aiolabs/nix-bitcoin
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

move enforceTor logic to service modules

Browse source 
This enables tor support for services without using secure-node.nix
This commit is contained in:
Erik Arvstedt 2020-10-29 21:20:27 +01:00
parent 0cc8caa737
commit e0675cb256
No known key found for this signature in database
GPG key ID: 33312B944DD97846
6 changed files with 9 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/clightning.nix
View file

@ -38,12 +38,12 @@ in {
};
proxy = mkOption {
type = types.nullOr types.str;
default = null;
default = if cfg.enforceTor then config.services.tor.client.socksListenAddress else null;
description = "Set a socks proxy to use to connect to Tor nodes (or for all connections if *always-use-proxy* is set)";
};
always-use-proxy = mkOption {
type = types.bool;
default = false;
default = cfg.enforceTor;
description = ''
Always use the *proxy*, even to connect to normal IP addresses (you can still connect to Unix domain sockets manually). This also disables all DNS lookups, to avoid leaking information.
'';