From a6ec22808c3cf893fdf07f08d0529aace9480664 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 29 May 2022 13:49:18 +0200
Subject: [PATCH] l: add tor-ssh.nix

---
 lass/2configs/default.nix |  1 +
 lass/2configs/tor-ssh.nix | 14 ++++++++++++++
 2 files changed, 15 insertions(+)
 create mode 100644 lass/2configs/tor-ssh.nix

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index f03d8b568..01a40952e 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -10,6 +10,7 @@ with import <stockholm/lib>;
     ./htop.nix
     <stockholm/krebs/2configs/security-workarounds.nix>
     ./wiregrill.nix
+    ./tor-ssh.nix
     {
       users.extraUsers =
         mapAttrs (_: h: { hashedPassword = h; })
diff --git a/lass/2configs/tor-ssh.nix b/lass/2configs/tor-ssh.nix
new file mode 100644
index 000000000..8b36733e2
--- /dev/null
+++ b/lass/2configs/tor-ssh.nix
@@ -0,0 +1,14 @@
+{
+  services.tor = {
+    enable = true;
+    relay.onionServices.ssh = {
+      version = 3;
+      map = [{
+        port = 22;
+        target.port = 22;
+      }];
+      secretKey = <secrets/ssh-tor.priv>;
+    };
+  };
+}
+