L-Nafaryus/bonfire
L-Nafaryus/bonfire
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects 2 Releases Wiki Activity

Compare commits

base: L-Nafaryus:ce15dc90da9b6ba01aa235979dfaeceaf4cd3506
Branches Tags
L-Nafaryus:master
L-Nafaryus:packages-onetagger
L-Nafaryus:catarina-radio-service
L-Nafaryus:packages-wezterm
...
compare: L-Nafaryus:155ca07aa0861c633ef093a5e630e2d263ef43d1
Branches Tags
L-Nafaryus:master
L-Nafaryus:packages-onetagger
L-Nafaryus:catarina-radio-service
L-Nafaryus:packages-wezterm

4 Commits
ce15dc90da ... 155ca07aa0

Author SHA1 Message Date
L-Nafaryus
155ca07aa0
catarina: radio! add radio service
Some checks failed
nix / check (push) Failing after 3m48s
Details
2024-08-09 11:40:10 +05:00
L-Nafaryus
fba02c97ba
flake: add wezterm input, update lock 
astora: replace default terminal alacritty -> wezterm
astora: switch from spoofdpi to zapret
astora: minor changes
 2024-08-09 11:37:57 +05:00
L-Nafaryus
b3611d3a5a
new: nixosModules.zapret: manage service with ipset lists (incomplete) 2024-08-09 11:35:33 +05:00
L-Nafaryus
50368e9aad
new: packages.zapret: provide antifilter-ipsmart list 2024-08-09 11:34:03 +05:00
9 changed files with 581 additions and 22 deletions
Show Stats Expand all files Collapse all files

153
flake.lock
View File

@ -130,6 +130,58 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"freetype2": {
"flake": false,
"locked": {
"lastModified": 1687587065,
"narHash": "sha256-+Fh+/k+NWL5Ow9sDLtp8Cv/8rLNA1oByQQCIQS/bysY=",
"owner": "wez",
"repo": "freetype2",
"rev": "e4586d960f339cf75e2e0b34aee30a0ed8353c0d",
"type": "github"
},
"original": {
"owner": "wez",
"repo": "freetype2",
"rev": "e4586d960f339cf75e2e0b34aee30a0ed8353c0d",
"type": "github"
}
},
"harfbuzz": {
"flake": false,
"locked": {
"lastModified": 1711722720,
"narHash": "sha256-GdxcAPx5QyniSHPAN1ih28AD9JLUPR0ItqW9JEsl3pU=",
"owner": "harfbuzz",
"repo": "harfbuzz",
"rev": "63973005bc07aba599b47fdd4cf788647b601ccd",
"type": "github"
},
"original": {
"owner": "harfbuzz",
"ref": "8.4.0",
"repo": "harfbuzz",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -150,6 +202,23 @@
"type": "github" "type": "github"
} }
}, },
"libpng": {
"flake": false,
"locked": {
"lastModified": 1549245649,
"narHash": "sha256-1+cRp0Ungme/OGfc9kGJbklYIWAFxk8Il1M+NV4KSgw=",
"owner": "glennrp",
"repo": "libpng",
"rev": "8439534daa1d3a5705ba92e653eda9251246dd61",
"type": "github"
},
"original": {
"owner": "glennrp",
"repo": "libpng",
"rev": "8439534daa1d3a5705ba92e653eda9251246dd61",
"type": "github"
}
},
"nixos-mailserver": { "nixos-mailserver": {
"inputs": { "inputs": {
"blobs": "blobs", "blobs": "blobs",
@ -316,7 +385,29 @@
"nixvim": "nixvim", "nixvim": "nixvim",
"obs-image-reaction": "obs-image-reaction", "obs-image-reaction": "obs-image-reaction",
"oscuro": "oscuro", "oscuro": "oscuro",
"sops-nix": "sops-nix" "sops-nix": "sops-nix",
"wezterm": "wezterm"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"wezterm",
"nixpkgs"
]
},
"locked": {
"lastModified": 1721441897,
"narHash": "sha256-gYGX9/22tPNeF7dR6bWN5rsrpU4d06GnQNNgZ6ZiXz0=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "b7996075da11a2d441cfbf4e77c2939ce51506fd",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
} }
}, },
"sops-nix": { "sops-nix": {
@ -354,6 +445,66 @@
"repo": "default-linux", "repo": "default-linux",
"type": "github" "type": "github"
} }
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"wezterm": {
"inputs": {
"flake-utils": "flake-utils",
"freetype2": "freetype2",
"harfbuzz": "harfbuzz",
"libpng": "libpng",
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay",
"zlib": "zlib"
},
"locked": {
"dir": "nix",
"lastModified": 1722353247,
"narHash": "sha256-pPH+IJ8pljR+PmeOdckoHvbQVfSBdStKbgXcaqdkTRk=",
"owner": "wez",
"repo": "wezterm",
"rev": "56a27e93a9ee50aab50ff4d78308f9b3154b5122",
"type": "github"
},
"original": {
"dir": "nix",
"owner": "wez",
"repo": "wezterm",
"type": "github"
}
},
"zlib": {
"flake": false,
"locked": {
"lastModified": 1484501380,
"narHash": "sha256-j5b6aki1ztrzfCqu8y729sPar8GpyQWIrajdzpJC+ww=",
"owner": "madler",
"repo": "zlib",
"rev": "cacf7f1d4e3d44d871b605da3b647f07d718623f",
"type": "github"
},
"original": {
"owner": "madler",
"ref": "v1.2.11",
"repo": "zlib",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

4
flake.nix
View File

@ -62,6 +62,10 @@
url = "github:Aylur/ags"; url = "github:Aylur/ags";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
wezterm = {
url = "github:wez/wezterm?dir=nix";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = {self, ...} @ inputs: let outputs = {self, ...} @ inputs: let

147
nixosConfigurations/astora/users.nix
View File

@ -11,7 +11,7 @@
users.users.l-nafaryus = { users.users.l-nafaryus = {
isNormalUser = true; isNormalUser = true;
description = "L-Nafaryus"; description = "L-Nafaryus";
extraGroups = ["networkmanager" "wheel" "audio" "libvirtd" "input" "video"]; extraGroups = ["networkmanager" "wheel" "audio" "libvirtd" "input" "video" "disk" "wireshark"];
group = "users"; group = "users";
uid = 1000; uid = 1000;
initialPassword = "nixos"; initialPassword = "nixos";
@ -36,20 +36,16 @@
home.packages = with pkgs; [ home.packages = with pkgs; [
#gnupg #gnupg
git git
nnn #nnn
pass pass
taskwarrior taskwarrior
#tmux #tmux
gparted gparted
xclip firefox
(firefox.override {nativeMessagingHosts = [passff-host];})
thunderbird thunderbird
discord
pipewire.jack # pw-jack pipewire.jack # pw-jack
carla carla
qpwgraph qpwgraph
@ -101,6 +97,10 @@
steamtinkerlaunch steamtinkerlaunch
discord
webcord
vesktop
tor tor
networkmanagerapplet networkmanagerapplet
#rofi-wayland #rofi-wayland
@ -115,17 +115,17 @@
musikcube musikcube
swww swww
hyprshot hyprshot
(python3.withPackages (p: [p.click]))
mangohud mangohud
gamescope gamescope
libstrangle libstrangle
webcord
wl-clipboard wl-clipboard
cliphist cliphist
tree tree
bonPkgs.bonvim bonPkgs.bonvim
freenect freenect
mpc-cli
]; ];
xdg.portal = { xdg.portal = {
@ -149,6 +149,7 @@
gtk = { gtk = {
enable = true; enable = true;
# TODO: fix catppuccin deprecation. Provide Paper icons to gtk and gnomeShell manually. (+ regreet)
catppuccin = { catppuccin = {
enable = true; enable = true;
accent = "green"; accent = "green";
@ -194,6 +195,7 @@
''; '';
}; };
}; };
git = { git = {
enable = true; enable = true;
lfs.enable = true; lfs.enable = true;
@ -219,7 +221,10 @@
plog = "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"; plog = "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
}; };
}; };
# TODO: bat cannot determine catppuccin theme
bat.enable = true; bat.enable = true;
btop = { btop = {
enable = true; enable = true;
settings = { settings = {
@ -227,30 +232,71 @@
proc_tree = true; proc_tree = true;
}; };
}; };
fzf.enable = true; fzf.enable = true;
tmux.enable = true; tmux.enable = true;
lazygit.enable = true; lazygit.enable = true;
gpg = { gpg = {
enable = true; enable = true;
homedir = "${hmConfig.xdg.configHome}/gnupg"; homedir = "${hmConfig.xdg.configHome}/gnupg";
mutableKeys = true; mutableKeys = true;
mutableTrust = true; mutableTrust = true;
# TODO: replace existing ssh key with gpg provided
}; };
nnn = {
enable = true;
package = pkgs.nnn.override {withNerdIcons = true;};
bookmarks = {
d = "~/Downloads";
p = "~/projects";
i = "~/Pictures";
m = "~/Music";
v = "~/Videos";
};
plugins = {
src = "${hmConfig.programs.nnn.finalPackage}/share/plugins";
mappings = {
# TODO: add used programs for previews with FIFO support
p = "preview-tui";
};
};
};
ncmpcpp.enable = true;
# Graphical # Graphical
alacritty = { wezterm = {
enable = true; enable = true;
settings = { package = inputs.wezterm.packages.x86_64-linux.default;
font = { extraConfig = ''
size = 10; return {
}; color_scheme = "Catppuccin Macchiato",
}; default_prog = { "fish" },
font_size = 10.0,
enable_tab_bar = true,
hide_tab_bar_if_only_one_tab = true,
term = "wezterm",
window_padding = {
left = 0,
right = 0,
top = 0,
bottom = 0
},
# ISSUE: the terminal does not update after some time of use. It only updates with mouse movements. [Wayland, Hyprland]
enable_wayland = false
}
'';
}; };
rofi = { rofi = {
enable = true; enable = true;
