tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-11 02:07:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules/services/finance/taler/module.nix
Atemu 7c51b855f7 nixos/taler: init module 
basic config set that makes the service at least start

add secmod helpers and taler-global runtime dir

support for includes

taler denominations

Only enable services if taler is enabled

fix wirewatch service name

use correct permissions for database schema

The current permissions don't work or aren't enough and cause the
wirewatch and closer services to fail.

nixos/libeufin: init module

libeufin: refactor module

libeufin: add main service

nixos/taler: configure settings using options

Works, but can be refactored further

taler: refactor settings options

trim settings defaults to the absolutely necessary ones

nixos/libeufin: refactor and move to separate dir

nixos/libeufin: set defaultText

nixos/libeufin: use getExe

nixos/libeufin-bank: move to own dir

nixos/libeufin: move libeufin related config into its own config file

nixos/libeufin/bank: extract dbinitServiceName into var

nixos/libeufin: move script to ExecStart

nixos/libeufin: fix config file name

nixos/taler: refactor config file

nixos/taler-exchange: grant delete to taler-exchange-aggregator

Would repeatedly attempt to delete in a table where it wasn't allowed to and
cause insane spam in the postgres log.

nixos/taler/exchange: move exchange-specific options to exchange

nixos/taler: move generic taler settings into taler system module

nixos/taler: import exchange in module-list.nix

nixos/taler-exchange: refactor services group name

nixos/taler-exchange: use taler-harness to generate coins

The taler-wallet-cli does not have the deployment subcommand anymore,
but the docs still say that it should be used to generate the keys.

For now, the keys should be generated with taler-harness.

nixos/taler-exchange: add option to enable accounts

nixos/taler: add missing descriptions

nixos/taler(exchange): add description & use getExe'

nixos/taler(merchant): init submodule

nixos/taler: use correct script for db access

nixos/taler: merchant add depositcheck path

nixos/taler: review suggestions

nixos/taler: make runtimeDir into an option, refactor

nixos/taler: init mkTalerModule

nixos/taler: use mkTalerModule for exchange

nixos/taler: exchange fixups

nixos/taler: use mkTalerModule for merchant

nixos/taler: improve how dbInit script is created

nixos/taler: remove exchange enableAccounts option

nixos/taler: explicitly specify psql user

Sometimes the dbinit service fails to find the user.

nixos/taler: add openFirewall option; install package

feat: add assertions, remove throw

feat(taler): use module system instead of functions

Also:
- remove throw from denominateConfig
- rename `utils.nix` to `common.nix`

feat(taler): refactor modules

feat: move taler module to services/finance

refactor(exchange): replace throw with assert

refactor(exchange,merchant): settings options

fix(taler): manpage URLs

fix(exchange): public key assert

refactor(taler): use configFile

feat(taler): include component configs directly

Makes services detect config changes better.
2025-01-13 09:03:30 +01:00

94 lines
2.8 KiB
Nix
Raw Blame History

{
lib,
pkgs,
config,
...
}:
let
cfg = config.services.taler;
settingsFormat = pkgs.formats.ini { };
in
{
# TODO turn this into a generic taler-like service thingy?
options.services.taler = {
enable = lib.mkEnableOption "the GNU Taler system" // lib.mkOption { internal = true; };
includes = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [ ];
description = ''
Files to include into the config file using Taler's `@inline@` directive.
This allows including arbitrary INI files, including imperatively managed ones.
'';
};
settings = lib.mkOption {
description = ''
Global configuration options for the taler config file.
For a list of all possible options, please see the man page [`taler.conf(5)`](https://docs.taler.net/manpages/taler.conf.5.html)
'';
type = lib.types.submodule {
freeformType = settingsFormat.type;
options = {
taler = {
CURRENCY = lib.mkOption {
type = lib.types.nonEmptyStr;
description = ''
The currency which taler services will operate with. This cannot be changed later.
'';
};
CURRENCY_ROUND_UNIT = lib.mkOption {
type = lib.types.str;
default = "${cfg.settings.taler.CURRENCY}:0.01";
defaultText = lib.literalExpression ''
"''${config.services.taler.settings.taler.CURRENCY}:0.01"
'';
description = ''
Smallest amount in this currency that can be transferred using the underlying RTGS.
You should probably not touch this.
'';
};
};
};
};
default = { };
};
runtimeDir = lib.mkOption {
type = lib.types.str;
default = "/run/taler-system-runtime/";
description = ''
Runtime directory shared between the taler services.
Crypto helpers put their sockets here for instance and the httpd
connects to them.
'';
};
};
config = lib.mkIf cfg.enable {
services.taler.settings.PATHS = {
TALER_DATA_HOME = "\${STATE_DIRECTORY}/";
TALER_CACHE_HOME = "\${CACHE_DIRECTORY}/";
TALER_RUNTIME_DIR = cfg.runtimeDir;
};
environment.etc."taler/taler.conf".source =
let
includes = pkgs.writers.writeText "includes.conf" (
lib.concatStringsSep "\n" (map (include: "@inline@ ${include}") cfg.includes)
);
generatedConfig = settingsFormat.generate "generated-taler.conf" cfg.settings;
in
pkgs.runCommand "taler.conf" { } ''
cat ${includes} > $out
echo >> $out
echo >> $out
cat ${generatedConfig} >> $out
'';
};
}
Reference in a new issue View git blame Copy permalink