aiolabs/nix-bitcoin
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

lnd: add strict hardening

Browse source 
Add ProtectSystem=strict, remove PermissionStartOnly.

Extract the section of postStart that needs secrets dir write
access into a separate script with full privileges.

Simplify preStart and fix dataDir quoting.
This commit is contained in:
Erik Arvstedt 2020-05-22 15:59:18 +02:00 committed by nixbitcoin
parent a040e52854
commit 5f3f362451
No known key found for this signature in database
GPG key ID: DD11F9AD5308B3BA
3 changed files with 63 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/modules.nix
View file

@ -21,7 +21,7 @@
options = {
nix-bitcoin-services = lib.mkOption {
readOnly = true;
default = import ./nix-bitcoin-services.nix lib;
default = import ./nix-bitcoin-services.nix lib pkgs;
};
};