vps-arm-2024-11-28-10-14-18

2024-11-28 10:14:18 +01:00
parent a98735ef05
commit 8761abf51c
5 changed files with 51 additions and 29 deletions
--- a/machine/vps-arm/configuration.nix
+++ b/machine/vps-arm/configuration.nix
@ -73,6 +73,28 @@ in {
          ];
          hostKeys = ["/persist/pre_boot_ssh_key"];
        };
+
+        postCommands = let
+          torRc = pkgs.writeText "tor.rc" ''
+            DataDirectory /etc/tor
+            SOCKSPort 127.0.0.1:9050 IsolateDestAddr
+            SOCKSPort 127.0.0.1:9063
+            HiddenServiceDir /etc/tor/onion/bootup
+            HiddenServicePort 22 127.0.0.1:22
+          '';
+        in ''
+          echo "tor: preparing onion folder"
+          # have to do this otherwise tor does not want to start
+          chmod -R 700 /etc/tor
+
+          echo "make sure localhost is up"
+          ip a a 127.0.0.1/8 dev lo
+          ip link set lo up
+
+          echo "tor: starting tor"
+          tor -f ${torRc} --verify-config
+          tor -f ${torRc} &
+        '';
      };
      luks.devices = {
        root = {
@ -80,6 +102,14 @@ in {
          preLVM = true;
        };
      };
+
+      secrets = {
+        "/etc/tor/onion/bootup" = /home/alex/tor/onion; # maybe find a better spot to store this.
+      };
+
+      extraUtilsCommands = ''
+        copy_bin_and_libs ${pkgs.tor}/bin/tor
+      '';
    };
  };