From c7b97b23ae478b9b6784903f0b8e1b81b52d1c80 Mon Sep 17 00:00:00 2001
From: ficache <dixxe.mail@proton.me>
Date: Sun, 10 Nov 2024 22:01:51 +0300
Subject: [PATCH] clean up completed

---
 home-manager/modules/nixvim/plugins/lsp.nix |   2 +
 home-manager/your-packages.nix              |   3 -
 nixos/modules/docker.nix                    |   3 -
 nixos/modules/privoxy.nix                   |   8 --
 nixos/modules/zapret.nix                    | 107 +++++++++--------
 nixos/modules/zapret_service.nix            | 127 --------------------
 nixos/modules/zapret_test.nix               |  60 ---------
 nixos/user_modules.nix                      |   3 +-
 8 files changed, 62 insertions(+), 251 deletions(-)
 delete mode 100644 nixos/modules/docker.nix
 delete mode 100644 nixos/modules/privoxy.nix
 delete mode 100644 nixos/modules/zapret_service.nix
 delete mode 100644 nixos/modules/zapret_test.nix

diff --git a/home-manager/modules/nixvim/plugins/lsp.nix b/home-manager/modules/nixvim/plugins/lsp.nix
index d87487b..f626e01 100644
--- a/home-manager/modules/nixvim/plugins/lsp.nix
+++ b/home-manager/modules/nixvim/plugins/lsp.nix
@@ -6,6 +6,8 @@
       servers = {
         
         nixd.enable = true;
+        gopls.enable = true;
+
       };
     };
 }
diff --git a/home-manager/your-packages.nix b/home-manager/your-packages.nix
index 638ea53..9a4b74f 100644
--- a/home-manager/your-packages.nix
+++ b/home-manager/your-packages.nix
@@ -11,9 +11,6 @@
         grimblast
         vlc
 
-        # Personal love
-        nautilus
-
         # Social stuff
         telegram-desktop
         
diff --git a/nixos/modules/docker.nix b/nixos/modules/docker.nix
deleted file mode 100644
index 5da139b..0000000
--- a/nixos/modules/docker.nix
+++ /dev/null
@@ -1,3 +0,0 @@
-{
-  virtualisation.docker.enable = true;
-}
\ No newline at end of file
diff --git a/nixos/modules/privoxy.nix b/nixos/modules/privoxy.nix
deleted file mode 100644
index 9f05b68..0000000
--- a/nixos/modules/privoxy.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-    services.privoxy = {
-	    enable = true;
-	    settings = {
-	        forward = [ ".i2p localhost:4444" ".i2p localhost:4445" "/ 35.185.196.38:3128" ];
-	    };
-    };
-}
diff --git a/nixos/modules/zapret.nix b/nixos/modules/zapret.nix
index 3698401..3d16d42 100644
--- a/nixos/modules/zapret.nix
+++ b/nixos/modules/zapret.nix
@@ -1,49 +1,60 @@
-{ pkgs, ... }: {
-  disabledModules = [ "services/networking/zapret.nix" ]; # необходимо если версия nixpkgs новее 5a5c04d
-  
-  imports = [ ./zapret_service.nix ];
-  
-  services.zapret = {
-    enable = true;
-    mode = "nfqws";
-
-    settings = ''
-SET_MAXELEM=522288
-IPSET_OPT="hashsize 262144 maxelem $SET_MAXELEM"
-
-IP2NET_OPT4="--prefix-length=22-30 --v4-threshold=3/4"
-IP2NET_OPT6="--prefix-length=56-64 --v6-threshold=5"
-AUTOHOSTLIST_RETRANS_THRESHOLD=3
-AUTOHOSTLIST_FAIL_THRESHOLD=3
-AUTOHOSTLIST_FAIL_TIME=60
-AUTOHOSTLIST_DEBUGLOG=0
-
-MDIG_THREADS=30
-
-GZIP_LISTS=1
-QUIC_PORTS=50000-65535
-
-MODE=nfqws
-MODE_HTTP=1
-MODE_HTTP_KEEPALIVE=0
-MODE_HTTPS=1
-MODE_QUIC=1
-MODE_FILTER=none
-
-DESYNC_MARK=0x40000000
-DESYNC_MARK_POSTNAT=0x20000000
-NFQWS_OPT_DESYNC="--dpi-desync=fake --dpi-desync-ttl=0 --dpi-desync-ttl6=0 --dpi-desync-fooling=badseq"
-NFQWS_OPT_DESYNC_HTTP="--dpi-desync=fake --dpi-desync-ttl=5"
-NFQWS_OPT_DESYNC_HTTPS="--dpi-desync=fake --dpi-desync-ttl=5"
-NFQWS_OPT_DESYNC_QUIC="--dpi-desync=fake,tamper --dpi-desync-repeats=6 --dpi-desync-any-protocol"
-
-TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --hostcase --oob"
-
-FLOWOFFLOAD=donttouch
-
-INIT_APPLY_FW=1
-
-DISABLE_IPV6=1
-    '';
-  };
+{ ... }: 
+{
+    services = {
+        zapret = {
+           enable = true;
+            params = [
+                "--dpi-desync-autottl=3"
+                "--wssize 1:6"
+                "--dpi-desync-fake-tls=0x00000000"
+                "--dpi-desync-split-pos=1"
+                "--dpi-desync=syndata,fake,split2"
+                "--dpi-desync-repeats=6"
+                "--dpi-desync-fooling=md5sig"
+                "--new"
+            ];
+            whitelist = [
+                "googlevideo.com"
+                "youtu.be"
+                "youtube.com"
+                "youtubei.googleapis.com"
+                "googlevideo.com"
+                "youtu.be"
+                "youtube.com"
+                "youtubei.googleapis.com"
+                "youtubeembeddedplayer.googleapis.com"
+                "ytimg.l.google.com"
+                "ytimg.com"
+                "jnn-pa.googleapis.com"
+                "youtube-nocookie.com"
+                "youtube-ui.l.google.com"
+                "yt-video-upload.l.google.com"
+                "wide-youtube.l.google.com"
+                "youtubekids.com"
+                "ggpht.com"
+                "discord.com"
+                "gateway.discord.gg"
+                "cdn.discordapp.com"
+                "discordapp.net"
+                "discordapp.com"
+                "discord.gg"
+                "media.discordapp.net"
+                "images-ext-1.discordapp.net"
+                "discord.app"
+                "discord.media"
+                "discordcdn.com"
+                "discord.dev"
+                "discord.new"
+                "discord.gift"
+                "discordstatus.com"
+                "dis.gd"
+                "discord.co"
+                "discord-attachments-uploads-prd.storage.googleapis.com"
+                "7tv.app"
+                "7tv.io"
+                "10tv.app"
+            ];
+        };
+    };
 }
+
diff --git a/nixos/modules/zapret_service.nix b/nixos/modules/zapret_service.nix
deleted file mode 100644
index c08a296..0000000
--- a/nixos/modules/zapret_service.nix
+++ /dev/null
@@ -1,127 +0,0 @@
-{
-  lib,
-  config,
-  pkgs,
-  ...
-}:
-
-with lib;
-
-let
-  cfg = config.services.zapret;
-in
-{
-  options.services.zapret = {
-    enable = mkEnableOption "DPI bypass multi platform service";
-
-    package = mkPackageOption pkgs "zapret" { };
-
-    settings = mkOption {
-      type = types.lines;
-      default = "";
-
-      example = ''
-        TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --oob"
-        NFQWS_OPT_DESYNC="--dpi-desync-ttl=5"
-      '';
-
-      description = ''
-        Rules for zapret to work. Run ```nix-shell -p zapret --command blockcheck``` to get values to pass here.
