summaryrefslogtreecommitdiffstats
path: root/nixos/modules/programs/captive-browser.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/programs/captive-browser.nix')
-rw-r--r--nixos/modules/programs/captive-browser.nix86
1 files changed, 45 insertions, 41 deletions
diff --git a/nixos/modules/programs/captive-browser.nix b/nixos/modules/programs/captive-browser.nix
index 4d59ea8d0fd8..1f223e2475ce 100644
--- a/nixos/modules/programs/captive-browser.nix
+++ b/nixos/modules/programs/captive-browser.nix
@@ -1,7 +1,6 @@
{ config, lib, pkgs, ... }:
with lib;
-
let
cfg = config.programs.captive-browser;
in
@@ -27,15 +26,17 @@ in
# the options below are the same as in "captive-browser.toml"
browser = mkOption {
type = types.str;
- default = concatStringsSep " " [ "${pkgs.chromium}/bin/chromium"
- "--user-data-dir=\${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive"
- ''--proxy-server="socks5://$PROXY"''
- ''--host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost"''
- "--no-first-run"
- "--new-window"
- "--incognito"
- "http://cache.nixos.org/"
- ];
+ default = concatStringsSep " " [
+ ''${pkgs.chromium}/bin/chromium''
+ ''--user-data-dir=''${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive''
+ ''--proxy-server="socks5://$PROXY"''
+ ''--host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost"''
+ ''--no-first-run''
+ ''--new-window''
+ ''--incognito''
+ ''-no-default-browser-check''
+ ''http://cache.nixos.org/''
+ ];
description = ''
The shell (/bin/sh) command executed once the proxy starts.
When browser exits, the proxy exits. An extra env var PROXY is available.
@@ -81,42 +82,45 @@ in
config = mkIf cfg.enable {
- programs.captive-browser.dhcp-dns = mkOptionDefault (
- if config.networking.networkmanager.enable then
- "${pkgs.networkmanager}/bin/nmcli dev show ${escapeShellArg cfg.interface} | ${pkgs.gnugrep}/bin/fgrep IP4.DNS"
- else if config.networking.dhcpcd.enable then
- "${pkgs.dhcpcd}/bin/dhcpcd -U ${escapeShellArg cfg.interface} | ${pkgs.gnugrep}/bin/fgrep domain_name_servers"
- else if config.networking.useNetworkd then
- "${cfg.package}/bin/systemd-networkd-dns ${escapeShellArg cfg.interface}"
- else
- "${config.security.wrapperDir}/udhcpc --quit --now -f -i ${escapeShellArg cfg.interface} -O dns --script ${
- pkgs.writeScript "udhcp-script" ''
- #!/bin/sh
- if [ "$1" = bound ]; then
- echo "$dns"
- fi
- ''}"
- );
+ programs.captive-browser.dhcp-dns =
+ let
+ iface = prefix:
+ optionalString cfg.bindInterface (concatStringsSep " " (map escapeShellArg [ prefix cfg.interface ]));
+ in
+ mkOptionDefault (
+ if config.networking.networkmanager.enable then
+ "${pkgs.networkmanager}/bin/nmcli dev show ${iface ""} | ${pkgs.gnugrep}/bin/fgrep IP4.DNS"
+ else if config.networking.dhcpcd.enable then
+ "${pkgs.dhcpcd}/bin/dhcpcd ${iface "-U"} | ${pkgs.gnugrep}/bin/fgrep domain_name_servers"
+ else if config.networking.useNetworkd then
+ "${cfg.package}/bin/systemd-networkd-dns ${iface ""}"
+ else
+ "${config.security.wrapperDir}/udhcpc --quit --now -f ${iface "-i"} -O dns --script ${
+ pkgs.writeShellScript "udhcp-script" ''
+ if [ "$1" = bound ]; then
+ echo "$dns"
+ fi
+ ''}"
+ );
security.wrappers.udhcpc = {
- capabilities = "cap_net_raw+p";
- source = "${pkgs.busybox}/bin/udhcpc";
+ capabilities = "cap_net_raw+p";
+ source = "${pkgs.busybox}/bin/udhcpc";
};
security.wrappers.captive-browser = {
- capabilities = "cap_net_raw+p";
- source = pkgs.writeScript "captive-browser" ''
- #!${pkgs.bash}/bin/bash
- export XDG_CONFIG_HOME=${pkgs.writeTextDir "captive-browser.toml" ''
- browser = """${cfg.browser}"""
- dhcp-dns = """${cfg.dhcp-dns}"""
- socks5-addr = """${cfg.socks5-addr}"""
- ${optionalString cfg.bindInterface ''
- bind-device = """${cfg.interface}"""
- ''}
- ''}
- exec ${cfg.package}/bin/captive-browser
- '';
+ capabilities = "cap_net_raw+p";
+ source = pkgs.writeShellScript "captive-browser" ''
+ export XDG_CONFIG_HOME=${pkgs.writeTextDir "captive-browser.toml" ''
+ browser = """${cfg.browser}"""
+ dhcp-dns = """${cfg.dhcp-dns}"""
+ socks5-addr = """${cfg.socks5-addr}"""
+ ${optionalString cfg.bindInterface ''
+ bind-device = """${cfg.interface}"""
+ ''}
+ ''}
+ exec ${cfg.package}/bin/captive-browser
+ '';
};
};
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-14 05:08:49 +0000