minimal bitcoin config

src/system/modules/bitcoin/config/bitcoin.conf

@@ -3,7 +3,7 @@ server=1
 mempoolfullrbf=1
 v2transport=1
 
-rpcauth=
+rpcauth=btc:a5070cab96db882e8f63cb131ce3bbfa$20c7fd4653597b0c4ffc2c47b2d5d6751a6725ff644dd0d0ffcb9bebff96b913
 
 rpcbind=127.0.0.1
 rpcallowip=127.0.0.1

src/system/modules/bitcoin/default.nix

@@ -5,7 +5,7 @@ let
   cfg = config.modules.system.bitcoin;
   nginx = config.modules.system.nginx;
 
-  home = "/var/lib/bitcoind";
+  home = "/var/lib/bitcoin";
 
   bitcoinConf = pkgs.writeTextFile {
     name = "bitcoin.conf";
@@ -15,16 +15,10 @@ let
 in
 { options.modules.system.bitcoin = { enable = mkEnableOption "Bitcoin Server"; };
   config = mkIf cfg.enable {
-    nixpkgs.overlays = [
+    modules.system.tor.enable = true;
-      (final: prev: {
+
-        bitcoind = prev.bitcoind.overrideAttrs (old: rec {
+    environment.systemPackages = with pkgs; [
-          version = "28.0";
+      bitcoind
-          src = fetchTarball {
-            url = "https://github.com/bitcoin/bitcoin/archive/refs/tags/v${version}.tar.gz";
-            sha256 = "sha256-LLtw6pMyqIJ3IWHiK4P3XoifLojB9yMNMo+MGNFGuRY=";
-          };
-        });
-      })
     ];
 
     users = {
@@ -34,6 +28,7 @@ in
           description = "Bitcoin Core system user";
           isSystemUser = true;
           group = "bitcoin";
+          extraGroups = [ "tor" ];
           createHome = true;
         };
         "nginx" = {
@@ -56,7 +51,7 @@ in
     };
 
     services.bitcoind = {
-      "btc" = {
+      "mainnet" = {
         enable = true;
         user = "btc";
         group = "bitcoin";
@@ -65,5 +60,14 @@ in
         pidFile = "${home}/bitcoind.pid";
       };
     };
+
+    systemd.services.bitcoind-mainnet = {
+      wants = [ "tor.service" ];
+      after = [ "tor.service" ];
+    };
+
+    modules.system.backup.paths = [
+      "${home}/wallets"
+    ];
   };
 }

src/system/modules/bitcoin/modules/clightning/default.nix

@@ -0,0 +1,92 @@
+{ lib, pkgs, config, ... }:
+
+with lib;
+let
+  cfg = config.modules.system.bitcoin.clightning;
+  btc = config.modules.system.bitcoin;
+
+  clnConfig = pkgs.writeTextFile {
+    name = "lightning.conf";
+    text = builtins.readFile ./config/lightning.conf;
+  };
+
+in
+{ options.modules.system.bitcoin.clightning = { enable = mkEnableOption "Core Lightning Server"; };
+  imports = [ ./plugins ];
+  config = mkIf (cfg.enable && btc.enable) {
+    #nixpkgs.overlays = [
+    #  (final: prev: {
+    #    clightning = prev.electrs.overrideAttrs (old: rec {
+    #      version = "24.08";
+    #      src = pkgs.fetchFromGitHub {
+    #        owner = "ElementsProject";
+    #        repo = "lightning";
+    #        rev = "82f4ad68e34a2428c556e63fc2632d48a914968c";
+    #        hash = "sha256-MWU75e55Zt/P4aaIuMte7iRcrFGMw0P81b8VNHQBe2g";
+    #      };
+    #      cargoDeps = old.cargoDeps.overrideAttrs (lib.const {
+    #        name = "lightning-vendor.tar.gz";
+    #        inherit src;
+    #        outputHash = "sha256-MWU75e55Zt/P4aaIuMte7iRcrFGMw0P81b8VNHQBe2g=";
+    #      });
+    #    });
+    #  })
+    #];
+
+    environment.systemPackages = with pkgs; [
+      clightning
+    ];
+
+    users = {
+      users = {
+        "clightning" = {
+          home = "/var/lib/clightning";
+          description = "Core Lightning system user";
+          isSystemUser = true;
+          group = "bitcoin";
+          createHome = true;
+        };
+      };
+      groups = {
+        "bitcoin" = {
+          members = mkAfter [
+            "clightning"
+          ];
+        };
+      };
+    };
+
+    programs.bash.shellAliases = {
+      cln = "lightningd";
+    };
+
+    systemd.services.lightningd = {
+      description = "Core Lightning Daemon";
+
+      script = "${pkgs.clightning}/bin/lightningd";
+      scriptArgs = ''
+        --conf=${clnConfig}
+      '';
+
+      after = [
+        "bitcoind-mainnet.service"
+      ];
+
+      serviceConfig = {
+
+        User = "clightning";
+        Group = "bitcoin";
+
+        Type = "simple";
+        KillMode = "process";
+        TimeoutSec = 60;
+        Restart = "always";
+        RestartSec = 60;
+      };
+      requisite = [
+        "bitcoind-mainnet.service"
+        "network.target"
+      ];
+    };
+  };
+}

src/system/modules/bitcoin/modules/electrum/default.nix

@@ -68,7 +68,7 @@ in
       scriptArgs = "--conf=${electrsConfig}";
 
       after = [
-        "bitcoind-btc.service"
+        "bitcoind-mainnet.service"
       ];
 
       serviceConfig = {
@@ -83,7 +83,7 @@ in
         RestartSec = 60;
       };
       requisite = [
-        "bitcoind-btc.service"
+        "bitcoind-mainnet.service"
         "network.target"
       ];
     };

src/system/modules/tor/default.nix

@@ -0,0 +1,29 @@
+{ pkgs, lib, config, ... }:
+
+with lib;
+let
+  cfg = config.modules.system.tor;
+
+in
+{
+  options.modules.system.tor = {
+    enable = mkEnableOption "Tor";
+  };
+
+  config = mkIf cfg.enable {
+    services.tor = {
+      enable = true;
+
+      client = {
+        enable = true;
+        # SOCKS proxy on 127.0.0.1:9050
+      };
+
+      settings = {
+        ControlPort = 9051;
+        CookieAuthentication = true;
+        CookieAuthFileGroupReadable = true;
+      };
+    };
+  };
+}