greg
/
nix-bitcoin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge fort-nix/nix-bitcoin#577: Upgrade to NixOS 22.11 

4b5b4eac58 examples/deploy-container: fix `sudo` env propagation (Erik Arvstedt)
8d476cfeaf nix-bitcoin/runAsUserCmd: remove workaround (Erik Arvstedt)
00cceca861 joinmarket: fix Python packages (Erik Arvstedt)
e4b8e14d3a clightning: fix Python packages (Erik Arvstedt)
d1ef2a6e1e pythonPackages: improve layout (Erik Arvstedt)
74c8593407 pythonPackages: add indentation (Erik Arvstedt)
109dccca27 treewide: use `mdDoc` for descriptions (Erik Arvstedt)
a9c1995ed9 treewide: rename maintainer `earvstedt` -> `erikarvstedt` (Erik Arvstedt)
9e456ea3a9 shellcheck-services.nix: update to NixOS 22.11 (Erik Arvstedt)
77d58162e7 test: update to NixOS 22.11 (Erik Arvstedt)
142cbcfb37 flake: remove 32-bit systems (Erik Arvstedt)
c9b1e59f20 update to NixOS 22.11 (Erik Arvstedt)
62515a5696 helper/update-flake: support updating NixOS versions (Erik Arvstedt)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 4b5b4eac58

Tree-SHA512: b6ff443c4c6721dee9e6bf8f068d72c819851d54cb52d3fec64475cd884825063c28a87b2e9d1645617b7d0e7c1d52ee1ccd898f833c720c25f1b07add938cd5
This commit is contained in:
Jonas Nick 2023-01-06 22:37:42 +00:00
parent 700b6d8c90 4b5b4eac58
commit da612fe84f
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
57 changed files with 611 additions and 481 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cirrus.yml
View File

@ -9,7 +9,7 @@ task:
container:
# Defined in https://github.com/nix-community/docker-nixpkgs
image: nixpkgs/nix-flakes:nixos-22.05
image: nixpkgs/nix-flakes:nixos-22.11
matrix:
- name: modules_test

2
examples/configuration.nix
View File

@ -287,7 +287,7 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
system.stateVersion = "22.11"; # Did you read the comment?
# The nix-bitcoin release version that your config is compatible with.
# When upgrading to a backwards-incompatible release, nix-bitcoin will display an

12
examples/deploy-container-minimal.sh
View File

@ -1,17 +1,11 @@
#!/usr/bin/env bash
set -euo pipefail
if [[ ! -v NIX_BITCOIN_EXAMPLES_DIR ]]; then
echo "Running script in nix shell env..."
cd "${BASH_SOURCE[0]%/*}"
exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
else
cd "$NIX_BITCOIN_EXAMPLES_DIR"
fi
tmpDir=$(mktemp -d /tmp/nix-bitcoin-minimal-container.XXX)
trap 'rm -rf $tmpDir' EXIT
cd "${BASH_SOURCE[0]%/*}"
# Modify importable-configuration.nix to use the local <nix-bitcoin>
# source instead of fetchTarball
<importable-configuration.nix sed '
@ -31,4 +25,4 @@ cat > "$tmpDir/configuration.nix" <<EOF
}
EOF
"${BASH_SOURCE[0]%/*}/deploy-container.sh" "$tmpDir/configuration.nix" "$@"
./deploy-container.sh "$tmpDir/configuration.nix" "$@"

18
examples/deploy-container.sh
View File

@ -8,23 +8,21 @@ set -euo pipefail
# Run with option `--interactive` or `-i` to start a shell for interacting with
# the node.
if [[ ! -v NIX_BITCOIN_EXAMPLES_DIR ]]; then
echo "Running script in nix shell env..."
cd "${BASH_SOURCE[0]%/*}"
exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
else
cd "$NIX_BITCOIN_EXAMPLES_DIR"
if [[ $EUID != 0 ]]; then
# NixOS containers require root permissions
exec sudo "${BASH_SOURCE[0]}" "$@"
fi
if [[ $(sysctl -n net.ipv4.ip_forward || sudo sysctl -n net.ipv4.ip_forward) != 1 ]]; then
if [[ $(sysctl -n net.ipv4.ip_forward) != 1 ]]; then
echo "Error: IP forwarding (net.ipv4.ip_forward) is not enabled."
echo "Needed for container WAN access."
exit 1
fi
if [[ $EUID != 0 ]]; then
# NixOS containers require root permissions
exec sudo "PATH=$PATH" "NIX_PATH=$NIX_PATH" "NIX_BITCOIN_EXAMPLES_DIR=$NIX_BITCOIN_EXAMPLES_DIR" "${BASH_SOURCE[0]}" "$@"
if [[ ! -v DEPLOY_CONTAINER_NIX_SHELL ]]; then
echo "Running script in nix shell env..."
cd "${BASH_SOURCE[0]%/*}"
DEPLOY_CONTAINER_NIX_SHELL=1 exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
fi
interactive=

14
flake.lock
View File

@ -40,27 +40,27 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1670700605,
"narHash": "sha256-5dlpATkcyITpdtMflhltuD+A3RNpsVI1Mb+dtKkll6Y=",
"lastModified": 1671040593,
"narHash": "sha256-W5aZNwYBjaEaLifDWGEfecvnCiDkXjI26rHgidSftUM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7b9eeb856cbf976482fa8d1cb295ea03fb3e1277",
"rev": "170e39462b516bd1475ce9184f7bb93106d27c59",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.05",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1670918062,
"narHash": "sha256-iOhkyBYUU9Jfkk0lvI4ahpjyrTsLXj9uyJWwmjKg+gg=",
"lastModified": 1671095104,
"narHash": "sha256-BgI8tDJgORrKX9lF93enEDKP5WxIoVBt9+1zoGIfx7k=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "84575b0bd882be979516f4fecfe4d7c8de8f6a92",
"rev": "7634c3250b6870e76f2e611cb95b72392add9aef",
"type": "github"
},
"original": {

8
flake.nix
View File

@ -5,7 +5,7 @@
'';
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-utils.url = "github:numtide/flake-utils";
extra-container = {
@ -19,9 +19,11 @@
let
supportedSystems = [
"x86_64-linux"
"i686-linux"
"aarch64-linux"
"armv7l-linux"
# On these 32-bit platforms, Python pkg `pymemcache` 4.0.0 (required by
# `joinmarket`) is broken:
# "i686-linux"
# "armv7l-linux"
];
test = import ./test/tests.nix nixpkgs.lib;

18
helper/update-flake.sh
View File

@ -12,6 +12,19 @@ set -euo pipefail
# pinned to stable.
# All other pkgs are pinned to unstable.
forceRun=
nixosVersion=
for arg in "$@"; do
case $arg in
-f)
forceRun=1
;;
*)
nixosVersion=$arg
;;
esac
done
# cd to script dir
cd "${BASH_SOURCE[0]%/*}"
@ -21,7 +34,7 @@ if [[ $(nix flake 2>&1) != *"requires a sub-command"* ]]; then
exit 1
fi
if [[ ${1:-} != -f ]] && ! git diff --quiet ../flake.{nix,lock}; then
if [[ $forceRun ]] && ! git diff --quiet ../flake.{nix,lock}; then
echo "error: flake.nix/flake.lock have changes. Run with option -f to ignore."
exit 1
fi
@ -36,6 +49,9 @@ versions=$(nix eval --json -f update-flake.nix versions)
# versions=$(echo "$versions" | sed 's|1|0|g')
echo "Updating main flake"
if [[ $nixosVersion ]]; then
sed -Ei "s|(nixpkgs.url = .*nixos-)[^\"]+|\1$nixosVersion|" ../flake.nix
fi
nix flake update ..
echo

12
modules/backups.nix
View File

@ -6,7 +6,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Enable backups of node data.
This uses the NixOS duplicity service.
To further configure the backup, you can set NixOS options `services.duplicity.*`.
@ -16,34 +16,34 @@ let
with-bulk-data = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Whether to also backup Bitcoin blockchain and other bulk data.
'';
};
destination = mkOption {
type = types.str;
default = "file:///var/lib/localBackups";
description = ''
description = mdDoc ''
Where to back up to.
'';
};
frequency = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
description = mdDoc ''
Run backup with the given frequency. If null, do not run automatically.
'';
};
postgresqlDatabases = mkOption {
type = types.listOf types.str;
default = [];
description = "List of database names to backup.";
description = mdDoc "List of database names to backup.";
};
extraFiles = mkOption {
type = types.listOf types.str;
default = [];
example = [ "/var/lib/nginx" ];
description = "Additional files to be appended to filelist.";
description = mdDoc "Additional files to be appended to filelist.";
};
};

