feat(nixos): xray

2025-12-04 21:03:01 +00:00
parent b786098867
commit 3e6bf6ce7f
2 changed files with 52 additions and 31 deletions
--- a/nixos/system/xray/xray.nix
+++ b/nixos/system/xray/xray.nix
@@ -8,40 +8,61 @@
  modulesPath,
  config,
  ...
-}:
-{
+}: let
+  xrayPort = 10086;
+in {
  imports = [
    self.nixosModules.hectic
  ];

  services.xray = {
    enable  = true;
-    setting = ''
-      {
-        "inbounds": [
-          {
-            "port": 10086,
-            "protocol": "vmess",
-            "settings": {
-              "clients": [
-                {
-                  "id": "b831381d-6324-4d53-ad4f-8cda48b30811"
-                }
-              ]
-            }
-          }
-        ],
-        "outbounds": [
-          {
-            "protocol": "freedom"
-          }
-        ]
-      }
-    '';
+    settings = {
+      "inbounds" = [
+        {
+          "port" = xrayPort;
+          "protocol" = "vmess";
+          "settings" = {
+            "clients" = [
+              {
+                "id" = "04ad600a-0e94-4ba6-af93-74e03fd3f58d";
+              }
+            ];
+          };
+        }
+      ];
+      "log" = {
+        "loglevel" = "warning";
+      };
+      "outbounds" = [
+        {
+          "protocol" = "freedom";
+        }
+      ];
+    };
  };
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPPChQvpyOrPjRjp8pS5Yw+oJVmywDzefzZCXh1d44EY''
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGP3HjFoJNGHqHoEw9XLzh766QWknfaN07GGi8lsC2Tv''
+  ];
+
 
  hectic = {
    archetype.base.enable = true;
-    hardware.lenovo-legion.enable = true;
+    archetype.dev.enable  = true;
+    hardware.hetzner-cloud = {
+      enable                 = true;
+      networkMatchConfigName = "enp1s0";
+      ipv4                   = "77.42.45.173";
+      ipv6                   = "2a01:4f9:c013:7230";
+    };
+  };
+
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      xrayPort
+    ];
  };
 }