes from the inbound bulk modal but takes a multi-inbound picker so one bulk run can attach to several inbounds at once. Submits client-by-client through the existing /panel/api/clients/add endpoint. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(inbounds): remove legacy per-inbound client UI Now that clients live as first-class rows attached to one or many inbounds, the per-inbound client UI on the inbounds page is dead weight — every client action either has a global equivalent on the Clients page or makes no sense in a many-to-many world. Deletes ClientFormModal, ClientBulkModal, CopyClientsModal, and ClientRowTable from inbounds/. Strips the matching emits, refs, handlers, and dropdown menu items from InboundList and InboundsPage, and removes the dead mobile expand-chevron state and the desktop expanded-row plumbing that drove the inline client table. The InboundFormModal Clients tab still works in add-mode (one inline client at inbound creation) — that flow goes through ClientService. SyncInbound on save and remains useful. Fixes a stray "</a-dropdown>" left over by an earlier toolbar edit in ClientsPage that broke the template parser. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(clients): add Delete depleted action Mirrors the legacy delDepletedClients action that lived under the inbounds page, but as a first-class /panel/api/clients/delDepleted endpoint backed by ClientService. The new path goes through ClientService.Delete for each depleted email, so the new clients + client_inbounds + xray_client_traffic tables stay consistent. Adds a danger-styled toolbar button on the Clients page (next to Reset all client traffic) with a confirm dialog and a toast reporting the deleted count. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(api): move every client-shaped endpoint off /inbounds onto /clients After the multi-inbound client migration, client state belongs to the client API surface, not the inbound one. Twelve routes that were crammed under /panel/api/inbounds/* now live where they belong, under /panel/api/clients/. Moved (route, handler, doc): POST /clientIps/:email POST /clearClientIps/:email POST /onlines POST /lastOnline POST /updateClientTraffic/:email POST /resetAllClientTraffics/:id POST /delDepletedClients/:id POST /:id/resetClientTraffic/:email GET /getClientTraffics/:email GET /getClientTrafficsById/:id GET /getSubLinks/:subId GET /getClientLinks/:id/:email Their /clients/ counterparts are: POST /clients/clientIps/:email POST /clients/clearClientIps/:email POST /clients/onlines POST /clients/lastOnline POST /clients/updateTraffic/:email POST /clients/resetTraffic/:email (email-only, fans out) GET /clients/traffic/:email GET /clients/traffic/byId/:id GET /clients/subLinks/:subId GET /clients/links/:id/:email per-inbound resetAllClientTraffics and delDepletedClients are dropped entirely — the Clients page already exposes global Reset All Traffic and Delete depleted actions, and per-inbound resets are meaningless once a client can be attached to many inbounds. ClientService.ResetTrafficByEmail is the new email-only reset path: it looks up every inbound the client is attached to and pushes the counter reset + Xray re-add through inboundService.ResetClientTraffic for each one, so depleted users come back online instantly. Frontend callers (ClientsPage, useClients, ClientQrModal, ClientInfoModal, InboundInfoModal, InboundsPage, useInbounds) all switched to the new paths. The Inbounds page drops its per-inbound "Reset client traffic" and "Delete depleted clients" dropdown items — users do those at the client level now. api-docs is rebuilt to match. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(service): switch tgbot + ldap callers to ClientService Adds two thin helpers to ClientService (CreateOne, DetachByEmail) and rewrites tgbot.SubmitAddClient and ldap_sync_job to call ClientService directly. Removes the JSON-blob payloads (BuildJSONForProtocol output for add, clientsToJSON/clientToJSON helpers) that callers previously fed to InboundService.AddInboundClient/DelInboundClient. ldap_sync_job.batchSetEnable now loops InboundService.SetClientEnableByEmail per email instead of trying to coerce AddInboundClient into doing the update — the old path would have failed duplicate-email validation for existing clients anyway. The legacy InboundService.AddInboundClient/UpdateInboundClient/ DelInboundClient methods stay in place; they are now only used internally by ClientService Create/Update/Delete/Attach. Inlining + deleting them follows in a separate commit. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(service): move all client mutation methods to ClientService Moves the client mutation surface out of InboundService and into ClientService. These methods all operate on a single client (identity fields, traffic limits, expiry, ip limit, enable state, telegram tg id) and didn't belong on the inbound aggregate. Moved (12 methods): AddInboundClient, UpdateInboundClient, DelInboundClient, DelInboundClientByEmail, checkEmailsExistForClients, SetClientTelegramUserID, checkIsEnabledByEmail, ToggleClientEnableByEmail, SetClientEnableByEmail, ResetClientIpLimitByEmail, ResetClientExpiryTimeByEmail, ResetClientTrafficLimitByEmail. Each method now takes an explicit InboundService for the helpers that legitimately stay on InboundService (GetInbound, GetClients, runtimeFor, AddClientStat / UpdateClientStat / DelClientStat, DelClientIPs / UpdateClientIPs, emailUsedByOtherInbounds, getAllEmailSubIDs, GetClientInboundByEmail / GetClientInboundByTrafficID, GetClientTrafficByEmail). Stays on InboundService: ResetClientTrafficByEmail and ResetClientTraffic(id, email) — these mutate xray_client_traffic rows, not client identity, so they're inbound-side bookkeeping. Callers updated: tgbot (6 calls), ldap_sync_job (1 call), InboundService internal (writeBackClientSubID, CopyInboundClients, AddInbound's email-uniqueness check), ClientService Create/Update/ Delete/Attach/Detach. Also removes a dead resetAllClientTraffics controller handler whose route was already gone after the previous /clients API migration. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> refactor(clients): finish migrating to ClientService + tidy IP routes Two related cleanups in the new /clients surface: 1. Move ResetAllClientTraffics (bulk-reset of xray_client_traffic + last_traffic_reset_time, with node-runtime propagation) from InboundService to ClientService. PeriodicTrafficResetJob now holds a clientService and calls j.clientService.ResetAllClientTraffics(&j.inboundService, id). The last client-mutation method on InboundService is gone. 2. Shorten redundantly-named routes/handlers under /panel/api/clients: - /clientIps/:email -> /ips/:email (handler getIps) - /clearClientIps/:email -> /clearIps/:email (handler clearIps) The "client" prefix was redundant inside the clients namespace. Frontend (InboundInfoModal) and api-docs updated to match. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(inbounds,clients): clean up inbound modal + enrich client modal Inbound modal rework (InboundFormModal.vue + inbound.js): - Drop the embedded Client subform in the Protocol tab. Multi-inbound clients are managed exclusively from the Clients page now; a fresh inbound is created with zero clients (settings constructors default to []) and the user attaches clients afterwards. - Hide the Protocol tab entirely when it has nothing to render (VMESS, Trojan without fallbacks, Hysteria). Auto-switches active tab to Basic when the tab disappears while focused. - Move the Security section (Security selector + TLS block with certs and ECH + Reality block) out of the Stream tab into its own Security tab, sharing the canEnableStream gate. Client modal additions (ClientFormModal.vue + ClientBulkAddModal.vue): - Flow select (xtls-rprx-vision / -udp443) appears only when the panel actually has a Vision-capable inbound (VLESS or PortFallback on TCP with TLS or Reality). Hidden otherwise, and cleared when it disappears. - IP Limit input is disabled when the panel-level ipLimitEnable setting is off, fetched into useClients alongside subSettings and threaded through ClientsPage to both modals. - Edit modal now shows an "IP Log" section listing IPs that have connected with the client's credentials, with refresh and clear buttons (calls the renamed /panel/api/clients/ips and /clearIps endpoints). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(inbounds): drop manual Fallbacks UI from inbound modal The PortFallback protocol type now covers the common VLESS-master-plus-children case with auto-wired dests, so the manual Fallbacks editor (showFallbacks block in the Protocol tab) is mostly redundant. Removed: - the v-if="showFallbacks" template block (SNI/ALPN/Path/dest/PROXY rows) - the showFallbacks computed - the addFallback / delFallback helpers - the .fallbacks-header / .fallbacks-title styles - the showFallbacks gate from hasProtocolTabContent (so Trojan-over-TCP no longer shows an empty Protocol tab) Power users who need a non-inbound fallback dest (nginx, static site) can still author settings.fallbacks via the Advanced JSON tab. * feat(clients,inbounds): move search/filter to Clients page + small fixes Search/filter relocation: - Remove the search/filter toolbar (search switch + filter radio + protocol/node selects + the visibleInbounds projection + inboundsFilterState localStorage + filter CSS + the SearchOutlined/ FilterOutlined/ObjectUtil/Inbound imports it required) from InboundList. The filters were all client-oriented buckets bolted onto the inbound row. - Add a search/filter toolbar to ClientsPage with the same shape: switch between deep-text search and bucket filter (active / deactive / depleted / expiring / online) + protocol filter that matches clients attached to at least one inbound with the chosen protocol. State persists in clientsFilterState localStorage. filteredClients drives both the desktop table and the mobile card list, and select-all / allSelected / someSelected only span the visible subset. - useClients now also fetches expireDiff and trafficDiff from /panel/setting/defaultSettings (used to detect the expiring bucket); ClientsPage threads them into the client-bucket helper. Loose fixes folded in: - Add Client: email field is auto-filled with a random handle on open, matching uuid/subId/password/auth. - Inbound clone: parse and reuse the source settings JSON (with clients reset to []) instead of building a fresh defaulted Settings, so VLESS Encryption/Decryption and other non-client fields survive the clone. - en-US.json: add the ipLog string used by the edit-client modal. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(clients): add Reverse tag field for VLESS-attached clients Mirrors the Flow field's pattern: a Reverse tag input appears in the Add/Edit Client modal whenever at least one selected inbound is VLESS or PortFallback. The value rides over the wire as client.reverse = { tag: '...' } so it lands directly in model.Client's ClientReverse field; an empty value omits the reverse key entirely. On edit the field is hydrated from props.client.reverse?.tag, and the showReverseTag watcher clears the field if the user drops the last VLESS-like inbound from the selection. fix(xray): emit only protocol-relevant fields per client entry The Xray config synthesizer was writing every identifier field (id, password, flow, auth, security/method, reverse) on every client entry regardless of the inbound's protocol. Xray ignores unknown fields, so the config worked, but it diverged from the spec and leaked secrets across protocols when one client was attached to multiple inbounds — a VLESS inbound's generated config carried the same client's Trojan password and Hysteria auth alongside its uuid. Switch on inbound.Protocol when building each entry: - VLESS / PortFallback: id, flow, reverse - VMess: id, security - Trojan: password, flow - Shadowsocks: password, method - Hysteria / Hysteria2: auth email is emitted for every protocol. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): restore auto-disable kick under new schema disableInvalidClients still resolved (inbound_tag, email) pairs via JSON_EACH(inbounds.settings.clients), which is empty after migrating to the clients + client_inbounds tables. Result: xrayApi.RemoveUser never ran for depleted clients, clients.enable stayed true so the UI showed them as active, and only xray_client_traffic.enable got flipped - making "Restart Xray After Auto Disable" only half-work. Resolve the targets via a JOIN through the new schema, flip clients.enable so the Clients page reflects the state, and drop the legacy JSON write-back plus the subId cascade workaround (email is unique now). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(clients): live WebSocket updates + Ended status surfacing ClientsPage now subscribes to traffic / client_stats / invalidate WebSocket events instead of polling /onlines every 10s. Per-row traffic counters refresh in place, online state stays current, and list-level mutations elsewhere trigger a refresh. The client roll-up summary moves from InboundsPage to ClientsPage where it belongs, restructured into six labeled stat tiles (Total / Online / Ended / Expiring / Disabled / Active) with email popovers on the ones with issues. Auto-disabled clients (traffic exhausted or expiry passed) now classify as 'depleted' even though clients.enable=false, so they show up under the Ended filter and render a red Ended tag instead of looking indistinguishable from an operator-disabled row. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(nodes): per-node client roll-up and panel version Added transient inboundCount / clientCount / onlineCount / depletedCount fields to model.Node, populated by NodeService.GetAll via aggregated queries (one join across inbounds + client_inbounds, one over client_traffics intersected with the in-memory online emails). The Nodes list renders these as colored chips on a new "Clients" column so an operator can see at a glance how many users each node carries and how many are currently online or depleted. Also exposes the remote panel's version. The central panel adds panelVersion to its /api/server/status payload (sourced from config.GetVersion). Probe reads that field and persists it on the node row, mirroring how xrayVersion already flows. NodesPage gets a new column next to Xray Version, in both desktop and mobile views, with English and Persian strings. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): stop node sync from resurrecting deleted clients Several related issues around node-managed clients: - Remote runtime: drop the per-inbound resetAllClientTraffics path and point traffic/onlines/lastOnline fetches at the new /panel/api/clients/* routes. - Delete from master: always push the updated inbound to the node even when the client was already disabled or depleted, so the node actually loses the user instead of silently keeping it. - setRemoteTraffic: mirror remote clients into the central tables only on first discovery of a node inbound. Matched inbounds let the master own the join table, so a stale snap can no longer re-create a ClientRecord (and join row) for a client that was just deleted on the master. - ClientService.Delete: route through submitTrafficWrite so deletes serialize with node traffic merges, and switch the final ClientRecord delete to an explicit Where("id = ?") clause. - setRemoteTraffic UNIQUE-constraint fix: use clause.OnConflict on inserts and email-keyed UPDATEs for client_traffics, so mirroring a snap doesn't trip the unique email index. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(clients): switch client API endpoints from id to email All client-scoped routes now use the unique email as the path key (get, update, del, attach, detach, links). Email is the stable, protocol-independent identifier — UUIDs don't exist for trojan or shadowsocks, and internal numeric ids leaked panel implementation detail into the public API. Removed the redundant /traffic/byId/:id endpoint (covered by /traffic/:email) and collapsed /links/:id/:email into /links/:email, which now returns links across every attached inbound for the client. Frontend selection, bulk delete, and toggle state are now keyed by email as well, dropping the id→email lookup workaround. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(server): move cached state and helpers into ServerService ServerController had grown to hold its own status cache, version-list TTL cache, history-bucket whitelist, and the loop that drove all three — concerns that belong in the service layer. Pull them out: - lastStatus + the @2s refresh become ServerService.RefreshStatus and ServerService.LastStatus; the controller's cron now just orchestrates the cross-service side effects (xrayMetrics sample, websocket broadcast). - The 15-minute Xray-versions cache (with stale-on-error fallback) moves into ServerService.GetXrayVersionsCached, collapsing the controller handler to a single call. - The freedom/blackhole outbound-tag walk used by /xraylogs becomes ServerService.GetDefaultLogOutboundTags. - The allowed-history-bucket whitelist moves to package-level service.IsAllowedHistoryBucket, so both NodeController and ServerController validate against the same list. Net result: web/controller/server.go drops from 458 to 365 lines and contains only HTTP wiring + presentation-y side effects. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(api): emit JSON-text columns as nested objects Inbound, ClientRecord, and InboundClientIps store settings / streamSettings / sniffing / reverse / ips as JSON-text in the DB. The API was passing that text through verbatim, so every consumer had to JSON.parse a string inside a string. Add MarshalJSON / UnmarshalJSON so the wire format is a real nested object, while still accepting the legacy escaped-string shape on write. Frontend dbinbound.js gets a matching coerceInboundJsonField helper for the same dual-shape read path, and inbound.js toJson stops emitting empty/placeholder fields (externalProxy [], sniffing destOverride when disabled, etc.) so the new normalised JSON stays terse. api-docs and the inbound-clone path are updated to the new shape. Controller route lists are regrouped so all GETs sit above POSTs. