office: simple-scan: install
[julm/julm-nix.git] / hosts / oignon / networking.nix
index 5968687eeae51386046bd4c1e0f1383a7438464e..281efebcd54ad48965264fab8a740efa9bcbceaa 100644 (file)
   #networking.domain = "sourcephile.fr";
   networking.useDHCP = false;
 
+  services.tor = {
+    settings = {
+      HashedControlPassword = lib.readFile tor/HashedControlPassword.clear;
+      # https://metrics.torproject.org/rs.html#search/flag:exit%20country:be%20running:true
+      # https://nusenu.github.io/OrNetStats/w/relay/58B81035FC28AACA8F0E85E46C8EBAD7FCFA8404.html
+      MapAddress = [
+        "*.gcp.cloud.es.io *.gcp.cloud.es.io.58B81035FC28AACA8F0E85E46C8EBAD7FCFA8404.exit"
+        "*.redbee.live         *.redbee.live.58B81035FC28AACA8F0E85E46C8EBAD7FCFA8404.exit"
+        "*.rtbf.be                 *.rtbf.be.58B81035FC28AACA8F0E85E46C8EBAD7FCFA8404.exit"
+      ];
+      StrictNodes = true;
+    };
+  };
+
   networking.nftables.ruleset = lib.mkAfter ''
     table inet filter {
       chain input {
@@ -68,6 +82,7 @@
 
   environment.systemPackages = [
     pkgs.modem-manager-gui
+    #pkgs.tor-ctrl # Not packaged yet
   ];
 
   systemd.services.sshd.serviceConfig.LoadCredentialEncrypted = [