3b842e5fe7
Remove use of nixops-specific 'keys' group and key services. Instead: - Add nix-bitcoin-secrets.target, which should be required by all units that depend on secrets. (To keep it simple, it's okay to meet the secrets dependency indirectly by e.g. depending on bitcoind.) Various secret deployment methods can use this target by setting up the secrets before activating the target. In case of nixops we just specify that nixops' keys.target comes before nix-bitcoin-secrets.target. If the target is left undefined in the case of manual secrets deployment, systemd will simply ignore unit dependencies on the target. - Allow all users to access the secrets dir. The access protection for the individual secret files is unchanged. This allows us to drop the unit dependency on the nixops 'keys' group. |
||
---|---|---|
.. | ||
network-libvirtd.nix | ||
network-vbox.nix | ||
network.nix |