76
modules/bitcoind.nix
View File

@ -8,19 +8,19 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen for peer connections.";
description = mdDoc "Address to listen for peer connections.";
};
port = mkOption {
type = types.port;
default = 8333;
description = "Port to listen for peer connections.";
description = mdDoc "Port to listen for peer connections.";
};
onionPort = mkOption {
type = types.nullOr types.port;
# When the bitcoind onion service is enabled, add an onion-tagged socket
# to distinguish local connections from Tor connections
default = if (config.nix-bitcoin.onionServices.bitcoind.enable or false) then 8334 else null;
description = ''
description = mdDoc ''
Port to listen for Tor peer connections.
If set, inbound connections to this port are tagged as onion peers.
'';
@ -28,15 +28,15 @@ let
listen = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Listen for peer connections at `address:port`
and `address:onionPort` (if `onionPort` is set).
and `address:onionPort` (if {option}`onionPort` is set).
'';
};
listenWhitelisted = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Listen for peer connections at `address:whitelistedPort`.
Peers connected through this socket are automatically whitelisted.
'';
@ -44,12 +44,12 @@ let
whitelistedPort = mkOption {
type = types.port;
default = 8335;
description = "See `listenWhitelisted`.";
description = mdDoc "See `listenWhitelisted`.";
};
getPublicAddressCmd = mkOption {
type = types.str;
default = "";
description = ''
description = mdDoc ''
Bash expression which outputs the public service address to announce to peers.
If left empty, no address is announced.
'';
@ -58,7 +58,7 @@ let
type = types.package;
default = config.nix-bitcoin.pkgs.bitcoind;
defaultText = "config.nix-bitcoin.pkgs.bitcoind";
description = "The package providing bitcoin binaries.";
description = mdDoc "The package providing bitcoin binaries.";
};
extraConfig = mkOption {
type = types.lines;
@ -67,41 +67,41 @@ let
par=16
logips=1
'';
description = "Extra lines appended to <filename>bitcoin.conf</filename>.";
description = mdDoc "Extra lines appended to {file}`bitcoin.conf`.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/bitcoind";
description = "The data directory for bitcoind.";
description = mdDoc "The data directory for bitcoind.";
};
rpc = {
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
description = mdDoc ''
Address to listen for JSON-RPC connections.
'';
};
port = mkOption {
type = types.port;
default = 8332;
description = "Port to listen for JSON-RPC connections.";
description = mdDoc "Port to listen for JSON-RPC connections.";
};
threads = mkOption {
type = types.nullOr types.ints.u16;
default = null;
description = "The number of threads to service RPC calls.";
description = mdDoc "The number of threads to service RPC calls.";
};
allowip = mkOption {
type = types.listOf types.str;
default = [ "127.0.0.1" ];
description = ''
description = mdDoc ''
Allow JSON-RPC connections from specified sources.
'';
};
users = mkOption {
default = {};
description = ''
description = mdDoc ''
Allowed users for JSON-RPC connections.
'';
example = {
@ -116,16 +116,16 @@ let
type = types.str;
default = name;
example = "alice";
description = ''
description = mdDoc ''
Username for JSON-RPC connections.
'';
};
passwordHMAC = mkOption {
type = types.str;
example = "f7efda5c189b999524f151318c0c86$d5b51b3beffbc02b724e5d095828e0bc8b2456e9ac8757ae3211a5d9b16a22ae";
description = ''
description = mdDoc ''
Password HMAC-SHA-256 for JSON-RPC connections. Must be a string of the
format `salt-hex$hmac-hex`.
format `<SALT-HEX>$<HMAC-HEX>`.
'';
};
passwordHMACFromFile = mkOption {
@ -136,7 +136,7 @@ let
rpcwhitelist = mkOption {
type = types.listOf types.str;
default = [];
description = ''
description = mdDoc ''
List of allowed rpc calls for each user.
If empty list, rpcwhitelist is disabled for that user.
'';
@ -148,7 +148,7 @@ let
regtest = mkOption {
type = types.bool;
default = false;
description = "Enable regtest mode.";
description = mdDoc "Enable regtest mode.";
};
network = mkOption {
readOnly = true;
@ -161,12 +161,12 @@ let
proxy = mkOption {
type = types.nullOr types.str;
default = if cfg.tor.proxy then config.nix-bitcoin.torClientAddressWithPort else null;
description = "Connect through SOCKS5 proxy";
description = mdDoc "Connect through SOCKS5 proxy";
};
i2p = mkOption {
type = types.enum [ false true "only-outgoing" ];
default = false;
description = ''
description = mdDoc ''
Enable peer connections via i2p.
With `only-outgoing`, incoming i2p connections are disabled.
'';
@ -174,7 +174,7 @@ let
dataDirReadableByGroup = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
If enabled, data dir content is readable by the bitcoind service group.
Warning: This disables bitcoind's wallet support.
'';
@ -182,7 +182,7 @@ let
sysperms = mkOption {
type = types.nullOr types.bool;
default = null;
description = ''
description = mdDoc ''
Create new files with system default permissions, instead of umask 077
(only effective with disabled wallet functionality)
'';
@ -190,7 +190,7 @@ let
disablewallet = mkOption {
type = types.nullOr types.bool;
default = null;
description = ''
description = mdDoc ''
Do not load the wallet and disable wallet RPC calls
'';
};
@ -198,13 +198,13 @@ let
type = types.nullOr (types.ints.between 4 16384);
default = null;
example = 4000;
description = "Override the default database cache size in MiB.";
description = mdDoc "Override the default database cache size in MiB.";
};
prune = mkOption {
type = types.ints.unsigned;
default = 0;
example = 10000;
description = ''
description = mdDoc ''
Automatically prune block files to stay under the specified target size in MiB.
Value 0 disables pruning.
'';
@ -212,25 +212,25 @@ let
txindex = mkOption {
type = types.bool;
default = false;
description = "Enable the transaction index.";
description = mdDoc "Enable the transaction index.";
};
zmqpubrawblock = mkOption {
type = types.nullOr types.str;
default = null;
example = "tcp://127.0.0.1:28332";
description = "ZMQ address for zmqpubrawblock notifications";
description = mdDoc "ZMQ address for zmqpubrawblock notifications";
};
zmqpubrawtx = mkOption {
type = types.nullOr types.str;
default = null;
example = "tcp://127.0.0.1:28333";
description = "ZMQ address for zmqpubrawtx notifications";
description = mdDoc "ZMQ address for zmqpubrawtx notifications";
};
assumevalid = mkOption {
type = types.nullOr types.str;
default = null;
example = "00000000000000000000e5abc3a74fe27dc0ead9c70ea1deb456f11c15fd7bc6";
description = ''
description = mdDoc ''
If this block is in the chain assume that it and its ancestors are
valid and potentially skip their script verification.
'';
@ -239,28 +239,28 @@ let
type = types.listOf types.str;
default = [];
example = [ "ecoc5q34tmbq54wl.onion" ];
description = "Add nodes to connect to and attempt to keep the connections open";
description = mdDoc "Add nodes to connect to and attempt to keep the connections open";
};
discover = mkOption {
type = types.nullOr types.bool;
default = null;
description = "Discover own IP addresses";
description = mdDoc "Discover own IP addresses";
};
addresstype = mkOption {
type = types.nullOr types.str;
default = null;
example = "bech32";
description = "The type of addresses to use";
description = mdDoc "The type of addresses to use";
};
user = mkOption {
type = types.str;
default = "bitcoin";
description = "The user as which to run bitcoind.";
description = mdDoc "The user as which to run bitcoind.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run bitcoind.";
description = mdDoc "The group as which to run bitcoind.";
};
cli = mkOption {
readOnly = true;
@ -269,7 +269,7 @@ let
exec ${cfg.package}/bin/bitcoin-cli -datadir='${cfg.dataDir}' "$@"
'';
defaultText = "(See source)";
description = "Binary to connect with the bitcoind instance.";
description = mdDoc "Binary to connect with the bitcoind instance.";
};
tor = nbLib.tor;
};

32
modules/btcpayserver.nix
View File

@ -8,12 +8,12 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen on.";
description = mdDoc "Address to listen on.";
};
port = mkOption {
type = types.port;
default = 23000;
description = "Port to listen on.";
description = mdDoc "Port to listen on.";
};
package = mkOption {
type = types.package;
@ -22,38 +22,38 @@ let
else
config.nix-bitcoin.pkgs.btcpayserver;
defaultText = "(See source)";
description = "The package providing btcpayserver binaries.";
description = mdDoc "The package providing btcpayserver binaries.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/btcpayserver";
description = "The data directory for btcpayserver.";
description = mdDoc "The data directory for btcpayserver.";
};
lightningBackend = mkOption {
type = types.nullOr (types.enum [ "clightning" "lnd" ]);
default = null;
description = "The lightning node implementation to use.";
description = mdDoc "The lightning node implementation to use.";
};
lbtc = mkOption {
type = types.bool;
default = false;
description = "Enable liquid support in btcpayserver.";
description = mdDoc "Enable liquid support in btcpayserver.";
};
rootpath = mkOption {
type = types.nullOr types.str;
default = null;
example = "btcpayserver";
description = "The prefix for root-relative btcpayserver URLs.";
description = mdDoc "The prefix for root-relative btcpayserver URLs.";
};
user = mkOption {
type = types.str;
default = "btcpayserver";
description = "The user as which to run btcpayserver.";
description = mdDoc "The user as which to run btcpayserver.";
};
group = mkOption {
type = types.str;
default = cfg.btcpayserver.user;
description = "The group as which to run btcpayserver.";
description = mdDoc "The group as which to run btcpayserver.";
};
tor.enforce = nbLib.tor.enforce;
};
@ -63,7 +63,7 @@ let
# This option is only used by netns-isolation
internal = true;
default = cfg.btcpayserver.enable;
description = ''
description = mdDoc ''
nbxplorer is always enabled when btcpayserver is enabled.
'';
};
@ -71,32 +71,32 @@ let
type = types.package;
default = config.nix-bitcoin.pkgs.nbxplorer;
defaultText = "config.nix-bitcoin.pkgs.nbxplorer";
description = "The package providing nbxplorer binaries.";
description = mdDoc "The package providing nbxplorer binaries.";
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen on.";
description = mdDoc "Address to listen on.";
};
port = mkOption {
type = types.port;
default = 24444;
description = "Port to listen on.";
description = mdDoc "Port to listen on.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/nbxplorer";
description = "The data directory for nbxplorer.";
description = mdDoc "The data directory for nbxplorer.";
};
user = mkOption {
type = types.str;
default = "nbxplorer";
description = "The user as which to run nbxplorer.";
description = mdDoc "The user as which to run nbxplorer.";
};
group = mkOption {
type = types.str;
default = cfg.nbxplorer.user;
description = "The group as which to run nbxplorer.";
description = mdDoc "The group as which to run nbxplorer.";
};
tor.enforce = nbLib.tor.enforce;
};

12
modules/charge-lnd.nix
View File

@ -9,18 +9,17 @@ let
type = listOf str;
default = [];
example = [ "--verbose" "--dry-run" ];
description = "Extra flags to pass to the charge-lnd command.";
description = mdDoc "Extra flags to pass to the charge-lnd command.";
};
interval = mkOption {
type = str;
default = "*-*-* 04:00:00";
example = "hourly";
description = ''
description = mdDoc ''
Systemd calendar expression when to adjust fees.
See <citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry> for possible values.
See {man}`systemd.time(7)` for possible values.
Default is once a day.
'';
@ -29,7 +28,7 @@ let
randomDelay = mkOption {
type = str;
default = "1h";
description = ''
description = mdDoc ''
Random delay to add to scheduled time.
'';
};
@ -55,7 +54,7 @@ let
[default]
strategy = ignore
'';
description = ''
description = mdDoc ''
Policy definitions in INI format.
See https://github.com/accumulator/charge-lnd/blob/master/README.md#usage
@ -126,7 +125,6 @@ in
};
systemd.timers.charge-lnd = {
description = "Adjust LND routing fees";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = cfg.interval;

18
modules/clightning-plugins/clboss.nix
View File

@ -7,7 +7,7 @@ let cfg = config.services.clightning.plugins.clboss; in
enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Whether to enable CLBOSS (clightning plugin).
See also: https://github.com/ZmnSCPxj/clboss#operating
'';
@ -15,7 +15,7 @@ let cfg = config.services.clightning.plugins.clboss; in
min-onchain = mkOption {
type = types.ints.positive;
default = 30000;
description = ''
description = mdDoc ''
Target amount (in satoshi) that CLBOSS will leave on-chain.
clboss will only open new channels if this amount is smaller than
the funds in your clightning wallet.
@ -24,27 +24,27 @@ let cfg = config.services.clightning.plugins.clboss; in
min-channel = mkOption {
type = types.ints.positive;
default = 500000;
description = "The minimum size (in satoshi) of channels created by CLBOSS.";
description = mdDoc "The minimum size (in satoshi) of channels created by CLBOSS.";
};
max-channel = mkOption {
type = types.ints.positive;
default = 16777215;
description = "The maximum size (in satoshi) of channels created by CLBOSS.";
description = mdDoc "The maximum size (in satoshi) of channels created by CLBOSS.";
};
zerobasefee = mkOption {
type = types.enum [ "require" "allow" "disallow" ];
default = "allow";
description = ''
require: set `base_fee` to 0.
allow: set `base_fee` according to the CLBOSS heuristics, which may include value 0.
disallow: set `base_fee` to according to the CLBOSS heuristics, with a minimum value of 1.
description = mdDoc ''
`require`: set `base_fee` to 0.
`allow`: set `base_fee` according to the CLBOSS heuristics, which may include value 0.
`disallow`: set `base_fee` to according to the CLBOSS heuristics, with a minimum value of 1.
'';
};
package = mkOption {
type = types.package;
default = config.nix-bitcoin.pkgs.clboss;
defaultText = "config.nix-bitcoin.pkgs.clboss";
description = "The package providing clboss binaries.";
description = mdDoc "The package providing clboss binaries.";
};
};

