From bbf24851f02f46305272e38ee8a48b2f58f85200 Mon Sep 17 00:00:00 2001 From: Mike Heier Date: Sat, 12 Aug 2023 11:42:56 -0400 Subject: [PATCH] new try --- flake.nix | 3 +-- module.nix | 32 ++++++++++++++++---------------- 2 files changed, 17 insertions(+), 18 deletions(-) diff --git a/flake.nix b/flake.nix index 55ffca6..1a64cc7 100644 --- a/flake.nix +++ b/flake.nix @@ -27,7 +27,6 @@ ''; nativeBuildInputs = [ cargo clang cmake ]; }; - # default = "${productName}"; }; devShells.default = mkShell { @@ -47,7 +46,7 @@ nixosModules = { # add moduleA from flakeA as an output # moduleA = flakeA.nixosModules.moduleA; - default = import ./module.nix; + default = import ./module.nix { inherit nixpkgs }; }; }); } \ No newline at end of file diff --git a/module.nix b/module.nix index d7a601e..117f390 100644 --- a/module.nix +++ b/module.nix @@ -36,20 +36,20 @@ let }; group = mkOption { type = types.str; - default = cfg.user; + default = config.services.blockstream-electrs.user; description = mdDoc "The group as which to run electrs."; }; tor.enforce = nbLib.tor.enforce; }; - cfg = config.services.blockstream-electrs; + # config.services.blockstream-electrs = config.services.blockstream-electrs; nbLib = config.nix-bitcoin.lib; secretsDir = config.nix-bitcoin.secretsDir; bitcoind = config.services.bitcoind; in { inherit options; - config = mkIf cfg.enable { + config = mkIf config.services.blockstream-electrs.enable { assertions = [ { assertion = bitcoind.prune == 0; message = "electrs does not support bitcoind pruning."; @@ -62,7 +62,7 @@ in { }; systemd.tmpfiles.rules = [ - "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -" + "d '${config.services.blockstream-electrs.dataDir}' 0770 ${config.services.blockstream-electrs.user} ${config.services.blockstream-electrs.group} - -" ]; systemd.services.blockstream-electrs = { @@ -75,32 +75,32 @@ in { ''; serviceConfig = nbLib.defaultHardening // { # electrs only uses the working directory for reading electrs.toml - WorkingDirectory = cfg.dataDir; + WorkingDirectory = config.services.blockstream-electrs.dataDir; ExecStart = '' ${self.packages.${system}.blockstream-electrs}/bin/electrs \ --log-filters=INFO \ --network=${bitcoind.makeNetworkName "bitcoin" "regtest"} \ - --db-dir='${cfg.dataDir}' \ + --db-dir='${config.services.blockstream-electrs.dataDir}' \ --daemon-dir='${bitcoind.dataDir}' \ - --electrum-rpc-addr=${cfg.address}:${toString cfg.port} \ - --monitoring-addr=${cfg.address}:${toString cfg.monitoringPort} \ + --electrum-rpc-addr=${config.services.blockstream-electrs.address}:${toString config.services.blockstream-electrs.port} \ + --monitoring-addr=${config.services.blockstream-electrs.address}:${toString config.services.blockstream-electrs.monitoringPort} \ --daemon-rpc-addr=${nbLib.addressWithPort bitcoind.rpc.address bitcoind.rpc.port} \ --daemon-p2p-addr=${nbLib.addressWithPort bitcoind.address bitcoind.whitelistedPort} \ - ${cfg.extraArgs} + ${config.services.blockstream-electrs.extraArgs} ''; - User = cfg.user; - Group = cfg.group; + User = config.services.blockstream-electrs.user; + Group = config.services.blockstream-electrs.group; Restart = "on-failure"; RestartSec = "10s"; - ReadWritePaths = [ cfg.dataDir ]; - } // nbLib.allowedIPAddresses cfg.tor.enforce; + ReadWritePaths = [ config.services.blockstream-electrs.dataDir ]; + } // nbLib.allowedIPAddresses config.services.blockstream-electrs.tor.enforce; }; - users.users.${cfg.user} = { + users.users.${config.services.blockstream-electrs.user} = { isSystemUser = true; - group = cfg.group; + group = config.services.blockstream-electrs.group; extraGroups = [ "bitcoinrpc-public" ]; }; - users.groups.${cfg.group} = {}; + users.groups.${config.services.blockstream-electrs.group} = {}; }; } \ No newline at end of file