pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / namecoind.nix
at 16.09-beta 4.2 kB view raw
1{ config, lib, pkgs, ... }: 2 3with lib; 4 5let 6 cfg = config.services.namecoind; 7 8 namecoinConf = 9 let 10 useSSL = (cfg.rpcCertificate != null) && (cfg.rpcKey != null); 11 in 12 pkgs.writeText "namecoin.conf" '' 13 server=1 14 daemon=0 15 rpcallowip=127.0.0.1 16 walletpath=${cfg.wallet} 17 gen=${if cfg.generate then "1" else "0"} 18 rpcssl=${if useSSL then "1" else "0"} 19 ${optionalString useSSL "rpcsslcertificatechainfile=${cfg.rpcCertificate}"} 20 ${optionalString useSSL "rpcsslprivatekeyfile=${cfg.rpcKey}"} 21 ${optionalString useSSL "rpcsslciphers=TLSv1.2+HIGH:TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH"} 22 txindex=1 23 txprevcache=1 24 ''; 25 26in 27 28{ 29 30 ###### interface 31 32 options = { 33 34 services.namecoind = { 35 36 enable = mkOption { 37 type = types.bool; 38 default = false; 39 description = '' 40 Whether to run namecoind. 41 ''; 42 }; 43 44 wallet = mkOption { 45 type = types.path; 46 example = "/etc/namecoin/wallet.dat"; 47 description = '' 48 Wallet file. The ownership of the file has to be 49 namecoin:namecoin, and the permissions must be 0640. 50 ''; 51 }; 52 53 userFile = mkOption { 54 type = types.nullOr types.path; 55 default = null; 56 example = "/etc/namecoin/user"; 57 description = '' 58 File containing the user name and user password to 59 authenticate RPC connections to namecoind. 60 The content of the file is of the form: 61 <literal> 62 USER=namecoin 63 PASSWORD=secret 64 </literal> 65 The ownership of the file has to be namecoin:namecoin, 66 and the permissions must be 0640. 67 ''; 68 }; 69 70 generate = mkOption { 71 type = types.bool; 72 default = false; 73 description = '' 74 Whether to generate (mine) Namecoins. 75 ''; 76 }; 77 78 rpcCertificate = mkOption { 79 type = types.nullOr types.path; 80 default = null; 81 example = "/etc/namecoin/server.cert"; 82 description = '' 83 Certificate file for securing RPC connections. 84 ''; 85 }; 86 87 rpcKey = mkOption { 88 type = types.nullOr types.path; 89 default = null; 90 example = "/etc/namecoin/server.pem"; 91 description = '' 92 Key file for securing RPC connections. 93 ''; 94 }; 95 96 }; 97 98 }; 99 100 101 ###### implementation 102 103 config = mkIf cfg.enable { 104 105 users.extraUsers = singleton 106 { name = "namecoin"; 107 uid = config.ids.uids.namecoin; 108 description = "Namecoin daemon user"; 109 home = "/var/lib/namecoin"; 110 createHome = true; 111 }; 112 113 users.extraGroups = singleton 114 { name = "namecoin"; 115 gid = config.ids.gids.namecoin; 116 }; 117 118 systemd.services.namecoind = { 119 description = "Namecoind Daemon"; 120 after = [ "network.target" ]; 121 wantedBy = [ "multi-user.target" ]; 122 preStart = '' 123 if [ "$(stat --printf '%u' ${cfg.userFile})" != "${toString config.ids.uids.namecoin}" \ 124 -o "$(stat --printf '%g' ${cfg.userFile})" != "${toString config.ids.gids.namecoin}" \ 125 -o "$(stat --printf '%a' ${cfg.userFile})" != "640" ]; then 126 echo "ERROR: bad ownership or rights on ${cfg.userFile}" >&2 127 exit 1 128 fi 129 if [ "$(stat --printf '%u' ${cfg.wallet})" != "${toString config.ids.uids.namecoin}" \ 130 -o "$(stat --printf '%g' ${cfg.wallet})" != "${toString config.ids.gids.namecoin}" \ 131 -o "$(stat --printf '%a' ${cfg.wallet})" != "640" ]; then 132 echo "ERROR: bad ownership or rights on ${cfg.wallet}" >&2 133 exit 1 134 fi 135 ''; 136 serviceConfig = { 137 Type = "simple"; 138 User = "namecoin"; 139 EnvironmentFile = cfg.userFile; 140 ExecStart = "${pkgs.altcoins.namecoind}/bin/namecoind -conf=${namecoinConf} -rpcuser=\${USER} -rpcpassword=\${PASSWORD} -printtoconsole"; 141 ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; 142 ExecStop = "${pkgs.coreutils}/bin/kill -KILL $MAINPID"; 143 StandardOutput = "null"; 144 Nice = "10"; 145 }; 146 }; 147 148 }; 149 150}