movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-10 03:23:29 +03:00
Code Issues Projects Releases Packages Wiki Activity

nixos/clash-verge: readd tunMode

Browse source 
Co-authored-by: Aleksana <alexander.huang.y@gmail.com>
This commit is contained in:
wxt 2025-04-28 21:35:57 +08:00
parent 8f91507efb
commit edf8809793
No known key found for this signature in database
GPG key ID: F41E2366C0EDC8BC
1 changed files with 10 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

14
nixos/modules/programs/clash-verge.nix
View file

@ -7,9 +7,6 @@
{ {
imports = [ imports = [
(lib.mkRemovedOptionModule [ "programs" "clash-verge" "tunMode" ] ''
The tunMode will work with service mode which is enabled by default.
'')
]; ];
options.programs.clash-verge = { options.programs.clash-verge = {
enable = lib.mkEnableOption "Clash Verge"; enable = lib.mkEnableOption "Clash Verge";
@ -23,6 +20,8 @@
default = pkgs.clash-verge-rev; default = pkgs.clash-verge-rev;
defaultText = lib.literalExpression "pkgs.clash-verge-rev"; defaultText = lib.literalExpression "pkgs.clash-verge-rev";
}; };
serviceMode = lib.mkEnableOption "Service Mode";
tunMode = lib.mkEnableOption "Setcap for TUN Mode. DNS settings won't work on this way";
autoStart = lib.mkEnableOption "Clash Verge auto launch"; autoStart = lib.mkEnableOption "Clash Verge auto launch";
}; };
@ -42,7 +41,14 @@
)) ))
]; ];
systemd.services.clash-verge = { security.wrappers.clash-verge = lib.mkIf cfg.tunMode {
owner = "root";
group = "root";
capabilities = "cap_net_bind_service,cap_net_raw,cap_net_admin=+ep";
source = "${lib.getExe cfg.package}";
};
systemd.services.clash-verge = lib.mkIf cfg.serviceMode {
enable = true; enable = true;
description = "Clash Verge Service Mode"; description = "Clash Verge Service Mode";
serviceConfig = { serviceConfig = {