package = pkgs.rofi-wayland; package = pkgs.rofi-wayland;
terminal = "${lib.getExe hmConfig.programs.alacritty.package}"; terminal = "${lib.getExe hmConfig.programs.wezterm.package}";
cycle = true; cycle = true;
extraConfig = { extraConfig = {
show-icons = true; show-icons = true;
@ -265,6 +311,7 @@
window = { window = {
border-radius = mkLiteral "5px"; border-radius = mkLiteral "5px";
}; };
# TODO: make window bigger, for 2k monitor, yeah
}; };
}; };
@ -278,6 +325,11 @@
inputs.obs-image-reaction.packages.${pkgs.system}.default inputs.obs-image-reaction.packages.${pkgs.system}.default
]; ];
}; };
mpv = {
enable = true;
# TODO: check ImPlay for packaging, it's may be better alternative to pure mpv
};
}; };
services = { services = {
@ -292,6 +344,15 @@
enableBashIntegration = true; enableBashIntegration = true;
}; };
#mpd = {
# enable = true;
#};
# TODO: meet mpdris2 with system mpd
#mpdris2 = {
# enable = true;
#};
# Graphical # Graphical
hypridle = { hypridle = {
enable = true; enable = true;
@ -321,9 +382,9 @@
"$mouse" = "logitech-g102-lightsync-gaming-mouse"; "$mouse" = "logitech-g102-lightsync-gaming-mouse";
# Main programs # Main programs
"$terminal" = "${lib.getExe hmConfig.programs.alacritty.package}"; "$terminal" = "${lib.getExe hmConfig.programs.wezterm.package}";
"$menu" = "${lib.getExe hmConfig.programs.rofi.package} -show drun"; "$menu" = "${lib.getExe hmConfig.programs.rofi.package} -show drun";
"$fileManager" = "$terminal -e ${lib.getExe pkgs.nnn}"; "$fileManager" = "$terminal -e ${lib.getExe hmConfig.programs.nnn.package}";
monitor = [ monitor = [
"desc:$monitor2, 2560x1440@75, 0x0, auto" "desc:$monitor2, 2560x1440@75, 0x0, auto"
@ -339,7 +400,7 @@
"systemctl --user start hypridle" "systemctl --user start hypridle"
"wl-paste --type text --watch cliphist store" #Stores only text data "wl-paste --type text --watch cliphist store" #Stores only text data
"wl-paste --type image --watch cliphist store" #Stores only image data "wl-paste --type image --watch cliphist store" #Stores only image data
"swww-daemon & swww img ~/Pictures/wallpapers/emily-in-the-cyberpunk-city.3840x2160.png & swww img ~/Pictures/wallpapers/emily-in-the-cyberpunk-city.3840x2160a.gif" "swww-daemon & swww img ~/Pictures/wallpapers/current" # wallpaper symlinked
]; ];
env = [ env = [
@ -441,6 +502,8 @@
"float, class:^(steam_app.*)$" "float, class:^(steam_app.*)$"
"immediate, class:^(steam_app.*)$" "immediate, class:^(steam_app.*)$"
"float, class:^(steam_proton.*)$" "float, class:^(steam_proton.*)$"
"float,class:^(org.wezfurlong.wezterm)$"
"tile,class:^(org.wezfurlong.wezterm)$"
]; ];
bind = [ bind = [
"SUPER, Q, exec, $terminal" "SUPER, Q, exec, $terminal"
@ -563,8 +626,50 @@
programs.virt-manager.enable = true; programs.virt-manager.enable = true;
# Services programs.wireshark = {
services.spoofdpi.enable = true; enable = true;
package = pkgs.wireshark;
};
# Services
services.spoofdpi.enable = false;
services.zapret = {
enable = true;
mode = "tpws";
firewallType = "iptables";
disableIpv6 = true;
settings = ''
MODE_HTTP=1
MODE_HTTP_KEEPALIVE=0
MODE_HTTPS=1
MODE_QUIC=0
MODE_FILTER=ipset
TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --oob"
INIT_APPLY_FW=1
'';
};
# TODO: remember who use gvfs
services.gvfs.enable = true; services.gvfs.enable = true;
services.mpd = {
enable = true;
musicDirectory = "/media/vault/audio/music";
network.listenAddress = "any";
network.startWhenNeeded = true;
user = "l-nafaryus";
extraConfig = ''
audio_output {
type "pipewire"
name "PipeWire"
}
'';
};
systemd.services.mpd.environment = {
# https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/609
# User-id must match above user. MPD will look inside this directory for the PipeWire socket.
XDG_RUNTIME_DIR = "/run/user/${toString config.users.users.l-nafaryus.uid}";
};
} }

