Merge #264: Fix containers for nixpkgs 20.09

f1681f5b45 add option nix-bitcoin.pkgs, remove overlay (Erik Arvstedt)
b1a5f5e7b9 don't add service-only pkgs to systemPackages (Erik Arvstedt)
e39ad358a4 lnd: remove unused bitcoind from PATH (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK f1681f5b45

Tree-SHA512: 1f55b015da3ab9696b6503b37bcf282e0c2776ea81117881e1b91d4807c4741c8fa9d0258d5e3fcd162b46836b245cf6f19ac8c0ca01481488de04df8eb39f96
This commit is contained in:
Jonas Nick 2020-11-11 20:47:21 +00:00
commit 3ba5888268
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
17 changed files with 42 additions and 49 deletions

View File

@ -59,7 +59,7 @@ in {
enable = mkEnableOption "Bitcoin daemon"; enable = mkEnableOption "Bitcoin daemon";
package = mkOption { package = mkOption {
type = types.package; type = types.package;
default = pkgs.nix-bitcoin.bitcoind; default = config.nix-bitcoin.pkgs.bitcoind;
defaultText = "pkgs.blockchains.bitcoind"; defaultText = "pkgs.blockchains.bitcoind";
description = "The package providing bitcoin binaries."; description = "The package providing bitcoin binaries.";
}; };

View File

@ -5,13 +5,13 @@ with lib;
let let
cfg = config.services; cfg = config.services;
inherit (config) nix-bitcoin-services; inherit (config) nix-bitcoin-services;
nbPkgs = config.nix-bitcoin.pkgs;
in { in {
options.services = { options.services = {
nbxplorer = { nbxplorer = {
package = mkOption { package = mkOption {
type = types.package; type = types.package;
default = pkgs.nix-bitcoin.nbxplorer; default = nbPkgs.nbxplorer;
defaultText = "pkgs.nix-bitcoin.nbxplorer";
description = "The package providing nbxplorer binaries."; description = "The package providing nbxplorer binaries.";
}; };
dataDir = mkOption { dataDir = mkOption {
@ -51,8 +51,7 @@ in {
enable = mkEnableOption "btcpayserver"; enable = mkEnableOption "btcpayserver";
package = mkOption { package = mkOption {
type = types.package; type = types.package;
default = pkgs.nix-bitcoin.btcpayserver; default = nbPkgs.btcpayserver;
defaultText = "pkgs.nix-bitcoin.btcpayserver";
description = "The package providing btcpayserver binaries."; description = "The package providing btcpayserver binaries.";
}; };
dataDir = mkOption { dataDir = mkOption {

