New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/tor: better support non-anonymous services #48625
Conversation
Tor requires ``SOCKSPort 0`` when non-anonymous hidden services are enabled. If the configuration doesn't enable Tor client features, generate a configuration file that explicitly includes this disabling to allow such non-anonymous hidden services to be created (note that doing so still requires additional configuration). See NixOS#48622.
@Phreedom @doublec @thoughtpolice @joachifm (I hope this is the right protocol, if not my apologies, let me know and I won't do it again) |
this is fine. |
cc @oxij |
That LGTM, but it seems that making `socksListenAddressFaster` optional would also make sense now as some users might use `client.enable = false` to configure the client via `extraConfig` manually. But that can by done later, when somebody actually needs it, IMHO.
|
both should be possible i mean, i want to use tor to both
seems like this requires running two separate tor daemons |
One tor daemon could run in a nixos container with port forwarding. |
sounds too complicated ... the non-anonymous tor daemon is not listening ( it just needs a separate to clarify, the "insecure" mode of tor is useful for NAT punching |
This PR is merged. If you want additional features from the NixOS Tor service, maybe file a new issue and/or create a new PR. |
Motivation for this change
Tor requires
SOCKSPort 0
when non-anonymous hidden services areenabled. If the configuration doesn't enable Tor client features,
generate a configuration file that explicitly includes this disabling
to allow such non-anonymous hidden services to be created (note that
doing so still requires additional configuration). See #48622.
Fixes #48622
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)