greg/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

liquidd: add consistent address options

Browse Source
This commit is contained in:
Erik Arvstedt 2021-01-14 13:24:07 +01:00
parent b5d76ba1b3
commit 39f16c0b4a
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
3 changed files with 26 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
modules/liquid.nix
View File

@ -16,19 +16,19 @@ let
${optionalString (cfg.validatepegin != null) "validatepegin=${if cfg.validatepegin then "1" else "0"}"} ${optionalString (cfg.validatepegin != null) "validatepegin=${if cfg.validatepegin then "1" else "0"}"}
# Connection options # Connection options
${optionalString cfg.listen "bind=${cfg.bind}"} ${optionalString cfg.listen "bind=${cfg.address}"}
${optionalString (cfg.port != null) "port=${toString cfg.port}"} port=${toString cfg.port}
${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"}
listen=${if cfg.listen then "1" else "0"} listen=${if cfg.listen then "1" else "0"}
# RPC server options # RPC server options
${optionalString (cfg.rpc.port != null) "rpcport=${toString cfg.rpc.port}"} rpcport=${toString cfg.rpc.port}
${concatMapStringsSep "\n" ${concatMapStringsSep "\n"
(rpcUser: "rpcauth=${rpcUser.name}:${rpcUser.passwordHMAC}") (rpcUser: "rpcauth=${rpcUser.name}:${rpcUser.passwordHMAC}")
(attrValues cfg.rpc.users) (attrValues cfg.rpc.users)
} }
rpcbind=${cfg.rpcbind} rpcbind=${cfg.rpc.address}
rpcconnect=${cfg.rpcbind} rpcconnect=${cfg.rpc.address}
${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpcallowip} ${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpcallowip}
${optionalString (cfg.rpcuser != null) "rpcuser=${cfg.rpcuser}"} ${optionalString (cfg.rpcuser != null) "rpcuser=${cfg.rpcuser}"}
${optionalString (cfg.rpcpassword != null) "rpcpassword=${cfg.rpcpassword}"} ${optionalString (cfg.rpcpassword != null) "rpcpassword=${cfg.rpcpassword}"}
@ -71,7 +71,16 @@ in {
services.liquidd = { services.liquidd = {
enable = mkEnableOption "Liquid sidechain"; enable = mkEnableOption "Liquid sidechain";
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen for peer connections.";
};
port = mkOption {
type = types.port;
default = 7042;
description = "Override the default port on which to listen for connections.";
};
extraConfig = mkOption { extraConfig = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
@ -88,14 +97,6 @@ in {
default = "/var/lib/liquidd"; default = "/var/lib/liquidd";
description = "The data directory for liquidd."; description = "The data directory for liquidd.";
}; };
bind = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
Bind to given address and always listen on it.
'';
};
user = mkOption { user = mkOption {
type = types.str; type = types.str;
default = "liquid"; default = "liquid";
@ -106,12 +107,16 @@ in {
default = cfg.user; default = cfg.user;
description = "The group as which to run liquidd."; description = "The group as which to run liquidd.";
}; };
rpc = { rpc = {
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen for JSON-RPC connections.";
};
port = mkOption { port = mkOption {
type = types.nullOr types.port; type = types.port;
default = null; default = 7041;
description = "Override the default port on which to listen for JSON-RPC connections."; description = "Port to listen for JSON-RPC connections.";
}; };
users = mkOption { users = mkOption {
default = {}; default = {};
@ -125,14 +130,6 @@ in {
''; '';
}; };
}; };
rpcbind = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
Bind to given address to listen for JSON-RPC connections.
'';
};
rpcallowip = mkOption { rpcallowip = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ "127.0.0.1" ]; default = [ "127.0.0.1" ];
@ -155,11 +152,6 @@ in {
default = false; default = false;
description = "Whether to use the test chain."; description = "Whether to use the test chain.";
}; };
port = mkOption {
type = types.nullOr types.port;
default = null;
description = "Override the default port on which to listen for connections.";
};
proxy = mkOption { proxy = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = if cfg.enforceTor then config.services.tor.client.socksListenAddress else null; default = if cfg.enforceTor then config.services.tor.client.socksListenAddress else null;

4
modules/netns-isolation.nix
View File

@ -263,8 +263,8 @@ in {
}; };
services.liquidd = { services.liquidd = {
bind = netns.liquidd.address; address = netns.liquidd.address;
rpcbind = netns.liquidd.address; rpc.address = netns.liquidd.address;
rpcallowip = [ rpcallowip = [
bridgeIp # For operator user bridgeIp # For operator user
netns.liquidd.address netns.liquidd.address

3
modules/presets/secure-node.nix
View File

@ -86,9 +86,8 @@ in {
validatepegin = true; validatepegin = true;
listen = true; listen = true;
enforceTor = true; enforceTor = true;
port = 7042;
}; };
services.tor.hiddenServices.liquidd = mkIf cfg.liquidd.enable (mkHiddenService { port = cfg.liquidd.port; toHost = cfg.liquidd.bind; }); services.tor.hiddenServices.liquidd = mkIf cfg.liquidd.enable (mkHiddenService { port = cfg.liquidd.port; toHost = cfg.liquidd.address; });
# electrs # electrs
services.electrs = { services.electrs = {