stakey/nix-decred
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vspd: optionally vendor the webapi (public and templates)

Browse Source
This commit is contained in:
stakeynet
2025-12-02 16:40:42 -08:00
parent cf23980135
commit 46048f48ee
4 changed files with 32 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/dcrwallet.md
+1 -1
View File
@@ -66,7 +66,7 @@ If you run dcrwallet as a service, here's how to intialize a wallet as `root`.
```bash
cd /var/lib/dcrwallet
export DCRWALLET_BIN=$(systemctl cat --runtime dcrwallet.service | grep ExecStart | awk '{print $1}' | cut -d= -f2)
export DCRWALLET_BIN=$(systemctl cat --runtime dcrwallet.service | grep ExecStart= | awk '{print $1}' | cut -d= -f2)
doas -u dcrwallet $DCRWALLET_BIN \
--configfile=/run/secrets/rendered/dcrwallet.conf \
--appdata=/var/lib/dcrwallet \
docs/vspd.md
+5 -7
View File
@@ -11,9 +11,6 @@ Render `vspd.conf` with `sops-nix` and point the service at it. Example:
{
# Define credentials as secrets
sops.secrets."vspd/adminpass" = {};
sops.secrets."dcrd/rpcuser" = {};
sops.secrets."dcrd/rpcpass" = {};
sops.secrets."dcrwallet/rpcuser" = {};
sops.secrets."dcrwallet/rpcpass" = {};
# Render vspd.conf owned by the vspd service user/group
@@ -24,7 +21,7 @@ Render `vspd.conf` with `sops-nix` and point the service at it. Example:
restartUnits = [ "vspd.service" ];
content = ''
[Application Options]
network = mainnet
network = testnet
# Web server
listen = 0.0.0.0:8800
@@ -34,14 +31,14 @@ Render `vspd.conf` with `sops-nix` and point the service at it. Example:
# dcrd connection
dcrdhost = 127.0.0.1:9109
dcrduser = ${config.sops.placeholder."dcrd/rpcuser"}
dcrdpass = ${config.sops.placeholder."dcrd/rpcpass"}
dcrduser = myusername
dcrdpass = ${config.sops.placeholder."dcrwallet/rpcpass"}
dcrdcert = /var/lib/dcrd/rpc.cert
# dcrwallet connections
# Multiple wallets are comma-separated
wallethost = 10.0.0.1:9110,10.0.0.2:9110,10.0.0.3:9110
walletuser = ${config.sops.placeholder."dcrwallet/rpcuser"},${config.sops.placeholder."dcrwallet/rpcuser"},${config.sops.placeholder."dcrwallet/rpcuser"}
walletuser = wallet1user,wallet2user,wallet3user
walletpass = ${config.sops.placeholder."dcrwallet/rpcpass"},${config.sops.placeholder."dcrwallet/rpcpass"},${config.sops.placeholder."dcrwallet/rpcpass"}
walletcert = /var/lib/vspd/wallet1.cert,/var/lib/vspd/wallet2.cert,/var/lib/vspd/wallet3.cert
'';
@@ -62,6 +59,7 @@ Render `vspd.conf` with `sops-nix` and point the service at it. Example:
## Notes
- `vspd` expects its configuration file to be named `vspd.conf` and located in its home directory. The NixOS module handles this by symlinking the file provided in `configFile` to `/var/lib/vspd/vspd.conf` on startup.
- Web assets (`public` and `templates`) are symlinked to `services.vspd.webPath` if it is set (default `null`). Set this to a path (e.g. `/var/www/vspd`) to serve these assets with a web server like Caddy or Nginx.
- `vspd` requires access to the `rpc.cert` files for both `dcrd` and all voting `dcrwallet` instances. Ensure permissions are set correctly so the `vspd` user can read them.
- `vspd` periodically writes a backup of its database to `{homedir}/data/{network}/vspd.db-backup`.
Ensure this file is backed up regularly.