diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 1e5393f26b5..8ee92f695b4 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -229,6 +229,7 @@ riak = 205; shout = 206; gateone = 207; + namecoin = 208; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -436,6 +437,7 @@ riak = 205; #shout = 206; #unused gateone = 207; + #namecoin = 208; #unused # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 8ee54ce7ef4..17243882e77 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -303,6 +303,7 @@ ./services/networking/minidlna.nix ./services/networking/mstpd.nix ./services/networking/murmur.nix + ./services/networking/namecoind.nix ./services/networking/nat.nix ./services/networking/networkmanager.nix ./services/networking/ngircd.nix diff --git a/nixos/modules/services/networking/namecoind.nix b/nixos/modules/services/networking/namecoind.nix new file mode 100644 index 00000000000..7c7c700ab94 --- /dev/null +++ b/nixos/modules/services/networking/namecoind.nix @@ -0,0 +1,128 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.namecoind; + + namecoinConf = + let + useSSL = (cfg.rpcCertificate != null) && (cfg.rpcKey != null); + in + pkgs.writeText "namecoin.conf" '' + server=1 + daemon=0 + rpcallowip=127.0.0.1 + walletpath=${cfg.wallet} + gen=${if cfg.generate then "1" else "0"} + rpcssl=${if useSSL then "1" else "0"} + ${optionalString useSSL "rpcsslcertificatechainfile=${cfg.rpcCertificate}"} + ${optionalString useSSL "rpcsslprivatekeyfile=${cfg.rpcKey}"} + ${optionalString useSSL "rpcsslciphers=TLSv1.2+HIGH:TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH"} + txindex=1 + txprevcache=1 + ''; + +in + +{ + + ###### interface + + options = { + + services.namecoind = { + + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to run namecoind. + ''; + }; + + wallet = mkOption { + type = types.path; + example = "/etc/namecoin/wallet.dat"; + description = '' + Wallet file. + ''; + }; + + userFile = mkOption { + type = types.nullOr types.path; + default = null; + example = "/etc/namecoin/user"; + description = '' + File containing the user name and user password to + authenticate RPC connections to namecoind. + The content of the file is of the form: + + USER=namecoin + PASSWORD=secret + + ''; + }; + + generate = mkOption { + type = types.bool; + default = false; + description = '' + Whether to generate (mine) Namecoins. + ''; + }; + + rpcCertificate = mkOption { + type = types.nullOr types.path; + default = null; + example = "/etc/namecoin/server.cert"; + description = '' + Certificate file for securing RPC connections. + ''; + }; + + rpcKey = mkOption { + type = types.nullOr types.path; + default = null; + example = "/etc/namecoin/server.pem"; + description = '' + Key file for securing RPC connections. + ''; + }; + + }; + + }; + + + ###### implementation + + config = mkIf cfg.enable { + + users.extraUsers = singleton + { name = "namecoin"; + uid = config.ids.uids.namecoin; + description = "Namecoin daemon user"; + home = "/var/lib/namecoin"; + createHome = true; + }; + + systemd.services.namecoind = { + description = "Namecoind Daemon"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "simple"; + User = "namecoin"; + EnvironmentFile = cfg.userFile; + ExecStart = "${pkgs.altcoins.namecoind}/bin/namecoind -conf=${namecoinConf} -rpcuser=$USER -rpcpassword=$PASSWORD -printtoconsole"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + ExecStop = "${pkgs.coreutils}/bin/kill -KILL $MAINPID"; + StandardOutput = "null"; + Nice = "10"; + }; + }; + + }; + +}