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): include inboundIds and traffic in /clients/list ClientRecord got its own MarshalJSON in the previous commit, and ClientWithAttachments embeds it to add inboundIds and traffic. Go promotes the embedded MarshalJSON to the outer struct, so the encoder was calling ClientRecord.MarshalJSON for the whole value and silently dropping the extras. The frontend reads row.inboundIds / row.traffic from /clients/list, so attached inbounds didn't render and newly added clients looked like they hadn't saved. Add an explicit MarshalJSON on ClientWithAttachments that splices the extras in. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): gate IP Log on ipLimitEnable + clean access-log dropdown Legacy panel hid the IP Log section when access logging was off; the Vue 3 migration left it gated on isEdit only, so the section showed even when xray's access log was 'none' and nothing was being recorded. Restore the ipLimitEnable gate on the edit modal's IP Log form-item. While here, clean up the Xray Settings access-log dropdown: previously two 'none' entries appeared (an empty value labelled with t('none') and the literal 'none' from the options array). Drop the empty option for access log (the literal 'none' covers it) and relabel the empty option for error log / mask address to t('empty') so they're distinguishable. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(nodes): route per-client ops through node clients API + orphan sweep Adds Runtime methods AddClient, UpdateUser, and DeleteUser so master mutates clients on a node via /panel/api/clients/{add,update,del} rather than pushing the whole inbound. The previous rt.UpdateInbound path made the node DelInbound+AddInbound on every single-client change, briefly cycling every other user on the same inbound. DelInbound no longer filters by enable=true, so a disabled node inbound actually gets removed from the node instead of being resurrected by the next snap. setRemoteTrafficLocked now sweeps any ClientRecord with zero ClientInbound rows after SyncInbound rebuilds the attachments, which is how a node-side delete propagates back to master instead of leaving a detached ghost. ClientService.Delete tombstones the email first so a snap arriving mid-delete can't re-create the record. WebSocket broadcasts an "invalidate(clients)" message on every client mutation so the Clients page refreshes without manual reload. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(balancers): allow fallback on all strategies + feed burstObservatory from random/roundRobin Drops the random/roundRobin gate on the Fallback field in BalancerFormModal so every strategy can pick a fallback outbound. syncObservatories now feeds burstObservatory from leastLoad + random + roundRobin balancers (was leastLoad only), matching how leastPing feeds observatory. Fix the JsonEditor "Unexpected end of JSON input" that appeared when switching a balancer between leastPing and another strategy: the obsView watcher was gated on showObsEditor (a boolean OR of the two flags) and missed the case where one observatory swapped for the other in the same tick. Watch the individual flags instead so obsView flips to the surviving editor and the getter stops pointing at a deleted key. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(inbounds): use sortedInbounds for mobile empty-state check InboundList referenced an undefined visibleInbounds in the mobile card list's empty-state guard, throwing "Cannot read properties of undefined (reading 'length')" and breaking the entire mobile render. * feat(clients): sortable table columns Adds the same sortState / sortableCol / sortFns pattern InboundList uses, wrapping filteredClients in sortedClients so sort composes with the existing search/filter pipeline. Sortable: enable, email, inboundIds (attachment count), traffic, remaining, expiryTime; actions and online stay unsorted. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(shadowsocks): generate valid ss2022 keys and per-client method for legacy ciphers The Add Client flow on shadowsocks inbounds was producing xray configs that failed to start: - 2022-blake3-* ciphers need a base64-encoded key of an exact byte length per cipher. fillProtocolDefaults was assigning a uuid-style string, which xray rejects as "bad key". Now the password is generated (or replaced if invalid) via random.Base64Bytes(n) sized to the chosen cipher. - Legacy ciphers (aes-256-gcm, chacha20-, xchacha20-) require a per-client method field in multi-user mode; model.Client has no Method, so settings.clients was stored without one and xray failed with "unsupported cipher method:". applyShadowsocksClientMethod now injects the top-level method into each client on add/update, and healShadowsocksClientMethods backfills it at xray-config-build time so existing inbounds heal on the next start. - xray/api.go ssCipherType switch was missing aes-256-gcm, which fell through to ss2022 path. - SSMethods dropdown now offers aes-256-gcm. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): preserve ClientRecord on inbound delete + filter Attached inbounds to multi-client protocols Replace the global orphan sweep in setRemoteTrafficLocked with a per-inbound diff cleanup: only delete a ClientRecord whose email disappeared from a snap-tracked inbound (i.e. a node-side delete). Inbounds that vanished entirely from the snap (e.g. admin deleted the inbound on master) aren't iterated, so a client whose last attachment came from that inbound is now left alone instead of being deleted alongside the inbound. ClientFormModal and ClientBulkAddModal now filter the Attached inbounds dropdown to protocols that actually support multiple clients: shadowsocks, vless, vmess, trojan, hysteria, hysteria2, and portfallback (which routes through VLESS settings). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): make empty-state text readable on dark/ultra themes The "No clients yet" empty state had a hardcoded black color (rgba(0,0,0,0.45)) that vanished against the dark backgrounds. Drop the inline color, let it inherit from the AntD theme, and fade with opacity like the mobile card empty state already does. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(clients): client-first tgbot add flow, tgId field, lightweight inbound options - tgbot: drop legacy per-protocol Add Client UI in favour of a client-first multi-inbound flow. New BuildClientDraftMessage / getInboundsAttachPicker let an admin pick one or more inbounds and submit a single client; per- protocol secrets are now generated server-side via fillProtocolDefaults. Drops awaiting_id/awaiting_password_tr/awaiting_password_sh state cases and add_client_ch_default_id/pass_tr/pass_sh/flow callbacks. Adds a setTGUser button + awaiting_tg_id state so the bot can set Client.TgID during Add. - clients UI: add Telegram user ID input to ClientFormModal (0 = none). Hide IP Limit field entirely when ipLimitEnable is off — disabled fields still take layout space, this collapses Auth(Hysteria) to full width. - inbounds API: new GET /panel/api/inbounds/options that returns just {id, remark, protocol, port, tlsFlowCapable}. Used by the clients page pickers so the dropdown payload stays small on panels with thousands of clients (drops settings JSON, clientStats, streamSettings). Server-side TlsFlowCapable mirrors Inbound.canEnableTlsFlow so the modal no longer needs to parse streamSettings client-side. - clientInfoMsg now shows attached inbound remarks, and getInboundUsages reports the attached client count per inbound. - api-docs: document the new /options endpoint and add tgId / flow to the clients add/update bodies. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(inbounds): keep Node column visible for node-attached inbounds The Node column was bound to hasActiveNode, so disabling every node hid the column even when inbounds were still attached to those nodes — the admin lost the visual cue that those inbounds belonged to a node and would come back when it was re-enabled. Combine hasActiveNode with a new hasNodeAttachedInbound check (any dbInbound with nodeId != null) so the column survives node-disable. * fix(api-docs): accept functional-component icons in EndpointSection AntD-Vue icons (SafetyCertificateOutlined, etc.) are functional components, so the icon prop's type: Object validator was rejecting them with a "Expected Object, got Function" warning at runtime. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * test: cover crypto, random, netsafe, sub helpers, xray equals, websocket hub, node service Adds ~110 unit tests across previously untested packages. Focus on pure-logic and concurrency surfaces where regressions would silently affect users: - util/crypto, util/random: password hashing round-trip, ss2022 key generation, alphabet/length invariants. - util/netsafe: IsBlockedIP edge cases, NormalizeHost validation, SSRF guard with AllowPrivate context bypass. - util/common, util/json_util: traffic formatter, Combine nil-skip, RawMessage empty-as-null and copy-on-unmarshal. - sub: splitLinkLines, searchKey/searchHost, kcp share fields, finalmask normalization, buildVmessLink round-trip. - xray: Config.Equals and InboundConfig.Equals field-by-field, getRequiredUserString/getOptionalUserString type checks. - web/websocket: hub registration, throttling, slow-client eviction, nil-receiver safety, concurrent register/unregister. - web/service: NodeService.normalize validation, normalizeBasePath, HeartbeatPatch.ToUI mapping. - web/job: atomicBool concurrent set/takeAndReset semantics. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * i18n(clients): replace English fallbacks with proper translation keys Pulls every hard-coded English label/title in the Clients page and its four modals through the i18n layer so localized panels stop leaking English. New keys live under pages.clients (auth, hysteriaAuth, uuid, flow, flowNone, reverseTag, reverseTagPlaceholder, telegramId, telegramIdPlaceholder, created, updated, ipLimit) plus refresh at the root and toasts.bulkDeletedMixed / bulkCreatedMixed for partial-failure toasts. Also switches the add-client modal's primary button from "Add" to "Create" for consistency with other create flows. The bulk-add Random/Random+Prefix/... email-method options stay hard-coded by request - they're identifier-shaped strings. * i18n: backfill 99 missing keys across all 12 non-English locales Brings every translation file up to parity with en-US.json so the Clients page, the fallback-children inbound section, the new refresh verb, the Nodes panel-version label and a handful of older holes stop falling through to the English fallback. New strings span: - pages.clients.* (labels, confirmations, toasts, emailMethods) - pages.inbounds.portFallback.* (Reality fallback inbound section) - pages.nodes.panelVersion, menu.clients, refresh Technical identifiers (Auth, UUID, Flow, Reverse tag) are intentionally left untranslated since they correspond to xray-core field names. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * i18n: drop stale pages.client block duplicated in every non-English locale Every non-English locale carried a pages.client (singular) section with 30 entries that duplicated pages.clients (plural). The plural namespace is what the Vue code actually consumes; the singular one was dead weight from an older rename that never got cleaned up in the non-English files. Removing it brings every locale to exactly 984 keys, matching en-US.json. * chore: apply modernize analyzer fixes across codebase Mechanical replacements suggested by golang.org/x/tools/.../modernize: strings.Cut/CutPrefix/SplitSeq, slices.Contains, maps.Copy, min(), range-over-int, new(expr), strings.Builder for hot += loops, reflect.TypeFor[T](), sync.WaitGroup.Go(), drop legacy //+build lines. * feat(database): add PostgreSQL as an optional backend alongside SQLite Lets operators with large client counts or multi-node setups pick PostgreSQL at install time without breaking the existing SQLite default. Backend is selected at runtime via XUI_DB_TYPE/XUI_DB_DSN, a small dialect layer keeps the five JSON_EXTRACT/JSON_EACH queries portable, and a new `x-ui migrate-db` subcommand copies SQLite data into PostgreSQL in FK-aware order. * fix(inbounds): gate node selector to multi-node-capable protocols Hide the Deploy-To selector and clear nodeId when switching to a protocol that can't run on a remote node. Also: - subs: return 404 (not 400) when subId matches no inbounds, so VPN clients distinguish "deleted/unknown" from a server error - hysteria link gen: use the inbound's resolved address so node-managed inbounds advertise the node host instead of the central panel - shadowsocks: default network to 'tcp' (udp was causing issues for some clients on first-create) - vite dev proxy: rewrite migrated-route bypass against the live base path instead of a hardcoded single-segment regex Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(clients): bulk add/delete correctness + perf, working pagination, delayed-start in form Bulk add/delete were serial on the frontend (one toast per call, N round-trips) and the backend race exposed by parallelizing them lost client attachments and hit UNIQUE constraint failed on client_inbounds. The single add/edit modal also had no Start-After-First-Use option, and the table never showed the delayed duration. Backend (web/service/client.go): - Per-inbound mutex on Add/Update/Del InboundClient so concurrent writers on the same inbound don't lose the read-modify-write of settings JSON. - SyncInbound skips create+join when the email is tombstoned so a concurrent maintenance pass (adjustTraffics, autoRenewClients, markClientsDisabledIn- Settings) that did a stale RMW can't resurrect a just-deleted client with a fresh id. - compactOrphans sweeps settings.clients entries whose ClientRecord no longer exists, applied in Add/DelInboundClient + DelInboundClientByEmail so each user-initiated mutation self-heals the inbound's settings. - DelInboundClient uses Pluck instead of First for the stats lookup so a missing row doesn't abort the delete with a noisy ErrRecordNotFound log. Frontend: - HttpUtil.{get,post} accept a silent option that suppresses the auto-toast. - ClientBulkAddModal fires creates in parallel + silent + one summary toast. - useClients.removeMany runs deletes in parallel + silent and refreshes once; ClientsPage bulk delete uses it and shows one aggregate toast. - useClients.applyInvalidate debounces 200 ms so the burst of N WebSocket invalidate events from the backend collapses into a single refresh. - ClientsPage pagination is reactive (paginationState ref + tablePagination computed); onTableChange persists page-size and page changes. - ClientFormModal gains a Start-After-First-Use switch + Duration days input alongside the existing Expiry Date picker; on edit-mode open a negative expiryTime is decoded back to delayed mode + days; on submit the payload sends -86400000 * days or the absolute timestamp. - ClientsPage table shows the delayed-start duration (blue tag Nd, tooltip Start After First Use: Nd) instead of infinity. - Telegram ID field in the form is hidden when /panel/setting/defaultSettings reports tgBotEnable=false; Comment then fills the row. - Form row 3 collapses UUID (span 12) + Total GB (span 8) + Limit IP (span 4) when ipLimitEnable is on, else UUID + Total GB at 12/12. - useInbounds.rollupClients counts only clients with a matching clientStats row, so orphans in settings.clients no longer inflate the inbound's count. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(windows): clean shutdown, working panel restart, harden kernel32 load Three Windows-specific issues addressed: 1. Orphaned xray-windows-amd64 after VS Code debugger stop. Delve's "Stop" sends TerminateProcess to the Go binary, which is uncatchable — our signal handlers never run, so xrayService.StopXray() is skipped and xray is left dangling. Spawn xray as a child of a Job Object with JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE so the OS kills xray when our handle to the job is closed (which happens even on TerminateProcess). Also trap os.Interrupt in main so Ctrl+C in the terminal runs the graceful path. 2. /panel/setting/restartPanel logged "failed to send SIGHUP signal: not supported by windows" because Windows can't deliver arbitrary signals. Add a restart hook in web/global; main registers it to push SIGHUP into its own signal channel, and RestartPanel calls the hook before falling back to the (Unix-only) signal path. Same restart-loop code runs in both cases. 3. util/sys/sys_windows.go now uses windows.NewLazySystemDLL so the kernel32.dll resolve is pinned to %SystemRoot%\System32 (prevents DLL hijacking by a planted DLL next to the binary). Local filetime type replaced with windows.Filetime, and the unreliable syscall.GetLastError() fallback replaced with a type assertion on the errno captured at call time. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(sys): correct CPU/connection accounting on linux + darwin util/sys/sys_linux.go: - GetTCPCount/GetUDPCount were counting the column header row in /proc/net/{tcp,udp}[6] as a connection, inflating the reported total by 1 per non-empty file (so the panel status line always showed 2 more connections than actually existed). Replace getLinesNum + safeGetLinesNum with a single bufio.Scanner-based countConnections that skips the header. - CPUPercentRaw now opens HostProc("stat") instead of a hardcoded /proc/stat so HOST_PROC overrides apply, matching the connection counters in the same file. - Simplify CPU field unpacking: pad nums to 8 once instead of guarding every assignment with a len check. util/sys/sys_darwin.go: - Fix swapped idle/intr indices on kern.cp_time. BSD CPUSTATES order is user, nice, sys, intr, idle (CP_INTR=3, CP_IDLE=4) — gopsutil's cpu_darwin_nocgo.go reads the same layout. The previous code used out[3] as idle and out[4] as intr, so busy = total - dIdle was actually subtracting interrupt time, making the panel report CPU usage close to 100% on macOS regardless of actual load. - Collapse the per-field delta math into a single loop. