greg
/
nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nix-bitcoin-services: add nb-services.privileged helper

This commit is contained in:
nixbitcoin 2020-09-08 12:25:33 +00:00
parent f00d1d24c5
commit 263525d724
No known key found for this signature in database
GPG Key ID: DD11F9AD5308B3BA
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/nix-bitcoin-services.nix
View File

@ -4,7 +4,7 @@
lib: pkgs: lib: pkgs:
with lib; with lib;
{ let self = {
# These settings roughly follow systemd's "strict" security profile # These settings roughly follow systemd's "strict" security profile
defaultHardening = { defaultHardening = {
PrivateTmp = "true"; PrivateTmp = "true";
@ -56,10 +56,13 @@ with lib;
${src} ${src}
''; '';
# Used for ExecStart*
privileged = src: "+${self.script src}";
cliExec = mkOption { cliExec = mkOption {
# Used by netns-isolation to execute the cli in the service's private netns # Used by netns-isolation to execute the cli in the service's private netns
internal = true; internal = true;
type = types.str; type = types.str;
default = "exec"; default = "exec";
}; };
} }; in self