-        Config example can be found here https://github.com/bol-van/zapret/blob/master/config.default
-      '';
-    };
-
-    firewallType = mkOption {
-      type = types.enum [
-        "iptables"
-        "nftables"
-      ];
-      default = "iptables";
-      description = ''
-        Which firewall zapret should use
-      '';
-    };
-
-    disableIpv6 = mkOption {
-      type = types.bool;
-      # recommended by upstream
-      default = true;
-      description = ''
-        Disable or enable usage of IpV6 by zapret
-      '';
-    };
-
-    mode = mkOption {
-      type = types.enum [
-        "tpws"
-        "tpws-socks"
-        "nfqws"
-        "filter"
-        "custom"
-      ];
-      default = "tpws";
-      description = ''
-        Which mode zapret should use
-      '';
-    };
-  };
-
-  config = mkIf cfg.enable {
-    users.users.tpws = {
-      isSystemUser = true;
-      group = "tpws";
-    };
-
-    users.groups.tpws = { };
-
-    systemd.services.zapret = {
-      after = [ "network-online.target" ];
-      wants = [ "network-online.target" ];
-      wantedBy = [ "multi-user.target" ];
-
-      path = with pkgs; [
-        (if cfg.firewallType == "iptables" then iptables else nftables)
-        gawk
-        ipset
-      ];
-
-      serviceConfig = {
-        Type = "forking";
-        Restart = "no";
-        TimeoutSec = "30sec";
-        IgnoreSIGPIPE = "no";
-        KillMode = "none";
-        GuessMainPID = "no";
-        RemainAfterExit = "no";
-        ExecStart = "${cfg.package}/bin/zapret start";
-        ExecStop = "${cfg.package}/bin/zapret stop";
-
-        EnvironmentFile = pkgs.writeText "${cfg.package.pname}-environment" (concatStrings [
-          ''
-            MODE=${cfg.mode}
-            FWTYPE=${cfg.firewallType}
-            DISABLE_IPV6=${if cfg.disableIpv6 then "1" else "0"}
-          ''
-          cfg.settings
-        ]);
-
-        # hardening
-        DevicePolicy = "closed";
-        KeyringMode = "private";
-        PrivateTmp = true;
-        PrivateMounts = true;
-        ProtectHome = true;
-        ProtectHostname = true;
-        ProtectKernelModules = true;
-        ProtectKernelTunables = true;
-        ProtectSystem = "strict";
-        ProtectProc = "invisible";
-        RemoveIPC = true;
-        RestrictNamespaces = true;
-        RestrictRealtime = true;
-        RestrictSUIDSGID = true;
-        SystemCallArchitectures = "native";
-      };
-    };
-  };
-}
diff --git a/nixos/modules/zapret_test.nix b/nixos/modules/zapret_test.nix
deleted file mode 100644
index 5f2a973..0000000
--- a/nixos/modules/zapret_test.nix
+++ /dev/null
@@ -1,60 +0,0 @@
-{ ... }: 
-{
-    services = {
-        zapret = {
-           enable = true;
-        params = [
-              "--dpi-desync-autottl=3"
-             "--wssize 1:6"
-              "--dpi-desync-fake-tls=0x00000000"
-        "--dpi-desync-split-pos=1"
-         "--dpi-desync=syndata,fake,split2"
-            "--dpi-desync-repeats=6"
-            "--dpi-desync-fooling=md5sig"
-            "--new"
-           ];
-          whitelist = [
-            "googlevideo.com"
-             "youtu.be"
-             "youtube.com"
-            "youtubei.googleapis.com"
-           "googlevideo.com"
-             "youtu.be"
-            "youtube.com"
-           "youtubei.googleapis.com"
-           "youtubeembeddedplayer.googleapis.com"
-         "ytimg.l.google.com"
-               "ytimg.com"
-              "jnn-pa.googleapis.com"
-          "youtube-nocookie.com"
-              "youtube-ui.l.google.com"
-             "yt-video-upload.l.google.com"
-           "wide-youtube.l.google.com"
-            "youtubekids.com"
-              "ggpht.com"
-            "discord.com"
-             "gateway.discord.gg"
-             "cdn.discordapp.com"
-            "discordapp.net"
-            "discordapp.com"
-          "discord.gg"
-              "media.discordapp.net"
-           "images-ext-1.discordapp.net"
-            "discord.app"
-               "discord.media"
-             "discordcdn.com"
-             "discord.dev"
-             "discord.new"
-            "discord.gift"
-             "discordstatus.com"
-              "dis.gd"
-           "discord.co"
-            "discord-attachments-uploads-prd.storage.googleapis.com"
-            "7tv.app"
-             "7tv.io"
-            "10tv.app"
-          ];
-         };
-       };
-}
-
diff --git a/nixos/user_modules.nix b/nixos/user_modules.nix
index a451baa..ca66516 100644
--- a/nixos/user_modules.nix
+++ b/nixos/user_modules.nix
@@ -3,8 +3,7 @@
     ./modules/gaming-tweaks.nix
     ./modules/pipewire.nix
     ./modules/auto-cpufreq.nix
-    ./modules/privoxy.nix
-    ./modules/zapret_test.nix
+    ./modules/zapret.nix
 
     ./modules/hardware/nvidia.nix
     ./modules/hardware/battery-threshold.nix