2017-12-08 13:40:02 +01:00
|
|
|
{ pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
let
|
|
|
|
|
name = "bgt_cyberwar_hidden_service";
|
|
|
|
|
srvdir = "/var/lib/tor/onion/";
|
|
|
|
|
in
|
2023-07-02 16:14:25 +02:00
|
|
|
{
|
2023-10-02 01:07:30 +02:00
|
|
|
sops.secrets."${name}-private_key" = {
|
2023-07-02 16:14:25 +02:00
|
|
|
path = "${srvdir}/${name}/private_key";
|
|
|
|
|
owner = "tor";
|
|
|
|
|
restartUnits = [ "tor.service" ];
|
2017-12-08 13:40:02 +01:00
|
|
|
};
|
2023-10-02 01:07:30 +02:00
|
|
|
sops.secrets."${name}-hostname" = {
|
2023-07-02 16:14:25 +02:00
|
|
|
path = "${srvdir}/${name}/hostname";
|
|
|
|
|
owner = "tor";
|
|
|
|
|
restartUnits = [ "tor.service" ];
|
|
|
|
|
};
|
|
|
|
|
services.nginx.virtualHosts."cyberwar62fmmhe4.onion".locations."/" = {
|
2017-12-08 13:40:02 +01:00
|
|
|
proxyPass = "https://blog.binaergewitter.de";
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
proxy_set_header Host blog.binaergewitter.de;
|
|
|
|
|
proxy_ssl_server_name on;
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
services.tor = {
|
|
|
|
|
enable = true;
|
|
|
|
|
hiddenServices."${name}".map = [
|
2021-06-05 15:52:06 +02:00
|
|
|
{ port = 80; }
|
|
|
|
|
# { port = 443; toHost = "blog.binaergewitter.de"; }
|
2017-12-08 13:40:02 +01:00
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
}
|
