diff --git a/flake.lock b/flake.lock index be13d8b..24b5cbc 100644 --- a/flake.lock +++ b/flake.lock @@ -17,11 +17,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1663760840, - "narHash": "sha256-ym5Iycs5H4cOaLfE2/vC0tsLp8XuBJQIHGV8/uXSy8M=", + "lastModified": 1666528161, + "narHash": "sha256-PFOQSC0x4xPD1p/GZIbpKuoEBu6M8HnEOeNRiBUCELA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9bdbbaa634aa666eb6a27096bdcb991c59181244", + "rev": "471d92178b978fcbad8db27c2e8a4e737d4e0e27", "type": "github" }, "original": { @@ -33,11 +33,11 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1663757063, - "narHash": "sha256-H+BPgoXuVcdi3g5BH4cact4osjfjntaTQTdA/HNiCYE=", + "lastModified": 1666570118, + "narHash": "sha256-MTXmIYowHM1wyIYyqPdBLia5SjGnxETv0YkIbDsbkx4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a0e390471362e27349abc1090197e09fe8c59d16", + "rev": "1e684b371cf05300bc2b432f958f285855bac8fb", "type": "github" }, "original": { diff --git a/modules/btcpayserver.nix b/modules/btcpayserver.nix index 3a6dc43..8437537 100644 --- a/modules/btcpayserver.nix +++ b/modules/btcpayserver.nix @@ -200,7 +200,7 @@ in { systemd.services.btcpayserver = let nbExplorerUrl = "http://${nbLib.addressWithPort cfg.nbxplorer.address cfg.nbxplorer.port}/"; nbExplorerCookie = "${cfg.nbxplorer.dataDir}/${bitcoind.makeNetworkName "Main" "RegTest"}/.cookie"; - configFile = builtins.toFile "config" ('' + configFile = builtins.toFile "btcpayserver-config" ('' network=${bitcoind.network} bind=${cfg.btcpayserver.address} port=${toString cfg.btcpayserver.port} @@ -212,34 +212,27 @@ in { rootpath=${cfg.btcpayserver.rootpath} '' + optionalString (cfg.btcpayserver.lightningBackend == "clightning") '' btclightning=type=clightning;server=unix:///${cfg.clightning.dataDir}/${bitcoind.makeNetworkName "bitcoin" "regtest"}/lightning-rpc - '' + optionalString cfg.btcpayserver.lbtc '' + '' + optionalString (cfg.btcpayserver.lightningBackend == "lnd") + ( + "btclightning=type=lnd-rest;" + + "server=https://${cfg.lnd.restAddress}:${toString cfg.lnd.restPort}/;" + + "macaroonfilepath=/run/lnd/btcpayserver.macaroon;" + + "certfilepath=${config.services.lnd.certPath}" + + "\n" + ) + + optionalString cfg.btcpayserver.lbtc '' chains=btc,lbtc lbtcexplorerurl=${nbExplorerUrl} lbtcexplorercookiefile=${nbExplorerCookie} ''); - lndConfig = - "btclightning=type=lnd-rest;" + - "server=https://${cfg.lnd.restAddress}:${toString cfg.lnd.restPort}/;" + - "macaroonfilepath=/run/lnd/btcpayserver.macaroon;" + - "certthumbprint="; in let self = { wantedBy = [ "multi-user.target" ]; requires = [ "nbxplorer.service" "postgresql.service" ] ++ optional (cfg.btcpayserver.lightningBackend != null) "${cfg.btcpayserver.lightningBackend}.service"; after = self.requires; - preStart = '' - install -m 600 ${configFile} '${cfg.btcpayserver.dataDir}/settings.config' - ${optionalString (cfg.btcpayserver.lightningBackend == "lnd") '' - { - echo -n "${lndConfig}" - ${pkgs.openssl}/bin/openssl x509 -noout -fingerprint -sha256 -in ${config.services.lnd.certPath} \ - | sed -e 's/.