aiolabs/nix-bitcoin
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Remove PermissionStartOnly where possible and replace with bitcoinrpc

Browse source 
Remove PermissionsStartOnly for bitcoind and spark-wallet (it was never
needed there)

Give reason for PermissionsStartOnly in lightning-charge

Replace PermissionsStartOnly in clightning, electrs and liquid
This commit is contained in:
nixbitcoin 2020-05-21 18:05:31 +02:00
parent 91b6b2c370
commit adc71b892e
No known key found for this signature in database
GPG key ID: DD11F9AD5308B3BA
7 changed files with 8 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

7
modules/liquid.nix
View file

@ -212,7 +212,7 @@ in {
wantedBy = [ "multi-user.target" ];
preStart = ''
cp '${configFile}' '${cfg.dataDir}/elements.conf'
chmod o-rw '${cfg.dataDir}/elements.conf'
chmod 640 '${cfg.dataDir}/elements.conf'
chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}'
echo "rpcpassword=$(cat ${secretsDir}/liquid-rpcpassword)" >> '${cfg.dataDir}/elements.conf'
echo "mainchainrpcpassword=$(cat ${secretsDir}/bitcoin-rpcpassword)" >> '${cfg.dataDir}/elements.conf'
@ -222,12 +222,8 @@ in {
User = "${cfg.user}";
Group = "${cfg.group}";
ExecStart = "${pkgs.nix-bitcoin.elementsd}/bin/elementsd ${cmdlineOptions}";
StateDirectory = "liquidd";
PIDFile = "${pidFile}";
Restart = "on-failure";
# Permission for preStart
PermissionsStartOnly = "true";
} // (if cfg.enforceTor
then nix-bitcoin-services.allowTor
else nix-bitcoin-services.allowAnyIP
@ -235,6 +231,7 @@ in {
};
users.users.${cfg.user} = {
group = cfg.group;
extraGroups = [ "bitcoinrpc" ];
description = "Liquid sidechain user";
};
users.groups.${cfg.group} = {};