From 39f16c0b4aab844b183ee4c97acebf95eb2fe1c0 Mon Sep 17 00:00:00 2001 From: Erik Arvstedt Date: Thu, 14 Jan 2021 13:24:07 +0100 Subject: [PATCH] liquidd: add consistent address options --- modules/liquid.nix | 54 ++++++++++++++------------------- modules/netns-isolation.nix | 4 +-- modules/presets/secure-node.nix | 3 +- 3 files changed, 26 insertions(+), 35 deletions(-) diff --git a/modules/liquid.nix b/modules/liquid.nix index 954b006..354e179 100644 --- a/modules/liquid.nix +++ b/modules/liquid.nix @@ -16,19 +16,19 @@ let ${optionalString (cfg.validatepegin != null) "validatepegin=${if cfg.validatepegin then "1" else "0"}"} # Connection options - ${optionalString cfg.listen "bind=${cfg.bind}"} - ${optionalString (cfg.port != null) "port=${toString cfg.port}"} + ${optionalString cfg.listen "bind=${cfg.address}"} + port=${toString cfg.port} ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} listen=${if cfg.listen then "1" else "0"} # RPC server options - ${optionalString (cfg.rpc.port != null) "rpcport=${toString cfg.rpc.port}"} + rpcport=${toString cfg.rpc.port} ${concatMapStringsSep "\n" (rpcUser: "rpcauth=${rpcUser.name}:${rpcUser.passwordHMAC}") (attrValues cfg.rpc.users) } - rpcbind=${cfg.rpcbind} - rpcconnect=${cfg.rpcbind} + rpcbind=${cfg.rpc.address} + rpcconnect=${cfg.rpc.address} ${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpcallowip} ${optionalString (cfg.rpcuser != null) "rpcuser=${cfg.rpcuser}"} ${optionalString (cfg.rpcpassword != null) "rpcpassword=${cfg.rpcpassword}"} @@ -71,7 +71,16 @@ in { services.liquidd = { enable = mkEnableOption "Liquid sidechain"; - + address = mkOption { + type = types.str; + default = "127.0.0.1"; + description = "Address to listen for peer connections."; + }; + port = mkOption { + type = types.port; + default = 7042; + description = "Override the default port on which to listen for connections."; + }; extraConfig = mkOption { type = types.lines; default = ""; @@ -88,14 +97,6 @@ in { default = "/var/lib/liquidd"; description = "The data directory for liquidd."; }; - bind = mkOption { - type = types.str; - default = "127.0.0.1"; - description = '' - Bind to given address and always listen on it. - ''; - }; - user = mkOption { type = types.str; default = "liquid"; @@ -106,12 +107,16 @@ in { default = cfg.user; description = "The group as which to run liquidd."; }; - rpc = { + address = mkOption { + type = types.str; + default = "127.0.0.1"; + description = "Address to listen for JSON-RPC connections."; + }; port = mkOption { - type = types.nullOr types.port; - default = null; - description = "Override the default port on which to listen for JSON-RPC connections."; + type = types.port; + default = 7041; + description = "Port to listen for JSON-RPC connections."; }; users = mkOption { default = {}; @@ -125,14 +130,6 @@ in { ''; }; }; - - rpcbind = mkOption { - type = types.str; - default = "127.0.0.1"; - description = '' - Bind to given address to listen for JSON-RPC connections. - ''; - }; rpcallowip = mkOption { type = types.listOf types.str; default = [ "127.0.0.1" ]; @@ -155,11 +152,6 @@ in { default = false; description = "Whether to use the test chain."; }; - port = mkOption { - type = types.nullOr types.port; - default = null; - description = "Override the default port on which to listen for connections."; - }; proxy = mkOption { type = types.nullOr types.str; default = if cfg.enforceTor then config.services.tor.client.socksListenAddress else null; diff --git a/modules/netns-isolation.nix b/modules/netns-isolation.nix index 529d745..e417fcc 100644 --- a/modules/netns-isolation.nix +++ b/modules/netns-isolation.nix @@ -263,8 +263,8 @@ in { }; services.liquidd = { - bind = netns.liquidd.address; - rpcbind = netns.liquidd.address; + address = netns.liquidd.address; + rpc.address = netns.liquidd.address; rpcallowip = [ bridgeIp # For operator user netns.liquidd.address diff --git a/modules/presets/secure-node.nix b/modules/presets/secure-node.nix index 6c0c95a..91f6122 100644 --- a/modules/presets/secure-node.nix +++ b/modules/presets/secure-node.nix @@ -86,9 +86,8 @@ in { validatepegin = true; listen = true; enforceTor = true; - port = 7042; }; - services.tor.hiddenServices.liquidd = mkIf cfg.liquidd.enable (mkHiddenService { port = cfg.liquidd.port; toHost = cfg.liquidd.bind; }); + services.tor.hiddenServices.liquidd = mkIf cfg.liquidd.enable (mkHiddenService { port = cfg.liquidd.port; toHost = cfg.liquidd.address; }); # electrs services.electrs = {