bryan/nixos
0
0
Fork 0
mirror of https://github.com/itme-brain/nixos.git synced 2026-03-23 16:29:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixed bitcoin modules, still need to fix cln

Browse source
This commit is contained in:
Bryan Ramos 2025-07-06 14:35:34 -04:00
parent d3baf7c8e2
commit 2d0612752d
Signed by: bryan
GPG key ID: 6ABDCD144D6643C8
8 changed files with 109 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/system/machines/server/system.nix
View file

@ -11,22 +11,19 @@
bitcoin = {
enable = true;
electrum.enable = true;
clightning = {
enable = true;
rest.enable = true;
};
#clightning = {
# enable = true;
# rest.enable = true;
#};
};
};
};
users.mutableUsers = false;
users.users = {
"${config.user.name}" = {
isNormalUser = true;
extraGroups = config.user.groups;
openssh.authorizedKeys.keys = [ "${config.user.keys.ssh.primary}" ];
password = "123";
};
};

2
src/system/modules/bitcoin/config/bitcoin.conf
View file

@ -13,3 +13,5 @@ proxy=127.0.0.1:9050
listen=1
listenonion=1
torcontrol=127.0.0.1:9051
startupnotify=chmod g+r /var/lib/bitcoind/.cookie

13
src/system/modules/bitcoin/default.nix
View file

@ -28,17 +28,17 @@ in
inherit home;
description = "Bitcoin Core system user";
isSystemUser = true;
group = "bitcoin";
group = "btc";
createHome = true;
};
"${config.services.nginx.user}" = {
extraGroups = mkIf nginx.enable [
"bitcoin"
"btc"
];
};
};
groups = {
"bitcoin" = {
"btc" = {
members = [
"btc"
];
@ -54,11 +54,16 @@ in
"btc" = {
enable = true;
user = "btc";
group = "bitcoin";
group = "btc";
configFile = ./config/bitcoin.conf;
dataDir = home;
pidFile = "${home}/bitcoind.pid";
};
};
services.tor = {
enable = true;
client.enable = true;
};
};
}

24
src/system/modules/bitcoin/modules/clightning/config/lightning.conf
View file

@ -1 +1,23 @@
test
alias=OrdSux
daemon
mainnet
bitcoin-datadir=/var/lib/bitcoind
lightning-dir=/var/lib/lightningd
plugin-dir=/var/lib/lightningd/plugins
log-file=/var/lib/lightningd/log
log-level=info
pid-file=/var/lib/lightning/lightningd.pid
bind-addr=127.0.0.1:9734
proxy=127.0.0.1:9050
always-use-proxy=false
large-channels
fee-base=1000
fee-per-satoshi=10
min-capacity-sat=10000
htlc-minimum-msat=0
funding-confirms=3
max-concurrent-htlcs=30

38
src/system/modules/bitcoin/modules/clightning/default.nix
View file

@ -39,18 +39,18 @@ in
users = {
users = {
"clightning" = {
home = "/var/lib/clightning";
"cln" = {
home = "/var/lib/lightningd";
description = "Core Lightning system user";
isSystemUser = true;
group = "bitcoin";
group = "btc";
createHome = true;
};
};
groups = {
"bitcoin" = {
members = mkAfter [
"clightning"
"btc" = {
members = [
"cln"
];
};
};
@ -62,31 +62,29 @@ in
systemd.services.lightningd = {
description = "Core Lightning Daemon";
script = "${pkgs.clightning}/bin/lightningd";
scriptArgs = ''
--conf=${clnConfig}
'';
after = [
"bitcoind-btc.service"
];
serviceConfig = {
User = "cln";
Group = "btc";
User = "clightning";
Group = "bitcoin";
StateDirectory = "lightningd";
WorkingDirectory = "%S/lightningd";
ExecStart = "${pkgs.clightning}/bin/lightningd --conf=${clnConfig}";
Type = "simple";
KillMode = "process";
TimeoutSec = 60;
Restart = "always";
RestartSec = 60;
RestartSec = 2;
};
requisite = [
after = [
"bitcoind-btc.service"
"network.target"
];
requires = [ "bitcoind-btc.service" ];
partOf = [ "bitcoind-btc.service" ];
wantedBy = [ "multi-user.target" ];
};
};
}

