From f1681f5b45ebe2807503c2d8b00df701b4549ea8 Mon Sep 17 00:00:00 2001 From: Erik Arvstedt Date: Mon, 9 Nov 2020 22:09:09 +0100 Subject: [PATCH] add option nix-bitcoin.pkgs, remove overlay This works around a nixpkgs bug where overlays are ignored in containers. --- modules/bitcoind.nix | 2 +- modules/btcpayserver.nix | 7 +++---- modules/clightning.nix | 11 ++++++----- modules/electrs.nix | 2 +- modules/hardware-wallets.nix | 6 +++--- modules/joinmarket.nix | 9 +++++---- modules/lightning-charge.nix | 2 +- modules/lightning-loop.nix | 3 +-- modules/liquid.nix | 9 +++++---- modules/lnd.nix | 5 ++--- modules/modules.nix | 12 +++++------- modules/nanopos.nix | 2 +- modules/netns-isolation.nix | 2 +- modules/recurring-donations.nix | 2 +- modules/secrets/generate-secrets.nix | 2 +- modules/spark-wallet.nix | 2 +- pkgs/default.nix | 6 ++++-- 17 files changed, 42 insertions(+), 42 deletions(-) diff --git a/modules/bitcoind.nix b/modules/bitcoind.nix index c3021d1..c8650eb 100644 --- a/modules/bitcoind.nix +++ b/modules/bitcoind.nix @@ -59,7 +59,7 @@ in { enable = mkEnableOption "Bitcoin daemon"; package = mkOption { type = types.package; - default = pkgs.nix-bitcoin.bitcoind; + default = config.nix-bitcoin.pkgs.bitcoind; defaultText = "pkgs.blockchains.bitcoind"; description = "The package providing bitcoin binaries."; }; diff --git a/modules/btcpayserver.nix b/modules/btcpayserver.nix index 46ed39e..9c5b8b0 100644 --- a/modules/btcpayserver.nix +++ b/modules/btcpayserver.nix @@ -5,13 +5,13 @@ with lib; let cfg = config.services; inherit (config) nix-bitcoin-services; + nbPkgs = config.nix-bitcoin.pkgs; in { options.services = { nbxplorer = { package = mkOption { type = types.package; - default = pkgs.nix-bitcoin.nbxplorer; - defaultText = "pkgs.nix-bitcoin.nbxplorer"; + default = nbPkgs.nbxplorer; description = "The package providing nbxplorer binaries."; }; dataDir = mkOption { @@ -51,8 +51,7 @@ in { enable = mkEnableOption "btcpayserver"; package = mkOption { type = types.package; - default = pkgs.nix-bitcoin.btcpayserver; - defaultText = "pkgs.nix-bitcoin.btcpayserver"; + default = nbPkgs.btcpayserver; description = "The package providing btcpayserver binaries."; }; dataDir = mkOption { diff --git a/modules/clightning.nix b/modules/clightning.nix index 4b1c0d4..38f3b9d 100644 --- a/modules/clightning.nix +++ b/modules/clightning.nix @@ -5,6 +5,7 @@ with lib; let cfg = config.services.clightning; inherit (config) nix-bitcoin-services; + nbPkgs = config.nix-bitcoin.pkgs; onion-chef-service = (if cfg.announce-tor then [ "onion-chef.service" ] else []); network = config.services.bitcoind.makeNetworkName "bitcoin" "regtest"; configFile = pkgs.writeText "config" '' @@ -49,7 +50,7 @@ in { ''; }; bind-addr = mkOption { - type = pkgs.nix-bitcoin.lib.ipv4Address; + type = nbPkgs.lib.ipv4Address; default = "127.0.0.1"; description = "Set an IP address or UNIX domain socket to listen to"; }; @@ -92,7 +93,7 @@ in { readOnly = true; default = pkgs.writeScriptBin "lightning-cli" '' - ${pkgs.nix-bitcoin.clightning}/bin/lightning-cli --lightning-dir='${cfg.dataDir}' "$@" + ${nbPkgs.clightning}/bin/lightning-cli --lightning-dir='${cfg.dataDir}' "$@" ''; description = "Binary to connect with the clightning instance."; }; @@ -102,7 +103,7 @@ in { config = mkIf cfg.enable { services.bitcoind.enable = true; - environment.systemPackages = [ pkgs.nix-bitcoin.clightning (hiPrio cfg.cli) ]; + environment.systemPackages = [ nbPkgs.clightning (hiPrio cfg.cli) ]; users.users.${cfg.user} = { description = "clightning User"; group = cfg.group; @@ -118,7 +119,7 @@ in { services.onion-chef.access.clightning = if cfg.announce-tor then [ "clightning" ] else []; systemd.services.clightning = { description = "Run clightningd"; - path = [ pkgs.nix-bitcoin.bitcoind ]; + path = [ nbPkgs.bitcoind ]; wantedBy = [ "multi-user.target" ]; requires = [ "bitcoind.service" ] ++ onion-chef-service; after = [ "bitcoind.service" ] ++ onion-chef-service; @@ -132,7 +133,7 @@ in { ${optionalString cfg.announce-tor "echo announce-addr=$(cat /var/lib/onion-chef/clightning/clightning) >> '${cfg.dataDir}/config'"} ''; serviceConfig = nix-bitcoin-services.defaultHardening // { - ExecStart = "${pkgs.nix-bitcoin.clightning}/bin/lightningd --lightning-dir=${cfg.dataDir}"; + ExecStart = "${nbPkgs.clightning}/bin/lightningd --lightning-dir=${cfg.dataDir}"; User = "${cfg.user}"; Restart = "on-failure"; RestartSec = "10s"; diff --git a/modules/electrs.nix b/modules/electrs.nix index 19e7459..5258317 100644 --- a/modules/electrs.nix +++ b/modules/electrs.nix @@ -81,7 +81,7 @@ in { RuntimeDirectoryMode = "700"; WorkingDirectory = "/run/electrs"; ExecStart = '' - ${pkgs.nix-bitcoin.electrs}/bin/electrs -vvv \ + ${config.nix-bitcoin.pkgs.electrs}/bin/electrs -vvv \ ${if cfg.high-memory then traceIf (!bitcoind.dataDirReadableByGroup) '' Warning: For optimal electrs syncing performance, enable services.bitcoind.dataDirReadableByGroup. diff --git a/modules/hardware-wallets.nix b/modules/hardware-wallets.nix index 8ff94e2..1d1c2b1 100644 --- a/modules/hardware-wallets.nix +++ b/modules/hardware-wallets.nix @@ -42,10 +42,10 @@ in { } ]; - environment.systemPackages = with pkgs; [ - nix-bitcoin.hwi + environment.systemPackages = [ + config.nix-bitcoin.pkgs.hwi # Provides lsusb for debugging - usbutils + pkgs.usbutils ]; users.groups."${cfg.group}" = {}; nix-bitcoin.operator.groups = [ cfg.group ]; diff --git a/modules/joinmarket.nix b/modules/joinmarket.nix index bf93568..eca3471 100644 --- a/modules/joinmarket.nix +++ b/modules/joinmarket.nix @@ -5,6 +5,7 @@ with lib; let cfg = config.services.joinmarket; inherit (config) nix-bitcoin-services; + nbPkgs = config.nix-bitcoin.pkgs; secretsDir = config.nix-bitcoin.secretsDir; inherit (config.services) bitcoind; @@ -77,7 +78,7 @@ let # so run them inside dataDir. cli = pkgs.runCommand "joinmarket-cli" {} '' mkdir -p $out/bin - jm=${pkgs.nix-bitcoin.joinmarket}/bin + jm=${nbPkgs.joinmarket}/bin cd $jm for bin in jm-*; do { @@ -181,13 +182,13 @@ in { # (like with pipes) cd ${cfg.dataDir} && \ out=$(sudo -u ${cfg.user} \ - ${pkgs.nix-bitcoin.joinmarket}/bin/jm-genwallet \ + ${nbPkgs.joinmarket}/bin/jm-genwallet \ --datadir=${cfg.dataDir} $walletname $pw) recoveryseed=$(echo "$out" | grep 'recovery_seed') echo "$recoveryseed" | cut -d ':' -f2 > $mnemonic fi ''); - ExecStart = "${pkgs.nix-bitcoin.joinmarket}/bin/joinmarketd"; + ExecStart = "${nbPkgs.joinmarket}/bin/joinmarketd"; WorkingDirectory = "${cfg.dataDir}"; # The service creates 'commitmentlist' in the working dir User = "${cfg.user}"; Restart = "on-failure"; @@ -201,7 +202,7 @@ in { nix-bitcoin.secrets.jm-wallet-password.user = cfg.user; systemd.services.joinmarket-yieldgenerator = let - ygDefault = "${pkgs.nix-bitcoin.joinmarket}/bin/jm-yg-privacyenhanced"; + ygDefault = "${nbPkgs.joinmarket}/bin/jm-yg-privacyenhanced"; ygBinary = if cfg.yieldgenerator.customParameters == "" then ygDefault else diff --git a/modules/lightning-charge.nix b/modules/lightning-charge.nix index b002d6a..9faa306 100644 --- a/modules/lightning-charge.nix +++ b/modules/lightning-charge.nix @@ -69,7 +69,7 @@ in { # Needed to access clightning.dataDir in preStart PermissionsStartOnly = "true"; EnvironmentFile = "${config.nix-bitcoin.secretsDir}/lightning-charge-env"; - ExecStart = "${pkgs.nix-bitcoin.lightning-charge}/bin/charged -l ${config.services.clightning.dataDir}/bitcoin -d ${cfg.dataDir}/lightning-charge.db -i ${cfg.host} ${cfg.extraArgs}"; + ExecStart = "${config.nix-bitcoin.pkgs.lightning-charge}/bin/charged -l ${config.services.clightning.dataDir}/bitcoin -d ${cfg.dataDir}/lightning-charge.db -i ${cfg.host} ${cfg.extraArgs}"; User = user; Restart = "on-failure"; RestartSec = "10s"; diff --git a/modules/lightning-loop.nix b/modules/lightning-loop.nix index 6a5d780..8702297 100644 --- a/modules/lightning-loop.nix +++ b/modules/lightning-loop.nix @@ -50,8 +50,7 @@ in { }; package = mkOption { type = types.package; - default = pkgs.nix-bitcoin.lightning-loop; - defaultText = "pkgs.nix-bitcoin.lightning-loop"; + default = config.nix-bitcoin.pkgs.lightning-loop; description = "The package providing lightning-loop binaries."; }; dataDir = mkOption { diff --git a/modules/liquid.nix b/modules/liquid.nix index e315c87..ec3ee6e 100644 --- a/modules/liquid.nix +++ b/modules/liquid.nix @@ -5,6 +5,7 @@ with lib; let cfg = config.services.liquidd; inherit (config) nix-bitcoin-services; + nbPkgs = config.nix-bitcoin.pkgs; secretsDir = config.nix-bitcoin.secretsDir; pidFile = "${cfg.dataDir}/liquidd.pid"; configFile = pkgs.writeText "elements.conf" '' @@ -206,13 +207,13 @@ in { cli = mkOption { readOnly = true; default = pkgs.writeScriptBin "elements-cli" '' - ${pkgs.nix-bitcoin.elementsd}/bin/elements-cli -datadir='${cfg.dataDir}' "$@" + ${nbPkgs.elementsd}/bin/elements-cli -datadir='${cfg.dataDir}' "$@" ''; description = "Binary to connect with the liquidd instance."; }; swapCli = mkOption { default = pkgs.writeScriptBin "liquidswap-cli" '' - ${pkgs.nix-bitcoin.liquid-swap}/bin/liquidswap-cli -c '${cfg.dataDir}/elements.conf' "$@" + ${nbPkgs.liquid-swap}/bin/liquidswap-cli -c '${cfg.dataDir}/elements.conf' "$@" ''; description = "Binary for managing liquid swaps."; }; @@ -224,7 +225,7 @@ in { services.bitcoind.enable = true; environment.systemPackages = [ - pkgs.nix-bitcoin.elementsd + nbPkgs.elementsd (hiPrio cfg.cli) (hiPrio cfg.swapCli) ]; @@ -249,7 +250,7 @@ in { Type = "simple"; User = "${cfg.user}"; Group = "${cfg.group}"; - ExecStart = "${pkgs.nix-bitcoin.elementsd}/bin/elementsd ${cmdlineOptions}"; + ExecStart = "${nbPkgs.elementsd}/bin/elementsd ${cmdlineOptions}"; PIDFile = "${pidFile}"; Restart = "on-failure"; ReadWritePaths = "${cfg.dataDir}"; diff --git a/modules/lnd.nix b/modules/lnd.nix index 57fde6b..2dd9aca 100644 --- a/modules/lnd.nix +++ b/modules/lnd.nix @@ -56,7 +56,7 @@ in { description = "The network data directory."; }; listen = mkOption { - type = pkgs.nix-bitcoin.lib.ipv4Address; + type = config.nix-bitcoin.pkgs.lib.ipv4Address; default = "localhost"; description = "Bind to given address to listen to peer connections"; }; @@ -130,8 +130,7 @@ in { }; package = mkOption { type = types.package; - default = pkgs.nix-bitcoin.lnd; - defaultText = "pkgs.nix-bitcoin.lnd"; + default = config.nix-bitcoin.pkgs.lnd; description = "The package providing lnd binaries."; }; cli = mkOption { diff --git a/modules/modules.nix b/modules/modules.nix index 13801ae..e77e531 100644 --- a/modules/modules.nix +++ b/modules/modules.nix @@ -36,6 +36,11 @@ readOnly = true; default = import ./nix-bitcoin-services.nix lib pkgs; }; + + nix-bitcoin.pkgs = lib.mkOption { + type = lib.types.attrs; + default = (import ../pkgs { inherit pkgs; }).modulesPkgs; + }; }; config = { @@ -48,12 +53,5 @@ ''; } ]; - - nixpkgs.overlays = [ (self: super: { - nix-bitcoin = let - pkgs = import ../pkgs { pkgs = super; }; - in - pkgs // pkgs.pinned; - }) ]; }; } diff --git a/modules/nanopos.nix b/modules/nanopos.nix index d3ed3d9..e587109 100644 --- a/modules/nanopos.nix +++ b/modules/nanopos.nix @@ -99,7 +99,7 @@ in { after = [ "lightning-charge.service" ]; serviceConfig = nix-bitcoin-services.defaultHardening // { EnvironmentFile = "${config.nix-bitcoin.secretsDir}/nanopos-env"; - ExecStart = "${pkgs.nix-bitcoin.nanopos}/bin/nanopos -y ${cfg.itemsFile} -i ${toString cfg.host} -p ${toString cfg.port} -c ${toString cfg.charged-url} --show-bolt11 ${cfg.extraArgs}"; + ExecStart = "${config.nix-bitcoin.pkgs.nanopos}/bin/nanopos -y ${cfg.itemsFile} -i ${toString cfg.host} -p ${toString cfg.port} -c ${toString cfg.charged-url} --show-bolt11 ${cfg.extraArgs}"; User = "nanopos"; Restart = "on-failure"; RestartSec = "10s"; diff --git a/modules/netns-isolation.nix b/modules/netns-isolation.nix index 915852c..8f8f0c4 100644 --- a/modules/netns-isolation.nix +++ b/modules/netns-isolation.nix @@ -102,7 +102,7 @@ in { boot.kernel.sysctl."net.ipv4.ip_forward" = true; security.wrappers.netns-exec = { - source = pkgs.nix-bitcoin.netns-exec; + source = config.nix-bitcoin.pkgs.netns-exec; capabilities = "cap_sys_admin=ep"; owner = cfg.allowedUser; permissions = "u+rx,g+rx,o-rwx"; diff --git a/modules/recurring-donations.nix b/modules/recurring-donations.nix index 519aadd..93ae7b5 100644 --- a/modules/recurring-donations.nix +++ b/modules/recurring-donations.nix @@ -6,7 +6,7 @@ let cfg = config.services.recurring-donations; inherit (config) nix-bitcoin-services; recurring-donations-script = pkgs.writeScript "recurring-donations.sh" '' - LNCLI="${pkgs.nix-bitcoin.clightning}/bin/lightning-cli --lightning-dir=${config.services.clightning.dataDir}" + LNCLI="${config.nix-bitcoin.pkgs.clightning}/bin/lightning-cli --lightning-dir=${config.services.clightning.dataDir}" pay_tallycoin() { NAME=$1 AMOUNT=$2 diff --git a/modules/secrets/generate-secrets.nix b/modules/secrets/generate-secrets.nix index 493c8ff..83ef423 100644 --- a/modules/secrets/generate-secrets.nix +++ b/modules/secrets/generate-secrets.nix @@ -20,7 +20,7 @@ with lib; cd "${config.nix-bitcoin.secretsDir}" chown root: . chmod 0700 . - ${pkgs.nix-bitcoin.generate-secrets} + ${config.nix-bitcoin.pkgs.generate-secrets} ''; }; } diff --git a/modules/spark-wallet.nix b/modules/spark-wallet.nix index 7987c8a..6f9ca68 100644 --- a/modules/spark-wallet.nix +++ b/modules/spark-wallet.nix @@ -14,7 +14,7 @@ let ${optionalString cfg.onion-service '' publicURL="--public-url http://$(cat /var/lib/onion-chef/spark-wallet/spark-wallet)" ''} - exec ${pkgs.nix-bitcoin.spark-wallet}/bin/spark-wallet \ + exec ${config.nix-bitcoin.pkgs.spark-wallet}/bin/spark-wallet \ --ln-path '${config.services.clightning.networkDir}' \ --host ${cfg.host} \ --config '${config.nix-bitcoin.secretsDir}/spark-wallet-login' \ diff --git a/pkgs/default.nix b/pkgs/default.nix index 26031b4..46a4691 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,5 @@ { pkgs ? import {} }: -{ +let self = { lightning-charge = pkgs.callPackage ./lightning-charge { }; nanopos = pkgs.callPackage ./nanopos { }; spark-wallet = pkgs.callPackage ./spark-wallet { }; @@ -18,4 +18,6 @@ pinned = import ./pinned.nix; lib = import ./lib.nix { inherit (pkgs) lib; }; -} + + modulesPkgs = self // self.pinned; +}; in self