1
nixosConfigurations/catarina/default.nix
View File

@ -12,6 +12,7 @@
./users.nix ./users.nix
# ./services/papermc.nix # disabled # ./services/papermc.nix # disabled
./services/gitea.nix ./services/gitea.nix
./services/radio.nix
]; ];
# Nix settings # Nix settings

32
nixosConfigurations/catarina/services/radio.nix Normal file
View File

@ -0,0 +1,32 @@
{config, ...}: {
services.mpd = {
enable = true;
musicDirectory = "/home/l-nafaryus/Music";
network.listenAddress = "any";
network.startWhenNeeded = true;
user = "l-nafaryus";
extraConfig = ''
audio_output {
type "httpd"
name "Radio"
port "6666"
bind_to_address "127.0.0.1"
encoder "lame"
max_clients "0"
website "https://radio.elnafo.ru"
always_on "yes"
tags "yes"
bitrate "128"
format "44100:16:1"
}
'';
};
services.nginx.virtualHosts."radio.elnafo.ru" = {
forceSSL = true;
useACMEHost = "elnafo.ru";
locations."/synthwave".proxyPass = "http://127.0.0.1:6666";
};
networking.firewall.allowedTCPPorts = [config.services.mpd.network.port];
}

1
nixosModules/default.nix
View File

@ -10,6 +10,7 @@
./services/papermc.nix ./services/papermc.nix
./services/qbittorrent-nox.nix ./services/qbittorrent-nox.nix
./services/spoofdpi.nix ./services/spoofdpi.nix
./services/zapret.nix
]; ];
configModule = { configModule = {

178
nixosModules/services/zapret.nix Normal file
View File

@ -0,0 +1,178 @@
{
lib,
config,
pkgs,
bonPkgs,
...
}:
with lib; let
cfg = config.services.zapret;
createFilterList = name: str: (
lib.concatStringsSep "\n"
(map (ip: "add ${name} ${ip}")
(lib.splitString "\n" (lib.removeSuffix "\n" str)))
);
in {
options.services.zapret = {
enable = mkEnableOption "DPI bypass multi platform service";
package = mkOption {
type = types.package;
default = bonPkgs.zapret;
defaultText = literalExpression "bonPkgs.zapret";
description = "The package to use.";
};
settings = mkOption {
type = types.lines;
default = "";
example = ''
TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --oob"
NFQWS_OPT_DESYNC="--dpi-desync-ttl=5"
'';
description = ''
Rules for zapret to work. Run ```nix-shell -p zapret --command blockcheck``` to get values to pass here.
Config example can be found here https://github.com/bol-van/zapret/blob/master/config.default
'';
};
firewallType = mkOption {
type = types.enum [
"iptables"
"nftables"
];
default = "nftables";
description = ''
Which firewall zapret should use.
'';
