nixos-config/modules/gateway-st.nix

63 lines
1.9 KiB
Nix
Raw Normal View History

2022-03-02 18:34:06 +01:00
{
2022-06-12 16:39:15 +01:00
name,
port ? 7777,
}: {
config,
lib,
options,
pkgs,
...
}:
with lib; let
gateway = pkgs.callPackage ../packages/gateway-st.nix {};
in {
2022-03-02 18:58:08 +01:00
systemd.services."storj-gateway@${name}" = {
description = "storj gateway ${name}";
2022-06-12 16:39:15 +01:00
after = ["network.target"];
wantedBy = ["multi-user.target"];
2022-03-02 18:58:08 +01:00
preStart = ''
cd $HOME
mkdir -p ${name}
echo -n "access: " > ${name}/config.yaml
cat /run/secrets/services/storj/${name}/accessGrant >> ${name}/config.yaml
echo "" >> ${name}/config.yaml
echo -n "minio.access-key: " >> ${name}/config.yaml
cat /run/secrets/services/storj/${name}/accessKey >> ${name}/config.yaml
echo "" >> ${name}/config.yaml
echo -n "minio.secret-key: " >> ${name}/config.yaml
cat /run/secrets/services/storj/${name}/secretKey >> ${name}/config.yaml
echo "" >> ${name}/config.yaml
'';
serviceConfig = {
Type = "simple";
User = "storj";
Group = "storj";
WorkingDirectory = "/var/lib/storj";
2022-03-02 19:01:50 +01:00
ExecStart = "${gateway}/bin/gateway run --config-dir /var/lib/storj/${name} --server.address 127.0.0.1:${builtins.toString port}";
2022-03-02 18:58:08 +01:00
Restart = "always";
RuntimeDirectory = "storj";
RuntimeDirectoryMode = "0700";
Umask = "0077";
2022-06-12 16:39:15 +01:00
ReadWritePaths = ["/var/lib/storj"]; # Grant access to the state directory
2022-03-02 18:58:08 +01:00
};
environment = {
USER = "storj";
HOME = "/var/lib/storj";
};
2022-03-02 18:34:06 +01:00
};
2022-03-02 18:58:08 +01:00
users.users.storj = {
description = "storj user";
home = "/var/lib/storj";
useDefaultShell = true;
group = "storj";
isSystemUser = true;
};
2022-06-12 16:39:15 +01:00
users.groups.storj = {};
2022-03-02 18:58:08 +01:00
systemd.tmpfiles.rules = [
"d '/var/lib/storj' 0700 storj storj - -"
];
sops.secrets."services/storj/${name}/accessGrant".owner = "storj";
sops.secrets."services/storj/${name}/accessKey".owner = "storj";
sops.secrets."services/storj/${name}/secretKey".owner = "storj";
2022-03-02 18:34:06 +01:00
}