Merge pull request #197876 from iopq/alt-history

7 files changed, 186 insertions, 0 deletions

diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index 3da0dfe2a0ad6..f4ee00d454467 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -5884,6 +5884,12 @@
     githubId = 54999;
     name = "Ariel Nunez";
   };
+  iopq = {
+    email = "iop_jr@yahoo.com";
+    github = "iopq";
+    githubId = 1817528;
+    name = "Igor Polyakov";
+  };
   irenes = {
     name = "Irene Knapp";
     email = "ireneista@gmail.com";
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
index 1eff64df933be..0fc9bdba99b18 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
@@ -191,6 +191,15 @@
       </listitem>
       <listitem>
         <para>
+          [xray] (https://github.com/XTLS/Xray-core), a fully compatible
+          v2ray-core replacement. Features XTLS, which when enabled on
+          server and client, brings UDP FullCone NAT to proxy setups.
+          Available as
+          <link xlink:href="options.html#opt-services.xray.enable">services.xray</link>.
+        </para>
+      </listitem>
+      <listitem>
+        <para>
           <link xlink:href="https://github.com/mozilla-services/syncstorage-rs">syncstorage-rs</link>,
           a self-hostable sync server for Firefox. Available as
           <link xlink:href="options.html#opt-services.firefox-syncserver.enable">services.firefox-syncserver</link>.
diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md
index a71a1c23c037f..a5d0b2dbcf9d6 100644
--- a/nixos/doc/manual/release-notes/rl-2211.section.md
+++ b/nixos/doc/manual/release-notes/rl-2211.section.md
@@ -71,6 +71,9 @@ In addition to numerous new and upgraded packages, this release has the followin
 ## New Services {#sec-release-22.11-new-services}
 
 - [appvm](https://github.com/jollheef/appvm), Nix based app VMs. Available as [virtualisation.appvm](options.html#opt-virtualisation.appvm.enable).
+
+- [xray] (https://github.com/XTLS/Xray-core), a fully compatible v2ray-core replacement. Features XTLS, which when enabled on server and client, brings UDP FullCone NAT to proxy setups. Available as [services.xray](options.html#opt-services.xray.enable).
+
 - [syncstorage-rs](https://github.com/mozilla-services/syncstorage-rs), a self-hostable sync server for Firefox. Available as [services.firefox-syncserver](options.html#opt-services.firefox-syncserver.enable).
 
