diff --git a/docs/configuration.md b/docs/configuration.md
index 2f76578..4a64c57 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -181,9 +181,26 @@ Some services require extra steps:
 Use a bitcoind instance running on another node within a nix-bitcoin config.
 
 ```nix
+imports = [ <nix-bitcoin/modules/presets/bitcoind-remote.nix> ];
+
 services.bitcoind = {
+  enable = true;
+
   # Address of the other node
   address = "10.10.0.2";
+  rpc.address = "10.10.0.2";
+
+  # Some nix-bitcoin services require whitelisted bitcoind p2p connections
+  # to work reliably.
+  # Search for `whitelistedPort` in this repo to see the affected services.
+  # If you're using one of these services, either add a whitelisted p2p port
+  # on your remote node via `whitebind` and set it here:
+  whitelistedPort = <remote whitebind RPC port>;
+  #
+  # Or use the default p2p port and add `whitelist=<address of this node>` to
+  # your remote bitcoind config:
+  whitelistedPort = config.services.bitcoind.port;
+
   rpc.users = let
     # The fully privileged bitcoind RPC username of the other node
     name = "myrpcuser";
@@ -196,8 +213,6 @@ services.bitcoind = {
     # joinmarket-ob-watcher.name = name;
   };
 };
-# Disable the local bitcoind service
-systemd.services.bitcoind.wantedBy = mkForce [];
 ```
 
 Now save the password of the RPC user to the following files on your nix-bitcoin node:
@@ -211,6 +226,8 @@ $secretsDir/bitcoin-rpcpassword-public
 ```
 See: [Secrets dir](#secrets-dir)
 
+Restart `bitcoind` after updating the secrets: `systemctl restart bitcoind`.
+
 # Temporarily disable a service
 
 Sometimes you might want to disable a service without removing the service user and
diff --git a/modules/presets/bitcoind-remote.nix b/modules/presets/bitcoind-remote.nix
new file mode 100644
index 0000000..9c62125
--- /dev/null
+++ b/modules/presets/bitcoind-remote.nix
@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.services.bitcoind;
+  secretsDir = config.nix-bitcoin.secretsDir;
+in {
+  services.bitcoind = {
+    # Make the local bitcoin-cli work with the remote node
+    extraConfig = ''
+      rpcuser=${cfg.rpc.users.privileged.name}
+    '';
+  };
+
+  systemd.services.bitcoind = {
+    preStart = lib.mkAfter ''
+      echo "rpcpassword=$(cat ${secretsDir}/bitcoin-rpcpassword-privileged)" >> '${cfg.dataDir}'/bitcoin.conf
+    '';
+    postStart = lib.mkForce "";
+    serviceConfig = {
+      Type = lib.mkForce "oneshot";
+      ExecStart = lib.mkForce "${pkgs.coreutils}/bin/true";
+      RemainAfterExit = true;
+    };
+  };
+}