From 70a788f588315fda0b79fb2f8a7550755426bd99 Mon Sep 17 00:00:00 2001 From: Sam Date: Fri, 25 Oct 2024 10:18:15 +0100 Subject: [PATCH] Add bitcoind RPC credentials and update prefect variables - Add bitcoind RPC username and password to secrets and environment variables - Update prefect variables to include bitcoin RPC username and password - Add new read-only host paths for bitcoind RPC username and password --- .../optional/nixos-containers/baseddata-worker.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/hosts/common/optional/nixos-containers/baseddata-worker.nix b/hosts/common/optional/nixos-containers/baseddata-worker.nix index 04ed8e7..acdbad2 100644 --- a/hosts/common/optional/nixos-containers/baseddata-worker.nix +++ b/hosts/common/optional/nixos-containers/baseddata-worker.nix @@ -25,6 +25,8 @@ mongoclientPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/password".path; postgresUser = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_username".path; postgresPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_password".path; + bitcoindRPCUsername = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/username".path; + bitcoindRPCPassword= lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-rpcpassword-public".path; baseddataEnv = "dev"; in { sops.secrets = { @@ -37,6 +39,8 @@ in { "software/mongodb/baseddata/password" = {}; "software/postgres/baseddata/user_password" = {}; "software/postgres/baseddata/user_username" = {}; + "software/bitcoind/username" = {}; + "software/bitcoind/bitcoin-rpcpassword-public" = {}; }; environment.persistence."/persist" = { @@ -92,6 +96,14 @@ in { hostPath = "${postgresUser}"; isReadOnly = true; }; + "/run/secrets/bitcoindRPCPassword" = { + hostPath = "${bitcoindRPCPassword}"; + isReadOnly = true; + }; + "/run/secrets/bitcoindRPCUsername" = { + hostPath = "${bitcoindRPCUsername}"; + isReadOnly = true; + }; "/media/baseddata-data" = { hostPath = "/media/main-ssd/baseddata-data"; isReadOnly = false; @@ -214,6 +226,8 @@ in { .venv/bin/prefect variable set "postgres_port" ${postgresPort} --overwrite .venv/bin/prefect variable set "postgres_user" $(cat /run/secrets/postgresUser) --overwrite .venv/bin/prefect variable set "postgres_pwd" $(cat /run/secrets/postgresPassword) --overwrite + .venv/bin/prefect variable set "bitcoin_rpc_password" $(cat /run/secrets/bitcoindRPCPassword) --overwrite + .venv/bin/prefect variable set "bitcoin_rpc_username" $(cat /run/secrets/bitcoindRPCUsername) --overwrite .venv/bin/prefect variable set "osm_history_dir" "/media/baseddata-data/osm-history" --overwrite .venv/bin/prefect variable set "mongo_db_name" "baseddata" --overwrite