generate tor ssh host forwards from secrets
parent
ba6141aff8
commit
a48b7e66f1
|
@ -33,8 +33,8 @@ in
|
||||||
nix.extraOptions = ''
|
nix.extraOptions = ''
|
||||||
allow-unsafe-native-code-during-evaluation = true
|
allow-unsafe-native-code-during-evaluation = true
|
||||||
allow-unfree = true
|
allow-unfree = true
|
||||||
binary-caches-parallel-connections = 3
|
#binary-caches-parallel-connections = 3
|
||||||
connect-timeout = 5
|
#connect-timeout = 5
|
||||||
keep-going = true
|
keep-going = true
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
@ -55,7 +55,12 @@ in
|
||||||
programs.ssh.extraConfig = ''
|
programs.ssh.extraConfig = ''
|
||||||
Host *.onion
|
Host *.onion
|
||||||
ProxyCommand nc -xlocalhost:9050 -X5 %h %p
|
ProxyCommand nc -xlocalhost:9050 -X5 %h %p
|
||||||
'';
|
'' +
|
||||||
|
(with lib; (flip concatMapStrings) (filter (hasPrefix "ssh.") (attrNames secrets.tor_hostnames)) (name: ''
|
||||||
|
Host ${removePrefix "ssh." name}.onion
|
||||||
|
hostname ${secrets.tor_hostnames.${name}}
|
||||||
|
''
|
||||||
|
));
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
# v important.
|
# v important.
|
||||||
|
@ -100,6 +105,5 @@ in
|
||||||
nix.gc.automatic = true;
|
nix.gc.automatic = true;
|
||||||
|
|
||||||
security.acme.preliminarySelfsigned = true;
|
security.acme.preliminarySelfsigned = true;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue