pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / sing-box.nix
at 24.11-pre 2.1 kB view raw
1{ config, lib, pkgs, utils, ... }: 2let 3 cfg = config.services.sing-box; 4 settingsFormat = pkgs.formats.json { }; 5in 6{ 7 8 meta = { 9 maintainers = with lib.maintainers; [ nickcao ]; 10 }; 11 12 options = { 13 services.sing-box = { 14 enable = lib.mkEnableOption "sing-box universal proxy platform"; 15 16 package = lib.mkPackageOption pkgs "sing-box" { }; 17 18 settings = lib.mkOption { 19 type = lib.types.submodule { 20 freeformType = settingsFormat.type; 21 options = { 22 route = { 23 geoip.path = lib.mkOption { 24 type = lib.types.path; 25 default = "${pkgs.sing-geoip}/share/sing-box/geoip.db"; 26 defaultText = lib.literalExpression "\${pkgs.sing-geoip}/share/sing-box/geoip.db"; 27 description = '' 28 The path to the sing-geoip database. 29 ''; 30 }; 31 geosite.path = lib.mkOption { 32 type = lib.types.path; 33 default = "${pkgs.sing-geosite}/share/sing-box/geosite.db"; 34 defaultText = lib.literalExpression "\${pkgs.sing-geosite}/share/sing-box/geosite.db"; 35 description = '' 36 The path to the sing-geosite database. 37 ''; 38 }; 39 }; 40 }; 41 }; 42 default = { }; 43 description = '' 44 The sing-box configuration, see https://sing-box.sagernet.org/configuration/ for documentation. 45 46 Options containing secret data should be set to an attribute set 47 containing the attribute `_secret` - a string pointing to a file 48 containing the value the option should be set to. 49 ''; 50 }; 51 }; 52 }; 53 54 config = lib.mkIf cfg.enable { 55 systemd.packages = [ cfg.package ]; 56 57 systemd.services.sing-box = { 58 preStart = '' 59 umask 0077 60 mkdir -p /etc/sing-box 61 ${utils.genJqSecretsReplacementSnippet cfg.settings "/etc/sing-box/config.json"} 62 ''; 63 wantedBy = [ "multi-user.target" ]; 64 }; 65 }; 66 67}