Merge fort-nix/nix-bitcoin#597: Integrate trustedcoin clightning plugin
a3c654768c
docs: trustedcoin: add info about possible problems (Otto Sabart)67f2eb2feb
trustedcoin: explicitly use the HTTPS_PROXY for external connections (Otto Sabart)4942130abe
tests: add tests for trustedcoin clightning plugin (Otto Sabart)8c00c26fa1
trustedcoin: update to v0.6.1 (Otto Sabart)5b5e76931d
trustedcoin: fix shellcheck (Otto Sabart)3d26f72b7f
clightning-plugins: add trustedcoin (neverupdate)c747ddbf32
readme: reference trustedcoin source (neverupdate)35fc3a2b44
trustedcoin: add module (neverupdate)3197338d81
trustedcoin: add pkg (neverupdate) Pull request description: ACKs for top commit: jonasnick: ACKa3c654768c
Tree-SHA512: 81075d051c500b533ac979530645ccb596c57cf93cf695419eda9f13575863b1cece0cb9a423fc669d96b97a19ba6a49012a1abef310f904df99b90762c5c943
This commit is contained in:
commit
7736468466
|
@ -27,6 +27,7 @@ task:
|
|||
- scenario: default
|
||||
- scenario: netns
|
||||
- scenario: netnsRegtest
|
||||
- scenario: trustedcoin
|
||||
# This script is run as root
|
||||
build_script:
|
||||
- echo "sandbox = true" >> /etc/nix/nix.conf
|
||||
|
|
|
@ -79,6 +79,7 @@ NixOS modules ([src](modules/modules.nix))
|
|||
* [prometheus](https://github.com/lightningd/plugins/tree/master/prometheus): lightning node exporter for the prometheus timeseries server
|
||||
* [rebalance](https://github.com/lightningd/plugins/tree/master/rebalance): keeps your channels balanced
|
||||
* [summary](https://github.com/lightningd/plugins/tree/master/summary): print a nice summary of the node status
|
||||
* [trustedcoin](https://github.com/nbd-wtf/trustedcoin) [[experimental](docs/services.md#trustedcoin-hints)]: replaces bitcoind with trusted public explorers
|
||||
* [zmq](https://github.com/lightningd/plugins/tree/master/zmq): publishes notifications via ZeroMQ to configured endpoints
|
||||
* [clightning-rest](https://github.com/Ride-The-Lightning/c-lightning-REST): REST server for clightning
|
||||
* [lnd](https://github.com/lightningnetwork/lnd) with support for announcing an onion service and [static channel backups](https://github.com/lightningnetwork/lnd/blob/master/docs/recovery.md)
|
||||
|
|
|
@ -621,3 +621,27 @@ services.clightning = {
|
|||
```
|
||||
|
||||
Please have a look at the module for a plugin (e.g. [prometheus.nix](../modules/clightning-plugins/prometheus.nix)) to learn its configuration options.
|
||||
|
||||
### Trustedcoin hints
|
||||
The [trustedcoin](https://github.com/nbd-wtf/trustedcoin) plugin use a Tor
|
||||
proxy for all of its external connections by default. That's why you can
|
||||
sometimes face issues with your connections to esploras getting blocked.
