From 1df7471bf7dc48bb612e7eba25ab47a4b79882c2 Mon Sep 17 00:00:00 2001
From: Guanran Wang <guanran928@outlook.com>
Date: Sat, 24 Aug 2024 21:11:27 +0800
Subject: [PATCH] nixos/sing-box: bypass lan

---
 nixos/profiles/sing-box/default.nix | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/nixos/profiles/sing-box/default.nix b/nixos/profiles/sing-box/default.nix
index 2f72ed2..c50480a 100644
--- a/nixos/profiles/sing-box/default.nix
+++ b/nixos/profiles/sing-box/default.nix
@@ -39,10 +39,21 @@
       route = {
         rules = [
           {
-            rule_set = ["geoip-cn" "geosite-cn"];
+            rule_set = [
+              "geoip-cn"
+              "geosite-cn"
+            ];
+            outbound = "direct";
+          }
+          {
+            rule_set = [
+              "geosite-private"
+            ];
+            ip_is_private = true;
             outbound = "direct";
           }
         ];
+
         rule_set = [
           {
             tag = "geoip-cn";
@@ -56,7 +67,14 @@
             format = "binary";
             path = "${pkgs.sing-geosite}/share/sing-box/rule-set/geosite-cn.srs";
           }
+          {
+            tag = "geosite-private";
+            type = "local";
+            format = "binary";
+            path = "${pkgs.sing-geosite}/share/sing-box/rule-set/geosite-private.srs";
+          }
         ];
+
         final = "tyo0";
       };
 
@@ -75,6 +93,7 @@
     httpProxy = "http://127.0.0.1:1080/";
     httpsProxy = "http://127.0.0.1:1080/";
   };
+
   environment.shellAliases = let
     inherit (config.networking.proxy) httpProxy httpsProxy;
   in {