Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add RTL and Mempool LAN reverse proxies, open firewall ports

Browse Source 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/d29c1b82-a70e-4092-88c7-b521a1b3cac3

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-03 15:21:01 +00:00
committed by GitHub
parent dfe45bdbb2
commit e6cdb3b840
3 changed files with 20 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
modules/core/caddy.nix
View File

@@ -144,6 +144,24 @@ $HAVEN {
} }
EOF EOF
fi fi
# RTL (LAN access)
cat >> /run/caddy/Caddyfile <<EOF
:3051 {
reverse_proxy :3050
encode gzip zstd
}
EOF
# Mempool (LAN access)
cat >> /run/caddy/Caddyfile <<EOF
:60847 {
reverse_proxy :60845
encode gzip zstd
}
EOF
''; '';
}; };
} }

4
modules/core/sovran-hub.nix
View File

@@ -42,7 +42,7 @@ let
{ name = "LND"; unit = "lnd.service"; type = "system"; icon = "lnd"; enabled = cfg.services.bitcoin; category = "bitcoin-apps"; credentials = []; } { name = "LND"; unit = "lnd.service"; type = "system"; icon = "lnd"; enabled = cfg.services.bitcoin; category = "bitcoin-apps"; credentials = []; }
{ name = "Ride The Lightning"; unit = "rtl.service"; type = "system"; icon = "rtl"; enabled = cfg.services.bitcoin; category = "bitcoin-apps"; credentials = [ { name = "Ride The Lightning"; unit = "rtl.service"; type = "system"; icon = "rtl"; enabled = cfg.services.bitcoin; category = "bitcoin-apps"; credentials = [
{ label = "Tor Access"; file = "/var/lib/tor/onion/rtl/hostname"; prefix = "http://"; } { label = "Tor Access"; file = "/var/lib/tor/onion/rtl/hostname"; prefix = "http://"; }
{ label = "Local Network"; file = "/var/lib/secrets/internal-ip"; prefix = "http://"; suffix = ":3050"; } { label = "Local Network"; file = "/var/lib/secrets/internal-ip"; prefix = "http://"; suffix = ":3051"; }
{ label = "Password"; file = "/etc/nix-bitcoin-secrets/rtl-password"; } { label = "Password"; file = "/etc/nix-bitcoin-secrets/rtl-password"; }
]; } ]; }
{ name = "BTCPayserver"; unit = "btcpayserver.service"; type = "system"; icon = "btcpayserver"; enabled = cfg.services.bitcoin; category = "bitcoin-apps"; credentials = [ { name = "BTCPayserver"; unit = "btcpayserver.service"; type = "system"; icon = "btcpayserver"; enabled = cfg.services.bitcoin; category = "bitcoin-apps"; credentials = [
@@ -283,6 +283,6 @@ in
}; };
}; };
networking.firewall.allowedTCPPorts = [ 8937 ]; networking.firewall.allowedTCPPorts = [ 3051 8937 60847 ];
}; };
} }

11
modules/mempool.nix
View File

@@ -11,15 +11,4 @@ lib.mkIf config.sovran_systemsOS.features.mempool {
nix-bitcoin.onionServices.mempool-frontend.enable = true; nix-bitcoin.onionServices.mempool-frontend.enable = true;
services.caddy = {
virtualHosts = {
":60847" = {
extraConfig = ''
reverse_proxy :60845
encode gzip zstd
'';
};
};
};
} }