greg
/
nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

extract 'mkHiddenService' 

toPort equals port by default.
This commit is contained in:
Erik Arvstedt 2020-04-07 22:47:37 +02:00
parent 89d3d58850
commit e16ddc9c77
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
1 changed files with 12 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
modules/presets/secure-node.nix
View File

@ -3,6 +3,11 @@
with lib; with lib;
let let
mkHiddenService = map: {
map = [ map ];
version = 3;
};
operatorCopySSH = pkgs.writeText "operator-copy-ssh.sh" '' operatorCopySSH = pkgs.writeText "operator-copy-ssh.sh" ''
mkdir -p ${config.users.users.operator.home}/.ssh mkdir -p ${config.users.users.operator.home}/.ssh
if [ -e "${config.users.users.root.home}/.vbox-nixops-client-key" ]; then if [ -e "${config.users.users.root.home}/.vbox-nixops-client-key" ]; then
@ -29,10 +34,7 @@ in {
# LND uses ControlPort to create onion services # LND uses ControlPort to create onion services
controlPort = mkIf config.services.lnd.enable 9051; controlPort = mkIf config.services.lnd.enable 9051;
hiddenServices.sshd = { hiddenServices.sshd = mkHiddenService { port = 22; };
map = [ { port = 22; } ];
version = 3;
};
}; };
# bitcoind # bitcoind
@ -53,12 +55,7 @@ in {
prune = 0; prune = 0;
dbCache = 1000; dbCache = 1000;
}; };
services.tor.hiddenServices.bitcoind = { services.tor.hiddenServices.bitcoind = mkHiddenService { port = config.services.bitcoind.port; };
map = [{
port = config.services.bitcoind.port;
}];
version = 3;
};
# clightning # clightning
services.clightning = { services.clightning = {
@ -68,12 +65,7 @@ in {
always-use-proxy = true; always-use-proxy = true;
bind-addr = "127.0.0.1:9735"; bind-addr = "127.0.0.1:9735";
}; };
services.tor.hiddenServices.clightning = { services.tor.hiddenServices.clightning = mkHiddenService { port = 9735; };
map = [{
port = 9735; toPort = 9735;
}];
version = 3;
};
# lnd # lnd
services.lnd.enforceTor = true; services.lnd.enforceTor = true;
@ -128,12 +120,7 @@ in {
enforceTor = true; enforceTor = true;
port = 7042; port = 7042;
}; };
services.tor.hiddenServices.liquidd = { services.tor.hiddenServices.liquidd = mkHiddenService { port = config.services.liquidd.port; };
map = [{
port = config.services.liquidd.port; toPort = config.services.liquidd.port;
}];
version = 3;
};
services.spark-wallet.onion-service = true; services.spark-wallet.onion-service = true;
@ -144,11 +131,9 @@ in {
TLSProxy.enable = true; TLSProxy.enable = true;
TLSProxy.port = 50003; TLSProxy.port = 50003;
}; };
services.tor.hiddenServices.electrs = { services.tor.hiddenServices.electrs = mkHiddenService {
map = [{ port = config.services.electrs.onionport;
port = config.services.electrs.onionport; toPort = config.services.electrs.TLSProxy.port; toPort = config.services.electrs.TLSProxy.port;
}];
version = 3;
}; };
environment.systemPackages = with pkgs; with nix-bitcoin; let environment.systemPackages = with pkgs; with nix-bitcoin; let