2021-08-16 08:42:07 +00:00
|
|
|
{
|
|
|
|
description = ''
|
|
|
|
A collection of Nix packages and NixOS modules for easily
|
|
|
|
installing full-featured Bitcoin nodes with an emphasis on security.
|
|
|
|
'';
|
|
|
|
|
|
|
|
inputs = {
|
2021-12-08 12:12:32 +00:00
|
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.11";
|
2021-10-28 20:23:25 +00:00
|
|
|
nixpkgsUnstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
2021-08-16 08:42:07 +00:00
|
|
|
flake-utils.url = "github:numtide/flake-utils";
|
|
|
|
};
|
|
|
|
|
|
|
|
outputs = { self, nixpkgs, nixpkgsUnstable, flake-utils }:
|
|
|
|
let
|
|
|
|
supportedSystems = [ "x86_64-linux" "i686-linux" "aarch64-linux" ];
|
|
|
|
in
|
|
|
|
rec {
|
2021-12-27 15:58:14 +00:00
|
|
|
lib = {
|
|
|
|
mkNbPkgs = {
|
|
|
|
system
|
2022-02-03 19:46:25 +00:00
|
|
|
, pkgs ? nixpkgs.legacyPackages.${system}
|
|
|
|
, pkgsUnstable ? nixpkgsUnstable.legacyPackages.${system}
|
2021-12-27 15:58:14 +00:00
|
|
|
}:
|
|
|
|
import ./pkgs { inherit pkgs pkgsUnstable; };
|
|
|
|
};
|
2021-08-16 08:42:07 +00:00
|
|
|
|
|
|
|
overlay = final: prev: let
|
2021-12-27 15:58:14 +00:00
|
|
|
nbPkgs = lib.mkNbPkgs { inherit (final) system; pkgs = final; };
|
2021-08-16 08:42:07 +00:00
|
|
|
in removeAttrs nbPkgs [ "pinned" "nixops19_09" "krops" ];
|
|
|
|
|
2021-12-27 15:58:15 +00:00
|
|
|
nixosModule = { config, pkgs, lib, ... }: {
|
|
|
|
imports = [ ./modules/modules.nix ];
|
|
|
|
|
|
|
|
options = with lib; {
|
|
|
|
nix-bitcoin.useVersionLockedPkgs = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
|
|
|
description = ''
|
|
|
|
Use the nixpkgs version locked by this flake for `nix-bitcoin.pkgs`.
|
|
|
|
Only relevant if you are using a nixpkgs version for evaluating your system
|
|
|
|
that differs from the one that is locked by this flake (via input `nixpkgs`).
|
|
|
|
If this is the case, enabling this option may result in a more stable system
|
|
|
|
because the nix-bitcoin services use the exact pkgs versions that are tested
|
|
|
|
by nix-bitcoin.
|
|
|
|
The downsides are increased evaluation times and increased system
|
|
|
|
closure size.
|
|
|
|
|
|
|
|
If `false`, the default system pkgs are used.
|
|
|
|
'';
|
|
|
|
};
|
2021-08-16 08:42:07 +00:00
|
|
|
};
|
|
|
|
|
2021-12-27 15:58:15 +00:00
|
|
|
config = {
|
|
|
|
nix-bitcoin.pkgs =
|
|
|
|
if config.nix-bitcoin.useVersionLockedPkgs
|
|
|
|
then (self.lib.mkNbPkgs { inherit (config.nixpkgs) system; }).modulesPkgs
|
|
|
|
else (self.lib.mkNbPkgs { inherit (pkgs) system; inherit pkgs; }).modulesPkgs;
|
2021-08-16 08:42:07 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
defaultTemplate = {
|
|
|
|
description = "Basic node template";
|
|
|
|
path = ./examples/flakes;
|
|
|
|
};
|
|
|
|
|
|
|
|
} // (flake-utils.lib.eachSystem supportedSystems (system:
|
|
|
|
let
|
2022-02-03 19:46:25 +00:00
|
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
2021-08-16 08:42:07 +00:00
|
|
|
|
2021-12-27 15:58:14 +00:00
|
|
|
nbPkgs = self.lib.mkNbPkgs { inherit system pkgs; };
|
|
|
|
|
2021-08-16 08:42:07 +00:00
|
|
|
mkVMScript = vm: pkgs.writers.writeBash "run-vm" ''
|
|
|
|
set -euo pipefail
|
|
|
|
export TMPDIR=$(mktemp -d /tmp/nix-bitcoin-vm.XXX)
|
|
|
|
trap "rm -rf $TMPDIR" EXIT
|
|
|
|
export NIX_DISK_IMAGE=$TMPDIR/nixos.qcow2
|
|
|
|
QEMU_OPTS="-smp $(nproc) -m 1500" ${vm}/bin/run-*-vm
|
|
|
|
'';
|
|
|
|
in rec {
|
|
|
|
packages = flake-utils.lib.flattenTree (removeAttrs nbPkgs [
|
2021-12-10 13:07:59 +00:00
|
|
|
"pinned" "modulesPkgs" "nixops19_09" "krops" "generate-secrets" "netns-exec"
|
2021-08-16 08:42:07 +00:00
|
|
|
]) // {
|
|
|
|
runVM = mkVMScript packages.vm;
|
|
|
|
|
|
|
|
# This is a simple demo VM.
|
|
|
|
# See ./examples/flakes/flake.nix on how to use nix-bitcoin with flakes.
|
|
|
|
vm = let
|
|
|
|
nix-bitcoin = self;
|
|
|
|
in
|
|
|
|
(import "${nixpkgs}/nixos" {
|
|
|
|
inherit system;
|
|
|
|
configuration = {
|
|
|
|
imports = [
|
2021-12-27 15:58:15 +00:00
|
|
|
nix-bitcoin.nixosModule
|
2021-08-16 08:42:07 +00:00
|
|
|
"${nix-bitcoin}/modules/presets/secure-node.nix"
|
|
|
|
];
|
|
|
|
|
|
|
|
nix-bitcoin.generateSecrets = true;
|
|
|
|
services.clightning.enable = true;
|
|
|
|
# For faster startup in offline VMs
|
|
|
|
services.clightning.extraConfig = "disable-dns";
|
|
|
|
|
|
|
|
nixpkgs.pkgs = pkgs;
|
|
|
|
virtualisation.graphics = false;
|
|
|
|
services.getty.autologinUser = "root";
|
|
|
|
nix.nixPath = [ "nixpkgs=${nixpkgs}" ];
|
|
|
|
};
|
|
|
|
}).vm;
|
|
|
|
};
|
|
|
|
|
2021-12-27 15:58:14 +00:00
|
|
|
# Allow accessing the whole nested `nbPkgs` attrset (including `modulesPkgs`)
|
|
|
|
# via this flake.
|
|
|
|
# `packages` is not allowed to contain nested pkgs attrsets.
|
2022-02-03 19:46:24 +00:00
|
|
|
legacyPackages = nbPkgs;
|
2021-12-27 15:58:14 +00:00
|
|
|
|
2021-08-16 08:42:07 +00:00
|
|
|
defaultApp = apps.vm;
|
|
|
|
|
|
|
|
apps = {
|
|
|
|
# Run a basic nix-bitcoin node in a VM
|
|
|
|
vm = {
|
|
|
|
type = "app";
|
|
|
|
program = toString packages.runVM;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|
|
|
|
));
|
|
|
|
}
|