This flake is a Nix wrapper around https://github.com/bol-van/zapret2.
- https://github.com/necronicle/z2a
- https://github.com/necronicle/z2k
- https://github.com/youtubediscord/magisk-zapret2
- Add to flake.nix:
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
zapret2.url = "github:dmfrpro/zapret2-flake";
zapret2.inputs.nixpkgs.follows = "nixpkgs";
};- Add to your module imports:
outputs = { self, nixpkgs, zapret2, ... }: {
nixosConfigurations.host = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
zapret2.nixosModules.default
];
};
};- Enable the service:
{
services.zapret2.enable = true;
}| Option | Type | Default | Description |
|---|---|---|---|
enable |
bool | false |
Enable zapret2 service. |
package |
package | default | zapret2 package to use. |
qnum |
int | 200 |
Routing queue number used by nfqws2. |
selectedProfiles |
list of enum | all available profiles | Enabled profile IDs from the built-in profile catalog. |
lockedStrategies |
list of submodules { profile, proto, strategy } |
[ ] |
Manual strategy locks written to cache/orchestra/locked.manual.tsv. |
configureFirewall |
bool | true |
Automatically add iptables NFQUEUE routing rules. |
firewallPreCommands |
string (lines) | "" |
Additional iptables commands to run before the main NFQUEUE rules. |
firewallPostCommands |
string (lines) | "" |
Additional iptables commands to run after the main NFQUEUE rules. |
httpSupport |
bool | true |
Also route TCP/80 through NFQUEUE. |
httpMode |
enum "first" or "full" |
"first" |
HTTP queueing mode. |
udpSupport |
bool | true |
Also route configured UDP ports through NFQUEUE. |
udpPorts |
list of string | ["443" "50000:50099" "1400" "3478:3481" "5349" "19294:19344"] |
UDP ports/ranges for NFQUEUE routing. |
selectedProfiles enum – rkn_tcp, yt_tcp, gv_tcp, yt_quic, discord_combined, stun_only, discord_ip_discovery_only