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(xray): rotate crash reports into log folder, prevent overwrites writeCrashReport had two flaws: it wrote to the bin folder (alongside the xray binary) which conflates artifacts, and the second-precision timestamp meant a tight restart-loop crash burst overwrote prior reports. Write to the log folder with nanosecond precision and keep the last 10 reports. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * revert(inbounds): drop unreleased portfallback protocol The Port-with-Fallback inbound (commit `62fd9f9d`) was confusing as a standalone protocol — fallbacks belong on a regular VLESS/Trojan TCP-TLS inbound, the way Xray models them natively. Rip out the entire feature cleanly (no migration needed since it was never released): protocol constant, fallback children DB table, FallbackService, 2 API endpoints, all UI rows, related translations and api-docs. A native fallback flow attached to VLESS/Trojan TCP-TLS/Reality will land in a follow-up commit. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(inbounds): native fallbacks on VLESS/Trojan TCP-TLS, with working child links A VLESS or Trojan inbound on TCP with TLS or Reality can now act as a fallback master: pick existing inbounds as children and the panel auto- fills the SNI / ALPN / path / xver routing fields from each child's transport, auto-builds settings.fallbacks at config-gen time, and rewrites the child's client-share link so it advertises the master's reachable endpoint and TLS state instead of the child's loopback listen. Layout matches the Xray All-in-One Nginx example: master at :443 with clients + TLS, each child on 127.0.0.1 with its own transport+clients. Order matters (Xray walks fallbacks top-to-bottom) — reorder via the per-row up/down arrows. Path / SNI / ALPN are exposed under a per-row Edit toggle for the rare cases where the auto-derivation needs overriding; otherwise just pick a child and you're done. Backend: new InboundFallback table + FallbackService (GetByMaster / SetByMaster / GetParentForChild / BuildFallbacksJSON); two routes (GET / POST /panel/api/inbounds/:id/fallbacks); xray.GetXrayConfig injects settings.fallbacks for any VLESS/Trojan TCP-TLS/Reality inbound; GetInbounds annotates each child with FallbackParent so the frontend can rewrite links without an extra round-trip. Link projection covers every emission path — clients-page QR/links, per-inbound Get URL, raw subscription, sub-JSON, sub-Clash, and the inbounds-page link/info/QR — via a shared projectThroughFallbackMaster on the backend and a shared projectChildThroughMaster on the frontend that both handle the panel-tracked relationship and the legacy unix-socket (@vless-ws) convention. Strings translated into all 12 non-English locales. * docs: rewrite CONTRIBUTING with full local-dev setup The prior three-line CONTRIBUTING left newcomers guessing at every non-trivial step: which Go / Node versions, where xray comes from, why the panel goes blank when XUI_DEBUG=true is flipped on, how the Vue multi-page setup is wired, what to do on Windows when go build trips on the CGo SQLite driver. Now covers prerequisites, MinGW-w64 install on Windows (niXman builds or MSYS2), one-shot first-time setup, two frontend dev workflows with the XUI_DEBUG asset-cache gotcha called out, the architecture and conventions of the Vue side, a project-layout map, useful env vars, and the PR checklist. ---------	2026-05-19 12:20:24 +02:00
Abdalrahman	01a7dc807b	fix(sub): include xhttp mode in extra JSON for karing compatibility (#4365 ) - Add mode to buildXhttpExtra() so clients reading xtra param (karing, etc.) receive the xhttp mode alongside other bidirectional SplitHTTP fields. Previously mode was only a flat URL param and was silently dropped when xtra was present. - Add xhttp case to streamData() to strip acceptProxyProtocol and server-only fields (noSSEHeader, scMaxBufferedPosts, scStreamUpServerSecs, serverMaxHeaderBytes) from JSON sub configs. - Sync frontend buildXhttpExtra() with the same mode addition. Closes #4364	2026-05-14 10:02:45 +02:00
Abdalrahman	60e6b12f4c	fix(hysteria2): restore missing masquerade config in inbound form (#4316 ) * fix(hysteria2): restore missing masquerade config in inbound form Fixes #4303 The Hysteria2 Masquerade option was missing from the Stream settings tab after the v3.0.0 form rewrite. Added the UI form and ensured the masquerade block is passed through in subscription JSON generation.	2026-05-13 01:25:00 +02:00
MHSanaei	7cd26a0583	v3	2026-05-10 02:13:42 +02:00
Sanaei	bc00d37ad8	Vue3 migration (#4198 ) * docs(migration): Phase 1 inventory — Vue 2 / AD-Vue 1 surface area Captures the breakage surface for the Vue 3 + Ant Design Vue 4 + Vite migration: 17,650 lines across 69 templates, 3,145 a-* component instances across 63 files, with per-pattern counts and file lists. Key findings: - No Vue filters anywhere — dodges a major Vue 3 breaking change - 358 v-model uses; AD-Vue 4 absorbs most, custom components don't - 233 <template slot="X"> usages must become <template #X> - 49 scopedSlots: { ... } column defs need new slots: { ... } shape - a-icon is removed in AD-Vue 4 — every icon must be imported Establishes the 8-phase order; Phase 2 (Vite toolchain) is next. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * build(frontend): Phase 2 — scaffold Vite + Vue 3 + AD-Vue 4 Adds a frontend/ directory that lives alongside the legacy web/html/ Vue 2 templates during the migration. Vite builds into ../web/dist/ so the Go binary will be able to embed the result via embed.FS once Phase 4 starts moving real pages over. - package.json pins Vue 3.5, Ant Design Vue 4.2, Vite 6, vue-i18n 10 - vite.config.js: dev server on :5173 with API proxy to the Go panel on :2053; build output to ../web/dist/ - src/App.vue is currently a smoke-test placeholder — delete once the first real page (login) lands in Phase 4 - node_modules and dist are already ignored at repo root To verify locally: cd frontend && npm install && npm run dev Pages will be migrated one at a time on the vue3-migration branch. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(frontend): Phase 3 — port utils, models, axios, websocket as ES modules Ports the framework-agnostic JS from web/assets/js/ into frontend/src/ so Vue 3 pages can import what they need without relying on script-tag globals. - web/assets/js/util/index.js (927 lines, 21 classes) → frontend/src/utils/legacy.js + a barrel at utils/index.js. All classes are now named exports. - Vue.prototype.$message in HttpUtil → direct import of `message` from ant-design-vue (Vue 3 has no Vue.prototype). - RandomUtil.randomShadowsocksPassword previously defaulted to SSMethods.BLAKE3_AES_256_GCM from inbound.js, creating a circular import. Replaced with the literal string default. - MediaQueryMixin (Vue 2 mixin) removed. Replaced by composables/useMediaQuery.js — Vue 3 composable returning reactive `isMobile`. - axios-init.js wrapped as setupAxios(); Qs global → npm `qs`. - websocket.js exported as WebSocketClient class; the implicit window.wsClient global is gone — pages instantiate it themselves. - model/{inbound,outbound,dbinbound,setting,reality_targets}.js copied with `export` added on every top-level declaration. Imports between models and utils are wired up explicitly. - subscription.js deferred to Phase 5 (it's a Vue 2 mount, not a util). - App.vue smoke test exercises SizeFormatter / RandomUtil / Wireguard / useMediaQuery so the user can verify Phase 3 with `npm run dev`. Run `cd frontend && npm install && npm run dev` — qs was added so a fresh install is required. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 4 — port login.html to Vue 3 + AD-Vue 4 + Vite 8 First real page in the new toolchain. Multi-page Vite: each migrated page is its own entry. login.html now lives at frontend/login.html with a thin entrypoint at frontend/src/login.js mounting LoginPage.vue. Vite 6 → Vite 8.0.11 (per user request). Requires Node 20.19+ or 22.12+. @vitejs/plugin-vue bumped to ^6.0.6 (peers vite ^8). Ant Design Vue stays on 4.2.6 — there is no AD-Vue 6. Vue 2 → Vue 3 / AD-Vue 1 → AD-Vue 4 syntax changes hit on this page: - new Vue({ el, delimiters, data, methods }) → createApp + <script setup> - mounted() → onMounted() - <template slot="X"> → <template #X> - <a-icon slot="prefix" type="user"> → <template #prefix><UserOutlined /> </template> with explicit @ant-design/icons-vue imports - v-model.trim → v-model:value (AD-Vue 4 uses named v-model on inputs) Three legacy features deferred so Phase 4 stays small: - i18n (Phase 7 wires up vue-i18n) - theme switcher (custom component pending Phase 5) - headline word-cycle animation (purely aesthetic) Run `cd frontend && npm install && npm run dev`, open http://localhost:5173/login.html. With Go panel running on :2053 the form submits real credentials via the configured proxy. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5a — theme system + Vite 8 + vue-i18n 11 Bumps Vite to 8.0.11 (npm install picked up 6.4.2 from the stale lockfile; clean install resolves the new constraint). Bumps vue-i18n to 11.1.4 since v10 was just EOL'd. Migrates aThemeSwitch.html — the two-flavor theme picker + global themeSwitcher object — into: - composables/useTheme.js: single reactive `theme` state with toggleTheme / toggleUltra. Boot side-effect applies the stored theme to <body>/<html> before Vue renders; watchEffect persists changes back to localStorage. - components/ThemeSwitch.vue: full menu version for the main panel. - components/ThemeSwitchLogin.vue: login-popover version. AD-Vue 1 → 4 changes hit on this component: - <a-icon type="bulb" :theme="filled\|outlined"> dropped — replaced by explicit BulbFilled / BulbOutlined imports from @ant-design/icons-vue, swapped via <component :is="BulbIcon"> - Vue.component('a-theme-switch', { ... }) global registration → SFC + per-page import - this.$message.config(...) (Vue 2 instance method) → message.config(...) imported from ant-design-vue, called once in login.js at boot Login page now surfaces a settings button → popover → theme picker. Known gap: web/assets/css/custom.min.css isn't yet imported into the new bundle, so toggling dark mode currently only re-themes AD-Vue's own components, not the panel chrome. The body class is still toggled so behavior is correct; visual fidelity returns when custom.css is ported or directly imported. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5b — port four shared components to Vue 3 CustomStatistic.vue and SettingListItem.vue are mechanical Vue.component → SFC ports. AppSidebar.vue: AD-Vue 4 dropped <a-icon :type="dynamic">, so the five sidebar icons (dashboard/user/setting/tool/logout) live in a name→component map and render via <component :is>. The legacy <a-drawer slot="handle"> hack is replaced with a sibling fixed- position toggle button. Tab paths take basePath/requestUri as props instead of pulling them from Go template scope. TableSortable.vue: the biggest Vue 3 rewrite of this phase. - $listeners is gone — replaced by inheritAttrs: false + explicit attrs forwarding - scopedSlots: this.$scopedSlots collapsed into Vue 3's unified slots object — just iterate Object.keys(this.slots) and forward - Vue 2 h(tag, { props, on, scopedSlots }, children) → Vue 3 h(tag, { ...props, ...on }, slotsObject) - 'a-table' string → resolveComponent('a-table') so app.use(Antd) registration is honored - inject: ['sortable'] (Options API) → inject('sortable', null) (Composition API) inside the trigger child - beforeDestroy → beforeUnmount - customRow's return shape flattened (no nested props/on/class) Two intentional skips, documented in the migration doc: - aClientTable.html — slot fragments, not a component. Migrates inline with inbounds.html (new Phase 5f). - aPersianDatepicker.html — wraps a Persian-only third-party lib; defer until settings.html lands. Build verified with vite 8.0.11. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): anchor Vite dev proxy so /login.html isn't forwarded The /login proxy entry was matching any path starting with /login — including /login.html, which Vite is supposed to serve itself. Without the Go backend running, this caused ECONNREFUSED noise on every page load. Switched to regex patterns anchored with ^...$ so only the bare backend paths (/login, /logout, /getTwoFactorEnable) and explicit sub-routes (/panel/, /server/) get proxied. Static .html files Vite serves directly are no longer matched. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): real dark mode + silence dev proxy ECONNREFUSED noise Two issues from running login.html against no Go backend: 1. Dark mode toggled the body class but didn't actually re-theme any AD-Vue components. The legacy panel relied on custom.min.css which we haven't ported. AD-Vue 4 ships its own dark algorithm — wrap LoginPage in <a-config-provider :theme="{ algorithm }"> driven by our useTheme state, and AD-Vue restyles every component for free. Page chrome (background, card, title) gets explicit .is-dark CSS since the algorithm only covers AD-Vue components. 2. Vite logged every failed proxy attempt loudly. When the Go panel isn't running locally that's pure noise. Added a configure() callback that swallows ECONNREFUSED specifically; real errors (timeouts, 5xx, anything else) still surface. Both fixes are dev-experience only — production build is unchanged. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): use legacy panel palette for login page dark mode Earlier dark mode used invented colors (#141a26 page bg, #1f2937 card) that didn't match the rest of the panel. Replaced with the actual values from web/assets/css/custom.min.css: light dark ultra-dark bg #c7ebe2 bg #222d42 bg #0f2d32 card #fff card #151f31 card #0c0e12 title #008771 title #fff/.92 title #fff/.92 Drove everything off CSS custom properties on .login-app so the .is-dark / .is-ultra class swap is a few var overrides instead of duplicating selectors. Also restored the legacy card metrics (2rem radius, 4rem 3rem padding, 2rem title) so the new page matches the old panel's geometry, not just its colors. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): match legacy wave layout + recolor for dark mode The wave SVG had inline fill="#c7ebe2" (mint) on the bottom wave, so in dark/ultra-dark mode it rendered as a pale-white blob against the dark page. Stripped the inline fills, drove them off CSS variables that swap with .is-dark / .is-ultra: light: green tints + #c7ebe2 (mint) on the bottom wave dark: #222d42 across all four waves ultra-dark: #0f2d32 The wave was also positioned wrong — anchored to the top 200px of the viewport with absolute positioning. Restored the legacy layout: - .waves-header is fixed to the top of the viewport with z-index -1 so the form floats over it - .waves-inner-header pushes the wave SVG down to ~50vh with a 50vh-tall solid block of the page color - .waves SVG itself is 15vh tall, sitting at the bottom of that block Net effect: top half is solid-colored, then a wavy edge transitions into the rest of the page, with the form centered on top — matching the legacy panel exactly. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): bring wave-header to front so the wave actually shows Two layering bugs were hiding the wave entirely: 1. .ant-layout-content had background: var(--bg-page) which painted an opaque rectangle covering the full content area — including the fixed wave-header behind it. Made the layout/content transparent and moved the bg paint up to .login-app (the outer ant-layout). 2. .waves-header had z-index: -1 which on its own was fine, but with .ant-layout-content opaque on top it was doubly buried. Promoted the wave-header to z-index: 0 and gave the form .login-row z-index: 1, so the form sits above the wave and the wave sits above the page-bg. Also set --bg-page to the legacy mint (#c7ebe2) for light mode so the bottom half of the page below the wave matches the legacy panel (was white). Dark mode stays at the surface-100/login-wave palette. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): match legacy wave animation timings + dark page bg Two reasons the bottom wave looked static in dark/ultra-dark: 1. Animation durations were 7s/10s/13s/20s. Legacy uses 4s/7s/10s/13s. The 20s on the bottom wave was so slow that against the low dark- mode contrast it read as motionless. Restored the legacy timings. 2. --bg-page in dark mode was #151f31 (card color / surface-100), but the legacy .under uses surface-200 (#222d42) — that's the color of the bottom half of the page, the same as the wave fill, so the wave appears to flow into the page rather than meeting a hard edge. Now it does. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): restore Hello/Welcome headline cycle on login Earlier I deferred the legacy headline word-cycling animation as "purely aesthetic". Restored it: the title now alternates between 'Hello' and 'Welcome' every 2 seconds, matching the legacy panel. The legacy implementation toggled .is-visible / .is-hidden classes on two <b> elements via setTimeout chains and DOM querying. Replaced with a reactive ref + Vue 3 <Transition mode="out-in"> so the fade between words is declarative — no manual DOM manipulation, and the interval is properly cleaned up in onBeforeUnmount. The earlier "Welcome to 3x-ui" string was wrong on two counts: it should be just "Welcome", and it should be one of two cycling words with "Hello" preceding it. Ultra-dark palette already matched legacy after the prior wave timing fix; no additional changes needed there beyond the animation speeds that now also apply to ultra-dark via the shared CSS rules. