diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix
index a75c827c534..2079ed544ae 100644
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@@ -25,6 +25,7 @@ with lib;
(mkRenamedOptionModule [ "services" "sslh" "host" ] [ "services" "sslh" "listenAddress" ])
(mkRenamedOptionModule [ "services" "statsd" "host" ] [ "services" "statsd" "listenAddress" ])
(mkRenamedOptionModule [ "services" "subsonic" "host" ] [ "services" "subsonic" "listenAddress" ])
+ (mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "relay" "port" ])
(mkRenamedOptionModule [ "jobs" ] [ "systemd" "services" ])
(mkRenamedOptionModule [ "services" "gitlab" "stateDir" ] [ "services" "gitlab" "statePath" ])
diff --git a/nixos/modules/services/security/tor.nix b/nixos/modules/services/security/tor.nix
index c2851b1dd60..04b065f6ae4 100644
--- a/nixos/modules/services/security/tor.nix
+++ b/nixos/modules/services/security/tor.nix
@@ -17,7 +17,7 @@ let
GeoIPv6File ${pkgs.tor.geoip}/share/tor/geoip6
''}
- ${optint "ControlPort" cfg.controlPort}
+ ${optint "ControlPort" (toString cfg.controlPort)}
''
# Client connection config
+ optionalString cfg.client.enable ''
@@ -27,7 +27,7 @@ let
''
# Relay config
+ optionalString cfg.relay.enable ''
- ORPort ${cfg.relay.portSpec}
+ ORPort ${toString cfg.relay.port}
${opt "Address" cfg.relay.address}
${opt "Nickname" cfg.relay.nickname}
${opt "ContactInfo" cfg.relay.contactInfo}
@@ -56,7 +56,7 @@ let
+ concatStrings (flip mapAttrsToList cfg.hiddenServices (n: v: ''
HiddenServiceDir ${torDirectory}/onion/${v.name}
${flip concatMapStrings v.map (p: ''
- HiddenServicePort ${p.port} ${p.destination}
+ HiddenServicePort ${toString p.port} ${p.destination}
'')}
''))
+ cfg.extraConfig;
@@ -98,7 +98,7 @@ in
};
controlPort = mkOption {
- type = types.nullOr types.int;
+ type = types.nullOr (types.either types.int types.str);
default = null;
example = 9051;
description = ''
@@ -185,7 +185,7 @@ in
Setting this to true requires setting
and
-
+
options.
'';
};
@@ -307,10 +307,10 @@ in
Switching to this role after measurable time in
- "bridge" role is pretty useless as some Tor users would have
- learned about your node already.
- In the latter case you can still change
- option.
+ "bridge" role is pretty useless as some Tor users
+ would have learned about your node already. In the
+ latter case you can still change
+ option.
@@ -403,9 +403,9 @@ in
'';
};
- portSpec = mkOption {
- type = types.str;
- example = "143";
+ port = mkOption {
+ type = types.either types.int types.str;
+ example = 143;
description = ''
What port to advertise for Tor connections. This corresponds to the
ORPort section in the Tor manual; see
@@ -477,8 +477,8 @@ in
default = {};
example = literalExample ''
{ "my-hidden-service-example".map = [
- { port = "22"; } # map ssh port to this machine's ssh
- { port = "80"; toPort = "8080"; } # map http port to whatever runs on 8080
+ { port = 22; } # map ssh port to this machine's ssh
+ { port = 80; toPort = 8080; } # map http port to whatever runs on 8080
{ port = "sip"; toHost = "mail.example.com"; toPort = "imap"; } # because we can
];
}
@@ -506,8 +506,8 @@ in
options = {
port = mkOption {
- type = types.str;
- example = "80";
+ type = types.either types.int types.str;
+ example = 80;
description = ''
Hidden service port to "bind to".
'';
@@ -526,8 +526,8 @@ in
};
toPort = mkOption {
- type = types.str;
- example = "8080";
+ type = types.either types.int types.str;
+ example = 8080;
description = "Mapping destination port.";
};
@@ -535,7 +535,7 @@ in
config = {
toPort = mkDefault config.port;
- destination = mkDefault "${config.toHost}:${config.toPort}";
+ destination = mkDefault "${config.toHost}:${toString config.toPort}";
};
}));
};