Merge fort-nix/nix-bitcoin#486: Minor improvements
ef93a9a8bd
rtl: formatting (Erik Arvstedt)571983a993
docs/services: improve lndconnect section (Erik Arvstedt)9649785dd5
docs/configuration: improve formatting (Erik Arvstedt)3d32c0afeb
docs/configuration: clarify description (Erik Arvstedt)107ee27be3
docs/configuration: improve wording (Erik Arvstedt)e2721a9039
examples/configuration.nix: update system.stateVersion (Erik Arvstedt)15288d58e1
lnd: rename var `mnemonic` -> `seed` (Erik Arvstedt)84fe731c94
treewide: curl: exit with error status on HTTP errors (Erik Arvstedt)63b3eec9cd
push-release.sh: fix pushing to master branch (Erik Arvstedt) Pull request description: ACKs for top commit: jonasnick: ACKef93a9a8bd
Tree-SHA512: 5031f6fbeb6c6a57a34f3d483bc100e0035ff382ef7a03ed600276756aa040d19513d28b8dbd9406d75c18b3f7776381e46a4b6c6b9a1a33ef6990b71d1da1a7
This commit is contained in:
commit
19d44c6508
@ -22,8 +22,7 @@ This fetches the latest release, verifies its signatures and updates `nix-bitcoi
|
|||||||
## Get started with Nix
|
## Get started with Nix
|
||||||
|
|
||||||
See [Nix - A One Pager](https://github.com/tazjin/nix-1p) for a short guide
|
See [Nix - A One Pager](https://github.com/tazjin/nix-1p) for a short guide
|
||||||
to Nix, the language used in `configuration.nix`.
|
to Nix, the language used in `configuration.nix`.\
|
||||||
|
|
||||||
You can follow along this guide by running command `nix repl` which allows you to interactively
|
You can follow along this guide by running command `nix repl` which allows you to interactively
|
||||||
evaluate Nix expressions.
|
evaluate Nix expressions.
|
||||||
|
|
||||||
@ -178,7 +177,7 @@ Some services require extra steps:
|
|||||||
|
|
||||||
# Use bitcoind from another node
|
# Use bitcoind from another node
|
||||||
|
|
||||||
Use a bitcoind instance running on another node within a nix-bitcoin config.
|
Here's how to use a bitcoind instance running on another node within a nix-bitcoin config:
|
||||||
|
|
||||||
```nix
|
```nix
|
||||||
imports = [ <nix-bitcoin/modules/presets/bitcoind-remote.nix> ];
|
imports = [ <nix-bitcoin/modules/presets/bitcoind-remote.nix> ];
|
||||||
@ -226,7 +225,7 @@ $secretsDir/bitcoin-rpcpassword-public
|
|||||||
```
|
```
|
||||||
See: [Secrets dir](#secrets-dir)
|
See: [Secrets dir](#secrets-dir)
|
||||||
|
|
||||||
Restart `bitcoind` after updating the secrets: `systemctl restart bitcoind`.
|
Afterwards, restart `bitcoind`: `systemctl restart bitcoind`.
|
||||||
|
|
||||||
# Temporarily disable a service
|
# Temporarily disable a service
|
||||||
|
|
||||||
|
@ -44,7 +44,7 @@ You can find the `<onion-address>` with command `nodeinfo`.
|
|||||||
The default password location is `$secretsDir/rtl-password`.
|
The default password location is `$secretsDir/rtl-password`.
|
||||||
See: [Secrets dir](./configuration.md#secrets-dir)
|
See: [Secrets dir](./configuration.md#secrets-dir)
|
||||||
|
|
||||||
# Use LND or clightning with Zeus (smartphone wallet) via Tor
|
# Use LND or clightning with Zeus (mobile wallet) via Tor
|
||||||
1. Install [Zeus](https://zeusln.app)
|
1. Install [Zeus](https://zeusln.app)
|
||||||
|
|
||||||
2. Edit your `configuration.nix`
|
2. Edit your `configuration.nix`
|
||||||
@ -86,7 +86,7 @@ See: [Secrets dir](./configuration.md#secrets-dir)
|
|||||||
- Select `Scan lndconnect config` (at the bottom) and scan the QR code
|
- Select `Scan lndconnect config` (at the bottom) and scan the QR code
|
||||||
- For clightning: Set `Node interface` to `c-lightning-REST`
|
- For clightning: Set `Node interface` to `c-lightning-REST`
|
||||||
- Click `Save node config`
|
- Click `Save node config`
|
||||||
- Start sending sats privately
|
- Start sending and stacking sats privately
|
||||||
|
|
||||||
### Additional lndconnect features
|
### Additional lndconnect features
|
||||||
Create plain text URLs or QR code images:
|
Create plain text URLs or QR code images:
|
||||||
|
@ -274,7 +274,7 @@
|
|||||||
# compatible, in order to avoid breaking some software such as database
|
# compatible, in order to avoid breaking some software such as database
|
||||||
# servers. You should change this only after NixOS release notes say you
|
# servers. You should change this only after NixOS release notes say you
|
||||||
# should.
|
# should.
|
||||||
system.stateVersion = "21.05"; # Did you read the comment?
|
system.stateVersion = "21.11"; # Did you read the comment?
|
||||||
|
|
||||||
# The nix-bitcoin release version that your config is compatible with.
|
# The nix-bitcoin release version that your config is compatible with.
|
||||||
# When upgrading to a backwards-incompatible release, nix-bitcoin will display an
|
# When upgrading to a backwards-incompatible release, nix-bitcoin will display an
|
||||||
|
@ -8,7 +8,7 @@ trap 'echo "Error at ${BASH_SOURCE[0]}, line $LINENO"' ERR
|
|||||||
|
|
||||||
repo=fort-nix/nix-bitcoin
|
repo=fort-nix/nix-bitcoin
|
||||||
if [[ ! -v version ]]; then
|
if [[ ! -v version ]]; then
|
||||||
version=$(curl -s --show-error "https://api.github.com/repos/$repo/releases/latest" | jq -r '.tag_name' | tail -c +2)
|
version=$(curl -fsS "https://api.github.com/repos/$repo/releases/latest" | jq -r '.tag_name' | tail -c +2)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
TMPDIR=$(mktemp -d)
|
TMPDIR=$(mktemp -d)
|
||||||
@ -27,8 +27,8 @@ gpg --list-keys "36C7 1A37 C9D9 88BD E825 08D9 B1A7 0E4F 8DCD 0366" > /dev/null
|
|||||||
# Fetch nar-hash of release
|
# Fetch nar-hash of release
|
||||||
cd $TMPDIR
|
cd $TMPDIR
|
||||||
baseUrl=https://github.com/$repo/releases/download/v$version
|
baseUrl=https://github.com/$repo/releases/download/v$version
|
||||||
curl -s --show-error -L -O $baseUrl/nar-hash.txt
|
curl -fsS -L -O $baseUrl/nar-hash.txt
|
||||||
curl -s --show-error -L -O $baseUrl/nar-hash.txt.asc
|
curl -fsS -L -O $baseUrl/nar-hash.txt.asc
|
||||||
|
|
||||||
# Verify signature for nar-hash
|
# Verify signature for nar-hash
|
||||||
gpg --verify nar-hash.txt.asc &> /dev/null || {
|
gpg --verify nar-hash.txt.asc &> /dev/null || {
|
||||||
|
@ -8,6 +8,8 @@ OAUTH_TOKEN=
|
|||||||
DRY_RUN=
|
DRY_RUN=
|
||||||
TAG_NAME=
|
TAG_NAME=
|
||||||
|
|
||||||
|
trap 'echo "Error at ${BASH_SOURCE[0]}:$LINENO"' ERR
|
||||||
|
|
||||||
for arg in "$@"; do
|
for arg in "$@"; do
|
||||||
case $arg in
|
case $arg in
|
||||||
--dry-run|-n)
|
--dry-run|-n)
|
||||||
@ -32,6 +34,8 @@ else
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
cd "${BASH_SOURCE[0]%/*}"
|
||||||
|
|
||||||
RESPONSE=$(curl https://api.github.com/repos/$REPO/releases/latest 2> /dev/null)
|
RESPONSE=$(curl https://api.github.com/repos/$REPO/releases/latest 2> /dev/null)
|
||||||
echo "Latest release" $(echo $RESPONSE | jq -r '.tag_name' | tail -c +2)
|
echo "Latest release" $(echo $RESPONSE | jq -r '.tag_name' | tail -c +2)
|
||||||
|
|
||||||
@ -51,16 +55,17 @@ if [[ ! $DRY_RUN ]]; then trap "rm -rf $TMPDIR" EXIT; fi
|
|||||||
ARCHIVE_NAME=nix-bitcoin-$TAG_NAME.tar.gz
|
ARCHIVE_NAME=nix-bitcoin-$TAG_NAME.tar.gz
|
||||||
ARCHIVE=$TMPDIR/$ARCHIVE_NAME
|
ARCHIVE=$TMPDIR/$ARCHIVE_NAME
|
||||||
|
|
||||||