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): correct dark login bg + give ultra-dark wave real contrast Two related fixes: 1. Default-dark wave-header bg was wrong. I had #0a2227, but that's the ultra-dark override; default dark uses --dark-color-background = #0a1222. Now the dark-mode top half is the legacy purple-blue instead of teal. 2. Ultra-dark wave fill is intentionally near-identical to its bg in the legacy palette (#0f2d32 vs #0a2227, ~5/11/11 RGB delta), which makes the wave look static even though the animation is running. Bumped --wave-fill / --wave-fill-bottom to #1f4d52 in ultra-dark only — far enough above the bg that the motion reads, while staying within the same teal hue family. Also corrected ultra-dark --bg-page back to #0f2d32 (was briefly #0c0e12, which is the card color, not the page color). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): drop ultra-dark bottom-wave seam line Last fix made the wave fill #1f4d52 in ultra-dark for both top-three waves and the bottom wave, which gave visible motion but exposed a hard horizontal line where the bottom wave's flat lower edge met the page bg (#0f2d32). The user noticed it as "the wave at the bottom not moving its like a line" — they were seeing the SVG's clipped bottom edge, not the wave itself. Solution: only the top three waves get the brighter fill (those carry the visible motion). The bottom wave reverts to #0f2d32 = --bg-page, so its flat bottom edge merges seamlessly into the page below. Net effect: motion is still visible (from waves 2 and 3), and there's no seam line at the bottom of the SVG. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5c-i — index.html dashboard shell Replaces the smoke-test App.vue with a real IndexPage shell so the /index.html route now boots the actual dashboard layout in Vue 3: - a-config-provider drives AD-Vue 4's dark algorithm from useTheme (same pattern as LoginPage) - AppSidebar (Phase 5b component) is wired in with basePath + requestUri props - a-spin loading state with placeholder card while we build out the rest of the page - Page palette mirrors the legacy: light #f0f2f5, dark #0a1222 (--dark-color-background), ultra-dark #21242a The 1,805-line legacy index.html is too big for one commit. Split into five sub-phases on the todo list: ii) status cards + /server/status polling, iii) xray status card, iv) logs/backup/panel-update modals, v) custom-geo section. frontend/src/App.vue and frontend/src/main.js (smoke-test scaffold) are removed — both purposes now served by IndexPage and index.js. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5c-ii — live status cards on the dashboard Adds the CPU / memory / swap / disk dashboard cards to IndexPage, backed by a useStatus() composable that polls /panel/api/server/status every 2 s and a Status / CurTotal model ported from the legacy inline classes in index.html. - models/status.js — Status & CurTotal classes (CurTotal exposes reactive .percent and .color computed-style getters; Status maps the API payload + xray state to color/message strings) - composables/useStatus.js — 2s polling with shallowRef so each fetch swaps the whole Status object atomically. WebSocket integration intentionally deferred — the legacy panel falls back to this same 2s polling when its websocket drops, so we ship the proven path first and add WS on top in a later sub-phase. - pages/index/StatusCard.vue — four a-progress dashboard widgets in a 2x2 grid (mobile collapses to a 1x4). CPU widget exposes a history button; the modal it opens is part of 5c-iv. - IndexPage now consumes both, plus useMediaQuery so the layout responds to viewport changes. AD-Vue 4 changes: <a-icon type="area-chart"\|"history"> dropped in favor of explicit AreaChartOutlined / HistoryOutlined imports. <a-tooltip slot="title"> → <template #title>. i18n strings still hardcoded English (Phase 7 wires up vue-i18n). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5c-iii — xray status card + stop/restart controls XrayStatusCard.vue renders the right-hand card on the dashboard: - Title with mobile-only version tag (matches the legacy collapse) - Animated badge for the running/stop/error states. The pulsing dot comes from xray-pulse keyframes (renamed from runningAnimation in legacy custom.min.css). Color rings on the badge use the legacy's per-state border-color overrides on .ant-badge-status-processing. - Error state replaces the badge with a popover that surfaces the multi-line errorMsg + a logs shortcut. - Action row at the bottom: optional logs (when ipLimitEnable), stop, restart, and version switch. IndexPage now wires: - POST /panel/api/server/stopXrayService and /restartXrayService, followed by a refresh() so the status card reflects the new state without waiting for the next poll tick - POST /panel/setting/defaultSettings to read ipLimitEnable - Stub handlers for the panel-logs / xray-logs / version-switch / cpu-history modals — those land in 5c-iv AD-Vue 4 changes hit on this card: - <a-icon type="bars\|poweroff\|reload\|tool"> → explicit BarsOutlined / PoweroffOutlined / ReloadOutlined / ToolOutlined - <span slot="title\|content"> → <template #title\|#content> - The .xray--animation classes ship as global <style> (not scoped) so they pierce AD-Vue's internal .ant-badge-status- DOM. i18n still hardcoded English; Phase 7 wires vue-i18n. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5c-iv (a) — panel update / logs / backup modals Adds three of the six dashboard modals plus a Quick Actions card that surfaces them. The remaining three (xray logs, version picker, CPU history sparkline) ship in 5c-iv-b. - PanelUpdateModal.vue — current vs latest version, "update now" button. Confirm dialog → POST /panel/api/server/updatePanel, then poll /server/status for up to 90s until the new panel answers, then reload. - LogModal.vue — panel logs viewer. Filters: rows (10-500), level (debug/info/notice/warning/error), syslog toggle. Auto-fetches on open and on every filter change. Color-coded timestamps and levels via inline span styles. Download button writes the raw log to x-ui.log via FileManager.downloadTextFile. - BackupModal.vue — db export (window.location to /getDb) and import (FormData upload to /importDB, then panel restart + reload). - Quick Actions card surfaces Logs / Backup / Update buttons and shows an orange update badge (extra slot) when an update is available. Modal-busy pattern: long-running operations (update, import) emit a `busy` event with a tip; IndexPage flips its a-spin overlay so the user sees a loading message while the panel is restarting. AD-Vue 4 changes: - v-model on <a-modal> renamed to v-model:open - v-model on <a-input>/<a-select>/<a-checkbox> uses the named v-model:value / v-model:checked pattern - <a-icon type="..."> dropped — explicit Ant icon imports (BarsOutlined, CloudServerOutlined, CloudDownloadOutlined, DownloadOutlined, UploadOutlined, SyncOutlined) - Modal.confirm() replaces this.$confirm() since setup() has no `this` Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5c-iv (b) — cpu-history / xray-logs / xray-version modals Wires up the three remaining dashboard buttons that were stubbed in 5c-iv (a): the CPU history button on StatusCard, the xray-logs button in XrayStatusCard's error popover and ipLimitEnable action, and the "Switch xray" button in XrayStatusCard's action footer. - Sparkline.vue: shared SVG line chart (composition-API port of the inline Vue 2 component). Per-instance gradient id avoids defs collisions between sparklines on the same page. - CpuHistoryModal.vue: bucket dropdown (2m/30m/1h/2h/3h/5h) drives GET /panel/api/server/cpuHistory/{bucket}; renders via Sparkline. - XrayLogModal.vue: rows + filter + direct/blocked/proxy checkboxes; POST /panel/api/server/xraylogs/{rows} returns access-log entries rendered as a colored HTML table; download button serializes to text. - VersionModal.vue: collapse with Xray panel (radio list of versions from getXrayVersion, install via installXray/{version}) and Geofiles panel (per-file reload + Update all). CustomGeo collapse panel is Phase 5c-v. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5c-v — custom-geo section in VersionModal Adds the third collapse panel ("Custom geo") that lets users register external geosite/geoip files referenced by routing rules via ext:<filename>:tag. Backend endpoints are unchanged. - CustomGeoSection.vue: bordered table over /panel/api/custom-geo/list with per-row edit, download (refetch), and delete actions, plus an Add button and Update-all. Lazy-loads the list when the parent collapse opens this panel — closed panels don't fetch. - CustomGeoFormModal.vue: shared add/edit form with the same alias regex (^[a-z0-9_-]+$) and URL validation as legacy. Type and alias are immutable when editing — backend rejects changes anyway. - ext:<filename>:tag value is click-to-copy via ClipboardManager. - Relative time is computed inline (no moment dep); tooltip shows the absolute timestamp. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5d-i — settings page shell + dirty tracking Adds the settings entry as a new Vite multi-page input. Lays down the shared page chrome (sidebar, save bar, restart, security alert) and the AllSetting fetch/dirty-poll lifecycle so 5d-ii through 5d-vi can drop in tab partials without re-implementing it. - settings.html + src/settings.js: third Vite entry; mounts SettingsPage. - SettingsPage.vue: page chrome with the legacy two-button save/restart bar, conf-alerts banner, and 5 a-tabs (4 always-visible + the formats tab gated on subJsonEnable \|\| subClashEnable). Each tab body is an a-empty placeholder until 5d-ii…vi fill them in. - useAllSetting.js composable: POST /panel/setting/all on mount, mirrors the legacy 1s busy-loop dirty check via setInterval, and exposes fetchAll/saveAll. saveDisabled flips off as soon as the user diverges from the server snapshot. - restartPanel rebuilds the URL (host/port/scheme/base path) from the saved settings so users land on the new endpoint after a port or cert change. - models/setting.js: adopts the @/utils alias and a leading file-level doc — semantics unchanged. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5d-ii — settings General tab Ports the panel/general partial (the largest single tab) — six collapse panels: General, Notifications, Certificates, External traffic webhook, Date and time, LDAP. - GeneralTab.vue receives the reactive AllSetting via props and binds fields directly with v-model:value; SettingsPage stays the sole fetch/save owner. - remarkModel/remarkSeparator surfaced as computed v-models that read+write the underlying single-string field (legacy stores them packed as <separator><orderedKeys>, e.g. "-ieo"). - LDAP inbound-tags select binds to a CSV ↔ array computed; inbound options come from /panel/api/inbounds/list on mount. - Language select stays cookie-based via LanguageManager and reloads on change — same UX as legacy. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5d-iii — settings Security tab + 2FA modal Ports the panel/security partial: change-credentials form and 2FA toggle. The 2FA modal is a new shared component since enabling 2FA, disabling 2FA, and changing credentials all funnel through it with slightly different copy. - TwoFactorModal.vue: 'set' flow renders a QR code + manual key + a 6-digit verifier; 'confirm' flow renders just the verifier. The parent passes a confirm(success) callback that fires only when the entered code matches the live TOTP value (otpauth lib). - SecurityTab.vue: holds the local user form (oldUsername/oldPassword/ new), POSTs /panel/setting/updateUser, and on success force-redirects to logout. When 2FA is on, the credentials change goes through the confirm-modal first. - toggleTwoFactor leaves the switch read-only (the v-bound :checked matches AllSetting) and only flips after the modal succeeds, so cancelling out leaves state unchanged. - Adds otpauth ^9.5.1 dep (qrious was already present). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> feat(frontend): Phase 5d-iv — settings Telegram tab Ports the panel/telegram partial: bot enable/token/chatId/lang in the General panel, schedule/backup/login/CPU-threshold in Notifications, and proxy/API-server overrides in the third panel. All bindings live on the shared AllSetting reactive — no fetch/save logic in this tab. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5d-v — settings Subscription general tab Ports the subscription/general partial — four collapse panels covering the master enable switches, presentation/template fields, certs, and update interval. - Sub path goes through a strip-on-input + normalize-on-blur computed: legacy stripped `:` and `` and ensured the value starts and ends with a single `/` — same here. - Both `subEnableRouting` and the announce/profile/title/support URLs are bound directly on AllSetting. - The "Subscription URI override" placeholder mirrors the legacy pattern for the manual full-URL form. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> feat(frontend): Phase 5d-vi — settings Subscription formats tab Ports the subscription/json partial — paths/URIs for the JSON and Clash formats plus the four packed-JSON sub-fields: fragment, noises, mux, and direct routing rules. - subJsonFragment / subJsonMux / subJsonNoises / subJsonRules are each a JSON string on the wire; the tab exposes their fields as computed v-models that read+write the underlying JSON. Toggling a top-level switch off resets the field to "" (matches legacy semantics). - Direct routing rules surface the IP and domain entries of the seed rule array as multi-select tag inputs; setting/removing tags edits the rules array in place rather than rebuilding it from scratch, so manually-added rules are preserved. - Tab is gated on subJsonEnable \|\| subClashEnable in the parent (only rendered when the user actually opted into one of those formats). This closes Phase 5d — full settings page parity with the legacy panel across all five tabs. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): route /panel/<route> to migrated pages in dev The sidebar links to production-style URLs like /panel/settings, but in dev that gets proxied to the legacy Go template — which fails because we haven't loaded the legacy asset chain. Add a proxy bypass so /panel and /panel/settings are served from index.html / settings.html on the Vite dev server itself. Unmigrated routes (inbounds, xray) still proxy to Go. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(csrf): expose token endpoint for SPA pages and fetch it from axios The legacy panel pages got their CSRF token from a <meta name="csrf-token"> tag rendered by Go. SPA pages built by Vite don't have that, so every unsafe (POST/PUT/DELETE) request from them was hitting CSRFMiddleware with no token and getting 403 — visible as the settings page being stuck on "Loading…" because POST /panel/setting/all failed. - web/controller/xui.go: GET /panel/csrf-token returns the session token. Lives under the xui group so checkLogin still gates it; the CSRFMiddleware on the same group is a no-op for GET. - frontend/src/api/axios-init.js: cache the token at module scope and lazy-fetch it when a non-safe request needs one. Seed from the meta tag first when present (legacy compat). On a 403 response, drop the cache and retry once — handles the case where a server restart rotated the token after the SPA loaded. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): keep sidebar links absolute when basePath is empty The dashboard sidebar built tab keys as basePath + 'panel/...'. In dev the window-injected basePath is '' so the resulting key was a relative path like 'panel/settings'. When the browser resolved that against the current /panel/settings URL it produced /panel/panel/settings — visible as broken navigation between Dashboard and Settings. Force a leading slash so the keys are always absolute regardless of whether the host injected a basePath. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5f-i — inbounds page shell + list fetch Adds the inbounds entry as a fourth Vite multi-page input and wires /panel/inbounds through the dev proxy bypass. Lays down the page chrome (sidebar, summary statistics card, refresh button) and the fetch lifecycle composable so 5f-ii onward can drop in the table columns and the modals without re-implementing it. - inbounds.html + src/inbounds.js: fourth Vite entry; mounts InboundsPage. - InboundsPage.vue: sidebar + summary card (totals over up/down, all-time, inbound count, client tags) + a basic table with enable/ remark/port/protocol/traffic/expiry columns. Row actions, popovers, search/filter, auto-refresh, and the WebSocket delta path are all deferred to subsequent 5f subphases. - useInbounds.js composable: GET /panel/api/inbounds/list + POST /panel/api/inbounds/onlines + POST /panel/api/inbounds/lastOnline + POST /panel/setting/defaultSettings, then computes the per-inbound clientCount roll-ups (active/deactive/depleted/expiring/ online/comments) the table popovers consume. - models/dbinbound.js + models/inbound.js: switched the legacy-utils import to the @/utils alias for consistency with the rest of the app. Semantics unchanged. