pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / ergo.nix
at 24.11-pre 3.7 kB view raw
1{ config, lib, options, pkgs, ... }: 2 3let 4 cfg = config.services.ergo; 5 opt = options.services.ergo; 6 7 inherit (lib) literalExpression mkEnableOption mkIf mkOption optionalString types; 8 9 configFile = pkgs.writeText "ergo.conf" ('' 10ergo { 11 directory = "${cfg.dataDir}" 12 node { 13 mining = false 14 } 15 wallet.secretStorage.secretDir = "${cfg.dataDir}/wallet/keystore" 16} 17 18scorex { 19 network { 20 bindAddress = "${cfg.listen.ip}:${toString cfg.listen.port}" 21 } 22'' + optionalString (cfg.api.keyHash != null) '' 23 restApi { 24 apiKeyHash = "${cfg.api.keyHash}" 25 bindAddress = "${cfg.api.listen.ip}:${toString cfg.api.listen.port}" 26 } 27'' + '' 28} 29''); 30 31in { 32 33 options = { 34 35 services.ergo = { 36 enable = mkEnableOption "Ergo service"; 37 38 dataDir = mkOption { 39 type = types.path; 40 default = "/var/lib/ergo"; 41 description = "The data directory for the Ergo node."; 42 }; 43 44 listen = { 45 ip = mkOption { 46 type = types.str; 47 default = "0.0.0.0"; 48 description = "IP address on which the Ergo node should listen."; 49 }; 50 51 port = mkOption { 52 type = types.port; 53 default = 9006; 54 description = "Listen port for the Ergo node."; 55 }; 56 }; 57 58 api = { 59 keyHash = mkOption { 60 type = types.nullOr types.str; 61 default = null; 62 example = "324dcf027dd4a30a932c441f365a25e86b173defa4b8e58948253471b81b72cf"; 63 description = "Hex-encoded Blake2b256 hash of an API key as a 64-chars long Base16 string."; 64 }; 65 66 listen = { 67 ip = mkOption { 68 type = types.str; 69 default = "0.0.0.0"; 70 description = "IP address that the Ergo node API should listen on if {option}`api.keyHash` is defined."; 71 }; 72 73 port = mkOption { 74 type = types.port; 75 default = 9052; 76 description = "Listen port for the API endpoint if {option}`api.keyHash` is defined."; 77 }; 78 }; 79 }; 80 81 testnet = mkOption { 82 type = types.bool; 83 default = false; 84 description = "Connect to testnet network instead of the default mainnet."; 85 }; 86 87 user = mkOption { 88 type = types.str; 89 default = "ergo"; 90 description = "The user as which to run the Ergo node."; 91 }; 92 93 group = mkOption { 94 type = types.str; 95 default = cfg.user; 96 defaultText = literalExpression "config.${opt.user}"; 97 description = "The group as which to run the Ergo node."; 98 }; 99 100 openFirewall = mkOption { 101 type = types.bool; 102 default = false; 103 description = "Open ports in the firewall for the Ergo node as well as the API."; 104 }; 105 }; 106 }; 107 108 config = mkIf cfg.enable { 109 110 systemd.tmpfiles.rules = [ 111 "d '${cfg.dataDir}' 0770 '${cfg.user}' '${cfg.group}' - -" 112 ]; 113 114 systemd.services.ergo = { 115 description = "ergo server"; 116 wantedBy = [ "multi-user.target" ]; 117 wants = [ "network-online.target" ]; 118 after = [ "network-online.target" ]; 119 serviceConfig = { 120 User = cfg.user; 121 Group = cfg.group; 122 ExecStart = ''${pkgs.ergo}/bin/ergo \ 123 ${optionalString (!cfg.testnet) 124 "--mainnet"} \ 125 -c ${configFile}''; 126 }; 127 }; 128 129 networking.firewall = mkIf cfg.openFirewall { 130 allowedTCPPorts = [ cfg.listen.port ] ++ [ cfg.api.listen.port ]; 131 }; 132 133 users.users.${cfg.user} = { 134 name = cfg.user; 135 group = cfg.group; 136 description = "Ergo daemon user"; 137 home = cfg.dataDir; 138 isSystemUser = true; 139 }; 140 141 users.groups.${cfg.group} = {}; 142 143 }; 144}