From e784e0ceb8db51177bf1da38478d6d4c026eb245 Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Wed, 1 Nov 2023 18:21:36 +0100
Subject: [PATCH] presets/wireguard: make compatible with `secure-node` preset

Disable Tor enforcement set by the secure-node preset.
---
 modules/presets/wireguard.nix | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/modules/presets/wireguard.nix b/modules/presets/wireguard.nix
index 6121ba0..ccf64fe 100644
--- a/modules/presets/wireguard.nix
+++ b/modules/presets/wireguard.nix
@@ -183,8 +183,14 @@ in {
 
     # Listen on all addresses, including `serverAddress`.
     # This is safe because the listen ports are secured by the firewall.
-    services.lnd.restAddress = mkIf lndconnect "0.0.0.0";
-    # clightning-rest always listens on "0.0.0.0"
+    services.lnd = mkIf lndconnect {
+      restAddress = "0.0.0.0";
+      tor.enforce = false;
+    };
+    services.clightning-rest = mkIf lndconnect-clightning {
+      # clightning-rest always listens on "0.0.0.0"
+      tor.enforce = false;
+    };
 
     nix-bitcoin.secrets = {
       wg-server-private-key = {};