diff --git a/modules/backups.nix b/modules/backups.nix index 7a95eb3..4febc98 100644 --- a/modules/backups.nix +++ b/modules/backups.nix @@ -1,40 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.backups; - - filelist = pkgs.writeText "filelist.txt" '' - ${optionalString (!cfg.with-bulk-data) "- ${config.services.bitcoind.dataDir}/blocks"} - ${optionalString (!cfg.with-bulk-data) "- ${config.services.bitcoind.dataDir}/chainstate"} - ${config.services.bitcoind.dataDir} - ${config.services.clightning.dataDir} - ${config.services.lnd.dataDir} - ${optionalString (!cfg.with-bulk-data) "- ${config.services.liquidd.dataDir}/*/blocks"} - ${optionalString (!cfg.with-bulk-data) "- ${config.services.liquidd.dataDir}/*/chainstate"} - ${config.services.liquidd.dataDir} - ${optionalString cfg.with-bulk-data "${config.services.electrs.dataDir}"} - ${config.services.nbxplorer.dataDir} - ${config.services.btcpayserver.dataDir} - ${config.services.joinmarket.dataDir} - ${optionalString config.nix-bitcoin.generateSecrets "${config.nix-bitcoin.secretsDir}"} - /var/lib/tor - /var/lib/nixos - - ${builtins.concatStringsSep "\n" postgresqlBackupPaths} - - # Extra files - ${cfg.extraFiles} - - # Exclude all unspecified files and directories - - / - ''; - - postgresqlBackupDir = config.services.postgresqlBackup.location; - postgresqlBackupPaths = map (db: "${postgresqlBackupDir}/${db}.sql.gz") cfg.postgresqlDatabases; - postgresqlBackupServices = map (db: "postgresqlBackup-${db}.service") cfg.postgresqlDatabases; -in { options.services.backups = { enable = mkEnableOption "Backups service"; with-bulk-data = mkOption { @@ -73,6 +40,40 @@ in { }; }; + cfg = config.services.backups; + + filelist = pkgs.writeText "filelist.txt" '' + ${optionalString (!cfg.with-bulk-data) "- ${config.services.bitcoind.dataDir}/blocks"} + ${optionalString (!cfg.with-bulk-data) "- ${config.services.bitcoind.dataDir}/chainstate"} + ${config.services.bitcoind.dataDir} + ${config.services.clightning.dataDir} + ${config.services.lnd.dataDir} + ${optionalString (!cfg.with-bulk-data) "- ${config.services.liquidd.dataDir}/*/blocks"} + ${optionalString (!cfg.with-bulk-data) "- ${config.services.liquidd.dataDir}/*/chainstate"} + ${config.services.liquidd.dataDir} + ${optionalString cfg.with-bulk-data "${config.services.electrs.dataDir}"} + ${config.services.nbxplorer.dataDir} + ${config.services.btcpayserver.dataDir} + ${config.services.joinmarket.dataDir} + ${optionalString config.nix-bitcoin.generateSecrets "${config.nix-bitcoin.secretsDir}"} + /var/lib/tor + /var/lib/nixos + + ${builtins.concatStringsSep "\n" postgresqlBackupPaths} + + # Extra files + ${cfg.extraFiles} + + # Exclude all unspecified files and directories + - / + ''; + + postgresqlBackupDir = config.services.postgresqlBackup.location; + postgresqlBackupPaths = map (db: "${postgresqlBackupDir}/${db}.sql.gz") cfg.postgresqlDatabases; + postgresqlBackupServices = map (db: "postgresqlBackup-${db}.service") cfg.postgresqlDatabases; +in { + inherit options; + config = mkIf cfg.enable { environment.systemPackages = [ pkgs.duplicity ]; diff --git a/modules/bitcoind.nix b/modules/bitcoind.nix index 117f4d9..50f1a88 100644 --- a/modules/bitcoind.nix +++ b/modules/bitcoind.nix @@ -1,63 +1,7 @@ { config, pkgs, lib, ... }: with lib; - let - cfg = config.services.bitcoind; - nbLib = config.nix-bitcoin.lib; - secretsDir = config.nix-bitcoin.secretsDir; - - configFile = builtins.toFile "bitcoin.conf" '' - # We're already logging via journald - nodebuglogfile=1 - - startupnotify=/run/current-system/systemd/bin/systemd-notify --ready - - ${optionalString cfg.regtest '' - regtest=1 - [regtest] - ''} - ${optionalString (cfg.dbCache != null) "dbcache=${toString cfg.dbCache}"} - prune=${toString cfg.prune} - ${optionalString (cfg.sysperms != null) "sysperms=${if cfg.sysperms then "1" else "0"}"} - ${optionalString (cfg.disablewallet != null) "disablewallet=${if cfg.disablewallet