2021-09-15 10:14:57 +00:00
|
|
|
{ configDir, shellVersion ? null, extraShellInitCmds ? (pkgs: "") }:
|
2021-09-08 15:01:17 +00:00
|
|
|
let
|
2021-11-08 11:45:27 +00:00
|
|
|
pinned = import ../pkgs/nixpkgs-pinned.nix;
|
|
|
|
pkgs = import nixpkgs { config = {}; overlays = []; };
|
2021-09-25 19:43:31 +00:00
|
|
|
inherit (pkgs) lib;
|
2021-11-08 11:45:27 +00:00
|
|
|
inherit (pinned) nixpkgs;
|
2021-09-08 15:01:17 +00:00
|
|
|
nbPkgs = import ../pkgs { inherit pkgs; };
|
|
|
|
cfgDir = toString configDir;
|
2021-11-08 11:45:27 +00:00
|
|
|
setPath = lib.optionalString pkgs.stdenv.isLinux ''
|
2021-10-05 14:52:03 +00:00
|
|
|
export PATH="${lib.makeBinPath [ nbPkgs.pinned.extra-container ]}''${PATH:+:}$PATH"
|
2021-09-25 19:43:31 +00:00
|
|
|
'';
|
2021-09-08 15:01:17 +00:00
|
|
|
in
|
2021-09-25 19:43:31 +00:00
|
|
|
pkgs.stdenv.mkDerivation {
|
2021-09-08 15:01:17 +00:00
|
|
|
name = "nix-bitcoin-environment";
|
|
|
|
|
2021-11-08 11:45:26 +00:00
|
|
|
helpMessage = ''
|
|
|
|
nix-bitcoin path: ${toString ../.}
|
|
|
|
|
|
|
|
Available commands
|
|
|
|
==================
|
|
|
|
deploy
|
|
|
|
Run krops-deploy and eval-config in parallel.
|
|
|
|
This ensures that eval failures appear quickly when deploying.
|
|
|
|
In this case, deployment is stopped.
|
|
|
|
|
|
|
|
krops-deploy
|
|
|
|
Deploy your node via krops
|
|
|
|
|
|
|
|
eval-config
|
|
|
|
Evaluate your node system configuration
|
|
|
|
|
|
|
|
generate-secrets
|
|
|
|
Create secrets required by your node configuration.
|
|
|
|
Secrets are written to ./secrets/
|
|
|
|
This function is automatically called by krops-deploy.
|
|
|
|
|
|
|
|
update-nix-bitcoin
|
|
|
|
Fetch and use the latest version of nix-bitcoin
|
|
|
|
'';
|
|
|
|
|
2021-09-08 15:01:17 +00:00
|
|
|
shellHook = ''
|
|
|
|
export NIX_PATH="nixpkgs=${nixpkgs}:nix-bitcoin=${toString ../.}:."
|
2021-11-08 11:45:27 +00:00
|
|
|
${setPath}
|
2021-09-08 15:01:17 +00:00
|
|
|
export NIX_BITCOIN_EXAMPLES_DIR="${cfgDir}"
|
2021-11-08 11:45:27 +00:00
|
|
|
export nixpkgsUnstable="${pinned.nixpkgs-unstable}"
|
2021-09-08 15:01:17 +00:00
|
|
|
|
2021-09-13 08:23:49 +00:00
|
|
|
# Set isInteractive=1 if
|
|
|
|
# 1. stdout is a TTY, i.e. we're not piping the output
|
|
|
|
# 2. the shell is interactive
|
|
|
|
if [[ -t 1 && $- == *i* ]]; then isInteractive=1; else isInteractive=; fi
|
|
|
|
|
2021-11-08 11:45:26 +00:00
|
|
|
# Make this a non-environment var
|
|
|
|
export -n helpMessage
|
|
|
|
|
|
|
|
help() { echo "$helpMessage"; }
|
2021-09-08 15:01:19 +00:00
|
|
|
h() { help; }
|
|
|
|
|
2021-09-08 15:01:17 +00:00
|
|
|
fetch-release() {
|
|
|
|
${toString ./fetch-release}
|
|
|
|
}
|
|
|
|
|
2021-09-13 08:23:49 +00:00
|
|
|
