jacobpascual/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge fort-nix/nix-bitcoin#651: treewide: ensure services are started after secrets setup

Browse Source 
90ce68cb16 treewide: ensure services are started after secrets setup (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 90ce68cb16

Tree-SHA512: b0872c757235b0c66b714bbb82a2b960af040f8a8171d08ace2b4e7515613e67aa9ab56db9a8acf3f9c45ab774cb0a4583e87d4e00279a6c813102f91908c165
This commit is contained in:
Jonas Nick
2023-10-09 07:44:48 +00:00
parent 29a32ac53b 90ce68cb16
commit aa169f4653
11 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/backups.nix
View File

@@ -106,7 +106,7 @@ in {
systemd.services.duplicity = { systemd.services.duplicity = {
wants = postgresqlBackupServices; wants = postgresqlBackupServices;
after = postgresqlBackupServices; after = postgresqlBackupServices ++ [ "nix-bitcoin-secrets.target" ];
}; };
services.postgresqlBackup = { services.postgresqlBackup = {

2
modules/btcpayserver.nix
View File

@@ -174,7 +174,7 @@ in {
in rec { in rec {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" "postgresql.service" ] ++ optional cfg.btcpayserver.lbtc "liquidd.service"; requires = [ "bitcoind.service" "postgresql.service" ] ++ optional cfg.btcpayserver.lbtc "liquidd.service";
after = requires; after = requires ++ [ "nix-bitcoin-secrets.target" ];
preStart = '' preStart = ''
install -m 600 ${configFile} '${cfg.nbxplorer.dataDir}/settings.config' install -m 600 ${configFile} '${cfg.nbxplorer.dataDir}/settings.config'
{ {

2
modules/clightning.nix
View File

@@ -168,7 +168,7 @@ in {
path = [ bitcoind.package ]; path = [ bitcoind.package ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
preStart = '' preStart = ''
umask u=rw,g=r,o= umask u=rw,g=r,o=
{ {

2
modules/electrs.nix
View File

@@ -68,7 +68,7 @@ in {
systemd.services.electrs = { systemd.services.electrs = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
preStart = '' preStart = ''
echo "auth = \"${bitcoind.rpc.users.public.name}:$(cat ${secretsDir}/bitcoin-rpcpassword-public)\"" \ echo "auth = \"${bitcoind.rpc.users.public.name}:$(cat ${secretsDir}/bitcoin-rpcpassword-public)\"" \
> electrs.toml > electrs.toml

2
modules/fulcrum.nix
View File

@@ -112,7 +112,7 @@ in {
systemd.services.fulcrum = { systemd.services.fulcrum = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
preStart = '' preStart = ''
{ {
cat ${configFile} cat ${configFile}

2
modules/joinmarket-ob-watcher.nix
View File

@@ -75,7 +75,7 @@ in {
systemd.services.joinmarket-ob-watcher = rec { systemd.services.joinmarket-ob-watcher = rec {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "tor.service" "bitcoind.service" ]; requires = [ "tor.service" "bitcoind.service" ];
after = requires; after = requires ++ [ "nix-bitcoin-secrets.target" ];
# The service writes to HOME/.config/matplotlib # The service writes to HOME/.config/matplotlib
environment.HOME = cfg.dataDir; environment.HOME = cfg.dataDir;
preStart = '' preStart = ''

4
modules/joinmarket.nix
View File

@@ -303,7 +303,7 @@ in {
systemd.services.joinmarket = { systemd.services.joinmarket = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
preStart = '' preStart = ''
{ {
cat ${configFile} cat ${configFile}
@@ -387,7 +387,7 @@ in {
systemd.services.joinmarket-yieldgenerator = { systemd.services.joinmarket-yieldgenerator = {
wantedBy = [ "joinmarket.service" ]; wantedBy = [ "joinmarket.service" ];
requires = [ "joinmarket.service" ]; requires = [ "joinmarket.service" ];
after = [ "joinmarket.service" ]; after = [ "joinmarket.service" "nix-bitcoin-secrets.target" ];
script = '' script = ''
tr -d "\n" <"${secretsDir}/jm-wallet-password" \ tr -d "\n" <"${secretsDir}/jm-wallet-password" \
| ${nbPkgs.joinmarket}/bin/jm-yg-privacyenhanced --datadir='${cfg.dataDir}' \ | ${nbPkgs.joinmarket}/bin/jm-yg-privacyenhanced --datadir='${cfg.dataDir}' \

2
modules/lightning-loop.nix
View File

@@ -126,7 +126,7 @@ in {
systemd.services.lightning-loop = { systemd.services.lightning-loop = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "lnd.service" ]; requires = [ "lnd.service" ];
after = [ "lnd.service" ]; after = [ "lnd.service" "nix-bitcoin-secrets.target" ];
serviceConfig = nbLib.defaultHardening // { serviceConfig = nbLib.defaultHardening // {
ExecStart = "${cfg.package}/bin/loopd --configfile=${configFile}"; ExecStart = "${cfg.package}/bin/loopd --configfile=${configFile}";
User = lnd.user; User = lnd.user;

2
modules/liquid.nix
View File

@@ -256,7 +256,7 @@ in {
systemd.services.liquidd = { systemd.services.liquidd = {
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
preStart = '' preStart = ''
install -m 640 ${configFile} '${cfg.dataDir}/elements.conf' install -m 640 ${configFile} '${cfg.dataDir}/elements.conf'

2
modules/lnd.nix
View File

@@ -229,7 +229,7 @@ in {
systemd.services.lnd = { systemd.services.lnd = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
preStart = '' preStart = ''
install -m600 ${configFile} '${cfg.dataDir}/lnd.conf' install -m600 ${configFile} '${cfg.dataDir}/lnd.conf'
{ {

2
modules/rtl.nix
View File

@@ -189,7 +189,7 @@ in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = optional cfg.nodes.clightning.enable "clightning-rest.service" ++ requires = optional cfg.nodes.clightning.enable "clightning-rest.service" ++
optional cfg.nodes.lnd.enable "lnd.service"; optional cfg.nodes.lnd.enable "lnd.service";
after = requires; after = requires ++ [ "nix-bitcoin-secrets.target" ];
environment.RTL_CONFIG_PATH = cfg.dataDir; environment.RTL_CONFIG_PATH = cfg.dataDir;
environment.DB_DIRECTORY_PATH = cfg.dataDir; environment.DB_DIRECTORY_PATH = cfg.dataDir;
serviceConfig = nbLib.defaultHardening // { serviceConfig = nbLib.defaultHardening // {