1 files changed, 17 insertions, 7 deletions

diff --git a/nixpkgs/nixos/modules/services/security/tor.nix b/nixpkgs/nixos/modules/services/security/tor.nix
index 18c105b2f57..38dc378887a 100644
--- a/nixpkgs/nixos/modules/services/security/tor.nix
+++ b/nixpkgs/nixos/modules/services/security/tor.nix
@@ -34,8 +34,8 @@ let
     User tor
     DataDirectory ${torDirectory}
     ${optionalString cfg.enableGeoIP ''
-      GeoIPFile ${pkgs.tor.geoip}/share/tor/geoip
-      GeoIPv6File ${pkgs.tor.geoip}/share/tor/geoip6
+      GeoIPFile ${cfg.package.geoip}/share/tor/geoip
+      GeoIPv6File ${cfg.package.geoip}/share/tor/geoip6
     ''}
 
     ${optint "ControlPort" cfg.controlPort}
@@ -123,6 +123,16 @@ in
         '';
       };
 
+      package = mkOption {
+        type = types.package;
+        default = pkgs.tor;
+        defaultText = "pkgs.tor";
+        example = literalExample "pkgs.tor";
+        description = ''
+          Tor package to use
+        '';
+      };
+
       enableGeoIP = mkOption {
         type = types.bool;
         default = true;
@@ -159,7 +169,7 @@ in
           type = types.bool;
           default = false;
           description = ''
-            Wheter to enable Tor control socket. Control socket is created
+            Whether to enable Tor control socket. Control socket is created
             in <literal>${torRunDirectory}/control</literal>
           '';
         };
@@ -597,7 +607,7 @@ in
             ];
           }
         '';
-        type = types.loaOf (types.submodule ({name, ...}: {
+        type = types.attrsOf (types.submodule ({name, ...}: {
           options = {
 
              name = mkOption {
@@ -749,8 +759,8 @@ in
         serviceConfig =
           { Type         = "simple";
             # Translated from the upstream contrib/dist/tor.service.in
-            ExecStartPre = "${pkgs.tor}/bin/tor -f ${torRcFile} --verify-config";
-            ExecStart    = "${pkgs.tor}/bin/tor -f ${torRcFile}";
+            ExecStartPre = "${cfg.package}/bin/tor -f ${torRcFile} --verify-config";
+            ExecStart    = "${cfg.package}/bin/tor -f ${torRcFile}";
             ExecReload   = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
             KillSignal   = "SIGINT";
             TimeoutSec   = 30;
@@ -773,7 +783,7 @@ in
           };
       };
 
-    environment.systemPackages = [ pkgs.tor ];
+    environment.systemPackages = [ cfg.package ];
 
     services.privoxy = mkIf (cfg.client.enable && cfg.client.privoxy.enable) {
       enable = true;