From d6296acabafdca807dcc10a9bdf71ecb7388988e Mon Sep 17 00:00:00 2001
From: nixbitcoin <nixbitcoin@i2pmail.org>
Date: Fri, 29 May 2020 11:13:50 +0000
Subject: [PATCH] electrs: add netns

- Adds electrs to netns-isolation.services
- Adds daemonrpc option and specifies address option to allow using
  electrs with network namespaces
- Adds host option (defaults to localhost) as target of hidden service
---
 modules/electrs.nix             | 18 +++++++++++++++++-
 modules/netns-isolation.nix     | 12 ++++++++++++
 modules/presets/secure-node.nix |  1 +
 3 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/modules/electrs.nix b/modules/electrs.nix
index 13b886a..a8773a6 100644
--- a/modules/electrs.nix
+++ b/modules/electrs.nix
@@ -17,6 +17,14 @@ in {
       default = "/var/lib/electrs";
       description = "The data directory for electrs.";
     };
+    # Needed until electrs tls proxy is removed
+    host = mkOption {
+      type = types.str;
+      default = "localhost";
+      description = ''
+        The host on which incoming connections arrive.
+      '';
+    };
     user = mkOption {
       type = types.str;
       default = "electrs";
@@ -44,6 +52,13 @@ in {
       default = 50001;
       description = "RPC port.";
     };
+    daemonrpc = mkOption {
+      type = types.str;
+      default = "127.0.0.1:8332";
+      description = ''
+        Bitcoin daemon JSONRPC 'addr:port' to connect
+      '';
+    };
     extraArgs = mkOption {
       type = types.separatedString " ";
       default = "";
@@ -97,7 +112,8 @@ in {
               "--jsonrpc-import --index-batch-size=10"
           } \
           --db-dir '${cfg.dataDir}' --daemon-dir '${config.services.bitcoind.dataDir}' \
-          --electrum-rpc-addr=${toString cfg.address}:${toString cfg.port} ${cfg.extraArgs}
+          --electrum-rpc-addr=${toString cfg.address}:${toString cfg.port} \
+          --daemon-rpc-addr=${toString cfg.daemonrpc} ${cfg.extraArgs}
         '';
         User = cfg.user;
         Group = cfg.group;
diff --git a/modules/netns-isolation.nix b/modules/netns-isolation.nix
index 73989d0..1716c7c 100644
--- a/modules/netns-isolation.nix
+++ b/modules/netns-isolation.nix
@@ -100,6 +100,11 @@ in {
           id = 15;
           connections = [ "bitcoind" ];
         };
+        electrs = {
+          id = 16;
+          connections = [ "bitcoind" ]
+          ++ ( optionals config.services.electrs.TLSProxy.enable [ "nginx" ]);
+        };
       };
 
       systemd.services = {
@@ -240,6 +245,13 @@ in {
         '';
       };
 
+      # electrs: Custom netns configs
+      services.electrs = mkIf config.services.electrs.enable {
+        host =  if config.services.electrs.TLSProxy.enable then netns.nginx.address else netns.electrs.address;
+        address = netns.electrs.address;
+        daemonrpc = "${netns.bitcoind.address}:${toString config.services.bitcoind.rpc.port}";
+      };
+
     })
     # Custom netns config option values if netns-isolation not enabled
     (mkIf (!cfg.enable) {
diff --git a/modules/presets/secure-node.nix b/modules/presets/secure-node.nix
index 64a7db0..d3fcf08 100644
--- a/modules/presets/secure-node.nix
+++ b/modules/presets/secure-node.nix
@@ -119,6 +119,7 @@ in {
     services.tor.hiddenServices.electrs = mkHiddenService {
       port = cfg.electrs.onionport;
       toPort = if cfg.electrs.TLSProxy.enable then cfg.electrs.TLSProxy.port else cfg.electrs.port;
+      toHost = cfg.electrs.host;
     };
 
     services.spark-wallet.onion-service = true;