···
6
-
cfg = config.services.namecoind;
6
+
cfg = config.services.namecoind;
7
+
dataDir = "/var/lib/namecoind";
8
+
useSSL = (cfg.rpc.certificate != null) && (cfg.rpc.key != null);
9
+
useRPC = (cfg.rpc.user != null) && (cfg.rpc.password != null);
10
-
useSSL = (cfg.rpcCertificate != null) && (cfg.rpcKey != null);
12
-
pkgs.writeText "namecoin.conf" ''
11
+
listToConf = option: list:
12
+
concatMapStrings (value :"${option}=${value}\n") list;
14
+
configFile = pkgs.writeText "namecoin.conf" (''
15
-
rpcallowip=127.0.0.1
gen=${if cfg.generate then "1" else "0"}
18
-
rpcssl=${if useSSL then "1" else "0"}
19
-
${optionalString useSSL "rpcsslcertificatechainfile=${cfg.rpcCertificate}"}
20
-
${optionalString useSSL "rpcsslprivatekeyfile=${cfg.rpcKey}"}
21
-
${optionalString useSSL "rpcsslciphers=TLSv1.2+HIGH:TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH"}
21
+
${listToConf "addnode" cfg.extraNodes}
22
+
${listToConf "connect" cfg.trustedNodes}
23
+
'' + optionalString useRPC ''
24
+
rpcbind=${cfg.rpc.address}
25
+
rpcport=${toString cfg.rpc.port}
26
+
rpcuser=${cfg.rpc.user}
27
+
rpcpassword=${cfg.rpc.password}
28
+
${listToConf "rpcallowip" cfg.rpc.allowFrom}
29
+
'' + optionalString useSSL ''
31
+
rpcsslcertificatechainfile=${cfg.rpc.certificate}
32
+
rpcsslprivatekeyfile=${cfg.rpc.key}
33
+
rpcsslciphers=TLSv1.2+HIGH:TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH
···
46
+
enable = mkEnableOption "namecoind, Namecoin client.";
50
+
default = "${dataDir}/wallet.dat";
52
+
Wallet file. The ownership of the file has to be
53
+
namecoin:namecoin, and the permissions must be 0640.
57
+
generate = mkOption {
40
-
Whether to run namecoind.
61
+
Whether to generate (mine) Namecoins.
46
-
example = "/etc/namecoin/wallet.dat";
65
+
extraNodes = mkOption {
66
+
type = types.listOf types.str;
69
+
List of additional peer IP addresses to connect to.
73
+
trustedNodes = mkOption {
74
+
type = types.listOf types.str;
77
+
List of the only peer IP addresses to connect to. If specified
78
+
no other connection will be made.
82
+
rpc.user = mkOption {
83
+
type = types.nullOr types.str;
48
-
Wallet file. The ownership of the file has to be
49
-
namecoin:namecoin, and the permissions must be 0640.
86
+
User name for RPC connections.
53
-
userFile = mkOption {
54
-
type = types.nullOr types.path;
90
+
rpc.password = mkOption {
56
-
example = "/etc/namecoin/user";
58
-
File containing the user name and user password to
59
-
authenticate RPC connections to namecoind.
60
-
The content of the file is of the form:
65
-
The ownership of the file has to be namecoin:namecoin,
66
-
and the permissions must be 0640.
94
+
Password for RPC connections.
70
-
generate = mkOption {
98
+
rpc.address = mkOption {
100
+
default = "0.0.0.0";
102
+
IP address the RPC server will bind to.
106
+
rpc.port = mkOption {
74
-
Whether to generate (mine) Namecoins.
110
+
Port the RPC server will bind to.
78
-
rpcCertificate = mkOption {
114
+
rpc.certificate = mkOption {
type = types.nullOr types.path;
81
-
example = "/etc/namecoin/server.cert";
117
+
example = "/var/lib/namecoind/server.cert";
Certificate file for securing RPC connections.
