From 9611f6850b4e6f8aef6b396161ad1a79b90da0c6 Mon Sep 17 00:00:00 2001
From: Dmitriy Pleshevskiy <dmitriy@pleshevski.ru>
Date: Sun, 15 Dec 2024 16:44:09 +0300
Subject: [PATCH] modules/byedpi: improve configs
---
hosts/home/configuration.nix | 8 ++-----
modules/nixos/services/byedpi.nix | 37 ++++++++++++++++++-------------
2 files changed, 24 insertions(+), 21 deletions(-)
diff --git a/hosts/home/configuration.nix b/hosts/home/configuration.nix
index 4308b63..5aebcca 100644
--- a/hosts/home/configuration.nix
+++ b/hosts/home/configuration.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
imports = [
@@ -17,17 +17,13 @@
################################################################################
local.services.byedpi = {
enable = true;
+ enableProxy = true;
settings = {
port = 1081;
fake = 1;
ttl = 8;
};
};
- networking.proxy = rec {
- allProxy = "http://localhost:${toString config.local.services.byedpi.settings.port}";
- httpProxy = allProxy;
- httpsProxy = allProxy;
- };
# local.services.i2pd.enable = true;
# local.services.kubo.enable = true;
diff --git a/modules/nixos/services/byedpi.nix b/modules/nixos/services/byedpi.nix
index 0e5efdb..749cc02 100644
--- a/modules/nixos/services/byedpi.nix
+++ b/modules/nixos/services/byedpi.nix
@@ -17,22 +17,23 @@ let
no-domain = !cfg.settings.domain.enable;
};
-
- strOrNum = with lib.types; either str number;
-
- splitType = with lib.types; nullOr (either strOrNum (listOf strOrNum));
-
- mkSplitOption = description: lib.mkOption {
- inherit description;
- type = splitType;
- default = null;
- };
+ mkSplitOption = let
+ splitType = with lib.types;
+ let strOrInt = either str int;
+ in nullOr (either strOrInt (listOf strOrInt));
+ in
+ description: lib.mkOption {
+ inherit description;
+ type = splitType;
+ default = null;
+ };
in
{
options.local.services.byedpi = with lib; {
enable = mkEnableOption "byedpi";
package = mkPackageOption pkgs "byedpi" { };
openFirewall = mkEnableOption "Whether to open the required firewall ports in the firewall.";
+ enableProxy = mkEnableOption "Whether to enable systemwide networking proxy";
settings = {
ip = mkOption {
type = types.str;
@@ -40,21 +41,21 @@ in
default = "0.0.0.0";
};
port = mkOption {
- type = types.number;
+ type = types.ints.u16;
description = "Listening port";
default = 1080;
};
bufferSize = mkOption {
- type = types.number;
+ type = types.int;
description = "Buffer size";
default = 16384;
};
debugLevel = mkOption {
- type = types.number; # 0, 1, 2
+ type = types.ints.between 0 2;
default = 0;
};
connectionLimit = mkOption {
- type = types.number;
+ type = types.int;
description = "Connection count limit";
default = 512;
};
@@ -63,7 +64,7 @@ in
tcpFastOpen.enable = mkEnableOption "Enable TCP Fast Open";
ttl = mkOption {
- type = types.number;
+ type = types.int;
default = 8;
};
split = mkSplitOption "Split packet at n";
@@ -85,6 +86,12 @@ in
networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [ cfg.settings.port ];
+ networking.proxy = lib.mkIf cfg.enableProxy rec {
+ allProxy = "http://${cfg.settings.ip}:${toString cfg.settings.port}";
+ httpProxy = allProxy;
+ httpsProxy = allProxy;
+ };
+
systemd.services.byedpi = {
description = "Byedpi (Bypass DPI)";