10
modules/clightning-plugins/feeadjuster.nix
View File

@ -6,7 +6,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Enable feeaduster (clightning plugin).
This plugin auto-updates channel fees to keep channels balanced.
@ -18,17 +18,17 @@ let
fuzz = mkOption {
type = types.bool;
default = true;
description = "Enable update threshold randomization and hysteresis.";
description = mdDoc "Enable update threshold randomization and hysteresis.";
};
adjustOnForward = mkOption {
type = types.bool;
default = false;
description = "Automatically update fees on forward events.";
description = mdDoc "Automatically update fees on forward events.";
};
method = mkOption {
type = types.enum [ "soft" "default" "hard" ];
default = "default";
description = ''
description = mdDoc ''
Adjustment method to calculate channel fees.
`soft`: less difference when adjusting fees.
`hard`: greater difference when adjusting fees.
@ -37,7 +37,7 @@ let
adjustDaily = mkOption {
type = types.bool;
default = true;
description = "Automatically update fees daily.";
description = mdDoc "Automatically update fees daily.";
};
};

8
modules/clightning-plugins/summary.nix
View File

@ -8,22 +8,22 @@ let cfg = config.services.clightning.plugins.summary; in
currency = mkOption {
type = types.str;
default = "USD";
description = "The currency to look up on btcaverage.";
description = mdDoc "The currency to look up on btcaverage.";
};
currencyPrefix = mkOption {
type = types.str;
default = "USD $";
description = "The prefix to use for the currency.";
description = mdDoc "The prefix to use for the currency.";
};
availabilityInterval = mkOption {
type = types.int;
default = 300;
description = "How often in seconds the availability should be calculated.";
description = mdDoc "How often in seconds the availability should be calculated.";
};
availabilityWindow = mkOption {
type = types.int;
default = 72;
description = "How many hours the availability should be averaged over.";
description = mdDoc "How many hours the availability should be averaged over.";
};
};

2
modules/clightning-plugins/zmq.nix
View File

@ -25,7 +25,7 @@ let
mkOption {
type = types.nullOr types.str;
default = null;
description = "Endpoint for ${name}";
description = mdDoc "Endpoint for ${name}";
};
setEndpoint = ep:

16
modules/clightning-replication.nix
View File

@ -6,7 +6,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Enable live replication of the clightning database.
This prevents losing off-chain funds when the primary wallet file becomes
inaccessible.
@ -26,7 +26,7 @@ let
type = types.nullOr types.str;
default = null;
example = "user@10.0.0.1:directory";
description = ''
description = mdDoc ''
The SSH destination for which a SSHFS will be mounted.
`directory` is relative to the home of `user`.
@ -40,12 +40,12 @@ let
port = mkOption {
type = types.port;
default = 22;
description = "SSH port of the remote server.";
description = mdDoc "SSH port of the remote server.";
};
sshOptions = mkOption {
type = with types; listOf str;
default = [ "reconnect" "ServerAliveInterval=50" ];
description = "SSH options used for mounting the SSHFS.";
description = mdDoc "SSH options used for mounting the SSHFS.";
};
};
local = {
@ -53,7 +53,7 @@ let
type = types.nullOr types.path;
default = null;
example = "/var/backup/clightning";
description = ''
description = mdDoc ''
This option can be specified instead of `sshfs.destination` to enable
replication to a local directory.
@ -69,7 +69,7 @@ let
setupDirectory = mkOption {
type = types.bool;
default = true;
description = ''
description = mdDoc ''
Create `local.directory` if it doesn't exist and set write permissions
for the `clightning` user.
'';
@ -78,10 +78,10 @@ let
encrypt = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Whether to encrypt the replicated database with gocryptfs.
The encryption password is automatically generated and stored
in file `$secretsDir/clightning-replication-password`.
in file {file}`$secretsDir/clightning-replication-password`.
'';
};
};

10
modules/clightning-rest.nix
View File

@ -7,17 +7,17 @@ let
port = mkOption {
type = types.port;
default = 3001;
description = "REST server port.";
description = mdDoc "REST server port.";
};
docPort = mkOption {
type = types.port;
default = 4001;
description = "Swagger API documentation server port.";
description = mdDoc "Swagger API documentation server port.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/clightning-rest";
description = "The data directory for clightning-rest.";
description = mdDoc "The data directory for clightning-rest.";
};
extraConfig = mkOption {
type = types.attrs;
@ -25,7 +25,7 @@ let
example = {
DOMAIN = "mynode.org";
};
description = ''
description = mdDoc ''
Extra config options.
See: https://github.com/Ride-The-Lightning/c-lightning-REST#option-1-via-config-file-cl-rest-configjson
'';
@ -34,7 +34,7 @@ let
group = mkOption {
readOnly = true;
default = clightning.group;
description = "The group under which clightning-rest is run.";
description = mdDoc "The group under which clightning-rest is run.";
};
# Rest server address.
# Not configurable. The server always listens on all interfaces:

28
modules/clightning.nix
View File

@ -7,24 +7,24 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen for peer connections.";
description = mdDoc "Address to listen for peer connections.";
};
port = mkOption {
type = types.port;
default = 9735;
description = "Port to listen for peer connections.";
description = mdDoc "Port to listen for peer connections.";
};
proxy = mkOption {
type = types.nullOr types.str;
default = if cfg.tor.proxy then config.nix-bitcoin.torClientAddressWithPort else null;
description = ''
description = mdDoc ''
Socks proxy for connecting to Tor nodes (or for all connections if option always-use-proxy is set).
'';
};
always-use-proxy = mkOption {
type = types.bool;
default = cfg.tor.proxy;
description = ''
description = mdDoc ''
Always use the proxy, even to connect to normal IP addresses.
You can still connect to Unix domain sockets manually.
This also disables all DNS lookups, to avoid leaking address information.
@ -33,18 +33,18 @@ let
dataDir = mkOption {
type = types.path;
default = "/var/lib/clightning";
description = "The data directory for clightning.";
description = mdDoc "The data directory for clightning.";
};
networkDir = mkOption {
readOnly = true;
default = "${cfg.dataDir}/${network}";
description = "The network data directory.";
description = mdDoc "The network data directory.";
};
wallet = mkOption {
type = types.nullOr types.str;
default = null;
example = "sqlite3:///var/lib/clightning/bitcoin/lightningd.sqlite3";
description = ''
description = mdDoc ''
Wallet data scheme (sqlite3 or postgres) and location/connection
parameters, as fully qualified data source name.
'';
@ -55,29 +55,29 @@ let
example = ''
alias=mynode
'';
description = ''
description = mdDoc ''
Extra lines appended to the configuration file.
See all available options at
https://github.com/ElementsProject/lightning/blob/master/doc/lightningd-config.5.md
or by running `lightningd --help`.
or by running {command}`lightningd --help`.
'';
};
user = mkOption {
type = types.str;
default = "clightning";
description = "The user as which to run clightning.";
description = mdDoc "The user as which to run clightning.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run clightning.";
description = mdDoc "The group as which to run clightning.";
};
package = mkOption {
type = types.package;
default = nbPkgs.clightning;
defaultText = "config.nix-bitcoin.pkgs.clightning";
description = "The package providing clightning binaries.";
description = mdDoc "The package providing clightning binaries.";
};
cli = mkOption {
readOnly = true;
@ -85,12 +85,12 @@ let
${cfg.package}/bin/lightning-cli --lightning-dir='${cfg.dataDir}' "$@"
'';
defaultText = "(See source)";
description = "Binary to connect with the clightning instance.";
description = mdDoc "Binary to connect with the clightning instance.";
};
getPublicAddressCmd = mkOption {
type = types.str;
default = "";
description = ''
description = mdDoc ''
Bash expression which outputs the public service address to announce to peers.
If left empty, no address is announced.
'';

14
modules/electrs.nix
View File

@ -7,37 +7,37 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen for RPC connections.";
description = mdDoc "Address to listen for RPC connections.";
};
port = mkOption {
type = types.port;
default = 50001;
description = "Port to listen for RPC connections.";
description = mdDoc "Port to listen for RPC connections.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/electrs";
description = "The data directory for electrs.";
description = mdDoc "The data directory for electrs.";
};
monitoringPort = mkOption {
type = types.port;
default = 4224;
description = "Prometheus monitoring port.";
description = mdDoc "Prometheus monitoring port.";
};
extraArgs = mkOption {
type = types.separatedString " ";
default = "";
description = "Extra command line arguments passed to electrs.";
description = mdDoc "Extra command line arguments passed to electrs.";
};
user = mkOption {
type = types.str;
default = "electrs";
description = "The user as which to run electrs.";
description = mdDoc "The user as which to run electrs.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run electrs.";
description = mdDoc "The group as which to run electrs.";
};
tor.enforce = nbLib.tor.enforce;
};

16
modules/fulcrum.nix
View File

@ -6,7 +6,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Enable fulcrum, an Electrum server implemented in C++.
Compared to electrs, fulcrum has a 3x larger database size but
@ -17,23 +17,23 @@ let
This module disables peering (a distributed list of electrum servers that can
be queried by clients), but you can manually enable it via option
`extraConfig`.
{option}`extraConfig`.
'';
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen for RPC connections.";
description = mdDoc "Address to listen for RPC connections.";
};
port = mkOption {
type = types.port;
default = 50001;
description = "Port to listen for RPC connections.";
description = mdDoc "Port to listen for RPC connections.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/fulcrum";
description = "The data directory for fulcrum.";
description = mdDoc "The data directory for fulcrum.";
};
extraConfig = mkOption {
type = types.lines;
@ -41,7 +41,7 @@ let
example = ''
peering = true
'';
description = ''
description = mdDoc ''
Extra lines appended to the configuration file.
See all available options at
@ -51,12 +51,12 @@ let
user = mkOption {
type = types.str;
default = "fulcrum";
description = "The user as which to run fulcrum.";
description = mdDoc "The user as which to run fulcrum.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run fulcrum.";
description = mdDoc "The group as which to run fulcrum.";
};
tor.enforce = nbLib.tor.enforce;
};

6
modules/hardware-wallets.nix
View File

@ -6,21 +6,21 @@ let
ledger = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
If enabled, the ledger udev rules will be installed.
'';
};
trezor = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
If enabled, the trezor udev rules will be installed.
'';
};
group = mkOption {
type = types.str;
default = "hardware-wallets";
description = ''
description = mdDoc ''
Group the hardware wallet udev rules apply to.
'';
};

10
modules/joinmarket-ob-watcher.nix
View File

@ -7,27 +7,27 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "HTTP server address.";
description = mdDoc "HTTP server address.";
};
port = mkOption {
type = types.port;
default = 62601;
description = "HTTP server port.";
description = mdDoc "HTTP server port.";
};
dataDir = mkOption {
readOnly = true;
default = "/var/lib/joinmarket-ob-watcher";
description = "The data directory for JoinMarket orderbook watcher.";
description = mdDoc "The data directory for JoinMarket orderbook watcher.";
};
user = mkOption {
type = types.str;
default = "joinmarket-ob-watcher";
description = "The user as which to run JoinMarket.";
description = mdDoc "The user as which to run JoinMarket.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run JoinMarket.";
description = mdDoc "The group as which to run JoinMarket.";
};
# This option is only used by netns-isolation.
# Tor is always enabled.

