l: add tor-ssh.nix

author: lassulus <lassulus@lassul.us> 2022-05-29 13:49:18 +0200
committer: lassulus <lassulus@lassul.us> 2022-05-29 13:49:18 +0200
commit: a6ec22808c3cf893fdf07f08d0529aace9480664 (patch)
tree: 06537c3dac2e29ae21921acbbea0916c533bbdd0 /lass/2configs
parent: db7da0a5d57d64681ab999f2accd115139abe1db (diff)
2 files changed, 15 insertions, 0 deletions
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index f03d8b568..01a40952e 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -10,6 +10,7 @@ with import <stockholm/lib>;
     ./htop.nix
     <stockholm/krebs/2configs/security-workarounds.nix>
     ./wiregrill.nix
+    ./tor-ssh.nix
     {
       users.extraUsers =
         mapAttrs (_: h: { hashedPassword = h; })
diff --git a/lass/2configs/tor-ssh.nix b/lass/2configs/tor-ssh.nix
new file mode 100644
index 000000000..8b36733e2
--- /dev/null
+++ b/lass/2configs/tor-ssh.nix
@@ -0,0 +1,14 @@
+{
+  services.tor = {
+    enable = true;
+    relay.onionServices.ssh = {
+      version = 3;
+      map = [{
+        port = 22;
+        target.port = 22;
+      }];
+      secretKey = <secrets/ssh-tor.priv>;
+    };
+  };
+}
+
author	lassulus <lassulus@lassul.us>	2022-05-29 13:49:18 +0200
committer	lassulus <lassulus@lassul.us>	2022-05-29 13:49:18 +0200
commit	a6ec22808c3cf893fdf07f08d0529aace9480664 (patch)
tree	06537c3dac2e29ae21921acbbea0916c533bbdd0 /lass/2configs
parent	db7da0a5d57d64681ab999f2accd115139abe1db (diff)