test: NAT

jz8132543 · Mar 7, 2024 · d957ddb · d957ddb
1 parent 9af0b79
commit d957ddb
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 26 deletions.
diff --git a/home-manager/modules/desktop/sync.nix b/home-manager/modules/desktop/sync.nix
@@ -19,6 +19,6 @@
     ".local/share/syncthing"
   ];
   # rime
-  home.file.".local/share/syncthing/rime/global".source = "${(lib.lists.last osConfig.i18n.inputMethod.ibus.engines).outPath}/share/rime-data";
+  home.file.".local/share/syncthing/rime/global".source = "${(lib.lists.last osConfig.i18n.inputMethod.ibus.engines).outPath}/data";
   home.file.".local/share/syncthing/rime/user".source = config.lib.file.mkOutOfStoreSymlink "${config.xdg.configHome}/ibus/rime";
 }
diff --git a/nixos/modules/base/environment/isNAT/default.nix b/nixos/modules/base/environment/isNAT/default.nix
@@ -29,31 +29,24 @@ in
         '';
       };
     };
-    config = {
-      # services.traefik.dynamicConfigOptions.http.routers = attrsets.updateManyAttrsByPath [
-      #   lists.forEach
-      #   (attrsets.mapAttrsToList (name: value: name) cfg)
-      #   (x: {
-      #     path = [x "entryPoints"];
-      #     update = old: old ++ ["https-alt"];
-      #   })
-      # ];
-      # if config.environment.isNAT
-      # then
-      networking.nftables.ruleset = ''
-        table ip nat {
-          chain prerouting {
-            type nat hook prerouting priority 0; policy accept;
-            tcp dport ${toString config.environment.altHTTP} redirect to 80
-            tcp dport ${toString config.environment.altHTTPS} redirect to 443
-          }
+    config.networking =
+      if config.environment.isNAT
+      then {
+        nftables.ruleset = ''
+          table ip nat {
+            chain prerouting {
+              type nat hook prerouting priority 0; policy accept;
+              tcp dport ${toString config.environment.altHTTP} redirect to 80
+              tcp dport ${toString config.environment.altHTTPS} redirect to 443
+            }
 
-          chain postrouting {
-            type nat hook postrouting priority 0; policy accept;
+            chain postrouting {
+              type nat hook postrouting priority 0; policy accept;
+            }
           }
-        }
-      '';
-      networking.firewall.allowedTCPPorts = with config.environment; [altHTTPS altHTTP];
-      networking.firewall.allowedUDPPorts = with config.environment; [altHTTPS];
-    };
+        '';
+        firewall.allowedTCPPorts = with config.environment; [altHTTPS altHTTP];
+        firewall.allowedUDPPorts = with config.environment; [altHTTPS];
+      }
+      else {};
   }
diff --git a/nixos/modules/desktop/i18n/i18n.nix b/nixos/modules/desktop/i18n/i18n.nix
@@ -32,6 +32,9 @@ in {
                 echo "rime_deployer --compile "$F" $out/share/rime-data $out/share/rime-data $out/share/rime-data/build" >> parallel.lst
               done
               parallel -j$(nproc) < parallel.lst || true
+
+              mkdir $out/data
+              cp -rL $out/share/rime-data/* $out/data/
             '';
         }))
     ];