From d957ddb3913ec7fe4c3d6a4faa3a8393241b402e Mon Sep 17 00:00:00 2001
From: jz8132543 <i@dora.im>
Date: Thu, 7 Mar 2024 08:29:59 +0800
Subject: [PATCH] test: NAT

---
 home-manager/modules/desktop/sync.nix         |  2 +-
 .../base/environment/isNAT/default.nix        | 43 ++++++++-----------
 nixos/modules/desktop/i18n/i18n.nix           |  3 ++
 3 files changed, 22 insertions(+), 26 deletions(-)

diff --git a/home-manager/modules/desktop/sync.nix b/home-manager/modules/desktop/sync.nix
index 0f524fab..1aa5ed8a 100644
--- a/home-manager/modules/desktop/sync.nix
+++ b/home-manager/modules/desktop/sync.nix
@@ -19,6 +19,6 @@
     ".local/share/syncthing"
   ];
   # rime
-  home.file.".local/share/syncthing/rime/global".source = "${(lib.lists.last osConfig.i18n.inputMethod.ibus.engines).outPath}/share/rime-data";
+  home.file.".local/share/syncthing/rime/global".source = "${(lib.lists.last osConfig.i18n.inputMethod.ibus.engines).outPath}/data";
   home.file.".local/share/syncthing/rime/user".source = config.lib.file.mkOutOfStoreSymlink "${config.xdg.configHome}/ibus/rime";
 }
diff --git a/nixos/modules/base/environment/isNAT/default.nix b/nixos/modules/base/environment/isNAT/default.nix
index 035b5e9a..2a40c8f3 100644
--- a/nixos/modules/base/environment/isNAT/default.nix
+++ b/nixos/modules/base/environment/isNAT/default.nix
@@ -29,31 +29,24 @@ in
         '';
       };
     };
-    config = {
-      # services.traefik.dynamicConfigOptions.http.routers = attrsets.updateManyAttrsByPath [
-      #   lists.forEach
-      #   (attrsets.mapAttrsToList (name: value: name) cfg)
-      #   (x: {
-      #     path = [x "entryPoints"];
-      #     update = old: old ++ ["https-alt"];
-      #   })
-      # ];
-      # if config.environment.isNAT
-      # then
-      networking.nftables.ruleset = ''
-        table ip nat {
-          chain prerouting {
-            type nat hook prerouting priority 0; policy accept;
-            tcp dport ${toString config.environment.altHTTP} redirect to 80
-            tcp dport ${toString config.environment.altHTTPS} redirect to 443
-          }
+    config.networking =
+      if config.environment.isNAT
+      then {
+        nftables.ruleset = ''
+          table ip nat {
+            chain prerouting {
+              type nat hook prerouting priority 0; policy accept;
+              tcp dport ${toString config.environment.altHTTP} redirect to 80
+              tcp dport ${toString config.environment.altHTTPS} redirect to 443
+            }
 
-          chain postrouting {
-            type nat hook postrouting priority 0; policy accept;
+            chain postrouting {
+              type nat hook postrouting priority 0; policy accept;
+            }
           }
-        }
-      '';
-      networking.firewall.allowedTCPPorts = with config.environment; [altHTTPS altHTTP];
-      networking.firewall.allowedUDPPorts = with config.environment; [altHTTPS];
-    };
+        '';
+        firewall.allowedTCPPorts = with config.environment; [altHTTPS altHTTP];
+        firewall.allowedUDPPorts = with config.environment; [altHTTPS];
+      }
+      else {};
   }
diff --git a/nixos/modules/desktop/i18n/i18n.nix b/nixos/modules/desktop/i18n/i18n.nix
index 92740953..7fff2b61 100644
--- a/nixos/modules/desktop/i18n/i18n.nix
+++ b/nixos/modules/desktop/i18n/i18n.nix
@@ -32,6 +32,9 @@ in {
                 echo "rime_deployer --compile "$F" $out/share/rime-data $out/share/rime-data $out/share/rime-data/build" >> parallel.lst
               done
               parallel -j$(nproc) < parallel.lst || true
+
+              mkdir $out/data
+              cp -rL $out/share/rime-data/* $out/data/
             '';
         }))
     ];