-
-
Notifications
You must be signed in to change notification settings - Fork 14k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/zapret: init #347805
nixos/zapret: init #347805
Conversation
Looks like I actually need to create a release notes entry. On it now. |
86353c3
to
ac8d8af
Compare
I totally missed an already open PR here: #327903 Closing this. |
Actually, now that I think about it, I'll keep this PR open as an alternative. |
Why not put this in a seperate repo under a flake? The maintainers said that the other PR was done dirtily and it will probably hang as an open PR for a while due to such. |
My implementation doesn't have the dirty part. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. I hope this is merged into master soon. Russian and Turkish NixOS users definitely need this right now regarding all the bans and slowdowns recently.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this looks cuter than mine PR :D
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
tysm 🙏🏻for this, and welcome to the nixos, friend. looks good to me, tho, i'll add labels in case there missing some.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is excellent! Aside from the comments below, the commits should be squashed according to the Commit Conventions.
Something like this should work:
maintainers: add voronind
nixos/zapret: init
fully agree with it. |
@ofborg test simple |
Me too. |
8972fa7
to
916aae3
Compare
Turkish & Russian users can already use this PR/MR, but the quality of the module may vary. It should be good enough for now, as it is an emergency. Guide:
|
Sorry, I need other maintainers guidance on this. I don't see a reason why nixpkgs should follow flakes from the wild, but I might be wrong. For now it follows consistent logic of all other NixOS package-specific services. Anyway why would anyone use both at the same time? |
There's no need to care about what other repos do. |
If you decide to keep this flake in inputs after merge, you need to disable zapret in nixpkgs disabledModules = [
"services/networking/zapret.nix"
]; |
Just dropping in to ask about OfBorg's checks since I'm not familiar. It's been about 12 hours, why havent the darwin checks been completed yet? |
Don't worry about it. Darwin checks are optional for Linux/NixOS changes and they usually take days to complete, especially near the final release staging cycles. Emily has been working on improving the Darwin OfBorg CI situation; hopefully their completion times will approach Linux's soon. |
Can we skip the check if it's optional? I remember someone did that with a command once. |
No. I suggest ignoring it. |
Then we still need someone who could merge this. Or is it automatic? |
It is not automatic. A committer will eventually merge this; please be patient.
|
that's funny how you got actually a lot approvals from members, but not from committers. 👀 |
Checks just passed. Darwin took like 3 days wow. |
hooray! |
Hopefully a commiter sees this now. |
9fb0c76
to
5a5c04d
Compare
I'm in chat with a commiter. We added the optionalString and now waiting for the ofborg eval before merging. I also re-tested locally. |
good luck, pal 👍🏻 |
congrats @voronind-com! and welcome to the nixos/nixpkgs. 🎉 |
YOOOOOOOOOOOOOOOOOOOOOOOOOOO!!!!!! FINALLY! |
Things done
Implement a systemd service for NixOS that enables Zapret package system-wide.
I've been using it for a while now.
Compared to #327903 this module has whitelist/blacklist support as well as some other configurations. Also after running this for a while, I solved some pain-points like repetitive network slowdowns. And no "dirty" parts.
Also this is my first contribution. I'd really appreciate assistance with making things right this first time. Please tell me all your thoughts. Thanks!
Example configuration:
nix.conf
? (See Nix manual)sandbox = relaxed
sandbox = true
nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)Add a 👍 reaction to pull requests you find important.