then "1" else "0"}"} - ${optionalString (cfg.assumevalid != null) "assumevalid=${cfg.assumevalid}"} - - # Connection options - ${optionalString cfg.listen "bind=${cfg.address}${optionalString cfg.enforceTor "=onion"}"} - port=${toString cfg.port} - ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} - listen=${if cfg.listen then "1" else "0"} - ${optionalString (cfg.discover != null) "discover=${if cfg.discover then "1" else "0"}"} - ${lib.concatMapStrings (node: "addnode=${node}\n") cfg.addnodes} - - # RPC server options - rpcbind=${cfg.rpc.address} - rpcport=${toString cfg.rpc.port} - rpcconnect=${cfg.rpc.address} - ${optionalString (cfg.rpc.threads != null) "rpcthreads=${toString cfg.rpc.threads}"} - rpcwhitelistdefault=0 - ${concatMapStrings (user: '' - ${optionalString (!user.passwordHMACFromFile) "rpcauth=${user.name}:${passwordHMAC}"} - ${optionalString (user.rpcwhitelist != []) - "rpcwhitelist=${user.name}:${lib.strings.concatStringsSep "," user.rpcwhitelist}"} - '') (builtins.attrValues cfg.rpc.users) - } - ${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpc.allowip} - - # Wallet options - ${optionalString (cfg.addresstype != null) "addresstype=${cfg.addresstype}"} - - # ZMQ options - ${optionalString (cfg.zmqpubrawblock != null) "zmqpubrawblock=${cfg.zmqpubrawblock}"} - ${optionalString (cfg.zmqpubrawtx != null) "zmqpubrawtx=${cfg.zmqpubrawtx}"} - - # Extra options - ${cfg.extraConfig} - ''; - - zmqServerEnabled = (cfg.zmqpubrawblock != null) || (cfg.zmqpubrawtx != null); -in { options = { services.bitcoind = { enable = mkEnableOption "Bitcoin daemon"; @@ -289,6 +233,63 @@ in { }; }; + cfg = config.services.bitcoind; + nbLib = config.nix-bitcoin.lib; + secretsDir = config.nix-bitcoin.secretsDir; + + configFile = builtins.toFile "bitcoin.conf" '' + # We're already logging via journald + nodebuglogfile=1 + + startupnotify=/run/current-system/systemd/bin/systemd-notify --ready + + ${optionalString cfg.regtest '' + regtest=1 + [regtest] + ''} + ${optionalString (cfg.dbCache != null) "dbcache=${toString cfg.dbCache}"} + prune=${toString cfg.prune} + ${optionalString (cfg.sysperms != null) "sysperms=${if cfg.sysperms then "1" else "0"}"} + ${optionalString (cfg.disablewallet != null) "disablewallet=${if cfg.disablewallet then "1" else "0"}"} + ${optionalString (cfg.assumevalid != null) "assumevalid=${cfg.assumevalid}"} + + # Connection options + ${optionalString cfg.listen "bind=${cfg.address}${optionalString cfg.enforceTor "=onion"}"} + port=${toString cfg.port} + ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} + listen=${if cfg.listen then "1" else "0"} + ${optionalString (cfg.discover != null) "discover=${if cfg.discover then "1" else "0"}"} + ${lib.concatMapStrings (node: "addnode=${node}\n") cfg.addnodes} + + # RPC server options + rpcbind=${cfg.rpc.address} + rpcport=${toString cfg.rpc.port} + rpcconnect=${cfg.rpc.address} + ${optionalString (cfg.rpc.threads != null) "rpcthreads=${toString cfg.rpc.threads}"} + rpcwhitelistdefault=0 + ${concatMapStrings (user: '' + ${optionalString (!user.passwordHMACFromFile) "rpcauth=${user.name}:${passwordHMAC}"} + ${optionalString (user.rpcwhitelist != []) + "rpcwhitelist=${user.name}:${lib.strings.concatStringsSep "," user.rpcwhitelist}"} + '') (builtins.attrValues cfg.rpc.users) + } + ${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpc.allowip} + + # Wallet options + ${optionalString (cfg.addresstype != null) "addresstype=${cfg.addresstype}"} + + # ZMQ options + ${optionalString (cfg.zmqpubrawblock != null) "zmqpubrawblock=${cfg.zmqpubrawblock}"} + ${optionalString (cfg.zmqpubrawtx != null) "zmqpubrawtx=${cfg.zmqpubrawtx}"} + + # Extra options + ${cfg.extraConfig} + ''; + + zmqServerEnabled = (cfg.zmqpubrawblock != null) || (cfg.zmqpubrawtx != null); +in { + inherit options; + config = mkIf cfg.enable { environment.systemPackages = [ cfg.package (hiPrio cfg.cli) ]; diff --git