bitcoind: add consistent address options

modules/bitcoind.nix

@@ -22,16 +22,18 @@ let
     ${optionalString (cfg.assumevalid != null) "assumevalid=${cfg.assumevalid}"}
 
     # Connection options
-    ${optionalString cfg.listen "bind=${cfg.bind}"}
-    ${optionalString (cfg.port != null) "port=${toString cfg.port}"}
+    ${optionalString cfg.listen "bind=${cfg.address}"}
+    port=${toString cfg.port}
     ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"}
     listen=${if cfg.listen then "1" else "0"}
     ${optionalString (cfg.discover != null) "discover=${if cfg.discover then "1" else "0"}"}
     ${lib.concatMapStrings (node: "addnode=${node}\n") cfg.addnodes}
 
     # RPC server options
-    ${optionalString (cfg.rpcthreads != null) "rpcthreads=${toString cfg.rpcthreads}"}
+    rpcbind=${cfg.rpc.address}
     rpcport=${toString cfg.rpc.port}
+    rpcconnect=${cfg.rpc.address}
+    ${optionalString (cfg.rpc.threads != null) "rpcthreads=${toString cfg.rpcthreads}"}
     rpcwhitelistdefault=0
     ${concatMapStrings (user: ''
         ${optionalString (!user.passwordHMACFromFile) "rpcauth=${user.name}:${passwordHMAC}"}
@@ -39,8 +41,6 @@ let
           "rpcwhitelist=${user.name}:${lib.strings.concatStringsSep "," user.rpcwhitelist}"}
       '') (builtins.attrValues cfg.rpc.users)
     }
-    rpcbind=${cfg.rpcbind}
-    rpcconnect=${cfg.rpcbind}
     ${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpcallowip}
 
     # Wallet options
@@ -57,6 +57,16 @@ in {
   options = {
     services.bitcoind = {
       enable = mkEnableOption "Bitcoin daemon";
+      address = mkOption {
+        type = types.str;
+        default = "127.0.0.1";
+        description = "Address to listen for peer connections.";
+      };
+      port = mkOption {
+        type = types.port;
+        default = 8333;
+        description = "Port to listen for peer connections.";
+      };
       package = mkOption {
         type = types.package;
         default = config.nix-bitcoin.pkgs.bitcoind;
@@ -77,13 +87,6 @@ in {
         default = "/var/lib/bitcoind";
         description = "The data directory for bitcoind.";
       };
-      bind = mkOption {
-        type = types.str;
-        default = "127.0.0.1";
-        description = ''
-          Bind to given address and always listen on it.
-        '';
-      };
       user = mkOption {
         type = types.str;
         default = "bitcoin";
@@ -95,10 +98,17 @@ in {
         description = "The group as which to run bitcoind.";
       };
       rpc = {
+        address = mkOption {
+          type = types.str;
+          default = "127.0.0.1";
+          description = ''
+            Address to listen for JSON-RPC connections.
+          '';
+        };
         port = mkOption {
           type = types.port;
           default = 8332;
-          description = "Port on which to listen for JSON-RPC connections.";
+          description = "Port to listen for JSON-RPC connections.";
         };
         users = mkOption {
           default = {};
@@ -149,13 +159,6 @@ in {
         default = null;
         description = "Set the number of threads to service RPC calls";
       };
-      rpcbind = mkOption {
-        type = types.str;
-        default = "127.0.0.1";
-        description = ''
-          Bind to given address to listen for JSON-RPC connections.
-        '';
-      };
       rpcallowip = mkOption {
         type = types.listOf types.str;
         default = [ "127.0.0.1" ];
@@ -176,11 +179,6 @@ in {
         readOnly = true;
         default = mainnet: regtest: if cfg.regtest then regtest else mainnet;
       };
-      port = mkOption {
-        type = types.nullOr types.port;
-        default = null;
-        description = "Override the default port on which to listen for connections.";
-      };
       proxy = mkOption {
         type = types.nullOr types.str;
         default = if cfg.enforceTor then config.services.tor.client.socksListenAddress else null;

modules/btcpayserver.nix

@@ -117,8 +117,8 @@ in {
       configFile = builtins.toFile "config" ''
         network=${config.services.bitcoind.network}
         btcrpcuser=${cfg.bitcoind.rpc.users.btcpayserver.name}
-        btcrpcurl=http://${config.services.bitcoind.rpcbind}:${toString cfg.bitcoind.rpc.port}
-        btcnodeendpoint=${config.services.bitcoind.bind}:8333
+        btcrpcurl=http://${config.services.bitcoind.rpc.address}:${toString cfg.bitcoind.rpc.port}
+        btcnodeendpoint=${config.services.bitcoind.address}:${toString config.services.bitcoind.port}
         bind=${cfg.nbxplorer.bind}
         port=${toString cfg.nbxplorer.port}
       '';

modules/clightning.nix

@@ -14,7 +14,7 @@ let
     ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"}
     always-use-proxy=${if cfg.always-use-proxy then "true" else "false"}
     bind-addr=${cfg.bind-addr}:${toString cfg.bindport}
-    bitcoin-rpcconnect=${config.services.bitcoind.rpcbind}
+    bitcoin-rpcconnect=${config.services.bitcoind.rpc.address}
     bitcoin-rpcport=${toString config.services.bitcoind.rpc.port}
     bitcoin-rpcuser=${config.services.bitcoind.rpc.users.public.name}
     rpc-file-mode=0660

modules/electrs.nix

@@ -95,7 +95,7 @@ in {
           --daemon-dir='${bitcoind.dataDir}' \
           --electrum-rpc-addr=${cfg.address}:${toString cfg.port} \
           --monitoring-addr=${cfg.address}:${toString cfg.monitoringPort} \
-          --daemon-rpc-addr=${bitcoind.rpcbind}:${toString bitcoind.rpc.port} \
+          --daemon-rpc-addr=${bitcoind.rpc.address}:${toString bitcoind.rpc.port} \
           ${cfg.extraArgs}
         '';
         User = cfg.user;

modules/joinmarket.nix

@@ -21,7 +21,7 @@ let
     [BLOCKCHAIN]
     blockchain_source = bitcoin-rpc
     network = ${bitcoind.network}
-    rpc_host = ${bitcoind.rpcbind}
+    rpc_host = ${bitcoind.rpc.address}
     rpc_port = ${toString bitcoind.rpc.port}
     rpc_user = ${bitcoind.rpc.users.privileged.name}
     @@RPC_PASSWORD@@

modules/liquid.nix

@@ -32,7 +32,7 @@ let
     ${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpcallowip}
     ${optionalString (cfg.rpcuser != null) "rpcuser=${cfg.rpcuser}"}
     ${optionalString (cfg.rpcpassword != null) "rpcpassword=${cfg.rpcpassword}"}
-    mainchainrpchost=${config.services.bitcoind.rpcbind}
+    mainchainrpchost=${config.services.bitcoind.rpc.address}
     mainchainrpcport=${toString config.services.bitcoind.rpc.port}
     mainchainrpcuser=${config.services.bitcoind.rpc.users.public.name}
 

modules/lnd.nix

@@ -8,7 +8,7 @@ let
   secretsDir = config.nix-bitcoin.secretsDir;
 
   bitcoind = config.services.bitcoind;
-  bitcoindRpcAddress = bitcoind.rpcbind;
+  bitcoindRpcAddress = bitcoind.rpc.address;
   onion-chef-service = (if cfg.announce-tor then [ "onion-chef.service" ] else []);
   networkDir = "${cfg.dataDir}/chain/bitcoin/${bitcoind.network}";
   configFile = pkgs.writeText "lnd.conf" ''

modules/netns-isolation.nix

@@ -245,8 +245,8 @@ in {
     };
 
     services.bitcoind = {
-      bind = netns.bitcoind.address;
-      rpcbind = netns.bitcoind.address;
+      address = netns.bitcoind.address;
+      rpc.address = netns.bitcoind.address;
       rpcallowip = [
         bridgeIp # For operator user
         netns.bitcoind.address

modules/presets/secure-node.nix

@@ -53,7 +53,6 @@ in {
       listen = true;
       dataDirReadableByGroup = mkIf cfg.electrs.high-memory true;
       enforceTor = true;
-      port = 8333;
       assumevalid = "00000000000000000000e5abc3a74fe27dc0ead9c70ea1deb456f11c15fd7bc6";
       addnodes = [ "ecoc5q34tmbq54wl.onion" ];
       discover = false;
@@ -63,7 +62,7 @@ in {
       # under high bitcoind rpc load
       rpcthreads = 16;
     };
-    services.tor.hiddenServices.bitcoind = mkHiddenService { port = cfg.bitcoind.port; toHost = cfg.bitcoind.bind; };
+    services.tor.hiddenServices.bitcoind = mkHiddenService { port = cfg.bitcoind.port; toHost = cfg.bitcoind.address; };
 
     # clightning
     services.clightning.enforceTor = true;