update-nix-bitcoin() {(
|
|
|
|
set -euo pipefail
|
|
|
|
releaseFile="${cfgDir}/nix-bitcoin-release.nix"
|
|
|
|
current=$(cat "$releaseFile" 2>/dev/null || true)
|
|
|
|
new=$(fetch-release)
|
|
|
|
if [[ $new == $current ]]; then
|
|
|
|
echo "nix-bitcoin-release.nix already contains the latest release"
|
|
|
|
else
|
|
|
|
echo "$new" > "$releaseFile"
|
|
|
|
echo "Updated nix-bitcoin-release.nix"
|
|
|
|
if [[ $isInteractive ]]; then
|
|
|
|
exec nix-shell
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
)}
|
2021-09-08 15:01:19 +00:00
|
|
|
|
2021-09-08 15:01:18 +00:00
|
|
|
generate-secrets() {(
|
|
|
|
set -euo pipefail
|
2022-02-12 20:22:59 +00:00
|
|
|
config="${cfgDir}/krops/krops-configuration.nix"
|
|
|
|
if [[ ! -e $config ]]; then
|
|
|
|
config="${cfgDir}/configuration.nix"
|
|
|
|
fi
|
|
|
|
genSecrets=$(nix-build --no-out-link -I nixos-config="$config" \
|
2021-09-08 15:01:18 +00:00
|
|
|
'<nixpkgs/nixos>' -A config.nix-bitcoin.generateSecretsScript)
|
|
|
|
mkdir -p "${cfgDir}/secrets"
|
|
|
|
(cd "${cfgDir}/secrets"; $genSecrets)
|
|
|
|
)}
|
|
|
|
|
2021-09-08 15:01:19 +00:00
|
|
|
deploy() {(
|
|
|
|
set -euo pipefail
|
|
|
|
krops-deploy &
|
|
|
|
kropsPid=$!
|
|
|
|
if eval-config; then
|
|
|
|
wait $kropsPid
|
|
|
|
else
|
|
|
|
# Kill all subprocesses
|
|
|
|
kill $(pidClosure $kropsPid)
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
)}
|
|
|
|
|
2021-09-08 15:01:18 +00:00
|
|
|
krops-deploy() {(
|
|
|
|
set -euo pipefail
|
|
|
|
generate-secrets
|
2021-09-08 15:01:17 +00:00
|
|
|
# Ensure strict permissions on secrets/ directory before rsyncing it to
|
|
|
|
# the target machine
|
|
|
|
chmod 700 "${cfgDir}/secrets"
|
|
|
|
$(nix-build --no-out-link "${cfgDir}/krops/deploy.nix")
|
2021-09-08 15:01:18 +00:00
|
|
|
)}
|
2021-09-08 15:01:17 +00:00
|
|
|
|
2021-09-08 15:01:19 +00:00
|
|
|
eval-config() {
|
2021-12-07 14:28:09 +00:00
|
|
|
NIXOS_CONFIG="${cfgDir}/krops/krops-configuration.nix" \
|
|
|
|
nix-instantiate --eval ${nixpkgs}/nixos -A system.outPath | tr -d '"'
|
2021-09-08 15:01:19 +00:00
|
|
|
echo
|
|
|
|
}
|
|
|
|
|
|
|
|
pidClosure() {
|
|
|
|
echo "$1"
|
|
|
|
for pid in $(ps -o pid= --ppid "$1"); do
|
|
|
|
pidClosure "$pid"
|
|
|
|
done
|
|
|
|
}
|
|
|
|
|
2021-09-13 08:23:49 +00:00
|
|
|
if [[ $isInteractive ]]; then
|
2021-09-25 19:43:31 +00:00
|
|
|
${pkgs.figlet}/bin/figlet "nix-bitcoin"
|
2021-09-08 15:01:19 +00:00
|
|
|
echo 'Enter "h" or "help" for documentation.'
|
2021-09-08 15:01:17 +00:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Don't run this hook when another nix-shell is run inside this shell
|
|
|
|
unset shellHook
|
|
|
|
|
|
|
|
${extraShellInitCmds pkgs}
|
|
|
|
'';
|
|
|
|
}
|