};
disableIPV4 = mkOption {
type = types.bool;
default = false;
description = ''
Enable usage of IpV4.
'';
};
disableIPV6 = mkOption {
type = types.bool;
default = true;
description = ''
Enable usage of IpV6.
'';
};
mode = mkOption {
type = types.enum [
"tpws"
"tpws-socks"
"nfqws"
"filter"
"custom"
];
default = "tpws";
description = ''
Which mode zapret should use.
'';
};
# TODO: add filter and anti filter options with optional file paths
# TODO ipset hashsize and maxelem
};
config = mkIf cfg.enable {
users.users.tpws = {
isSystemUser = true;
group = "tpws";
};
users.groups.tpws = {};
systemd.services.zapret = {
after = ["network-online.target"];
wants = ["network-online.target"];
wantedBy = ["multi-user.target"];
path = with pkgs; [
(
if cfg.firewallType == "iptables"
then iptables
else nftables
)
gawk
ipset
];
serviceConfig = {
Type = "forking";
Restart = "no";
TimeoutSec = "30sec";
IgnoreSIGPIPE = "no";
KillMode = "none";
GuessMainPID = "no";
RemainAfterExit = "no";
ExecStart = "${cfg.package}/bin/zapret start";
ExecStop = let
stop_script = pkgs.writeShellScriptBin "zapret-stop" ''
${cfg.package}/bin/zapret stop
ipset destroy zapret -!
ipset destroy nozapret -!
'';
in "${stop_script}/bin/zapret-stop";
StandardOutput = "journal";
StandardError = "journal";
EnvironmentFile = pkgs.writeText "${cfg.package.pname}-environment" (concatStrings [
cfg.settings
''
MODE=${cfg.mode}
FWTYPE=${cfg.firewallType}
DISABLE_IPV4=${toString cfg.disableIPV4}
DISABLE_IPV6=${toString cfg.disableIPV6}
''
]);
# hardening
DevicePolicy = "closed";
KeyringMode = "private";
PrivateTmp = true;
PrivateMounts = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectSystem = "strict";
ProtectProc = "invisible";
RemoveIPC = true;
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
};
preStart = let
zapretListFile = pkgs.writeText "zapretList" (createFilterList "zapret" (lib.readFile cfg.package.passthru.antifilter.ipsmart));
nozapretListFile = pkgs.writeText "nozapretList" (createFilterList "nozapret" ''
10.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.168.0.0/16
'');
in ''
ipset create zapret hash:net family inet hashsize 262144 maxelem 522288 -!
ipset flush zapret
ipset restore -! < ${zapretListFile}
ipset create nozapret hash:net family inet hashsize 262144 maxelem 522288 -!
ipset flush nozapret
ipset restore -! < ${nozapretListFile}
'';
};
};
}

