c8d5cb2405 examples: improve Flakes-based VM (Erik Arvstedt)
1e94e891b2 flake: move VM to separate file (Erik Arvstedt)
7233b054d9 flake: use new output format (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK c8d5cb2405

Tree-SHA512: ffc5525530a50e7664f9b081f68eb3d379f726b7f40133d1e874d41ce84814e44d1e57661803c0cf3aabae58b493cb60968b1dd75d9e4cbe5877f02c4cd6abc2
This commit is contained in:
Jonas Nick 2022-06-05 19:37:11 +00:00
commit 1ba7ccc547
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
4 changed files with 76 additions and 47 deletions

View File

@ -1,8 +1,22 @@
Examples ## Examples
---
The easiest way to try out nix-bitcoin is to use one of the provided examples. The easiest way to try out nix-bitcoin is to use one of the provided examples.
### Flakes-based quick start
If you use a Flakes-enabled version of Nix, run the following command to start a minimal
nix-bitcoin QEMU VM:
```bash
nix run github:fort-nix/nix-bitcoin/release
```
The VM (defined in [flake.nix](../flake.nix)) runs in the terminal and has `bitcoind`
and `clightning` installed.\
It leaves no traces (outside of `/nix/store`) on the host system.
### More examples
Clone this repo and enter the examples shell:
```bash ```bash
git clone https://github.com/fort-nix/nix-bitcoin git clone https://github.com/fort-nix/nix-bitcoin
cd nix-bitcoin/examples/ cd nix-bitcoin/examples/
@ -79,7 +93,3 @@ The commands in `shell.nix` allow you to locally run the node in a VM or contain
Flakes make it easy to include `nix-bitcoin` in an existing NixOS config. Flakes make it easy to include `nix-bitcoin` in an existing NixOS config.
The [flakes example](./flakes/flake.nix) shows how to use `nix-bitcoin` as an input to a system flake. The [flakes example](./flakes/flake.nix) shows how to use `nix-bitcoin` as an input to a system flake.
Run `nix run` or `nix run .#vm` from the nix-bitcoin root directory to start an example
nix-bitcoin node VM.
This command is defined by the nix-bitcoin flake (in [flake.nix](../flake.nix)).

View File

@ -8,7 +8,7 @@
nixosConfigurations.mynode = nix-bitcoin.inputs.nixpkgs.lib.nixosSystem { nixosConfigurations.mynode = nix-bitcoin.inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
nix-bitcoin.nixosModule nix-bitcoin.nixosModules.default
# Optional: # Optional:
# Import the secure-node preset, an opinionated config to enhance security # Import the secure-node preset, an opinionated config to enhance security

View File

@ -0,0 +1,49 @@
nix-bitcoin: pkgs: system:
rec {
inherit (nix-bitcoin.inputs) nixpkgs;
mkVMScript = vm: pkgs.writers.writeBash "run-vm" ''
set -euo pipefail
export TMPDIR=$(mktemp -d /tmp/nix-bitcoin-vm.XXX)
trap "rm -rf $TMPDIR" EXIT
export NIX_DISK_IMAGE=$TMPDIR/nixos.qcow2
QEMU_OPTS="-smp $(nproc) -m 1500" ${vm}/bin/run-*-vm
'';
vm = (import "${nixpkgs}/nixos" {
inherit system;
configuration = { lib, ... }: {
imports = [
nix-bitcoin.nixosModules.default
"${nix-bitcoin}/modules/presets/secure-node.nix"
];
nix-bitcoin.generateSecrets = true;
services.clightning.enable = true;
# For faster startup in offline VMs
services.clightning.extraConfig = "disable-dns";
nixpkgs.pkgs = pkgs;
virtualisation.graphics = false;
services.getty.autologinUser = "root";
nix.nixPath = [ "nixpkgs=${nixpkgs}" ];
services.getty.helpLine = lib.mkAfter ''
Welcome to nix-bitcoin!
