Merge fort-nix/nix-bitcoin#369: BTCPayServer L-BTC Support

54810ce1bf btcpayserver: add L-BTC support (nixbitcoin)
b24c14ec61 liquidd: make regtest capable (nixbitcoin)
b7225f5d11 update nixpkgs-unstable (nixbitcoin)

Pull request description:

ACKs for top commit:
  erikarvstedt:
    ACK 54810ce1bf

Tree-SHA512: 363165d3b977cd4425191bce4246dd9e83daf914bf2adcaf3cf42d0c170f5730e7e79934a97e5f9c071d0f52bf9ee75a3aa710c4c52135ea58bcdd898babcc74
This commit is contained in:
Jonas Nick 2021-08-10 12:23:30 +00:00
commit 1ecd9756f6
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
6 changed files with 49 additions and 19 deletions

View File

@ -61,7 +61,10 @@ in {
}; };
package = mkOption { package = mkOption {
type = types.package; type = types.package;
default = nbPkgs.btcpayserver; default = if cfg.btcpayserver.lbtc then
nbPkgs.btcpayserver.override { altcoinSupport = true; }
else
nbPkgs.btcpayserver;
description = "The package providing btcpayserver binaries."; description = "The package providing btcpayserver binaries.";
}; };
dataDir = mkOption { dataDir = mkOption {
@ -84,6 +87,11 @@ in {
default = null; default = null;
description = "The lightning node implementation to use."; description = "The lightning node implementation to use.";
}; };
lbtc = mkOption {
type = types.bool;
default = false;
description = "Enable liquid support in btcpayserver.";
};
rootpath = mkOption { rootpath = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
@ -98,6 +106,7 @@ in {
services.bitcoind.enable = true; services.bitcoind.enable = true;
services.clightning.enable = mkIf (cfg.btcpayserver.lightningBackend == "clightning") true; services.clightning.enable = mkIf (cfg.btcpayserver.lightningBackend == "clightning") true;
services.lnd.enable = mkIf (cfg.btcpayserver.lightningBackend == "lnd") true; services.lnd.enable = mkIf (cfg.btcpayserver.lightningBackend == "lnd") true;
services.liquidd.enable = mkIf cfg.btcpayserver.lbtc true;
services.bitcoind.rpc.users.btcpayserver = { services.bitcoind.rpc.users.btcpayserver = {
passwordHMACFromFile = true; passwordHMACFromFile = true;
@ -135,6 +144,12 @@ in {
btcnodeendpoint=${config.services.bitcoind.address}:${toString config.services.bitcoind.port} btcnodeendpoint=${config.services.bitcoind.address}:${toString config.services.bitcoind.port}
bind=${cfg.nbxplorer.address} bind=${cfg.nbxplorer.address}
port=${toString cfg.nbxplorer.port} port=${toString cfg.nbxplorer.port}
${optionalString cfg.btcpayserver.lbtc ''
chains=btc,lbtc
lbtcrpcuser=${cfg.liquidd.rpcuser}
lbtcrpcurl=http://${cfg.liquidd.rpc.address}:${toString cfg.liquidd.rpc.port}
lbtcnodeendpoint=${cfg.liquidd.address}:${toString cfg.liquidd.port}
''}
''; '';
in { in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
@ -142,8 +157,12 @@ in {
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" ];
preStart = '' preStart = ''
install -m 600 ${configFile} '${cfg.nbxplorer.dataDir}/settings.config' install -m 600 ${configFile} '${cfg.nbxplorer.dataDir}/settings.config'
echo "btcrpcpassword=$(cat ${config.nix-bitcoin.secretsDir}/bitcoin-rpcpassword-btcpayserver)" \ {
>> '${cfg.nbxplorer.dataDir}/settings.config' echo "btcrpcpassword=$(cat ${config.nix-bitcoin.secretsDir}/bitcoin-rpcpassword-btcpayserver)"
${optionalString cfg.btcpayserver.lbtc ''
echo "lbtcrpcpassword=$(cat ${config.nix-bitcoin.secretsDir}/liquid-rpcpassword)"
''}
} >> '${cfg.nbxplorer.dataDir}/settings.config'
''; '';
serviceConfig = nbLib.defaultHardening // { serviceConfig = nbLib.defaultHardening // {
ExecStart = '' ExecStart = ''
@ -159,17 +178,23 @@ in {
}; };
systemd.services.btcpayserver = let systemd.services.btcpayserver = let
nbExplorerUrl = "http://${cfg.nbxplorer.address}:${toString cfg.nbxplorer.port}/";
nbExplorerCookie = "${cfg.nbxplorer.dataDir}/${config.services.bitcoind.makeNetworkName "Main" "RegTest"}/.cookie";
configFile = builtins.toFile "config" ('' configFile = builtins.toFile "config" (''
network=${config.services.bitcoind.network} network=${config.services.bitcoind.network}
bind=${cfg.btcpayserver.address} bind=${cfg.btcpayserver.address}
port=${toString cfg.btcpayserver.port} port=${toString cfg.btcpayserver.port}
socksendpoint=${cfg.tor.client.socksListenAddress} socksendpoint=${cfg.tor.client.socksListenAddress}
btcexplorerurl=http://${cfg.nbxplorer.address}:${toString cfg.nbxplorer.port}/ btcexplorerurl=${nbExplorerUrl}
btcexplorercookiefile=${cfg.nbxplorer.dataDir}/${config.services.bitcoind.makeNetworkName "Main" "RegTest"}/.cookie btcexplorercookiefile=${nbExplorerCookie}
postgres=User ID=${cfg.btcpayserver.user};Host=/run/postgresql;Database=btcpaydb postgres=User ID=${cfg.btcpayserver.user};Host=/run/postgresql;Database=btcpaydb
${optionalString (cfg.btcpayserver.rootpath != null) "rootpath=${cfg.btcpayserver.rootpath}"} ${optionalString (cfg.btcpayserver.rootpath != null) "rootpath=${cfg.btcpayserver.rootpath}"}
'' + optionalString (cfg.btcpayserver.lightningBackend == "clightning") '' '' + optionalString (cfg.btcpayserver.lightningBackend == "clightning") ''
btclightning=type=clightning;server=unix:///${cfg.clightning.dataDir}/bitcoin/lightning-rpc btclightning=type=clightning;server=unix:///${cfg.clightning.dataDir}/bitcoin/lightning-rpc
'' + optionalString cfg.btcpayserver.lbtc ''
chains=btc,lbtc
lbtcexplorerurl=${nbExplorerUrl}
lbtcexplorercookiefile=${nbExplorerCookie}
''); '');
lndConfig = lndConfig =
"btclightning=type=lnd-rest;" + "btclightning=type=lnd-rest;" +
@ -206,7 +231,8 @@ in {
users.users.${cfg.nbxplorer.user} = { users.users.${cfg.nbxplorer.user} = {
group = cfg.nbxplorer.group; group = cfg.nbxplorer.group;
extraGroups = [ "bitcoinrpc-public" ]; extraGroups = [ "bitcoinrpc-public" ]
++ optional cfg.btcpayserver.lbtc cfg.liquidd.group;
home = cfg.nbxplorer.dataDir; home = cfg.nbxplorer.dataDir;
}; };
users.groups.${cfg.nbxplorer.group} = {}; users.groups.${cfg.nbxplorer.group} = {};

View File

@ -9,8 +9,10 @@ let
secretsDir = config.nix-bitcoin.secretsDir; secretsDir = config.nix-bitcoin.secretsDir;
pidFile = "${cfg.dataDir}/liquidd.pid"; pidFile = "${cfg.dataDir}/liquidd.pid";
configFile = pkgs.writeText "elements.conf" '' configFile = pkgs.writeText "elements.conf" ''
chain=liquidv1 chain=${config.services.bitcoind.makeNetworkName "liquidv1" ''
${optionalString cfg.testnet "testnet=1"} regtest
[regtest]'' # Add [regtest] config section
}
${optionalString (cfg.dbCache != null) "dbcache=${toString cfg.dbCache}"} ${optionalString (cfg.dbCache != null) "dbcache=${toString cfg.dbCache}"}
${optionalString (cfg.prune != null) "prune=${toString cfg.prune}"} ${optionalString (cfg.prune != null) "prune=${toString cfg.prune}"}
${optionalString (cfg.validatepegin != null) "validatepegin=${if cfg.validatepegin then "1" else "0"}"} ${optionalString (cfg.validatepegin != null) "validatepegin=${if cfg.validatepegin then "1" else "0"}"}
@ -140,11 +142,6 @@ in {
default = "liquidrpc"; default = "liquidrpc";
description = "Username for JSON-RPC connections"; description = "Username for JSON-RPC connections";
}; };
testnet = mkOption {
type = types.bool;
default = false;
description = "Whether to use the test chain.";
};
proxy = mkOption { proxy = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = if cfg.enforceTor then config.services.tor.client.socksListenAddress else null; default = if cfg.enforceTor then config.services.tor.client.socksListenAddress else null;

