modules: move nix-bitcoin options to file 'nix-bitcoin.nix'
This allows modules.nix to consist only of a list of modules.
This commit is contained in:
parent
fdc278a0b8
commit
cce9a3f6b2
@ -1,6 +1,6 @@
|
|||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
<nix-bitcoin/modules/nix-bitcoin.nix>
|
<nix-bitcoin/modules/modules.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
nix-bitcoin.generateSecrets = true;
|
nix-bitcoin.generateSecrets = true;
|
||||||
|
@ -1,9 +1,7 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
# Core modules
|
# Core modules
|
||||||
|
./nix-bitcoin.nix
|
||||||
./secrets/secrets.nix
|
./secrets/secrets.nix
|
||||||
./operator.nix
|
./operator.nix
|
||||||
|
|
||||||
@ -36,56 +34,4 @@ with lib;
|
|||||||
];
|
];
|
||||||
|
|
||||||
disabledModules = [ "services/networking/bitcoind.nix" ];
|
disabledModules = [ "services/networking/bitcoind.nix" ];
|
||||||
|
|
||||||
options = {
|
|
||||||
nix-bitcoin = {
|
|
||||||
pkgs = mkOption {
|
|
||||||
type = types.attrs;
|
|
||||||
default = (import ../pkgs { inherit pkgs; }).modulesPkgs;
|
|
||||||
};
|
|
||||||
|
|
||||||
lib = mkOption {
|
|
||||||
readOnly = true;
|
|
||||||
default = import ../pkgs/lib.nix lib pkgs;
|
|
||||||
};
|
|
||||||
|
|
||||||
torClientAddressWithPort = mkOption {
|
|
||||||
readOnly = true;
|
|
||||||
default = with config.services.tor.client.socksListenAddress;
|
|
||||||
"${addr}:${toString port}";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Torify binary that works with custom Tor SOCKS addresses
|
|
||||||
# Related issue: https://github.com/NixOS/nixpkgs/issues/94236
|
|
||||||
torify = mkOption {
|
|
||||||
readOnly = true;
|
|
||||||
default = pkgs.writeScriptBin "torify" ''
|
|
||||||
${pkgs.tor}/bin/torify \
|
|
||||||
--address ${config.services.tor.client.socksListenAddress.addr} \
|
|
||||||
"$@"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
# A helper for using doas instead of sudo when doas is enabled
|
|
||||||
runAsUserCmd = mkOption {
|
|
||||||
readOnly = true;
|
|
||||||
default = if config.security.doas.enable
|
|
||||||
# TODO: Use absolute path until https://github.com/NixOS/nixpkgs/pull/133622 is available.
|
|
||||||
then "/run/wrappers/bin/doas -u"
|
|
||||||
else "sudo -u";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = {
|
|
||||||
assertions = [
|
|
||||||
{ assertion = (config.services.lnd.enable -> ( !config.services.clightning.enable || config.services.clightning.port != config.services.lnd.port));
|
|
||||||
message = ''
|
|
||||||
LND and clightning can't both bind to lightning port 9735. Either
|
|
||||||
disable LND/clightning or change services.clightning.bindPort or
|
|
||||||
services.lnd.port to a port other than 9735.
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
@ -1,9 +1,56 @@
|
|||||||
# This file exists only for backwards compatibility
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
{ lib, ... }:
|
with lib;
|
||||||
{
|
{
|
||||||
imports = [
|
options = {
|
||||||
./presets/secure-node.nix
|
nix-bitcoin = {
|
||||||
(lib.mkRemovedOptionModule [ "services" "nix-bitcoin" "enable" ] "Please directly import ./presets/secure-node.nix")
|
pkgs = mkOption {
|
||||||
|
type = types.attrs;
|
||||||
|
default = (import ../pkgs { inherit pkgs; }).modulesPkgs;
|
||||||
|
};
|
||||||
|
|
||||||
|
lib = mkOption {
|
||||||
|
readOnly = true;
|
||||||
|
default = import ../pkgs/lib.nix lib pkgs;
|
||||||
|
};
|
||||||
|
|
||||||
|
torClientAddressWithPort = mkOption {
|
||||||
|
readOnly = true;
|
||||||
|
default = with config.services.tor.client.socksListenAddress;
|
||||||
|
"${addr}:${toString port}";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Torify binary that works with custom Tor SOCKS addresses
|
||||||
|
# Related issue: https://github.com/NixOS/nixpkgs/issues/94236
|
||||||
|
torify = mkOption {
|
||||||
|
readOnly = true;
|
||||||
|
default = pkgs.writeScriptBin "torify" ''
|
||||||
|
${pkgs.tor}/bin/torify \
|
||||||
|
--address ${config.services.tor.client.socksListenAddress.addr} \
|
||||||
|
"$@"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
# A helper for using doas instead of sudo when doas is enabled
|
||||||
|
runAsUserCmd = mkOption {
|
||||||
|
readOnly = true;
|
||||||
|
default = if config.security.doas.enable
|
||||||
|
# TODO: Use absolute path until https://github.com/NixOS/nixpkgs/pull/133622 is available.
|
||||||
|
then "/run/wrappers/bin/doas -u"
|
||||||
|
else "sudo -u";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
assertions = [
|
||||||
|
{ assertion = (config.services.lnd.enable -> ( !config.services.clightning.enable || config.services.clightning.port != config.services.lnd.port));
|
||||||
|
message = ''
|
||||||
|
LND and clightning can't both bind to lightning port 9735. Either
|
||||||
|
disable LND/clightning or change services.clightning.bindPort or
|
||||||
|
services.lnd.port to a port other than 9735.
|
||||||
|
'';
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user