stakey/nix-decred
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
nix-decred/docs/vspd.md
stakeynet 18d4f84eb3
vspd: init at 1.4.0
2025-12-02 23:09:51 -08:00

65 lines
2.3 KiB
Markdown
Raw Blame History

# vspd options
`vspd` uses rpc credentials, so it's recommended to secure your secrets using a tool like [sops-nix](https://github.com/Mic92/sops-nix).
## sops-nix
Render `vspd.conf` with `sops-nix` and point the service at it. Example:
```nix
{ config, lib, pkgs, ... }:
{
# Define credentials as secrets
sops.secrets."vspd/adminpass" = {};
sops.secrets."dcrwallet/rpcpass" = {};
# Render vspd.conf owned by the vspd service user/group
sops.templates."vspd.conf" = {
owner = config.services.vspd.user;
group = config.services.vspd.group;
mode = "0440";
restartUnits = [ "vspd.service" ];
content = ''
[Application Options]
network = mainnet
# Web server
listen = 0.0.0.0:8800
adminpass = ${config.sops.placeholder."vspd/adminpass"}
supportemail = support@example.com
vspfee = 2.0
# dcrd connection
dcrdhost = 127.0.0.1:9109
dcrduser = myusername
dcrdpass = ${config.sops.placeholder."dcrwallet/rpcpass"}
dcrdcert = /var/lib/dcrd/rpc.cert
# dcrwallet connections
# Multiple wallets are comma-separated
wallethost = 10.0.0.1:9110,10.0.0.2:9110,10.0.0.3:9110
walletuser = wallet1user,wallet2user,wallet3user
walletpass = ${config.sops.placeholder."dcrwallet/rpcpass"},${config.sops.placeholder."dcrwallet/rpcpass"},${config.sops.placeholder."dcrwallet/rpcpass"}
walletcert = /var/lib/vspd/wallet1.cert,/var/lib/vspd/wallet2.cert,/var/lib/vspd/wallet3.cert
'';
};
# Ensure vspd only starts when the config exists
systemd.services.vspd.unitConfig.ConditionPathExists =
config.sops.templates."vspd.conf".path;
# Point the module to the rendered config
services.vspd = {
enable = true;
configFile = config.sops.templates."vspd.conf".path;
};
}
```
## Notes
- `vspd` expects its configuration file to be named `vspd.conf` and located in its home directory. The NixOS module handles this by symlinking the file provided in `configFile` to `/var/lib/vspd/vspd.conf` on startup.
- `vspd` requires access to the `rpc.cert` files for both `dcrd` and all voting `dcrwallet` instances. Ensure permissions are set correctly so the `vspd` user can read them.
- `vspd` periodically writes a backup of its database to `{homedir}/data/{network}/vspd.db-backup`.
Ensure this file is backed up regularly.
Reference in New Issue View Git Blame Copy Permalink