2024-08-01 18:06:37 +03:00
# TODO: Saved just in case for the dark future.
# в целом просто сделай себе шелл алиас gw-default="sudo ip route del default; sudo ip route add default via айпишник роутера" и шелл алиас gw-vpn="sudo ip route del default; sudo ip route add default via айпишник_впна"
2024-08-28 01:31:17 +03:00
{ container , pkgs , lib , config , __findFile , . . . }: with lib ; let
2024-09-01 03:43:52 +03:00
cfg = config . container . module . frkn ;
2024-08-01 18:06:37 +03:00
in {
options = {
2024-09-01 03:43:52 +03:00
container . module . frkn = {
2024-08-01 18:06:37 +03:00
enable = mkEnableOption " F R K N " ;
address = mkOption {
default = " 1 0 . 1 . 0 . 6 9 " ;
type = types . str ;
} ;
port = mkOption {
default = 1080 ;
type = types . int ;
} ;
torport = mkOption {
default = 9150 ;
type = types . int ;
} ;
2024-08-30 13:23:15 +03:00
xrayport = mkOption {
default = 1081 ;
type = types . int ;
} ;
storage = mkOption {
2024-09-01 03:43:52 +03:00
default = " ${ config . container . storage } / f r k n " ;
2024-08-30 13:23:15 +03:00
type = types . str ;
} ;
2024-08-01 18:06:37 +03:00
} ;
} ;
config = mkIf cfg . enable {
2024-08-30 13:23:15 +03:00
systemd . tmpfiles . rules = container . mkContainerDir cfg [
" d a t a "
] ;
2024-09-01 03:43:52 +03:00
containers . frkn = container . mkContainer cfg {
2024-08-30 13:23:15 +03:00
bindMounts = {
" / d a t a " = {
hostPath = " ${ cfg . storage } / d a t a " ;
isReadOnly = true ;
} ;
} ;
2024-08-01 18:06:37 +03:00
config = { . . . }: container . mkContainerConfig cfg {
2024-08-08 01:59:00 +03:00
boot . kernel . sysctl = {
" n e t . i p v 4 . c o n f . a l l . s r c _ v a l i d _ m a r k " = 1 ;
" n e t . i p v 4 . i p _ f o r w a r d " = 1 ;
} ;
2024-08-28 01:31:17 +03:00
imports = [ <module/Zapret.nix> ] ;
2024-08-28 02:45:28 +03:00
module . zapret = {
enable = true ;
params = config . module . zapret . params ;
} ;
2024-08-01 18:06:37 +03:00
services = {
microsocks = {
enable = true ;
ip = cfg . address ;
port = cfg . port ;
disableLogging = true ;
#authUsername
#outgoingBindIp
#authOnce
} ;
tor = {
enable = true ;
openFirewall = true ;
settings = let
exclude = " { R U } , { U A } , { B Y } , { K Z } , { C N } , { ? ? } " ;
in {
2024-08-21 03:22:51 +03:00
# ExcludeExitNodes = exclude;
# ExcludeNodes = exclude;
2024-08-01 18:06:37 +03:00
#DNSPort = dnsport;
UseBridges = true ;
ClientTransportPlugin = " o b f s 4 e x e c ${ pkgs . obfs4 } / b i n / l y r e b i r d " ;
Bridge = [
" o b f s 4 9 4 . 1 0 3 . 8 9 . 1 5 3 : 4 4 4 3 5 6 1 7 8 4 8 9 6 4 F D 6 5 4 6 9 6 8 B 5 B F 3 F F A 6 C 1 1 B C C A B E 5 8 B c e r t = t Y s m u u T e 9 p h J S 0 G h 8 N K I p k V Z P / X K s 7 g J C q i 3 1 o 8 L C l w Y e t x z F z 0 f Q Z g s M w h N c I l Z 0 H G 5 L A i a t - m o d e = 0 "
" o b f s 4 1 2 1 . 4 5 . 1 4 0 . 2 4 9 : 1 2 1 2 3 0 9 2 2 E 2 1 2 E 3 3 B 0 4 F 0 B 7 C 1 E 3 9 8 1 6 1 E 8 E D E 0 6 7 3 4 F 2 6 c e r t = 3 A Q 4 i J F A z x z t 7 a / z g X I i F E s 6 f v r X I n X t 1 D t r 0 9 D g n p v U z G / i i y R T d X Y Z K S Y p I 1 2 4 Z t 3 Z U A i a t - m o d e = 0 "
" o b f s 4 7 9 . 1 3 7 . 1 1 . 4 5 : 4 5 0 7 2 E C A 3 1 9 7 D 4 9 A 2 9 D D E C D 4 A C B F 9 B C F 1 5 E 4 9 8 7 B 7 8 1 3 7 c e r t = 2 F K y L W k P g M N C W x B D 3 c N O T R x J H 3 X P + H d S t P G K M j J f w 2 Y b v V j i h I p 3 X 2 B C r t x Q y a 9 m 5 I I 5 X A i a t - m o d e = 0 "
" o b f s 4 1 4 5 . 2 3 9 . 3 1 . 7 1 : 1 0 1 6 1 8 8 2 1 2 5 D 1 5 B 5 9 B B 8 2 B E 6 6 F 9 9 9 0 5 6 C B 6 7 6 D 3 F 0 6 1 F 8 c e r t = A n D + E v c B M u Q D V M 7 P w W 7 N g F A z W 1 M 5 j D m 7 D j Q t I I c B S j o y A f 1 F J 2 p 5 3 5 r r Y L 2 K k 8 P O A d 0 + a w i a t - m o d e = 0 "
] ;
} ;
client = {
enable = true ;
#dns.enable = true;
socksListenAddress = {
IsolateDestAddr = true ;
addr = cfg . address ;
port = cfg . torport ;
} ;
} ;
} ;
2024-08-30 13:23:15 +03:00
xray = {
enable = true ;
settingsFile = " / d a t a / C l i e n t . j s o n " ;
} ;
2024-08-01 18:06:37 +03:00
} ;
2024-08-01 19:51:04 +03:00
systemd = {
2024-08-28 01:31:17 +03:00
services . tor . wantedBy = lib . mkForce [ ] ;
2024-08-01 19:51:04 +03:00
2024-08-28 01:31:17 +03:00
timers . tor = {
timerConfig = {
OnBootSec = 5 ;
Unit = " t o r . s e r v i c e " ;
2024-08-01 18:06:37 +03:00
} ;
2024-08-28 01:31:17 +03:00
wantedBy = [ " t i m e r s . t a r g e t " ] ;
2024-08-01 18:06:37 +03:00
} ;
} ;
} ;
} ;
} ;
}