Compare commits

..

No commits in common. "ed567d67f2b54fffe92294c78ceed62b19555ab1" and "a1023696e69fbe871cfadf18d054d87eede9bba0" have entirely different histories.

18 changed files with 47 additions and 70 deletions

View File

@ -53,15 +53,6 @@ ls -al /var/lib/nixos-containers/nb-test
# The container root filesystem on NixOS systems with stateVersion < 22.05
ls -al /var/lib/containers/nb-test
# Start a shell in the context of a service process.
# Must be run inside the container (enter with cmd `c`).
enter_service() {
local name=$1
nsenter --all -t "$(systemctl show -p MainPID --value "$name")" \
--setuid "$(id -u "$name")" --setgid "$(id -g "$name")" bash
}
enter_service clightning
#―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――
# bitcoind
run-tests.sh -s bitcoind container

View File

@ -37,9 +37,6 @@ PATH=/tmp/nix-bitcoin-dev/nodejs/bin:"$PATH"
# Install
npm ci --omit=dev --omit=optional --no-update-notifier --ignore-scripts
# If the above fails, try: (details: https://github.com/Ride-The-Lightning/RTL/issues/1182)
npm ci --omit=dev --omit=optional --no-update-notifier --ignore-scripts --legacy-peer-deps
# Run
node rtl --help

View File

@ -40,11 +40,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1674407282,
"narHash": "sha256-2qwc8mrPINSFdWffPK+ji6nQ9aGnnZyHSItVcYDZDlk=",
"lastModified": 1672844754,
"narHash": "sha256-o26WabuHABQsaHxxmIrR3AQRqDFUEdLckLXkVCpIjSU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ab1254087f4cdf4af74b552d7fc95175d9bdbb49",
"rev": "e9ade2c8240e00a4784fac282a502efff2786bdc",
"type": "github"
},
"original": {
@ -56,11 +56,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1674487464,
"narHash": "sha256-Jgq50e4S4JVCYpWLqrabBzDp/1mfaxHCh8/OOorHTy0=",
"lastModified": 1672756850,
"narHash": "sha256-Smbq3+fitwA13qsTMeaaurv09/KVbZfW7m7lINwzDGA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3954218cf613eba8e0dcefa9abe337d26bc48fd0",
"rev": "298add347c2bbce14020fcb54051f517c391196b",
"type": "github"
},
"original": {

View File

@ -367,10 +367,9 @@ in {
proto.sam.enable = true;
};
# Commented out to avoid trying to chown the nfs-mounted directory
# systemd.tmpfiles.rules = [
# "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
# ];
systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
];
systemd.services.bitcoind = {
# Use `wants` instead of `requires` so that bitcoind and all dependent services
@ -413,17 +412,17 @@ in {
'';
# Enable RPC access for group
# postStart = ''
# chmod g=r '${cfg.dataDir}/${optionalString cfg.regtest "regtest/"}.cookie'
# '';
postStart = ''
chmod g=r '${cfg.dataDir}/${optionalString cfg.regtest "regtest/"}.cookie'
'';
serviceConfig = nbLib.defaultHardening // {
Type = "notify";
NotifyAccess = "all";
User = cfg.user;
Group = cfg.group;
TimeoutStartSec = "30min";
TimeoutStopSec = "30min";
TimeoutStartSec = "10min";
TimeoutStopSec = "10min";
ExecStart = "${cfg.package}/bin/bitcoind -datadir='${cfg.dataDir}'";
Restart = "on-failure";
UMask = mkIf cfg.dataDirReadableByGroup "0027";

View File

@ -61,10 +61,9 @@ in {
listenWhitelisted = true;
};
# Commented out to allow nfs mounts
# systemd.tmpfiles.rules = [
# "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
# ];
systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
];
systemd.services.electrs = {
wantedBy = [ "multi-user.target" ];

View File

@ -126,7 +126,6 @@ in {
Restart = "on-failure";
RestartSec = "10s";
ReadWritePaths = cfg.dataDir;
ProcSubset = "all"; # Fulcrum requires read access to /proc/meminfo
} // nbLib.allowedIPAddresses cfg.tor.enforce;
};

View File

@ -270,8 +270,8 @@ in {
NotifyAccess = "all";
User = cfg.user;
Group = cfg.group;
TimeoutStartSec = "2h";
TimeoutStopSec = "2h";
TimeoutStartSec = "10min";
TimeoutStopSec = "10min";
ExecStart = "${nbPkgs.elementsd}/bin/elementsd -datadir='${cfg.dataDir}'";
Restart = "on-failure";
ReadWritePaths = [ cfg.dataDir ];

View File

@ -215,11 +215,9 @@ in {
};
};
in
foldl (services: n:
in foldl (services: n:
services // (makeNetnsServices n netns.${n})
) {} (builtins.attrNames netns)
);
) {} (builtins.attrNames netns));
}
# Service-specific config

View File

@ -28,7 +28,7 @@ let
};
generateSecretsCmds = mkOption {
type = types.attrsOf types.lines;
type = types.attrsOf types.str;
default = {};
description = mdDoc ''
Bash expressions for generating secrets.