 - [dragonflydb](https://dragonflydb.io/), a modern replacement for Redis and Memcached. Available as [services.dragonflydb](#opt-services.dragonflydb.enable).
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index ad0679d6165e5..6d7bc7291c3df 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -991,6 +991,7 @@
   ./services/networking/xinetd.nix
   ./services/networking/xl2tpd.nix
   ./services/networking/x2goserver.nix
+  ./services/networking/xray.nix
   ./services/networking/xrdp.nix
   ./services/networking/yggdrasil.nix
   ./services/networking/zerobin.nix
diff --git a/nixos/modules/services/networking/xray.nix b/nixos/modules/services/networking/xray.nix
new file mode 100644
index 0000000000000..e2fd83c4dfd9b
--- /dev/null
+++ b/nixos/modules/services/networking/xray.nix
@@ -0,0 +1,96 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+  options = {
+
+    services.xray = {
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description = lib.mdDoc ''
+          Whether to run xray server.
+
+          Either `settingsFile` or `settings` must be specified.
+        '';
+      };
+
+      package = mkOption {
+        type = types.package;
+        default = pkgs.xray;
+        defaultText = literalExpression "pkgs.xray";
+        description = lib.mdDoc ''
+          Which xray package to use.
+        '';
+      };
+
+      settingsFile = mkOption {
+        type = types.nullOr types.path;
+        default = null;
+        example = "/etc/xray/config.json";
+        description = lib.mdDoc ''
+          The absolute path to the configuration file.
+
+          Either `settingsFile` or `settings` must be specified.
+
+          See <https://www.v2fly.org/en_US/config/overview.html>.
+        '';
+      };
+
+      settings = mkOption {
+        type = types.nullOr (types.attrsOf types.unspecified);
+        default = null;
+        example = {
+          inbounds = [{
+            port = 1080;
+            listen = "127.0.0.1";
+            protocol = "http";
+          }];
+          outbounds = [{
+            protocol = "freedom";
+          }];
+        };
+        description = lib.mdDoc ''
+          The configuration object.
+
+          Either `settingsFile` or `settings` must be specified.
+
+          See <https://www.v2fly.org/en_US/config/overview.html>.
+        '';
+      };
+    };
+
+  };
+
+  config = let
+    cfg = config.services.xray;
+    settingsFile = if cfg.settingsFile != null
+      then cfg.settingsFile
+      else pkgs.writeTextFile {
+        name = "xray.json";
+        text = builtins.toJSON cfg.settings;
+        checkPhase = ''
+          ${cfg.package}/bin/xray -test -config $out
+        '';
+      };
+
+  in mkIf cfg.enable {
+    assertions = [
+      {
+        assertion = (cfg.settingsFile == null) != (cfg.settings == null);
+        message = "Either but not both `settingsFile` and `settings` should be specified for xray.";
+      }
+    ];
+
+    systemd.services.xray = {
+      description = "xray Daemon";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        DynamicUser = true;
+        ExecStart = "${cfg.package}/bin/xray -config ${settingsFile}";
+      };
+    };
+  };
+}
diff --git a/pkgs/tools/networking/xray/default.nix b/pkgs/tools/networking/xray/default.nix
new file mode 100644
index 0000000000000..be95d26fa34f9
--- /dev/null
+++ b/pkgs/tools/networking/xray/default.nix
@@ -0,0 +1,69 @@
+{ lib
+, fetchFromGitHub
+, fetchurl
+, symlinkJoin
+, buildGoModule
+, runCommand
+, makeWrapper
+, nix-update-script
+, v2ray-geoip
+, v2ray-domain-list-community
+, assets ? [ v2ray-geoip v2ray-domain-list-community ]
+}:
+
+let
+  assetsDrv = symlinkJoin {
+    name = "v2ray-assets";
+    paths = assets;
+  };
+
+in
+buildGoModule rec {
+  pname = "xray";
+  version = "1.6.1";
+
+  src = fetchFromGitHub {
+    owner = "XTLS";
+    repo = "Xray-core";
+    rev = "v${version}";
+    sha256 = "0g2bmy522lhip0rgb3hqyi3bidf4ljyjvvv3n1kb6lvm0p3br51b";
+  };
+
+  vendorSha256 = "sha256-QAF/05/5toP31a/l7mTIetFhXuAKsT69OI1K/gMXei0=";
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  doCheck = false;
+
+  ldflags = [ "-s" "-w" "-buildid=" ];
+  subPackages = [ "main" ];
+
+   installPhase = ''
+    runHook preInstall
+    install -Dm555 "$GOPATH"/bin/main $out/bin/xray
+    runHook postInstall
+  '';
+
+  assetsDrv = symlinkJoin {
+    name = "v2ray-assets";
+    paths = assets;
+  };
+
+  postFixup = ''
+    wrapProgram $out/bin/xray \
+      --suffix XRAY_LOCATION_ASSET : $assetsDrv/share/v2ray
+  '';
+
+  passthru = {
+    updateScript = nix-update-script {
+      attrPath = pname;
+    };
+  };
+
+  meta = {
+    description = "A platform for building proxies to bypass network restrictions. A replacement for v2ray-core, with XTLS support and fully compatible configuration";
+    homepage = "https://github.com/XTLS/Xray-core";
+    license = with lib.licenses; [ mpl20 ];
+    maintainers = with lib.maintainers; [ iopq ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 6b2b247f85e5e..c282db8b5e93e 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -12579,6 +12579,8 @@ with pkgs;
 
   xplr = callPackage ../applications/misc/xplr {};
 
+  xray = callPackage ../tools/networking/xray { };
+
   testdisk = libsForQt5.callPackage ../tools/system/testdisk { };
 
   testdisk-qt = testdisk.override { enableQt = true; };