current
 1{lib, ...}: {
 2  den.aspects.services.provides.mihomo.nixos = {config, ...}: {
 3    services.mihomo.tunMode = true;
 4
 5    services.mihomo.config.tun = {
 6      enable = true;
 7      stack = "system";
 8      device = "mihomo-tun0";
 9      auto-route = true;
10      auto-redirect = true;
11      auto-detect-interface = lib.mkDefault true;
12      dns-hijack = [
13        "any:53"
14        "tcp://any:53"
15      ];
16      strict-route = true;
17      mtu = 1500;
18      # Bypass Tailscale interfaces and routes to prevent routing loops and conflicts.
19      # From https://blog.ichr.me/post/tailscale-mihomo-quantumult-x/
20      exclude-interface =
21        lib.optional
22        config.services.tailscale.enable
23        config.services.tailscale.interfaceName;
24      route-exclude-address =
25        lib.optionals
26        config.services.tailscale.enable
27        ["100.64.0.0/10" "fd7a:115c:a1e0::/48"];
28    };
29  };
30}