aiolabs/nix-bitcoin
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Merge fort-nix/nix-bitcoin#425: Misc. improvements

Browse source 
def64a73b8 treewide: use TODO-EXTERNAL (Erik Arvstedt)
6f37bef2a3 netns-isolation: simplify firewall setup (Erik Arvstedt)
f52059ce3c docs: add doc 'Configuration and maintenance' (Erik Arvstedt)
94aee8174d usage.md: add section `Managing services` (Erik Arvstedt)
8cc7b83da1 usage.md: convert to '#' heading syntax (Erik Arvstedt)
91fbcfcc77 faq.md: reformat (Erik Arvstedt)
9e4f4d6b0f bitcoind: add option `txindex` (Erik Arvstedt)
10a744a598 rtl: add option `extraCurrency` (Erik Arvstedt)
62a2602e78 electrs: use dataDir for storing extra config (Erik Arvstedt)
9bda7305fd services: add `tor.*` options (Erik Arvstedt)
ff24e73ad7 onion-addresses: fix files not being copied (Erik Arvstedt)
c6fe017aeb netns-isolation: avoid creating service files for disabled services (Erik Arvstedt)
017e08ca10 btcpayserver: move nbxplorer options to bottom (Erik Arvstedt)
e1d869d76c modules.nix: move rtl to fix topological sorting (Erik Arvstedt)
e44cd7ecdc rtl: improve descriptions (Erik Arvstedt)
bd275d3a9a minor improvements (Erik Arvstedt)
8aa28da110 remove `recurring-donations` module (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  nixbitcoin:
    ACK def64a73b8
  jonasnick:
    ACK def64a73b8

Tree-SHA512: 13acd2a3dd73c07f9c31874c8e961f12f39accb48847cbad08479b9a8154b79a6f186819272072dfb5c4768264b81f6e058e9afa57a729db2096784e48352dfd
This commit is contained in:
Jonas Nick 2021-11-29 18:05:08 +00:00
commit 747019a9e9
No known key found for this signature in database
GPG key ID: 4861DBF262123605
31 changed files with 553 additions and 322 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/electrs.nix
View file

@ -12,7 +12,7 @@ let
port = mkOption {
type = types.port;
default = 50001;
description = "RPC port.";
description = "Port to listen for RPC connections.";
};
dataDir = mkOption {
type = types.path;
@ -39,7 +39,7 @@ let
default = cfg.user;
description = "The group as which to run electrs.";
};
enforceTor = nbLib.enforceTor;
tor.enforce = nbLib.tor.enforce;
};
cfg = config.services.electrs;
@ -74,10 +74,8 @@ in {
> electrs.toml
'';
serviceConfig = nbLib.defaultHardening // {
RuntimeDirectory = "electrs";
RuntimeDirectoryMode = "700";
# electrs only uses the working directory for reading electrs.toml
WorkingDirectory = "/run/electrs";
WorkingDirectory = cfg.dataDir;
ExecStart = ''
${config.nix-bitcoin.pkgs.electrs}/bin/electrs \
--log-filters=INFO \
@ -95,7 +93,7 @@ in {
Restart = "on-failure";
RestartSec = "10s";
ReadWritePaths = cfg.dataDir;
} // nbLib.allowedIPAddresses cfg.enforceTor;
} // nbLib.allowedIPAddresses cfg.tor.enforce;
};
users.users.${cfg.user} = {