tulg/nixdots
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

archangel submits

Browse source
This commit is contained in:
tulg 2026-04-24 17:59:47 +03:00
parent 27f0e0c797
commit 2bc6eb2b21
3 changed files with 14 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hosts/archangel/configuration.nix
View file

@ -11,6 +11,8 @@
./disko.nix ./disko.nix
./hardware-configuration.nix ./hardware-configuration.nix
../../modules/nixos/networking/default.nix ../../modules/nixos/networking/default.nix
../../modules/nixos/networking/zapret.nix
../../modules/nixos/virtualization/default.nix ../../modules/nixos/virtualization/default.nix
../../modules/nixos/common.nix ../../modules/nixos/common.nix
../../modules/nixos/fonts.nix ../../modules/nixos/fonts.nix
@ -21,7 +23,7 @@
# Bootloader. # Bootloader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
services.flatpak.enable = true;
networking.hostName = "archangel"; networking.hostName = "archangel";
programs.hyprland = { programs.hyprland = {

4
hosts/archangel/hardware-configuration.nix
View file

@ -16,6 +16,10 @@
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = []; boot.extraModulePackages = [];
hardware.graphics = {
enable = true;
enable32Bit = true;
};
swapDevices = []; swapDevices = [];

49
modules/nixos/networking/zapret.nix
View file

@ -1,55 +1,20 @@
{ {
services.dnscrypt-proxy = { networking = {
enable = true; nameservers = ["127.0.0.1" "::1"];
settings = {
listen_addresses = [
"127.0.0.1:53"
"[::1]:53"
];
ignore_system_dns = true;
bootstrap_resolvers = [
"9.9.9.9:53"
"149.112.112.112:53"
"1.1.1.1:53"
];
fallback_resolvers = [
"9.9.9.9:53"
"1.1.1.1:53"
];
};
}; };
systemd.services.zapret = { services.dnscrypt-proxy2 = {
after = ["network-online.target"]; enable = true;
wants = ["network-online.target"]; settings = {
listen_addresses = ["127.0.0.1:53" "[::1]:53"];
};
}; };
services.zapret = { services.zapret = {
enable = true; enable = true;
params = [ params = [
"--dpi-desync=fake" "--dpi-desync=fake"
"--dpi-desync-ttl=8" "--dpi-desync-ttl=8"
"--filter-tcp=443 --dpi-desync=fake --dpi-desync-ttl=1 --dpi-desync-fooling=badsum "
"--filter-udp=443 --dpi-desync=fake --dpi-desync-ttl=1 --dpi-desync-fooling=badsum --new "
"--filter-tcp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-user.txt --dpi-desync=fake --dpi-desync-ttl=1 --dpi-desync-fooling=badsum "
"--filter-udp=443 --hostlist=/opt/zapret/ipset/zapret-hosts-user.txt --dpi-desync=fake --dpi-desync-ttl=1 --dpi-desync-fooling=badsum "
];
};
networking = {
networkmanager = {
enable = true;
dns = "none";
};
nameservers = [
"127.0.0.1"
"::1"
]; ];
}; };
} }