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5f-ii — inbound list table + search/filter + auto-refresh Fleshes out the inbound list with the full column set, search & filter toolbar, row enable toggle wired to /panel/api/inbounds/setEnable/:id, and a per-row action dropdown that emits events the parent will route to modals as those land in 5f-iii through 5f-vii. - InboundList.vue (new): toolbar (Add inbound + General actions dropdown + Refresh + auto-refresh popover), search-or-filter switch with the legacy radio buttons (Active/Disabled/Depleted/Depleting/ Online), and a a-table with desktop and mobile column variants. Cells use AD-Vue 4's #bodyCell slot — protocol/clients/traffic/ allTime/expiry/info cells render the same popovers and tags as legacy. Row enable switch is optimistic with rollback on POST failure. - visibleInbounds computed mirrors the legacy search and filter projection: deep search through dbInbound + clients, or filter reduces inbound.settings.clients to the selected bucket so the table only shows matching client rows. - Auto-refresh interval is read/written to localStorage with the same keys (`isRefreshEnabled`, `refreshInterval`) as the legacy panel. WebSocket delta updates are still deferred. - Action menu emits event payloads {key, dbInbound}; the parent currently shows a "coming in later 5f subphase" toast for each. Modals (edit/qr/clone/delete/reset/info/clients) land in 5f-iii through 5f-vii. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(inbounds): wrap popover-table rows in <tbody> Vue's template compiler warned that <tr> can't be a direct child of <table> per the HTML spec; the browser silently inserts a <tbody> wrapper but Vue's SSR/hydration path doesn't, which can cause hydration mismatches. Add explicit <tbody> in both popover tables (traffic + mobile-info). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5f-iii — inbound add/edit modal + delete/clone/reset Wires up the inbound CRUD flows. The protocol-specific and transport- specific forms are still ahead in 5f-iii-b — for now the modal exposes those as JSON textareas so users can both edit existing inbounds without losing settings and create new ones from default templates. - InboundFormModal.vue: tabbed modal with a full Basics tab (enable, remark, protocol, listen, port, total GB, traffic reset, expiry date) and three JSON-edit tabs (Settings, Stream, Sniffing). Add mode stamps a fresh template per protocol via Inbound.Settings.getSettings(protocol); changing the protocol in add mode restamps the JSON. Edit mode pretty-prints the existing JSON so the user sees the same fields they save back. - POST /panel/api/inbounds/add or /panel/api/inbounds/update/:id on submit; on success the parent refreshes the list and the modal closes. Malformed JSON in any of the three textareas surfaces a message.error and aborts the save without losing user input. - InboundsPage.vue: wires the row action menu to real handlers — edit (opens the modal in edit mode), delete, reset-traffic, clone, reset-clients, del-depleted-clients all go through Modal.confirm and refresh on success. General actions menu wires reset-inbounds / reset-clients / del-depleted-clients the same way. Remaining actions (qrcode/info/import/export/copyClients) still toast as "coming soon" — those land in 5f-iv and 5f-v. - Adds dayjs ^1.11.20 dep for the a-date-picker v-model interop. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5f-iv — client add/edit + bulk-add modals Wires per-inbound client management. Both flows go through the same addClient/updateClient endpoints as legacy; the modals just funnel the form state into the right shape (`{id, settings: '{"clients": [...]}'}`). - ClientFormModal.vue: protocol-aware single-client editor — email/ password/id/auth/security/flow/subId/tgId/comment/ipLimit/totalGB/ expiry/renewal fields are shown/hidden per protocol like legacy. Edit mode displays the per-client traffic stats with a reset button; IP-limit log is read on click and clearable. Random helpers (sync icon next to each label) regenerate UUID/email/ password/sub-id values. - ClientBulkModal.vue: 1–500 clients in one POST, with the legacy five email-generation modes (Random / +Prefix / +Num / +Postfix / Pure-Prefix-Num-Postfix). Builds clients via the protocol-aware factory and concatenates their toString() output into a single settings.clients JSON array. - InboundsPage.vue: opens both modals from the row action menu (`addClient` / `addBulkClient`). They both refresh the inbound list on success. - Outstanding row actions still toast as "coming soon": qrcode, showInfo, copyClients, clipboard. Those land in 5f-v / 5f-vi. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5f-v — inbound info + QR-code modals Wires the row "info" and "qrcode" actions and ports the legacy inbound_info_modal end-to-end. The info modal handles every protocol the legacy panel did: • multi-user (VMess/VLess/Trojan/SS-multi/Hysteria) — per-client table + share links + per-link QR; • SS single-user — share link + QR; • WireGuard — full peer table with downloadable peer-N.conf and a wg:// share link per peer; • Mixed/HTTP/Tunnel — connection-detail tables. - QrPanel.vue: shared link card (header tag, copy button, optional download button, optional QR canvas, monospace footer with the raw value). Per-instance QRious instances are repainted on value/size change. - InboundInfoModal.vue: full info modal. Subscription URL block keys off subSettings.subURI/subJsonURI; IP-log lazy-loads on open and surfaces refresh + clear; tg-id, last-online, depleted/enabled tags all match legacy. - QrCodeModal.vue: lighter modal used for the row "qrcode" action on SS-single and WireGuard inbounds (just the QRs, no info table). - InboundsPage.vue: wires both flows. checkFallback() reproduces the legacy logic — when an inbound listens on a unix-socket fallback (`@<name>`), the link generator is pointed at the root inbound that owns the listen address so QRs/links carry the public host:port + the right TLS state. Multi-client navigation (focusing a specific client's links) is deferred to 5f-vi where the per-inbound expand- row table will pass the email through. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5f-vi — per-inbound client expand-row table Each multi-user inbound row in the list now expands to show its client roster, mirroring the legacy aClientTable component. - ClientRowTable.vue: inner a-table with full desktop column set (action icons / enable / online / client-with-status-dot / traffic with progress bar / all-time / expiry with reset cycle) and a collapsed mobile variant (single dropdown menu + popover info). Self-contained: stats are looked up via a per-inbound email->stats Map; per-client confirms (reset/delete) live on the row. - The component emits typed events (edit/qrcode/info/reset-traffic/ delete/toggle-enable) — InboundsPage routes them back to the existing client and info modals (with `findClientIndex` so the modal opens focused on the right client). - InboundList.vue: hooks ClientRowTable into the a-table's expandedRowRender slot; row-class-name `hide-expand-icon` and a scoped CSS rule hide the chevron for non-multi-user inbounds (HTTP/Mixed/Tunnel/WireGuard/SS-single) so they keep looking flat. - toggle-enable-client routes through updateClient with the same `{id, settings: '{"clients": [...]}'}` shape as the other modals, so backend parsing stays single-pathed. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5f-iii-b — replace inbound modal JSON textareas with structured forms Rewrites InboundFormModal to look like the legacy panel: structured forms for the common case, with a compact "Advanced (JSON)" fallback for the rare bits we don't yet have UI for. Tabs: • Basics — enable/remark/protocol/listen/port/total/trafficReset/expiry • Protocol — protocol-aware: VMess/VLess/Trojan/SS-multi/Hysteria in add mode embed an inline first-client form (email + ID/password/auth, security, flow, subId, comment, total GB, expiry); edit mode shows a clients-count summary table; VLess: decryption/encryption inputs; SS: method dropdown that re-randomizes password and propagates method change to the multi-user array (matches legacy SSMethodChange); HTTP/Mixed: accounts table with add/remove rows + Mixed auth/udp/ip toggles; Tunnel: address/port/network/followRedirect; WireGuard: secretKey/pubKey (regen via Wireguard.generateKeypair) + per-peer fields with PSK regen + allowedIPs add/remove + keepAlive. • Stream — only when canEnableStream(); transport selector with structured forms for TCP (proxy-protocol, http camouflage), WS (host/path/heartbeat/headers), gRPC (serviceName, multiMode), HTTPUpgrade (host/path). KCP/XHTTP fall back to the Advanced tab with an alert banner. Security selector with TLS (sni/alpn/ fingerprint) and Reality (target/serverNames/keypair-gen via /panel/api/server/getNewX25519Cert / shortIds / fingerprint). • Sniffing — enabled/destOverride/metadataOnly/routeOnly/ ipsExcluded/domainsExcluded as structured fields. • Advanced (JSON) — raw streamSettings + sniffing JSON for users reaching KCP/XHTTP/sockopt/finalmask/full TLS cert arrays. The stream JSON is auto-synced from the live model whenever the structured fields change. State source of truth is a deeply-reactive Inbound + DBInbound pair cloned on open; submit serializes via inbound.settings.toString() + inbound.stream.toString() so the wire shape matches the legacy panel byte-for-byte. streamNetworkChange semantics (clear flow when TLS/Reality unavailable, reset finalmask.udp when not KCP) are preserved. Vision Seed for VLess + finer-grained TCP HTTP camouflage + the full TLS cert/ECH editor will land in 5f-iii-c. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 5f-vii — shared text/prompt modals + remaining export/import wiring Wires up the last batch of inbound row + general actions that were toasting "coming soon": export-inbound-links, export-subs (per-inbound and global), export-all-links, import-inbound, and the clipboard JSON peek. Two small shared components back them — both can be reused by the xray page later. - TextModal.vue (shared): read-only multi-line viewer with a copy button and an optional download button when fileName is set. Replaces the legacy txtModal which the inbounds page used for every link export. - PromptModal.vue (shared): generic title + input/textarea + confirm callback, with the legacy keybindings (Enter submits in single-line mode; Ctrl+S submits in textarea mode). Used here for import-inbound but also by xray-config edits in Phase 6. - InboundsPage.vue: drops the toast stubs for `import`/`export`/`subs` on the general-actions menu and `export`/`subs`/`clipboard` on the per-row menu, routing each through openText / openPrompt + the appropriate model helper (genInboundLinks, etc.). The copyClients cross-inbound modal stays toast-stubbed — that's its own dedicated legacy modal worth its own commit. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 6-i — xray page scaffold + Advanced JSON tab The fifth and last legacy page comes online. Tabs are scaffolded with a-empty placeholders for the structured editors (Basics / Routing / Outbounds / Balancers / DNS) so navigation is stable; the Advanced (JSON) tab is fully functional and lets power users edit the raw xraySetting tree exactly like the legacy CodeMirror pane. - xray.html + src/xray.js: fifth Vite multi-page entry, mounted as XrayPage; vite.config.js routes /panel/xray and /panel/xray/ to it through the dev proxy bypass alongside the other pages. - XrayPage.vue: page chrome with the Save / Restart-xray bar, restart- output popover (surfaces /panel/xray/getXrayResult content when startup fails), 6 a-tabs, and a textarea-backed Advanced JSON editor. CodeMirror is intentionally not pulled in — the textarea works for every modern browser and keeps the bundle slim while structured editors land in 6-ii through 6-v. - useXraySetting.js composable: POST /panel/xray/ on mount, mirrors the settings-page 1s busy-loop dirty check for both xraySetting and outboundTestUrl, and exposes saveAll + restartXray. The dirty flag relies on string equality of the pretty-printed JSON, so reformat-only edits don't enable Save. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 6-ii — xray Basics tab structured editor Replaces the placeholder on the Basics tab with a structured form for the most-touched fields of the xray template — outbound + routing strategy, log levels, traffic stat counters, and the "basic routing" shortcuts (block torrent / IPs / domains, direct IPs / domains, IPv4 forced, WARP / NordVPN routing). - useXraySetting.js: hoists a parsed `templateSettings` reactive alongside the JSON string, with two cooperating watches that keep them in sync. Editing structured fields stringifies into xraySetting for the dirty-poll + Advanced JSON tab; editing the JSON re-parses into templateSettings only when valid, so structured tabs stay readable mid-edit. - BasicsTab.vue: collapse panels mirror the legacy partial — General, Statistics, Logs, Basic routing. Every input is a computed v-model reading/writing into templateSettings; the routing-rule shortcuts funnel through ruleGetter/ruleSetter which match the legacy templateRuleGetter/templateRuleSetter behavior (replace-first, drop-duplicates, pop-the-rule-when-empty). Direct/IPv4 setters also call syncOutbound() to provision/prune the matching outbound. - XrayPage.vue: imports BasicsTab + derives `warpExist`/`nordExist` from the parsed templateSettings. WARP/NordVPN provisioning modals are still placeholders that toast — those land in 6-v with the routing/outbound editors. Default tab flips back to Basics so users land on the structured editor. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 6-iii — xray Routing tab + rule modal Replaces the Routing tab placeholder with a full editor for templateSettings.routing.rules: - RoutingTab.vue: a-table over the parsed rules with the legacy six- column layout (action / source / network / destination / inbound / outbound) and the same "lead value + N more" pill renderer for multi-value criteria. Mobile drops source/network/destination for readability. Per-row dropdown handles edit / move-up / move-down / delete; the array-mutation reordering replaces the legacy jQuery Sortable drag handle without pulling in a sortable lib. - RuleFormModal.vue: full form mirroring xray_rule_modal.html — CSV inputs for sourceIP/sourcePort/vlessRoute/ip/domain/user/port, Network select, Protocol multi-select, Attrs key/value pairs, inbound-tag multi-select sourced from templateSettings.inbounds + parent inboundTags + dnsTag, outbound-tag single-select sourced from templateSettings.outbounds + clientReverseTags, and balancerTag from templateSettings.routing.balancers. Submit serializes via the same shape the legacy `getResult` produces (CSV → array, drop empty fields). - XrayPage.vue: imports RoutingTab and exposes inboundTags + clientReverseTags from useXraySetting so the modal can populate its tag pools. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 6-iv — xray Outbounds tab + outbound modal Replaces the Outbounds tab placeholder with a full table + add/edit flow. The 1.3k-line legacy outbound modal is condensed to a tabbed modal with structured Basics fields (tag/protocol/sendThrough/domain strategy) and JSON tabs for the protocol-specific settings + stream trees — same approach the Inbound modal uses, and a power user can still edit the same trees via the page-level Advanced (JSON) tab. - useXraySetting.js: adds fetchOutboundsTraffic + resetOutboundsTraffic + testOutbound. Test states are tracked per outbound index so the row's Test button can show loading + the Test-result column can render the response delay / status / error. - OutboundsTab.vue: full table (action / identity / address / traffic / test result / test) plus a card-list mobile variant with the same row dropdown (set-first / edit / move up/down / reset traffic / delete). outboundAddresses() reproduces the legacy findOutboundAddress logic so each protocol's host:port list is rendered consistently. Add/edit go through OutboundFormModal, delete goes through Modal.confirm, reset traffic posts to /panel/xray/resetOutboundsTraffic with the row's tag (or "-alltags-" from the toolbar). - OutboundFormModal.vue: tag/protocol/sendThrough/domainStrategy on the Basics tab; settings + streamSettings as raw JSON on their respective tabs. Tag-collision check happens client-side before emitting; malformed JSON aborts the save with a message.error. - XrayPage.vue: imports OutboundsTab and wires the test action to the composable's testOutbound helper. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 6-v — xray Balancers tab + DNS placeholder Brings Balancers to full parity with the legacy panel and adds a DNS tab placeholder that exposes the full dns/fakedns trees as JSON so users can edit them without falling through to Advanced. - BalancerFormModal.vue: tag (with duplicate-tag warning across other balancers), strategy (random/roundRobin/leastLoad/leastPing), selector tag-mode multi-select sourced from existing outbound tags + free-form additions, fallback. Disable-on-invalid is driven by the duplicateTag + emptySelector computed flags. - BalancersTab.vue: empty state with a single "Add balancer" CTA; populated state shows the legacy 4-column table (action / tag / strategy / selector / fallback) with per-row edit + delete in a dropdown. On submit the wire shape preserves the `strategy: { type }` nesting only when the strategy is non-default, matching the legacy emit. Tag renames also chase across routing.rules.balancerTag references so existing rules don't dangle. - DnsTab.vue: master enable switch + raw JSON for `dns` and `fakedns`. Legacy had a dedicated server-by-server editor + a fakedns row editor; both are big enough to deserve their own commits, and the JSON path supports every field today. WARP / NordVPN provisioning modals still toast as "coming soon" — those are third-party API integrations worth their own commits. The xray page now has structured editors for Basics / Routing / Outbounds / Balancers and JSON editors for DNS / Advanced — every xray tab the legacy panel offered is functional. