nixos/modules/services/networking/byedpi.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / networking / byedpi.nix

at master 1.2 kB view raw

 1{
 2  lib,
 3  config,
 4  pkgs,
 5  ...
 6}:
 7
 8let
 9  cfg = config.services.byedpi;
10in
11{
12  options.services.byedpi = {
13    enable = lib.mkEnableOption "the ByeDPI service";
14    package = lib.mkPackageOption pkgs "byedpi" { };
15    extraArgs = lib.mkOption {
16      type = with lib.types; listOf str;
17      default = [ ];
18      example = [
19        "--split"
20        "1"
21        "--disorder"
22        "3+s"
23        "--mod-http=h,d"
24        "--auto=torst"
25        "--tlsrec"
26        "1+s"
27      ];
28      description = "Extra command line arguments.";
29    };
30  };
31  config = lib.mkIf cfg.enable {
32    systemd.services.byedpi = {
33      description = "ByeDPI";
34      wantedBy = [ "default.target" ];
35      wants = [ "network-online.target" ];
36      after = [
37        "network-online.target"
38        "nss-lookup.target"
39      ];
40      serviceConfig = {
41        ExecStart = lib.escapeShellArgs ([ (lib.getExe cfg.package) ] ++ cfg.extraArgs);
42        NoNewPrivileges = "yes";
43        StandardOutput = "null";
44        StandardError = "journal";
45        TimeoutStopSec = "5s";
46        PrivateTmp = "true";
47        ProtectSystem = "full";
48      };
49    };
50  };
51
52  meta.maintainers = with lib.maintainers; [ wozrer ];
53}