From 8cb3aab57ba8ac82cba68ed387565b99a319e106 Mon Sep 17 00:00:00 2001 From: Yan Lin Date: Wed, 11 Feb 2026 20:45:12 +0100 Subject: [PATCH] remove tunnel functions --- hosts/darwin/home-default.nix | 98 ---------------------------- hosts/nixos/home-default.nix | 5 -- modules/gnome/home.nix | 68 ------------------- modules/hyprland/home.nix | 119 ---------------------------------- 4 files changed, 290 deletions(-) diff --git a/hosts/darwin/home-default.nix b/hosts/darwin/home-default.nix index 439bc7f..2befa55 100644 --- a/hosts/darwin/home-default.nix +++ b/hosts/darwin/home-default.nix @@ -48,106 +48,8 @@ # darwin-specific alias programs.zsh.shellAliases = { oss = "sudo darwin-rebuild switch --flake ~/.config/nix#$(hostname)"; - - preview = "open -a Preview"; - slide = "open -a SlidePilot"; - - # Network monitoring aliases - bw = "sudo bandwhich"; - bw-raw = "sudo bandwhich --raw"; - bw-dns = "sudo bandwhich --show-dns"; }; - # Darwin-specific zsh functions - programs.zsh.initContent = '' - # Function to search and open all macOS applications - function app() { - local app_path - local file_to_open="$1" - - app_path=$( (find -L /Applications -name "*.app" -maxdepth 2 2>/dev/null; \ - find -L ~/Applications -name "*.app" -maxdepth 3 2>/dev/null; \ - find /System/Applications -name "*.app" -maxdepth 2 2>/dev/null; \ - find /System/Applications/Utilities -name "*.app" -maxdepth 1 2>/dev/null) | - sort | uniq | - fzf --header="Select app to open''${file_to_open:+ file: $file_to_open}" \ - --preview 'basename {} .app' \ - --preview-window=up:1 \ - --height=40%) - - if [[ -n "$app_path" ]]; then - if [[ -n "$file_to_open" ]]; then - open -a "$app_path" "$file_to_open" - else - open "$app_path" - fi - fi - } - - # SSH tunnel functions for easy VPN-like functionality - function tunnel-on() { - if [[ -z "$1" ]]; then - echo "Usage: tunnel-on " - return 1 - fi - - local host="$1" - local port=1080 # Use port 1080 (standard SOCKS port) - - # Check if there's already an active tunnel - local existing_tunnel=$(ps aux | grep -E "ssh -D $port" | grep -v grep) - if [[ -n "$existing_tunnel" ]]; then - echo "Existing tunnel detected. Switching to $host..." - echo "Stopping current tunnel..." - pkill -f "ssh -D $port" - sleep 1 - fi - - echo "Starting SOCKS tunnel to $host on port $port..." - - # Start SSH tunnel in background - ssh -D $port -N -f "$host" - if [[ $? -eq 0 ]]; then - echo "Tunnel established. Configuring system proxy..." - - # Configure system proxy - networksetup -setsocksfirewallproxy "Wi-Fi" localhost $port - networksetup -setsocksfirewallproxystate "Wi-Fi" on - - echo "✓ System proxy enabled on Wi-Fi (localhost:$port -> $host)" - else - echo "✗ Failed to establish tunnel to $host" - return 1 - fi - } - - function tunnel-off() { - local port=1080 - echo "Disabling system proxy..." - networksetup -setsocksfirewallproxystate "Wi-Fi" off - echo "✓ System proxy disabled" - - echo "Stopping SSH tunnels..." - pkill -f "ssh -D $port" - echo "✓ SSH tunnels stopped" - } - - function tunnel-status() { - local port=1080 - echo "=== System Proxy Status ===" - networksetup -getsocksfirewallproxy "Wi-Fi" | grep -E "Enabled|Server|Port" - - echo "" - echo "=== Active SSH Tunnels ===" - local tunnels=$(ps aux | grep -E "ssh -D $port" | grep -v grep) - if [[ -n "$tunnels" ]]; then - echo "$tunnels" - else - echo "No active SSH tunnels" - fi - } - ''; - home.packages = with pkgs; [ texlive.combined.scheme-full httpie diff --git a/hosts/nixos/home-default.nix b/hosts/nixos/home-default.nix index f41f05f..1012a57 100644 --- a/hosts/nixos/home-default.nix +++ b/hosts/nixos/home-default.nix @@ -29,11 +29,6 @@ # nixOS-specific alias programs.zsh.shellAliases = { oss = "sudo nixos-rebuild switch --flake ~/.config/nix#$(hostname)"; - - # Network monitoring aliases (no sudo needed - NixOS module handles permissions) - bw = "bandwhich"; - bw-raw = "bandwhich --raw"; - bw-dns = "bandwhich --show-dns"; }; home.packages = with pkgs; [ diff --git a/modules/gnome/home.nix b/modules/gnome/home.nix index 190aecd..87f3e07 100644 --- a/modules/gnome/home.nix +++ b/modules/gnome/home.nix @@ -250,73 +250,5 @@ in }; }; - # SSH tunnel functions for SOCKS proxy via GNOME system proxy - programs.zsh.initContent = '' - # SSH tunnel functions for easy VPN-like functionality - function tunnel-on() { - if [[ -z "$1" ]]; then - echo "Usage: tunnel-on " - return 1 - fi - - local host="$1" - local port=1080 # Use port 1080 (standard SOCKS port) - - # Check if there's already an active tunnel - local existing_tunnel=$(ps aux | grep -E "ssh -D $port" | grep -v grep) - if [[ -n "$existing_tunnel" ]]; then - echo "Existing tunnel detected. Switching to $host..." - echo "Stopping current tunnel..." - pkill -f "ssh -D $port" - sleep 1 - fi - - echo "Starting SOCKS tunnel to $host on port $port..." - - # Start SSH tunnel in background - ssh -D $port -N -f "$host" - if [[ $? -eq 0 ]]; then - echo "Tunnel established. Configuring system proxy..." - - # Configure GNOME system proxy settings - gsettings set org.gnome.system.proxy mode 'manual' - gsettings set org.gnome.system.proxy.socks host 'localhost' - gsettings set org.gnome.system.proxy.socks port $port - - echo "✓ System proxy enabled (localhost:$port -> $host)" - else - echo "✗ Failed to establish tunnel to $host" - return 1 - fi - } - - function tunnel-off() { - local port=1080 - echo "Disabling system proxy..." - gsettings set org.gnome.system.proxy mode 'none' - echo "✓ System proxy disabled" - - echo "Stopping SSH tunnels..." - pkill -f "ssh -D $port" - echo "✓ SSH tunnels stopped" - } - - function tunnel-status() { - local port=1080 - echo "=== GNOME System Proxy Status ===" - echo "Mode: $(gsettings get org.gnome.system.proxy mode)" - echo "SOCKS Host: $(gsettings get org.gnome.system.proxy.socks host)" - echo "SOCKS Port: $(gsettings get org.gnome.system.proxy.socks port)" - - echo "" - echo "=== Active SSH Tunnels ===" - local tunnels=$(ps aux | grep -E "ssh -D $port" | grep -v grep) - if [[ -n "$tunnels" ]]; then - echo "$tunnels" - else - echo "No active SSH tunnels" - fi - } - ''; }; } diff --git a/modules/hyprland/home.nix b/modules/hyprland/home.nix index d8cd00f..9c49659 100644 --- a/modules/hyprland/home.nix +++ b/modules/hyprland/home.nix @@ -412,125 +412,6 @@ programs.zsh.initContent = '' # Quickly restart Hyprland session (graceful logout) alias hypr-restart='loginctl terminate-session' - - # SSH tunnel functions for transparent system-wide SOCKS proxy via redsocks - function tunnel-on() { - if [[ -z "$1" ]]; then - echo "Usage: tunnel-on " - return 1 - fi - - local host="$1" - local port=1080 # SOCKS port - local redsocks_port=12345 # Redsocks local port - - # Check if there's already an active tunnel - local existing_tunnel=$(ps aux | grep -E "ssh -D $port" | grep -v grep) - if [[ -n "$existing_tunnel" ]]; then - echo "Existing tunnel detected. Switching to $host..." - echo "Stopping current tunnel..." - pkill -f "ssh -D $port" - sleep 1 - fi - - echo "Starting SOCKS tunnel to $host on port $port..." - - # Start SSH tunnel in background - ssh -D $port -N -f "$host" - if [[ $? -ne 0 ]]; then - echo "✗ Failed to establish tunnel to $host" - return 1 - fi - echo "✓ Tunnel established" - - # Start redsocks - echo "Starting redsocks transparent proxy..." - redsocks -c ~/.config/redsocks/redsocks.conf - if [[ $? -ne 0 ]]; then - echo "✗ Failed to start redsocks" - pkill -f "ssh -D $port" - return 1 - fi - echo "✓ Redsocks started" - - # Configure iptables rules for transparent proxying - echo "Configuring iptables rules..." - - # Create REDSOCKS chain if it doesn't exist - sudo iptables -t nat -N REDSOCKS 2>/dev/null || sudo iptables -t nat -F REDSOCKS - - # Exclude localhost networks - sudo iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN - - # Redirect all other TCP traffic to redsocks - sudo iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports $redsocks_port - - # Apply the REDSOCKS chain to OUTPUT - sudo iptables -t nat -A OUTPUT -p tcp -j REDSOCKS - - echo "✓ System-wide proxy enabled (localhost:$port -> $host)" - echo "All TCP traffic is now routed through the SSH tunnel" - } - - function tunnel-off() { - local port=1080 - - echo "Removing iptables rules..." - # Remove REDSOCKS chain from OUTPUT - sudo iptables -t nat -D OUTPUT -p tcp -j REDSOCKS 2>/dev/null - # Flush and delete REDSOCKS chain - sudo iptables -t nat -F REDSOCKS 2>/dev/null - sudo iptables -t nat -X REDSOCKS 2>/dev/null - echo "✓ iptables rules removed" - - echo "Stopping redsocks..." - pkill -f "redsocks -c" - echo "✓ Redsocks stopped" - - echo "Stopping SSH tunnels..." - pkill -f "ssh -D $port" - echo "✓ SSH tunnels stopped" - - echo "System-wide proxy disabled" - } - - function tunnel-status() { - local port=1080 - local redsocks_port=12345 - - echo "=== SSH Tunnel Status ===" - local tunnels=$(ps aux | grep -E "ssh -D $port" | grep -v grep) - if [[ -n "$tunnels" ]]; then - echo "✓ Active SSH tunnel:" - echo "$tunnels" - else - echo "✗ No active SSH tunnels" - fi - - echo "" - echo "=== Redsocks Status ===" - local redsocks=$(ps aux | grep -E "redsocks -c" | grep -v grep) - if [[ -n "$redsocks" ]]; then - echo "✓ Redsocks running:" - echo "$redsocks" - else - echo "✗ Redsocks not running" - fi - - echo "" - echo "=== iptables REDSOCKS Chain ===" - if sudo iptables -t nat -L REDSOCKS -n 2>/dev/null | grep -q "Chain REDSOCKS"; then - echo "✓ REDSOCKS chain exists:" - sudo iptables -t nat -L REDSOCKS -n --line-numbers - else - echo "✗ REDSOCKS chain not configured" - fi - - echo "" - echo "=== Network Test ===" - echo "Your current IP (via proxy if enabled):" - timeout 5 curl -s https://api.ipify.org 2>/dev/null || echo "Failed to fetch IP" - } ''; # Cursor theme configuration