greg/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lnd: only enable bitcoind zmqpub if lnd.enable

Browse Source 
In conjuction with secure-node.nix, this sets sane
RestrictAddressFamilies unless lnd is enabled. Before, we were
constantly exposing unnecessary Address Families, not just when lnd is
enabled.

However, zmqpub* must always be enabled for lnd, even when used
outside of secure-node.nix, so we make this change in the lnd module.
This commit is contained in:
nixbitcoin 2020-05-05 16:28:30 +02:00
parent 81a1c3f908
commit 423ebf862b
No known key found for this signature in database
GPG Key ID: DD11F9AD5308B3BA
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/lnd.nix
View File

@ -78,6 +78,12 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ cfg.package (hiPrio cfg.cli) ]; environment.systemPackages = [ cfg.package (hiPrio cfg.cli) ];
services.bitcoind = {
zmqpubrawblock = "tcp://127.0.0.1:28332";
zmqpubrawtx = "tcp://127.0.0.1:28333";
};
systemd.services.lnd = { systemd.services.lnd = {
description = "Run LND"; description = "Run LND";
path = [ pkgs.nix-bitcoin.bitcoind ]; path = [ pkgs.nix-bitcoin.bitcoind ];

2
modules/presets/secure-node.nix
View File

@ -60,8 +60,6 @@ in {
proxy = cfg.tor.client.socksListenAddress; proxy = cfg.tor.client.socksListenAddress;
enforceTor = true; enforceTor = true;
port = 8333; port = 8333;
zmqpubrawblock = "tcp://127.0.0.1:28332";
zmqpubrawtx = "tcp://127.0.0.1:28333";
assumevalid = "00000000000000000000e5abc3a74fe27dc0ead9c70ea1deb456f11c15fd7bc6"; assumevalid = "00000000000000000000e5abc3a74fe27dc0ead9c70ea1deb456f11c15fd7bc6";
addnodes = [ "ecoc5q34tmbq54wl.onion" ]; addnodes = [ "ecoc5q34tmbq54wl.onion" ];
discover = false; discover = false;