To explore running services, try the following commands:
- nodeinfo
- systemctl status bitcoind
- systemctl status clightning
'';
# Power off VM when the user exits the shell
systemd.services."serial-getty@".preStop = ''
echo o >/proc/sysrq-trigger
'';
};
}).vm;
runVM = mkVMScript vm;
}

View File

@ -24,11 +24,11 @@
import ./pkgs { inherit pkgs pkgsUnstable; }; import ./pkgs { inherit pkgs pkgsUnstable; };
}; };
overlay = final: prev: let overlays.default = final: prev: let
nbPkgs = lib.mkNbPkgs { inherit (final) system; pkgs = final; }; nbPkgs = lib.mkNbPkgs { inherit (final) system; pkgs = final; };
in removeAttrs nbPkgs [ "pinned" "nixops19_09" "krops" ]; in removeAttrs nbPkgs [ "pinned" "nixops19_09" "krops" ];
nixosModule = { config, pkgs, lib, ... }: { nixosModules.default = { config, pkgs, lib, ... }: {
imports = [ ./modules/modules.nix ]; imports = [ ./modules/modules.nix ];
options = with lib; { options = with lib; {
@ -58,7 +58,7 @@
}; };
}; };
defaultTemplate = { templates.default = {
description = "Basic node template"; description = "Basic node template";
path = ./examples/flakes; path = ./examples/flakes;
}; };
@ -66,46 +66,16 @@
} // (flake-utils.lib.eachSystem supportedSystems (system: } // (flake-utils.lib.eachSystem supportedSystems (system:
let let
pkgs = nixpkgs.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system};
nbPkgs = self.lib.mkNbPkgs { inherit system pkgs; }; nbPkgs = self.lib.mkNbPkgs { inherit system pkgs; };
mkVMScript = vm: pkgs.writers.writeBash "run-vm" ''
set -euo pipefail
export TMPDIR=$(mktemp -d /tmp/nix-bitcoin-vm.XXX)
trap "rm -rf $TMPDIR" EXIT
export NIX_DISK_IMAGE=$TMPDIR/nixos.qcow2
QEMU_OPTS="-smp $(nproc) -m 1500" ${vm}/bin/run-*-vm
'';
in rec { in rec {
packages = flake-utils.lib.flattenTree (removeAttrs nbPkgs [ packages = flake-utils.lib.flattenTree (removeAttrs nbPkgs [
"pinned" "modulesPkgs" "nixops19_09" "krops" "generate-secrets" "netns-exec" "pinned" "modulesPkgs" "nixops19_09" "krops" "generate-secrets" "netns-exec"
]) // { ]) // {
runVM = mkVMScript packages.vm; inherit (import ./examples/qemu-vm/minimal-vm.nix self pkgs system)
# A simple demo VM.
# This is a simple demo VM. # See ./examples/flakes/flake.nix on how to use nix-bitcoin with flakes.
# See ./examples/flakes/flake.nix on how to use nix-bitcoin with flakes. runVM
vm = let vm;
nix-bitcoin = self;
in
(import "${nixpkgs}/nixos" {
inherit system;
configuration = {
imports = [
nix-bitcoin.nixosModule
"${nix-bitcoin}/modules/presets/secure-node.nix"
];
nix-bitcoin.generateSecrets = true;
services.clightning.enable = true;
# For faster startup in offline VMs
services.clightning.extraConfig = "disable-dns";
nixpkgs.pkgs = pkgs;
virtualisation.graphics = false;
services.getty.autologinUser = "root";
nix.nixPath = [ "nixpkgs=${nixpkgs}" ];
};
}).vm;
}; };
# Allow accessing the whole nested `nbPkgs` attrset (including `modulesPkgs`) # Allow accessing the whole nested `nbPkgs` attrset (including `modulesPkgs`)
@ -113,9 +83,9 @@
# `packages` is not allowed to contain nested pkgs attrsets. # `packages` is not allowed to contain nested pkgs attrsets.
legacyPackages = nbPkgs; legacyPackages = nbPkgs;
defaultApp = apps.vm; apps = rec {
default = vm;
apps = {
# Run a basic nix-bitcoin node in a VM # Run a basic nix-bitcoin node in a VM
vm = { vm = {
type = "app"; type = "app";