blob: 0dbb862b8ecd222efab37dabd4a1b20fd70a26e2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
{ config, lib, options, pkgs, ... }:
let
cfg = config.services.ergo;
opt = options.services.ergo;
inherit (lib) literalExpression mkEnableOption mkIf mkOption optionalString types;
configFile = pkgs.writeText "ergo.conf" (''
ergo {
directory = "${cfg.dataDir}"
node {
mining = false
}
wallet.secretStorage.secretDir = "${cfg.dataDir}/wallet/keystore"
}
scorex {
network {
bindAddress = "${cfg.listen.ip}:${toString cfg.listen.port}"
}
'' + optionalString (cfg.api.keyHash != null) ''
restApi {
apiKeyHash = "${cfg.api.keyHash}"
bindAddress = "${cfg.api.listen.ip}:${toString cfg.api.listen.port}"
}
'' + ''
}
'');
in {
options = {
services.ergo = {
enable = mkEnableOption "Ergo service";
dataDir = mkOption {
type = types.path;
default = "/var/lib/ergo";
description = lib.mdDoc "The data directory for the Ergo node.";
};
listen = {
ip = mkOption {
type = types.str;
default = "0.0.0.0";
description = lib.mdDoc "IP address on which the Ergo node should listen.";
};
port = mkOption {
type = types.port;
default = 9006;
description = lib.mdDoc "Listen port for the Ergo node.";
};
};
api = {
keyHash = mkOption {
type = types.nullOr types.str;
default = null;
example = "324dcf027dd4a30a932c441f365a25e86b173defa4b8e58948253471b81b72cf";
description = lib.mdDoc "Hex-encoded Blake2b256 hash of an API key as a 64-chars long Base16 string.";
};
listen = {
ip = mkOption {
type = types.str;
default = "0.0.0.0";
description = lib.mdDoc "IP address that the Ergo node API should listen on if {option}`api.keyHash` is defined.";
};
port = mkOption {
type = types.port;
default = 9052;
description = lib.mdDoc "Listen port for the API endpoint if {option}`api.keyHash` is defined.";
};
};
};
testnet = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Connect to testnet network instead of the default mainnet.";
};
user = mkOption {
type = types.str;
default = "ergo";
description = lib.mdDoc "The user as which to run the Ergo node.";
};
group = mkOption {
type = types.str;
default = cfg.user;
defaultText = literalExpression "config.${opt.user}";
description = lib.mdDoc "The group as which to run the Ergo node.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Open ports in the firewall for the Ergo node as well as the API.";
};
};
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' 0770 '${cfg.user}' '${cfg.group}' - -"
];
systemd.services.ergo = {
description = "ergo server";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
serviceConfig = {
User = cfg.user;
Group = cfg.group;
ExecStart = ''${pkgs.ergo}/bin/ergo \
${optionalString (!cfg.testnet)
"--mainnet"} \
-c ${configFile}'';
};
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.listen.port ] ++ [ cfg.api.listen.port ];
};
users.users.${cfg.user} = {
name = cfg.user;
group = cfg.group;
description = "Ergo daemon user";
home = cfg.dataDir;
isSystemUser = true;
};
users.groups.${cfg.group} = {};
};
}
|