# Need to be in the repositories root directory for archiving
|
# Need to be in the repo root directory for archiving
|
||||||
(cd $(git rev-parse --show-toplevel); git archive --format=tar.gz -o $ARCHIVE $BRANCH)
|
(cd $(git rev-parse --show-toplevel); git archive --format=tar.gz -o $ARCHIVE $BRANCH)
|
||||||
|
|
||||||
SHA256SUMS=$TMPDIR/SHA256SUMS.txt
|
SHA256SUMS=$TMPDIR/SHA256SUMS.txt
|
||||||
# Want to use relative path with sha256sums because it'll output the first
|
# Use relative path with sha256sums because it'll output the first
|
||||||
# argument
|
# argument
|
||||||
(cd $TMPDIR; sha256sum $ARCHIVE_NAME > $SHA256SUMS)
|
(cd $TMPDIR; sha256sum $ARCHIVE_NAME > $SHA256SUMS)
|
||||||
gpg -o $SHA256SUMS.asc -a --detach-sig $SHA256SUMS
|
gpg -o $SHA256SUMS.asc -a --detach-sig $SHA256SUMS
|
||||||
|
|
||||||
cd $TMPDIR
|
pushd $TMPDIR >/dev/null
|
||||||
|
|
||||||
nix hash to-sri --type sha256 $(nix-prefetch-url --unpack file://$ARCHIVE 2> /dev/null) > nar-hash.txt
|
nix hash to-sri --type sha256 $(nix-prefetch-url --unpack file://$ARCHIVE 2> /dev/null) > nar-hash.txt
|
||||||
gpg -o nar-hash.txt.asc -a --detach-sig nar-hash.txt
|
gpg -o nar-hash.txt.asc -a --detach-sig nar-hash.txt
|
||||||
|
|
||||||
@ -90,6 +95,10 @@ post_asset $ARCHIVE
|
|||||||
post_asset $SHA256SUMS
|
post_asset $SHA256SUMS
|
||||||
post_asset $SHA256SUMS.asc
|
post_asset $SHA256SUMS.asc
|
||||||
|
|
||||||
git push $GIT_REMOTE $BRANCH:release
|
popd >/dev/null
|
||||||
|
|
||||||
|
if [[ ! $DRY_RUN ]]; then
|
||||||
|
git push $GIT_REMOTE $BRANCH:release
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Successfully created" $(echo $POST_DATA | jq -r .tag_name)
|
echo "Successfully created" $(echo $POST_DATA | jq -r .tag_name)
|
||||||
|
@ -205,16 +205,16 @@ in {
|
|||||||
} >> '${cfg.dataDir}/lnd.conf'
|
} >> '${cfg.dataDir}/lnd.conf'
|
||||||
|
|
||||||
if [[ ! -f ${networkDir}/wallet.db ]]; then
|
if [[ ! -f ${networkDir}/wallet.db ]]; then
|
||||||
mnemonic='${cfg.dataDir}/lnd-seed-mnemonic'
|
seed='${cfg.dataDir}/lnd-seed-mnemonic'
|
||||||
|
|
||||||
if [[ ! -f "$mnemonic" ]]; then
|
if [[ ! -f "$seed" ]]; then
|
||||||
echo "Create lnd seed"
|
echo "Create lnd seed"
|
||||||
(umask u=r,go=; ${lndinit} gen-seed > "$mnemonic")
|
(umask u=r,go=; ${lndinit} gen-seed > "$seed")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Create lnd wallet"
|
echo "Create lnd wallet"
|
||||||
${lndinit} -v init-wallet \
|
${lndinit} -v init-wallet \
|
||||||
--file.seed="$mnemonic" \
|
--file.seed="$seed" \
|
||||||
--file.wallet-password='${secretsDir}/lnd-wallet-password' \
|
--file.wallet-password='${secretsDir}/lnd-wallet-password' \
|
||||||
--init-file.output-wallet-dir='${cfg.networkDir}'
|
--init-file.output-wallet-dir='${cfg.networkDir}'
|
||||||
fi
|
fi
|
||||||
@ -234,7 +234,7 @@ in {
|
|||||||
RestartSec = "10s";
|
RestartSec = "10s";
|
||||||
ReadWritePaths = [ cfg.dataDir ];
|
ReadWritePaths = [ cfg.dataDir ];
|
||||||
ExecStartPost = let
|
ExecStartPost = let
|
||||||
curl = "${pkgs.curl}/bin/curl -s --show-error --cacert ${cfg.certPath}";
|
curl = "${pkgs.curl}/bin/curl -fsS --cacert ${cfg.certPath}";
|
||||||