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(server): Phase 8 — cut HTML routes over to web/dist/ Production cutover. Every user-facing HTML route now serves the Vue-3-built bundle from web/dist/ instead of rendering the legacy Go template; the long-hashed Vite assets are served at /assets/ from the same embedded filesystem. The legacy templates in web/html/ and the legacy static tree in web/assets/ are kept on disk for now in case a quick revert is needed, but nothing the binary serves references them. What changed: - web.go: a new //go:embed dist/* feeds the controller package via a SetDistFS hand-off before controller construction. The static /assets/ route is rebound: in dev to web/dist/assets/ on disk so Vite's incremental rebuilds show up live; in prod to the embedded dist via wrapDistFS (rooted one level deeper than wrapAssetsFS). - controller/dist.go: serveDistPage helper used by every HTML handler. Reads dist/<name> from the embedded FS and applies two transforms before sending: 1. injects <script>window.__X_UI_BASE_PATH__="..."</script> just before </head> so AppSidebar links resolve under the panel's basePath. 2. when basePath != "/", rewrites Vite's absolute /assets/ URLs to <basePath>assets/ so installs running under a custom URL prefix load the bundle where the static handler lives. HTML responses go out with no-cache so panel upgrades reach users on the next refresh; hashed JS/CSS stays cacheable. - controller/index.go: IndexController.index now serves dist/login.html for logged-out callers (the redirect for logged-in users is unchanged). - controller/xui.go: XUIController.{index,inbounds,settings,xraySettings} each become a one-line wrapper around serveDistPage. Smoke checklist for the maintainer: - run `cd frontend && npm run build` to refresh web/dist/ before building the Go binary (the embed snapshot is taken at compile time); - visit /panel/, /panel/inbounds, /panel/settings, /panel/xray and confirm each loads its Vue page; - log out and log back in to verify the login flow; - confirm the sidebar links navigate correctly under your install's basePath; - POST flows (e.g. saving settings) still need the CSRF token — that endpoint (/panel/csrf-token, added earlier) is unchanged. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 6-vi — WARP + NordVPN provisioning modals Replaces the toast stubs on the Basics tab and Outbounds toolbar with the legacy WARP + NordVPN provisioning flows. Both modals now stage their wireguard outbounds back into templateSettings.outbounds through the same event channels OutboundsTab uses, so the existing add / reset / delete / refresh-traffic surface keeps working. - WarpModal.vue: empty state shows a single Create button that generates a wireguard keypair locally (Wireguard.generateKeypair) and posts it to /panel/xray/warp/reg; populated state surfaces the access_token / device_id / license_key / private_key, lets the user upgrade to WARP+ via /panel/xray/warp/license, refreshes the account info from /panel/xray/warp/config (plan / quota / usage in human-readable bytes), and stages a wireguard outbound with the WARP-specific reserved-byte encoding pulled from client_id. Add / Reset / Delete go through events the parent routes back to templateSettings.outbounds. - NordModal.vue: dual-tab login (NordVPN access token → /panel/xray/nord/reg, or paste a NordLynx private key → /panel/xray/nord/setKey). Once authenticated, country / city / server selectors fetch from /panel/xray/nord/{countries,servers}, servers sort by load ascending, the lowest-load server in the current city auto-selects. Reset emits oldTag/newTag so the parent renames matching routing rules in place; logout emits a remove-routing-rules event with prefix `nord-` to purge any dangling references. - XrayPage.vue: holds warpOpen / nordOpen flags, ensures the outbounds array exists before mutating it, and wires the modal events (add-outbound / reset-outbound / remove-outbound / remove-routing-rules) to in-place edits of templateSettings. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): Phase 7 — vue-i18n wired up + login page translated Sets up vue-i18n on top of the panel's existing TOML translation files. The Go side stays the source of truth — translators continue to edit web/translation/.toml; a sync script snapshots those files into per-locale JSON the Vue bundle imports. The login page is translated end-to-end as a worked example; remaining pages can be converted incrementally without infrastructure churn. What's in the box: - scripts/sync-locales.mjs: small TOML→JSON converter that walks web/translation/.toml and writes frontend/src/locales/<code>.json. Handles the narrow subset of TOML the panel uses (flat key/value pairs + dotted [section.subsection] heads). Wired as a `prebuild` + `predev` script so production builds always include the latest strings without a manual step. - src/i18n/index.js: createI18n() in composition mode with all 13 locales emitted as their own Vite chunks. The active locale (read from the same `lang` cookie LanguageManager has always managed) plus the en-US fallback are eagerly loaded; the rest are dynamically importable via a loadLocale(code) helper. This keeps the per-page bundle the user actually downloads small — only ~30 KB of strings end up in the initial payload, vs ~220 KB if all 13 were eager. - All five page entries (index/login/settings/inbounds/xray) wire the i18n plugin into createApp via .use(i18n). - LoginPage.vue: t(...) replaces hardcoded English on the username / password / 2FA placeholders, the submit button label, and the Settings popover title. The Hello/Welcome headline cycle stays hardcoded — those are stylistic, not labels. The 'Hello'/'Welcome' cycle stays in English deliberately; the rest of the migration's components still ship hardcoded English and will be converted page by page in follow-up commits. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * i18n(frontend): translate page chrome — sidebar, save bars, tabs, summary cards Replaces hardcoded English with t() calls in the components every user sees on every page load. The translations themselves come from the existing TOML files via the sync script — no new strings, no new locale keys. Per component: - AppSidebar.vue: 5 menu titles (dashboard / inbounds / settings / xray / logout). Computed so the sidebar re-renders when the cookie-driven locale flips on reload. - IndexPage.vue: Quick actions card title + Logs / Backup / Up-to- date / Update buttons. - StatusCard.vue: CPU / Memory / Swap / Storage labels + logical-processors / frequency tooltips. - XrayStatusCard.vue: card title + error popover header + Stop / Restart / Switch xray action labels (kept the v-prefix version string as-is — it's content, not a label). - SettingsPage.vue: 5 tab titles + Save / Restart-panel buttons + unsaved-changes warning. - XrayPage.vue: 6 tab titles + Save / Restart-xray buttons + unsaved-changes warning. - InboundsPage.vue: 5 summary-stat card titles. - InboundList.vue: 10 column titles (computed for live locale), Add inbound / General actions buttons + every dropdown menu item, search placeholder, filter radio labels, popover titles (disabled / depleted / depleting / online), traffic + info popover row labels. Total: ~75 strings localised across 8 files. The remaining English labels live in the per-tab settings forms, the form modals (Inbound / Client / Outbound / Rule / Balancer / WARP / Nord), and the per-row table cell helpers — all incremental work that doesn't touch infrastructure. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * i18n(frontend): translate every remaining English string on the index page Closes the index page's i18n coverage. Combined with the page-chrome commit, every label users see on the dashboard is now sourced from the TOML translation files. Per file: - IndexPage.vue: loading-spinner tip (initial + dynamic). - BackupModal.vue: modal title, both list-item titles + descriptions ("Back up" / "Restore"), in-flight busy tips ("Importing database…" / "Restarting panel…"). - PanelUpdateModal.vue: modal title, update-available alert, current/latest version row labels, "Up to date" tag + label, primary action button. Modal.confirm now uses the translated panelUpdateDialog / panelUpdateDialogDesc with #version# substitution; success toast uses panelUpdateStartedPopover. - LogModal.vue: title slot ("Logs"). The Debug/Info/Notice/Warning/ Error log-level options stay literal — they're xray's wire values, not user-facing labels (matches the existing settings-page choice). - XrayLogModal.vue: title + Filter label. Direct/Blocked/Proxy stay literal for the same reason. - VersionModal.vue: modal title + xray-switch alert + per-file tooltip + "Update all" button + custom-geo collapse header. The Modal.confirm flows for switchXrayVersion + updateGeofile use translated dialog/desc with #version# / #filename# substitution. - CpuHistoryModal.vue: title slot. - CustomGeoSection.vue: routing-hint alert, Add / Update-all buttons, every column title (computed for live locale), copy/edit/download/ delete tooltips, copy toast, delete-confirm modal, empty-state text. - CustomGeoFormModal.vue: add/edit titles, OK/cancel labels, Type/ Alias/URL field labels, alias placeholder, all three validation toasts. Total: ~50 strings localised across 8 index-page files. The Hello / Welcome login headline cycle and a handful of literal xray wire values (Direct/Blocked/Proxy/log levels) are intentionally kept hardcoded. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * i18n(frontend): Phase 7-c — translate settings, inbounds modals, xray tabs Continues the page-by-page translation pass started in `cb37dd55` — runs every user-visible string on settings (General/Security/Telegram/Sub), inbounds (Client/QR/Info modals), and xray (Routing/Balancer/Rule/Warp/ Nord/Basics/Outbounds tabs) through useI18n. Updates the TOML→JSON sync script to escape `@` (vue-i18n parses it as a linked-format prefix) and refreshes all 13 locale files. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): Phase 9 — restore index dashboard, fix login/CSRF, port legacy styles - Index dashboard regains the 8 cards that were lost in the SPA port (3X-UI panel info, Operation Hours, System Load, Usage, Overall Speed, Total Data, IP Addresses, Connection Stats), plus a Config button that shows the live xray config.json. Version display falls back through panelUpdateInfo → window.__X_UI_CUR_VER__ → '?' so dev mode isn't blank. - Xray config no longer hangs on load: useXraySetting surfaces failures instead of leaving a perpetual spinner, and the Vite dev proxy stops hijacking POST requests to migrated routes (only GETs get bypassed). - Inbound page no longer throws __asyncLoader/emitsOptions errors — inbound.js was missing imports (NumberFormatter, SizeFormatter, Wireguard) and InboundList kept emitting after unmount. - Login round-trip works after logout: a public /csrf-token endpoint bootstraps the SPA before authentication, axios caches the token module-level, and the dev 401 handler navigates to /login.html instead of reloading the dashboard into a redirect loop. - legacy.css mirrors the legacy panel's surface/text variables so dark and ultra-dark themes match main; every SPA entry imports it. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): rebuild xray DNS section to match main branch DnsTab now exposes every field the legacy panel did — top-level toggles (tag, hosts, queryStrategy, disableCache/queryConcurrency, fallback strategy, client subnet), the servers table with per-row strategy and domain/expectIP/unexpectedIP overrides, and the Fake DNS pool. The new DnsServerModal covers the full add/edit flow and collapses to a bare string when the user only sets an address — matching the wire shape the legacy form emits for plain DNS entries like "8.8.8.8". Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): rebuild xray outbound modal with structured per-protocol forms Replaces the JSON textareas with the same shape the legacy panel uses: all 11 outbound protocols (vmess/vless/trojan/shadowsocks/socks/http/ mixed/wireguard/tun/dns/loopback/blackhole/freedom) get dedicated fields, every transport (TCP/KCP/WS/gRPC/HTTPUpgrade/XHTTP) gets its own panel, and TLS/Reality/sockopt/Mux are configured through the same controls as the inbound side. Brings the SPA outbound editor to parity with main so users no longer have to drop into raw JSON. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): bring inbound modal to full parity with main branch Switches the default protocol on add to VLESS, fixes a crash when adding a Mixed account (the constructor is SocksAccount, not MixedAccount), and fills in the fields the SPA was previously delegating to the Advanced JSON tab: - TLS: cipher suites, min/max version, reject SNI / disable system root / session resumption switches, the certificate array with per-row Path-or-Content toggle (Set Default pulls from /panel/setting/ defaultSettings), One Time Loading, Usage / Build Chain, plus ECH key/config with a Get New ECH Cert button. - Reality: xver, target/SNI sync icons (uses getRandomRealityTarget), max time diff, min/max client version, short IDs randomizer, SpiderX, mldsa65 seed/verify with Get New Seed. - Stream: full structured forms for every transport — TCP HTTP camouflage gets its request/response editor, mKCP gets MTU/TTI/uplink/ downlink/CWND/maxSendingWindow, WebSocket / gRPC (now with Authority) / HTTPUpgrade get headers + proxy-protocol toggles, XHTTP gets the full SplitHTTPConfig surface (mode-aware fields, padding obfs, session/sequence placement, uplink data, no-SSE). - New External Proxy section and a structured Sockopt block (mark, TCP keepalive/timeout/clamp, fast open, MPTCP, penetrate, V6Only, domain strategy, congestion, TProxy, dialer/interface, trusted XFF). - VLESS gets the legacy X25519 / ML-KEM-768 buttons that fetch fresh decryption/encryption blocks via /panel/api/server/getNewVlessEnc. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): add FinalMask UI (TCP/UDP masks + QUIC params) to inbound and outbound Mirrors web/html/form/stream/stream_finalmask.html as a shared FinalMaskForm component used by both modals — they share the same StreamSettings shape (addTcpMask/addUdpMask/finalmask/enableQuicParams) so a single template handles both. Surfaces: - TCP masks for raw/tcp/httpupgrade/ws/grpc/xhttp networks: fragment, sudoku, and header-custom (with the 2D clients/servers groups, each row supporting array/str/hex/base64 packets and a randomize button for base64). - UDP masks for hysteria protocol or kcp network: hysteria gets just salamander; kcp gets the full type list (mkcp variants, header-, xdns/xicmp, header-custom with flat client/server lists, and noise). Switching to xdns shrinks the kcp MTU to 900 to match the legacy panel's behavior. - QUIC Params for hysteria or xhttp: congestion (incl. brutal up/down fields), debug, UDP hop ports/interval, idle/keepalive timeouts, path-MTU discovery toggle, and the four receive-window tunables. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> fix(frontend): remove duplicate Outbound test URL from xray Advanced tab The Basics tab already exposes this field through BasicsTab — duplicating it on the Advanced tab let two inputs race the same ref and only added clutter. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): unify theming on vanilla AD-Vue light/dark/ultra-dark The legacy panel CSS (custom.min.css ported as legacy.css) tinted every non-primary button teal-green via .dark .ant-btn:not(.ant-btn-primary) overrides while AD-Vue 4's darkAlgorithm kept primary buttons blue — producing the mixed blue/green button look on dark mode. Drop legacy.css entirely and let AD-Vue 4's algorithms own the palette. Centralize antdThemeConfig in useTheme.js so every page resolves to the same source of truth (light = defaultAlgorithm, dark = darkAlgorithm, ultra-dark = darkAlgorithm + deeper colorBgBase/Layout/Container/ Elevated tokens). Each page's <a-config-provider> now imports the shared computed instead of defining its own copy. Drops the 67 KB legacy CSS chunk; per-page CSS bundles fall to ≤5.9 KB. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): restore computed import in Settings + Xray pages When `5f1aba28` dropped the local antdThemeConfig computed (now shared from useTheme), it also stripped `computed` from the import list — but both pages still call computed() elsewhere (confAlerts, advanced-tab helpers). Re-adds it. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): retheme dashboard gauges to AD-Vue blue and shrink them - StatusCard's CPU/RAM/Swap/Storage dashboards rendered at AD-Vue's default 120px width which made the percent text balloon to ~36px. Drop to 90px (70px on mobile) so the gauge fits the rest of the card. - The CurTotal.color thresholds still hardcoded the legacy teal/orange palette (#008771 / #f37b24 / #cf3c3c). Switch to AD-Vue's primary / warning / danger tokens (#1677ff / #faad14 / #ff4d4f) so the gauges match the rest of the panel under both light and dark themes. - XrayStatusCard's running-animation badge ring also still pointed at the deleted --color-primary-100 var; hardcode the new primary blue. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * i18n: shorten backupTitle to "Backup & Restore" across all 13 locales The backup modal header was the second-longest title in the dashboard on every locale ("Database Backup & Restore" / "Резервне копіювання та відновлення бази даних" / etc). Drop the "Database / Veritabanı / 数据库" qualifier — the modal already lives under the "Database" column, so the shorter form reads cleaner on narrow viewports. Updated both the .toml source-of-truth files and the synced .json locales (re-running scripts/sync-locales.mjs). