Merge #264: Fix containers for nixpkgs 20.09

f1681f5b45 add option nix-bitcoin.pkgs, remove overlay (Erik Arvstedt)
b1a5f5e7b9 don't add service-only pkgs to systemPackages (Erik Arvstedt)
e39ad358a4 lnd: remove unused bitcoind from PATH (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK f1681f5b45

Tree-SHA512: 1f55b015da3ab9696b6503b37bcf282e0c2776ea81117881e1b91d4807c4741c8fa9d0258d5e3fcd162b46836b245cf6f19ac8c0ca01481488de04df8eb39f96
This commit is contained in:
Jonas Nick 2020-11-11 20:47:21 +00:00
commit 3ba5888268
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
17 changed files with 42 additions and 49 deletions

View File

@ -59,7 +59,7 @@ in {
enable = mkEnableOption "Bitcoin daemon";
package = mkOption {
type = types.package;
default = pkgs.nix-bitcoin.bitcoind;
default = config.nix-bitcoin.pkgs.bitcoind;
defaultText = "pkgs.blockchains.bitcoind";
description = "The package providing bitcoin binaries.";
};

View File

@ -5,13 +5,13 @@ with lib;
let
cfg = config.services;
inherit (config) nix-bitcoin-services;
nbPkgs = config.nix-bitcoin.pkgs;
in {
options.services = {
nbxplorer = {
package = mkOption {
type = types.package;
default = pkgs.nix-bitcoin.nbxplorer;
defaultText = "pkgs.nix-bitcoin.nbxplorer";
default = nbPkgs.nbxplorer;
description = "The package providing nbxplorer binaries.";
};
dataDir = mkOption {
@ -51,8 +51,7 @@ in {
enable = mkEnableOption "btcpayserver";
package = mkOption {
type = types.package;
default = pkgs.nix-bitcoin.btcpayserver;
defaultText = "pkgs.nix-bitcoin.btcpayserver";
default = nbPkgs.btcpayserver;
description = "The package providing btcpayserver binaries.";
};
dataDir = mkOption {

View File

@ -5,6 +5,7 @@ with lib;
let
cfg = config.services.clightning;
inherit (config) nix-bitcoin-services;
nbPkgs = config.nix-bitcoin.pkgs;
onion-chef-service = (if cfg.announce-tor then [ "onion-chef.service" ] else []);
network = config.services.bitcoind.makeNetworkName "bitcoin" "regtest";
configFile = pkgs.writeText "config" ''
@ -49,7 +50,7 @@ in {
'';
};
bind-addr = mkOption {
type = pkgs.nix-bitcoin.lib.ipv4Address;
type = nbPkgs.lib.ipv4Address;
default = "127.0.0.1";
description = "Set an IP address or UNIX domain socket to listen to";
};
@ -92,7 +93,7 @@ in {
readOnly = true;
default = pkgs.writeScriptBin "lightning-cli"
''
${pkgs.nix-bitcoin.clightning}/bin/lightning-cli --lightning-dir='${cfg.dataDir}' "$@"
${nbPkgs.clightning}/bin/lightning-cli --lightning-dir='${cfg.dataDir}' "$@"
'';
description = "Binary to connect with the clightning instance.";
};
@ -102,7 +103,7 @@ in {
config = mkIf cfg.enable {
services.bitcoind.enable = true;
environment.systemPackages = [ pkgs.nix-bitcoin.clightning (hiPrio cfg.cli) ];
environment.systemPackages = [ nbPkgs.clightning (hiPrio cfg.cli) ];
users.users.${cfg.user} = {
description = "clightning User";
group = cfg.group;
@ -118,7 +119,7 @@ in {
services.onion-chef.access.clightning = if cfg.announce-tor then [ "clightning" ] else [];
systemd.services.clightning = {
description = "Run clightningd";
path = [ pkgs.nix-bitcoin.bitcoind ];
path = [ nbPkgs.bitcoind ];
wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ] ++ onion-chef-service;
after = [ "bitcoind.service" ] ++ onion-chef-service;
@ -132,7 +133,7 @@ in {
${optionalString cfg.announce-tor "echo announce-addr=$(cat /var/lib/onion-chef/clightning/clightning) >> '${cfg.dataDir}/config'"}
'';
serviceConfig = nix-bitcoin-services.defaultHardening // {
ExecStart = "${pkgs.nix-bitcoin.clightning}/bin/lightningd --lightning-dir=${cfg.dataDir}";
ExecStart = "${nbPkgs.clightning}/bin/lightningd --lightning-dir=${cfg.dataDir}";
User = "${cfg.user}";
Restart = "on-failure";
RestartSec = "10s";

