stakey/nix-decred
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
nix-decred/docs/dcrwallet.md
stakeynet 90d1972cdc
init: dcrd, dcrwallet, and dcrctl at 2.0.6. init modules for dcrd and dcrwallet 
Signed-off-by: stakeynet <git@stakey.net>
2025-11-29 12:23:09 -08:00

96 lines
2.5 KiB
Markdown
Raw Blame History

# dcrwallet options
`dcrwallet` uses rpc credentials, so it's recommended to secure your secrets using a tool like [sops-nix](https://github.com/Mic92/sops-nix).
## sops-nix
Render `dcrwallet.conf` with `sops-nix` and point the service at it. For example, here's a sample configuration for a voting wallet:
```nix
{ config, lib, pkgs, ... }:
{
# Define credentials as secrets
sops.secrets."dcrwallet/rpcuser" = {};
sops.secrets."dcrwallet/rpcpass" = {};
sops.templates."dcrctl.conf" = {
path = "/home/operator/.dcrctl/dcrctl.conf";
owner = "operator";
group = "users";
mode = "0400";
content = ''
[Application Options]
rpcuser=${config.sops.placeholder."dcrwallet/rpcuser"}
rpcpass=${config.sops.placeholder."dcrwallet/rpcpass"}
rpccert=/var/lib/dcrwallet/rpc.cert
wallet=1
'';
};
sops.templates."dcrwallet.conf" = {
owner = config.services.dcrwallet.user;
group = config.services.dcrwallet.group;
mode = "0440";
restartUnits = [ "dcrwallet.service" ];
content = ''
[Application Options]
CAFile=/var/lib/dcrd/rpc.cert
rpclisten=0.0.0.0:9110
username=${config.sops.placeholder."dcrwallet/rpcpass"}
password=${config.sops.placeholder."dcrwallet/rpcpass"}
enablevoting=1
manualtickets=1
'';
};
# Ensure dcrwallet only starts when the config exists
systemd.services.dcrwallet.unitConfig.ConditionPathExists = config.sops.templates."dcrwallet.conf".path;
services.dcrwallet = {
enable = true;
configFile = config.sops.templates."dcrwallet.conf".path;
extraPackages = [
pkgs.dcrctl
pkgs.dcrd # promptsecret
];
operator = {
enable = true;
name = "stakey";
};
};
}
```
## Initialization
If you run dcrwallet as a service, here's how to intialize a wallet as `root`.
```bash
cd /var/lib/dcrwallet
export DCRWALLET_BIN=$(systemctl cat --runtime dcrwallet.service | grep ExecStart | awk '{print $1}' | cut -d= -f2)
doas -u dcrwallet $DCRWALLET_BIN \
--configfile=/run/secrets/rendered/dcrwallet.conf \
--appdata=/var/lib/dcrwallet \
--create
```
Then you need to start dcrwallet manually the first time to sync.
```sh
tmux new "doas -u dcrwallet $DCRWALLET_BIN --configfile=/run/secrets/rendered/dcrwallet.conf --appdata=/var/lib/dcrwallet"
```
## Using the operator
```sh
su - operator
dcrctl help
```
## Enable Voting
Use the operator account.
```sh
promptsecret | dcrwallet walletpassphrase - 0
```
Reference in New Issue View Git Blame Copy Permalink