bitcoin: add myself as an authenticated rpcuser
This commit is contained in:
parent
28d0a72c62
commit
36638e80a3
|
@ -1,5 +1,16 @@
|
|||
# as of 2023/12/02: complete blockchain is 530 GiB (on-disk size may be larger)
|
||||
{ ... }:
|
||||
#
|
||||
# rpc setup:
|
||||
# - generate a password
|
||||
# - use: <https://github.com/bitcoin/bitcoin/blob/master/share/rpcauth/rpcauth.py>
|
||||
# (rpcauth.py is not included in the `'.#bitcoin'` package result)
|
||||
# - `wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py`
|
||||
# - `python ./rpcauth.py colin`
|
||||
# - copy the hash here. it's SHA-256, so safe to be public.
|
||||
# - add "rpcuser=colin" and "rpcpassword=<output>" to secrets/servo/bitcoin.conf (i.e. ~/.bitcoin/bitcoin.conf)
|
||||
# - bitcoin.conf docs: <https://github.com/bitcoin/bitcoin/blob/master/doc/bitcoin-conf.md>
|
||||
# - validate with `bitcoin-cli -netinfo`
|
||||
{ config, sane-lib, ... }:
|
||||
{
|
||||
sane.persist.sys.byStore.ext = [
|
||||
# /var/lib/monero/lmdb is what consumes most of the space
|
||||
|
@ -16,7 +27,16 @@
|
|||
services.bitcoind.mainnet = {
|
||||
enable = true;
|
||||
# TODO: set `rpc.users` to include my user
|
||||
rpc.users.colin = {
|
||||
# see docs at top of file for how to generate this
|
||||
passwordHMAC = "30002c05d82daa210550e17a182db3f3$6071444151281e1aa8a2729f75e3e2d224e9d7cac3974810dab60e7c28ffaae4";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
sane.users.colin.fs.".bitcoin/bitcoin.conf" = sane-lib.fs.wantedSymlinkTo config.sops.secrets."bitcoin.conf".path;
|
||||
sops.secrets."bitcoin.conf" = {
|
||||
mode = "0600";
|
||||
owner = "colin";
|
||||
group = "users";
|
||||
};
|
||||
}
|
||||
|
|
32
secrets/servo/bitcoin.conf.bin
Normal file
32
secrets/servo/bitcoin.conf.bin
Normal file
|
@ -0,0 +1,32 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:Bzz0jnUca1zVCu8D6dOvwVxptu65NsdcrTF9h3MGLx0V/QVppGTducNNhZBQIB6epbjZgUBHVwNZ14esFwuFvb4iBuXLtA==,iv:yJwGAtIUzceJ0n+cYxQhyLF8Xcd27itbSnFvQ8MZLa8=,tag:2pMxehMHnkIjINOcVBsmMw==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkOCtCQzg5V3hXQlNZT1lo\nWUxMT1VlUmVUZmd3blFLN1ZnV1BJZWRIaURvCmJ3ZzhvRGpjQldrTUpsMnY5TklI\nMGp2aThKY1duR2RzdTMyVXpibzB5WTgKLS0tIDd4b2NyTU9XcTF0VWdvVjZNdlZs\nT1VxZk9qOVIyN0lXVDNFSC84T0JKeGcKr1zdv6lha2iJRJKszz/HeAz7labzdMI7\n+zP/CjXf0/q2cQeZoxuuSsQwc8+3DRJBJwsB//wh5Uo16kKLnAiynQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtNWx0eG83UHhET0Z2YWtM\nTm5BTTByUC9TT1UwSnQ0Y2c0VTVBMk5pSGlrCkc1cVR6MzZ3KzY1eU5sSXlXN0Vj\nQTFsemFMU0dFdk1qeFBXTTFwZndnN1EKLS0tIFVTTG9EdzFuNzdnMGNCb00rb0xy\nYXVsa3FQdG1qSjBTWmdQUHRhaDFocHcKeit4PvcXUHCHVniojD1on0Nkwf8kcW96\nrOeSfFs2A20GZB5KPbB3j8D+6csdY1lHqZuaVCWtpuheE74MQQSOaw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtOXJualdaNUpsYUVtU2ZM\nQnNjYkE3OTI2SWZZOGhwSHh6ODZSQjVZVEZjCnNpbjhVMlhsVWZnZVVkQmtsdmta\neURqNjZXZmtJQ0FIWVhydFovblVPZmMKLS0tIFpKVVBVQUtzR1RNVmE0dURGMVAw\nc0wxWHlmMjVVVEVsNmQrODR2OHczam8KrgIhu3Rhco0bgZA8TotzfGqnlio0L9G/\nvCJ/gP05o6zqaFqJV8Q7W5YdLwyI+ao9QnTn+QdTbM6HLImLPz9KBA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdjhnSVg1eWhOK0toTmpR\nK3V6cGxnSWd0RFBUWjYrSysvdWcvbjhtZVdFCmxyUm1ISnBKMlMwM1pmZlZweUJz\nVE5HRGcxZUI1dTlZLzQ0L0JiWStwVmcKLS0tIGkwamRHZ2oxZ1dLV1B4ZW41Yk0y\ncTZHTTJGSDNEczRYYmZVdkxPTzVOc2MKI7lMn2a1XR6jvbH6P4bJS4FMFc0lBsxo\nzAO8oLcJpX+OxiiAB/tp2Jr3/7ik7KmxpF+EWHOuWT3z2D29A8ZLDw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2024-01-02T18:10:48Z",
|
||||
"mac": "ENC[AES256_GCM,data:F647PM6jSQ6BceuPt3KILW7goKtG4eHPUYj+qGQ9wp0aDQX7edx+HBh+E0jZQxALVrIyy/Ym9Muw5ChBZYPerkI3gpf3uAU0ek4+kj/LAWFG1Kc1cxpII+rQgM+GxO8ixpNw5yJZ1hnkTBrieBZNN1ThRA/irwVOUT6f3gK+ZyY=,iv:REcQw8EO8XgJuXo0u0M1IxEpGZjhiAULMlS/ncpgVCY=,tag:5e9sdVzHWLylUFV4Vj935A==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.8.1"
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user