Merge fort-nix/nix-bitcoin#498: clightning/lnd: allow connections to remote bitcoind in systemd service

8cac828534 doc: remote-bitcoind: allowing external connections when tor.enforce is active (Otto Sabart) Pull request description: ACKs for top commit: jonasnick: ACK 8cac828534 Tree-SHA512: b2a8739911f96c76515838820a2ffc2f773cb68e5216f4a3d135c79aada7fa0a1f02e3de67ef7fe5833614cdae58e92d2ea39ae1fcfda25e50eb9da3402ab31a
2022-07-17 19:42:02 +00:00 · 2022-07-17 19:42:02 +00:00 · 0c4a7177e0
parent 90249d9cc4 8cac828534
commit 0c4a7177e0
1 changed files with 15 additions and 0 deletions
--- a/docs/configuration.md
+++ b/docs/configuration.md
@ -214,6 +214,21 @@ services.bitcoind = {
 };
 ```

+If a `secure-node.nix` or `tor-enable.nix` preset is imported in your
+configuration or a `tor.enforce` option is explicitly enabled, you also need to
+allow remote connections for **every** service which needs to connect to the
+remote bitcoind:
+
+```
+systemd.services.<service>.serviceConfig = {
+  IPAddressAllow = [ ${services.bitcoind.rpc.address} ];
+};
+```
+
+> Please note that configuration above applies only if the remote bitcoind **is
+> not** accessed via Tor.
+
+
 Now save the password of the RPC user to the following files on your nix-bitcoin node:
 ```shell
 $secretsDir/bitcoin-rpcpassword-privileged