nixos/bee-clef: init at 0.4.7
This commit is contained in:
parent
35a9d23b82
commit
c61c0cc04f
|
@ -610,6 +610,7 @@
|
||||||
./services/networking/avahi-daemon.nix
|
./services/networking/avahi-daemon.nix
|
||||||
./services/networking/babeld.nix
|
./services/networking/babeld.nix
|
||||||
./services/networking/bee.nix
|
./services/networking/bee.nix
|
||||||
|
./services/networking/bee-clef.nix
|
||||||
./services/networking/biboumi.nix
|
./services/networking/biboumi.nix
|
||||||
./services/networking/bind.nix
|
./services/networking/bind.nix
|
||||||
./services/networking/bitcoind.nix
|
./services/networking/bitcoind.nix
|
||||||
|
|
107
nixos/modules/services/networking/bee-clef.nix
Normal file
107
nixos/modules/services/networking/bee-clef.nix
Normal file
|
@ -0,0 +1,107 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
# NOTE for now nothing is installed into /etc/bee-clef/. the config files are used as read-only from the nix store.
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
cfg = config.services.bee-clef;
|
||||||
|
in {
|
||||||
|
meta = {
|
||||||
|
maintainers = with maintainers; [ attila-lendvai ];
|
||||||
|
};
|
||||||
|
|
||||||
|
### interface
|
||||||
|
|
||||||
|
options = {
|
||||||
|
services.bee-clef = {
|
||||||
|
enable = mkEnableOption "clef external signer instance for Ethereum Swarm Bee";
|
||||||
|
|
||||||
|
dataDir = mkOption {
|
||||||
|
type = types.nullOr types.str;
|
||||||
|
default = "/var/lib/bee-clef";
|
||||||
|
description = ''
|
||||||
|
Data dir for bee-clef. Beware that some helper scripts may not work when changed!
|
||||||
|
The service itself should work fine, though.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
passwordFile = mkOption {
|
||||||
|
type = types.nullOr types.str;
|
||||||
|
default = "/var/lib/bee-clef/password";
|
||||||
|
description = "Password file for bee-clef.";
|
||||||
|
};
|
||||||
|
|
||||||
|
user = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "bee-clef";
|
||||||
|
description = ''
|
||||||
|
User the bee-clef daemon should execute under.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
group = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "bee-clef";
|
||||||
|
description = ''
|
||||||
|
Group the bee-clef daemon should execute under.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
### implementation
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
# if we ever want to have rules.js under /etc/bee-clef/
|
||||||
|
# environment.etc."bee-clef/rules.js".source = ${pkgs.bee-clef}/rules.js
|
||||||
|
|
||||||
|
systemd.packages = [ pkgs.bee-clef ]; # include the upstream bee-clef.service file
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d '${cfg.dataDir}/' 0750 ${cfg.user} ${cfg.group}"
|
||||||
|
"d '${cfg.dataDir}/keystore' 0700 ${cfg.user} ${cfg.group}"
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.services.bee-clef = {
|
||||||
|
path = [
|
||||||
|
# these are needed for the ensure-clef-account script
|
||||||
|
pkgs.coreutils
|
||||||
|
pkgs.gnused
|
||||||
|
pkgs.gawk
|
||||||
|
];
|
||||||
|
|
||||||
|
wantedBy = [ "bee.service" "multi-user.target" ];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
User = cfg.user;
|
||||||
|
Group = cfg.group;
|
||||||
|
ExecStartPre = ''${pkgs.bee-clef}/share/bee-clef/ensure-clef-account "${cfg.dataDir}" "${pkgs.bee-clef}/share/bee-clef/"'';
|
||||||
|
ExecStart = [
|
||||||
|
"" # this hides/overrides what's in the original entry
|
||||||
|
"${pkgs.bee-clef}/share/bee-clef/bee-clef-service start"
|
||||||
|
];
|
||||||
|
ExecStop = [
|
||||||
|
"" # this hides/overrides what's in the original entry
|
||||||
|
"${pkgs.bee-clef}/share/bee-clef/bee-clef-service stop"
|
||||||
|
];
|
||||||
|
Environment = [
|
||||||
|
"CONFIGDIR=${cfg.dataDir}"
|
||||||
|
"PASSWORD_FILE=${cfg.passwordFile}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users = optionalAttrs (cfg.user == "bee-clef") {
|
||||||
|
bee-clef = {
|
||||||
|
group = cfg.group;
|
||||||
|
home = cfg.dataDir;
|
||||||
|
isSystemUser = true;
|
||||||
|
description = "Daemon user for the bee-clef service";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
users.groups = optionalAttrs (cfg.group == "bee-clef") {
|
||||||
|
bee-clef = {};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue