package zerotier tcp proxies
This commit is contained in:
parent
64ef6eda56
commit
14a39f207d
|
@ -1,6 +1,9 @@
|
|||
{ lib, ... }:
|
||||
{ lib, pkgs, ... }:
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [ 9993 ];
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
9993
|
||||
993 # zt-tcp-proxy
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = [ 9993 ];
|
||||
networking.firewall.interfaces."zt+".allowedTCPPorts = [ 5353 ];
|
||||
networking.firewall.interfaces."zt+".allowedUDPPorts = [ 5353 ];
|
||||
|
@ -16,13 +19,25 @@
|
|||
};
|
||||
};
|
||||
|
||||
systemd.services.zt-tcp-proxy = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "zerotier-one.service" ];
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
# imap port
|
||||
ExecStart = "${pkgs.callPackage ../../pkgs/zt-tcp-relay.nix {}}/bin/zt-tcp-relay --listen [::]:993";
|
||||
Restart = "always";
|
||||
RestartSec = 5;
|
||||
DynamicUser = true;
|
||||
User = "zt-tcp-proxy";
|
||||
Group = "zt-tcp-proxy";
|
||||
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
||||
};
|
||||
};
|
||||
|
||||
services.zerotierone = {
|
||||
enable = true;
|
||||
joinNetworks = [
|
||||
"33d87fa6bd93423e"
|
||||
];
|
||||
joinNetworks = [ "33d87fa6bd93423e" ];
|
||||
};
|
||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
||||
"zerotierone"
|
||||
];
|
||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "zerotierone" ];
|
||||
}
|
||||
|
|
25
pkgs/zerotier-tcp-proxy.nix
Normal file
25
pkgs/zerotier-tcp-proxy.nix
Normal file
|
@ -0,0 +1,25 @@
|
|||
{ stdenv, fetchFromGitHub, fetchpatch, zerotierone }:
|
||||
stdenv.mkDerivation {
|
||||
name = "zerotier-tcp-proxy";
|
||||
src = fetchFromGitHub {
|
||||
owner = "zerotier";
|
||||
repo = "ZeroTierOne";
|
||||
rev = "008a768f15763aa4b1c73434cdc517b6b4e3f997";
|
||||
hash = "sha256-BX589KbO+6eoyUo7UUDEL7pyIgpUE25deax+dmvGGG4=";
|
||||
};
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://github.com/zerotier/ZeroTierOne/commit/dd2006d494e85a41d8b818b37460e7cf458a2aee.patch";
|
||||
hash = "sha256-nuao04pDha7h62RHviUZYx21p6bNOyiU78kBBq2o2Rs=";
|
||||
})
|
||||
];
|
||||
buildPhase = ''
|
||||
pushd tcp-proxy
|
||||
cat tcp-proxy.cpp
|
||||
make -j $NIX_BUILD_CORES CXX=$CXX
|
||||
popd
|
||||
'';
|
||||
installPhase = ''
|
||||
install -D -m 755 tcp-proxy/tcp-proxy $out/bin/zerotier-tcp-proxy
|
||||
'';
|
||||
}
|
32
pkgs/zt-tcp-relay.nix
Normal file
32
pkgs/zt-tcp-relay.nix
Normal file
|
@ -0,0 +1,32 @@
|
|||
{ lib
|
||||
, rustPlatform
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage {
|
||||
pname = "zt-tcp-relay";
|
||||
version = "unstable-2022-08-02";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "alexander-akhmetov";
|
||||
repo = "zt-tcp-relay";
|
||||
rev = "2d4541d77807d57d5c303a1babfabf7f445e3946";
|
||||
hash = "sha256-6CkVvBRMsyAPBdkDBM1REJjM+3vs+ws/qCmQOfFInMw=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# https://github.com/alexander-akhmetov/zt-tcp-relay/pull/19
|
||||
(fetchpatch {
|
||||
url = "https://github.com/alexander-akhmetov/zt-tcp-relay/commit/69f0a4f1f210dcd7a305036d4737d9a29215824d.patch";
|
||||
hash = "sha256-kqZS9IjwEggLE6CQFaacL2TyTUn0PQCz1TPdoZdDrk0=";
|
||||
})
|
||||
];
|
||||
|
||||
cargoHash = "sha256-MDygbJRi1aT4hfI7b2hwhYJ4UJyR1DehDAHDgbDZ35g=";
|
||||
|
||||
meta = {
|
||||
description = "ZeroTier One TCP relay";
|
||||
homepage = "https://github.com/alexander-akhmetov/zt-tcp-relay";
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user