feat: init hectic-lab merge

2026-02-27 19:57:44 +00:00
parent 4e2264dc03
commit cfcd6647ae
13 changed files with 948 additions and 10 deletions
--- a/nixos/module/generic/shadowsocks.nix
+++ b/nixos/module/generic/shadowsocks.nix
@@ -0,0 +1,28 @@
+{
+  ...
+}:
+{
+  pkgs,
+  config,
+  ...
+}:
+{
+  sops.secrets."ss-bfs/password" = {};
+  services.shadowsocks-rust = {
+    enable = true;
+    plugin = "${pkgs.shadowsocks-v2ray-plugin}/bin/v2ray-plugin";
+    # TODO: setup dnscrypt or a private DNS server for this
+    # extraConfig = {
+    #   nameserver = "185.12.64.1"; # FIXME: this can vary across instances.
+    # };
+    port = 55228;
+    pluginOpts = "server";
+    # TODO: setup a TLS certs for this (look: (README.md) https://github.com/shadowsocks/v2ray-plugin/)
+    #pluginOpts = "server;tls;host=ss.bfs.band";
+    passwordFile = config.sops.secrets."ss-bfs/password".path;
+    mode = "tcp_and_udp"; # default
+    localAddress = "0.0.0.0";
+    fastOpen = true; # default
+    encryptionMethod = "chacha20-ietf-poly1305"; # default
+  };
+}