feat: socat · devins.page/flake@988fcfa

devins.page / flake

fork atom

configurations for my servers and desktops

nix nixos flake dots dotfiles

fork atom

feat: socat

devins.page 1 month ago 988fcfa7 f12c991a

+35 -34

4 changed files

expand all

hosts

bluepill-proxy

default.nix

modules

caddy.nix

nftables.nix

socat.nix

+2 -1

hosts/bluepill-proxy/default.nix

··· 2 2 imports = [ 3 3 ./hardware.nix 4 4 ./modules/caddy.nix 5 - ./modules/nftables.nix 5 + ./modules/socat.nix 6 6 ]; 7 7 8 8 networking.hostName = "bluepill-proxy"; 9 9 networking.domain = "vps.ovh.us"; 10 + networking.useNetworkd = true; 10 11 11 12 system.autoUpgrade = { 12 13 enable = true;

-1

hosts/bluepill-proxy/modules/caddy.nix

··· 1 1 {pkgs, ...}: { 2 2 networking.firewall = { 3 - enable = true; 4 3 allowedTCPPorts = [80 443]; 5 4 }; 6 5

-32

hosts/bluepill-proxy/modules/nftables.nix

··· 1 - {...}: { 2 - networking.firewall = { 3 - allowedTCPPorts = [25565 23343]; 4 - allowedUDPPorts = [25565 23343 24454 22232]; 5 - }; 6 - 7 - networking.nftables = { 8 - enable = true; 9 - ruleset = '' 10 - table ip nat { 11 - chain prerouting { 12 - type nat hook prerouting priority 0; 13 - 14 - tcp dport 25565 dnat to 100.108.47.83:25565 15 - udp dport 25565 dnat to 100.108.47.83:25565 16 - udp dport 24454 dnat to 100.108.47.83:24454 17 - 18 - tcp dport 23343 dnat to 100.108.47.83:23343 19 - udp dport 23343 dnat to 100.108.47.83:23343 20 - udp dport 22232 dnat to 100.108.47.83:22232 21 - } 22 - } 23 - 24 - table ip filter { 25 - chain forward { 26 - type filter hook forward priority 0; 27 - policy accept; 28 - } 29 - } 30 - ''; 31 - }; 32 - }

+33

hosts/bluepill-proxy/modules/socat.nix

··· 1 + {pkgs, ...}: { 2 + networking.firewall = { 3 + allowedTCPPorts = [25565 23343]; 4 + allowedUDPPorts = [25565 23343 24454 22232]; 5 + }; 6 + 7 + environment.systemPackages = with pkgs; [socat]; 8 + 9 + systemd.services.minecraft-forward = { 10 + description = "Minecraft TCP+UDP forward"; 11 + wants = ["network-online.target"]; 12 + after = ["network-online.target"]; 13 + serviceConfig = { 14 + ExecStart = '' 15 + sh -c ' 16 + socat TCP-LISTEN:25565,reuseaddr,fork TCP:100.108.47.83:25565 & 17 + socat UDP-LISTEN:25565,reuseaddr,fork UDP:100.108.47.83:25565 & 18 + socat UDP-LISTEN:24454,reuseaddr,fork UDP:100.108.47.83:24454 & 19 + 20 + socat TCP-LISTEN:23343,reuseaddr,fork TCP:100.108.47.83:23343 & 21 + socat UDP-LISTEN:23343,reuseaddr,fork UDP:100.108.47.83:23343 & 22 + socat UDP-LISTEN:22232,reuseaddr,fork UDP:100.108.47.83:22232 & 23 + wait 24 + ' 25 + ''; 26 + Restart = "always"; 27 + User = "nobody"; 28 + StandardOutput = "journal"; 29 + StandardError = "journal"; 30 + }; 31 + wantedBy = ["multi-user.target"]; 32 + }; 33 + }