Compare commits

..

No commits in common. "ed567d67f2b54fffe92294c78ceed62b19555ab1" and "a1023696e69fbe871cfadf18d054d87eede9bba0" have entirely different histories.

18 changed files with 47 additions and 70 deletions

View File

@ -53,15 +53,6 @@ ls -al /var/lib/nixos-containers/nb-test
# The container root filesystem on NixOS systems with stateVersion < 22.05 # The container root filesystem on NixOS systems with stateVersion < 22.05
ls -al /var/lib/containers/nb-test ls -al /var/lib/containers/nb-test
# Start a shell in the context of a service process.
# Must be run inside the container (enter with cmd `c`).
enter_service() {
local name=$1
nsenter --all -t "$(systemctl show -p MainPID --value "$name")" \
--setuid "$(id -u "$name")" --setgid "$(id -g "$name")" bash
}
enter_service clightning
#――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――― #―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――
# bitcoind # bitcoind
run-tests.sh -s bitcoind container run-tests.sh -s bitcoind container

View File

@ -37,9 +37,6 @@ PATH=/tmp/nix-bitcoin-dev/nodejs/bin:"$PATH"
# Install # Install
npm ci --omit=dev --omit=optional --no-update-notifier --ignore-scripts npm ci --omit=dev --omit=optional --no-update-notifier --ignore-scripts
# If the above fails, try: (details: https://github.com/Ride-The-Lightning/RTL/issues/1182)
npm ci --omit=dev --omit=optional --no-update-notifier --ignore-scripts --legacy-peer-deps
# Run # Run
node rtl --help node rtl --help

View File

@ -40,11 +40,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1674407282, "lastModified": 1672844754,
"narHash": "sha256-2qwc8mrPINSFdWffPK+ji6nQ9aGnnZyHSItVcYDZDlk=", "narHash": "sha256-o26WabuHABQsaHxxmIrR3AQRqDFUEdLckLXkVCpIjSU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ab1254087f4cdf4af74b552d7fc95175d9bdbb49", "rev": "e9ade2c8240e00a4784fac282a502efff2786bdc",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -56,11 +56,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1674487464, "lastModified": 1672756850,
"narHash": "sha256-Jgq50e4S4JVCYpWLqrabBzDp/1mfaxHCh8/OOorHTy0=", "narHash": "sha256-Smbq3+fitwA13qsTMeaaurv09/KVbZfW7m7lINwzDGA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3954218cf613eba8e0dcefa9abe337d26bc48fd0", "rev": "298add347c2bbce14020fcb54051f517c391196b",
"type": "github" "type": "github"
}, },
"original": { "original": {

View File

@ -367,10 +367,9 @@ in {
proto.sam.enable = true; proto.sam.enable = true;
}; };
# Commented out to avoid trying to chown the nfs-mounted directory systemd.tmpfiles.rules = [
# systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
# "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -" ];
# ];
systemd.services.bitcoind = { systemd.services.bitcoind = {
# Use `wants` instead of `requires` so that bitcoind and all dependent services # Use `wants` instead of `requires` so that bitcoind and all dependent services
@ -413,17 +412,17 @@ in {
''; '';
# Enable RPC access for group # Enable RPC access for group
# postStart = '' postStart = ''
# chmod g=r '${cfg.dataDir}/${optionalString cfg.regtest "regtest/"}.cookie' chmod g=r '${cfg.dataDir}/${optionalString cfg.regtest "regtest/"}.cookie'
# ''; '';
serviceConfig = nbLib.defaultHardening // { serviceConfig = nbLib.defaultHardening // {
Type = "notify"; Type = "notify";
NotifyAccess = "all"; NotifyAccess = "all";
User = cfg.user; User = cfg.user;
Group = cfg.group; Group = cfg.group;
TimeoutStartSec = "30min"; TimeoutStartSec = "10min";
TimeoutStopSec = "30min"; TimeoutStopSec = "10min";
ExecStart = "${cfg.package}/bin/bitcoind -datadir='${cfg.dataDir}'"; ExecStart = "${cfg.package}/bin/bitcoind -datadir='${cfg.dataDir}'";
Restart = "on-failure"; Restart = "on-failure";
UMask = mkIf cfg.dataDirReadableByGroup "0027"; UMask = mkIf cfg.dataDirReadableByGroup "0027";

View File

@ -61,10 +61,9 @@ in {
listenWhitelisted = true; listenWhitelisted = true;
}; };
# Commented out to allow nfs mounts systemd.tmpfiles.rules = [
# systemd.tmpfiles.rules = [ "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
# "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -" ];
# ];
systemd.services.electrs = { systemd.services.electrs = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];

