aiolabs/nix-bitcoin
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

bitcoind: switch from rpcpassword to rpcauth

Browse source 
Includes bitcoind's `share/rpcauth` to convert apg generated passwords
into salted HMAC-SHA-256 hashed passwords.
This commit is contained in:
nixbitcoin 2020-06-22 12:10:54 +00:00
parent 272b8568e7
commit 5a978a2836
No known key found for this signature in database
GPG key ID: DD11F9AD5308B3BA
9 changed files with 84 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

12
modules/presets/secure-node.nix
View file

@ -73,6 +73,16 @@ in {
discover = false;
addresstype = "bech32";
dbCache = 1000;
rpc.users.privileged = {
name = "bitcoinrpc";
# Placeholder to be sed'd out by bitcoind preStart
passwordHMAC = "bitcoin-HMAC-privileged";
};
rpc.users.public = {
name = "publicrpc";
# Placeholder to be sed'd out by bitcoind preStart
passwordHMAC = "bitcoin-HMAC-public";
};
};
services.tor.hiddenServices.bitcoind = mkHiddenService { port = cfg.bitcoind.port; toHost = cfg.bitcoind.bind; };
@ -96,7 +106,7 @@ in {
rpcuser = "liquidrpc";
prune = 1000;
extraConfig = ''
mainchainrpcuser=${cfg.bitcoind.rpcuser}
mainchainrpcuser=${config.services.bitcoind.rpc.users.public.name}
mainchainrpcport=8332
'';
validatepegin = true;