aiolabs/nix-bitcoin
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

bitcoind: add netns

Browse source 
- Adds bitcoind to netns-isolation.services
- Adds rpcbind and rpcallowip options to allow using bitcoind with
  network namespaces
- Adds bind option (defaults to localhost), used as target of hidden service
- Makes bitcoind-import-banlist run in netns
This commit is contained in:
nixbitcoin 2020-06-10 14:56:07 +00:00
parent e5e07b91f7
commit 75ca6f186c
No known key found for this signature in database
GPG key ID: DD11F9AD5308B3BA
3 changed files with 44 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/netns-isolation.nix
View file

@ -85,6 +85,9 @@ in {
};
nix-bitcoin.netns-isolation.services = {
bitcoind = {
id = 12;
};
};
systemd.services = {
@ -107,6 +110,8 @@ in {
RemainAfterExit = "yes";
};
};
bitcoind-import-banlist.serviceConfig.NetworkNamespacePath = "/var/run/netns/nb-bitcoind";
} //
(let
makeNetnsServices = n: v: let
@ -159,6 +164,20 @@ in {
services // (makeNetnsServices n netns.${n})
) {} (builtins.attrNames netns));
# bitcoin: Custom netns configs
services.bitcoind = {
bind = netns.bitcoind.address;
rpcbind = [
"${netns.bitcoind.address}"
"127.0.0.1"
];
rpcallowip = [
"127.0.0.1"
] ++ lib.lists.concatMap (s: [
"${netns.${s}.address}"
]) netns.bitcoind.availableNetns;
};
})
# Custom netns config option values if netns-isolation not enabled
(mkIf (!cfg.enable) {