mynix/system
1
1
Fork 0
Code Issues 1 Pull requests Activity

modules/byedpi: add possibility to configure groups

Browse source
This commit is contained in:
Dmitriy Pleshevskiy 2024-12-19 01:10:22 +03:00
parent 11becc35cb
commit 46331046f6
Signed by: pleshevskiy
GPG key ID: 17041163DA10A9A2
2 changed files with 73 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
hosts/home/configuration.nix
View file

@ -20,9 +20,20 @@
enableProxy = true;
settings = {
port = 1081;
fake = 1;
ttl = 8;
};
groupSettings = [
{
name = "googlevideo";
hosts = "googlevideo.com";
disoob = 3;
disorder = 7;
}
{
name = "youtube";
hosts = "youtube.com";
fake = 1;
}
];
};
# local.services.i2pd.enable = true;

80
modules/nixos/services/byedpi.nix
View file

@ -5,10 +5,8 @@ let
exe = lib.getExe cfg.package;
cliArgs = lib.cli.toGNUCommandLineShell { } {
baseArgs = lib.cli.toGNUCommandLineShell { } {
inherit (cfg.settings) ip port;
inherit (cfg.settings) ttl split disorder oob disoob fake tlsrec md5sig;
buf-size = cfg.settings.bufferSize;
debug = cfg.settings.debugLevel;
max-conn = cfg.settings.connectionLimit;
@ -17,11 +15,28 @@ let
no-domain = !cfg.settings.domain.enable;
};
mkSplitOption = let
splitType = with lib.types;
let strOrInt = either str int;
in nullOr (either strOrInt (listOf strOrInt));
in
groupArgs = lib.flip map cfg.groupSettings (gs:
lib.concatStringsSep " " [
(lib.cli.toGNUCommandLineShell { } (
if gs.proto == [ ] && gs.hostsFile == null then { auto = gs.name; } else {
proto = lib.optionalDrvAttr (gs.proto != [ ]) (lib.concatStringsSep "," gs.proto);
hosts = lib.optionalDrvAttr (gs.hostsFile != null) gs.hostsFile;
}
))
(lib.cli.toGNUCommandLineShell { } {
inherit (gs) ttl split disorder oob disoob fake tlsrec md5sig;
})
]
);
cliArgs = lib.concatStringsSep " " ([ baseArgs ] ++ groupArgs);
mkSplitOption =
let
splitType = with lib.types;
let strOrInt = either str int;
in nullOr (either strOrInt (listOf strOrInt));
in
description: lib.mkOption {
inherit description;
type = splitType;
@ -62,18 +77,43 @@ in
domain.enable = mkEnableOption "Enable domain resolving" // { default = true; };
udp.enable = mkEnableOption "Enable UDP association" // { default = true; };
tcpFastOpen.enable = mkEnableOption "Enable TCP Fast Open";
ttl = mkOption {
type = types.int;
default = 8;
};
split = mkSplitOption "Split packet at n";
disorder = mkSplitOption "Split and send reverse order";
oob = mkSplitOption "Split and send as OOB data";
disoob = mkSplitOption "Split and send reverse order as OOB data";
fake = mkSplitOption "Split and send fake packet";
tlsrec = mkSplitOption "Make TLS record at position";
md5sig = mkEnableOption "Add MD5 Signature option for fake packets";
};
groupSettings = lib.mkOption {
type = types.listOf (types.submodule ({ config, ... }: {
options = {
enable = mkEnableOption "Enable configs for hosts";
name = mkOption {
type = types.str;
};
hostsFile = mkOption {
type = types.nullOr types.package;
internal = true;
readOnly = true;
};
hosts = mkOption {
type = types.lines;
default = "";
};
proto = mkOption {
type = types.listOf (types.enum [ "tls" "http" "udp" "ipv4" ]);
default = [ ];
};
ttl = mkOption {
type = types.int;
default = 8;
};
split = mkSplitOption "Split packet at n";
disorder = mkSplitOption "Split and send reverse order";
oob = mkSplitOption "Split and send as OOB data";
disoob = mkSplitOption "Split and send reverse order as OOB data";
fake = mkSplitOption "Split and send fake packet";
tlsrec = mkSplitOption "Make TLS record at position";
md5sig = mkEnableOption "Add MD5 Signature option for fake packets";
};
config = {
hostsFile = if config.hosts == "" then null else pkgs.writeText config.name config.hosts;
};
}));
};
};