Until this functionality is included in StartOS (It’s coming, afaik), I used the following to expose Electrs and bitcoind to my LAN:
Login to StartOS over SSH, switch to the root user and run the chroot command:
sudo -i
/usr/lib/embassy/scripts/chroot-and-upgrade
Paste the following, this will install ‘socat’ and two new systemd services responsible for port forwarding 50001 (electrs) and 8332 (bitcoind):
apt install socat -y
cat > /lib/systemd/system/socat.electrs.service <<'EOL'
[Unit]
Description=socat electrs forward
Wants=docker.service
After=docker.service
[Service]
Type=simple
Restart=always
RestartSec=3
ExecStartPre=/bin/bash -c "/bin/systemctl set-environment IP=$(ip route | grep default | awk '{print $9}')"
ExecStart=/usr/bin/socat -dd tcp-l:50001,fork,reuseaddr,bind=${IP} tcp:electrs.embassy:50001
[Install]
WantedBy=multi-user.target
EOL
cat > /lib/systemd/system/socat.bitcoind.service <<'EOL'
[Unit]
Description=socat bitcoind rpc forward
Wants=docker.service
After=docker.service
[Service]
Type=simple
Restart=always
RestartSec=3
ExecStartPre=/bin/bash -c "/bin/systemctl set-environment IP=$(ip route | grep default | awk '{print $9}')"
ExecStart=/usr/bin/socat -dd tcp-l:8332,fork,reuseaddr,bind=${IP} tcp:bitcoind.embassy:8332
[Install]
WantedBy=multi-user.target
EOL
systemctl enable socat.bitcoind
systemctl enable socat.electrs
Now exit the chroot environment. Note: this will reboot StartOS!
exit
After rebooting both ports are exposed on the LAN ip of your StartOS instance.
Also note: electrs on StartOS uses port 50001 which is non-ssl. If your wallet software does not have a separate option/checkbox to enable/disable SSL, you can use the following format to specify a non-ssl connection:
adjective-noun.local:50001:t or ip-address:50001:t
The “:t” after the port means “don’t use ssl”