From 5e4e959e26680cc4ddd45ac064d1d36cd7770b3d Mon Sep 17 00:00:00 2001 From: Jonas Nick Date: Tue, 1 Jan 2019 19:16:24 +0000 Subject: [PATCH] Switch to stable channel but pull the bitcoind and clightning packages and the tor module from unstable --- README.md | 2 +- configuration-nixbitcoin.nix | 38 ------------------- configuration.nix | 36 +++++++++++++----- modules/nanopos.nix | 2 +- ...-webindex.nix => nix-bitcoin-webindex.nix} | 4 +- modules/{nixbitcoin.nix => nix-bitcoin.nix} | 12 +++--- nix-bitcoin.nix | 37 ++++++++++++++++++ 7 files changed, 75 insertions(+), 56 deletions(-) delete mode 100644 configuration-nixbitcoin.nix rename modules/{nixbitcoin-webindex.nix => nix-bitcoin-webindex.nix} (95%) rename modules/{nixbitcoin.nix => nix-bitcoin.nix} (95%) create mode 100644 nix-bitcoin.nix diff --git a/README.md b/README.md index 673e73e..11b3632 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ Work in progress. Profiles --- -`nixbitcoin.nix` provides the two profiles "minimal" and "all": +`nix-bitcoin.nix` provides the two profiles "minimal" and "all": * minimal * bitcoind (pruned) with outbound connections through Tor and inbound connections through a hidden diff --git a/configuration-nixbitcoin.nix b/configuration-nixbitcoin.nix deleted file mode 100644 index 911cfce..0000000 --- a/configuration-nixbitcoin.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ config, pkgs, ... }: - let - # Custom packages - nodeinfo = (import pkgs/nodeinfo.nix); - lightning-charge = import pkgs/lightning-charge.nix { inherit pkgs; }; - nanopos = import pkgs/nanopos.nix { inherit pkgs; }; - spark-wallet = import pkgs/spark-wallet.nix { inherit pkgs; }; - liquidd = import pkgs/liquidd.nix; -in { - imports = - [ - ./modules/nixbitcoin.nix - ]; - # Turn off binary cache by setting binaryCaches to empty list - # nix.binaryCaches = []; - nixpkgs.config.packageOverrides = pkgs: { - inherit nodeinfo; - inherit lightning-charge; - inherit nanopos; - inherit spark-wallet; - liquidd = (pkgs.callPackage liquidd { }); - }; - - time.timeZone = "UTC"; - services.openssh.enable = true; - networking.firewall.enable = true; - - environment.systemPackages = with pkgs; [ - vim tmux - htop - ]; - - # This value determines the NixOS release with which your system is to be - # compatible, in order to avoid breaking some software such as database - # servers. You should change this only after NixOS release notes say you - # should. - system.stateVersion = "18.09"; # Did you read the comment? -} diff --git a/configuration.nix b/configuration.nix index 7c6b1e9..be00366 100644 --- a/configuration.nix +++ b/configuration.nix @@ -4,25 +4,43 @@ { config, pkgs, ... }: { - - services.nixbitcoin.enable = true; - # Install and use minimal or all modules - services.nixbitcoin.modules = "all"; - - # FIXME: Define your hostname. - networking.hostName = "nix-bitcoin"; - imports = [ - ./configuration-nixbitcoin.nix + ./nix-bitcoin.nix # FIXME: Uncomment next line to import your hardware configuration. If so, # add the hardware configuration file to the same directory as this file. #./hardware-configuration.nix ]; + services.nix-bitcoin.enable = true; + # FIXME Install and use minimal or all modules + services.nix-bitcoin.modules = "all"; + + # FIXME: Define your hostname. + networking.hostName = "nix-bitcoin"; + time.timeZone = "UTC"; + # FIXME: Add your SSH pubkey + services.openssh.enable = true; users.users.root = { openssh.authorizedKeys.keys = [ "" ]; }; + # FIXME: add packages you need in your system + environment.systemPackages = with pkgs; [ + vim + ]; + + # FIXME: Turn off the binary cache by setting binaryCaches to empty list. + # This means that it will take a while for all packages to be built but it + # prevents a compromised cache taking over your system. As a result, the next + # line should be uncommented in