Support direct socks proxy without ssh

add network-online Requires
remove leftover files
2025-02-27 11:05:11 -05:00 · 2025-02-26 21:18:53 -05:00 · 2025-01-31 22:24:49 -05:00 · 2025-01-31 22:21:40 -05:00 · 2025-01-31 00:27:18 -05:00
7 changed files with 50 additions and 37 deletions
--- a/.SRCINFO
+++ b/.SRCINFO
@ -1,22 +0,0 @@
-pkgbase = nnss
-	pkgdesc = Network Namespace setup using SSH SOCKS proxy
-	pkgver = 0.1.0
-	pkgrel = 2
-	url = https://gitea.balki.me/balki/nnss
-	arch = any
-	license = MIT
-	depends = tun2socks
-	source = nnss-ssh@.service
-	source = nnss-tunsocks@.service
-	source = ssh_config
-	source = tunsocks.sh
-	source = README.md
-	source = tmpfiles.conf
-	sha256sums = 59abec374b4430510f40fa2184863c5978f638047f5740ed2bf86a5ec6f92dff
-	sha256sums = af660f552d439bc9134a0d0774fed3a765448abfebee39a586c05df56e9ff32d
-	sha256sums = cb57dd0be323adc05d70d6b28ed7d79261c5c7215586e604138a164ae88aeeca
-	sha256sums = f35c22bb12d020428787828107ee379dd147e485edfdac687fed92d73d81d418
-	sha256sums = 20272994a3f3235ae79b24c4ab7c78a21aeadfd5ca03df98a6b099aac6a623a4
-	sha256sums = 654a3615be4eb635957a4ab33e733a1c6655225f6ff34ec8a58f6dabc9ac0d70
-
-pkgname = nnss
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +0,0 @@
-nnss*pkg.tar.zst
-src/
-pkg/
--- a/README.md
+++ b/README.md
@ -2,19 +2,25 @@

 Create network namespace where all¹ network requests go via ssh connection.

+## Installing
+
+1. Install from [AUR][2].
+2. Download and install pre-built archlinux package: [link][3].
+3. For other linux, copy the files to appropriate path as done [here][4].
+
 ## Creating new namespace

-1. Create a simple ssh config at `/etc/nnss/<namespace_name>/config`. This will be
-included with [other settings][0].
-2. Create the ssh private key at `/etc/nnss/<namespace_name>/privatekey`
-3. [Edit][1] your service file to include below properties
+1. Create a simple ssh config at `/etc/nnss/<namespace_name>/config`. This will
+   be included with [other settings][0].
+2. Copy your ssh private key to `/etc/nnss/<namespace_name>/privatekey`
+3. [Edit][1] your application's service file to include below properties

 ```systemd
 [Unit]
-Requires=nnss-tunsocks@<namespace_name>.service
-After=nnss-tunsocks@<namespace_name>.service
+Requires=nnssA@<namespace_name>.service
+After=nnssA@<namespace_name>.service
 [Service]
-NetworkNamespacePath=/run/netns/<namespace_name>
+NetworkNamespacePath=/run/netns/<namespace_name>ns
 ```

 ### Example
@ -34,7 +40,12 @@ Port 8822 # If the ssh server is not on default port 22
 ## Testing namespace

 ```bash
-❯ sudo systemd-run --property=NetworkNamespacePath=/run/netns/vps1ns --property=User=$USER --property=Requires=nnss-tunsocks@vps1.service --property=After=nnss-tunsocks@vps1.service  --shell
+❯ sudo systemd-run \
+    --property=NetworkNamespacePath=/run/netns/vps1ns \
+    --property=User=$USER \
+    --property=Requires=nnssA@vps1.service \
+    --property=After=nnssA@vps1.service  \
+    --shell
 [sudo] password for balki:
 Running as unit: run-p233279-i233579.service
 Press ^] three times within 1s to disconnect TTY.
@ -72,3 +83,6 @@ DNS by default still goes via host.

 [0]: ./ssh_config
 [1]: https://wiki.archlinux.org/title/Systemd#Editing_provided_units
+[2]: https://aur.archlinux.org/packages/nnss
+[3]: https://gitea.balki.me/balki-aur/-/packages/arch/nnss/0.1.0-1
+[4]: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=nnss#n14
--- a/nnss-ssh@.service
+++ b/nnss-ssh@.service
@ -1,6 +1,7 @@
 [Unit]
 Description=Create SSH connection to %I
-After=network.target
+Requires=network-online.target
+After=network-online.target
 StopWhenUnneeded=yes

 [Service]
--- a/nnss-tunsocks@.service
+++ b/nnss-tunsocks@.service
@ -9,7 +9,7 @@ StopWhenUnneeded=yes
 Type=notify
 NotifyAccess=all

-RuntimeDirectory=nnss-tunsocks%i
+RuntimeDirectory=nnssA%i

 ExecStart=/usr/lib/nnss/tunsocks.sh "%i" setup
 ExecStop=/usr/lib/nnss/tunsocks.sh "%i" cleanup
--- a/nnssB@.service
+++ b/nnssB@.service
@ -0,0 +1,17 @@
+[Unit]
+Description=Create network namespace and tun device to %I
+StopWhenUnneeded=yes
+
+[Service]
+
+Type=notify
+NotifyAccess=all
+
+RuntimeDirectory=nnssB%i
+
+# Add SOCKS_PROXY environment variable to below file. E.g.
+# SOCKS_PROXY=socks5://127.0.0.1:9050
+EnvironmentFile=/etc/nnss/env_%i
+
+ExecStart=/usr/lib/nnss/tunsocks.sh "%i" use_env setup
+ExecStop=/usr/lib/nnss/tunsocks.sh "%i" use_env cleanup
--- a/tunsocks.sh
+++ b/tunsocks.sh
@ -7,13 +7,19 @@ pidfile=${RUNTIME_DIRECTORY:-/tmp}/tunsocks.pid
 nsname="$1"
 device="tun${nsname}"
 ns="${nsname}ns"
-socketpath="/run/nnss-${nsname}/sock"
+
+if [ "$2" = use_env ];then
+		proxy="$SOCKS_PROXY"
+		shift
+else
+		proxy="socks5:///run/nnss-${nsname}/sock"
+fi

 setup()
 {
 		ip tuntap add mode tun dev "$device"

-		/usr/bin/tun2socks -device "$device" -proxy "socks5://$socketpath" &
+		/usr/bin/tun2socks -device "$device" -proxy "$proxy" &
 		echo "$!" > "$pidfile"
 		sleep 5
Author	SHA1	Message	Date
Balakrishnan Balasubramanian	e1c8128d02	Support direct socks proxy without ssh	2025-02-27 11:05:11 -05:00
Balakrishnan Balasubramanian	b61950cc40	add network-online Requires	2025-02-26 21:18:53 -05:00
Balakrishnan Balasubramanian	ab295438b9	remove leftover files	2025-01-31 22:24:49 -05:00
Balakrishnan Balasubramanian	1aeb38e1ef	fix namespace path in README.md	2025-01-31 22:21:40 -05:00
Balakrishnan Balasubramanian	b1926a4640	Add install instructions to README	2025-01-31 00:27:18 -05:00