netns: remove conditionals for service settings
Going without the conditionals (like in secure-node.nix) adds readability and doesn't reduce evaluation performance (in fact, it even slightly improves performance due to implementation details of mkIf). To avoid errors, remove use of disabled services in secure-node.nix and nix-bitcoin-webindex.nix.
This commit is contained in:
parent
0f0f6ddbb9
commit
d0b8d77de2
@ -223,13 +223,13 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
# clightning: Custom netns configs
|
# clightning: Custom netns configs
|
||||||
services.clightning = mkIf config.services.clightning.enable {
|
services.clightning = {
|
||||||
bitcoin-rpcconnect = netns.bitcoind.address;
|
bitcoin-rpcconnect = netns.bitcoind.address;
|
||||||
bind-addr = netns.clightning.address;
|
bind-addr = netns.clightning.address;
|
||||||
};
|
};
|
||||||
|
|
||||||
# lnd: Custom netns configs
|
# lnd: Custom netns configs
|
||||||
services.lnd = mkIf config.services.lnd.enable {
|
services.lnd = {
|
||||||
listen = netns.lnd.address;
|
listen = netns.lnd.address;
|
||||||
rpclisten = [
|
rpclisten = [
|
||||||
"${netns.lnd.address}"
|
"${netns.lnd.address}"
|
||||||
@ -249,7 +249,7 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
# liquidd: Custom netns configs
|
# liquidd: Custom netns configs
|
||||||
services.liquidd = mkIf config.services.liquidd.enable {
|
services.liquidd = {
|
||||||
bind = netns.liquidd.address;
|
bind = netns.liquidd.address;
|
||||||
rpcbind = [
|
rpcbind = [
|
||||||
"${netns.liquidd.address}"
|
"${netns.liquidd.address}"
|
||||||
@ -268,31 +268,31 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
# electrs: Custom netns configs
|
# electrs: Custom netns configs
|
||||||
services.electrs = mkIf config.services.electrs.enable {
|
services.electrs = {
|
||||||
address = netns.electrs.address;
|
address = netns.electrs.address;
|
||||||
daemonrpc = "${netns.bitcoind.address}:${toString config.services.bitcoind.rpc.port}";
|
daemonrpc = "${netns.bitcoind.address}:${toString config.services.bitcoind.rpc.port}";
|
||||||
};
|
};
|
||||||
|
|
||||||
# spark-wallet: Custom netns configs
|
# spark-wallet: Custom netns configs
|
||||||
services.spark-wallet = mkIf config.services.spark-wallet.enable {
|
services.spark-wallet = {
|
||||||
host = netns.spark-wallet.address;
|
host = netns.spark-wallet.address;
|
||||||
extraArgs = "--no-tls";
|
extraArgs = "--no-tls";
|
||||||
};
|
};
|
||||||
|
|
||||||
# lightning-charge: Custom netns configs
|
# lightning-charge: Custom netns configs
|
||||||
services.lightning-charge.host = mkIf config.services.lightning-charge.enable netns.lightning-charge.address;
|
services.lightning-charge.host = netns.lightning-charge.address;
|
||||||
|
|
||||||
# nanopos: Custom netns configs
|
# nanopos: Custom netns configs
|
||||||
services.nanopos = mkIf config.services.nanopos.enable {
|
services.nanopos = {
|
||||||
charged-url = "http://${netns.lightning-charge.address}:9112";
|
charged-url = "http://${netns.lightning-charge.address}:9112";
|
||||||
host = netns.nanopos.address;
|
host = netns.nanopos.address;
|
||||||
};
|
};
|
||||||
|
|
||||||
# nginx: Custom netns configs
|
# nginx: Custom netns configs
|
||||||
services.nix-bitcoin-webindex.host = mkIf config.services.nix-bitcoin-webindex.enable netns.nginx.address;
|
services.nix-bitcoin-webindex.host = netns.nginx.address;
|
||||||
|
|
||||||
# loop: Custom netns configs
|
# loop: Custom netns configs
|
||||||
services.lightning-loop = mkIf config.services.lightning-loop.enable {
|
services.lightning-loop = {
|
||||||
cli = pkgs.writeScriptBin "loop"
|
cli = pkgs.writeScriptBin "loop"
|
||||||
# Switch user because lnd makes datadir contents readable by user only
|
# Switch user because lnd makes datadir contents readable by user only
|
||||||
''
|
''
|
||||||
|
@ -77,13 +77,12 @@ in {
|
|||||||
systemd.services.create-web-index = {
|
systemd.services.create-web-index = {
|
||||||
description = "Get node info";
|
description = "Get node info";
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
path = with pkgs; [
|
path = with pkgs; [
|
||||||
config.programs.nodeinfo
|
config.programs.nodeinfo
|
||||||
config.services.clightning.cli
|
|
||||||
config.services.lnd.cli
|
|
||||||
jq
|
jq
|
||||||
sudo
|
sudo
|
||||||
];
|
] ++ optional config.services.lnd.enable config.services.lnd.cli
|
||||||
|
++ optional config.services.clightning.enable config.services.clightning.cli;
|
||||||
serviceConfig = nix-bitcoin-services.defaultHardening // {
|
serviceConfig = nix-bitcoin-services.defaultHardening // {
|
||||||
ExecStart="${pkgs.bash}/bin/bash ${createWebIndex}";
|
ExecStart="${pkgs.bash}/bin/bash ${createWebIndex}";
|
||||||
User = "root";
|
User = "root";
|
||||||
|
@ -194,7 +194,9 @@ in {
|
|||||||
port = 50001;
|
port = 50001;
|
||||||
enforceTor = true;
|
enforceTor = true;
|
||||||
};
|
};
|
||||||
services.tor.hiddenServices.electrs = mkHiddenService { port = cfg.electrs.port; toHost = cfg.electrs.address; };
|
services.tor.hiddenServices.electrs = mkIf cfg.electrs.enable (mkHiddenService {
|
||||||
|
port = cfg.electrs.port; toHost = cfg.electrs.address;
|
||||||
|
});
|
||||||
|
|
||||||
services.spark-wallet = {
|
services.spark-wallet = {
|
||||||
onion-service = true;
|
onion-service = true;
|
||||||
|
Loading…
Reference in New Issue
Block a user