Radish alpha
r
radicle-infra
rad:z254T5p17bdFPmzfDojsdjo4HjpoZ
Radicle Infrastructure as Code (NixOS, OpenTofu, …)
Radicle
Git
.. cache.nix common.nix disk-config.nix kmscon.nix motd.nix nix.nix radicle-permissive.nix radicle-stats.nix radicle.nix sops.nix ssh.nix tor.nix users.nix
radicle-infra os mixin tor.nix 
{
  config,
  lib,
  ...
}: let
  secret = "tor/hs_ed25519_secret_key";
in {
  sops.secrets.${secret}.format = "binary";

  services.tor = {
    enable = true;
    client.enable = true;

    enableGeoIP = false;
    openFirewall = true;

    relay = {
      role = "private-bridge";
      onionServices = {
        "radicle" = {
          map = [
            {port = 8776;}
            {port = 58776;}
          ];
          secretKey = config.sops.secrets.${secret}.path;
        };
      };
    };

    settings = {
      Nickname = config.networking.hostName;
      ContactInfo = "team@${config.networking.domain}";
      ClientUseIPv6 = true;
      ORPort = 9001;
      DirPort = 9030;
    };
  };
}