restUrl = "https://${nbLib.addressWithPort cfg.restAddress cfg.restPort}/v1";
|
restUrl = "https://${nbLib.addressWithPort cfg.restAddress cfg.restPort}/v1";
|
||||||
in
|
in
|
||||||
# Setting macaroon permissions for other users needs root permissions
|
# Setting macaroon permissions for other users needs root permissions
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
options.services.rtl = {
|
options.services.rtl = {
|
||||||
enable = mkEnableOption "Ride The Lightning, a web interface for lnd and clightning ";
|
enable = mkEnableOption "Ride The Lightning, a web interface for lnd and clightning";
|
||||||
address = mkOption {
|
address = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "127.0.0.1";
|
default = "127.0.0.1";
|
||||||
|
@ -8,7 +8,7 @@ cd $TMPDIR
|
|||||||
|
|
||||||
echo "Fetching latest release"
|
echo "Fetching latest release"
|
||||||
repo=lightninglabs/lndinit
|
repo=lightninglabs/lndinit
|
||||||
latest=$(curl -s --show-error https://api.github.com/repos/$repo/releases/latest | jq -r .tag_name)
|
latest=$(curl -fsS https://api.github.com/repos/$repo/releases/latest | jq -r .tag_name)
|
||||||
echo "Latest release is $latest"
|
echo "Latest release is $latest"
|
||||||
git clone --depth 1 --branch $latest https://github.com/lightninglabs/lndinit 2>/dev/null
|
git clone --depth 1 --branch $latest https://github.com/lightninglabs/lndinit 2>/dev/null
|
||||||
cd lndinit
|
cd lndinit
|
||||||
|
@ -203,13 +203,13 @@ def _():
|
|||||||
wait_for_open_port(ip("btcpayserver"), 23000)
|
wait_for_open_port(ip("btcpayserver"), 23000)
|
||||||
# test lnd custom macaroon
|
# test lnd custom macaroon
|
||||||
assert_matches(
|
assert_matches(
|
||||||
"runuser -u btcpayserver -- curl -s --cacert /secrets/lnd-cert "
|
"runuser -u btcpayserver -- curl -fsS --cacert /secrets/lnd-cert "
|
||||||
'--header "Grpc-Metadata-macaroon: $(xxd -ps -u -c 1000 /run/lnd/btcpayserver.macaroon)" '
|
'--header "Grpc-Metadata-macaroon: $(xxd -ps -u -c 1000 /run/lnd/btcpayserver.macaroon)" '
|
||||||
f"-X GET https://{ip('lnd')}:8080/v1/getinfo | jq",
|
f"-X GET https://{ip('lnd')}:8080/v1/getinfo | jq",
|
||||||
'"version"',
|
'"version"',
|
||||||
)
|
)
|
||||||
# Test web server response
|
# Test web server response
|
||||||
assert_matches(f"curl -L {ip('btcpayserver')}:23000", "Welcome to your BTCPay Server")
|
assert_matches(f"curl -fsS -L {ip('btcpayserver')}:23000", "Welcome to your BTCPay Server")
|
||||||
|
|
||||||
@test("rtl")
|
@test("rtl")
|
||||||
def _():
|
def _():
|
||||||
@ -230,7 +230,7 @@ def _():
|
|||||||
assert_running("spark-wallet")
|
assert_running("spark-wallet")
|
||||||
wait_for_open_port(ip("spark-wallet"), 9737)
|
wait_for_open_port(ip("spark-wallet"), 9737)
|
||||||
spark_auth = re.search("login=(.*)", succeed("cat /secrets/spark-wallet-login"))[1]
|
spark_auth = re.search("login=(.*)", succeed("cat /secrets/spark-wallet-login"))[1]
|
||||||
assert_matches(f"curl -s {spark_auth}@{ip('spark-wallet')}:9737", "Spark")
|
assert_matches(f"curl -fsS {spark_auth}@{ip('spark-wallet')}:9737", "Spark")
|
||||||
|
|
||||||
@test("joinmarket")
|
@test("joinmarket")
|
||||||
def _():
|
def _():
|
||||||
|
Loading…
Reference in New Issue
Block a user