aiolabs/nix-bitcoin
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

secrets: add option 'generateSecrets'

Browse source 
Move this feature from a module preset to a regular option, so that it's
easily discoverable and accessible.

Simplify the implementation of `generateSecrets` by adding it to the
existing `setup-secrets` service script.

Also rename option setup-secrets -> setupSecrets.
This commit is contained in:
Erik Arvstedt 2021-03-10 14:08:34 +01:00 committed by Jonas Nick
parent 03515a8da6
commit b701cb5603
No known key found for this signature in database
GPG key ID: 4861DBF262123605
7 changed files with 51 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

30
modules/secrets/generate-secrets.nix
View file

@ -1,26 +1,4 @@
{ config, pkgs, lib, ... }:
# This is mainly for testing.
# When using this for regular deployments, make sure to create a backup of the
# generated secrets.
with lib;
{
nix-bitcoin.setup-secrets = true;
systemd.services.generate-secrets = {
requiredBy = [ "setup-secrets.service" ];
before = [ "setup-secrets.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
mkdir -p "${config.nix-bitcoin.secretsDir}"
cd "${config.nix-bitcoin.secretsDir}"
chown root: .
chmod 0700 .
${config.nix-bitcoin.pkgs.generate-secrets}
'';
};
}
throw ''
The module `generate-secrets.nix` has been removed.
Set option `nix-bitcoin.generateSecrets = true;` instead.
''