pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / wasabibackend.nix
at master 5.5 kB view raw
1{ 2 config, 3 lib, 4 options, 5 pkgs, 6 ... 7}: 8 9let 10 cfg = config.services.wasabibackend; 11 opt = options.services.wasabibackend; 12 13 inherit (lib) 14 literalExpression 15 mkEnableOption 16 mkIf 17 mkOption 18 optionalAttrs 19 optionalString 20 types 21 ; 22 23 confOptions = { 24 BitcoinRpcConnectionString = "${cfg.rpc.user}:${cfg.rpc.password}"; 25 } 26 // optionalAttrs (cfg.network == "mainnet") { 27 Network = "Main"; 28 MainNetBitcoinP2pEndPoint = "${cfg.endpoint.ip}:${toString cfg.endpoint.port}"; 29 MainNetBitcoinCoreRpcEndPoint = "${cfg.rpc.ip}:${toString cfg.rpc.port}"; 30 } 31 // optionalAttrs (cfg.network == "testnet") { 32 Network = "TestNet"; 33 TestNetBitcoinP2pEndPoint = "${cfg.endpoint.ip}:${toString cfg.endpoint.port}"; 34 TestNetBitcoinCoreRpcEndPoint = "${cfg.rpc.ip}:${toString cfg.rpc.port}"; 35 } 36 // optionalAttrs (cfg.network == "regtest") { 37 Network = "RegTest"; 38 RegTestBitcoinP2pEndPoint = "${cfg.endpoint.ip}:${toString cfg.endpoint.port}"; 39 RegTestBitcoinCoreRpcEndPoint = "${cfg.rpc.ip}:${toString cfg.rpc.port}"; 40 }; 41 42 configFile = pkgs.writeText "wasabibackend.conf" (builtins.toJSON confOptions); 43 44in 45{ 46 47 options = { 48 49 services.wasabibackend = { 50 enable = mkEnableOption "Wasabi backend service"; 51 52 dataDir = mkOption { 53 type = types.path; 54 default = "/var/lib/wasabibackend"; 55 description = "The data directory for the Wasabi backend node."; 56 }; 57 58 customConfigFile = mkOption { 59 type = types.nullOr types.path; 60 default = null; 61 description = "Defines the path to a custom configuration file that is copied to the user's directory. Overrides any config options."; 62 }; 63 64 network = mkOption { 65 type = types.enum [ 66 "mainnet" 67 "testnet" 68 "regtest" 69 ]; 70 default = "mainnet"; 71 description = "The network to use for the Wasabi backend service."; 72 }; 73 74 endpoint = { 75 ip = mkOption { 76 type = types.str; 77 default = "127.0.0.1"; 78 description = "IP address for P2P connection to bitcoind."; 79 }; 80 81 port = mkOption { 82 type = types.port; 83 default = 8333; 84 description = "Port for P2P connection to bitcoind."; 85 }; 86 }; 87 88 rpc = { 89 ip = mkOption { 90 type = types.str; 91 default = "127.0.0.1"; 92 description = "IP address for RPC connection to bitcoind."; 93 }; 94 95 port = mkOption { 96 type = types.port; 97 default = 8332; 98 description = "Port for RPC connection to bitcoind."; 99 }; 100 101 user = mkOption { 102 type = types.str; 103 default = "bitcoin"; 104 description = "RPC user for the bitcoin endpoint."; 105 }; 106 107 password = mkOption { 108 type = types.str; 109 default = "password"; 110 description = "RPC password for the bitcoin endpoint. Warning: this is stored in cleartext in the Nix store! Use `configFile` or `passwordFile` if needed."; 111 }; 112 113 passwordFile = mkOption { 114 type = types.nullOr types.path; 115 default = null; 116 description = "File that contains the password of the RPC user."; 117 }; 118 }; 119 120 user = mkOption { 121 type = types.str; 122 default = "wasabibackend"; 123 description = "The user as which to run the wasabibackend node."; 124 }; 125 126 group = mkOption { 127 type = types.str; 128 default = cfg.user; 129 defaultText = literalExpression "config.${opt.user}"; 130 description = "The group as which to run the wasabibackend node."; 131 }; 132 }; 133 }; 134 135 config = mkIf cfg.enable { 136 137 systemd.tmpfiles.rules = [ 138 "d '${cfg.dataDir}' 0770 '${cfg.user}' '${cfg.group}' - -" 139 ]; 140 141 systemd.services.wasabibackend = { 142 description = "wasabibackend server"; 143 wantedBy = [ "multi-user.target" ]; 144 wants = [ "network-online.target" ]; 145 after = [ "network-online.target" ]; 146 environment = { 147 DOTNET_PRINT_TELEMETRY_MESSAGE = "false"; 148 DOTNET_CLI_TELEMETRY_OPTOUT = "true"; 149 }; 150 preStart = '' 151 mkdir -p ${cfg.dataDir}/.walletwasabi/backend 152 ${ 153 if cfg.customConfigFile != null then 154 '' 155 cp -v ${cfg.customConfigFile} ${cfg.dataDir}/.walletwasabi/backend/Config.json 156 '' 157 else 158 '' 159 cp -v ${configFile} ${cfg.dataDir}/.walletwasabi/backend/Config.json 160 ${optionalString (cfg.rpc.passwordFile != null) '' 161 CONFIGTMP=$(mktemp) 162 cat ${cfg.dataDir}/.walletwasabi/backend/Config.json | ${pkgs.jq}/bin/jq --arg rpconnection "${cfg.rpc.user}:$(cat "${cfg.rpc.passwordFile}")" '. + { BitcoinRpcConnectionString: $rpconnection }' > $CONFIGTMP 163 mv $CONFIGTMP ${cfg.dataDir}/.walletwasabi/backend/Config.json 164 ''} 165 '' 166 } 167 chmod ug+w ${cfg.dataDir}/.walletwasabi/backend/Config.json 168 ''; 169 serviceConfig = { 170 User = cfg.user; 171 Group = cfg.group; 172 ExecStart = "${pkgs.wasabibackend}/bin/WasabiBackend"; 173 ProtectSystem = "full"; 174 }; 175 }; 176 177 users.users.${cfg.user} = { 178 name = cfg.user; 179 group = cfg.group; 180 description = "wasabibackend daemon user"; 181 home = cfg.dataDir; 182 isSystemUser = true; 183 }; 184 185 users.groups.${cfg.group} = { }; 186 187 }; 188}