Clean up a bit
This commit is contained in:
parent
36327ae89e
commit
da1148595f
|
@ -4,7 +4,7 @@
|
||||||
|
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
let
|
let
|
||||||
# custom packages
|
# Custom packages
|
||||||
nodeinfo = (import pkgs/nodeinfo.nix);
|
nodeinfo = (import pkgs/nodeinfo.nix);
|
||||||
lightning-charge = import pkgs/lightning-charge.nix { inherit pkgs; };
|
lightning-charge = import pkgs/lightning-charge.nix { inherit pkgs; };
|
||||||
nanopos = import pkgs/nanopos.nix { inherit pkgs; };
|
nanopos = import pkgs/nanopos.nix { inherit pkgs; };
|
||||||
|
@ -16,21 +16,16 @@ in {
|
||||||
./modules/nixbitcoin.nix
|
./modules/nixbitcoin.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# turn off binary cache by passing the empty list
|
# turn off binary cache by setting binaryCaches to empty list
|
||||||
#nix.binaryCaches = [];
|
# nix.binaryCaches = [];
|
||||||
|
|
||||||
networking.hostName = "nix-bitcoin"; # Define your hostname.
|
networking.hostName = "nix-bitcoin"; # Define your hostname.
|
||||||
time.timeZone = "UTC";
|
time.timeZone = "UTC";
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
vim tmux clightning bitcoin
|
vim tmux
|
||||||
nodeinfo
|
|
||||||
jq
|
|
||||||
lightning-charge.package
|
|
||||||
nanopos.package
|
|
||||||
nodejs-8_x
|
|
||||||
nginx
|
|
||||||
];
|
];
|
||||||
|
|
||||||
nixpkgs.config.packageOverrides = pkgs: {
|
nixpkgs.config.packageOverrides = pkgs: {
|
||||||
inherit nodeinfo;
|
inherit nodeinfo;
|
||||||
inherit lightning-charge;
|
inherit lightning-charge;
|
||||||
|
@ -38,45 +33,10 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
||||||
# users.users.root = {
|
|
||||||
# openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILacgZRwLsiICNHGHY2TG2APeuxFsrw6Cg13ZTMQpNqA nickler@rick" ];
|
|
||||||
# };
|
|
||||||
|
|
||||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
|
||||||
networking.firewall.enable = true;
|
networking.firewall.enable = true;
|
||||||
networking.firewall.allowedTCPPorts = [ ];
|
|
||||||
|
|
||||||
#services.bitcoin.proxy = services.tor.client.socksListenAddress;
|
|
||||||
services.nixbitcoin.enable = true;
|
services.nixbitcoin.enable = true;
|
||||||
|
|
||||||
# Configure network proxy if necessary
|
# This value determines the NixOS release with which your system is to be
|
||||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
|
||||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
|
||||||
|
|
||||||
# Select internationalisation properties.
|
|
||||||
# i18n = {
|
|
||||||
# consoleFont = "Lat2-Terminus16";
|
|
||||||
# consoleKeyMap = "us";
|
|
||||||
# defaultLocale = "en_US.UTF-8";
|
|
||||||
# };
|
|
||||||
|
|
||||||
|
|
||||||
# List packages installed in system profile. To search, run:
|
|
||||||
# $ nix search wget
|
|
||||||
|
|
||||||
# Some programs need SUID wrappers, can be configured further or are
|
|
||||||
# started in user sessions.
|
|
||||||
# programs.mtr.enable = true;
|
|
||||||
# programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
|
||||||
|
|
||||||
# List services that you want to enable:
|
|
||||||
|
|
||||||
|
|
||||||
# Open ports in the firewall.
|
|
||||||
# Or disable the firewall altogether.
|
|
||||||
|
|
||||||
# This value determines the NixOS release with which your system is to be
|
|
||||||
# compatible, in order to avoid breaking some software such as database
|
# compatible, in order to avoid breaking some software such as database
|
||||||
# servers. You should change this only after NixOS release notes say you
|
# servers. You should change this only after NixOS release notes say you
|
||||||
# should.
|
# should.
|
||||||
|
|
|
@ -7,6 +7,7 @@ let
|
||||||
in {
|
in {
|
||||||
imports =
|
imports =
|
||||||
[
|
[
|
||||||
|
# Tor module from nixpkgs but with HiddenService v3
|
||||||
./tor.nix
|
./tor.nix
|
||||||
./bitcoind.nix
|
./bitcoind.nix
|
||||||
./clightning.nix
|
./clightning.nix
|
||||||
|
@ -26,18 +27,22 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
vim tmux clightning bitcoin
|
||||||
|
nodeinfo
|
||||||
|
jq
|
||||||
|
lightning-charge.package
|
||||||
|
nanopos.package
|
||||||
|
nodejs-8_x
|
||||||
|
nginx
|
||||||
|
];
|
||||||
|
|
||||||
# Add bitcoinrpc group
|
# Add bitcoinrpc group
|
||||||
users.groups.bitcoinrpc = {};
|
users.groups.bitcoinrpc = {};
|
||||||
|
|
||||||
# Tor
|
# Tor
|
||||||
services.tor.enable = true;
|
services.tor.enable = true;
|
||||||
services.tor.client.enable = true;
|
services.tor.client.enable = true;
|
||||||
services.tor.hiddenServices.bitcoind = {
|
|
||||||
map = [{
|
|
||||||
port = config.services.bitcoind.port;
|
|
||||||
}];
|
|
||||||
version = 3;
|
|
||||||
};
|
|
||||||
|
|
||||||
# bitcoind
|
# bitcoind
|
||||||
services.bitcoind.enable = true;
|
services.bitcoind.enable = true;
|
||||||
|
@ -51,6 +56,12 @@ in {
|
||||||
discover=0
|
discover=0
|
||||||
'';
|
'';
|
||||||
services.bitcoind.prune = 2000;
|
services.bitcoind.prune = 2000;
|
||||||
|
services.tor.hiddenServices.bitcoind = {
|
||||||
|
map = [{
|
||||||
|
port = config.services.bitcoind.port;
|
||||||
|
}];
|
||||||
|
version = 3;
|
||||||
|
};
|
||||||
|
|
||||||
# clightning
|
# clightning
|
||||||
services.clightning = {
|
services.clightning = {
|
||||||
|
@ -69,23 +80,7 @@ in {
|
||||||
services.nanopos.enable = true;
|
services.nanopos.enable = true;
|
||||||
services.nixbitcoin-webindex.enable = true;
|
services.nixbitcoin-webindex.enable = true;
|
||||||
|
|
||||||
# nodeinfo
|
# Create user operator which can use bitcoin-cli and lightning-cli
|
||||||
systemd.services.nodeinfo = {
|
|
||||||
description = "Get node info";
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "clightning.service" "tor.service" ];
|
|
||||||
path = [ pkgs.clightning pkgs.jq pkgs.sudo ];
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart="${pkgs.bash}/bin/bash ${pkgs.nodeinfo}/bin/nodeinfo > /var/lib/nodeinfo.sh";
|
|
||||||
User = "root";
|
|
||||||
Type = "simple";
|
|
||||||
RemainAfterExit="yes";
|
|
||||||
Restart = "on-failure";
|
|
||||||
RestartSec = "10s";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
|
||||||
users.users.operator = {
|
users.users.operator = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [ "clightning" config.services.bitcoind.group ];
|
extraGroups = [ "clightning" config.services.bitcoind.group ];
|
||||||
|
|
Loading…
Reference in New Issue
Block a user