View File

@ -230,12 +230,14 @@ in {
}; };
nbxplorer = { nbxplorer = {
id = 23; id = 23;
connections = [ "bitcoind" ]; connections = [ "bitcoind" ]
++ optional config.services.btcpayserver.lbtc "liquidd";
}; };
btcpayserver = { btcpayserver = {
id = 24; id = 24;
connections = [ "nbxplorer" ] connections = [ "nbxplorer" ]
++ optional (config.services.btcpayserver.lightningBackend == "lnd") "lnd"; ++ optional (config.services.btcpayserver.lightningBackend == "lnd") "lnd"
++ optional config.services.btcpayserver.lbtc "liquidd";
# communicates with clightning over rpc socket # communicates with clightning over rpc socket
}; };
joinmarket = { joinmarket = {

View File

@ -12,7 +12,7 @@ in
sha256 = "05v28njaas9l26ibc6vy6imvy7grbkli32bmv0n32x6x9cf68gf9"; sha256 = "05v28njaas9l26ibc6vy6imvy7grbkli32bmv0n32x6x9cf68gf9";
}; };
nixpkgs-unstable = fetch { nixpkgs-unstable = fetch {
rev = "88e010dcb29ecf70a973c8d57ed175eadf7f42cf"; rev = "16105403bdd843540cbef9c63fc0f16c1c6eaa70";
sha256 = "0v6g32yw3cx2qg76idkccayap6lvnhkgnw70isy4vbjd88injmpv"; sha256 = "0sl6hsxlh14kcs38jcra908nvi5hd8p8hlim3lbra55lz0kd9rcl";
}; };
} }

View File

@ -79,7 +79,10 @@ let
services.liquidd.extraConfig = mkIf config.test.noConnections "connect=0"; services.liquidd.extraConfig = mkIf config.test.noConnections "connect=0";
tests.btcpayserver = cfg.btcpayserver.enable; tests.btcpayserver = cfg.btcpayserver.enable;
services.btcpayserver.lightningBackend = "lnd"; services.btcpayserver = {
lightningBackend = "lnd";
lbtc = true;
};
# Needed to test macaroon creation # Needed to test macaroon creation
environment.systemPackages = mkIfTest "btcpayserver" (with pkgs; [ openssl xxd ]); environment.systemPackages = mkIfTest "btcpayserver" (with pkgs; [ openssl xxd ]);
@ -183,6 +186,7 @@ let
imports = [ scenarios.regtestBase ]; imports = [ scenarios.regtestBase ];
services.clightning.enable = true; services.clightning.enable = true;
test.features.clightningPlugins = true; test.features.clightningPlugins = true;
services.liquidd.enable = true;
services.spark-wallet.enable = true; services.spark-wallet.enable = true;
services.lnd.enable = true; services.lnd.enable = true;
services.lightning-loop.enable = true; services.lightning-loop.enable = true;

View File

@ -210,6 +210,7 @@ def _():
def _(): def _():
assert_running("nbxplorer") assert_running("nbxplorer")
machine.wait_until_succeeds(log_has_string("nbxplorer", "BTC: RPC connection successful")) machine.wait_until_succeeds(log_has_string("nbxplorer", "BTC: RPC connection successful"))
machine.wait_until_succeeds(log_has_string("nbxplorer", "LBTC: RPC connection successful"))
wait_for_open_port(ip("nbxplorer"), 24444) wait_for_open_port(ip("nbxplorer"), 24444)
assert_running("btcpayserver") assert_running("btcpayserver")
machine.wait_until_succeeds(log_has_string("btcpayserver", "Listening on")) machine.wait_until_succeeds(log_has_string("btcpayserver", "Listening on"))
@ -291,7 +292,7 @@ def _():
# These reachability tests are non-exhaustive # These reachability tests are non-exhaustive
assert_reachable("bitcoind", ["clightning", "lnd", "liquidd"]) assert_reachable("bitcoind", ["clightning", "lnd", "liquidd"])
assert_unreachable("bitcoind", ["btcpayserver", "spark-wallet", "lightning-loop"]) assert_unreachable("bitcoind", ["btcpayserver", "spark-wallet", "lightning-loop"])
assert_unreachable("btcpayserver", ["bitcoind", "lightning-loop", "liquidd"]) assert_unreachable("btcpayserver", ["bitcoind", "lightning-loop"])
# netns addresses can not be bound to in the main netns. # netns addresses can not be bound to in the main netns.
# This prevents processes in the main netns from impersonating nix-bitcoin services. # This prevents processes in the main netns from impersonating nix-bitcoin services.