Add bitcoind RPC credentials and update prefect variables

- Add bitcoind RPC username and password to secrets and environment variables
- Update prefect variables to include bitcoin RPC username and password
- Add new read-only host paths for bitcoind RPC username and password
This commit is contained in:
Sam 2024-10-25 10:18:15 +01:00
parent 4e6f1f6f01
commit 70a788f588
1 changed files with 14 additions and 0 deletions

View File

@ -25,6 +25,8 @@
mongoclientPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/password".path; mongoclientPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/password".path;
postgresUser = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_username".path; postgresUser = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_username".path;
postgresPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_password".path; postgresPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_password".path;
bitcoindRPCUsername = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/username".path;
bitcoindRPCPassword= lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-rpcpassword-public".path;
baseddataEnv = "dev"; baseddataEnv = "dev";
in { in {
sops.secrets = { sops.secrets = {
@ -37,6 +39,8 @@ in {
"software/mongodb/baseddata/password" = {}; "software/mongodb/baseddata/password" = {};
"software/postgres/baseddata/user_password" = {}; "software/postgres/baseddata/user_password" = {};
"software/postgres/baseddata/user_username" = {}; "software/postgres/baseddata/user_username" = {};
"software/bitcoind/username" = {};
"software/bitcoind/bitcoin-rpcpassword-public" = {};
}; };
environment.persistence."/persist" = { environment.persistence."/persist" = {
@ -92,6 +96,14 @@ in {
hostPath = "${postgresUser}"; hostPath = "${postgresUser}";
isReadOnly = true; isReadOnly = true;
}; };
"/run/secrets/bitcoindRPCPassword" = {
hostPath = "${bitcoindRPCPassword}";
isReadOnly = true;
};
"/run/secrets/bitcoindRPCUsername" = {
hostPath = "${bitcoindRPCUsername}";
isReadOnly = true;
};
"/media/baseddata-data" = { "/media/baseddata-data" = {
hostPath = "/media/main-ssd/baseddata-data"; hostPath = "/media/main-ssd/baseddata-data";
isReadOnly = false; isReadOnly = false;
@ -214,6 +226,8 @@ in {
.venv/bin/prefect variable set "postgres_port" ${postgresPort} --overwrite .venv/bin/prefect variable set "postgres_port" ${postgresPort} --overwrite
.venv/bin/prefect variable set "postgres_user" $(cat /run/secrets/postgresUser) --overwrite .venv/bin/prefect variable set "postgres_user" $(cat /run/secrets/postgresUser) --overwrite
.venv/bin/prefect variable set "postgres_pwd" $(cat /run/secrets/postgresPassword) --overwrite .venv/bin/prefect variable set "postgres_pwd" $(cat /run/secrets/postgresPassword) --overwrite
.venv/bin/prefect variable set "bitcoin_rpc_password" $(cat /run/secrets/bitcoindRPCPassword) --overwrite
.venv/bin/prefect variable set "bitcoin_rpc_username" $(cat /run/secrets/bitcoindRPCUsername) --overwrite
.venv/bin/prefect variable set "osm_history_dir" "/media/baseddata-data/osm-history" --overwrite .venv/bin/prefect variable set "osm_history_dir" "/media/baseddata-data/osm-history" --overwrite
.venv/bin/prefect variable set "mongo_db_name" "baseddata" --overwrite .venv/bin/prefect variable set "mongo_db_name" "baseddata" --overwrite