View File

@ -5,6 +5,7 @@ with lib;
let let
cfg = config.services.clightning; cfg = config.services.clightning;
inherit (config) nix-bitcoin-services; inherit (config) nix-bitcoin-services;
nbPkgs = config.nix-bitcoin.pkgs;
onion-chef-service = (if cfg.announce-tor then [ "onion-chef.service" ] else []); onion-chef-service = (if cfg.announce-tor then [ "onion-chef.service" ] else []);
network = config.services.bitcoind.makeNetworkName "bitcoin" "regtest"; network = config.services.bitcoind.makeNetworkName "bitcoin" "regtest";
configFile = pkgs.writeText "config" '' configFile = pkgs.writeText "config" ''
@ -49,7 +50,7 @@ in {
''; '';
}; };
bind-addr = mkOption { bind-addr = mkOption {
type = pkgs.nix-bitcoin.lib.ipv4Address; type = nbPkgs.lib.ipv4Address;
default = "127.0.0.1"; default = "127.0.0.1";
description = "Set an IP address or UNIX domain socket to listen to"; description = "Set an IP address or UNIX domain socket to listen to";
}; };
@ -92,7 +93,7 @@ in {
readOnly = true; readOnly = true;
default = pkgs.writeScriptBin "lightning-cli" default = pkgs.writeScriptBin "lightning-cli"
'' ''
${pkgs.nix-bitcoin.clightning}/bin/lightning-cli --lightning-dir='${cfg.dataDir}' "$@" ${nbPkgs.clightning}/bin/lightning-cli --lightning-dir='${cfg.dataDir}' "$@"
''; '';
description = "Binary to connect with the clightning instance."; description = "Binary to connect with the clightning instance.";
}; };
@ -102,7 +103,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.bitcoind.enable = true; services.bitcoind.enable = true;
environment.systemPackages = [ pkgs.nix-bitcoin.clightning (hiPrio cfg.cli) ]; environment.systemPackages = [ nbPkgs.clightning (hiPrio cfg.cli) ];
users.users.${cfg.user} = { users.users.${cfg.user} = {
description = "clightning User"; description = "clightning User";
group = cfg.group; group = cfg.group;
@ -118,7 +119,7 @@ in {
services.onion-chef.access.clightning = if cfg.announce-tor then [ "clightning" ] else []; services.onion-chef.access.clightning = if cfg.announce-tor then [ "clightning" ] else [];
systemd.services.clightning = { systemd.services.clightning = {
description = "Run clightningd"; description = "Run clightningd";
path = [ pkgs.nix-bitcoin.bitcoind ]; path = [ nbPkgs.bitcoind ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ] ++ onion-chef-service; requires = [ "bitcoind.service" ] ++ onion-chef-service;
after = [ "bitcoind.service" ] ++ onion-chef-service; after = [ "bitcoind.service" ] ++ onion-chef-service;
@ -132,7 +133,7 @@ in {
${optionalString cfg.announce-tor "echo announce-addr=$(cat /var/lib/onion-chef/clightning/clightning) >> '${cfg.dataDir}/config'"} ${optionalString cfg.announce-tor "echo announce-addr=$(cat /var/lib/onion-chef/clightning/clightning) >> '${cfg.dataDir}/config'"}
''; '';
serviceConfig = nix-bitcoin-services.defaultHardening // { serviceConfig = nix-bitcoin-services.defaultHardening // {
ExecStart = "${pkgs.nix-bitcoin.clightning}/bin/lightningd --lightning-dir=${cfg.dataDir}"; ExecStart = "${nbPkgs.clightning}/bin/lightningd --lightning-dir=${cfg.dataDir}";
User = "${cfg.user}"; User = "${cfg.user}";
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "10s"; RestartSec = "10s";

View File

@ -63,8 +63,6 @@ in {
services.bitcoind.enable = true; services.bitcoind.enable = true;
environment.systemPackages = [ pkgs.nix-bitcoin.electrs ];
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -" "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
]; ];
@ -83,7 +81,7 @@ in {
RuntimeDirectoryMode = "700"; RuntimeDirectoryMode = "700";
WorkingDirectory = "/run/electrs"; WorkingDirectory = "/run/electrs";
ExecStart = '' ExecStart = ''
${pkgs.nix-bitcoin.electrs}/bin/electrs -vvv \ ${config.nix-bitcoin.pkgs.electrs}/bin/electrs -vvv \
${if cfg.high-memory then ${if cfg.high-memory then
traceIf (!bitcoind.dataDirReadableByGroup) '' traceIf (!bitcoind.dataDirReadableByGroup) ''
Warning: For optimal electrs syncing performance, enable services.bitcoind.dataDirReadableByGroup. Warning: For optimal electrs syncing performance, enable services.bitcoind.dataDirReadableByGroup.

