treewide: ensure services are started after secrets setup
Now all services that access secrets only run after the secrets setup has finished. Previously, we assumed that the systemd `after` dependency is transitive, i.e. that adding an `after = [ "bitcoind.service" ]` to a service implicitly pulled in the `after` dependency to `nix-bitcoin-secrets.target` (which is defined for `bitcoind`). This is not the case. Services could start before secrets setup had finished, leading to service failure.
This commit is contained in:
Erik Arvstedt
parent
29a32ac53b
commit
90ce68cb16
11 changed files with 12 additions and 12 deletions
|
|
@ -189,7 +189,7 @@ in {
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
requires = optional cfg.nodes.clightning.enable "clightning-rest.service" ++
|
||||
optional cfg.nodes.lnd.enable "lnd.service";
|
||||
after = requires;
|
||||
after = requires ++ [ "nix-bitcoin-secrets.target" ];
|
||||
environment.RTL_CONFIG_PATH = cfg.dataDir;
|
||||
environment.DB_DIRECTORY_PATH = cfg.dataDir;
|
||||
serviceConfig = nbLib.defaultHardening // {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue