mynix/system
1
1
Fork 0
Code Issues 1 Pull requests Activity

modules/byedpi: add possibility to configure groups

Browse source
This commit is contained in:
Dmitriy Pleshevskiy 2024-12-19 01:10:22 +03:00
parent 11becc35cb
commit 46331046f6
Signed by: pleshevskiy
GPG key ID: 17041163DA10A9A2
2 changed files with 73 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
hosts/home/configuration.nix
View file

@ -20,9 +20,20 @@
enableProxy = true; enableProxy = true;
settings = { settings = {
port = 1081; port = 1081;
fake = 1;
ttl = 8;
}; };
groupSettings = [
{
name = "googlevideo";
hosts = "googlevideo.com";
disoob = 3;
disorder = 7;
}
{
name = "youtube";
hosts = "youtube.com";
fake = 1;
}
];
}; };
# local.services.i2pd.enable = true; # local.services.i2pd.enable = true;

50
modules/nixos/services/byedpi.nix
View file

@ -5,10 +5,8 @@ let
exe = lib.getExe cfg.package; exe = lib.getExe cfg.package;
cliArgs = lib.cli.toGNUCommandLineShell { } { baseArgs = lib.cli.toGNUCommandLineShell { } {
inherit (cfg.settings) ip port; inherit (cfg.settings) ip port;
inherit (cfg.settings) ttl split disorder oob disoob fake tlsrec md5sig;
buf-size = cfg.settings.bufferSize; buf-size = cfg.settings.bufferSize;
debug = cfg.settings.debugLevel; debug = cfg.settings.debugLevel;
max-conn = cfg.settings.connectionLimit; max-conn = cfg.settings.connectionLimit;
@ -17,7 +15,24 @@ let
no-domain = !cfg.settings.domain.enable; no-domain = !cfg.settings.domain.enable;
}; };
mkSplitOption = let groupArgs = lib.flip map cfg.groupSettings (gs:
lib.concatStringsSep " " [
(lib.cli.toGNUCommandLineShell { } (
if gs.proto == [ ] && gs.hostsFile == null then { auto = gs.name; } else {
proto = lib.optionalDrvAttr (gs.proto != [ ]) (lib.concatStringsSep "," gs.proto);
hosts = lib.optionalDrvAttr (gs.hostsFile != null) gs.hostsFile;
}
))
(lib.cli.toGNUCommandLineShell { } {
inherit (gs) ttl split disorder oob disoob fake tlsrec md5sig;
})
]
);
cliArgs = lib.concatStringsSep " " ([ baseArgs ] ++ groupArgs);
mkSplitOption =
let
splitType = with lib.types; splitType = with lib.types;
let strOrInt = either str int; let strOrInt = either str int;
in nullOr (either strOrInt (listOf strOrInt)); in nullOr (either strOrInt (listOf strOrInt));
@ -62,7 +77,27 @@ in
domain.enable = mkEnableOption "Enable domain resolving" // { default = true; }; domain.enable = mkEnableOption "Enable domain resolving" // { default = true; };
udp.enable = mkEnableOption "Enable UDP association" // { default = true; }; udp.enable = mkEnableOption "Enable UDP association" // { default = true; };
tcpFastOpen.enable = mkEnableOption "Enable TCP Fast Open"; tcpFastOpen.enable = mkEnableOption "Enable TCP Fast Open";
};
groupSettings = lib.mkOption {
type = types.listOf (types.submodule ({ config, ... }: {
options = {
enable = mkEnableOption "Enable configs for hosts";
name = mkOption {
type = types.str;
};
hostsFile = mkOption {
type = types.nullOr types.package;
internal = true;
readOnly = true;
};
hosts = mkOption {
type = types.lines;
default = "";
};
proto = mkOption {
type = types.listOf (types.enum [ "tls" "http" "udp" "ipv4" ]);
default = [ ];
};
ttl = mkOption { ttl = mkOption {
type = types.int; type = types.int;
default = 8; default = 8;
@ -75,6 +110,11 @@ in
tlsrec = mkSplitOption "Make TLS record at position"; tlsrec = mkSplitOption "Make TLS record at position";
md5sig = mkEnableOption "Add MD5 Signature option for fake packets"; md5sig = mkEnableOption "Add MD5 Signature option for fake packets";
}; };
config = {
hostsFile = if config.hosts == "" then null else pkgs.writeText config.name config.hosts;
};
}));
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {