2019-11-27 05:04:32 -08:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
# This is mainly for testing.
|
|
|
|
|
# When using this for regular deployments, make sure to create a backup of the
|
|
|
|
|
# generated secrets.
|
|
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
{
|
|
|
|
|
nix-bitcoin.setup-secrets = true;
|
|
|
|
|
|
|
|
|
|
systemd.services.generate-secrets = {
|
|
|
|
|
requiredBy = [ "setup-secrets.service" ];
|
|
|
|
|
before = [ "setup-secrets.service" ];
|
|
|
|
|
serviceConfig = {
|
2020-02-26 11:37:46 -08:00
|
|
|
Type = "oneshot";
|
|
|
|
|
RemainAfterExit = true;
|
2020-02-26 11:37:47 -08:00
|
|
|
};
|
2019-11-27 05:04:32 -08:00
|
|
|
script = ''
|
2020-01-12 11:52:39 -08:00
|
|
|
mkdir -p "${config.nix-bitcoin.secretsDir}"
|
|
|
|
|
cd "${config.nix-bitcoin.secretsDir}"
|
2019-11-27 05:04:32 -08:00
|
|
|
chown root: .
|
|
|
|
|
chmod 0700 .
|
|
|
|
|
${pkgs.nix-bitcoin.generate-secrets}
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
}
|
