users/modules/netbird/default.nix at terra · ptr.pet/ark

ptr.pet / ark
nix machine / user configurations
ark / users / modules / netbird / default.nix
at terra 2.4 kB view raw
 1{
 2  lib,
 3  config,
 4  pkgs,
 5  ...
 6}:
 7let
 8  l = lib;
 9  t = l.types;
10  cfg = config.services.netbird;
11  wrapped = pkgs.writers.writeBashBin "netbird" ''
12    ${pkgs.netbird}/bin/netbird \
13      --daemon-addr "unix://$XDG_RUNTIME_DIR/netbird.sock" \
14      --config "${config.xdg.configHome}/netbird/config.json" $@
15  '';
16  proxychainsCfg = pkgs.writers.writeText "proxychains.conf" ''
17    proxy_dns
18    quiet_mode
19    [ProxyList]
20    socks5 127.0.0.1 1080
21  '';
22  wrappedProxychains = pkgs.writers.writeBashBin "netbird-proxychains" ''
23    ${pkgs.proxychains-ng}/bin/proxychains4 -f "${proxychainsCfg}" $@
24  '';
25in
26{
27  options = {
28    services.netbird = {
29      enable = l.mkEnableOption "netbird client";
30      managementUrl = l.mkOption {
31        type = t.str;
32        default = "https://api.netbird.cloud";
33        description = "NetBird management URL";
34      };
35      setupKeyFile = l.mkOption {
36        type = t.str;
37        description = "Path to the setup key file";
38      };
39      proxyScript = l.mkOption {
40        type = t.package;
41        description = "path to a script that uses proxychains to proxy traffic";
42        readOnly = true;
43      };
44    };
45  };
46  config = l.mkIf cfg.enable {
47    home.packages = [
48      wrapped
49      wrappedProxychains
50    ];
51    services.netbird.proxyScript = wrappedProxychains;
52    systemd.user.services.netbird = {
53      Unit = {
54        Description = "NetBird Client";
55        After = [ "network.target" ];
56      };
57
58      Service = {
59        ExecStart = "${pkgs.netbird}/bin/netbird service run";
60        Restart = "on-failure";
61        RestartSec = "5s";
62        Environment = l.mapAttrsToList (k: v: "${k}=${toString v}") {
63          NB_WG_KERNEL_DISABLED = "true";
64          NB_USE_NETSTACK_MODE = "true";
65          NB_FORCE_USERSPACE_ROUTER = "true";
66          NB_ENABLE_NETSTACK_LOCAL_FORWARDING = "true";
67          NB_NETSTACK_SKIP_PROXY = "false";
68          NB_SOCKS5_LISTENER_PORT = 1080;
69          NB_SETUP_KEY_FILE = l.replaceString "\${XDG_RUNTIME_DIR}" "%t" cfg.setupKeyFile;
70          NB_MANAGEMENT_URL = cfg.managementUrl;
71          NB_CONFIG = "${config.xdg.configHome}/netbird/config.json";
72          NB_LOG_FILE = "${config.xdg.dataHome}/netbird/netbird.log";
73          NB_DAEMON_ADDR = "unix://%t/netbird.sock";
74        };
75      };
76
77      Install.WantedBy = [ "network.target" ];
78    };
79  };
80}