modules: add sing-box module
This commit is contained in:
parent
b0facfa211
commit
29d7585e27
7 changed files with 104 additions and 158 deletions
|
|
@ -251,6 +251,10 @@
|
|||
owner = "xin";
|
||||
sopsFile = ./secrets.yaml;
|
||||
};
|
||||
sing_box_url = {
|
||||
owner = "root";
|
||||
sopsFile = ./secrets.yaml;
|
||||
};
|
||||
};
|
||||
custom.restic.enable = true;
|
||||
custom.restic.repositoryFile = config.sops.secrets.restic_repo_calcite.path;
|
||||
|
|
|
|||
|
|
@ -1,9 +1,7 @@
|
|||
{ pkgs, ...}:
|
||||
{ config, pkgs, ...}:
|
||||
|
||||
{
|
||||
imports = [
|
||||
../sing-box.nix
|
||||
];
|
||||
imports = [ ];
|
||||
|
||||
# Enable networking
|
||||
networking = {
|
||||
|
|
@ -21,12 +19,20 @@
|
|||
services.tailscale.enable = true;
|
||||
# services.tailscale.useRoutingFeatures = "both";
|
||||
|
||||
custom.sing-box = {
|
||||
enable = true;
|
||||
configFile = {
|
||||
urlFile = config.sops.secrets.sing_box_url.path;
|
||||
hash = "6ca5bc8a16f8c413227690aceeee2c12c02cab09473c216b849af1e854b98588";
|
||||
};
|
||||
overrideSettings.experimental.clash_api.external_ui = "${config.nur.repos.linyinfeng.yacd}";
|
||||
};
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall.enable = true;
|
||||
networking.firewall.allowedTCPPorts = [ 3389 ];
|
||||
networking.firewall.allowedUDPPorts = [ 3389 41641 ];
|
||||
networking.firewall.trustedInterfaces = [
|
||||
"tun0"
|
||||
"tailscale0"
|
||||
];
|
||||
# Use nftables to manager firewall
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
restic_repo_calcite_password: ENC[AES256_GCM,data:9ALTQULAMyLY4FIxuVztf9r3,iv:fObBBeqpHAVYl8YUopz9fZd3YWB+0sc8l+sR12rmxb4=,tag:l3xDc2/cpQr38X/cd7qMXA==,type:str]
|
||||
restic_repo_calcite: ENC[AES256_GCM,data:+m9cjMXrZoCPg/S+/wV4WFBmg6pbFpqJ7JOdwOX0Z37bgoQXh4wcVPKK3CLd7G/iQjpO8SXaqJ1/d8r4Ydk21Gp1WqkB8g==,iv:DweDUujXp6i5XwwxeFjUsLDOJQJlRIT6GKPPxABNWiY=,tag:hdBHIjAcDQ1Ky/8hIv3+Ow==,type:str]
|
||||
sing_box_url: ENC[AES256_GCM,data:2z2bDKdn51o1eaqhgE0pTg4FWcO8wcLNlnBZ69Q3Jm5GCxkXxsxN7DgqQvRVeakOHvaenQotF+nc6tlhKPsyzdQeG0yl3YYhGb9o3DkmpUjC6lalMSoiw1rSMVyBg4KYCWxmhR9iRurun62+5INGZwwHVqAjgWJhy/9+pdIFtgKyd/t0JhSU,iv:gIGbvRd88vZu3cVW7e4emZmmNO8QcubLrxS1sCwi4Co=,tag:AzLLtcA9jAbeuo6eWU6ilw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
|
@ -24,8 +25,8 @@ sops:
|
|||
WGlLdXVoZlp3bEFXZjlMdG1VOUZDNUkKQ2NNTE3OsNUr2pOI7qeNFSCVkUIVRS+g
|
||||
FG5FbJJcFihXqr+Qo0nZkq+xq07vIia7mKoqyoIfkKwweiVzDKyrkQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-11-30T16:43:19Z"
|
||||
mac: ENC[AES256_GCM,data:U3TilLQvxM01gwIkBM4vT53JRBiE4VBOC0T6dxLjZ9btVMEhGp3MNQMRK0I06JP/vm532/oOTh/No/AwdzOpXxlfNY/hxxij03v83cZraSy8eT53uFV2TfU9HELVmmItqV2rJ96jBvCIzZJ+uif1OwIefcU+ii/MC333sW5DL1A=,iv:9pKUp08MPtECxUE3gxud/4220RsJ/d+xOFljntOdxfo=,tag:vvFpZRDoIz4NGll5XxRhAg==,type:str]
|
||||
lastmodified: "2024-01-07T16:18:51Z"
|
||||
mac: ENC[AES256_GCM,data:lBbtSYZ/UxBPBVVa6Bg0NiZxhFcjEREGBPEgCZau+C9aMQcMJp4s+SPKRaBDGuf2ee95pwuyYOb6M9Jr9dQxRAoAubgyaxAXUrC6U5Q8+VlKxMdvfBNJ5m8OGbkwHACrjkaWTRfHB8rPMH/yuIuuSZl8AB1m2GcT8uoluTsCMGo=,iv:FmFLPhoaR/YAVEJhQIhoUrZGX4p+fw/iCf1BN+NdX/U=,tag:/rZTAt20hd9LretuOHhTbQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue