add presets/bitcoind-remote.nix
This simplifies integrating a remote bitcoind instance and makes `bitcoin-cli` work with the remote node. Add note regarding `whitelistedPort` to docs.
This commit is contained in:
parent
5915a34891
commit
6b539627ee
@ -181,9 +181,26 @@ Some services require extra steps:
|
|||||||
Use a bitcoind instance running on another node within a nix-bitcoin config.
|
Use a bitcoind instance running on another node within a nix-bitcoin config.
|
||||||
|
|
||||||
```nix
|
```nix
|
||||||
|
imports = [ <nix-bitcoin/modules/presets/bitcoind-remote.nix> ];
|
||||||
|
|
||||||
services.bitcoind = {
|
services.bitcoind = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
# Address of the other node
|
# Address of the other node
|
||||||
address = "10.10.0.2";
|
address = "10.10.0.2";
|
||||||
|
rpc.address = "10.10.0.2";
|
||||||
|
|
||||||
|
# Some nix-bitcoin services require whitelisted bitcoind p2p connections
|
||||||
|
# to work reliably.
|
||||||
|
# Search for `whitelistedPort` in this repo to see the affected services.
|
||||||
|
# If you're using one of these services, either add a whitelisted p2p port
|
||||||
|
# on your remote node via `whitebind` and set it here:
|
||||||
|
whitelistedPort = <remote whitebind RPC port>;
|
||||||
|
#
|
||||||
|
# Or use the default p2p port and add `whitelist=<address of this node>` to
|
||||||
|
# your remote bitcoind config:
|
||||||
|
whitelistedPort = config.services.bitcoind.port;
|
||||||
|
|
||||||
rpc.users = let
|
rpc.users = let
|
||||||
# The fully privileged bitcoind RPC username of the other node
|
# The fully privileged bitcoind RPC username of the other node
|
||||||
name = "myrpcuser";
|
name = "myrpcuser";
|
||||||
@ -196,8 +213,6 @@ services.bitcoind = {
|
|||||||
# joinmarket-ob-watcher.name = name;
|
# joinmarket-ob-watcher.name = name;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
# Disable the local bitcoind service
|
|
||||||
systemd.services.bitcoind.wantedBy = mkForce [];
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Now save the password of the RPC user to the following files on your nix-bitcoin node:
|
Now save the password of the RPC user to the following files on your nix-bitcoin node:
|
||||||
@ -211,6 +226,8 @@ $secretsDir/bitcoin-rpcpassword-public
|
|||||||
```
|
```
|
||||||
See: [Secrets dir](#secrets-dir)
|
See: [Secrets dir](#secrets-dir)
|
||||||
|
|
||||||
|
Restart `bitcoind` after updating the secrets: `systemctl restart bitcoind`.
|
||||||
|
|
||||||
# Temporarily disable a service
|
# Temporarily disable a service
|
||||||
|
|
||||||
Sometimes you might want to disable a service without removing the service user and
|
Sometimes you might want to disable a service without removing the service user and
|
||||||
|
25
modules/presets/bitcoind-remote.nix
Normal file
25
modules/presets/bitcoind-remote.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.bitcoind;
|
||||||
|
secretsDir = config.nix-bitcoin.secretsDir;
|
||||||
|
in {
|
||||||
|
services.bitcoind = {
|
||||||
|
# Make the local bitcoin-cli work with the remote node
|
||||||
|
extraConfig = ''
|
||||||
|
rpcuser=${cfg.rpc.users.privileged.name}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.bitcoind = {
|
||||||
|
preStart = lib.mkAfter ''
|
||||||
|
echo "rpcpassword=$(cat ${secretsDir}/bitcoin-rpcpassword-privileged)" >> '${cfg.dataDir}'/bitcoin.conf
|
||||||
|
'';
|
||||||
|
postStart = lib.mkForce "";
|
||||||
|
serviceConfig = {
|
||||||
|
Type = lib.mkForce "oneshot";
|
||||||
|
ExecStart = lib.mkForce "${pkgs.coreutils}/bin/true";
|
||||||
|
RemainAfterExit = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user