123
+
rpc.key = mkOption {
type = types.nullOr types.path;
90
-
example = "/etc/namecoin/server.pem";
126
+
example = "/var/lib/namecoind/server.pem";
Key file for securing RPC connections.
133
+
rpc.allowFrom = mkOption {
134
+
type = types.listOf types.str;
135
+
default = [ "127.0.0.1" ];
137
+
List of IP address ranges allowed to use the RPC API.
138
+
Wiledcards (*) can be user to specify a range.
···
config = mkIf cfg.enable {
105
-
users.extraUsers = singleton
106
-
{ name = "namecoin";
107
-
uid = config.ids.uids.namecoin;
108
-
description = "Namecoin daemon user";
109
-
home = "/var/lib/namecoin";
151
+
services.dnschain.extraConfig = ''
153
+
config = ${configFile}
156
+
users.extraUsers = singleton {
158
+
uid = config.ids.uids.namecoin;
159
+
description = "Namecoin daemon user";
164
+
users.extraGroups = singleton {
166
+
gid = config.ids.gids.namecoin;
169
+
systemd.services.namecoind = {
170
+
description = "Namecoind daemon";
171
+
after = [ "network.target" ];
172
+
wantedBy = [ "multi-user.target" ];
176
+
Griup = "namecoin";
177
+
ExecStart = "${pkgs.altcoins.namecoind}/bin/namecoind -conf=${configFile} -datadir=${dataDir} -printtoconsole";
178
+
ExecStop = "${pkgs.coreutils}/bin/kill -KILL $MAINPID";
179
+
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
182
+
TimeoutStopSec = "60s";
183
+
TimeoutStartSec = "2s";
184
+
Restart = "always";
185
+
StartLimitInterval = "120s";
186
+
StartLimitBurst = "5";
113
-
users.extraGroups = singleton
114
-
{ name = "namecoin";
115
-
gid = config.ids.gids.namecoin;
189
+
preStart = optionalString (cfg.wallet != "${dataDir}/wallet.dat") ''
190
+
# check wallet file permissions
191
+
if [ "$(stat --printf '%u' ${cfg.wallet})" != "${toString config.ids.uids.namecoin}" \
192
+
-o "$(stat --printf '%g' ${cfg.wallet})" != "${toString config.ids.gids.namecoin}" \
193
+
-o "$(stat --printf '%a' ${cfg.wallet})" != "640" ]; then
194
+
echo "ERROR: bad ownership or rights on ${cfg.wallet}" >&2
118
-
systemd.services.namecoind = {
119
-
description = "Namecoind Daemon";
120
-
after = [ "network.target" ];
121
-
wantedBy = [ "multi-user.target" ];
123
-
if [ "$(stat --printf '%u' ${cfg.userFile})" != "${toString config.ids.uids.namecoin}" \
124
-
-o "$(stat --printf '%g' ${cfg.userFile})" != "${toString config.ids.gids.namecoin}" \
125
-
-o "$(stat --printf '%a' ${cfg.userFile})" != "640" ]; then
126
-
echo "ERROR: bad ownership or rights on ${cfg.userFile}" >&2
129
-
if [ "$(stat --printf '%u' ${cfg.wallet})" != "${toString config.ids.uids.namecoin}" \
130
-
-o "$(stat --printf '%g' ${cfg.wallet})" != "${toString config.ids.gids.namecoin}" \
131
-
-o "$(stat --printf '%a' ${cfg.wallet})" != "640" ]; then
132
-
echo "ERROR: bad ownership or rights on ${cfg.wallet}" >&2
139
-
EnvironmentFile = cfg.userFile;
140
-
ExecStart = "${pkgs.altcoins.namecoind}/bin/namecoind -conf=${namecoinConf} -rpcuser=\${USER} -rpcpassword=\${PASSWORD} -printtoconsole";
141
-
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
142
-
ExecStop = "${pkgs.coreutils}/bin/kill -KILL $MAINPID";
143
-
StandardOutput = "null";
pyrox.dev