nixos/sing-box: apply migrations in tests
This commit is contained in:
hellodword
parent
16acc003a0
commit
05a9ddb0a5
@ -57,8 +57,6 @@ let
|
|||||||
"${hosts."${server_host}"}/32"
|
"${hosts."${server_host}"}/32"
|
||||||
];
|
];
|
||||||
strict_route = false;
|
strict_route = false;
|
||||||
sniff = true;
|
|
||||||
sniff_override_destination = false;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
tproxyPort = 1081;
|
tproxyPort = 1081;
|
||||||
@ -219,6 +217,9 @@ in
|
|||||||
tag = "outbound:direct";
|
tag = "outbound:direct";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
route = {
|
||||||
|
default_interface = "eth1";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -267,6 +268,7 @@ in
|
|||||||
vmessOutbound
|
vmessOutbound
|
||||||
];
|
];
|
||||||
route = {
|
route = {
|
||||||
|
default_interface = "eth1";
|
||||||
final = "outbound:block";
|
final = "outbound:block";
|
||||||
rules = [
|
rules = [
|
||||||
{
|
{
|
||||||
@ -315,25 +317,28 @@ in
|
|||||||
type = "block";
|
type = "block";
|
||||||
tag = "outbound:block";
|
tag = "outbound:block";
|
||||||
}
|
}
|
||||||
|
];
|
||||||
|
endpoints = [
|
||||||
{
|
{
|
||||||
type = "direct";
|
|
||||||
tag = "outbound:direct";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
detour = "outbound:direct";
|
|
||||||
type = "wireguard";
|
type = "wireguard";
|
||||||
tag = "outbound:wireguard";
|
tag = "outbound:wireguard";
|
||||||
interface_name = "wg0";
|
name = "wg0";
|
||||||
local_address = [ "10.23.42.2/32" ];
|
address = [ "10.23.42.2/32" ];
|
||||||
mtu = 1280;
|
mtu = 1280;
|
||||||
private_key = wg-keys.peer1.privateKey;
|
private_key = wg-keys.peer1.privateKey;
|
||||||
peer_public_key = wg-keys.peer0.publicKey;
|
peers = [
|
||||||
server = server_host;
|
{
|
||||||
server_port = 2408;
|
address = server_host;
|
||||||
system_interface = true;
|
port = 2408;
|
||||||
|
public_key = wg-keys.peer0.publicKey;
|
||||||
|
allowed_ips = [ "0.0.0.0/0" ];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
system = true;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
route = {
|
route = {
|
||||||
|
default_interface = "eth1";
|
||||||
final = "outbound:block";
|
final = "outbound:block";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -377,8 +382,6 @@ in
|
|||||||
listen = "0.0.0.0";
|
listen = "0.0.0.0";
|
||||||
listen_port = tproxyPort;
|
listen_port = tproxyPort;
|
||||||
udp_fragment = true;
|
udp_fragment = true;
|
||||||
sniff = true;
|
|
||||||
sniff_override_destination = false;
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
outbounds = [
|
outbounds = [
|
||||||
@ -393,6 +396,7 @@ in
|
|||||||
vmessOutbound
|
vmessOutbound
|
||||||
];
|
];
|
||||||
route = {
|
route = {
|
||||||
|
default_interface = "eth1";
|
||||||
final = "outbound:block";
|
final = "outbound:block";
|
||||||
rules = [
|
rules = [
|
||||||
{
|
{
|
||||||
@ -434,7 +438,7 @@ in
|
|||||||
independent_cache = true;
|
independent_cache = true;
|
||||||
fakeip = {
|
fakeip = {
|
||||||
enabled = true;
|
enabled = true;
|
||||||
"inet4_range" = "198.18.0.0/16";
|
inet4_range = "198.18.0.0/16";
|
||||||
};
|
};
|
||||||
servers = [
|
servers = [
|
||||||
{
|
{
|
||||||
@ -458,7 +462,6 @@ in
|
|||||||
"AAAA"
|
"AAAA"
|
||||||
];
|
];
|
||||||
server = "dns:fakeip";
|
server = "dns:fakeip";
|
||||||
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
@ -474,17 +477,17 @@ in
|
|||||||
type = "direct";
|
type = "direct";
|
||||||
tag = "outbound:direct";
|
tag = "outbound:direct";
|
||||||
}
|
}
|
||||||
{
|
|
||||||
type = "dns";
|
|
||||||
tag = "outbound:dns";
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
route = {
|
route = {
|
||||||
|
default_interface = "eth1";
|
||||||
final = "outbound:direct";
|
final = "outbound:direct";
|
||||||
rules = [
|
rules = [
|
||||||
|
{
|
||||||
|
action = "sniff";
|
||||||
|
}
|
||||||
{
|
{
|
||||||
protocol = "dns";
|
protocol = "dns";
|
||||||
outbound = "outbound:dns";
|
action = "hijack-dns";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user