stop running tor everywhere
parent
b2aa339593
commit
6922a4e3a0
|
@ -49,6 +49,7 @@ in with lib; {
|
||||||
}
|
}
|
||||||
'') ["daily" "gospel" "blog"]);
|
'') ["daily" "gospel" "blog"]);
|
||||||
};
|
};
|
||||||
|
services.tor.enable = true;
|
||||||
services.tor.hiddenServices.muflax-blog.map = [{
|
services.tor.hiddenServices.muflax-blog.map = [{
|
||||||
port = 80; toPort = cfg.web-server.port; }];
|
port = 80; toPort = cfg.web-server.port; }];
|
||||||
services.tor.service-keys.muflax-blog = cfg.hidden-service.private_key;
|
services.tor.service-keys.muflax-blog = cfg.hidden-service.private_key;
|
||||||
|
|
|
@ -49,24 +49,6 @@ in
|
||||||
challengeResponseAuthentication = false;
|
challengeResponseAuthentication = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.tor = {
|
|
||||||
enable = true;
|
|
||||||
client.enable = true;
|
|
||||||
# ssh hidden service
|
|
||||||
hiddenServices.ssh.map = [{ port = 22; }];
|
|
||||||
service-keys.ssh = "/root/keys/ssh.${machine}.key";
|
|
||||||
};
|
|
||||||
deployment.keyys = [ (<yori-nix/keys> + "/ssh.${machine}.key") ];
|
|
||||||
|
|
||||||
programs.ssh.extraConfig = ''
|
|
||||||
Host *.onion
|
|
||||||
ProxyCommand nc -xlocalhost:9050 -X5 %h %p
|
|
||||||
'' +
|
|
||||||
(with lib; (flip concatMapStrings) (filter (hasPrefix "ssh.") (attrNames secrets.tor_hostnames)) (name: ''
|
|
||||||
Host ${removePrefix "ssh." name}.onion
|
|
||||||
hostname ${secrets.tor_hostnames.${name}}
|
|
||||||
''
|
|
||||||
));
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
# v important.
|
# v important.
|
||||||
|
|
Loading…
Reference in New Issue