Zapret : Rename to Frkn.

This commit is contained in:
Dmitry Voronin 2024-09-01 03:43:52 +03:00
parent 74de045d51
commit 04c4351436
Signed by: voronind
SSH key fingerprint: SHA256:3kBb4iV2ahufEBNq+vFbUe4QYfHt98DHQjN7QaptY9k
24 changed files with 36 additions and 36 deletions

View file

@ -1,10 +1,10 @@
# TODO: Saved just in case for the dark future. # TODO: Saved just in case for the dark future.
# в целом просто сделай себе шелл алиас gw-default="sudo ip route del default; sudo ip route add default via айпишник роутера" и шелл алиас gw-vpn="sudo ip route del default; sudo ip route add default via айпишник_впна" # в целом просто сделай себе шелл алиас gw-default="sudo ip route del default; sudo ip route add default via айпишник роутера" и шелл алиас gw-vpn="sudo ip route del default; sudo ip route add default via айпишник_впна"
{ container, pkgs, lib, config, __findFile, ... }: with lib; let { container, pkgs, lib, config, __findFile, ... }: with lib; let
cfg = config.container.module.zapret; cfg = config.container.module.frkn;
in { in {
options = { options = {
container.module.zapret = { container.module.frkn = {
enable = mkEnableOption "FRKN"; enable = mkEnableOption "FRKN";
address = mkOption { address = mkOption {
default = "10.1.0.69"; default = "10.1.0.69";
@ -23,7 +23,7 @@ in {
type = types.int; type = types.int;
}; };
storage = mkOption { storage = mkOption {
default = "${config.container.storage}/zapret"; default = "${config.container.storage}/frkn";
type = types.str; type = types.str;
}; };
}; };
@ -34,7 +34,7 @@ in {
"data" "data"
]; ];
containers.zapret = container.mkContainer cfg { containers.frkn = container.mkContainer cfg {
bindMounts = { bindMounts = {
"/data" = { "/data" = {
hostPath = "${cfg.storage}/data"; hostPath = "${cfg.storage}/data";

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
return 301 rtsp://${address}:${toString port}/live/main; return 301 rtsp://${address}:${toString port}/live/main;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -10,7 +10,7 @@ in {
location ~ ^/(admin|api|user) { location ~ ^/(admin|api|user) {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
@ -19,7 +19,7 @@ in {
# allow ${config.container.localAccess}; # allow ${config.container.localAccess};
# allow ${config.container.module.status.address}; # allow ${config.container.module.status.address};
# allow ${config.container.module.vpn.address}; # allow ${config.container.module.vpn.address};
# allow ${config.container.module.zapret.address}; # allow ${config.container.module.frkn.address};
# deny all; # deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
# allow ${config.container.localAccess}; # allow ${config.container.localAccess};
# allow ${config.container.module.status.address}; # allow ${config.container.module.status.address};
# allow ${config.container.module.vpn.address}; # allow ${config.container.module.vpn.address};
# allow ${config.container.module.zapret.address}; # allow ${config.container.module.frkn.address};
# deny all; # deny all;
add_header X-Forwarded-Proto https; add_header X-Forwarded-Proto https;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

View file

@ -13,7 +13,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -13,7 +13,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -10,7 +10,7 @@ in {
location ~ ^/(dashboard|settings) { location ~ ^/(dashboard|settings) {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }
@ -18,7 +18,7 @@ in {
location / { location / {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;
} }

View file

@ -11,7 +11,7 @@ in {
allow ${config.container.localAccess}; allow ${config.container.localAccess};
allow ${config.container.module.status.address}; allow ${config.container.module.status.address};
allow ${config.container.module.vpn.address}; allow ${config.container.module.vpn.address};
allow ${config.container.module.zapret.address}; allow ${config.container.module.frkn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

View file

@ -4,13 +4,14 @@
autoStart = true; autoStart = true;
module = { module = {
# ISSUE: hdd.enable = true;
change.enable = true; change.enable = true;
cloud.enable = true; cloud.enable = true;
ddns.enable = true; ddns.enable = true;
dns.enable = true; dns.enable = true;
download.enable = true; download.enable = true;
frkn.enable = true;
git.enable = true; git.enable = true;
# ISSUE: hdd.enable = true;
home.enable = true; home.enable = true;
iot.enable = true; iot.enable = true;
jobber.enable = true; jobber.enable = true;
@ -31,7 +32,6 @@
vpn.enable = true; vpn.enable = true;
watch.enable = true; watch.enable = true;
yt.enable = true; yt.enable = true;
zapret.enable = true;
}; };
storage = "/storage/hot/container"; storage = "/storage/hot/container";

View file

@ -47,7 +47,7 @@ in {
# Full access from VPN clients. # Full access from VPN clients.
iptables -I INPUT -j ACCEPT -s ${cfg.vpn.address} -d ${internal} iptables -I INPUT -j ACCEPT -s ${cfg.vpn.address} -d ${internal}
iptables -I INPUT -j ACCEPT -s ${cfg.zapret.address} -d ${internal} iptables -I INPUT -j ACCEPT -s ${cfg.frkn.address} -d ${internal}
# Full access from Lan. # Full access from Lan.
iptables -I INPUT -j ACCEPT -i ${lan} -d ${internal} iptables -I INPUT -j ACCEPT -i ${lan} -d ${internal}
@ -63,12 +63,12 @@ in {
+ (mkForward internal 993 cfg.mail.address 993 tcp) + (mkForward internal 993 cfg.mail.address 993 tcp)
# FRKN internal proxy server. # FRKN internal proxy server.
+ (mkForward internal cfg.zapret.port cfg.zapret.address cfg.zapret.port tcp) + (mkForward internal cfg.frkn.port cfg.frkn.address cfg.frkn.port tcp)
+ (mkForward internal cfg.zapret.torport cfg.zapret.address cfg.zapret.torport tcp) + (mkForward internal cfg.frkn.torport cfg.frkn.address cfg.frkn.torport tcp)
+ (mkForward internal cfg.zapret.xrayport cfg.zapret.address cfg.zapret.xrayport tcp) + (mkForward internal cfg.frkn.xrayport cfg.frkn.address cfg.frkn.xrayport tcp)
+ (mkForward internal cfg.zapret.port cfg.zapret.address cfg.zapret.port udp) + (mkForward internal cfg.frkn.port cfg.frkn.address cfg.frkn.port udp)
+ (mkForward internal cfg.zapret.torport cfg.zapret.address cfg.zapret.torport udp) + (mkForward internal cfg.frkn.torport cfg.frkn.address cfg.frkn.torport udp)
+ (mkForward internal cfg.zapret.xrayport cfg.zapret.address cfg.zapret.xrayport udp) + (mkForward internal cfg.frkn.xrayport cfg.frkn.address cfg.frkn.xrayport udp)
# Allow VPN connections from Wan. # Allow VPN connections from Wan.
+ (mkForward external cfg.vpn.port cfg.vpn.address cfg.vpn.port udp) + (mkForward external cfg.vpn.port cfg.vpn.address cfg.vpn.port udp)