first xray

2026-02-17 07:44:41 +04:00 · 2025-10-18 12:43:35 +09:00 · 2025-10-18 12:43:35 +09:00 · c2106ca1a6
commit c2106ca1a6
parent bbacfb100e
18 changed files with 482 additions and 29 deletions
--- a/nix/server/xray.nix
+++ b/nix/server/xray.nix
@ -0,0 +1,21 @@
+{ config
+, pkgs
+, lib
+, ...
+}:
+let
+  cfg = config.kp2pml30.server;
+  ports = config.kp2pml30.server.ports;
+in lib.mkIf cfg.xray {
+  services.xray = {
+    enable = true;
+    settingsFile = "/run/secrets/xray-config.json";
+  };
+
+  # Ensure xray can read the certificates
+  users.users.xray.extraGroups = [ "nginx" ];
+
+  # Ensure the xray service starts after ACME certificates are available
+  systemd.services.xray.after = [ "acme-${cfg.hostname}.service" ];
+  systemd.services.xray.wants = [ "acme-${cfg.hostname}.service" ];
+}