|
||||
|
||||
An example of clightning log error output in a case your connections are getting blocked:
|
||||
|
||||
```
|
||||
lightningd[5138]: plugin-trustedcoin estimatefees error: https://blockstream.info/api error: 403 Forbidden
|
||||
```
|
||||
|
||||
```
|
||||
lightningd[4933]: plugin-trustedcoin getblock error: got something that isn't a block hash: <html><head>
|
||||
lightningd[4933]: <meta http-equiv="content-type" content="text/html;
|
||||
```
|
||||
|
||||
If you face these issues and you still need to use trustedcoin, use can disable
|
||||
clightning's tor hardening by setting this option in your `configuration.nix`
|
||||
file:
|
||||
|
||||
```
|
||||
services.clightning.tor.enforce = false;
|
||||
```
|
||||
|
|
|
@ -17,6 +17,7 @@ in {
|
|||
./feeadjuster.nix
|
||||
./prometheus.nix
|
||||
./summary.nix
|
||||
./trustedcoin.nix
|
||||
./zmq.nix
|
||||
];
|
||||
|
||||
|
|
28
modules/clightning-plugins/trustedcoin.nix
Normal file
28
modules/clightning-plugins/trustedcoin.nix
Normal file
|
@ -0,0 +1,28 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let cfg = config.services.clightning.plugins.trustedcoin; in
|
||||
{
|
||||
options.services.clightning.plugins.trustedcoin = {
|
||||
enable = mkEnableOption "Trustedcoin (clightning plugin)";
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = config.nix-bitcoin.pkgs.trustedcoin;
|
||||
defaultText = "config.nix-bitcoin.pkgs.trustedcoin";
|
||||
description = mdDoc "The package providing trustedcoin binaries.";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.clightning.extraConfig = ''
|
||||
plugin=${cfg.package}/bin/trustedcoin
|
||||
disable-plugin=bcli
|
||||
'';
|
||||
|
||||
# Trustedcoin does not honor the clightning's proxy configuration.
|
||||
# Ref.: https://github.com/nbd-wtf/trustedcoin/pull/19
|
||||
systemd.services.clightning.environment = mkIf (config.services.clightning.proxy != null) {
|
||||
HTTPS_PROXY = "socks5://${config.services.clightning.proxy}";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -107,13 +107,15 @@ let
|
|||
network = bitcoind.makeNetworkName "bitcoin" "regtest";
|
||||
configFile = pkgs.writeText "config" ''
|
||||
network=${network}
|
||||
bitcoin-datadir=${bitcoind.dataDir}
|
||||
${optionalString (!cfg.plugins.trustedcoin.enable) "bitcoin-datadir=${bitcoind.dataDir}"}
|
||||
${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"}
|
||||
always-use-proxy=${boolToString cfg.always-use-proxy}
|
||||
bind-addr=${cfg.address}:${toString cfg.port}
|
||||
|
||||
bitcoin-rpcconnect=${nbLib.address bitcoind.rpc.address}
|
||||
bitcoin-rpcport=${toString bitcoind.rpc.port}
|
||||
bitcoin-rpcuser=${bitcoind.rpc.users.public.name}
|
||||
|
||||
rpc-file-mode=0660
|
||||
log-timestamps=false
|
||||
${optionalString (cfg.wallet != null) "wallet=${cfg.wallet}"}
|
||||
|
@ -161,6 +163,7 @@ in {
|
|||
{
|
||||
cat ${configFile}
|
||||
echo "bitcoin-rpcpassword=$(cat ${config.nix-bitcoin.secretsDir}/bitcoin-rpcpassword-public)"
|
||||
|
||||
${optionalString (cfg.getPublicAddressCmd != "") ''
|
||||
echo "announce-addr=$(${cfg.getPublicAddressCmd}):${toString publicPort}"
|
||||
''}
|
||||
|
|
|
@ -20,6 +20,7 @@ let self = {
|
|||
# The secp256k1 version used by joinmarket
|
||||
secp256k1 = pkgs.callPackage ./secp256k1 { };
|
||||
spark-wallet = pkgs.callPackage ./spark-wallet { };
|
||||
trustedcoin = pkgs.callPackage ./trustedcoin { };
|
||||
|
||||
pyPkgs = import ./python-packages self pkgs.python3;
|
||||
inherit (self.pyPkgs)
|
||||
|
|
23
pkgs/trustedcoin/default.nix
Normal file
23
pkgs/trustedcoin/default.nix
Normal file
|
@ -0,0 +1,23 @@
|
|||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "trustedcoin";
|
||||
version = "0.6.1";
|
||||
src = fetchFromGitHub {
|
||||
owner = "nbd-wtf";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-UNQjxhAT0mK1In7vUtIoMoMNBV+0wkrwbDmm7m+0R3o=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-xvkK9rMQlXTnNyOMd79qxVSvhgPobcBk9cq4/YWbupY=";
|
||||
|
||||
subPackages = [ "." ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Light bitcoin node implementation";
|
||||
homepage = "https://github.com/nbd-wtf/trustedcoin";
|
||||
maintainers = with maintainers; [ seberm fort-nix ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
20
pkgs/trustedcoin/get-sha256.sh
Executable file
20
pkgs/trustedcoin/get-sha256.sh
Executable file
|
@ -0,0 +1,20 @@
|
|||
#! /usr/bin/env nix-shell
|
||||
#! nix-shell -i bash -p git gnupg curl jq
|
||||
set -euo pipefail
|
||||
|
||||
|
||||
TMPDIR="$(mktemp -d -p /tmp)"
|
||||
trap 'rm -rf $TMPDIR' EXIT
|
||||
cd "$TMPDIR"
|
||||
|
||||
echo "Fetching latest release"
|
||||
repo='nbd-wtf/trustedcoin'
|
||||
latest=$(curl --location --silent --show-error https://api.github.com/repos/${repo}/releases/latest | jq -r .tag_name)
|
||||
echo "Latest release is $latest"
|
||||
git clone --depth 1 --branch "$latest" "https://github.com/${repo}" 2>/dev/null
|
||||
cd trustedcoin
|
||||
|
||||
echo "tag: $latest"
|
||||
git checkout -q "tags/$latest"
|
||||
rm -rf .git
|
||||
nix --extra-experimental-features nix-command hash path .
|
|
@ -45,7 +45,7 @@ let
|
|||
services.clightning.extraConfig = mkIf config.test.noConnections "disable-dns";
|
||||
test.data.clightning-plugins = let
|
||||
plugins = config.services.clightning.plugins;
|
||||
removed = [ "commando" ];
|
||||
removed = [ "commando" "trustedcoin" ];
|
||||
enabled = builtins.filter (plugin: plugins.${plugin}.enable)
|
||||
(subtractLists removed (builtins.attrNames plugins));
|
||||
nbPkgs = config.nix-bitcoin.pkgs;
|
||||
|
@ -315,6 +315,15 @@ let
|
|||
services.lnd.enable = true;
|
||||
services.bitcoind.prune = 1000;
|
||||
};
|
||||
|
||||
# Test the special clightning setup where trustedcoin plugin is used
|
||||
trustedcoin = {
|
||||
tests.trustedcoin = true;
|
||||
services.clightning = {
|
||||
enable = true;
|
||||
plugins.trustedcoin.enable = true;
|
||||
};
|
||||
};
|
||||
} // (import ../dev/dev-scenarios.nix {
|
||||
inherit lib scenarios;
|
||||
});
|
||||
|
|
|
@ -433,6 +433,18 @@ def _():
|
|||
if enabled("btcpayserver"):
|
||||
machine.wait_until_succeeds(log_has_string("nbxplorer", f"At height: {num_blocks}"))
|
||||
|
||||
@test("trustedcoin")
|
||||
def _():
|
||||
machine.wait_for_unit("bitcoind")
|
||||
machine.wait_for_unit("clightning")
|
||||
|
||||
# Let's check the trustedcoin plugin was correctly initialized
|
||||
machine.wait_until_succeeds(log_has_string("clightning", "plugin-trustedcoin[^^]\[0m\s+initialized plugin"))
|
||||
machine.wait_until_succeeds(log_has_string("clightning", "plugin-trustedcoin[^^]\[0m\s+bitcoind RPC working"))
|
||||
machine.wait_until_succeeds(log_has_string("clightning", "plugin-trustedcoin[^^]\[0m\s+tip: 0"))
|
||||
machine.wait_until_succeeds(log_has_string("clightning", "plugin-trustedcoin[^^]\[0m\s+estimatefees error: none of the esploras returned usable responses"))
|
||||
|
||||
|
||||
if "netns-isolation" in enabled_tests:
|
||||
def ip(name):
|
||||
return test_data["netns"][name]["address"]
|
||||
|
|
Loading…
Reference in New Issue
Block a user