production systems. + # nix.binaryCaches = []; + # FIXME: Add custom options options (like boot options): + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "18.09"; # Did you read the comment? } diff --git a/modules/nanopos.nix b/modules/nanopos.nix index f7a18e0..71d2526 100644 --- a/modules/nanopos.nix +++ b/modules/nanopos.nix @@ -35,7 +35,7 @@ in { ''; }; port = mkOption { - type = types.port; + type = types.ints.u16; default = 9116; description = '' "The port on which to listen for connections."; diff --git a/modules/nixbitcoin-webindex.nix b/modules/nix-bitcoin-webindex.nix similarity index 95% rename from modules/nixbitcoin-webindex.nix rename to modules/nix-bitcoin-webindex.nix index 00d5dc9..c8748a4 100644 --- a/modules/nixbitcoin-webindex.nix +++ b/modules/nix-bitcoin-webindex.nix @@ -3,7 +3,7 @@ with lib; let - cfg = config.services.nixbitcoin-webindex; + cfg = config.services.nix-bitcoin-webindex; indexFile = pkgs.writeText "index.html" '' @@ -35,7 +35,7 @@ let sed -i "s/CLIGHTNING_ID/$CLIGHTNING_ID/g" /var/www/index.html ''; in { - options.services.nixbitcoin-webindex = { + options.services.nix-bitcoin-webindex = { enable = mkOption { type = types.bool; default = false; diff --git a/modules/nixbitcoin.nix b/modules/nix-bitcoin.nix similarity index 95% rename from modules/nixbitcoin.nix rename to modules/nix-bitcoin.nix index 39c0660..e8588c6 100644 --- a/modules/nixbitcoin.nix +++ b/modules/nix-bitcoin.nix @@ -3,7 +3,7 @@ with lib; let - cfg = config.services.nixbitcoin; + cfg = config.services.nix-bitcoin; minimalPackages = with pkgs; [ tor bitcoin @@ -36,12 +36,12 @@ in { ./clightning.nix ./lightning-charge.nix ./nanopos.nix - ./nixbitcoin-webindex.nix + ./nix-bitcoin-webindex.nix ./liquid.nix ./spark-wallet.nix ]; - options.services.nixbitcoin = { + options.services.nix-bitcoin = { enable = mkOption { type = types.bool; default = false; @@ -59,6 +59,8 @@ in { }; config = mkIf cfg.enable { + networking.firewall.enable = true; + # Tor services.tor.enable = true; services.tor.client.enable = true; @@ -69,7 +71,7 @@ in { port = 22; }]; version = 3; - } + }; # bitcoind services.bitcoind.enable = true; @@ -143,7 +145,7 @@ in { services.lightning-charge.enable = cfg.modules == "all"; services.nanopos.enable = cfg.modules == "all"; - services.nixbitcoin-webindex.enable = cfg.modules == "all"; + services.nix-bitcoin-webindex.enable = cfg.modules == "all"; services.clightning.autolisten = cfg.modules == "all"; services.spark-wallet.enable = cfg.modules == "all"; services.tor.hiddenServices.spark-wallet = { diff --git a/nix-bitcoin.nix b/nix-bitcoin.nix new file mode 100644 index 0000000..92b85bd --- /dev/null +++ b/nix-bitcoin.nix @@ -0,0 +1,37 @@ +{ config, pkgs, ... }: + let + unstable-pkgs-git = builtins.fetchGit { + url = "https://github.com/nixos/nixpkgs-channels"; + ref = "nixos-unstable"; + rev = "201d739b0ffbebceb444864d1856babcd1a666a8"; + }; + unstable-pkgs = import unstable-pkgs-git { }; + + # Custom packages + nodeinfo = (import pkgs/nodeinfo.nix); + lightning-charge = import pkgs/lightning-charge.nix { inherit pkgs; }; + nanopos = import pkgs/nanopos.nix { inherit pkgs; }; + spark-wallet = import pkgs/spark-wallet.nix { inherit pkgs; }; + liquidd = import pkgs/liquidd.nix; +in { + disabledModules = [ "services/security/tor.nix" ]; + imports = + [ + ./modules/nix-bitcoin.nix + (unstable-pkgs-git + "/nixos/modules/services/security/tor.nix") + ]; + + nixpkgs.config.packageOverrides = pkgs: { + # Use bitcoin and clightning from unstable + bitcoin = unstable-pkgs.bitcoin.override { }; + altcoins.bitcoind = unstable-pkgs.altcoins.bitcoind.override { }; + clightning = unstable-pkgs.clightning.override { }; + + # Add custom packages + inherit nodeinfo; + inherit lightning-charge; + inherit nanopos; + inherit spark-wallet; + liquidd = (pkgs.callPackage liquidd { }); + }; +}