onionServices: use actual user name of services
Previously, onionAddresses definitions in onionServices were of the form onionAddresses.access.<service> = [<service>]; This caused failures for configurations where a service user name was overridden or for bitcoind whose default user is 'bitcoin' instead of 'bitcoind'. Now set the equivalent of: onionAddresses.access.<actualServiceUser> = [<service>]; Implement this via a new option `onionAddresses.services` to make things more readable and to work around an infinite recursion error in onionServices.
This commit is contained in:
Erik Arvstedt
@@ -71,12 +71,12 @@ in {
|
||||
);
|
||||
};
|
||||
|
||||
# Enable public services to access their own onion addresses
|
||||
nix-bitcoin.onionAddresses.access = (
|
||||
genAttrs publicServices singleton
|
||||
) // {
|
||||
nix-bitcoin.onionAddresses = {
|
||||
# Enable public services to access their own onion addresses
|
||||
services = publicServices;
|
||||
|
||||
# Allow the operator user to access onion addresses for all active services
|
||||
${config.nix-bitcoin.operator.name} = mkIf config.nix-bitcoin.operator.enable activeServices;
|
||||
access.${config.nix-bitcoin.operator.name} = mkIf config.nix-bitcoin.operator.enable activeServices;
|
||||
};
|
||||
systemd.services = let
|
||||
onionAddresses = [ "onion-addresses.service" ];
|
||||
@@ -96,7 +96,7 @@ in {
|
||||
in srv.public && srv.enable
|
||||
) services;
|
||||
in genAttrs publicServices' (service: {
|
||||
getPublicAddressCmd = "cat ${config.nix-bitcoin.onionAddresses.dataDir}/${service}/${service}";
|
||||
getPublicAddressCmd = "cat ${config.nix-bitcoin.onionAddresses.dataDir}/${service}";
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user