pyrox.dev / nixpkgs
lol
fork atom

nixos/monero: add `environmentFile` option (#421759)

Michele Guerini Rocco 7a473d67 76e420b2

options
unified split
Changed files
+35 -1
nixos
doc
manual
release-notes
rl-2511.section.md
modules
services
networking
monero.nix
+2
nixos/doc/manual/release-notes/rl-2511.section.md 
···

       
110

       
110

       
 

       



     

       
111

       
111

       
 

       
- `services.ntpd-rs` now performs configuration validation.


     

       
112

       
112

       
 

       



     

       

       
113

       
+

       
- `services.monero` now includes the `environmentFile` option for adding secrets to the Monero daemon config.


     

       

       
114

       
+

       



     

       
113

       
115

       
 

       
- `amdgpu` kernel driver overdrive mode can now be enabled by setting [hardware.amdgpu.overdrive.enable](#opt-hardware.amdgpu.overdrive.enable) and customized through [hardware.amdgpu.overdrive.ppfeaturemask](#opt-hardware.amdgpu.overdrive.ppfeaturemask).


     

       
114

       
116

       
 

       
  This allows for fine-grained control over the GPU's performance and maybe required by overclocking softwares like Corectrl and Lact. These new options replace old options such as {option}`programs.corectrl.gpuOverclock.enable` and {option}`programs.tuxclocker.enableAMD`.


     

       
115

       
117
+33 -1
nixos/modules/services/networking/monero.nix 
···

       
226

       
226

       
 

       
        '';


     

       
227

       
227

       
 

       
      };


     

       
228

       
228

       
 

       



     

       

       
229

       
+

       
      environmentFile = lib.mkOption {


     

       

       
230

       
+

       
        type = lib.types.nullOr lib.types.path;


     

       

       
231

       
+

       
        default = null;


     

       

       
232

       
+

       
        example = "/var/lib/monero/monerod.env";


     

       

       
233

       
+

       
        description = ''


     

       

       
234

       
+

       
          Path to an EnvironmentFile for the monero service as defined in {manpage}`systemd.exec(5)`.


     

       

       
235

       
+

       



     

       

       
236

       
+

       
          Secrets may be passed to the service by specifying placeholder variables in the Nix config


     

       

       
237

       
+

       
          and setting values in the environment file.


     

       

       
238

       
+

       



     

       

       
239

       
+

       
          Example:


     

       

       
240

       
+

       



     

       

       
241

       
+

       
          ```


     

       

       
242

       
+

       
          # In environment file:


     

       

       
243

       
+

       
          MINING_ADDRESS=888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H


     

       

       
244

       
+

       
          ```


     

       

       
245

       
+

       



     

       

       
246

       
+

       
          ```


     

       

       
247

       
+

       
          # Service config


     

       

       
248

       
+

       
          services.monero.mining.address = "$MINING_ADDRESS";


     

       

       
249

       
+

       
          ```


     

       

       
250

       
+

       
        '';


     

       

       
251

       
+

       
      };


     

       

       
252

       
+

       



     

       
229

       
253

       
 

       
      extraConfig = lib.mkOption {


     

       
230

       
254

       
 

       
        type = lib.types.lines;


     

       
231

       
255

       
 

       
        default = "";


     
···

       
257

       
281

       
 

       
      after = [ "network.target" ];


     

       
258

       
282

       
 

       
      wantedBy = [ "multi-user.target" ];


     

       
259

       
283

       
 

       



     

       

       
284

       
+

       
      preStart = ''


     

       

       
285

       
+

       
        umask 077


     

       

       
286

       
+

       
        ${pkgs.envsubst}/bin/envsubst \


     

       

       
287

       
+

       
          -i ${configFile} \


     

       

       
288

       
+

       
          -o ${cfg.dataDir}/monerod.conf


     

       

       
289

       
+

       
      '';


     

       

       
290

       
+

       



     

       
260

       
291

       
 

       
      serviceConfig = {


     

       
261

       
292

       
 

       
        User = "monero";


     

       
262

       
293

       
 

       
        Group = "monero";


     

       
263

       

       
-

       
        ExecStart = "${lib.getExe' pkgs.monero-cli "monerod"} --config-file=${configFile} --non-interactive";


     

       

       
294

       
+

       
        EnvironmentFile = lib.mkIf (cfg.environmentFile != null) [ cfg.environmentFile ];


     

       

       
295

       
+

       
        ExecStart = "${lib.getExe' pkgs.monero-cli "monerod"} --config-file=${cfg.dataDir}/monerod.conf --non-interactive";


     

       
264

       
296

       
 

       
        Restart = "always";


     

       
265

       
297

       
 

       
        SuccessExitStatus = [


     

       
266

       
298

       
 

       
          0