Add guest user with same ssh keys as root and fix nodeinfo not waiting for clightning to warm up

2018-11-23 15:49:13 +00:00 · 2018-11-23 15:49:13 +00:00 · ac2be00c7f
commit ac2be00c7f
parent eca9864cf3
4 changed files with 33 additions and 10 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -24,6 +24,7 @@ in {
  environment.systemPackages = with pkgs; [
     vim tmux clightning bitcoin
     nodeinfo
+     jq
  ];
  nixpkgs.config.packageOverrides = pkgs: {
    inherit nodeinfo;
@ -69,12 +70,6 @@ in {
  # Open ports in the firewall.
  # Or disable the firewall altogether.

-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  # users.users.guest = {
-  #   isNormalUser = true;
-  #   uid = 1000;
-  # };
-
  # This value determines the NixOS release with which your system is to be
  # compatible, in order to avoid breaking some software such as database
  # servers. You should change this only after NixOS release notes say you
--- a/modules/clightning.nix
+++ b/modules/clightning.nix
@ -52,6 +52,8 @@ in {
        { description = "Run clightningd";
          path  = [ pkgs.clightning pkgs.bitcoin ];
          wantedBy = [ "multi-user.target" ];
+          requires = [ "bitcoind.service" ];
+          after = [ "bitcoind.service" ];
          preStart = ''
            mkdir -p ${home}/.lightning
            ln -sf ${configFile} ${home}/.lightning/config
@ -61,6 +63,7 @@ in {
              ExecStart = "${pkgs.clightning}/bin/lightningd";
              User = "clightning";
              Restart = "on-failure";
+              RestartSec = "10s";
              PrivateTmp = "true";
              ProtectSystem = "full";
              NoNewPrivileges = "true";
--- a/modules/nixbitcoin.nix
+++ b/modules/nixbitcoin.nix
@ -51,12 +51,31 @@ in {
    systemd.services.nodeinfo = {
      description = "Get node info";
      wantedBy = [ "multi-user.target" ];
+      after = [ "clightning.service" "tor.service" ];
      path  = [ pkgs.clightning pkgs.jq pkgs.sudo ];
      serviceConfig = {
-        ExecStart = "${pkgs.bash}/bin/bash -c ${pkgs.nodeinfo}/bin/nodeinfo";
+        ExecStart="${pkgs.bash}/bin/bash ${pkgs.nodeinfo}/bin/nodeinfo";
+        User = "root";
+        Type = "simple";
+        RemainAfterExit="yes";
+        Restart = "on-failure";
+        RestartSec = "10s";
+      };
+    };
+    # Define a user account. Don't forget to set a password with ‘passwd’.
+    users.users.guest = {
+      isNormalUser = true;
+    };
+    systemd.services.copy-root-authorized-keys = {
+      description = "Copy root authorized keys";
+      wantedBy = [ "multi-user.target" ];
+      path  = [ ];
+      serviceConfig = {
+        ExecStart = "${pkgs.bash}/bin/bash -c \"mkdir -p ${config.users.users.guest.home}/.ssh && cp ${config.users.users.root.home}/.vbox-nixops-client-key ${config.users.users.guest.home}/.ssh/authorized_keys && chown -R guest ${config.users.users.guest.home}/.ssh\"";
        user = "root";
        type = "oneshot";
      };
    };
+
  };
 }
--- a/pkgs/nodeinfo.sh
+++ b/pkgs/nodeinfo.sh
@ -1,9 +1,15 @@
-sleep 5
+set -e
+set -o pipefail
+
 OUTFILE=/var/lib/nodeinfo.nix
+
+BITCOIND_ONION=$(cat /var/lib/tor/onion/bitcoind/hostname)
+CLIGHTNING_ID=$(sudo -u clightning lightning-cli getinfo | jq -r '.id')
+
 rm -f $OUTFILE
 {
    echo \{
-    echo "  bitcoind_onion = \"$(cat /var/lib/tor/onion/bitcoind/hostname)\";"
-    echo "  clightning_id = \"$(sudo -u clightning lightning-cli getinfo | jq -r '.id')\";"
+    echo "  bitcoind_onion = \"$BITCOIND_ONION\";"
+    echo "  clightning_id = \"$CLIGHTNING_ID\";"
    echo \}
 } > $OUTFILE