View File

@ -63,8 +63,6 @@ in {
services.bitcoind.enable = true;
environment.systemPackages = [ pkgs.nix-bitcoin.electrs ];
systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
];
@ -83,7 +81,7 @@ in {
RuntimeDirectoryMode = "700";
WorkingDirectory = "/run/electrs";
ExecStart = ''
${pkgs.nix-bitcoin.electrs}/bin/electrs -vvv \
${config.nix-bitcoin.pkgs.electrs}/bin/electrs -vvv \
${if cfg.high-memory then
traceIf (!bitcoind.dataDirReadableByGroup) ''
Warning: For optimal electrs syncing performance, enable services.bitcoind.dataDirReadableByGroup.

View File

@ -42,10 +42,10 @@ in {
}
];
environment.systemPackages = with pkgs; [
nix-bitcoin.hwi
environment.systemPackages = [
config.nix-bitcoin.pkgs.hwi
# Provides lsusb for debugging
usbutils
pkgs.usbutils
];
users.groups."${cfg.group}" = {};
nix-bitcoin.operator.groups = [ cfg.group ];

View File

@ -5,6 +5,7 @@ with lib;
let
cfg = config.services.joinmarket;
inherit (config) nix-bitcoin-services;
nbPkgs = config.nix-bitcoin.pkgs;
secretsDir = config.nix-bitcoin.secretsDir;
inherit (config.services) bitcoind;
@ -77,7 +78,7 @@ let
# so run them inside dataDir.
cli = pkgs.runCommand "joinmarket-cli" {} ''
mkdir -p $out/bin
jm=${pkgs.nix-bitcoin.joinmarket}/bin
jm=${nbPkgs.joinmarket}/bin
cd $jm
for bin in jm-*; do
{
@ -181,13 +182,13 @@ in {
# (like with pipes)
cd ${cfg.dataDir} && \
out=$(sudo -u ${cfg.user} \
${pkgs.nix-bitcoin.joinmarket}/bin/jm-genwallet \
${nbPkgs.joinmarket}/bin/jm-genwallet \
--datadir=${cfg.dataDir} $walletname $pw)
recoveryseed=$(echo "$out" | grep 'recovery_seed')
echo "$recoveryseed" | cut -d ':' -f2 > $mnemonic
fi
'');
ExecStart = "${pkgs.nix-bitcoin.joinmarket}/bin/joinmarketd";
ExecStart = "${nbPkgs.joinmarket}/bin/joinmarketd";
WorkingDirectory = "${cfg.dataDir}"; # The service creates 'commitmentlist' in the working dir
User = "${cfg.user}";
Restart = "on-failure";
@ -201,7 +202,7 @@ in {
nix-bitcoin.secrets.jm-wallet-password.user = cfg.user;
systemd.services.joinmarket-yieldgenerator = let
ygDefault = "${pkgs.nix-bitcoin.joinmarket}/bin/jm-yg-privacyenhanced";
ygDefault = "${nbPkgs.joinmarket}/bin/jm-yg-privacyenhanced";
ygBinary = if cfg.yieldgenerator.customParameters == "" then
ygDefault
else

