pyrox.dev
1{ config, lib, pkgs, ... }:
2with lib;
3let
4
5 cfg = config.services.tor;
6
7 torify = pkgs.writeTextFile {
8 name = "tsocks";
9 text = ''
10 #!${pkgs.runtimeShell}
11 TSOCKS_CONF_FILE=${pkgs.writeText "tsocks.conf" cfg.tsocks.config} LD_PRELOAD="${pkgs.tsocks}/lib/libtsocks.so $LD_PRELOAD" "$@"
12 '';
13 executable = true;
14 destination = "/bin/tsocks";
15 };
16
17in
18
19{
20
21 ###### interface
22
23 options = {
24
25 services.tor.tsocks = {
26
27 enable = mkOption {
28 type = types.bool;
29 default = false;
30 description = lib.mdDoc ''
31 Whether to build tsocks wrapper script to relay application traffic via Tor.
32
33 ::: {.important}
34 You shouldn't use this unless you know what you're
35 doing because your installation of Tor already comes with
36 its own superior (doesn't leak DNS queries)
37 `torsocks` wrapper which does pretty much
38 exactly the same thing as this.
39 :::
40 '';
41 };
42
43 server = mkOption {
44 type = types.str;
45 default = "localhost:9050";
46 example = "192.168.0.20";
47 description = lib.mdDoc ''
48 IP address of TOR client to use.
49 '';
50 };
51
52 config = mkOption {
53 type = types.lines;
54 default = "";
55 description = lib.mdDoc ''
56 Extra configuration. Contents will be added verbatim to TSocks
57 configuration file.
58 '';
59 };
60
61 };
62
63 };
64
65 ###### implementation
66
67 config = mkIf cfg.tsocks.enable {
68
69 environment.systemPackages = [ torify ]; # expose it to the users
70
71 services.tor.tsocks.config = ''
72 server = ${toString(head (splitString ":" cfg.tsocks.server))}
73 server_port = ${toString(tail (splitString ":" cfg.tsocks.server))}
74
75 local = 127.0.0.0/255.128.0.0
76 local = 127.128.0.0/255.192.0.0
77 '';
78 };
79
80}