nixos/tor: better support non-anonymous services

Tor requires ``SOCKSPort 0`` when non-anonymous hidden services are
enabled.  If the configuration doesn't enable Tor client features,
generate a configuration file that explicitly includes this disabling
to allow such non-anonymous hidden services to be created (note that
doing so still requires additional configuration).  See #48622.
This commit is contained in:
Jean-Paul Calderone 2018-10-17 08:56:59 -04:00
parent 7dea8e403e
commit 4a71e2942c

View File

@ -57,6 +57,11 @@ let
AutomapHostsSuffixes ${concatStringsSep "," cfg.client.dns.automapHostsSuffixes}
''}
''
# Explicitly disable the SOCKS server if the client is disabled. In
# particular, this makes non-anonymous hidden services possible.
+ optionalString (! cfg.client.enable) ''
SOCKSPort 0
''
# Relay config
+ optionalString cfg.relay.enable ''
ORPort ${toString cfg.relay.port}