Update work-proxy

modules/services/work-proxy.nix

@@ -18,9 +18,9 @@ in
       enable = true;
       settings = {
         server = [
-          "/lefoyer.lu/10.33.0.100"
+          "/lefoyer.lu/127.0.0.1#1053"
-          "/foyer.lu/10.33.0.100"
+          "/foyer.lu/127.0.0.1#1053"
-          "/foyer.cloud/10.33.0.100"
+          "/foyer.cloud/127.0.0.1#1053"
           "1.1.1.1"
         ];
         no-resolv = true;
@@ -39,16 +39,54 @@ in
     services.tinyproxy = {
       enable = true;
       settings = {
+        LogLevel = "Info";
         Port = 2345;
         Upstream = [
-          ''upstream socks5 localhost:5080 ".lefoyer.lu"''
+          ''upstream socks5 127.0.0.1:5080 ".lefoyer.lu"''
-          ''upstream socks5 localhost:5080 ".foyer.lu"''
+          ''upstream socks5 127.0.0.1:5080 ".foyer.lu"''
-          ''upstream socks5 localhost:5080 ".foyer.cloud"''
+          ''upstream socks5 127.0.0.1:5080 ".foyer.cloud"''
-          ''upstream http localhost:3128 ".microsoftonline.com"''
+          ''upstream http   127.0.0.1:3128 ".microsoftonline.com"''
         ];
       };
     };
 
+    services.redsocks = {
+      enable = false;
+      log_debug = true;
+      log_info = true;
+      redsocks = [
+        {
+          port = 12345;
+          proxy = "127.0.0.1:5080";
+          type = "socks5";
+          redirectCondition = "-d 10.134.0.0/16";
+          doNotRedirect = [
+            "-p tcp -m owner --uid-owner redsocks"
+            "-p tcp --dport 80"
+            "-p tcp --dport 443"
+          ];
+        }
+        # {
+        #   port = 12345;
+        #   proxy = "127.0.0.1:${toString config.services.tinyproxy.settings.Port}";
+        #   type = "http-relay";
+        #   redirectCondition = "--dport 80";
+        #   doNotRedirect = [
+        #     "-p tcp -m owner --uid-owner tinyproxy"
+        #   ];
+        # }
+        # {
+        #   port = 12346;
+        #   proxy = "127.0.0.1:${toString config.services.tinyproxy.settings.Port}";
+        #   type = "http-connect";
+        #   redirectCondition = "--dport 443";
+        #   doNotRedirect = [
+        #     "-p tcp -m owner --uid-owner tinyproxy"
+        #   ];
+        # }
+      ];
+    };
+
     security.pki.certificateFiles = [
       "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
       ./certs/Foyer-Group-Root-CA.crt
@@ -61,7 +99,8 @@ in
     };
 
     home-manager.users.${config.user.name} = {
-      home.file.".sbt/repositories".text = ''
+      home = {
+        file.".sbt/repositories".text = ''
           [repositories]
             local
             maven-local
@@ -70,6 +109,7 @@ in
             nexus-ivy-sbt: https://nexus.foyer.lu/repository/ivy-all/, [organization]/[module]/(scala_[scalaVersion]/)(sbt_[sbtVersion]/)[revision]/[artifact](-[classifier])-[type].[ext]
         '';
       };
+    };
 
     environment.systemPackages = with pkgs; [ chisel ];
   };