rename nix-bitcoin.nix -> presets/secure-node.nix
This commit is contained in:
parent
0c4ba43ee8
commit
28792f79dc
@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
<nix-bitcoin/modules/nix-bitcoin.nix>
|
<nix-bitcoin/modules/presets/secure-node.nix>
|
||||||
|
|
||||||
# FIXME: The hardened kernel profile improves security but
|
# FIXME: The hardened kernel profile improves security but
|
||||||
# decreases performance by ~50%.
|
# decreases performance by ~50%.
|
||||||
@ -26,7 +26,7 @@
|
|||||||
### BITCOIND
|
### BITCOIND
|
||||||
# Bitcoind is enabled by default if nix-bitcoin is enabled
|
# Bitcoind is enabled by default if nix-bitcoin is enabled
|
||||||
#
|
#
|
||||||
# You can override default settings from nix-bitcoin.nix as follows
|
# You can override default settings from secure-node.nix as follows
|
||||||
# services.bitcoind.prune = lib.mkForce 100000;
|
# services.bitcoind.prune = lib.mkForce 100000;
|
||||||
#
|
#
|
||||||
# You can add options that are not defined in modules/bitcoind.nix as follows
|
# You can add options that are not defined in modules/bitcoind.nix as follows
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
lightning-charge = ./lightning-charge.nix;
|
lightning-charge = ./lightning-charge.nix;
|
||||||
liquid = ./liquid.nix;
|
liquid = ./liquid.nix;
|
||||||
nanopos = ./nanopos.nix;
|
nanopos = ./nanopos.nix;
|
||||||
nix-bitcoin = ./nix-bitcoin.nix;
|
presets.secure-node = ./presets/secure-node.nix;
|
||||||
nix-bitcoin-webindex = ./nix-bitcoin-webindex.nix;
|
nix-bitcoin-webindex = ./nix-bitcoin-webindex.nix;
|
||||||
spark-wallet = ./spark-wallet.nix;
|
spark-wallet = ./spark-wallet.nix;
|
||||||
recurring-donations = ./recurring-donations.nix;
|
recurring-donations = ./recurring-donations.nix;
|
||||||
|
@ -4,7 +4,7 @@ with lib;
|
|||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.services.nix-bitcoin;
|
cfg = config.services.nix-bitcoin;
|
||||||
operatorCopySSH = pkgs.writeText "operator-copy-ssh.sh" ''
|
operatorCopySSH = pkgs.writeText "operator-copy-ssh.sh" ''
|
||||||
mkdir -p ${config.users.users.operator.home}/.ssh
|
mkdir -p ${config.users.users.operator.home}/.ssh
|
||||||
if [ -e "${config.users.users.root.home}/.vbox-nixops-client-key" ]; then
|
if [ -e "${config.users.users.root.home}/.vbox-nixops-client-key" ]; then
|
||||||
cp ${config.users.users.root.home}/.vbox-nixops-client-key ${config.users.users.operator.home}/.ssh/authorized_keys
|
cp ${config.users.users.root.home}/.vbox-nixops-client-key ${config.users.users.operator.home}/.ssh/authorized_keys
|
||||||
@ -15,7 +15,7 @@ let
|
|||||||
chown -R operator ${config.users.users.operator.home}/.ssh
|
chown -R operator ${config.users.users.operator.home}/.ssh
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
imports = [ ./modules.nix ];
|
imports = [ ../modules.nix ];
|
||||||
|
|
||||||
options.services.nix-bitcoin = {
|
options.services.nix-bitcoin = {
|
||||||
enable = mkOption {
|
enable = mkOption {
|
@ -10,7 +10,7 @@ import ./make-test.nix rec {
|
|||||||
|
|
||||||
machine = { pkgs, lib, ... }: with lib; {
|
machine = { pkgs, lib, ... }: with lib; {
|
||||||
imports = [
|
imports = [
|
||||||
../modules/nix-bitcoin.nix
|
../modules/presets/secure-node.nix
|
||||||
../modules/secrets/generate-secrets.nix
|
../modules/secrets/generate-secrets.nix
|
||||||
# using the hardened profile increases total test duration by ~50%, so disable it for now
|
# using the hardened profile increases total test duration by ~50%, so disable it for now
|
||||||
# hardened
|
# hardened
|
||||||
|
Loading…
Reference in New Issue
Block a user