View File

@ -126,7 +126,6 @@ in {
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "10s"; RestartSec = "10s";
ReadWritePaths = cfg.dataDir; ReadWritePaths = cfg.dataDir;
ProcSubset = "all"; # Fulcrum requires read access to /proc/meminfo
} // nbLib.allowedIPAddresses cfg.tor.enforce; } // nbLib.allowedIPAddresses cfg.tor.enforce;
}; };

View File

@ -270,8 +270,8 @@ in {
NotifyAccess = "all"; NotifyAccess = "all";
User = cfg.user; User = cfg.user;
Group = cfg.group; Group = cfg.group;
TimeoutStartSec = "2h"; TimeoutStartSec = "10min";
TimeoutStopSec = "2h"; TimeoutStopSec = "10min";
ExecStart = "${nbPkgs.elementsd}/bin/elementsd -datadir='${cfg.dataDir}'"; ExecStart = "${nbPkgs.elementsd}/bin/elementsd -datadir='${cfg.dataDir}'";
Restart = "on-failure"; Restart = "on-failure";
ReadWritePaths = [ cfg.dataDir ]; ReadWritePaths = [ cfg.dataDir ];

View File

@ -215,11 +215,9 @@ in {
}; };
}; };
in in foldl (services: n:
foldl (services: n:
services // (makeNetnsServices n netns.${n}) services // (makeNetnsServices n netns.${n})
) {} (builtins.attrNames netns) ) {} (builtins.attrNames netns));
);
} }
# Service-specific config # Service-specific config

View File

@ -28,7 +28,7 @@ let
}; };
generateSecretsCmds = mkOption { generateSecretsCmds = mkOption {
type = types.attrsOf types.lines; type = types.attrsOf types.str;
default = {}; default = {};
description = mdDoc '' description = mdDoc ''
Bash expressions for generating secrets. Bash expressions for generating secrets.

View File

@ -4,20 +4,20 @@ pkgs: pkgsUnstable:
inherit (pkgs) inherit (pkgs)
bitcoin bitcoin
bitcoind bitcoind
btcpayserver
electrs
elementsd elementsd
extra-container extra-container
hwi
lightning-loop lightning-loop
lightning-pool lightning-pool
lndconnect lndconnect
nbxplorer; nbxplorer;
inherit (pkgsUnstable) inherit (pkgsUnstable)
btcpayserver
charge-lnd charge-lnd
clightning clightning
electrs
fulcrum fulcrum
hwi
lnd; lnd;
inherit pkgs pkgsUnstable; inherit pkgs pkgsUnstable;

View File

@ -10,11 +10,11 @@
}: }:
let self = stdenvNoCC.mkDerivation { let self = stdenvNoCC.mkDerivation {
pname = "rtl"; pname = "rtl";
version = "0.13.4"; version = "0.13.2";
src = fetchurl { src = fetchurl {
url = "https://github.com/Ride-The-Lightning/RTL/archive/refs/tags/v${self.version}.tar.gz"; url = "https://github.com/Ride-The-Lightning/RTL/archive/refs/tags/v${self.version}.tar.gz";
hash = "sha256-WVldNnmCB7Gi/U3dUDTYF58i480eXkstRnEg+1QCeMM="; hash = "sha256-7VrLxmE+xPCipx7UOG1mja2pSBrj+swk55afcvBQeDU=";
}; };
passthru = { passthru = {
@ -23,10 +23,7 @@ let self = stdenvNoCC.mkDerivation {
nodeModules = fetchNodeModules { nodeModules = fetchNodeModules {
inherit (self) src nodejs; inherit (self) src nodejs;
# TODO-EXTERNAL: Remove `npmFlags` when no longer required hash = "sha256-ohS6gVX0M1Ir1QE9SjibbCrBpkXYIv5jV1Bkv0czRw4=";
# See: https://github.com/Ride-The-Lightning/RTL/issues/1182
npmFlags = "--legacy-peer-deps";
hash = "sha256-AG7930RGLxbPp1ErTGuYvUvPur9ppEmg91Taz7Ube6w=";
}; };
}; };

View File

@ -2,7 +2,7 @@
set -euo pipefail set -euo pipefail
. "${BASH_SOURCE[0]%/*}/../../helper/run-in-nix-env" "gnupg wget gnused" "$@" . "${BASH_SOURCE[0]%/*}/../../helper/run-in-nix-env" "gnupg wget gnused" "$@"
version="0.13.4" version="0.13.2"
repo=https://github.com/Ride-The-Lightning/RTL repo=https://github.com/Ride-The-Lightning/RTL
scriptDir=$(cd "${BASH_SOURCE[0]%/*}" && pwd) scriptDir=$(cd "${BASH_SOURCE[0]%/*}" && pwd)

View File

@ -1,4 +1,4 @@
# You can run this test via `run-tests.sh -s clightning-replication` # You can run this test via `run-tests.sh -s clightningReplication`
makeTestVM: pkgs: makeTestVM: pkgs:
with pkgs.lib; with pkgs.lib;
@ -14,8 +14,6 @@ let
clientBaseConfig = { clientBaseConfig = {
imports = [ ../modules/modules.nix ]; imports = [ ../modules/modules.nix ];
nixpkgs.pkgs = pkgs;
nix-bitcoin.generateSecrets = true; nix-bitcoin.generateSecrets = true;
services.clightning = { services.clightning = {
@ -56,9 +54,7 @@ makeTestVM {
services.clightning.replication.encrypt = true; services.clightning.replication.encrypt = true;
}; };
server = { server = { ... }: {
nixpkgs.pkgs = pkgs;
environment.etc."ssh-host-key" = { environment.etc."ssh-host-key" = {
source = keys.server; source = keys.server;
mode = "400"; mode = "400";

View File

@ -27,9 +27,4 @@ let
inherit (test) meta passthru; inherit (test) meta passthru;
} // test; } // test;
in in
runTest // { runTest
# A VM runner for interactive use
run = pkgs.writers.writeBashBin "run-vm" ''
. ${./run-vm.sh} ${runTest.driver} "$@"
'';
}

View File

@ -52,6 +52,11 @@ let
]; ];
}; };
# A VM runner for interactive use
run = pkgs.writers.writeBashBin "run-vm" ''
. ${./run-vm.sh} ${test.driver} "$@"
'';
mkContainer = legacyInstallDirs: mkContainer = legacyInstallDirs:
extra-container.lib.buildContainers { extra-container.lib.buildContainers {
inherit system legacyInstallDirs; inherit system legacyInstallDirs;
@ -134,6 +139,7 @@ let
in in
test // { test // {
inherit inherit
run
vm vm
container container
# For NixOS with `system.stateVersion` <22.05 # For NixOS with `system.stateVersion` <22.05

View File

@ -18,11 +18,11 @@
"nixos-org-configurations": { "nixos-org-configurations": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1674564797, "lastModified": 1669836977,
"narHash": "sha256-MgGsFleE8Wzhu8XX3ulcBojkHzFLkII+D9sxkTHg7OU=", "narHash": "sha256-21+3DkUXbWmIhXnQmJ9Tp/+QnyQnSiWuW8UDjjvPX2w=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-org-configurations", "repo": "nixos-org-configurations",
"rev": "3ce43a1fb5181a0e33b1f67d36fa0f3affa6bc6c", "rev": "241f12bc9218ee081dc12b6c1b4a10e5e78ffeb3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -39,11 +39,11 @@
"npmlock2nix": "npmlock2nix" "npmlock2nix": "npmlock2nix"
}, },
"locked": { "locked": {
"lastModified": 1674593115, "lastModified": 1673019806,
"narHash": "sha256-P4bjLR/8tJ/jVBBeHDzNS2BgVUdB6vS7Udfh30kULJs=", "narHash": "sha256-iZousPg/4eDv2c9MTRo9RP8jjjp7luP7JYWU71MXCds=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-search", "repo": "nixos-search",
"rev": "be9a717b8032c7410337139f9dcfd6227b7407a4", "rev": "1d9fac3a575623c79c1f56c771360b049888447b",
"type": "github" "type": "github"
}, },
"original": { "original": {

View File

@ -272,7 +272,7 @@ buildable=(
full full
regtest regtest
hardened hardened
clightning-replication clightningReplication
lndPruned lndPruned
) )
buildable() { buildTests buildable "$@"; } buildable() { buildTests buildable "$@"; }

View File

@ -404,7 +404,7 @@ in {
) scenarios; ) scenarios;
in in
{ {
clightning-replication = import ./clightning-replication.nix makeTestVM pkgs; clightningReplication = import ./clightning-replication.nix makeTestVM pkgs;
} // mainTests; } // mainTests;
tests = makeTests scenarios; tests = makeTests scenarios;