View File

@ -51,7 +51,6 @@ in {
"d '${cfg.dataDir}' 0700 ${user} ${group} - -"
];
environment.systemPackages = [ pkgs.nix-bitcoin.lightning-charge ];
systemd.services.lightning-charge = {
description = "Run lightning-charge";
wantedBy = [ "multi-user.target" ];
@ -70,7 +69,7 @@ in {
# Needed to access clightning.dataDir in preStart
PermissionsStartOnly = "true";
EnvironmentFile = "${config.nix-bitcoin.secretsDir}/lightning-charge-env";
ExecStart = "${pkgs.nix-bitcoin.lightning-charge}/bin/charged -l ${config.services.clightning.dataDir}/bitcoin -d ${cfg.dataDir}/lightning-charge.db -i ${cfg.host} ${cfg.extraArgs}";
ExecStart = "${config.nix-bitcoin.pkgs.lightning-charge}/bin/charged -l ${config.services.clightning.dataDir}/bitcoin -d ${cfg.dataDir}/lightning-charge.db -i ${cfg.host} ${cfg.extraArgs}";
User = user;
Restart = "on-failure";
RestartSec = "10s";

View File

@ -50,8 +50,7 @@ in {
};
package = mkOption {
type = types.package;
default = pkgs.nix-bitcoin.lightning-loop;
defaultText = "pkgs.nix-bitcoin.lightning-loop";
default = config.nix-bitcoin.pkgs.lightning-loop;
description = "The package providing lightning-loop binaries.";
};
dataDir = mkOption {

View File

@ -5,6 +5,7 @@ with lib;
let
cfg = config.services.liquidd;
inherit (config) nix-bitcoin-services;
nbPkgs = config.nix-bitcoin.pkgs;
secretsDir = config.nix-bitcoin.secretsDir;
pidFile = "${cfg.dataDir}/liquidd.pid";
configFile = pkgs.writeText "elements.conf" ''
@ -206,13 +207,13 @@ in {
cli = mkOption {
readOnly = true;
default = pkgs.writeScriptBin "elements-cli" ''
${pkgs.nix-bitcoin.elementsd}/bin/elements-cli -datadir='${cfg.dataDir}' "$@"
${nbPkgs.elementsd}/bin/elements-cli -datadir='${cfg.dataDir}' "$@"
'';
description = "Binary to connect with the liquidd instance.";
};
swapCli = mkOption {
default = pkgs.writeScriptBin "liquidswap-cli" ''
${pkgs.nix-bitcoin.liquid-swap}/bin/liquidswap-cli -c '${cfg.dataDir}/elements.conf' "$@"
${nbPkgs.liquid-swap}/bin/liquidswap-cli -c '${cfg.dataDir}/elements.conf' "$@"
'';
description = "Binary for managing liquid swaps.";
};
@ -224,7 +225,7 @@ in {
services.bitcoind.enable = true;
environment.systemPackages = [
pkgs.nix-bitcoin.elementsd
nbPkgs.elementsd
(hiPrio cfg.cli)
(hiPrio cfg.swapCli)
];
@ -249,7 +250,7 @@ in {
Type = "simple";
User = "${cfg.user}";
Group = "${cfg.group}";
ExecStart = "${pkgs.nix-bitcoin.elementsd}/bin/elementsd ${cmdlineOptions}";
ExecStart = "${nbPkgs.elementsd}/bin/elementsd ${cmdlineOptions}";
PIDFile = "${pidFile}";
Restart = "on-failure";
ReadWritePaths = "${cfg.dataDir}";

View File

@ -56,7 +56,7 @@ in {
description = "The network data directory.";
};
listen = mkOption {
type = pkgs.nix-bitcoin.lib.ipv4Address;
type = config.nix-bitcoin.pkgs.lib.ipv4Address;
default = "localhost";
description = "Bind to given address to listen to peer connections";
};
@ -130,8 +130,7 @@ in {
};
package = mkOption {
type = types.package;
default = pkgs.nix-bitcoin.lnd;
defaultText = "pkgs.nix-bitcoin.lnd";
default = config.nix-bitcoin.pkgs.lnd;
description = "The package providing lnd binaries.";
};
cli = mkOption {
@ -171,7 +170,6 @@ in {
services.onion-chef.access.lnd = if cfg.announce-tor then [ "lnd" ] else [];
systemd.services.lnd = {
description = "Run LND";
path = [ pkgs.nix-bitcoin.bitcoind ];
wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ] ++ onion-chef-service;
after = [ "bitcoind.service" ] ++ onion-chef-service;

