nixos: torify: disable by default, add some documentation as of why

This `tsocks` wrapper leaks DNS requests to clearnet, meanwhile Tor comes with `torsocks` which doesn't. Previous commits to this file state that all of this still useful somehow. Assuming that it's true, at least let's not confuse users with two different tools and don't clash with the `tsocks` binary from nixpkgs by disabling this by default.
2024-12-28 14:22:50 +03:00 · 2017-03-11 18:04:08 +00:00 · 2017-03-11 18:04:08 +00:00 · a04782581a
commit a04782581a
parent 6d25f77a64
1 changed files with 12 additions and 4 deletions
--- a/nixos/modules/services/security/torify.nix
+++ b/nixos/modules/services/security/torify.nix
@ -19,15 +19,23 @@ in
 {

  ###### interface
-  
+
  options = {
-  
+
    services.tor.tsocks = {

      enable = mkOption {
-        default = cfg.enable && cfg.client.enable;
+        default = false;
        description = ''
-          Whether to build tsocks wrapper script to relay application traffic via TOR.
+          Whether to build tsocks wrapper script to relay application traffic via Tor.
+
+          <important>
+            <para>You shouldn't use this unless you know what you're
+            doing because your installation of Tor already comes with
+            its own superior (doesn't leak DNS queries)
+            <literal>torsocks</literal> wrapper which does pretty much
+            exactly the same thing as this.</para>
+          </important>
        '';
      };