View File

@ -42,10 +42,10 @@ in {
} }
]; ];
environment.systemPackages = with pkgs; [ environment.systemPackages = [
nix-bitcoin.hwi config.nix-bitcoin.pkgs.hwi
# Provides lsusb for debugging # Provides lsusb for debugging
usbutils pkgs.usbutils
]; ];
users.groups."${cfg.group}" = {}; users.groups."${cfg.group}" = {};
nix-bitcoin.operator.groups = [ cfg.group ]; nix-bitcoin.operator.groups = [ cfg.group ];

View File

@ -5,6 +5,7 @@ with lib;
let let
cfg = config.services.joinmarket; cfg = config.services.joinmarket;
inherit (config) nix-bitcoin-services; inherit (config) nix-bitcoin-services;
nbPkgs = config.nix-bitcoin.pkgs;
secretsDir = config.nix-bitcoin.secretsDir; secretsDir = config.nix-bitcoin.secretsDir;
inherit (config.services) bitcoind; inherit (config.services) bitcoind;
@ -77,7 +78,7 @@ let
# so run them inside dataDir. # so run them inside dataDir.
cli = pkgs.runCommand "joinmarket-cli" {} '' cli = pkgs.runCommand "joinmarket-cli" {} ''
mkdir -p $out/bin mkdir -p $out/bin
jm=${pkgs.nix-bitcoin.joinmarket}/bin jm=${nbPkgs.joinmarket}/bin
cd $jm cd $jm
for bin in jm-*; do for bin in jm-*; do
{ {
@ -181,13 +182,13 @@ in {
# (like with pipes) # (like with pipes)
cd ${cfg.dataDir} && \ cd ${cfg.dataDir} && \
out=$(sudo -u ${cfg.user} \ out=$(sudo -u ${cfg.user} \
${pkgs.nix-bitcoin.joinmarket}/bin/jm-genwallet \ ${nbPkgs.joinmarket}/bin/jm-genwallet \
--datadir=${cfg.dataDir} $walletname $pw) --datadir=${cfg.dataDir} $walletname $pw)
recoveryseed=$(echo "$out" | grep 'recovery_seed') recoveryseed=$(echo "$out" | grep 'recovery_seed')
echo "$recoveryseed" | cut -d ':' -f2 > $mnemonic echo "$recoveryseed" | cut -d ':' -f2 > $mnemonic
fi fi
''); '');
ExecStart = "${pkgs.nix-bitcoin.joinmarket}/bin/joinmarketd"; ExecStart = "${nbPkgs.joinmarket}/bin/joinmarketd";
WorkingDirectory = "${cfg.dataDir}"; # The service creates 'commitmentlist' in the working dir WorkingDirectory = "${cfg.dataDir}"; # The service creates 'commitmentlist' in the working dir
User = "${cfg.user}"; User = "${cfg.user}";
Restart = "on-failure"; Restart = "on-failure";
@ -201,7 +202,7 @@ in {
nix-bitcoin.secrets.jm-wallet-password.user = cfg.user; nix-bitcoin.secrets.jm-wallet-password.user = cfg.user;
systemd.services.joinmarket-yieldgenerator = let systemd.services.joinmarket-yieldgenerator = let
ygDefault = "${pkgs.nix-bitcoin.joinmarket}/bin/jm-yg-privacyenhanced"; ygDefault = "${nbPkgs.joinmarket}/bin/jm-yg-privacyenhanced";
ygBinary = if cfg.yieldgenerator.customParameters == "" then ygBinary = if cfg.yieldgenerator.customParameters == "" then
ygDefault ygDefault
else else

