Allow agents in the field to safely SSH to turing

author: Johannes Christ <[email protected]> 2025-04-26 21:42:23 +0200
committer: Johannes Christ <[email protected]> 2025-04-26 21:42:23 +0200
commit: 3a14afe8fbda781afef2f4d2eb1057ccb3400d3a (patch)
tree: 6cf585e56ae32dfe428e5446a52d596f9e7e5a61
parent: Deploy PostgreSQL & add unattended upgrades (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/guix/turing.scm b/guix/turing.scm
index dee488d..6bf36cb 100644
--- a/guix/turing.scm
+++ b/guix/turing.scm
@@ -40,6 +40,12 @@
 (define (guix-archive-key name)
   (file-from-cwd (string-append "/guix-acl-keys/" name ".pub")))
 
+(define %hidden-service-turing
+    (simple-service 'hidden-service-turing tor-service-type
+                    (list (tor-onion-service-configuration
+                            (name "turing")
+                            (mapping '((22 "127.0.0.1:22")))))))
+
 (define %services
   (append (list (service openssh-service-type
                    (openssh-configuration
@@ -53,6 +59,8 @@
                 (service postgresql-service-type
                          (postgresql-configuration
                            (postgresql postgresql-16)))
+                (service tor-service-type)
+                %hidden-service-turing
                 (service unattended-upgrade-service-type)
                 (simple-service 'resolv-conf etc-service-type
                                 (list `("resolv.conf" ,(plain-file
author	Johannes Christ <[email protected]>	2025-04-26 21:42:23 +0200
committer	Johannes Christ <[email protected]>	2025-04-26 21:42:23 +0200
commit	3a14afe8fbda781afef2f4d2eb1057ccb3400d3a (patch)
tree	6cf585e56ae32dfe428e5446a52d596f9e7e5a61
parent	Deploy PostgreSQL & add unattended upgrades (diff)