79 lines
1.8 KiB
Nix
79 lines
1.8 KiB
Nix
({
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}: {
|
|
nixpkgs.overlays = [nix-bitcoin.overlays.default];
|
|
|
|
nix-bitcoin.generateSecrets = true;
|
|
|
|
# Enable core services
|
|
services.bitcoind = {
|
|
enable = true;
|
|
dataDir = "/var/lib/bitcoind";
|
|
address = "0.0.0.0";
|
|
port = 23002;
|
|
listen = true;
|
|
listenWhitelisted = true;
|
|
whitelistedPort = 8335;
|
|
rpc = {
|
|
address = "0.0.0.0";
|
|
port = 8332;
|
|
threads = 16;
|
|
allowip = ["10.1.1.0/24"];
|
|
};
|
|
regtest = false;
|
|
dataDirReadableByGroup = false;
|
|
disablewallet = null;
|
|
dbCache = 4000;
|
|
prune = 10000;
|
|
zmqpubrawblock = "tcp://0.0.0.0:28332";
|
|
zmqpubrawtx = "tcp://0.0.0.0:28333";
|
|
user = "bitcoind";
|
|
group = "bitcoind";
|
|
};
|
|
|
|
services.nbxplorer = {
|
|
enable = true;
|
|
address = "0.0.0.0";
|
|
port = 24444;
|
|
user = "nbxplorer";
|
|
group = "nbxplorer";
|
|
};
|
|
|
|
services.btcpayserver = {
|
|
enable = true;
|
|
address = "0.0.0.0";
|
|
port = 23000;
|
|
lbtc = true;
|
|
user = "btcpayserver";
|
|
group = "btcpayserver";
|
|
lightningBackend = "clightning";
|
|
};
|
|
|
|
# Firewall: Open necessary ports
|
|
networking.firewall.allowedTCPPorts = [
|
|
config.services.btcpayserver.port
|
|
config.services.bitcoind.port
|
|
config.services.nbxplorer.port
|
|
22
|
|
];
|
|
|
|
# SSH setup
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "prohibit-password";
|
|
PasswordAuthentication = false;
|
|
};
|
|
};
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPs/pdZLlCbv0vgtFA4hHGuWz1EeSn2kKhBJthlZ5lww devnix"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDw6ilma4321EdQvguZKA7ijn9xF9QlfMfkES4bGCLTp jeirmeister@devnix-t470"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAaV7JtUWkWrjo5FfCcpTCCEY/OJ+T1mJOLbe4avg0XH sysadmin@skrybit.io"
|
|
];
|
|
|
|
system.stateVersion = "25.05";
|
|
})
|