View File

@ -51,7 +51,6 @@ in {
"d '${cfg.dataDir}' 0700 ${user} ${group} - -" "d '${cfg.dataDir}' 0700 ${user} ${group} - -"
]; ];
environment.systemPackages = [ pkgs.nix-bitcoin.lightning-charge ];
systemd.services.lightning-charge = { systemd.services.lightning-charge = {
description = "Run lightning-charge"; description = "Run lightning-charge";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
@ -70,7 +69,7 @@ in {
# Needed to access clightning.dataDir in preStart # Needed to access clightning.dataDir in preStart
PermissionsStartOnly = "true"; PermissionsStartOnly = "true";
EnvironmentFile = "${config.nix-bitcoin.secretsDir}/lightning-charge-env"; EnvironmentFile = "${config.nix-bitcoin.secretsDir}/lightning-charge-env";
ExecStart = "${pkgs.nix-bitcoin.lightning-charge}/bin/charged -l ${config.services.clightning.dataDir}/bitcoin -d ${cfg.dataDir}/lightning-charge.db -i ${cfg.host} ${cfg.extraArgs}"; ExecStart = "${config.nix-bitcoin.pkgs.lightning-charge}/bin/charged -l ${config.services.clightning.dataDir}/bitcoin -d ${cfg.dataDir}/lightning-charge.db -i ${cfg.host} ${cfg.extraArgs}";
User = user; User = user;
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "10s"; RestartSec = "10s";

View File

@ -50,8 +50,7 @@ in {
}; };
package = mkOption { package = mkOption {
type = types.package; type = types.package;
default = pkgs.nix-bitcoin.lightning-loop; default = config.nix-bitcoin.pkgs.lightning-loop;
defaultText = "pkgs.nix-bitcoin.lightning-loop";
description = "The package providing lightning-loop binaries."; description = "The package providing lightning-loop binaries.";
}; };
dataDir = mkOption { dataDir = mkOption {

View File

@ -5,6 +5,7 @@ with lib;
let let
cfg = config.services.liquidd; cfg = config.services.liquidd;
inherit (config) nix-bitcoin-services; inherit (config) nix-bitcoin-services;
nbPkgs = config.nix-bitcoin.pkgs;
secretsDir = config.nix-bitcoin.secretsDir; secretsDir = config.nix-bitcoin.secretsDir;
pidFile = "${cfg.dataDir}/liquidd.pid"; pidFile = "${cfg.dataDir}/liquidd.pid";
configFile = pkgs.writeText "elements.conf" '' configFile = pkgs.writeText "elements.conf" ''
@ -206,13 +207,13 @@ in {
cli = mkOption { cli = mkOption {
readOnly = true; readOnly = true;
default = pkgs.writeScriptBin "elements-cli" '' default = pkgs.writeScriptBin "elements-cli" ''
${pkgs.nix-bitcoin.elementsd}/bin/elements-cli -datadir='${cfg.dataDir}' "$@" ${nbPkgs.elementsd}/bin/elements-cli -datadir='${cfg.dataDir}' "$@"
''; '';
description = "Binary to connect with the liquidd instance."; description = "Binary to connect with the liquidd instance.";
}; };
swapCli = mkOption { swapCli = mkOption {
default = pkgs.writeScriptBin "liquidswap-cli" '' default = pkgs.writeScriptBin "liquidswap-cli" ''
${pkgs.nix-bitcoin.liquid-swap}/bin/liquidswap-cli -c '${cfg.dataDir}/elements.conf' "$@" ${nbPkgs.liquid-swap}/bin/liquidswap-cli -c '${cfg.dataDir}/elements.conf' "$@"
''; '';
description = "Binary for managing liquid swaps."; description = "Binary for managing liquid swaps.";
}; };
@ -224,7 +225,7 @@ in {
services.bitcoind.enable = true; services.bitcoind.enable = true;
environment.systemPackages = [ environment.systemPackages = [
pkgs.nix-bitcoin.elementsd nbPkgs.elementsd
(hiPrio cfg.cli) (hiPrio cfg.cli)
(hiPrio cfg.swapCli) (hiPrio cfg.swapCli)
]; ];
@ -249,7 +250,7 @@ in {
Type = "simple"; Type = "simple";
User = "${cfg.user}"; User = "${cfg.user}";
Group = "${cfg.group}"; Group = "${cfg.group}";
ExecStart = "${pkgs.nix-bitcoin.elementsd}/bin/elementsd ${cmdlineOptions}"; ExecStart = "${nbPkgs.elementsd}/bin/elementsd ${cmdlineOptions}";
PIDFile = "${pidFile}"; PIDFile = "${pidFile}";
Restart = "on-failure"; Restart = "on-failure";
ReadWritePaths = "${cfg.dataDir}"; ReadWritePaths = "${cfg.dataDir}";

