New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/proxychains: init #86225
nixos/proxychains: init #86225
Conversation
Proxies default now reflects |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks alright.
hey, sorry for the delay. |
${cfg.extraConfig} | ||
''; | ||
|
||
proxyOptions = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at the sample config file (which I think would be great to put in proxychains $out
), you can also pass a password, which is missing here yet.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done via f9bdbf2a13d9db1f51f7b361cb3de7cb68bea9ab
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've deliberately decided to not include user
and password
proxy options since it seems pretty obscure (the most common use-case is just running this with local Tor proxy) and poses a problem with passwords-in-store.
services.proxychains.proxies = mkIf config.services.tor.client.enable | ||
(mkDefault [{ | ||
type = "socks4"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this should be in this module, but rather in the tor one, and maybe behind an enable option
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure how to call the option - services.tor.client.proxychains.enable
?
Looks like additional pitfall when you want to use proxychains with Tor - the sample proxychains.conf
has Tor proxy enabled as well and we only enable it when tor.client
is enabled.
|
As requested by Infinisil in NixOS#86225.
Thanks for the suggestions Infinisil, also fixed the wording of the |
I think this is good to go. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, looks good!
Motivation for this change
Modular configuration for
proxychains
. After enabling, it allows runningproxychains4
out of box proxying connections to Tor SOCKS whenservices.tor.client
is enabled.Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)