Subnostr

iru@localhot $_ 1y ago

```

{

description = "Killy the killing machine";

inputs = {

nixpkgs = {

url = "github:NixOS/nixpkgs/nixos-unstable";

follows = "nix-bitcoin/nixpkgs-unstable";

};

lanzaboote = {

url = "github:nix-community/lanzaboote/v0.4.1";

inputs = {

nixpkgs = {

follows = "nixpkgs";

};

nix-bitcoin = {

url = "github:fort-nix/nix-bitcoin/release";

};

outputs = { self, nixpkgs, lanzaboote, nix-bitcoin, ...}: {

nixosConfigurations = {

killy = nixpkgs.lib.nixosSystem {

system = "x86_64-linux";

modules = [

./configuration.nix

nix-bitcoin.nixosModules.default

lanzaboote.nixosModules.lanzaboote

({ pkgs, lib, ... }: {

environment = {

systemPackages = [

pkgs.sbctl

];

};

boot = {

loader = {

systemd-boot = {

enable = lib.mkForce false;

};

lanzaboote = {

enable = true;

pkiBundle = "/etc/secureboot";

};

nix-bitcoin = {

generateSecrets = true;

nodeinfo = {

enable = true;

};

services = {

bitcoind = {

enable = true;

txindex = true;

zmqpubrawblock = "tcp://127.0.0.1:28332";

zmqpubrawtx = "tcp://127.0.0.1:28333";

};

fulcrum = {

enable = true;

};

lnd = {

enable = true;

certificate = {

extraIPs = [

“[REDACTED]”

];

};

lightning-loop = {

enable = true;

certificate = {

extraIPs = [

“[REDACTED]”

];

};

lightning-pool = {

enable = true;

};

})

];

};

}

```

Reply to this note

Please Login to reply.

Discussion

iru@localhot $_ 1y ago

Wish more Bitcoin related stuff used Unix socket. Sucks to have a bunch of open ports on your machine even though those are listening on loopback. With sockets you can control the access to the file using file system ACLs.

Abstract Equilibrium 1y ago

Easy peasy lemon squeezy

nostr:nevent1qqsp7umyyu5gdcynw4guqe65ytmy70wcp3gkfp9u63w6u4krrp3zr9spz9mhxue69uhkummnw3ezuamfdejj7q3qnmk2399jazpsup0vsm6dzxw7gydzm5atedj4yhdkn3yx7jh7tzpqxpqqqqqqzs0raph