BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #187876 from jakubgs/geth-add-authrpc

Browse source 
go-ethereum: add support for Auth RPC CLI flags
This commit is contained in:
Pascal Bach 2022-08-26 17:16:48 +02:00 committed by GitHub
commit 481f9b246d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 37 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
nixos/modules/services/blockchain/ethereum/geth.nix
View file

@ -61,6 +61,35 @@ let
}; };
}; };
authrpc = {
enable = lib.mkEnableOption "Go Ethereum Auth RPC API";
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = lib.mdDoc "Listen address of Go Ethereum Auth RPC API.";
};
port = mkOption {
type = types.port;
default = 8551;
description = lib.mdDoc "Port number of Go Ethereum Auth RPC API.";
};
vhosts = mkOption {
type = types.nullOr (types.listOf types.str);
default = ["localhost"];
description = lib.mdDoc "List of virtual hostnames from which to accept requests.";
example = ["localhost" "geth.example.org"];
};
jwtsecret = mkOption {
type = types.str;
default = "";
description = lib.mdDoc "Path to a JWT secret for authenticated RPC endpoint.";
example = "/var/run/geth/jwtsecret";
};
};
metrics = { metrics = {
enable = lib.mkEnableOption "Go Ethereum prometheus metrics"; enable = lib.mkEnableOption "Go Ethereum prometheus metrics";
address = mkOption { address = mkOption {
@ -136,7 +165,10 @@ in
cfg.package cfg.package
]) eachGeth); ]) eachGeth);
systemd.services = mapAttrs' (gethName: cfg: ( systemd.services = mapAttrs' (gethName: cfg: let
stateDir = "goethereum/${gethName}/${if (cfg.network == null) then "mainnet" else cfg.network}";
dataDir = "/var/lib/${stateDir}";
in (
nameValuePair "geth-${gethName}" (mkIf cfg.enable { nameValuePair "geth-${gethName}" (mkIf cfg.enable {
description = "Go Ethereum node (${gethName})"; description = "Go Ethereum node (${gethName})";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
@ -145,7 +177,7 @@ in
serviceConfig = { serviceConfig = {
DynamicUser = true; DynamicUser = true;
Restart = "always"; Restart = "always";
StateDirectory = "goethereum/${gethName}/${if (cfg.network == null) then "mainnet" else cfg.network}"; StateDirectory = stateDir;
# Hardening measures # Hardening measures
PrivateTmp = "true"; PrivateTmp = "true";
@ -169,8 +201,10 @@ in
${if cfg.websocket.enable then ''--ws --ws.addr ${cfg.websocket.address} --ws.port ${toString cfg.websocket.port}'' else ""} \ ${if cfg.websocket.enable then ''--ws --ws.addr ${cfg.websocket.address} --ws.port ${toString cfg.websocket.port}'' else ""} \
${optionalString (cfg.websocket.apis != null) ''--ws.api ${lib.concatStringsSep "," cfg.websocket.apis}''} \ ${optionalString (cfg.websocket.apis != null) ''--ws.api ${lib.concatStringsSep "," cfg.websocket.apis}''} \
${optionalString cfg.metrics.enable ''--metrics --metrics.addr ${cfg.metrics.address} --metrics.port ${toString cfg.metrics.port}''} \ ${optionalString cfg.metrics.enable ''--metrics --metrics.addr ${cfg.metrics.address} --metrics.port ${toString cfg.metrics.port}''} \
--authrpc.addr ${cfg.authrpc.address} --authrpc.port ${toString cfg.authrpc.port} --authrpc.vhosts ${lib.concatStringsSep "," cfg.authrpc.vhosts} \
${if (cfg.authrpc.jwtsecret != "") then ''--authrpc.jwtsecret ${cfg.authrpc.jwtsecret}'' else ''--authrpc.jwtsecret ${dataDir}/geth/jwtsecret''} \
${lib.escapeShellArgs cfg.extraArgs} \ ${lib.escapeShellArgs cfg.extraArgs} \
--datadir /var/lib/goethereum/${gethName}/${if (cfg.network == null) then "mainnet" else cfg.network} --datadir ${dataDir}
''; '';
}))) eachGeth; }))) eachGeth;