View File

@ -4,20 +4,20 @@ pkgs: pkgsUnstable:
inherit (pkgs)
bitcoin
bitcoind
btcpayserver
electrs
elementsd
extra-container
hwi
lightning-loop
lightning-pool
lndconnect
nbxplorer;
inherit (pkgsUnstable)
btcpayserver
charge-lnd
clightning
electrs
fulcrum
hwi
lnd;
inherit pkgs pkgsUnstable;

View File

@ -10,11 +10,11 @@
}:
let self = stdenvNoCC.mkDerivation {
pname = "rtl";
version = "0.13.4";
version = "0.13.2";
src = fetchurl {
url = "https://github.com/Ride-The-Lightning/RTL/archive/refs/tags/v${self.version}.tar.gz";
hash = "sha256-WVldNnmCB7Gi/U3dUDTYF58i480eXkstRnEg+1QCeMM=";
hash = "sha256-7VrLxmE+xPCipx7UOG1mja2pSBrj+swk55afcvBQeDU=";
};
passthru = {
@ -23,10 +23,7 @@ let self = stdenvNoCC.mkDerivation {
nodeModules = fetchNodeModules {
inherit (self) src nodejs;
# TODO-EXTERNAL: Remove `npmFlags` when no longer required
# See: https://github.com/Ride-The-Lightning/RTL/issues/1182
npmFlags = "--legacy-peer-deps";
hash = "sha256-AG7930RGLxbPp1ErTGuYvUvPur9ppEmg91Taz7Ube6w=";
hash = "sha256-ohS6gVX0M1Ir1QE9SjibbCrBpkXYIv5jV1Bkv0czRw4=";
};
};

View File

@ -2,7 +2,7 @@
set -euo pipefail
. "${BASH_SOURCE[0]%/*}/../../helper/run-in-nix-env" "gnupg wget gnused" "$@"
version="0.13.4"
version="0.13.2"
repo=https://github.com/Ride-The-Lightning/RTL
scriptDir=$(cd "${BASH_SOURCE[0]%/*}" && pwd)

View File

@ -1,4 +1,4 @@
# You can run this test via `run-tests.sh -s clightning-replication`
# You can run this test via `run-tests.sh -s clightningReplication`
makeTestVM: pkgs:
with pkgs.lib;
@ -14,8 +14,6 @@ let
clientBaseConfig = {
imports = [ ../modules/modules.nix ];
nixpkgs.pkgs = pkgs;
nix-bitcoin.generateSecrets = true;
services.clightning = {
@ -56,9 +54,7 @@ makeTestVM {
services.clightning.replication.encrypt = true;
};
server = {
nixpkgs.pkgs = pkgs;
server = { ... }: {
environment.etc."ssh-host-key" = {
source = keys.server;
mode = "400";

View File

@ -27,9 +27,4 @@ let
inherit (test) meta passthru;
} // test;
in
runTest // {
# A VM runner for interactive use
run = pkgs.writers.writeBashBin "run-vm" ''
. ${./run-vm.sh} ${runTest.driver} "$@"
'';
}
runTest

View File

@ -52,6 +52,11 @@ let
];
};
# A VM runner for interactive use
run = pkgs.writers.writeBashBin "run-vm" ''
. ${./run-vm.sh} ${test.driver} "$@"
'';
mkContainer = legacyInstallDirs:
extra-container.lib.buildContainers {
inherit system legacyInstallDirs;
@ -134,6 +139,7 @@ let
in
test // {
inherit
run
vm
container
# For NixOS with `system.stateVersion` <22.05

View File

@ -18,11 +18,11 @@
"nixos-org-configurations": {
"flake": false,
"locked": {
"lastModified": 1674564797,
"narHash": "sha256-MgGsFleE8Wzhu8XX3ulcBojkHzFLkII+D9sxkTHg7OU=",
"lastModified": 1669836977,
"narHash": "sha256-21+3DkUXbWmIhXnQmJ9Tp/+QnyQnSiWuW8UDjjvPX2w=",
"owner": "NixOS",
"repo": "nixos-org-configurations",
"rev": "3ce43a1fb5181a0e33b1f67d36fa0f3affa6bc6c",
"rev": "241f12bc9218ee081dc12b6c1b4a10e5e78ffeb3",
"type": "github"
},
"original": {
@ -39,11 +39,11 @@
"npmlock2nix": "npmlock2nix"
},
"locked": {
"lastModified": 1674593115,
"narHash": "sha256-P4bjLR/8tJ/jVBBeHDzNS2BgVUdB6vS7Udfh30kULJs=",
"lastModified": 1673019806,
"narHash": "sha256-iZousPg/4eDv2c9MTRo9RP8jjjp7luP7JYWU71MXCds=",
"owner": "nixos",
"repo": "nixos-search",
"rev": "be9a717b8032c7410337139f9dcfd6227b7407a4",
"rev": "1d9fac3a575623c79c1f56c771360b049888447b",
"type": "github"
},
"original": {

View File

@ -272,7 +272,7 @@ buildable=(
full
regtest
hardened
clightning-replication
clightningReplication
lndPruned
)
buildable() { buildTests buildable "$@"; }

View File

@ -404,7 +404,7 @@ in {
) scenarios;
in
{
clightning-replication = import ./clightning-replication.nix makeTestVM pkgs;
clightningReplication = import ./clightning-replication.nix makeTestVM pkgs;
} // mainTests;
tests = makeTests scenarios;