move some nixos configuration to ./nixos/modules and ./nixos/configurations. try to find a good arch to conbine home-manager and nixos modules.
This commit is contained in:
parent
6be554822c
commit
64db779064
32 changed files with 534 additions and 635 deletions
|
|
@ -3,7 +3,6 @@ include {
|
|||
}
|
||||
|
||||
global {
|
||||
# 绑定到 LAN 和/或 WAN 接口。将下述接口替换成你自己的接口名。
|
||||
lan_interface: auto
|
||||
wan_interface: auto
|
||||
|
||||
|
|
@ -11,21 +10,31 @@ global {
|
|||
allow_insecure: false
|
||||
auto_config_kernel_parameter: true
|
||||
dial_mode: domain
|
||||
|
||||
tcp_check_url: 'http://cp.cloudflare.com'
|
||||
udp_check_dns: 'dns.google.com:53'
|
||||
check_interval: 600s
|
||||
check_tolerance: 50ms
|
||||
|
||||
tproxy_port: 12345
|
||||
}
|
||||
|
||||
# 更多的 DNS 样例见 https://github.com/daeuniverse/dae/blob/main/docs/en/configuration/dns.md
|
||||
dns {
|
||||
ipversion_prefer: 4
|
||||
|
||||
upstream {
|
||||
googledns: 'tcp+udp://8.8.8.8:53'
|
||||
alidns: 'udp://114.114.114.114:53'
|
||||
alidns: 'udp://dns.alidns.com:53'
|
||||
}
|
||||
routing {
|
||||
request {
|
||||
fallback: alidns
|
||||
qname(geosite: category-ads) -> reject
|
||||
qname(geosite: category-ads-all) -> reject
|
||||
qname(geosite: cn) -> alidns
|
||||
fallback: googledns
|
||||
}
|
||||
response {
|
||||
upstream(googledns) -> accept
|
||||
ip(geoip: private) && !qname(geosite: cn) -> googledns
|
||||
upstream(googledns) && ip(geoip: private) -> alidns
|
||||
fallback: accept
|
||||
}
|
||||
}
|
||||
|
|
@ -50,19 +59,20 @@ group {
|
|||
routing {
|
||||
pname(hickory-dns) && dport(53) -> must_direct
|
||||
pname(mihomo) -> must_direct
|
||||
domain(geosite:cn) -> direct
|
||||
# personal config routing
|
||||
pname(systemd-resolved) -> must_direct
|
||||
|
||||
domain(full: time.windows.com) -> must_direct
|
||||
domain(suffix: 'hit.edu.cn') -> must_direct
|
||||
domain(regex: ".*wgetcloud.*v2ray.*") -> must_direct
|
||||
domain(suffix: "hit.edu.cn") -> must_direct
|
||||
domain(geosite: microsoft) -> proxy
|
||||
# domain(geosite: onedrive) -> must_direct
|
||||
domain(geosite: 'category-ai-chat-!cn') -> us
|
||||
domain(geosite: "category-ai-chat-!cn") -> us
|
||||
domain(geosite: google) -> us
|
||||
domain(geosite: google-play) -> proxy
|
||||
domain(geosite: apple) -> us
|
||||
domain(keyword: spotify) -> us
|
||||
domain(geosite: spotify) -> us
|
||||
domain(geosite: tiktok) -> us
|
||||
domain(geosite: cn) -> direct
|
||||
|
||||
dip(geoip:private) -> direct
|
||||
dip(geoip:cn) -> direct
|
||||
|
|
@ -75,8 +85,5 @@ routing {
|
|||
# dip(175.27.0.0/16) -> block
|
||||
# dip('2409:8C1E:75B0:80::/64') -> block
|
||||
|
||||
## 禁用 h3,因为它通常消耗很多 CPU 和内存资源
|
||||
# l4proto(udp) && dport(443) -> block
|
||||
|
||||
fallback: proxy
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue