commit 7a473d6701358974f67f646c80344ada2c649cfd · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

nixos/monero: add `environmentFile` option (#421759)

authored by Michele Guerini Rocco and committed by GitHub 7 months ago 7a473d67 76e420b2

+35 -1

2 changed files

expand all

unified split

nixos

doc

manual

release-notes

rl-2511.section.md

modules

services

networking

monero.nix

nixos/doc/manual/release-notes/rl-2511.section.md

··· 110 111 - `services.ntpd-rs` now performs configuration validation. 112 113 - `amdgpu` kernel driver overdrive mode can now be enabled by setting [hardware.amdgpu.overdrive.enable](#opt-hardware.amdgpu.overdrive.enable) and customized through [hardware.amdgpu.overdrive.ppfeaturemask](#opt-hardware.amdgpu.overdrive.ppfeaturemask). 114 This allows for fine-grained control over the GPU's performance and maybe required by overclocking softwares like Corectrl and Lact. These new options replace old options such as {option}`programs.corectrl.gpuOverclock.enable` and {option}`programs.tuxclocker.enableAMD`. 115

··· 110 111 - `services.ntpd-rs` now performs configuration validation. 112 113 + - `services.monero` now includes the `environmentFile` option for adding secrets to the Monero daemon config. 114 + 115 - `amdgpu` kernel driver overdrive mode can now be enabled by setting [hardware.amdgpu.overdrive.enable](#opt-hardware.amdgpu.overdrive.enable) and customized through [hardware.amdgpu.overdrive.ppfeaturemask](#opt-hardware.amdgpu.overdrive.ppfeaturemask). 116 This allows for fine-grained control over the GPU's performance and maybe required by overclocking softwares like Corectrl and Lact. These new options replace old options such as {option}`programs.corectrl.gpuOverclock.enable` and {option}`programs.tuxclocker.enableAMD`. 117

+33 -1

nixos/modules/services/networking/monero.nix

··· 226 ''; 227 }; 228 229 extraConfig = lib.mkOption { 230 type = lib.types.lines; 231 default = ""; ··· 257 after = [ "network.target" ]; 258 wantedBy = [ "multi-user.target" ]; 259 260 serviceConfig = { 261 User = "monero"; 262 Group = "monero"; 263 - ExecStart = "${lib.getExe' pkgs.monero-cli "monerod"} --config-file=${configFile} --non-interactive"; 264 Restart = "always"; 265 SuccessExitStatus = [ 266 0

··· 226 ''; 227 }; 228 229 + environmentFile = lib.mkOption { 230 + type = lib.types.nullOr lib.types.path; 231 + default = null; 232 + example = "/var/lib/monero/monerod.env"; 233 + description = '' 234 + Path to an EnvironmentFile for the monero service as defined in {manpage}`systemd.exec(5)`. 235 + 236 + Secrets may be passed to the service by specifying placeholder variables in the Nix config 237 + and setting values in the environment file. 238 + 239 + Example: 240 + 241 + ``` 242 + # In environment file: 243 + MINING_ADDRESS=888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H 244 + ``` 245 + 246 + ``` 247 + # Service config 248 + services.monero.mining.address = "$MINING_ADDRESS"; 249 + ``` 250 + ''; 251 + }; 252 + 253 extraConfig = lib.mkOption { 254 type = lib.types.lines; 255 default = ""; ··· 281 after = [ "network.target" ]; 282 wantedBy = [ "multi-user.target" ]; 283 284 + preStart = '' 285 + umask 077 286 + ${pkgs.envsubst}/bin/envsubst \ 287 + -i ${configFile} \ 288 + -o ${cfg.dataDir}/monerod.conf 289 + ''; 290 + 291 serviceConfig = { 292 User = "monero"; 293 Group = "monero"; 294 + EnvironmentFile = lib.mkIf (cfg.environmentFile != null) [ cfg.environmentFile ]; 295 + ExecStart = "${lib.getExe' pkgs.monero-cli "monerod"} --config-file=${cfg.dataDir}/monerod.conf --non-interactive"; 296 Restart = "always"; 297 SuccessExitStatus = [ 298 0