View File

@ -36,6 +36,11 @@
readOnly = true;
default = import ./nix-bitcoin-services.nix lib pkgs;
};
nix-bitcoin.pkgs = lib.mkOption {
type = lib.types.attrs;
default = (import ../pkgs { inherit pkgs; }).modulesPkgs;
};
};
config = {
@ -48,12 +53,5 @@
'';
}
];
nixpkgs.overlays = [ (self: super: {
nix-bitcoin = let
pkgs = import ../pkgs { pkgs = super; };
in
pkgs // pkgs.pinned;
}) ];
};
}

View File

@ -79,8 +79,6 @@ in {
services.lightning-charge.enable = true;
environment.systemPackages = [ pkgs.nix-bitcoin.nanopos ];
services.nginx = {
enable = true;
virtualHosts."_" = {
@ -101,7 +99,7 @@ in {
after = [ "lightning-charge.service" ];
serviceConfig = nix-bitcoin-services.defaultHardening // {
EnvironmentFile = "${config.nix-bitcoin.secretsDir}/nanopos-env";
ExecStart = "${pkgs.nix-bitcoin.nanopos}/bin/nanopos -y ${cfg.itemsFile} -i ${toString cfg.host} -p ${toString cfg.port} -c ${toString cfg.charged-url} --show-bolt11 ${cfg.extraArgs}";
ExecStart = "${config.nix-bitcoin.pkgs.nanopos}/bin/nanopos -y ${cfg.itemsFile} -i ${toString cfg.host} -p ${toString cfg.port} -c ${toString cfg.charged-url} --show-bolt11 ${cfg.extraArgs}";
User = "nanopos";
Restart = "on-failure";
RestartSec = "10s";

View File

@ -102,7 +102,7 @@ in {
boot.kernel.sysctl."net.ipv4.ip_forward" = true;
security.wrappers.netns-exec = {
source = pkgs.nix-bitcoin.netns-exec;
source = config.nix-bitcoin.pkgs.netns-exec;
capabilities = "cap_sys_admin=ep";
owner = cfg.allowedUser;
permissions = "u+rx,g+rx,o-rwx";

View File

@ -6,7 +6,7 @@ let
cfg = config.services.recurring-donations;
inherit (config) nix-bitcoin-services;
recurring-donations-script = pkgs.writeScript "recurring-donations.sh" ''
LNCLI="${pkgs.nix-bitcoin.clightning}/bin/lightning-cli --lightning-dir=${config.services.clightning.dataDir}"
LNCLI="${config.nix-bitcoin.pkgs.clightning}/bin/lightning-cli --lightning-dir=${config.services.clightning.dataDir}"
pay_tallycoin() {
NAME=$1
AMOUNT=$2

View File

@ -20,7 +20,7 @@ with lib;
cd "${config.nix-bitcoin.secretsDir}"
chown root: .
chmod 0700 .
${pkgs.nix-bitcoin.generate-secrets}
${config.nix-bitcoin.pkgs.generate-secrets}
'';
};
}

View File

@ -14,7 +14,7 @@ let
${optionalString cfg.onion-service ''
publicURL="--public-url http://$(cat /var/lib/onion-chef/spark-wallet/spark-wallet)"
''}
exec ${pkgs.nix-bitcoin.spark-wallet}/bin/spark-wallet \
exec ${config.nix-bitcoin.pkgs.spark-wallet}/bin/spark-wallet \
--ln-path '${config.services.clightning.networkDir}' \
--host ${cfg.host} \
--config '${config.nix-bitcoin.secretsDir}/spark-wallet-login' \
@ -54,7 +54,6 @@ in {
config = mkIf cfg.enable {
services.clightning.enable = true;
environment.systemPackages = [ pkgs.nix-bitcoin.spark-wallet ];
users.users.spark-wallet = {
description = "spark-wallet User";
group = "spark-wallet";

View File

@ -1,5 +1,5 @@
{ pkgs ? import <nixpkgs> {} }:
{
let self = {
lightning-charge = pkgs.callPackage ./lightning-charge { };
nanopos = pkgs.callPackage ./nanopos { };
spark-wallet = pkgs.callPackage ./spark-wallet { };
@ -18,4 +18,6 @@
pinned = import ./pinned.nix;
lib = import ./lib.nix { inherit (pkgs) lib; };
}
modulesPkgs = self // self.pinned;
}; in self