From 1c26b5b65f4885f60b5ceebd8d65f3093d14ee1f Mon Sep 17 00:00:00 2001
From: tulg <tulg@protonmail.ch>
Date: Fri, 16 Jan 2026 17:36:16 +0300
Subject: [PATCH] global/zapret

---
 modules/nixos/common.nix             |  5 +++++
 modules/nixos/networking/default.nix |  2 +-
 modules/nixos/networking/zapret.nix  | 23 ++++++++++++++++-------
 modules/nixos/services.nix           |  1 +
 4 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/modules/nixos/common.nix b/modules/nixos/common.nix
index 5478f1d..e290c2c 100644
--- a/modules/nixos/common.nix
+++ b/modules/nixos/common.nix
@@ -5,10 +5,15 @@
     virtiofsd
     linux-pam
     lm_sensors
+    wireguard-tools
+    iproute2
+    util-linux
   ];
   nixpkgs.config.allowUnfree = true;
   nix.settings.experimental-features = ["nix-command" "flakes"];
   time.timeZone = "Europe/Istanbul";
   zramSwap.enable = true;
   programs.localsend.enable = true;
+
+  networking.networkmanager.enable = true;
 }
diff --git a/modules/nixos/networking/default.nix b/modules/nixos/networking/default.nix
index 28bce0f..7506800 100644
--- a/modules/nixos/networking/default.nix
+++ b/modules/nixos/networking/default.nix
@@ -8,6 +8,6 @@
   imports = [
     ./bluetooth.nix
     ./ssh.nix
-    ./zapret.nix
+    #./zapret.nix       zapret decided to kill itself among all the devices caused so much problems, i just use tailscale exit node for the time being until i decide to fix this fucking shitass tool
   ];
 }
diff --git a/modules/nixos/networking/zapret.nix b/modules/nixos/networking/zapret.nix
index c391b14..cd1a5ee 100644
--- a/modules/nixos/networking/zapret.nix
+++ b/modules/nixos/networking/zapret.nix
@@ -1,6 +1,6 @@
 {
   services.dnscrypt-proxy = {
-    enable = true;
+    enable = false;
 
     settings = {
       listen_addresses = [
@@ -29,23 +29,32 @@
   };
 
   services.zapret = {
-    enable = true;
+    enable = false;
 
     params = [
-      "--dpi-desync=fake"
-      "--dpi-desync-ttl=8"
+      # "--dpi-desync=fake"
+      # "--dpi-desync-ttl=8"
+      "--filter-tcp=443 --dpi-desync=fake --dpi-desync-ttl=1 --dpi-desync-fooling=badsum "
+      "--filter-udp=443 --dpi-desync=fake --dpi-desync-ttl=1 --dpi-desync-fooling=badsum --new "
+      "--filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-user.txt --dpi-desync=fake --dpi-desync-ttl=1 --dpi-desync-fooling=badsum "
+      "--filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-user.txt --dpi-desync=fake --dpi-desync-ttl=1 --dpi-desync-fooling=badsum "
     ];
   };
 
   networking = {
     networkmanager = {
       enable = true;
-      dns = "none";
+      extraConfig = ''
+        [connectivity]
+        uri=http://connectivitycheck.gstatic.com/generate_204
+        interval=0
+      '';
+      #dns = "none";
     };
 
     nameservers = [
-      "127.0.0.1"
-      "::1"
+      # "127.0.0.1"
+      # "::1"
     ];
   };
 }
diff --git a/modules/nixos/services.nix b/modules/nixos/services.nix
index 09a4358..0150255 100644
--- a/modules/nixos/services.nix
+++ b/modules/nixos/services.nix
@@ -12,6 +12,7 @@
   services.tailscale = {
     enable = true;
     useRoutingFeatures = "both";
+    interfaceName = "userspace-networking";
   };
 
   programs.thunar.plugins = with pkgs; [