10
src/system/modules/bitcoin/modules/electrum/config/config.toml
View file

@ -2,13 +2,11 @@ network = "bitcoin"
electrum_rpc_addr = "127.0.0.1:50001"
cookie-file = "/var/lib/bitcoind/.cookie"
cookie_file = "/var/lib/bitcoind/.cookie"
db_dir = "/var/lib/electrs"
log_filters = "INFO"
timestamp = true
daemon-rpc-addr = "127.0.0.1:8332"
daemon-p2p-addr = "127.0.0.1:8333"
daemon-dir = "/var/lib/bitcoind"
daemon_rpc_addr = "127.0.0.1:8332"
daemon_p2p_addr = "127.0.0.1:8333"
daemon_dir = "/var/lib/bitcoind"

33
src/system/modules/bitcoin/modules/electrum/default.nix
View file

@ -42,13 +42,13 @@ in
home = "/var/lib/electrs";
description = "Electrs system user";
isSystemUser = true;
group = "bitcoin";
group = "btc";
createHome = true;
};
};
groups = {
"bitcoin" = {
members = mkAfter [
"btc" = {
members = [
"electrs"
];
};
@ -58,29 +58,28 @@ in
systemd.services.electrs = {
description = "Electrs Bitcoin Indexer";
script = "${pkgs.electrs}/bin/electrs";
scriptArgs = "--conf=${electrsConfig}";
after = [
"bitcoind-btc.service"
];
serviceConfig = {
User = "electrs";
Group = "bitcoin";
Group = "btc";
StateDirectory = "electrs";
WorkingDirectory = "%S/electrs";
ExecStart = "${pkgs.electrs}/bin/electrs --conf=${electrsConfig}";
Type = "simple";
KillMode = "process";
TimeoutSec = 60;
Restart = "always";
RestartSec = 60;
Restart = "on-failure";
RestartSec = 2;
};
requisite = [
"bitcoind-btc.service"
after = [
"network.target"
"bitcoind-btc.service"
];
requires = [ "bitcoind-btc.service" ];
partOf = [ "bitcoind-btc.service" ];
wantedBy = [ "multi-user.target" ];
};
};
}

56
src/system/modules/nginx/default.nix
View file

@ -39,8 +39,7 @@ in
};
};
security.acme =
{
security.acme = {
acceptTerms = true;
defaults = {
email = "${config.user.email}";
@ -49,30 +48,33 @@ in
};
certs = {
"ramos.codes" = {
extraDomainNames = attrNames config.services.nginx.virtualHosts;
extraDomainNames = [
"git.ramos.codes"
"btc.ramos.codes"
];
};
};
};
services.nginx = {
services.nginx =
let
certPath = config.security.acme.certs."ramos.codes".directory;
sslCertificate = "${certPath}/fullchain.pem";
sslCertificateKey = "${certPath}/key.pem";
withSSL = hosts: mapAttrs (name: hostConfig: hostConfig // {
inherit sslCertificate sslCertificateKey;
forceSSL = true;
}) hosts;
in
{
enable = true;
user = "nginx";
group = "web";
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts =
let
certPath = config.security.acme.certs."ramos.codes".directory;
sslCertificate = "${certPath}/fullchain.pem";
sslCertificateKey = "${certPath}/key.pem";
withSSL = hosts: mapAttrs (name: hostConfig: hostConfig // {
inherit sslCertificate sslCertificateKey;
forceSSL = true;
}) hosts;
in withSSL
{
virtualHosts = withSSL {
"git.ramos.codes" = mkIf module.forgejo.enable {
locations = {
"/" = {
@ -80,14 +82,22 @@ in
};
};
};
#"btc.ramos.codes" = mkIf module.bitcoin.electrum.enable {
# locations = {
# "/" = {
# proxyPass = "";
# };
# };
#};
};
streamConfig = ''
${lib.optionalString module.bitcoin.electrum.enable ''
server {
listen 0.0.0.0:50002 ssl;
proxy_pass 127.0.0.1:50001;
ssl_certificate ${sslCertificate};
ssl_certificate_key ${sslCertificateKey};
}
''}
'';
};
networking.firewall.allowedTCPPorts = [
50002
];
};
}