46
modules/joinmarket.nix
View File

@ -7,7 +7,7 @@ let
payjoinAddress = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
description = mdDoc ''
The address where payjoin onion connections are forwarded to.
This address is never used directly, it only serves as the internal endpoint
for the payjoin onion service.
@ -18,12 +18,12 @@ let
payjoinPort = mkOption {
type = types.port;
default = 64180; # A random private port
description = "The port corresponding to option `payjoinAddress`.";
description = mdDoc "The port corresponding to option {option}`payjoinAddress`.";
};
messagingAddress = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
description = mdDoc ''
The address where messaging onion connections are forwarded to.
This address is never used directly, it only serves as the internal endpoint
for the messaging onion service.
@ -33,29 +33,29 @@ let
messagingPort = mkOption {
type = types.port;
default = 64181; # payjoinPort + 1
description = "The port corresponding to option `messagingAddress`.";
description = mdDoc "The port corresponding to option {option}`messagingAddress`.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/joinmarket";
description = "The data directory for JoinMarket.";
description = mdDoc "The data directory for JoinMarket.";
};
rpcWalletFile = mkOption {
type = types.nullOr types.str;
default = "jm_wallet";
description = ''
description = mdDoc ''
Name of the watch-only bitcoind wallet the JoinMarket addresses are imported to.
'';
};
user = mkOption {
type = types.str;
default = "joinmarket";
description = "The user as which to run JoinMarket.";
description = mdDoc "The user as which to run JoinMarket.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run JoinMarket.";
description = mdDoc "The group as which to run JoinMarket.";
};
cli = mkOption {
default = cli;
@ -77,57 +77,57 @@ let
ordertype = mkOption {
type = types.enum [ "reloffer" "absoffer" ];
default = "reloffer";
description = ''
Which fee type to actually use
description = mdDoc ''
Which fee type to actually use.
'';
};
cjfee_a = mkOption {
type = types.ints.unsigned;
default = 500;
description = ''
Absolute offer fee you wish to receive for coinjoins (cj) in Satoshis
description = mdDoc ''
Absolute offer fee you wish to receive for coinjoins (cj) in Satoshis.
'';
};
cjfee_r = mkOption {
type = types.float;
default = 0.00002;
description = ''
Relative offer fee you wish to receive based on a cj's amount
description = mdDoc ''
Relative offer fee you wish to receive based on a cj's amount.
'';
};
cjfee_factor = mkOption {
type = types.float;
default = 0.1;
description = ''
Variance around the average cj fee
description = mdDoc ''
Variance around the average cj fee.
'';
};
txfee = mkOption {
type = types.ints.unsigned;
default = 100;
description = ''
The average transaction fee you're adding to coinjoin transactions
description = mdDoc ''
The average transaction fee you're adding to coinjoin transactions.
'';
};
txfee_contribution_factor = mkOption {
type = types.float;
default = 0.3;
description = ''
Variance around the average tx fee
description = mdDoc ''
Variance around the average tx fee.
'';
};
minsize = mkOption {
type = types.ints.unsigned;
default = 100000;
description = ''
description = mdDoc ''
Minimum size of your cj offer in Satoshis. Lower cj amounts will be disregarded.
'';
};
size_factor = mkOption {
type = types.float;
default = 0.1;
description = ''
Variance around all offer sizes
description = mdDoc ''
Variance around all offer sizes.
'';
};
};

26
modules/lightning-loop.nix
View File

@ -7,56 +7,56 @@ let
rpcAddress = mkOption {
type = types.str;
default = "localhost";
description = "Address to listen for gRPC connections.";
description = mdDoc "Address to listen for gRPC connections.";
};
rpcPort = mkOption {
type = types.port;
default = 11010;
description = "Port to listen for gRPC connections.";
description = mdDoc "Port to listen for gRPC connections.";
};
restAddress = mkOption {
type = types.str;
default = cfg.rpcAddress;
description = "Address to listen for REST connections.";
description = mdDoc "Address to listen for REST connections.";
};
restPort = mkOption {
type = types.port;
default = 8081;
description = "Port to listen for REST connections.";
description = mdDoc "Port to listen for REST connections.";
};
package = mkOption {
type = types.package;
default = config.nix-bitcoin.pkgs.lightning-loop;
defaultText = "config.nix-bitcoin.pkgs.lightning-loop";
description = "The package providing lightning-loop binaries.";
description = mdDoc "The package providing lightning-loop binaries.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/lightning-loop";
description = "The data directory for lightning-loop.";
description = mdDoc "The data directory for lightning-loop.";
};
proxy = mkOption {
type = types.nullOr types.str;
default = if cfg.tor.proxy then config.nix-bitcoin.torClientAddressWithPort else null;
description = "host:port of SOCKS5 proxy for connnecting to the loop server.";
description = mdDoc "`host:port` of SOCKS5 proxy for connnecting to the loop server.";
};
certificate = {
extraIPs = mkOption {
type = with types; listOf str;
default = [];
example = [ "60.100.0.1" ];
description = ''
description = mdDoc ''
Extra `subjectAltName` IPs added to the certificate.
This works the same as loop option `tlsextraip`.
This works the same as loop option {option}`tlsextraip`.
'';
};
extraDomains = mkOption {
type = with types; listOf str;
default = [];
example = [ "example.com" ];
description = ''
description = mdDoc ''
Extra `subjectAltName` domain names added to the certificate.
This works the same as loop option `tlsextradomain`.
This works the same as loop option {option}`tlsextradomain`.
'';
};
};
@ -66,7 +66,7 @@ let
example = ''
debuglevel=trace
'';
description = ''
description = mdDoc ''
Extra lines appended to the configuration file.
See here for all available options:
https://github.com/lightninglabs/loop/blob/11ab596080e9d36f1df43edbeba0702b25aa7457/loopd/config.go#L119
@ -80,7 +80,7 @@ let
--tlscertpath '${secretsDir}/loop-cert' "$@"
'';
defaultText = "(See source)";
description = "Binary to connect with the lightning-loop instance.";
description = mdDoc "Binary to connect with the lightning-loop instance.";
};
tor = nbLib.tor;
};

18
modules/lightning-pool.nix
View File

@ -7,38 +7,38 @@ let
rpcAddress = mkOption {
type = types.str;
default = "localhost";
description = "Address to listen for gRPC connections.";
description = mdDoc "Address to listen for gRPC connections.";
};
rpcPort = mkOption {
type = types.port;
default = 12010;
description = "Port to listen for gRPC connections.";
description = mdDoc "Port to listen for gRPC connections.";
};
restAddress = mkOption {
type = types.str;
default = cfg.rpcAddress;
description = "Address to listen for REST connections.";
description = mdDoc "Address to listen for REST connections.";
};
restPort = mkOption {
type = types.port;
default = 8281;
description = "Port to listen for REST connections.";
description = mdDoc "Port to listen for REST connections.";
};
package = mkOption {
type = types.package;
default = config.nix-bitcoin.pkgs.lightning-pool;
defaultText = "config.nix-bitcoin.pkgs.lightning-pool";
description = "The package providing lightning-pool binaries.";
description = mdDoc "The package providing lightning-pool binaries.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/lightning-pool";
description = "The data directory for lightning-pool.";
description = mdDoc "The data directory for lightning-pool.";
};
proxy = mkOption {
type = types.nullOr types.str;
default = if cfg.tor.proxy then config.nix-bitcoin.torClientAddressWithPort else null;
description = "host:port of SOCKS5 proxy for connnecting to the pool auction server.";
description = mdDoc "host:port of SOCKS5 proxy for connnecting to the pool auction server.";
};
extraConfig = mkOption {
type = types.lines;
@ -46,7 +46,7 @@ let
example = ''
debuglevel=trace
'';
description = "Extra lines appended to the configuration file.";
description = mdDoc "Extra lines appended to the configuration file.";
};
cli = mkOption {
default = pkgs.writers.writeBashBin "pool" ''
@ -56,7 +56,7 @@ let
--basedir '${cfg.dataDir}' "$@"
'';
defaultText = "(See source)";
description = "Binary to connect with the lightning-pool instance.";
description = mdDoc "Binary to connect with the lightning-pool instance.";
};
tor = nbLib.tor;
};

52
modules/liquid.nix
View File

@ -8,19 +8,19 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen for peer connections.";
description = mdDoc "Address to listen for peer connections.";
};
port = mkOption {
type = types.port;
default = 7042;
description = "Override the default port on which to listen for connections.";
description = mdDoc "Override the default port on which to listen for connections.";
};
onionPort = mkOption {
type = types.nullOr types.port;
# When the liquidd onion service is enabled, add an onion-tagged socket
# to distinguish local connections from Tor connections
default = if (config.nix-bitcoin.onionServices.liquidd.enable or false) then 7043 else null;
description = ''
description = mdDoc ''
Port to listen for Tor peer connections.
If set, inbound connections to this port are tagged as onion peers.
'';
@ -28,15 +28,15 @@ let
listen = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Listen for peer connections at `address:port`
and `address:onionPort` (if `onionPort` is set).
and `address:onionPort` (if {option}`onionPort` is set).
'';
};
listenWhitelisted = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Listen for peer connections at `address:whitelistedPort`.
Peers connected through this socket are automatically whitelisted.
'';
@ -44,7 +44,7 @@ let
whitelistedPort = mkOption {
type = types.port;
default = 7044;
description = "See `listenWhitelisted`.";
description = mdDoc "See {option}`listenWhitelisted`.";
};
extraConfig = mkOption {
type = types.lines;
@ -54,23 +54,23 @@ let
rpcthreads=16
logips=1
'';
description = "Extra lines appended to <filename>elements.conf</filename>.";
description = mdDoc "Extra lines appended to {file}`elements.conf`.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/liquidd";
description = "The data directory for liquidd.";
description = mdDoc "The data directory for liquidd.";
};
rpc = {
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen for JSON-RPC connections.";
description = mdDoc "Address to listen for JSON-RPC connections.";
};
port = mkOption {
type = types.port;
default = 7041;
description = "Port to listen for JSON-RPC connections.";
description = mdDoc "Port to listen for JSON-RPC connections.";
};
users = mkOption {
default = {};
@ -79,7 +79,7 @@ let
bob.passwordHMAC = "b2dd077cb54591a2f3139e69a897ac$4e71f08d48b4347cf8eff3815c0e25ae2e9a4340474079f55705f40574f4ec99";
};
type = with types; attrsOf (submodule rpcUserOpts);
description = ''
description = mdDoc ''
RPC user information for JSON-RPC connections.
'';
};
@ -87,25 +87,25 @@ let
rpcallowip = mkOption {
type = types.listOf types.str;
default = [ "127.0.0.1" ];
description = ''
description = mdDoc ''
Allow JSON-RPC connections from specified source.
'';
};
rpcuser = mkOption {
type = types.str;
default = "liquidrpc";
description = "Username for JSON-RPC connections";
description = mdDoc "Username for JSON-RPC connections";
};
proxy = mkOption {
type = types.nullOr types.str;
default = if cfg.tor.proxy then config.nix-bitcoin.torClientAddressWithPort else null;
description = "Connect through SOCKS5 proxy";
description = mdDoc "Connect through SOCKS5 proxy";
};
dbCache = mkOption {
type = types.nullOr (types.ints.between 4 16384);
default = null;
example = 4000;
description = "Override the default database cache size in megabytes.";
description = mdDoc "Override the default database cache size in megabytes.";
};
prune = mkOption {
type = types.nullOr (types.coercedTo
@ -115,13 +115,13 @@ let
);
default = null;
example = 10000;
description = ''
description = mdDoc ''
Reduce storage requirements by enabling pruning (deleting) of old
blocks. This allows the pruneblockchain RPC to be called to delete
specific blocks, and enables automatic pruning of old blocks if a
target size in MiB is provided. This mode is incompatible with -txindex
and -rescan. Warning: Reverting this setting requires re-downloading
the entire blockchain. ("disable" = disable pruning blocks, "manual"
the entire blockchain. (`disable` = disable pruning blocks, `manual`
= allow manual pruning via RPC, >=550 = automatically prune block files
to stay under the specified target size in MiB)
'';
@ -129,19 +129,19 @@ let
validatepegin = mkOption {
type = types.nullOr types.bool;
default = null;
description = ''
description = mdDoc ''
Validate pegin claims. All functionaries must run this.
'';
};
user = mkOption {
type = types.str;
default = "liquid";
description = "The user as which to run liquidd.";
description = mdDoc "The user as which to run liquidd.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run liquidd.";
description = mdDoc "The group as which to run liquidd.";
};
cli = mkOption {
readOnly = true;
@ -149,14 +149,14 @@ let
${nbPkgs.elementsd}/bin/elements-cli -datadir='${cfg.dataDir}' "$@"
'';
defaultText = "(See source)";
description = "Binary to connect with the liquidd instance.";
description = mdDoc "Binary to connect with the liquidd instance.";
};
swapCli = mkOption {
default = pkgs.writers.writeBashBin "liquidswap-cli" ''
${nbPkgs.liquid-swap}/bin/liquidswap-cli -c '${cfg.dataDir}/elements.conf' "$@"
'';
defaultText = "(See source)";
description = "Binary for managing liquid swaps.";
description = mdDoc "Binary for managing liquid swaps.";
};
tor = nbLib.tor;
};
@ -215,16 +215,16 @@ let
name = mkOption {
type = types.str;
example = "alice";
description = ''
description = mdDoc ''
Username for JSON-RPC connections.
'';
};
passwordHMAC = mkOption {
type = with types; uniq (strMatching "[0-9a-f]+\\$[0-9a-f]{64}");
example = "f7efda5c189b999524f151318c0c86$d5b51b3beffbc02b724e5d095828e0bc8b2456e9ac8757ae3211a5d9b16a22ae";
description = ''
description = mdDoc ''
Password HMAC-SHA-256 for JSON-RPC connections. Must be a string of the
format `salt-hex$hmac-hex`.
format `<SALT-HEX>$<HMAC-HEX>`.
'';
};
};

48
modules/lnd.nix
View File

@ -7,47 +7,47 @@ let
address = mkOption {
type = types.str;
default = "localhost";
description = "Address to listen for peer connections";
description = mdDoc "Address to listen for peer connections";
};
port = mkOption {
type = types.port;
default = 9735;
description = "Port to listen for peer connections";
description = mdDoc "Port to listen for peer connections";
};
rpcAddress = mkOption {
type = types.str;
default = "localhost";
description = "Address to listen for RPC connections.";
description = mdDoc "Address to listen for RPC connections.";
};
rpcPort = mkOption {
type = types.port;
default = 10009;
description = "Port to listen for gRPC connections.";
description = mdDoc "Port to listen for gRPC connections.";
};
restAddress = mkOption {
type = types.str;
default = "localhost";
description = "Address to listen for REST connections.";
description = mdDoc "Address to listen for REST connections.";
};
restPort = mkOption {
type = types.port;
default = 8080;
description = "Port to listen for REST connections.";
description = mdDoc "Port to listen for REST connections.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/lnd";
description = "The data directory for LND.";
description = mdDoc "The data directory for LND.";
};
networkDir = mkOption {
readOnly = true;
default = "${cfg.dataDir}/chain/bitcoin/${bitcoind.network}";
description = "The network data directory.";
description = mdDoc "The network data directory.";
};
tor-socks = mkOption {
type = types.nullOr types.str;
default = if cfg.tor.proxy then config.nix-bitcoin.torClientAddressWithPort else null;
description = "Socks proxy for connecting to Tor nodes";
description = mdDoc "Socks proxy for connecting to Tor nodes";
};
macaroons = mkOption {
default = {};
@ -55,18 +55,18 @@ let
options = {
user = mkOption {
type = types.str;
description = "User who owns the macaroon.";
description = mdDoc "User who owns the macaroon.";
};
permissions = mkOption {
type = types.str;
example = ''
{"entity":"info","action":"read"},{"entity":"onchain","action":"read"}
'';
description = "List of granted macaroon permissions.";
description = mdDoc "List of granted macaroon permissions.";
};
};
});
description = ''
description = mdDoc ''
Extra macaroon definitions.
'';
};
@ -75,18 +75,18 @@ let
type = with types; listOf str;
default = [];
example = [ "60.100.0.1" ];
description = ''
description = mdDoc ''
Extra `subjectAltName` IPs added to the certificate.
This works the same as lnd option `tlsextraip`.
This works the same as lnd option {option}`tlsextraip`.
'';
};
extraDomains = mkOption {
type = with types; listOf str;
default = [];
example = [ "example.com" ];
description = ''
description = mdDoc ''
Extra `subjectAltName` domain names added to the certificate.
This works the same as lnd option `tlsextradomain`.
This works the same as lnd option {option}`tlsextradomain`.
'';
};
};
@ -96,8 +96,8 @@ let
example = ''
autopilot.active=1
'';
description = ''
Extra lines appended to `lnd.conf`.
description = mdDoc ''
Extra lines appended to {file}`lnd.conf`.
See here for all available options:
https://github.com/lightningnetwork/lnd/blob/master/sample-lnd.conf
'';
@ -106,7 +106,7 @@ let
type = types.package;
default = config.nix-bitcoin.pkgs.lnd;
defaultText = "config.nix-bitcoin.pkgs.lnd";
description = "The package providing lnd binaries.";
description = mdDoc "The package providing lnd binaries.";
};
cli = mkOption {
default = pkgs.writers.writeBashBin "lncli"
@ -118,12 +118,12 @@ let
--macaroonpath '${networkDir}/admin.macaroon' "$@"
'';
defaultText = "(See source)";
description = "Binary to connect with the lnd instance.";
description = mdDoc "Binary to connect with the lnd instance.";
};
getPublicAddressCmd = mkOption {
type = types.str;
default = "";
description = ''
description = mdDoc ''
Bash expression which outputs the public service address to announce to peers.
If left empty, no address is announced.
'';
@ -131,17 +131,17 @@ let
user = mkOption {
type = types.str;
default = "lnd";
description = "The user as which to run LND.";
description = mdDoc "The user as which to run LND.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run LND.";
description = mdDoc "The group as which to run LND.";
};
certPath = mkOption {
readOnly = true;
default = "${secretsDir}/lnd-cert";
description = "LND TLS certificate path.";
description = mdDoc "LND TLS certificate path.";
};
tor = nbLib.tor;
};

8
modules/lndconnect-onion.nix
View File

@ -6,13 +6,13 @@ let
services.lnd.lndconnectOnion.enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Create an onion service for the lnd REST server.
Add a `lndconnect-onion` binary to the system environment.
See: https://github.com/LN-Zap/lndconnect
Usage:
```
```bash
# Print QR code
lndconnect-onion
@ -25,13 +25,13 @@ let
services.clightning-rest.lndconnectOnion.enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Create an onion service for clightning-rest.
Add a `lndconnect-onion-clightning` binary to the system environment.
See: https://github.com/LN-Zap/lndconnect
Usage:
```
```bash
# Print QR code
lndconnect-onion-clightning

10
modules/netns-isolation.nix
View File

@ -8,7 +8,7 @@ let
addressblock = mkOption {
type = types.ints.u8;
default = 1;
description = ''
description = mdDoc ''
The address block N in 169.254.N.0/24, used as the prefix for netns addresses.
'';
};
@ -20,7 +20,7 @@ let
id = mkOption {
# TODO: Assert uniqueness
type = types.ints.between 11 255;
description = ''
description = mdDoc ''
id for the netns, used for the IP address host part and
for naming the interfaces. Must be unique. Must be greater than 10.
'';
@ -35,7 +35,7 @@ let
allowedUser = mkOption {
type = types.str;
description = ''
description = mdDoc ''
User that is allowed to execute commands in the service network namespaces.
The user's group is also authorized.
'';
@ -45,13 +45,13 @@ let
netns = mkOption {
readOnly = true;
default = netns;
description = "Exposes netns parameters.";
description = mdDoc "Exposes netns parameters.";
};
bridgeIp = mkOption {
readOnly = true;
default = bridgeIp;
description = "IP of the netns bridge interface.";
description = mdDoc "IP of the netns bridge interface.";
};
};

3
modules/nix-bitcoin.nix
View File

@ -39,8 +39,7 @@ with lib;
runAsUserCmd = mkOption {
readOnly = true;
default = if config.security.doas.enable
# TODO-EXTERNAL: Use absolute path until https://github.com/NixOS/nixpkgs/pull/133622 is available.
then "/run/wrappers/bin/doas -u"
then "doas -u"
else "sudo -u";
defaultText = "(See source)";
};

