greg/nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

services: improve config file setup

Browse Source 
- btcpayserver, nbxplorer: Add quotes to the
  dataDir arg. (dataDir can contain spaces.)

- clightning, liquidd: use 'install'
This commit is contained in:
Erik Arvstedt 2021-02-01 22:53:21 +01:00
parent 18f2002cf0
commit a43534dda0
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
3 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/btcpayserver.nix
View File

@ -127,7 +127,7 @@ in {
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" ];
preStart = '' preStart = ''
install -m 600 ${configFile} ${cfg.nbxplorer.dataDir}/settings.config install -m 600 ${configFile} '${cfg.nbxplorer.dataDir}/settings.config'
echo "btcrpcpassword=$(cat ${config.nix-bitcoin.secretsDir}/bitcoin-rpcpassword-btcpayserver)" \ echo "btcrpcpassword=$(cat ${config.nix-bitcoin.secretsDir}/bitcoin-rpcpassword-btcpayserver)" \
>> '${cfg.nbxplorer.dataDir}/settings.config' >> '${cfg.nbxplorer.dataDir}/settings.config'
''; '';
@ -171,13 +171,13 @@ in {
++ optional (cfg.btcpayserver.lightningBackend != null) "${cfg.btcpayserver.lightningBackend}.service"; ++ optional (cfg.btcpayserver.lightningBackend != null) "${cfg.btcpayserver.lightningBackend}.service";
after = self.requires; after = self.requires;
preStart = '' preStart = ''
install -m 600 ${configFile} ${cfg.btcpayserver.dataDir}/settings.config install -m 600 ${configFile} '${cfg.btcpayserver.dataDir}/settings.config'
${optionalString (cfg.btcpayserver.lightningBackend == "lnd") '' ${optionalString (cfg.btcpayserver.lightningBackend == "lnd") ''
{ {
echo -n "${lndConfig}"; echo -n "${lndConfig}";
${pkgs.openssl}/bin/openssl x509 -noout -fingerprint -sha256 -in ${config.nix-bitcoin.secretsDir}/lnd-cert \ ${pkgs.openssl}/bin/openssl x509 -noout -fingerprint -sha256 -in ${config.nix-bitcoin.secretsDir}/lnd-cert \
| sed -e 's/.*=//;s/://g'; | sed -e 's/.*=//;s/://g';
} >> ${cfg.btcpayserver.dataDir}/settings.config } >> '${cfg.btcpayserver.dataDir}/settings.config'
''} ''}
''; '';
serviceConfig = nbLib.defaultHardening // { serviceConfig = nbLib.defaultHardening // {

6
modules/clightning.nix
View File

@ -117,19 +117,17 @@ in {
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" ];
preStart = '' preStart = ''
cp ${configFile} ${cfg.dataDir}/config
chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}' chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}'
# The RPC socket has to be removed otherwise we might have stale sockets # The RPC socket has to be removed otherwise we might have stale sockets
rm -f ${cfg.networkDir}/lightning-rpc rm -f ${cfg.networkDir}/lightning-rpc
chmod 640 ${cfg.dataDir}/config install -m 640 ${configFile} '${cfg.dataDir}/config'
{ {
echo "bitcoin-rpcpassword=$(cat ${config.nix-bitcoin.secretsDir}/bitcoin-rpcpassword-public)" echo "bitcoin-rpcpassword=$(cat ${config.nix-bitcoin.secretsDir}/bitcoin-rpcpassword-public)"
${optionalString (cfg.getPublicAddressCmd != "") '' ${optionalString (cfg.getPublicAddressCmd != "") ''
echo "announce-addr=$(${cfg.getPublicAddressCmd})" echo "announce-addr=$(${cfg.getPublicAddressCmd})"
''} ''}
} >> '${cfg.dataDir}/config' } >> '${cfg.dataDir}/config'
'';
'';
serviceConfig = nbLib.defaultHardening // { serviceConfig = nbLib.defaultHardening // {
ExecStart = "${nbPkgs.clightning}/bin/lightningd --lightning-dir=${cfg.dataDir}"; ExecStart = "${nbPkgs.clightning}/bin/lightningd --lightning-dir=${cfg.dataDir}";
User = cfg.user; User = cfg.user;

9
modules/liquid.nix
View File

@ -224,11 +224,12 @@ in {
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
preStart = '' preStart = ''
cp '${configFile}' '${cfg.dataDir}/elements.conf'
chmod 640 '${cfg.dataDir}/elements.conf'
chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}' chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}'
echo "rpcpassword=$(cat ${secretsDir}/liquid-rpcpassword)" >> '${cfg.dataDir}/elements.conf' install -m 640 ${configFile} '${cfg.dataDir}/elements.conf'
echo "mainchainrpcpassword=$(cat ${secretsDir}/bitcoin-rpcpassword-public)" >> '${cfg.dataDir}/elements.conf' {
echo "rpcpassword=$(cat ${secretsDir}/liquid-rpcpassword)"
echo "mainchainrpcpassword=$(cat ${secretsDir}/bitcoin-rpcpassword-public)"
} >> '${cfg.dataDir}/elements.conf'
''; '';
serviceConfig = nbLib.defaultHardening // { serviceConfig = nbLib.defaultHardening // {
Type = "simple"; Type = "simple";