View File

@ -56,7 +56,7 @@ in {
description = "The network data directory."; description = "The network data directory.";
}; };
listen = mkOption { listen = mkOption {
type = pkgs.nix-bitcoin.lib.ipv4Address; type = config.nix-bitcoin.pkgs.lib.ipv4Address;
default = "localhost"; default = "localhost";
description = "Bind to given address to listen to peer connections"; description = "Bind to given address to listen to peer connections";
}; };
@ -130,8 +130,7 @@ in {
}; };
package = mkOption { package = mkOption {
type = types.package; type = types.package;
default = pkgs.nix-bitcoin.lnd; default = config.nix-bitcoin.pkgs.lnd;
defaultText = "pkgs.nix-bitcoin.lnd";
description = "The package providing lnd binaries."; description = "The package providing lnd binaries.";
}; };
cli = mkOption { cli = mkOption {
@ -171,7 +170,6 @@ in {
services.onion-chef.access.lnd = if cfg.announce-tor then [ "lnd" ] else []; services.onion-chef.access.lnd = if cfg.announce-tor then [ "lnd" ] else [];
systemd.services.lnd = { systemd.services.lnd = {
description = "Run LND"; description = "Run LND";
path = [ pkgs.nix-bitcoin.bitcoind ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
requires = [ "bitcoind.service" ] ++ onion-chef-service; requires = [ "bitcoind.service" ] ++ onion-chef-service;
after = [ "bitcoind.service" ] ++ onion-chef-service; after = [ "bitcoind.service" ] ++ onion-chef-service;

View File

@ -36,6 +36,11 @@
readOnly = true; readOnly = true;
default = import ./nix-bitcoin-services.nix lib pkgs; default = import ./nix-bitcoin-services.nix lib pkgs;
}; };
nix-bitcoin.pkgs = lib.mkOption {
type = lib.types.attrs;
default = (import ../pkgs { inherit pkgs; }).modulesPkgs;
};
}; };
config = { config = {
@ -48,12 +53,5 @@
''; '';
} }
]; ];
nixpkgs.overlays = [ (self: super: {
nix-bitcoin = let
pkgs = import ../pkgs { pkgs = super; };
in
pkgs // pkgs.pinned;
}) ];
}; };
} }

View File

@ -79,8 +79,6 @@ in {
services.lightning-charge.enable = true; services.lightning-charge.enable = true;
environment.systemPackages = [ pkgs.nix-bitcoin.nanopos ];
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts."_" = { virtualHosts."_" = {
@ -101,7 +99,7 @@ in {
after = [ "lightning-charge.service" ]; after = [ "lightning-charge.service" ];
serviceConfig = nix-bitcoin-services.defaultHardening // { serviceConfig = nix-bitcoin-services.defaultHardening // {
EnvironmentFile = "${config.nix-bitcoin.secretsDir}/nanopos-env"; EnvironmentFile = "${config.nix-bitcoin.secretsDir}/nanopos-env";
ExecStart = "${pkgs.nix-bitcoin.nanopos}/bin/nanopos -y ${cfg.itemsFile} -i ${toString cfg.host} -p ${toString cfg.port} -c ${toString cfg.charged-url} --show-bolt11 ${cfg.extraArgs}"; ExecStart = "${config.nix-bitcoin.pkgs.nanopos}/bin/nanopos -y ${cfg.itemsFile} -i ${toString cfg.host} -p ${toString cfg.port} -c ${toString cfg.charged-url} --show-bolt11 ${cfg.extraArgs}";
User = "nanopos"; User = "nanopos";
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "10s"; RestartSec = "10s";

