Merge fort-nix/nix-bitcoin#651: treewide: ensure services are started after secrets setup

90ce68cb16 treewide: ensure services are started after secrets setup (Erik Arvstedt) Pull request description: ACKs for top commit: jonasnick: ACK 90ce68cb16 Tree-SHA512: b0872c757235b0c66b714bbb82a2b960af040f8a8171d08ace2b4e7515613e67aa9ab56db9a8acf3f9c45ab774cb0a4583e87d4e00279a6c813102f91908c165
2024-09-11 23:17:20 +03:00 · 2023-10-09 07:44:48 +00:00 · 2023-10-09 07:44:48 +00:00 · aa169f4653
commit aa169f4653
parent 29a32ac53b 90ce68cb16
11 changed files with 12 additions and 12 deletions
--- a/modules/backups.nix
+++ b/modules/backups.nix
@ -106,7 +106,7 @@ in {

      systemd.services.duplicity = {
        wants = postgresqlBackupServices;
-        after = postgresqlBackupServices;
+        after = postgresqlBackupServices ++ [ "nix-bitcoin-secrets.target" ];
      };

      services.postgresqlBackup = {
--- a/modules/btcpayserver.nix
+++ b/modules/btcpayserver.nix
@ -174,7 +174,7 @@ in {
    in rec {
      wantedBy = [ "multi-user.target" ];
      requires = [ "bitcoind.service" "postgresql.service" ] ++ optional cfg.btcpayserver.lbtc "liquidd.service";
-      after = requires;
+      after = requires ++ [ "nix-bitcoin-secrets.target" ];
      preStart = ''
        install -m 600 ${configFile} '${cfg.nbxplorer.dataDir}/settings.config'
        {
--- a/modules/clightning.nix
+++ b/modules/clightning.nix
@ -168,7 +168,7 @@ in {
      path  = [ bitcoind.package ];
      wantedBy = [ "multi-user.target" ];
      requires = [ "bitcoind.service" ];
-      after = [ "bitcoind.service" ];
+      after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
      preStart = ''
        umask u=rw,g=r,o=
        {
--- a/modules/electrs.nix
+++ b/modules/electrs.nix
@ -68,7 +68,7 @@ in {
    systemd.services.electrs = {
      wantedBy = [ "multi-user.target" ];
      requires = [ "bitcoind.service" ];
-      after = [ "bitcoind.service" ];
+      after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
      preStart = ''
        echo "auth = \"${bitcoind.rpc.users.public.name}:$(cat ${secretsDir}/bitcoin-rpcpassword-public)\"" \
          > electrs.toml
--- a/modules/fulcrum.nix
+++ b/modules/fulcrum.nix
@ -112,7 +112,7 @@ in {
    systemd.services.fulcrum = {
      wantedBy = [ "multi-user.target" ];
      requires = [ "bitcoind.service" ];
-      after = [ "bitcoind.service" ];
+      after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
      preStart = ''
        {
          cat ${configFile}
--- a/modules/joinmarket-ob-watcher.nix
+++ b/modules/joinmarket-ob-watcher.nix
@ -75,7 +75,7 @@ in {
    systemd.services.joinmarket-ob-watcher = rec {
      wantedBy = [ "multi-user.target" ];
      requires = [ "tor.service" "bitcoind.service" ];
-      after = requires;
+      after = requires ++ [ "nix-bitcoin-secrets.target" ];
      # The service writes to HOME/.config/matplotlib
      environment.HOME = cfg.dataDir;
      preStart = ''
--- a/modules/joinmarket.nix
+++ b/modules/joinmarket.nix
@ -303,7 +303,7 @@ in {
    systemd.services.joinmarket = {
      wantedBy = [ "multi-user.target" ];
      requires = [ "bitcoind.service" ];
-      after = [ "bitcoind.service" ];
+      after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
      preStart = ''
        {
          cat ${configFile}
@ -387,7 +387,7 @@ in {
    systemd.services.joinmarket-yieldgenerator = {
      wantedBy = [ "joinmarket.service" ];
      requires = [ "joinmarket.service" ];
-      after = [ "joinmarket.service" ];
+      after = [ "joinmarket.service" "nix-bitcoin-secrets.target" ];
      script = ''
        tr -d "\n" <"${secretsDir}/jm-wallet-password" \
        | ${nbPkgs.joinmarket}/bin/jm-yg-privacyenhanced --datadir='${cfg.dataDir}' \
--- a/modules/lightning-loop.nix
+++ b/modules/lightning-loop.nix
@ -126,7 +126,7 @@ in {
    systemd.services.lightning-loop = {
      wantedBy = [ "multi-user.target" ];
      requires = [ "lnd.service" ];
-      after = [ "lnd.service" ];
+      after = [ "lnd.service" "nix-bitcoin-secrets.target" ];
      serviceConfig = nbLib.defaultHardening // {
        ExecStart = "${cfg.package}/bin/loopd --configfile=${configFile}";
        User = lnd.user;
--- a/modules/liquid.nix
+++ b/modules/liquid.nix
@ -256,7 +256,7 @@ in {

    systemd.services.liquidd = {
      requires = [ "bitcoind.service" ];
-      after = [ "bitcoind.service" ];
+      after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
      wantedBy = [ "multi-user.target" ];
      preStart = ''
        install -m 640 ${configFile} '${cfg.dataDir}/elements.conf'
--- a/modules/lnd.nix
+++ b/modules/lnd.nix
@ -229,7 +229,7 @@ in {
    systemd.services.lnd = {
      wantedBy = [ "multi-user.target" ];
      requires = [ "bitcoind.service" ];
-      after = [ "bitcoind.service" ];
+      after = [ "bitcoind.service" "nix-bitcoin-secrets.target" ];
      preStart = ''
        install -m600 ${configFile} '${cfg.dataDir}/lnd.conf'
        {
--- a/modules/rtl.nix
+++ b/modules/rtl.nix
@ -189,7 +189,7 @@ in {
      wantedBy = [ "multi-user.target" ];
      requires = optional cfg.nodes.clightning.enable "clightning-rest.service" ++
                 optional cfg.nodes.lnd.enable "lnd.service";
-      after = requires;
+      after = requires ++ [ "nix-bitcoin-secrets.target" ];
      environment.RTL_CONFIG_PATH = cfg.dataDir;
      environment.DB_DIRECTORY_PATH = cfg.dataDir;
      serviceConfig = nbLib.defaultHardening // {