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * i18n: collapse two translation databases into a single web/translation/<lang>.json set The Vue SPA had been reading from frontend/src/locales/.json while the Go binary still loaded web/translation/translate..toml — and a sync-locales.mjs pre-build step kept the two in lockstep, with TOML as the source of truth. Now that go-i18n v2.6.1 already flattens nested JSON via recGetMessages/addChildMessages, both runtimes can share one file per locale. - Move the 13 nested-JSON locale files to web/translation/<lang>.json so they live alongside the Go //go:embed translation/* directive. - Switch web/locale/locale.go from toml.Unmarshal to json.Unmarshal (and drop the pelletier/go-toml import — it's now indirect-only). Confirmed via a smoke test that pages.index.cpu, subscription.title, tgbot.commands.help, and menu.settings all resolve in en-US, fa-IR, ru-RU, and zh-CN. - Repoint Vue's i18n loader at the new path (../../../web/translation/ .json glob) and drop the moved-here pathDelimiter comment that no longer applies. - Delete the 13 legacy translate..toml files and the sync-locales.mjs script + its npm pre-script hooks (predev/prebuild/i18n:sync). The Telegram bot and subscription page still get their messages because they were reading the same MessageIDs the JSON files now produce. - Update copilot-instructions.md so the next contributor knows where the canonical translation files live. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): redesign expand-row + retheme client visuals When you expanded an inbound row, the nested <a-table> inside ClientRowTable burst out of the parent's scroll-x box — its .ant-spin-container ended up wider than the parent's narrow .ant-table-cell, so the child looked oversized while the parent looked squeezed. Replace the nested table with a CSS-grid layout that owns its sizing, sits flush inside the expanded cell, and collapses to a 3-column layout on mobile (action menu, client identity, info popover). While in there, fix three other client-row visuals: - The Unicode infinity glyph (U+221E) renders as an "m"-shaped character in some system fonts (Windows Segoe UI in particular). Add a shared <InfinityIcon /> SVG component (legacy panel's path) and use it in ClientRowTable, InboundList, and InboundInfoModal — desktop and mobile cells. - The "unlimited quota" traffic bar passed :percent="100" with no stroke-color, so AD-Vue auto-coloured it success-green. Pin it to the AD-Vue purple token (#722ed1) so it reads as the no-limit sentinel rather than another usage state. - ColorUtils + the in-row statsExpColor still hardcoded the legacy teal/orange/red/purple palette (#008771 / #f37b24 / #cf3c3c / #7a316f). Map them onto AD-Vue 4's success/warning/danger/purple tokens (#52c41a / #faad14 / #ff4d4f / #722ed1) so badges, tags, and progress bars all match the rest of the panel. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): darken light-theme page bg so cards stand out The light-theme --bg-page was #f0f2f5 — close enough to AD-Vue's #fff card background that the cards faded into the page. Bump it to #e6e8ec (a more visibly distinct gray) so cards lift cleanly off the surface. Dark and ultra-dark stay where they were. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): shrink dashboard percent text and surface the unfinished arc Two follow-up tweaks to the dashboard gauges: - AD-Vue scales the percent text from the SVG, not from :width, so the 90px gauges still rendered the number at ~27px. Pin .ant-progress-text to 14px via :deep() and trim the gauge to 70px (60px on mobile) so the whole card stays compact. - The default trail (rgba(0,0,0,0.06) / rgba(255,255,255,0.08)) was invisible on the light-theme card. Pass an explicit rgba(128,128,128,0.25) trail-color so the unfinished portion is visible under both light and dark themes. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): migrate subpage.html to Vue 3 SPA The subscription info page was the last page still rendered by Go templates. Move it to the Vite multi-page setup so the whole panel loads through one toolchain. Frontend: SubPage.vue mounts at /sub/<id>?html=1 and reads window.__SUB_PAGE_DATA__ for the parsed view-model (traffic / quota / expiry + rendered share links). Fix descriptions borders against the light-theme card by painting the row divider on each cell's bottom edge — AD-Vue's <tr> border doesn't render reliably under border-collapse:collapse. Backend: serveSubPage reads dist/subpage.html, injects window.__X_UI_BASE_PATH__ + window.__SUB_PAGE_DATA__ before </head>, and rewrites Vite's absolute /assets/ URLs when the panel runs under a URL prefix. Drop the legacy template-FuncMap wiring and switch the sub server's static mount from web/assets to web/dist/assets. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): inbound modal QR + tabs + restored TLS fallbacks Per-client QR action: the qr icon on the expand-row table opened the big info modal instead of the QR modal. Route it to QrCodeModal and extend that modal with a `client` prop so genAllLinks() produces the per-client share URLs (and per-peer remarks for WireGuard). Inbound's Data redesign: split the dense single-page view into three tabs — Inbound, Client, Subscription. Drop every QR rendering from this modal (QrCodeModal is the QR home now). Each row in the Inbound tab is one label/value pair instead of the legacy 2-column grid, and long values like the VLESS encryption blob render as a wrapping code block with a copy button so they can't blow out the dialog. The Subscription tab renders sub URL + JSON URL as clickable anchors that open in a new tab. Restored TLS fallbacks UI: the model already exposed VLESSSettings.Fallback / TrojanSettings.Fallback with addFallback / delFallback / fallbackToJson, but the form modal never surfaced them during the Vue 3 migration. Re-add the legacy form (SNI, ALPN, Path, Destination, PROXY) on the protocol tab, gated on TCP transport plus (for VLESS) encryption=none — same conditions as main. Column widths: Protocol 70→130 and All-time Traffic 60→95 in the inbound list; All-time Traffic 90→130 in the client expand-row, so the header text fits and tags don't get squeezed. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): navy dark theme + rounded inbound/client corners Dark theme picks up a refined navy palette (page #0a1426, cards #142340, sider #0d1d33) so the sidebar blends with the rest of the surface; ultra-dark stays neutral black. Resolves the previous mismatch where AD-Vue 4 hardcoded #001529 / #002140 for the sider, trigger and dark Menu items via Layout.colorBgHeader / colorBgTrigger and Menu's colorItemBg — overrides go through the component-token map now. Round the inbound table's outer corners (header start/end + last row end) and wrap the client expand-row grid in a 1px / 8px-radius border so the list reads as a contained block instead of a flush rectangle. Linter-driven whitespace cleanup across inbounds/.vue rolled into the same commit since it can't be split out cleanly. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> feat(frontend): xray tab fixes — modal close, tag validation, full XHTTP, reset to default Modal close: BalancersTab / OutboundsTab / RoutingTab confirmDelete used arrow expressions that returned splice's removed-items array. AD-Vue 4 treats truthy non-thenables from onOk as "still pending" and never closes the dialog (see ActionButton.js:103-106), so the confirm modal stayed open. Wrap the body so onOk returns undefined and AD-Vue auto-closes. Tag validation: outbound + balancer modals only flipped between warning/success on duplicate, leaving the empty case as a green ✓. Split into a 3-state computed — error (empty) / warning (duplicate) / success — and wire a help message so the input clearly explains why the OK button is disabled. Reset to default: re-add the legacy "Reset to Default" panel at the bottom of BasicsTab. Calls /panel/setting/getDefaultJsonConfig and overwrites templateSettings; the existing watch re-stringifies so the JSON tab + dirty-poll see the new state. Restored Basics option lists from main: IPs (4→10, +Vietnam/Spain/ Indonesia/Ukraine/Türkiye/Brazil), DomainsOptions (4→10, +regex entries), BlockDomainsOptions (5→17, +Malware/Phishing/Adult/regex), ServicesOptions (Reddit/Speedtest in, off-template Microsoft out). Outbound form parity with main: • Reverse Sniffing UI for VLESS — toggle + destOverride checkboxes (HTTP/TLS/QUIC/FAKEDNS) + Metadata/Route Only + IPs/Domains excluded multi-selects, gated on reverseTag being set. • Full XHTTP transport — request headers list, Max Upload Size / Min Upload Interval (packet-up), Padding Obfs Mode + sub-fields, Uplink HTTP Method, Session/Sequence/UplinkData placement + keys, No gRPC Header (stream-up/stream-one), expanded XMUX with Max Concurrency/Connections/Reuse/Request/Reusable/Keep-alive. Strip a-divider from the outbound form per request — replaced with plain section/item heading divs so the labels and per-row delete icons stay but the horizontal rule is gone. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): xray Advanced tab parity + finalmask gating Advanced tab was a single textarea bound to the full xraySetting blob. Restore the legacy 4-way view: a radio group toggles between All / Inbounds / Outbounds / Routing Rules, and the textarea reads/writes the matching slice through templateSettings. Added the legacy header ("Advanced Xray Configuration Template" + description) so the page introduces itself like main. Outbound finalmask leaked into protocols that don't have a stream (Freedom / Blackhole / DNS / Socks / HTTP / Wireguard) because the v-if only checked outbound.stream. Gate the whole FinalMaskForm on outbound.canEnableStream() to match main. Drop the leading divider inside FinalMaskForm — its parent already provides separation, so the rule above "TCP Masks" was redundant. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): inbound Advanced tab live mirror + QR exact-fit sizing Advanced tab in the inbound modal showed stale state. The watch only refreshed advancedJson.stream, so toggling the Sniffing switch in the Sniffing tab left the Advanced JSON showing the prior value. And encryption — stored on inbound.settings.encryption, not on stream — never appeared at all because Advanced only exposed stream + sniffing. Split the watch into three (stream / sniffing / settings) and add a settings textarea so encryption / clients / fallbacks live alongside the existing two views. The submit() path now reads settings from the JSON tab too (falling back to inbound.settings.toString()) so power-user edits in Advanced override the structured form on save. QR canvas: when a longer share-URL bumps the QR matrix size, QRious falls back to floor(canvasSize / matrixWidth) and centers the pattern, leaving a white margin (e.g. matrix=41, size=180 → 8px gap). Pre-pick the QR version from the URL byte length and set canvas size to a multiple of matrixWidth × pixelSize so the pattern always fills it edge-to-edge — no white margin even after toggling encryption on. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): inbound stream tidy-up + QR sizing + dev proxy Stream tab clean-up: drop the seven a-divider rules in the inbound form's Stream tab — replace the labelled ones (Request / Response / Security) with a section-heading div that matches the outbound modal, delete the empty rules above TLS sub-blocks / External Proxy / Sockopt. Empty header-list form-items also leaked margin space below each "Add header" button across TCP / WS / HTTPUpgrade / XHTTP — gate each on headers.length > 0 so they vanish until the user adds one. QR panel: drop the link text under the canvas (the user already has a copy button on the header). Pin the canvas display size to a fixed 240px square via :style + image-rendering: pixelated/crisp-edges so a dense WireGuard config QR and its sparser link share the same on-screen footprint without blurring. Dev proxy: Node's AggregateError wraps connection failures whenever DNS returns more than one address (::1 + 127.0.0.1) and the code lands on the inner errors, not the outer. The existing handler only checked err.code so the ECONNREFUSED stack still spammed the log when the Go backend was down. Walk err.errors too, print one friendly line ("backend not reachable — start the Go server"), then stay quiet for the rest of the session. Vendor splitting + chunk-size warning: split node_modules into stable vendor-* chunks so each page only ships the deps it uses and the browser caches them across versions. ant-design-vue stays as a single chunk because its components share internals; raise the chunk-size warning to 1500kB so the build stays quiet (its 1.4MB minified gzips to ~410kB on the wire). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): info-modal cleanup + 2FA QR + outbound link import - 2FA QR: matrix-snap canvas + opaque background to drop white margin - Inbound info modal: stack Mixed/HTTP/Tunnel as info-rows, hide tab strip when only the Inbound tab applies - Add inline VLESS Reverse tag input on first-client form - Hide Protocol tab for TUN (no form yet) - Outbound link converter: route through Outbound.fromLink so vless/trojan/ss/hysteria(2) imports work alongside vmess; fix stray implicit global in fromLink Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): jalali calendar + drop legacy moment-jalali - Wire Calendar Type setting to a real Jalali datepicker via vue3-persian-datetime-picker, gated by useDatepicker composable - DateTimePicker wrapper swaps between AD-Vue and Persian picker; keeps dayjs v-model contract so existing forms/setters work unchanged - Theme picker popup explicitly per body.dark / data-theme=ultra-dark (AD-Vue 4 doesn't expose CSS vars, so var() fallbacks defaulted to white); fix invisible disabled days, SVG arrow fills, popup clipping via append-to="body" - Replace stray moment() calls in dbinbound/inbound models with dayjs; the legacy global was undefined under ESM and broke the inbounds list whenever any inbound had expiryTime > 0 - Remove legacy moment-jalali / persian-datepicker / aPersianDatepicker assets — replaced by the Vue 3 picker Note: dark/ultra background of the date popup still renders white in some cases — pending follow-up. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(frontend): jalali popup theming + full-month layout - Re-prefix popup selectors with .vpd-wrapper (popup root that travels with appendTo='body'), not .vpd-main (which stays at the input); paints the popup's dark/ultra background again - Drop the 1px border on .vpd-content — with box-sizing: border-box it ate 2px from the day-row width, wrapping the 7th cell of every row and hiding days 18-31 of months that needed a 5th week Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat: render dates in Jalali when Calendar Type is jalalian - IntlUtil.formatDate accepts an optional calendar arg; appends the BCP-47 -u-ca-persian extension so Intl renders Jalali across all UI languages, not just fa-IR - Plumb the panel's datepicker setting into the SubPage via the Go injection (window.__SUB_PAGE_DATA__.datepicker) - Panel pages (inbound list/info, client row, xray log) read the same setting through the useDatepicker composable so the whole panel stays consistent Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(frontend): ultra-dark page tint + mobile-friendly inbound view - Drop --bg-page from #21242a (lighter than the cards) to #050505 in ultra-dark across index/sub/settings/inbounds/xray, so cards consistently elevate over the page - Hide the inline sider's children + collapse-trigger and zero its width below 768px; the floating drawer-handle remains the menu trigger - Inbounds page mobile pass: tighten content-area + card padding; flex-wrap the filter bar instead of stacking; shrink table cell padding so all 4 mobile columns fit; bump expand / action / info icon hit targets - Per-client expand row on mobile: soft-tinted rounded cards instead of hairline borders, larger action / info touch targets, more legible email typography, bigger status badge dot Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * chore: remove legacy template + asset trees and dead Go template engine - Delete web/html/ entirely (page templates, form/, modals/, component/, common/, settings/) — every route is served from web/dist/ now via serveDistPage; nothing in the binary referenced these - Delete web/assets/ entirely (jQuery-era ant-design-vue, axios, moment, codemirror, qrcode/qs/uri/vue/otpauth, custom CSS, Vazirmatn font); Vite bundles all of this into web/dist/assets - Drop the Gin HTML template wiring: remove //go:embed assets + //go:embed html/, the assetsFS/htmlFS vars, the wrapAssetsFS adapter, EmbeddedHTML / EmbeddedAssets exports, getHtmlFiles / getHtmlTemplate, the i18nWebFunc/funcMap and SetFuncMap call, and the dev/prod template-engine branch — only StaticFS for /assets/ is needed now - Remove dead html()/getContext() helpers and unused imports from web/controller/util.go (no c.HTML(...) callers remain) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> fix(frontend): inbound expand chevron position + cpu history layout - Push the inbound table's expand chevron away from the left edge with margin-inline + cell padding so it isn't flush against the corner - Move "Timeframe: …" caption above the chart (was below); restore the line that the previous edit removed - Fix x-axis time labels being clipped at the bottom of the cpu chart — the offset (paddingTop+drawHeight+22 = 222) exceeded the SVG viewBox height (220); dropped to +14 so labels sit at y=214 with room for descenders - Move the SVG axis text colors out of <style scoped> into a global block — Vue's scoped CSS doesn't always hash-attribute SVG <text> descendants, so the dark-mode overrides via :global() weren't matching; bumped opacity 0.55 → 0.85 for legibility on navy/black Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(login): language picker in settings popover + fluid card sizing - Add language select alongside the theme switch (mirrors SubPage) - Bind headline to pages.login.hello / pages.login.title so the "Hello / Welcome" cycle re-translates with the active locale - Replace AD-Vue 5-breakpoint grid with clamp() sizing so the card scales smoothly instead of jumping ~33% at each breakpoint - Pin horizontal padding so input width stays stable on large viewports Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(frontend): organize entry HTML + bootstrap JS into folders - Move entry HTML files: frontend/.html -> frontend/html/.html - Move per-page bootstrap modules: src/{index,login,settings,inbounds,xray,subpage}.js -> src/entries/ - Update vite.config rollup inputs and dev-mode MIGRATED_ROUTES to /html/<page>.html - Build output now lands at web/dist/html/<page>.html - serveDistPage and subController updated to read from dist/html/ Cleans up the flat frontend/ root which previously interleaved 6 HTML files with package.json, README, src/, etc. The src/ root similarly gets rid of 6 entry .js files mixed in alongside api/, components/, models/, etc. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * chore: remove obsolete vue3 phase1 inventory doc The migration is well past phase 1 — the inventory doc has rotted and the live state lives in the codebase plus the plan files. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * refactor(frontend): merge utils/legacy.js into utils/index.js The barrel was a placeholder for an eventual split that hasn't happened. Collapsing the two files removes one layer of indirection and the misleading "legacy" name (the contents are still actively used by the migrated SPA). - Move all 930 lines from utils/legacy.js into utils/index.js - Delete utils/legacy.js - Update direct import in models/outbound.js to '@/utils' - Drop a stale legacy.js reference in InboundFormModal comment Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * revert(frontend): keep entry HTML files at frontend/ root The earlier move to frontend/html/ made dev-mode URLs ugly (http://localhost:5173/html/index.html instead of plain /). The folder didn't add real value — it just hid 6 files behind a non-conventional layout. Reverting that piece while keeping src/entries/ (which is a genuine separation between page bootstrap and the rest of src/). - HTML files back at frontend/<page>.html - Vite rollupOptions.input + MIGRATED_ROUTES restored to flat paths - Build output is web/dist/<page>.html again - web/controller/dist.go and sub/subController.go read from dist/<name> Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * build(frontend): bump eslint to 10 + add flat config + clean lint warnings - Upgrade eslint 9.39 -> 10.3 and eslint-plugin-vue 9.33 -> 10.9 - Add eslint.config.js (flat config required by ESLint 10) with vue3-recommended rules, sensible defaults, and exemptions for the project's existing formatting style - Drop --ext from the lint script (removed in ESLint 10) - vue/no-mutating-props is left off because the form-modal pattern ports straight from Vue 2 (parent passes a reactive object, child mutates it); a real fix is an architectural rewire, separate task Lint warning cleanup: - utils/index.js: var -> let/const in the X25519 routines, replace obj.hasOwnProperty(...) with Object.prototype.hasOwnProperty.call(...) - Remove unused imports (reactive, ref, Inbound) in ClientFormModal, InboundInfoModal, QrCodeModal, DnsServerModal, OutboundFormModal, SubPage; remove unused locals (isClientOnline, ONLINE_GRACE_MS, fetchAll, isSocks, isHTTP, _antdAlgorithm) - XrayStatusCard: declare 'open-logs' on defineEmits (was emitted but not declared) - RuleFormModal: rename v-for var t -> tag (shadowed useI18n's t) - Drop stale eslint-disable directives (no-new, no-unused-vars) - OutboundsTab/InboundList: drop redundant initial null assigns - InboundInfoModal/OutboundFormModal: explicit eslint-disable for the intentional local-ref-shadows-prop pattern in modal drafts `npm run lint` now passes with 0 errors and 0 warnings. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(inbounds): one client identity across multiple inbounds via subId Lets the operator add the same email under the same subId to several inbounds. Xray reports traffic per email, so a single client_traffics row acts as the shared accumulator — no aggregation overhead, quota and expiry stay consistent. - Email validation allows duplicates only when subId matches - AddClientStat upserts via OnConflict DoNothing (idempotent on rerun) - Stat/IP rows survive client deletion when a sibling inbound still references the email - enrichClientStats tops up GORM-preloaded stats with rows whose inbound_id points at a sibling, so every panel view sees usage - disableInvalidClients cascades enable=false and syncs the row's total/expiry into every sibling JSON when the shared identity expires - DelDepletedClients removes the depleted client from all referencing inbounds, batched - Subscription services dedupe traffic by email so shared quota is counted once Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * docs(frontend): rewrite README for multi-page Vue 3 layout Reflects the current state — embedded build, per-route HTML entries, ESLint 10 flat config, src/ layout, and the steps to add a new page. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * build(frontend): drop deprecated rimraf/glob/inflight transitive deps vue3-persian-datetime-picker pinned moment-jalaali to ^0.9.4, which pulled rimraf@3 → glob@7 → inflight@1. inflight in particular leaks memory and is unmaintained. Override moment-jalaali to ^0.10.4 (same runtime API, dropped the legacy build deps) so npm install no longer warns and the dep tree is 12 packages lighter. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(nodes): multi-node panel orchestration (CRUD, deployment, traffic sync, sub per-node) - Node model + service + controller (/panel/api/nodes/) with bearer-token apiToken auth - Heartbeat job @every 10s; status/latency/xrayVersion surfaced in Nodes UI - Runtime abstraction (Local + Remote) so inbound/client mutations target the inbound's owning node instead of always hitting the local xray - Inbounds gain optional NodeID; tag-based correlation with remote panel (no RemoteInboundID column needed) - NodeTrafficSyncJob @every 10s pulls absolute counters + online/lastOnline from each enabled+online node and writes them into central DB; 30s reset grace window prevents post-reset overwrite - Reset propagation to nodes (best-effort) on client/inbound/all reset paths - Subscription server uses node.Address for inbounds with NodeID, falling back to existing host resolution for local inbounds - Frontend: Nodes page, "Deploy to" select in inbound form, Node column on inbound list, hostOverride threaded through genAllLinks/QR/Info modals Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> feat(stats): system history modal + per-node CPU/Mem trends across all locales Backend - web/service/metric_history.go: generic in-memory ring buffer with two singletons — system-wide (cpu/mem/netUp/netDown/online/load1/5/15) and per-node (cpu/mem) keyed by node id - ServerService.AppendStatusSample writes all 8 metrics every 2s on the same tick; AppendCpuSample/AggregateCpuHistory kept for back-compat - NodeService.UpdateHeartbeat appends cpu/mem only on online ticks so offline gaps render as missing data, not phantom dips - New routes: GET /panel/api/server/history/:metric/:bucket and GET /panel/api/nodes/history/:id/:metric/:bucket, both whitelisted Frontend - Sparkline component generalized: arbitrary value range (auto-scale when valueMax=null), pluggable yFormatter/tooltipFormatter for B/s, client counts, load averages - SystemHistoryModal replaces CpuHistoryModal with tabs for every metric; opened from a tag on the 3X-UI card next to Documentation - NodeHistoryPanel: expandable row on the Nodes table showing per-node CPU and Mem trends, refreshed every 15s Localization - Backfill systemHistoryTitle / trendLast2Min / pages.inbounds.{node, deployTo, localPanel} and the entire pages.nodes block (51 keys including statusValues + toasts) into all 11 non-en/fa locales: ar-EG, es-ES, id-ID, ja-JP, pt-BR, ru-RU, tr-TR, uk-UA, vi-VN, zh-CN, zh-TW Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * fix(embed): include underscore-prefixed Vite chunks in dist FS go:embed silently excludes files whose names start with `_` or `.`, so the `_plugin-vue_export-helper-<hash>.js` chunk that Vite/rolldown emits for @vitejs/plugin-vue was missing from the production binary. First import at runtime hit a 404 and the SPA failed to mount — blank page on every page load, no error in the server logs because the asset 404 was just a static-handler miss. Switched the directive to `//go:embed all:dist` which keeps the same root layout but disables the underscore/dot exclusion rule. Dev mode was unaffected (it serves dist/assets/ from disk, not the embedded FS). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * ci: build frontend bundle before Go compile in release.yml + Dockerfile Phase 8 cut all panel HTML routes over to web/dist/ and embedded the Vite bundle into the Go binary via //go:embed all:dist. web/dist/ is .gitignored, so on a fresh CI checkout it doesn't exist — every Go build since Phase 8 has been failing with "pattern dist: no matching files found" or producing a binary that 404s on first asset request. release.yml: add a setup-node@v4 + npm ci + npm run build trio before the existing go build step in both the Linux matrix job (7 arches) and the Windows job. npm cache is keyed on frontend/package-lock.json. Dockerfile: add a node:22-alpine frontend stage that runs npm ci + npm run build and emits to /src/web/dist (via vite.config.js's outDir). The golang builder stage then COPY --from=frontend /src/web/dist into ./web/dist before the go build, so embed.FS sees the bundle. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(ws): live updates on inbounds/xray/nodes pages, drop polling + manual refresh Replaces the legacy polling + manual-refresh model with WebSocket pushes across the three live-data pages. The hub already broadcast traffic / client_stats / outbounds; this wires the frontend to consume them and adds a new `nodes` channel for the heartbeat job's snapshot. Frontend - new useWebSocket composable: page-scoped singleton WebSocketClient, lifecycle-managed on/off, leaves disconnect to page-unload - inbounds: useInbounds gains applyTrafficEvent / applyClientStatsEvent / applyInvalidate that merge counters and online/lastOnline in place; InboundsPage subscribes; InboundList drops the auto-refresh popover, the refresh button, and the now-unused refreshing prop - xray outbounds: useXraySetting gains applyOutboundsEvent; XrayPage subscribes; OutboundsTab drops the refresh button + emit - nodes: useNodes gains applyNodesEvent and stops the 5s setInterval/visibilitychange polling; NodesPage subscribes; NodeList drops the refresh button and ReloadOutlined import Backend - web/websocket: new MessageTypeNodes + BroadcastNodes notifier - node_heartbeat_job: after wg.Wait(), reload the table once and BroadcastNodes(updated). Gated on websocket.HasClients() so a panel with no open browser doesn't spend the DB read Bug fixes spotted in this pass - websocket.js #buildUrl defaulted basePath to '' when the global was missing (dev mode), producing `ws://host:portws` and a SyntaxError on the WebSocket constructor. Fall back to '/' and ensure leading slash. - vite.config.js: forward /ws to ws://localhost:2053 with ws:true so dev (5173) reaches the Go backend's WebSocket - NodeFormModal: a-input-password's visibilityToggle is Boolean in AntD Vue 4; the v3-era object form (`{ visible, 'onUpdate:visible' }`) triggered a Vue prop-type warning. Drop the override (default true shows the eye icon and toggles internally) and remove the orphaned tokenVisible ref Translations - pages.inbounds.autoRefresh / autoRefreshInterval: removed from all 13 locales (UI gone) - pages.nodes.refresh: removed from all 13 locales (UI gone) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * feat(inbounds): hide Node column when no nodes are defined Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> --------- Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-09 17:47:35 +02:00
MHSanaei	50603fd430	fix: get client reverse tag in the outbound	2026-05-06 00:50:40 +02:00
MHSanaei	6099a07ff0	feat: add configurable auto-restart on client auto-disable Add a configurable option to restart Xray when clients are auto-disabled and persist disable actions. Changes include: - New setting restartXrayOnClientDisable (default true), getters/setters in SettingService, UI toggle in general settings, and translations for multiple locales. - AddTraffic signature updated to return a third bool (clientsDisabled). disableInvalidClients now calls Xray API to remove users, marks client_traffics.enable=false, updates inbound.Settings JSON so clients appear disabled in stored settings, and returns appropriate counts/errors. - XrayTrafficJob now checks the clientsDisabled flag and restarts Xray when the setting is enabled (with fallback to mark Xray as needing restart on failure). - XrayService.GetXrayConfig call adjusted to ignore AddTraffic returns. - Subscription generation (subService/subJson/subClash) no longer filters clients by their enable flag when matching subId. - Minor fixes: check_client_ip_job now checks scanner.Err and improved API error handling/logging. These changes ensure auto-disabled clients are propagated to Xray and the stored inbound settings, and provide an option to restart Xray automatically after auto-disable events.	2026-05-04 23:19:25 +02:00
pwnnex	eb4791a1cd	hysteria: also accept "hysteria2" protocol string UI stores v1 and v2 both as "hysteria" with settings.version, but inbounds that came in from imports / manual SQL can carry the literal "hysteria2" string and get silently dropped everywhere we switch on protocol. Add Hysteria2 constant + IsHysteria helper, use it in the places that gate on protocol (sub SQL, getLink, genHysteriaLink, clash buildProxy, json gen, inbound.go validation, xray AddUser). Existing "hysteria" inbounds are untouched. closes #4081	2026-04-22 18:55:09 +03:00
MHSanaei	0fd0389d5c	sub json fix fragment noises effect Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>	2026-04-21 20:02:39 +02:00
MHSanaei	ae5ad505d0	add hysteria inbound Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>	2026-04-20 16:05:27 +02:00
MHSanaei	0a424a9f16	Use vnext/users structure for VLESS outbound Replace the previous flat settings map for VLESS outbound with a vnext/users structure. Encryption is now pulled from inbound settings into the user object, a level field (8) is added, and client id and flow are preserved. Address and port are nested under vnext and outbound.Settings is set to {vnext: [...]}, aligning the outbound format with the expected VLESS schema. Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>	2026-04-20 13:44:52 +02:00
MHSanaei	511adffc5b	Remove allowInsecure Remove the deprecated `allowInsecure`	2026-02-11 18:21:23 +01:00
Ilya Kryuchkov	6041d10e3d	Refactor code and fix linter warnings (#3627 ) * refactor: use any instead of empty interface * refactor: code cleanup	2026-01-05 05:54:56 +01:00
mhsanaei	37c17357fc	undo vnext for vmess	2025-09-20 13:10:57 +02:00
mhsanaei	6ced549dea	docs: add comments for all functions	2025-09-20 09:35:50 +02:00
mhsanaei	7447cec17e	go package correction v2	2025-09-19 10:05:43 +02:00
mhsanaei	054cb1dea0	go package correction	2025-09-18 23:12:14 +02:00
mhsanaei	1de7accd7c	vnext removed	2025-09-16 13:41:05 +02:00
Sanaei	b008ff4ad2	Vlessenc (#3426 ) * mlkem768 * VlessEnc	2025-09-07 22:35:38 +02:00
mhsanaei	6b23b416a7	minor changes	2025-08-17 13:37:49 +02:00
Alireza Ahmadi	487ec74e0b	add mldsa65	2025-07-25 01:22:01 +02:00
mhsanaei	0bde51b91e	Refactor: Use any instead of interface{}	2025-03-12 20:43:43 +01:00
mhsanaei	9bc5c1d070	tcpNoDelay to penetrate	2025-01-01 18:42:50 +01:00
mhsanaei	6b0c9a5fad	update noise to noises + type	2024-09-17 09:51:57 +02:00
mhsanaei	58c721e7d2	quic removed	2024-09-09 09:46:39 +02:00
Dmitry Zhavoronkov	4494ffabb6	fix TypeError: this.shortIds.split is not a function (#2507 ) * fix TypeError: this.shortIds.split is not a function	2024-09-02 12:02:15 +02:00
mhsanaei	fa43248e30	New - Noise freedom	2024-08-29 11:27:43 +02:00
mhsanaei	93d52bc86c	new - vmess security (inbound client side - outbound)	2024-08-11 00:47:44 +02:00
mhsanaei	5d007435ab	some changes undo secret key gen for wireguard	2024-06-18 14:37:44 +02:00
mhsanaei	7f2c11220f	new - splithttp transport splithttp inbound splithttp outbound change priority host for ws - httpupgrade (host>>headers)	2024-06-18 12:49:20 +02:00
mhsanaei	275370e32c	new - (Sockopt) tcpMptcp , tcpNoDelay https://xtls.github.io/en/config/transport.html#sockoptobject	2024-05-22 20:06:49 +02:00
mhsanaei	866f7bd042	[subjson] avoid array for one config Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>	2024-04-01 12:22:10 +04:30
Tara Rostami	0bec29f2ba	UI Improvements (#2067 )	2024-03-20 14:13:37 +03:30
MHSanaei	8b5fe0b018	[subJson] add mux and direct Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>	2024-03-12 19:44:51 +03:30
MHSanaei	5b87b12535	[sub] JSON sub enhancement + minor changes Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>	2024-03-11 18:40:11 +03:30
MHSanaei	d18eb7e4e4	New - HttpUpgrade Transport	2024-03-11 11:27:43 +03:30
Hamidreza	64a5a9f1bc	Some fixes and improvements (#1997 ) * [refactor] api controller * [fix] access log path better to not hardcode the access log path, maybe some ppl dont want to use the default ./access.log * [fix] set select options from logs paths in xray settings * [update] .gitignore * [lint] all .go files * [update] use status code for jsonMsg and 401 to unauthorize * [update] handle response status code via axios * [fix] set correct value if log paths is set to 'none' we also use the default value for the paths if its set to none * [fix] iplimit - only warning access log if f2b is installed	2024-03-11 01:01:24 +03:30
MHSanaei	e705ae8e48	minor changes	2024-02-25 02:08:14 +03:30
MHSanaei	03b7a34793	[sub] json + fragment Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>	2024-02-21 14:17:52 +03:30

39 Commits