101 lines
2.8 KiB
Nix
101 lines
2.8 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
let
|
|
hostname = config.instance.hostname;
|
|
host-secrets = config.fudo.secrets.host-secrets.${hostname};
|
|
|
|
cfg = config.informis.services.chute;
|
|
|
|
make-env-file = { hostname, secret, passphrase, key, jabber-password ? null }:
|
|
pkgs.writeText "chute-environment" ''
|
|
COINBASE_API_HOSTNAME=${hostname}
|
|
COINBASE_API_SECRET=${secret}
|
|
COINBASE_API_PASSPHRASE=${passphrase}
|
|
COINBASE_API_KEY=${key}
|
|
${optionalString (jabber-password != null)
|
|
"JABBER_PASSWORD=${jabber-password}"}
|
|
'';
|
|
|
|
read-and-trim = filename:
|
|
removeSuffix "\n" (readFile filename);
|
|
|
|
in {
|
|
options.informis.services.chute = with types; {
|
|
enable = mkEnableOption "Enable the Chute cryptocurrency stopgap.";
|
|
|
|
jabber-user = mkOption {
|
|
type = nullOr str;
|
|
description = "User to which messages will be sent.";
|
|
default = null;
|
|
};
|
|
|
|
staging = {
|
|
secret-file = mkOption {
|
|
type = path;
|
|
description = "Path to file containing Coinbase API secret.";
|
|
};
|
|
|
|
key-file = mkOption {
|
|
type = path;
|
|
description = "Path to file containing Coinbase API key.";
|
|
};
|
|
|
|
passphrase-file = mkOption {
|
|
type = path;
|
|
description = "Path to file containing Coinbase API passphrase.";
|
|
};
|
|
};
|
|
};
|
|
|
|
config = let
|
|
chute-jabber-passwd =
|
|
pkgs.lib.passwd.stablerandom-passwd-file
|
|
"chute-jabber-passwd"
|
|
"chute-jabber-passwd-${config.instance.build-seed}";
|
|
in {
|
|
fudo = {
|
|
users.chute = {
|
|
uid = 11007;
|
|
primary-group = "informis";
|
|
common-name = "Chute Cryptocurrency Trader";
|
|
ldap-hashed-passwd =
|
|
pkgs.lib.passwd.hash-ldap-passwd "chute-jabber-passwd-ldaphash"
|
|
chute-jabber-passwd;
|
|
};
|
|
|
|
secrets.host-secrets.${hostname}.chute-staging-environment =
|
|
mkIf cfg.enable {
|
|
source-file = make-env-file {
|
|
hostname = "api-public.sandbox.exchange.coinbase.com";
|
|
secret = read-and-trim cfg.staging.secret-file;
|
|
passphrase = read-and-trim cfg.staging.passphrase-file;
|
|
key = read-and-trim cfg.staging.key-file;
|
|
jabber-password = read-and-trim chute-jabber-passwd;
|
|
};
|
|
target-file = "/run/chute/staging.env";
|
|
user = "root";
|
|
};
|
|
};
|
|
|
|
informis.chute = {
|
|
enable = cfg.enable;
|
|
stages = {
|
|
staging = mkIf cfg.enable {
|
|
package = pkgs.chuteUnstable;
|
|
environment-file =
|
|
host-secrets.chute-staging-environment.target-file;
|
|
jabber = {
|
|
jid = "chute@jabber.fudo.org";
|
|
target-jid = cfg.jabber-user;
|
|
resource = "procul-staging";
|
|
};
|
|
currencies = {
|
|
btc.stop-percentile = 98;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|