4
modules/nodeinfo.nix
View File

@ -17,7 +17,7 @@ let
type = types.attrs;
default = {};
defaultText = "(See source)";
description = ''
description = mdDoc ''
Nodeinfo service definitions.
'';
};
@ -27,7 +27,7 @@ let
readOnly = true;
default = nodeinfoLib;
defaultText = "(See source)";
description = ''
description = mdDoc ''
Helper functions for defining nodeinfo services.
'';
};

10
modules/onion-addresses.nix
View File

@ -12,23 +12,25 @@ let
access = mkOption {
type = with types; attrsOf (listOf str);
default = {};
description = ''
description = mdDoc ''
This option controls who is allowed to access onion addresses.
For example, the following allows user 'myuser' to access bitcoind
and clightning onion addresses:
```nix
{
"myuser" = [ "bitcoind" "clightning" ];
};
```
The onion hostnames can then be read from
/var/lib/onion-addresses/myuser.
{file}`/var/lib/onion-addresses/myuser`.
'';
};
services = mkOption {
type = with types; listOf str;
default = [];
description = ''
description = mdDoc ''
Services that can access their onion address via file
`/var/lib/onion-addresses/$service`
{file}`/var/lib/onion-addresses/<service>`
The file is readable only by the service user.
'';
};

10
modules/onion-services.nix
View File

@ -16,24 +16,24 @@ let
enable = mkOption {
type = types.bool;
default = config.public;
description = ''
description = mdDoc ''
Create an onion service for the given service.
The service must define options 'address' and 'onionPort' (or `port`).
The service must define options {option}'address' and {option}'onionPort' (or `port`).
'';
};
public = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Make the onion address accessible to the service.
If enabled, the onion service is automatically enabled.
Only available for services that define option `getPublicAddressCmd`.
Only available for services that define option {option}`getPublicAddressCmd`.
'';
};
externalPort = mkOption {
type = types.nullOr types.port;
default = null;
description = "Override the external port of the onion service.";
description = mdDoc "Override the external port of the onion service.";
};
};
}

8
modules/operator.nix
View File

@ -6,7 +6,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Whether to define a user named `operator` for convenient interactive access
to nix-bitcoin features (like `bitcoin-cli`).
@ -18,17 +18,17 @@ let
name = mkOption {
type = types.str;
default = "operator";
description = "Name of the operator user.";
description = mdDoc "Name of the operator user.";
};
groups = mkOption {
type = with types; listOf str;
default = [];
description = "Extra groups of the operatur user.";
description = mdDoc "Extra groups of the operatur user.";
};
allowRunAsUsers = mkOption {
type = with types; listOf str;
default = [];
description = "Users as which the operator is allowed to run commands.";
description = mdDoc "Users as which the operator is allowed to run commands.";
};
};

28
modules/rtl.nix
View File

@ -7,24 +7,24 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "HTTP server address.";
description = mdDoc "HTTP server address.";
};
port = mkOption {
type = types.port;
default = 3000;
description = "HTTP server port.";
description = mdDoc "HTTP server port.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/rtl";
description = "The data directory for RTL.";
description = mdDoc "The data directory for RTL.";
};
nodes = {
clightning = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable the clightning node interface.";
description = mdDoc "Enable the clightning node interface.";
};
extraConfig = mkOption {
type = types.attrs;
@ -33,7 +33,7 @@ let
Settings.userPersona = "MERCHANT";
Settings.logLevel = "DEBUG";
};
description = ''
description = mdDoc ''
Extra clightning node configuration.
See here for all available options:
https://github.com/Ride-The-Lightning/RTL/blob/master/.github/docs/Application_configurations.md
@ -44,12 +44,12 @@ let
enable = mkOption {
type = types.bool;
default = false;
description = "Enable the lnd node interface.";
description = mdDoc "Enable the lnd node interface.";
};
loop = mkOption {
type = types.bool;
default = false;
description = "Enable swaps with lightning-loop.";
description = mdDoc "Enable swaps with lightning-loop.";
};
extraConfig = mkOption {
type = types.attrs;
@ -58,7 +58,7 @@ let
Settings.userPersona = "MERCHANT";
Settings.logLevel = "DEBUG";
};
description = ''
description = mdDoc ''
Extra lnd node configuration.
See here for all available options:
https://github.com/Ride-The-Lightning/RTL/blob/master/.github/docs/Application_configurations.md
@ -68,7 +68,7 @@ let
reverseOrder = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Reverse the order of nodes shown in the UI.
By default, clightning is shown before lnd.
'';
@ -77,28 +77,28 @@ let
nightTheme = mkOption {
type = types.bool;
default = false;
description = "Enable the Night UI Theme.";
description = mdDoc "Enable the Night UI Theme.";
};
extraCurrency = mkOption {
type = with types; nullOr str;
default = null;
example = "USD";
description = ''
description = mdDoc ''
Currency code (ISO 4217) of the extra currency used for displaying balances.
When set, this option enables online currency rate fetching.
Warning: Rate fetching requires outgoing clearnet connections, so option
`tor.enforce` is automatically disabled.
{option}`tor.enforce` is automatically disabled.
'';
};
user = mkOption {
type = types.str;
default = "rtl";
description = "The user as which to run RTL.";
description = mdDoc "The user as which to run RTL.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run RTL.";
description = mdDoc "The group as which to run RTL.";
};
tor.enforce = nbLib.tor.enforce;
};

12
modules/secrets/secrets.nix
View File

@ -6,14 +6,14 @@ let
secretsDir = mkOption {
type = types.path;
default = "/etc/nix-bitcoin-secrets";
description = "Directory to store secrets";
description = mdDoc "Directory to store secrets";
};
setupSecrets = mkOption {
type = types.bool;
default = false;
description = ''
Set permissions for existing secrets in `nix-bitcoin.secretsDir`
description = mdDoc ''
Set permissions for existing secrets in {option}`nix-bitcoin.secretsDir`
before services are started.
'';
};
@ -21,7 +21,7 @@ let
generateSecrets = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Automatically generate all required secrets before services are started.
Note: Make sure to create a backup of the generated secrets.
'';
@ -30,7 +30,7 @@ let
generateSecretsCmds = mkOption {
type = types.attrsOf types.str;
default = {};
description = ''
description = mdDoc ''
Bash expressions for generating secrets.
'';
};
@ -38,7 +38,7 @@ let
# Currently, this is used only by ../deployment/nixops.nix
deployment.secretsDir = mkOption {
type = types.path;
description = ''
description = mdDoc ''
Directory of local secrets that are transferred to the nix-bitcoin node on deployment
'';
};

8
modules/security.nix
View File

@ -6,16 +6,16 @@ with lib;
nix-bitcoin.security.dbusHideProcessInformation = mkOption {
type = types.bool;
default = false;
description = ''
Only allow users with group 'proc' to retrieve systemd unit information like
description = mdDoc ''
Only allow users with group `proc` to retrieve systemd unit information like
cgroup paths (i.e. (sub)process command lines) via D-Bus.
This mitigates a systemd security issue where (sub)process command lines can
be retrieved by services even when their access to /proc is restricted
(via ProtectProc).
This option works by restricting the D-Bus method 'GetUnitProcesses', which
is also used internally by `systemctl status`.
This option works by restricting the D-Bus method `GetUnitProcesses`, which
is also used internally by {command}`systemctl status`.
'';
};
};

12
modules/spark-wallet.nix
View File

@ -7,22 +7,22 @@ let
address = mkOption {
type = types.str;
default = "localhost";
description = "http(s) server address.";
description = mdDoc "http(s) server address.";
};
port = mkOption {
type = types.port;
default = 9737;
description = "http(s) server port.";
description = mdDoc "http(s) server port.";
};
extraArgs = mkOption {
type = types.separatedString " ";
default = "";
description = "Extra command line arguments passed to spark-wallet.";
description = mdDoc "Extra command line arguments passed to spark-wallet.";
};
getPublicAddressCmd = mkOption {
type = types.str;
default = "";
description = ''
description = mdDoc ''
Bash expression which outputs the public service address.
If set, spark-wallet prints a QR code to the systemd journal which
encodes an URL for accessing the web interface.
@ -31,12 +31,12 @@ let
user = mkOption {
type = types.str;
default = "spark-wallet";
description = "The user as which to run spark-wallet.";
description = mdDoc "The user as which to run spark-wallet.";
};
group = mkOption {
type = types.str;
default = cfg.user;
description = "The group as which to run spark-wallet.";
description = mdDoc "The group as which to run spark-wallet.";
};
tor = nbLib.tor;
};

2
modules/versioning.nix
View File

@ -11,7 +11,7 @@ let
nix-bitcoin.configVersion = mkOption {
type = with types; nullOr str;
default = null;
description = ''
description = mdDoc ''
Set this option to the nix-bitcoin release version that your config is
compatible with.

4
pkgs/clightning-plugins/default.nix
View File

@ -31,7 +31,7 @@ let
description = "Lightning node exporter for the prometheus timeseries server";
extraPkgs = [ prometheus_client ];
patchRequirements =
"--replace prometheus-client==0.6.0 prometheus-client==0.13.1"
"--replace prometheus-client==0.6.0 prometheus-client==0.15.0"
+ " --replace pyln-client~=0.9.3 pyln-client~=22.11rc1";
};
rebalance = {
@ -80,7 +80,7 @@ let
inherit (plugin) description;
homepage = "https://github.com/lightningd/plugins";
license = licenses.bsd3;
maintainers = with maintainers; [ nixbitcoin earvstedt ];
maintainers = with maintainers; [ nixbitcoin erikarvstedt ];
platforms = platforms.unix;
};
};

2
pkgs/clightning-rest/default.nix
View File

@ -49,7 +49,7 @@ let self = stdenvNoCC.mkDerivation {
description = "REST API for C-Lightning";
homepage = "https://github.com/Ride-The-Lightning/c-lightning-REST";
license = licenses.mit;
maintainers = with maintainers; [ nixbitcoin earvstedt ];
maintainers = with maintainers; [ nixbitcoin erikarvstedt ];
platforms = platforms.unix;
};
}; in self

9
pkgs/default.nix
View File

@ -13,7 +13,7 @@ let self = {
clightning-rest = pkgs.callPackage ./clightning-rest { inherit (self) fetchNodeModules; };
clboss = pkgs.callPackage ./clboss { };
clightning-plugins = pkgs.recurseIntoAttrs (import ./clightning-plugins pkgs self.nbPython3Packages);
joinmarket = pkgs.callPackage ./joinmarket { nbPythonPackageOverrides = import ./python-packages self; };
joinmarket = pkgs.callPackage ./joinmarket { inherit (self) nbPython3PackagesJoinmarket; };
lndinit = pkgs.callPackage ./lndinit { };
liquid-swap = pkgs.python3Packages.callPackage ./liquid-swap { };
rtl = pkgs.callPackage ./rtl { inherit (self) fetchNodeModules; };
@ -21,9 +21,10 @@ let self = {
secp256k1 = pkgs.callPackage ./secp256k1 { };
spark-wallet = pkgs.callPackage ./spark-wallet { };
nbPython3Packages = (pkgs.python3.override {
packageOverrides = import ./python-packages self;
}).pkgs;
pyPkgs = import ./python-packages self pkgs.python3;
inherit (self.pyPkgs)
nbPython3Packages
nbPython3PackagesJoinmarket;
fetchNodeModules = pkgs.callPackage ./build-support/fetch-node-modules.nix { };

14
pkgs/joinmarket/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, lib, fetchurl, python3, nbPythonPackageOverrides, pkgs }:
{ stdenv, lib, fetchurl, python3, nbPython3PackagesJoinmarket }:
let
version = "0.9.8";
@ -7,17 +7,7 @@ let
sha256 = "1ab4smpyx966iiiip3g11bcslya37qhac1kgkbmsmlsdkpilw9di";
};
pyPkgs = (python3.override {
packageOverrides = (self: super: let
overrides = nbPythonPackageOverrides self super;
in
overrides // {
cryptography = overrides.cryptography_3_3_2;
}
);
}).pkgs;
runtimePackages = with pyPkgs; [
runtimePackages = with nbPython3PackagesJoinmarket; [
joinmarketbase
joinmarketclient
joinmarketbitcoin

2
pkgs/lndinit/default.nix
View File

@ -19,6 +19,6 @@ buildGoModule rec {
description = "Wallet initializer utility for lnd";
homepage = "https://github.com/lightninglabs/lndinit";
license = licenses.mit;
maintainers = with maintainers; [ earvstedt ];
maintainers = with maintainers; [ erikarvstedt ];
};
}

14
pkgs/pinned.nix
View File

@ -2,23 +2,23 @@
pkgs: pkgsUnstable:
{
inherit (pkgs)
lightning-pool
lndconnect;
inherit (pkgsUnstable)
bitcoin
bitcoind
btcpayserver
charge-lnd
clightning
electrs
elementsd
extra-container
fulcrum
hwi
lightning-loop
lnd
lightning-pool
lndconnect
nbxplorer;
inherit (pkgsUnstable)
charge-lnd
clightning
lnd;
inherit pkgs pkgsUnstable;
}

96
pkgs/python-packages/default.nix
View File

@ -1,51 +1,67 @@
nbPkgs: self: super:
let
inherit (self) callPackage;
nbPkgs: python3:
rec {
pyPkgsOverrides = self: super: let
inherit (self) callPackage;
clightningPkg = pkg: callPackage pkg { inherit (nbPkgs.pinned) clightning; };
in
{
coincurve = callPackage ./coincurve {};
txzmq = callPackage ./txzmq {};
joinmarketPkg = pkg: callPackage pkg { inherit (nbPkgs.joinmarket) version src; };
clightningPkg = pkg: callPackage pkg { inherit (nbPkgs.pinned) clightning; };
pyln-client = clightningPkg ./pyln-client;
pyln-proto = clightningPkg ./pyln-proto;
pyln-bolt7 = clightningPkg ./pyln-bolt7;
pylightning = clightningPkg ./pylightning;
unstable = (import ../nixpkgs-pinned.nix).nixpkgs-unstable;
in {
bencoderpyx = callPackage ./bencoderpyx {};
chromalog = callPackage ./chromalog {};
coincurve = callPackage ./coincurve {};
python-bitcointx = callPackage ./python-bitcointx { inherit (nbPkgs) secp256k1; };
runes = callPackage ./runes {};
sha256 = callPackage ./sha256 {};
txzmq = callPackage ./txzmq {};
urldecode = callPackage ./urldecode {};
# Packages only used by joinmarket
bencoderpyx = callPackage ./bencoderpyx {};
chromalog = callPackage ./chromalog {};
python-bitcointx = callPackage ./python-bitcointx {
inherit (nbPkgs) secp256k1;
openssl = super.pkgs.openssl_1_1;
};
runes = callPackage ./runes {};
sha256 = callPackage ./sha256 {};
urldecode = callPackage ./urldecode {};
};
joinmarketbase = joinmarketPkg ./jmbase;
joinmarketclient = joinmarketPkg ./jmclient;
joinmarketbitcoin = joinmarketPkg ./jmbitcoin;
joinmarketdaemon = joinmarketPkg ./jmdaemon;
# Joinmarket requires a custom package set because it uses older versions of Python pkgs
pyPkgsOverridesJoinmarket = self: super: let
inherit (self) callPackage;
joinmarketPkg = pkg: callPackage pkg { inherit (nbPkgs.joinmarket) version src; };
in
(pyPkgsOverrides self super) // {
joinmarketbase = joinmarketPkg ./jmbase;
joinmarketclient = joinmarketPkg ./jmclient;
joinmarketbitcoin = joinmarketPkg ./jmbitcoin;
joinmarketdaemon = joinmarketPkg ./jmdaemon;
pyln-client = clightningPkg ./pyln-client;
pyln-proto = clightningPkg ./pyln-proto;
pyln-bolt7 = clightningPkg ./pyln-bolt7;
pylightning = clightningPkg ./pylightning;
## Specific versions of packages that already exist in nixpkgs
# Don't mark `klein` as broken.
# `klein` is fixed by using werkzeug 2.1.0 (see below)
klein = super.klein.overrideAttrs (old: {
meta = builtins.removeAttrs old.meta [ "broken" ];
});
# cryptography 3.3.2, required by joinmarketdaemon
# Used in the private python package set for joinmarket (../joinmarket/default.nix)
cryptography = callPackage ./specific-versions/cryptography {
openssl = super.pkgs.openssl_1_1;
cryptography_vectors = callPackage ./specific-versions/cryptography/vectors.nix {};
};
## Specific versions of packages that already exist in nixpkgs
# autobahn 20.12.3, required by joinmarketclient
autobahn = callPackage ./specific-versions/autobahn.nix {};
# cryptography 3.3.2, required by joinmarketdaemon
# Used in the private python package set for joinmarket (../joinmarket/default.nix)
cryptography_3_3_2 = callPackage ./specific-versions/cryptography {
cryptography_vectors = callPackage ./specific-versions/cryptography/vectors.nix {};
};
# pyopenssl 20.0.1, required by joinmarketdaemon
pyopenssl = callPackage ./specific-versions/pyopenssl.nix {
openssl = super.pkgs.openssl_1_1;
};
# autobahn 20.12.3, required by joinmarketclient
autobahn = callPackage ./specific-versions/autobahn.nix {};
# twisted 22.4.0, compatible with pyopenssl 20.0.1
twisted = callPackage ./specific-versions/twisted.nix {};
};
# werkzeug 2.1.0, required by jmclient (via pkg `klein`)
werkzeug = callPackage ./specific-versions/werkzeug.nix {};
nbPython3Packages = (python3.override {
packageOverrides = pyPkgsOverrides;
}).pkgs;
# pyopenssl 20.0.1, required by joinmarketdaemon
pyopenssl = callPackage ./specific-versions/pyopenssl.nix {};
nbPython3PackagesJoinmarket = (python3.override {
packageOverrides = pyPkgsOverridesJoinmarket;
}).pkgs;
}

4
pkgs/python-packages/jmclient/default.nix
View File

@ -12,9 +12,9 @@ buildPythonPackage rec {
patchPhase = ''
substituteInPlace setup.py \
--replace "'klein==20.6.0'" "'klein==21.8.0'"
--replace "'klein==20.6.0'" "'klein>=20.6.0'"
substituteInPlace setup.py \
--replace "'pyjwt==2.1.0'" "'pyjwt==2.4.0'"
--replace "'pyjwt==2.4.0'" "'pyjwt==2.5.0'"
'';
meta = with lib; {

4
pkgs/python-packages/pyln-proto/default.nix
View File

@ -27,4 +27,8 @@ buildPythonPackage rec {
checkInputs = [ pytestCheckHook ];
postUnpack = "sourceRoot=$sourceRoot/contrib/pyln-proto";
postPatch = ''
sed -i 's|cryptography = "^36.0.1"|cryptography = "^38.0.0"|' pyproject.toml
'';
}

173
pkgs/python-packages/specific-versions/twisted.nix Normal file
View File

@ -0,0 +1,173 @@
{ lib
, stdenv
, buildPythonPackage
, pythonOlder
, fetchPypi
, python
, appdirs
, attrs
, automat
, bcrypt
, constantly
, contextvars
, cryptography
, git
, glibcLocales
, h2
, hyperlink
, idna
, incremental
, priority
, pyasn1
, pyhamcrest
, pynacl
, pyopenssl
, pyserial
, service-identity
, setuptools
, typing-extensions
, zope_interface
# for passthru.tests
, cassandra-driver
, klein
, magic-wormhole
, scrapy
, treq
, txaio
, txamqp
, txrequests
, txtorcon
, thrift
, nixosTests
}:
buildPythonPackage rec {
pname = "twisted";
version = "22.4.0";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchPypi {
pname = "Twisted";
inherit version;
extension = "tar.gz";
sha256 = "sha256-oEeZD1ffrh4L0rffJSbU8W3NyEN3TcEIt4xS8qXxNoA=";
};
__darwinAllowLocalNetworking = true;
propagatedBuildInputs = [
attrs
automat
constantly
hyperlink
incremental
setuptools
typing-extensions
zope_interface
];
postPatch = ''
echo 'ListingTests.test_localeIndependent.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py
echo 'ListingTests.test_newFile.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py
echo 'ListingTests.test_newSingleDigitDayOfMonth.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py
echo 'ListingTests.test_oldFile.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py
echo 'ListingTests.test_oldSingleDigitDayOfMonth.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py
echo 'PTYProcessTestsBuilder_AsyncioSelectorReactorTests.test_openFileDescriptors.skip = "invalid syntax"'>> src/twisted/internet/test/test_process.py
echo 'PTYProcessTestsBuilder_SelectReactorTests.test_openFileDescriptors.skip = "invalid syntax"'>> src/twisted/internet/test/test_process.py
echo 'UNIXTestsBuilder_AsyncioSelectorReactorTests.test_sendFileDescriptorTriggersPauseProducing.skip = "sendFileDescriptor producer was not paused"'>> src/twisted/internet/test/test_unix.py
echo 'UNIXTestsBuilder_SelectReactorTests.test_sendFileDescriptorTriggersPauseProducing.skip = "sendFileDescriptor producer was not paused"'>> src/twisted/internet/test/test_unix.py
echo 'FileObserverTests.test_getTimezoneOffsetEastOfUTC.skip = "mktime argument out of range"'>> src/twisted/test/test_log.py
echo 'FileObserverTests.test_getTimezoneOffsetWestOfUTC.skip = "mktime argument out of range"'>> src/twisted/test/test_log.py
echo 'FileObserverTests.test_getTimezoneOffsetWithoutDaylightSavingTime.skip = "tuple differs, values not"'>> src/twisted/test/test_log.py
echo 'MulticastTests.test_joinLeave.skip = "No such device"'>> src/twisted/test/test_udp.py
echo 'MulticastTests.test_loopback.skip = "No such device"'>> src/twisted/test/test_udp.py
echo 'MulticastTests.test_multicast.skip = "Reactor was unclean"'>> src/twisted/test/test_udp.py
echo 'MulticastTests.test_multiListen.skip = "No such device"'>> src/twisted/test/test_udp.py
echo 'DomishExpatStreamTests.test_namespaceWithWhitespace.skip = "syntax error: line 1, column 0"'>> src/twisted/words/test/test_domish.py
# not packaged
substituteInPlace src/twisted/test/test_failure.py \
--replace "from cython_test_exception_raiser import raiser # type: ignore[import]" "raiser = None"
'' + lib.optionalString stdenv.isLinux ''
echo 'PTYProcessTestsBuilder_EPollReactorTests.test_openFileDescriptors.skip = "invalid syntax"'>> src/twisted/internet/test/test_process.py
echo 'PTYProcessTestsBuilder_PollReactorTests.test_openFileDescriptors.skip = "invalid syntax"'>> src/twisted/internet/test/test_process.py
echo 'UNIXTestsBuilder_EPollReactorTests.test_sendFileDescriptorTriggersPauseProducing.skip = "sendFileDescriptor producer was not paused"'>> src/twisted/internet/test/test_unix.py
echo 'UNIXTestsBuilder_PollReactorTests.test_sendFileDescriptorTriggersPauseProducing.skip = "sendFileDescriptor producer was not paused"'>> src/twisted/internet/test/test_unix.py
# Patch t.p._inotify to point to libc. Without this,
# twisted.python.runtime.platform.supportsINotify() == False
substituteInPlace src/twisted/python/_inotify.py --replace \
"ctypes.util.find_library(\"c\")" "'${stdenv.cc.libc}/lib/libc.so.6'"
'' + lib.optionalString (stdenv.isAarch64 && stdenv.isDarwin) ''
echo 'AbortConnectionTests_AsyncioSelectorReactorTests.test_fullWriteBufferAfterByteExchange.skip = "Timeout after 120 seconds"' >> src/twisted/internet/test/test_tcp.py
echo 'AbortConnectionTests_AsyncioSelectorReactorTests.test_resumeProducingAbort.skip = "Timeout after 120 seconds"' >> src/twisted/internet/test/test_tcp.py
'';
# Generate Twisted's plug-in cache. Twisted users must do it as well. See
# http://twistedmatrix.com/documents/current/core/howto/plugin.html#auto3
# and http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477103 for details.
postFixup = ''
$out/bin/twistd --help > /dev/null
'';
checkInputs = [
git
glibcLocales
pyhamcrest
]
++ passthru.optional-dependencies.conch
# not supported on aarch64-darwin: https://github.com/pyca/pyopenssl/issues/873
++ lib.optionals (!(stdenv.isDarwin && stdenv.isAarch64)) passthru.optional-dependencies.tls;
checkPhase = ''
export SOURCE_DATE_EPOCH=315532800
export PATH=$out/bin:$PATH
# race conditions when running in paralell
${python.interpreter} -m twisted.trial twisted
'';
passthru = {
optional-dependencies = rec {
conch = [ appdirs bcrypt cryptography pyasn1 ];
conch_nacl = conch ++ [ pynacl ];
contextvars = lib.optionals (pythonOlder "3.7") [ contextvars ];
http2 = [ h2 priority ];
serial = [ pyserial ];
tls = [ idna pyopenssl service-identity ];
};
tests = {
inherit
cassandra-driver
klein
magic-wormhole
scrapy
treq
txaio
txamqp
txrequests
txtorcon
thrift;
inherit (nixosTests) buildbot matrix-synapse;
};
};
meta = with lib; {
homepage = "https://github.com/twisted/twisted";
description = "Twisted, an event-driven networking engine written in Python";
longDescription = ''
Twisted is an event-driven networking engine written in Python
and licensed under the MIT license.
'';
license = licenses.mit;
maintainers = with maintainers; [ SuperSandro2000 ];
};
}

68
pkgs/python-packages/specific-versions/werkzeug.nix
View File

@ -1,68 +0,0 @@
{ lib
, stdenv
, buildPythonPackage
, pythonOlder
, fetchPypi
, watchdog
, dataclasses
, ephemeral-port-reserve
, pytest-timeout
, pytest-xprocess
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "werkzeug";
version = "2.1.0";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
pname = "Werkzeug";
inherit version;
sha256 = "sha256-m1VGaj6Z4TsfBoamYRfTm9qFqZIWbgp5rt/PNYYyj3o=";
};
propagatedBuildInputs = lib.optionals (!stdenv.isDarwin) [
# watchdog requires macos-sdk 10.13+
watchdog
] ++ lib.optionals (pythonOlder "3.7") [
dataclasses
];
checkInputs = [
ephemeral-port-reserve
pytest-timeout
pytest-xprocess
pytestCheckHook
];
disabledTests = lib.optionals stdenv.isDarwin [
"test_get_machine_id"
];
disabledTestPaths = [
# ConnectionRefusedError: [Errno 111] Connection refused
"tests/test_serving.py"
];
pytestFlagsArray = [
# don't run tests that are marked with filterwarnings, they fail with
# warnings._OptionError: unknown warning category: 'pytest.PytestUnraisableExceptionWarning'
"-m 'not filterwarnings'"
];
meta = with lib; {
homepage = "https://palletsprojects.com/p/werkzeug/";
description = "The comprehensive WSGI web application library";
longDescription = ''
Werkzeug is a comprehensive WSGI web application library. It
began as a simple collection of various utilities for WSGI
applications and has become one of the most advanced WSGI
utility libraries.
'';
license = licenses.bsd3;
maintainers = with maintainers; [ ];
};
}

2
pkgs/rtl/default.nix
View File

@ -57,7 +57,7 @@ let self = stdenvNoCC.mkDerivation {
description = "A web interface for LND, c-lightning and Eclair";
homepage = "https://github.com/Ride-The-Lightning/RTL";
license = licenses.mit;
maintainers = with maintainers; [ nixbitcoin earvstedt ];
maintainers = with maintainers; [ nixbitcoin erikarvstedt ];
platforms = platforms.unix;
};
}; in self

2
pkgs/spark-wallet/default.nix
View File

@ -10,7 +10,7 @@ nodePackages.package.override {
description = "A minimalistic wallet GUI for c-lightning";
homepage = "https://github.com/shesek/spark-wallet";
license = licenses.mit;
maintainers = with maintainers; [ nixbitcoin earvstedt ];
maintainers = with maintainers; [ nixbitcoin erikarvstedt ];
platforms = platforms.unix;
};
}

23
test/lib/make-test-vm.nix
View File

@ -6,20 +6,25 @@ let
};
in
args:
module:
let
test = pythonTesting.makeTest args;
test = (pythonTesting.evalTest module).config;
# 1. Save test logging output
# 2. Add link to driver so that a gcroot to a test prevents the driver from
# being garbage-collected
fixedTest = test.overrideAttrs (_: {
# See `runTests` in nixpkgs/nixos/lib/testing-python.nix for the original definition of `buildCommand`
runTest = pkgs.stdenv.mkDerivation {
name = "vm-test-run-${test.name}";
requiredSystemFeatures = [ "kvm" "nixos-test" ];
# 1. Save test logging output
# 2. Add link to driver so that a gcroot to a test prevents the driver from
# being garbage-collected
buildCommand = ''
mkdir "$out"
LOGFILE=$out/output.xml tests='exec(os.environ["testScript"])' ${test.driver}/bin/nixos-test-driver
ln -s ${test.driver} "$out/driver"
'';
});
inherit (test) meta passthru;
} // test;
in
fixedTest
runTest

2
test/lib/make-test.nix
View File

@ -47,7 +47,7 @@ let
# is_interactive is set in ./run-vm.sh
''
if not "is_interactive" in vars():
run_tests()
nb_run_tests()
''
];
};

15
test/lib/shellcheck-services.nix
View File

@ -5,7 +5,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
description = ''
description = mdDoc ''
Whether to shellcheck services during system build time.
'';
};
@ -13,14 +13,14 @@ let
sourcePrefix = mkOption {
type = with types; nullOr str;
default = null;
description = ''
description = mdDoc ''
The definition source path prefix of services to include in the shellcheck.
'';
};
runShellcheck = mkOption {
readOnly = true;
description = ''
description = mdDoc ''
A derivation that runs shellcheck on all bash scripts included
in nix-bitcoin services.
'';
@ -45,18 +45,17 @@ let
# Return set of services ({ service1 = true; service2 = true; ... })
# which are either defined or not defined within `sourcePrefix`, depending
# on `shouldMatch`.
collectServices = shouldMatch: lib.listToAttrs (builtins.concatLists (zipListsWith (services: file:
collectServices = shouldMatch: lib.listToAttrs (builtins.concatLists (map (def:
let
services = def.value;
inherit (def) file;
isMatching = lib.hasPrefix sourcePrefix file;
in
# Nix has no boolean XOR, so use `if`
lib.optionals (if shouldMatch then isMatching else !isMatching) (
(map (service: { name = service; value = true; }) (builtins.attrNames services))
)
# TODO-EXTERNAL:
# Use `systemdServices.definitionsWithLocations` when https://github.com/NixOS/nixpkgs/pull/189836
# is included in nixpkgs stable.
) systemdServices.definitions systemdServices.files));
) systemdServices.definitionsWithLocations));
in
# Calculate set difference: matchingServices - nonMatchingServices
# and exclude unavailable services (defined via `mkIf false ...`) by checking `configSystemdServices`.

6
test/lib/test-lib.nix
View File

@ -10,7 +10,7 @@ with lib;
noConnections = mkOption {
type = types.bool;
default = !config.test.container.enableWAN;
description = ''
description = mdDoc ''
Whether services should be configured to not connect to external hosts.
This can silence some warnings while running the test in an offline environment.
'';
@ -18,9 +18,9 @@ with lib;
data = mkOption {
type = types.attrs;
default = {};
description = ''
description = mdDoc ''
Attrs that are available in the Python test script under the global
dictionary variable 'test_data'. The data is exported via JSON.
dictionary variable {var}`test_data`. The data is exported via JSON.
'';
};
extraTestScript = mkOption {

3
test/tests.py
View File

@ -48,7 +48,8 @@ def test(name):
tests[name] = fn
return x
def run_tests():
# `run_tests` is already defined by the NixOS test driver
def nb_run_tests():
enabled = enabled_tests.copy()
to_run = []
for test in tests: