32 lines
774 B
Nix
32 lines
774 B
Nix
{ config, abs, pkgs, ... }@inputs:
|
|
|
|
let
|
|
secrets = import (abs "lib/secrets.nix");
|
|
in
|
|
{
|
|
imports = [
|
|
(secrets.declare [ "ss-desu-arm-password" "ss-desu-arm-ip" ])
|
|
((import (abs "services/shadowsocks-rust.nix") inputs) {
|
|
serverFile = config.age.secrets.ss-desu-arm-ip.path;
|
|
port = 9000;
|
|
passwordFile = config.age.secrets.ss-desu-arm-password.path;
|
|
mode = "tcp_and_udp";
|
|
fastOpen = true;
|
|
encryptionMethod = "chacha20-ietf-poly1305";
|
|
|
|
client = true;
|
|
localPort = 7890;
|
|
})
|
|
];
|
|
|
|
# http -> socks5 proxy
|
|
services.privoxy = {
|
|
enable = true;
|
|
settings = {
|
|
listen-address = "0.0.0.0:7891";
|
|
forward-socks5 = "/ 127.0.0.1:7890 .";
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 7890 7891 ];
|
|
}
|