secrets: allow extending generate-secrets
`generate-secrets` is no longer a monolithic script. Instead, it's composed of the values of option `nix-bitcoin.generateSecretsCmds`. This has the following advantages: - generate-secrets is now extensible by users - Only secrets of enabled services are generated - RPC IPs in the `lnd` and `loop` certs are no longer hardcoded. Secrets are no longer automatically generated when entering nix-shell. Instead, they are generated before deployment (via `krops-deploy`) because secrets generation is now dependant on the node configuration.
This commit is contained in:
Erik Arvstedt
parent
24fd1e9bdc
commit
a2466b1127
15 changed files with 136 additions and 131 deletions
|
|
@ -305,6 +305,9 @@ in {
|
|||
};
|
||||
|
||||
nix-bitcoin.secrets.jm-wallet-password.user = cfg.user;
|
||||
nix-bitcoin.generateSecretsCmds.joinmarket = ''
|
||||
makePasswordSecret jm-wallet-password
|
||||
'';
|
||||
}
|
||||
|
||||
(mkIf cfg.yieldgenerator.enable {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue