diff --git a/cfgs/deck/networking.nix b/cfgs/deck/networking.nix index f545892..7f8c57a 100644 --- a/cfgs/deck/networking.nix +++ b/cfgs/deck/networking.nix @@ -43,59 +43,6 @@ my.dcompass = { enable = true; package = pkgs.dcompass.dcompass-maxmind; - settings = { - cache_size = 1024; - upstreams = { - domestic = { hybrid = [ "feic" "ali" "aliudp" ]; }; - - secure = { hybrid = [ "cloudflare" "quad9" ]; }; - - feic = { udp = { addr = "[240C::6666]:53"; }; }; - - aliudp = { udp = { addr = "223.5.5.6:53"; }; }; - - ali = { tls = { domain = "dns.alidns.com"; max_reuse = 100; reuse_timeout = 5000; addr = "223.6.6.6:853"; }; }; - - cloudflare = { - https = { - timeout = 4; - # addr = "2606:4700:4700::1111"; - addr = "104.16.248.249"; - uri = "https://cloudflare-dns.com/dns-query"; - }; - }; - - quad9 = { - https = { - timeout = 4; - addr = "9.9.9.9"; - uri = "https://dns.quad9.net/dns-query"; - }; - }; - }; - script = ''pub async fn init() { - let domain = Domain::new() - // .add_file("${pkgs.chinalist}/google.china.raw.txt")? - // .add_file("${pkgs.chinalist}/apple.china.raw.txt")? - .add_file("${pkgs.chinalist}/accelerated-domains.china.raw.txt")?.seal(); - - Ok(#{"domain": Utils::Domain(domain)}) - } - - pub async fn route(upstreams, inited, ctx, query) { - // if query.first_question?.qtype == "AAAA" { return blackhole(query); } - - if inited.domain.0.contains(query.first_question?.qname) { - query.push_opt(ClientSubnet::new(u8(15), u8(0), IpAddr::from_str("58.220.0.0")?).to_opt_data())?; - upstreams.send_default("domestic", query).await - } else { - upstreams.send("secure", CacheMode::Persistent, query).await - } - } - ''; - - address = "127.0.0.1:53"; - verbosity = "warn"; - }; + settings = (import ../../misc/dcompass_settings.nix { inherit pkgs; }); }; } diff --git a/cfgs/x1c7/networking.nix b/cfgs/x1c7/networking.nix index d962336..6a1a0aa 100644 --- a/cfgs/x1c7/networking.nix +++ b/cfgs/x1c7/networking.nix @@ -36,58 +36,6 @@ my.dcompass = { enable = true; package = pkgs.dcompass.dcompass-maxmind; - settings = { - cache_size = 1024; - upstreams = { - domestic = { hybrid = [ "feic" "ali" "aliudp" ]; }; - - secure = { hybrid = [ "cloudflare" "quad9" ]; }; - - feic = { udp = { addr = "[240C::6666]:53"; }; }; - - aliudp = { udp = { addr = "223.5.5.6:53"; }; }; - - ali = { tls = { domain = "dns.alidns.com"; max_reuse = 100; reuse_timeout = 5000; addr = "223.6.6.6:853"; }; }; - - cloudflare = { - https = { - timeout = 4; - # addr = "2606:4700:4700::1111"; - addr = "104.16.248.249"; - uri = "https://cloudflare-dns.com/dns-query"; - }; - }; - - quad9 = { - https = { - timeout = 4; - addr = "9.9.9.9"; - uri = "https://dns.quad9.net/dns-query"; - }; - }; - }; - script = ''pub async fn init() { - let domain = Domain::new() - // .add_file("${pkgs.chinalist}/google.china.raw.txt")? - // .add_file("${pkgs.chinalist}/apple.china.raw.txt")? - .add_file("${pkgs.chinalist}/accelerated-domains.china.raw.txt")?.seal(); - - Ok(#{"domain": Utils::Domain(domain)}) - } - - pub async fn route(upstreams, inited, ctx, query) { - // if query.first_question?.qtype == "AAAA" { return blackhole(query); } - - if inited.domain.0.contains(query.first_question?.qname) { - query.push_opt(ClientSubnet::new(u8(15), u8(0), IpAddr::from_str("58.220.0.0")?).to_opt_data())?; - upstreams.send_default("domestic", query).await - } else { - upstreams.send("secure", CacheMode::Standard, query).await - } - } - ''; - address = "127.0.0.1:53"; - verbosity = "warn"; - }; + settings = (import ../../misc/dcompass_settings.nix { inherit pkgs; }); }; } diff --git a/misc/dcompass_settings.nix b/misc/dcompass_settings.nix new file mode 100644 index 0000000..a5e1ef5 --- /dev/null +++ b/misc/dcompass_settings.nix @@ -0,0 +1,71 @@ +{ pkgs }: { + cache_size = 1024; + upstreams = { + domestic = { hybrid = [ "feic" "ali" "aliudp" ]; }; + + secure = { hybrid = [ "cloudflare" "google" "switch" "a-and-a" ]; }; + + feic = { udp = { addr = "[240C::6666]:53"; }; }; + + aliudp = { udp = { addr = "223.5.5.6:53"; }; }; + + ali = { tls = { domain = "dns.alidns.com"; max_reuse = 100; reuse_timeout = 5000; addr = "223.6.6.6:853"; }; }; + + cloudflare = { + https = { + timeout = 4; + # addr = "2606:4700:4700::1111"; + addr = "104.16.248.249"; + uri = "https://cloudflare-dns.com/dns-query"; + }; + }; + + google = { + https = { + timeout = 4; + addr = "8.8.8.8"; + uri = "https://dns.google/dns-query"; + }; + }; + + a-and-a = { + https = { + timeout = 4; + addr = "217.169.20.22"; + uri = "https://dns.aa.net.uk/dns-query"; + }; + }; + + switch = { + https = { + timeout = 4; + addr = "130.59.31.248"; + uri = "https://dns.switch.ch/dns-query"; + }; + }; + }; + script = ''pub async fn init() { + let domain = Domain::new() + // .add_file("${pkgs.chinalist}/google.china.raw.txt")? + // .add_file("${pkgs.chinalist}/apple.china.raw.txt")? + .add_file("${pkgs.chinalist}/accelerated-domains.china.raw.txt")? + .add_qname("flibrary.info")? + .seal(); + + Ok(#{"domain": Utils::Domain(domain)}) + } + + pub async fn route(upstreams, inited, ctx, query) { + // if query.first_question?.qtype == "AAAA" { return blackhole(query); } + + if inited.domain.0.contains(query.first_question?.qname) { + // query.push_opt(ClientSubnet::new(u8(15), u8(0), IpAddr::from_str("58.220.0.0")?).to_opt_data())?; + upstreams.send_default("domestic", query).await + } else { + upstreams.send("secure", CacheMode::Standard, query).await + } + } + ''; + address = "127.0.0.1:53"; + verbosity = "warn"; +} diff --git a/secrets/dae_config.age b/secrets/dae_config.age index 161f8e4..487d321 100644 Binary files a/secrets/dae_config.age and b/secrets/dae_config.age differ