This adds a simple hardened systemd-based module for g3proxy, a generic
purpose forward proxy.
Change-Id: I8c6e5d2cc8a9faa2aea8c5df3af56756ffed542d
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
Co-authored-by: Elias Coppens <elias.coppens@ens.fr>
nixos/libeufin: init module
nixos/libeufin(nexus): init submodule
nixos/libeufin(nexus): refactor service
Also added state directory to allow the creation of client ebic keys.
nixos/libeufin: review suggestions
nixos/libeufin: fix nexus service executable
nixos/libeufin: add mkLibeufinModule
nixos/libeufin: fix dbinit service not starting for utils, cleanup
nixos/libeufin: use mkLibeufinModule for nexus
nixos/libeufin: use mkLibeufinModule for bank
nixos/libeufin: add initialAccounts, stateDir options
nixos/libeufin: refactor to make nexus work, cleanup
nixos/libeufin: refactor stateDir, only register accounts on init
nixos/libeufin: explicitly specify psql user
Sometimes the dbinit service fails to find the user.
nixos/libeufin: cleanup stateDir
nixos/libeufin: add openFirewall option; install package
feat: apply review suggestions
Co-authored-by: h7x4 <h7x4@nani.wtf>
style: format code
fix: evaluation errors
fix(libeufin): start main services after dbinit
The main services can start after their databases have been initialized,
it's just that the bank and nexus shouldn't do the initialization at the
same time.
refactor(libeufin): dbinit script
feat: add assertions, remove throw
chore: remove unused code
feat(libeufin): recfactor dbinit service
feat: move libeufin module to services/finance
refactor(libeufin): remove configFile option
refactor(libeufin): use environment.etc for config file
basic config set that makes the service at least start
add secmod helpers and taler-global runtime dir
support for includes
taler denominations
Only enable services if taler is enabled
fix wirewatch service name
use correct permissions for database schema
The current permissions don't work or aren't enough and cause the
wirewatch and closer services to fail.
nixos/libeufin: init module
libeufin: refactor module
libeufin: add main service
nixos/taler: configure settings using options
Works, but can be refactored further
taler: refactor settings options
trim settings defaults to the absolutely necessary ones
nixos/libeufin: refactor and move to separate dir
nixos/libeufin: set defaultText
nixos/libeufin: use getExe
nixos/libeufin-bank: move to own dir
nixos/libeufin: move libeufin related config into its own config file
nixos/libeufin/bank: extract dbinitServiceName into var
nixos/libeufin: move script to ExecStart
nixos/libeufin: fix config file name
nixos/taler: refactor config file
nixos/taler-exchange: grant delete to taler-exchange-aggregator
Would repeatedly attempt to delete in a table where it wasn't allowed to and
cause insane spam in the postgres log.
nixos/taler/exchange: move exchange-specific options to exchange
nixos/taler: move generic taler settings into taler system module
nixos/taler: import exchange in module-list.nix
nixos/taler-exchange: refactor services group name
nixos/taler-exchange: use taler-harness to generate coins
The taler-wallet-cli does not have the deployment subcommand anymore,
but the docs still say that it should be used to generate the keys.
For now, the keys should be generated with taler-harness.
nixos/taler-exchange: add option to enable accounts
nixos/taler: add missing descriptions
nixos/taler(exchange): add description & use getExe'
nixos/taler(merchant): init submodule
nixos/taler: use correct script for db access
nixos/taler: merchant add depositcheck path
nixos/taler: review suggestions
nixos/taler: make runtimeDir into an option, refactor
nixos/taler: init mkTalerModule
nixos/taler: use mkTalerModule for exchange
nixos/taler: exchange fixups
nixos/taler: use mkTalerModule for merchant
nixos/taler: improve how dbInit script is created
nixos/taler: remove exchange enableAccounts option
nixos/taler: explicitly specify psql user
Sometimes the dbinit service fails to find the user.
nixos/taler: add openFirewall option; install package
feat: add assertions, remove throw
feat(taler): use module system instead of functions
Also:
- remove throw from denominateConfig
- rename `utils.nix` to `common.nix`
feat(taler): refactor modules
feat: move taler module to services/finance
refactor(exchange): replace throw with assert
refactor(exchange,merchant): settings options
fix(taler): manpage URLs
fix(exchange): public key assert
refactor(taler): use configFile
feat(taler): include component configs directly
Makes services detect config changes better.