*=//;s/://g' - } >> '${cfg.btcpayserver.dataDir}/settings.config' - ''} - ''; serviceConfig = nbLib.defaultHardening // { ExecStart = '' - ${cfg.btcpayserver.package}/bin/btcpayserver --conf='${cfg.btcpayserver.dataDir}/settings.config' \ + ${cfg.btcpayserver.package}/bin/btcpayserver --conf=${configFile} \ --datadir='${cfg.btcpayserver.dataDir}' ''; User = cfg.btcpayserver.user; diff --git a/pkgs/default.nix b/pkgs/default.nix index 95d397c..21ede79 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -37,10 +37,5 @@ let self = { pinned = import ./pinned.nix pkgs pkgsUnstable; - # TODO-EXTERNAL: - # Remove this when https://github.com/NixOS/nixpkgs/pull/195337 is available in the - # nixpkgs-unstable channel - lnd = pkgsUnstable.callPackage ./lnd-0.15.2.nix {}; - modulesPkgs = self // self.pinned; }; in self diff --git a/pkgs/lib.nix b/pkgs/lib.nix index fb25950..dd0a803 100644 --- a/pkgs/lib.nix +++ b/pkgs/lib.nix @@ -33,7 +33,7 @@ let self = { # @system-service whitelist and docker seccomp blacklist (except for "clone" # which is a core requirement for systemd services) # @system-service is defined in src/shared/seccomp-util.c (systemd source) - SystemCallFilter = [ "@system-service" "~add_key kcmp keyctl mbind move_pages name_to_handle_at personality process_vm_readv process_vm_writev request_key set_mempolicy setns unshare userfaultfd" ]; + SystemCallFilter = [ "@system-service" "~add_key kcmp keyctl mbind move_pages name_to_handle_at personality process_vm_readv process_vm_writev request_key setns unshare userfaultfd" ]; SystemCallArchitectures = "native"; }; diff --git a/pkgs/lnd-0.15.2.nix b/pkgs/lnd-0.15.2.nix deleted file mode 100644 index bb91e14..0000000 --- a/pkgs/lnd-0.15.2.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ buildGoModule -, fetchFromGitHub -, lib -, tags ? [ "autopilotrpc" "signrpc" "walletrpc" "chainrpc" "invoicesrpc" "watchtowerrpc" "routerrpc" "monitoring" "kvdb_postgres" "kvdb_etcd" ] -}: - -buildGoModule rec { - pname = "lnd"; - version = "0.15.2-beta"; - - src = fetchFromGitHub { - owner = "lightningnetwork"; - repo = "lnd"; - rev = "v${version}"; - sha256 = "sha256-C7BZ6awY2v5Uvvh12YEosoEQyJoetWzH/1wIQSVjtEk="; - }; - - vendorSha256 = "sha256-rCdcPkgrFcDfLfF8wipFws7YTKEgotuVqVIJYLMOxbs="; - - subPackages = [ "cmd/lncli" "cmd/lnd" ]; - - preBuild = let - buildVars = { - RawTags = lib.concatStringsSep "," tags; - GoVersion = "$(go version | egrep -o 'go[0-9]+[.][^ ]*')"; - }; - buildVarsFlags = lib.concatStringsSep " " (lib.mapAttrsToList (k: v: "-X github.com/lightningnetwork/lnd/build.${k}=${v}") buildVars); - in - lib.optionalString (tags != []) '' - buildFlagsArray+=("-tags=${lib.concatStringsSep " " tags}") - buildFlagsArray+=("-ldflags=${buildVarsFlags}") - ''; - - meta = with lib; { - description = "Lightning Network Daemon"; - homepage = "https://github.com/lightningnetwork/lnd"; - license = licenses.mit; - maintainers = with maintainers; [ cypherpunk2140 prusnak ]; - }; -} diff --git a/pkgs/pinned.nix b/pkgs/pinned.nix index a9cc8aa..1ff832b 100644 --- a/pkgs/pinned.nix +++ b/pkgs/pinned.nix @@ -6,8 +6,8 @@ pkgs: pkgsUnstable: bitcoind extra-container lightning-pool - lndconnect - nbxplorer; + lnd + lndconnect; inherit (pkgsUnstable) btcpayserver @@ -17,7 +17,8 @@ pkgs: pkgsUnstable: elementsd fulcrum hwi - lightning-loop; + lightning-loop + nbxplorer; inherit pkgs pkgsUnstable; }