6
packages/default.nix
View File

@ -70,6 +70,12 @@ in
builder = {...}: import; builder = {...}: import;
}; };
zapret = {
source = ./zapret;
platforms = ["x86_64-linux"];
builder = {pkgs, ...}: pkgs.callPackage;
};
# Container images # Container images
nix-minimal = { nix-minimal = {

81
packages/zapret/default.nix Normal file
View File

@ -0,0 +1,81 @@
{
lib,
bonLib,
pkgs,
version ? "9fcd8f830ebde2491719a5c698e22d1d5210e0fb",
hash ? "sha256-8cqKCNYLLkZXlwrybKUPG6fLd7gmf8zV9tjWoTxAwIY=",
...
}:
pkgs.stdenv.mkDerivation {
pname = "zapret";
inherit version;
src = pkgs.fetchFromGitHub {
owner = "bol-van";
repo = "zapret";
rev = version;
hash = hash;
};
buildInputs = with pkgs; [libcap zlib libnetfilter_queue libnfnetlink];
nativeBuildInputs = with pkgs; [iptables nftables gawk];
buildPhase = ''
mkdir -p $out/bin
make TGT=$out/bin
'';
installPhase = ''
mkdir -p $out/usr/share/zapret/init.d/sysv
mkdir -p $out/usr/share/docs
cp $src/blockcheck.sh $out/bin/blockcheck
substituteInPlace $out/bin/blockcheck \
--replace "ZAPRET_BASE=\"\$EXEDIR\"" "ZAPRET_BASE=$out/usr/share/zapret"
cp $src/init.d/sysv/functions $out/usr/share/zapret/init.d/sysv/functions
cp $src/init.d/sysv/zapret $out/usr/share/zapret/init.d/sysv/init.d
substituteInPlace $out/usr/share/zapret/init.d/sysv/functions \
--replace "ZAPRET_BASE=\$(readlink -f \"\$EXEDIR/../..\")" "ZAPRET_BASE=$out/usr/share/zapret" \
--replace ". \"\$ZAPRET_BASE/config\"" ""
cp -r $src/docs/* $out/usr/share/docs
mkdir -p $out/usr/share/zapret/{common,ipset}
cp $src/common/* $out/usr/share/zapret/common
cp $src/ipset/* $out/usr/share/zapret/ipset
mkdir -p $out/usr/share/zapret/nfq
ln -s ../../../../bin/nfqws $out/usr/share/zapret/nfq/nfqws
for i in ip2net mdig tpws
do
mkdir -p $out/usr/share/zapret/$i
ln -s ../../../../bin/$i $out/usr/share/zapret/$i/$i
done
ln -s ../usr/share/zapret/init.d/sysv/init.d $out/bin/zapret
'';
passthru = {
antifilter = {
ipsmart = pkgs.fetchurl {
url = "https://antifilter.network/download/ipsmart.lst";
hash = "sha256-mg2OFZ3x2q/31wNMZl6R6bTK0TKenSFePRo+B1GJdwo=";
};
};
};
meta = with lib; {
description = "DPI bypass multi platform";
homepage = "https://github.com/bol-van/zapret";
license = licenses.mit;
maintainers = with bonLib.maintainers; [L-Nafaryus];
mainProgram = "zapret";
broken = false;
};
}