View File

@ -102,7 +102,7 @@ in {
boot.kernel.sysctl."net.ipv4.ip_forward" = true; boot.kernel.sysctl."net.ipv4.ip_forward" = true;
security.wrappers.netns-exec = { security.wrappers.netns-exec = {
source = pkgs.nix-bitcoin.netns-exec; source = config.nix-bitcoin.pkgs.netns-exec;
capabilities = "cap_sys_admin=ep"; capabilities = "cap_sys_admin=ep";
owner = cfg.allowedUser; owner = cfg.allowedUser;
permissions = "u+rx,g+rx,o-rwx"; permissions = "u+rx,g+rx,o-rwx";

View File

@ -6,7 +6,7 @@ let
cfg = config.services.recurring-donations; cfg = config.services.recurring-donations;
inherit (config) nix-bitcoin-services; inherit (config) nix-bitcoin-services;
recurring-donations-script = pkgs.writeScript "recurring-donations.sh" '' recurring-donations-script = pkgs.writeScript "recurring-donations.sh" ''
LNCLI="${pkgs.nix-bitcoin.clightning}/bin/lightning-cli --lightning-dir=${config.services.clightning.dataDir}" LNCLI="${config.nix-bitcoin.pkgs.clightning}/bin/lightning-cli --lightning-dir=${config.services.clightning.dataDir}"
pay_tallycoin() { pay_tallycoin() {
NAME=$1 NAME=$1
AMOUNT=$2 AMOUNT=$2

View File

@ -20,7 +20,7 @@ with lib;
cd "${config.nix-bitcoin.secretsDir}" cd "${config.nix-bitcoin.secretsDir}"
chown root: . chown root: .
chmod 0700 . chmod 0700 .
${pkgs.nix-bitcoin.generate-secrets} ${config.nix-bitcoin.pkgs.generate-secrets}
''; '';
}; };
} }

View File

@ -14,7 +14,7 @@ let
${optionalString cfg.onion-service '' ${optionalString cfg.onion-service ''
publicURL="--public-url http://$(cat /var/lib/onion-chef/spark-wallet/spark-wallet)" publicURL="--public-url http://$(cat /var/lib/onion-chef/spark-wallet/spark-wallet)"
''} ''}
exec ${pkgs.nix-bitcoin.spark-wallet}/bin/spark-wallet \ exec ${config.nix-bitcoin.pkgs.spark-wallet}/bin/spark-wallet \
--ln-path '${config.services.clightning.networkDir}' \ --ln-path '${config.services.clightning.networkDir}' \
--host ${cfg.host} \ --host ${cfg.host} \
--config '${config.nix-bitcoin.secretsDir}/spark-wallet-login' \ --config '${config.nix-bitcoin.secretsDir}/spark-wallet-login' \
@ -54,7 +54,6 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.clightning.enable = true; services.clightning.enable = true;
environment.systemPackages = [ pkgs.nix-bitcoin.spark-wallet ];
users.users.spark-wallet = { users.users.spark-wallet = {
description = "spark-wallet User"; description = "spark-wallet User";
group = "spark-wallet"; group = "spark-wallet";

View File

@ -1,5 +1,5 @@
{ pkgs ? import <nixpkgs> {} }: { pkgs ? import <nixpkgs> {} }:
{ let self = {
lightning-charge = pkgs.callPackage ./lightning-charge { }; lightning-charge = pkgs.callPackage ./lightning-charge { };
nanopos = pkgs.callPackage ./nanopos { }; nanopos = pkgs.callPackage ./nanopos { };
spark-wallet = pkgs.callPackage ./spark-wallet { }; spark-wallet = pkgs.callPackage ./spark-wallet { };
@ -18,4 +18,6 @@
pinned = import ./pinned.nix; pinned = import ./pinned.nix;
lib = import ./lib.nix { inherit (pkgs) lib; }; lib = import ./lib.nix { inherit (pkgs) lib; };
}
modulesPkgs = self // self.pinned;
}; in self