{ config, lib, pkgs, ... }: let dcrdEnabled = config.services.dcrd.enable or false; cfg = config.services.vspd; in { options.services.vspd = with lib; { enable = mkEnableOption "Voting Service Provider Daemon"; package = mkOption { type = types.package; default = pkgs.vspd; description = "vspd package to use"; }; user = mkOption { type = types.str; default = "vspd"; description = "User to run vspd as"; }; group = mkOption { type = types.str; default = cfg.user; description = "Group to run vspd as"; }; dataDir = mkOption { type = types.path; default = "/var/lib/vspd"; description = "State directory for vspd"; }; configFile = mkOption { type = types.path; description = "Path to vspd.conf"; }; }; config = lib.mkIf cfg.enable { users.users.${cfg.user} = { group = cfg.group; home = cfg.dataDir; isSystemUser = true; description = "vspd user"; # vspd needs read access to the dcrd RPC certificate extraGroups = lib.optional (dcrdEnabled && config.services.dcrd.group != cfg.group) config.services.dcrd.group; }; users.groups.${cfg.group} = {}; systemd.services.vspd = { description = "Voting Service Provider Daemon"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; wants = [ "network-online.target" ]; serviceConfig = { User = cfg.user; Group = cfg.group; StateDirectory = "vspd"; StateDirectoryMode = "0750"; WorkingDirectory = cfg.dataDir; # Link the provided config file to the expected location in homedir ExecStartPre = "${pkgs.writeShellScript "vspd-pre-start" '' set -e ln -sf ${cfg.configFile} ${cfg.dataDir}/vspd.conf mkdir -p ${cfg.dataDir}/internal/webapi if [ ! -e "${cfg.dataDir}/internal/webapi/public" ]; then ln -sfn "${cfg.package}/share/vspd/internal/webapi/public" "${cfg.dataDir}/internal/webapi/public" fi if [ ! -e "${cfg.dataDir}/internal/webapi/templates" ]; then ln -sfn "${cfg.package}/share/vspd/internal/webapi/templates" "${cfg.dataDir}/internal/webapi/templates" fi ''}"; ExecStart = "${lib.getExe cfg.package} --homedir=${cfg.dataDir}"; Restart = "on-failure"; RestartSec = "10s"; }; }; }; }