So there's no native support for tor in albyhub and Go’s default HTTP client (which Hub uses) apparently doesn’t understand the socks5h scheme in HTTP_PROXY/HTTPS_PROXY, so even if I set env vars like HTTPS_PROXY=socks5://127.0.0.1:9050 this is going to want to leak DNS. I'll have to do some testing to confirm this and then try to think of a workaround. All the other packages in nb seem to have native support for tor. I might need to open an issue upstream.

Author: bleetube

modules/albyhub.nix

@@ -354,6 +354,22 @@ in
         RestartSec = "10s";
         ReadWritePaths = [ cfg.dataDir ];
       } // nbLib.allowedIPAddresses cfg.tor.enforce;
+
+      # albyhub has no native tor support
+      environment = mkIf (cfg.tor.proxy) (let
+        proxy = config.nix-bitcoin.torClientAddressWithPort;
+        socks5h = "socks5h://${proxy}";
+      in {
+        # TODO: if this works at all, remove the ones we don't need
+        ALL_PROXY = socks5h;
+        HTTP_PROXY = socks5h;
+        HTTPS_PROXY = socks5h;
+        all_proxy = socks5h;
+        http_proxy = socks5h;
+        https_proxy = socks5h;
+        NO_PROXY = "127.0.0.1,::1,localhost";
+        no_proxy = "127.0.0.1,::1,localhost";
+      });
     };
 
     nix-bitcoin.secrets = {