87fb9f246b
Move 'enforceTor' and onion-service definitions from secure-node.nix. Use the onionServices module to define onion services. Onion services now automatically work for services that bind to an INADDR_ANY (`0.0.0.0`) address.
36 lines
948 B
Nix
36 lines
948 B
Nix
{ lib, ... }:
|
|
let
|
|
defaultTrue = lib.mkDefault true;
|
|
in {
|
|
services.tor = {
|
|
enable = true;
|
|
client.enable = true;
|
|
};
|
|
|
|
# Use Tor for all outgoing connections
|
|
services = {
|
|
bitcoind.enforceTor = true;
|
|
clightning.enforceTor = true;
|
|
lnd.enforceTor = true;
|
|
lightning-loop.enforceTor = true;
|
|
liquidd.enforceTor = true;
|
|
electrs.enforceTor = true;
|
|
# disable Tor enforcement until btcpayserver can fetch rates over Tor
|
|
# btcpayserver.enforceTor = true;
|
|
nbxplorer.enforceTor = true;
|
|
spark-wallet.enforceTor = true;
|
|
recurring-donations.enforceTor = true;
|
|
nix-bitcoin-webindex.enforceTor = true;
|
|
};
|
|
|
|
# Add onion services for incoming connections
|
|
nix-bitcoin.onionServices = {
|
|
bitcoind.enable = defaultTrue;
|
|
clightning.enable = defaultTrue;
|
|
lnd.enable = defaultTrue;
|
|
liquidd.enable = defaultTrue;
|
|
electrs.enable = defaultTrue;
|
|
btcpayserver.enable = defaultTrue;
|
|
};
|
|
}
|