rename nix-bitcoin.nix -> presets/secure-node.nix

This commit is contained in:
Erik Arvstedt 2020-04-07 22:47:32 +02:00
parent 0c4ba43ee8
commit 28792f79dc
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
4 changed files with 6 additions and 6 deletions

View File

@ -4,7 +4,7 @@
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
imports = [ imports = [
<nix-bitcoin/modules/nix-bitcoin.nix> <nix-bitcoin/modules/presets/secure-node.nix>
# FIXME: The hardened kernel profile improves security but # FIXME: The hardened kernel profile improves security but
# decreases performance by ~50%. # decreases performance by ~50%.
@ -26,7 +26,7 @@
### BITCOIND ### BITCOIND
# Bitcoind is enabled by default if nix-bitcoin is enabled # Bitcoind is enabled by default if nix-bitcoin is enabled
# #
# You can override default settings from nix-bitcoin.nix as follows # You can override default settings from secure-node.nix as follows
# services.bitcoind.prune = lib.mkForce 100000; # services.bitcoind.prune = lib.mkForce 100000;
# #
# You can add options that are not defined in modules/bitcoind.nix as follows # You can add options that are not defined in modules/bitcoind.nix as follows

View File

@ -7,7 +7,7 @@
lightning-charge = ./lightning-charge.nix; lightning-charge = ./lightning-charge.nix;
liquid = ./liquid.nix; liquid = ./liquid.nix;
nanopos = ./nanopos.nix; nanopos = ./nanopos.nix;
nix-bitcoin = ./nix-bitcoin.nix; presets.secure-node = ./presets/secure-node.nix;
nix-bitcoin-webindex = ./nix-bitcoin-webindex.nix; nix-bitcoin-webindex = ./nix-bitcoin-webindex.nix;
spark-wallet = ./spark-wallet.nix; spark-wallet = ./spark-wallet.nix;
recurring-donations = ./recurring-donations.nix; recurring-donations = ./recurring-donations.nix;

View File

@ -4,7 +4,7 @@ with lib;
let let
cfg = config.services.nix-bitcoin; cfg = config.services.nix-bitcoin;
operatorCopySSH = pkgs.writeText "operator-copy-ssh.sh" '' operatorCopySSH = pkgs.writeText "operator-copy-ssh.sh" ''
mkdir -p ${config.users.users.operator.home}/.ssh mkdir -p ${config.users.users.operator.home}/.ssh
if [ -e "${config.users.users.root.home}/.vbox-nixops-client-key" ]; then if [ -e "${config.users.users.root.home}/.vbox-nixops-client-key" ]; then
cp ${config.users.users.root.home}/.vbox-nixops-client-key ${config.users.users.operator.home}/.ssh/authorized_keys cp ${config.users.users.root.home}/.vbox-nixops-client-key ${config.users.users.operator.home}/.ssh/authorized_keys
@ -15,7 +15,7 @@ let
chown -R operator ${config.users.users.operator.home}/.ssh chown -R operator ${config.users.users.operator.home}/.ssh
''; '';
in { in {
imports = [ ./modules.nix ]; imports = [ ../modules.nix ];
options.services.nix-bitcoin = { options.services.nix-bitcoin = {
enable = mkOption { enable = mkOption {

View File

@ -10,7 +10,7 @@ import ./make-test.nix rec {
machine = { pkgs, lib, ... }: with lib; { machine = { pkgs, lib, ... }: with lib; {
imports = [ imports = [
../modules/nix-bitcoin.nix ../modules/presets/secure-node.nix
../modules/secrets/generate-secrets.nix ../modules/secrets/generate-secrets.nix
# using the hardened profile increases total test duration by ~50%, so disable it for now # using the hardened profile increases total test duration by ~50%, so disable it for now
# hardened # hardened