a/modules/btcpayserver.nix b/modules/btcpayserver.nix index f38b6ee..f35b7f6 100644 --- a/modules/btcpayserver.nix +++ b/modules/btcpayserver.nix @@ -1,12 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services; - nbLib = config.nix-bitcoin.lib; - nbPkgs = config.nix-bitcoin.pkgs; -in { options.services = { nbxplorer = { package = mkOption { @@ -102,6 +97,12 @@ in { }; }; + cfg = config.services; + nbLib = config.nix-bitcoin.lib; + nbPkgs = config.nix-bitcoin.pkgs; +in { + inherit options; + config = mkIf cfg.btcpayserver.enable { services.bitcoind.enable = true; services.clightning.enable = mkIf (cfg.btcpayserver.lightningBackend == "clightning") true; diff --git a/modules/charge-lnd.nix b/modules/charge-lnd.nix index 32aef1e..8e72478 100644 --- a/modules/charge-lnd.nix +++ b/modules/charge-lnd.nix @@ -1,26 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.charge-lnd; - nbLib = config.nix-bitcoin.lib; - lnd = config.services.lnd; - electrs = if (config.services ? electrs) && config.services.electrs.enable - then config.services.electrs - else null; - - user = "charge-lnd"; - group = user; - dataDir = "/var/lib/charge-lnd"; - - configFile = builtins.toFile "charge-lnd.config" cfg.policies; - checkedConfig = pkgs.runCommandNoCC "charge-lnd-checked.config" { } '' - ${config.nix-bitcoin.pkgs.charge-lnd}/bin/charge-lnd --check --config ${configFile} - cp ${configFile} $out - ''; -in -{ options.services.charge-lnd = with types; { enable = mkEnableOption "charge-lnd, policy-based fee manager"; @@ -86,6 +67,26 @@ in }; }; + cfg = config.services.charge-lnd; + nbLib = config.nix-bitcoin.lib; + lnd = config.services.lnd; + electrs = if (config.services ? electrs) && config.services.electrs.enable + then config.services.electrs + else null; + + user = "charge-lnd"; + group = user; + dataDir = "/var/lib/charge-lnd"; + + configFile = builtins.toFile "charge-lnd.config" cfg.policies; + checkedConfig = pkgs.runCommandNoCC "charge-lnd-checked.config" { } '' + ${config.nix-bitcoin.pkgs.charge-lnd}/bin/charge-lnd --check --config ${configFile} + cp ${configFile} $out + ''; +in +{ + inherit options; + config = mkIf cfg.enable { services.lnd = { enable = true; diff --git a/modules/clightning-plugins/default.nix b/modules/clightning-plugins/default.nix index 4de6bb1..9a39782 100644 --- a/modules/clightning-plugins/default.nix +++ b/modules/clightning-plugins/default.nix @@ -2,6 +2,12 @@ with lib; let + options.services.clightning.plugins = { + helpme.enable = mkEnableOption "Help me (clightning plugin)"; + monitor.enable = mkEnableOption "Monitor (clightning plugin)"; + rebalance.enable = mkEnableOption "Rebalance (clightning plugin)"; + }; + cfg = config.services.clightning.plugins; pluginPkgs = config.nix-bitcoin.pkgs.clightning-plugins; in { @@ -12,11 +18,7 @@ in { ./zmq.nix ]; - options.services.clightning.plugins = { - helpme.enable = mkEnableOption "Help me (clightning plugin)"; - monitor.enable = mkEnableOption "Monitor (clightning plugin)"; - rebalance.enable = mkEnableOption "Rebalance (clightning plugin)"; - }; + inherit options; config = { services.clightning.extraConfig = mkMerge [ diff --git a/modules/clightning-plugins/zmq.nix b/modules/clightning-plugins/zmq.nix index 5ba2ece..f2e7627 100644 --- a/modules/clightning-plugins/zmq.nix +++ b/modules/clightning-plugins/zmq.nix @@ -2,6 +2,10 @@ with lib; let + options.services.clightning.plugins.zmq = { + enable = mkEnableOption "ZMQ (clightning plugin)"; + } // lib.genAttrs endpoints mkEndpointOption; + cfg = config.services.clightning.plugins.zmq; nbLib = config.nix-bitcoin.lib; @@ -31,9 +35,7 @@ let ''; in { - options.services.clightning.plugins.zmq = { - enable = mkEnableOption "ZMQ (clightning plugin)"; - } // lib.genAttrs endpoints mkEndpointOption; + inherit options; config = mkIf cfg.enable { services.clightning.extraConfig = '' diff --git a/modules/clightning.nix b/modules/clightning.nix index 93a3b5a..6aea551 100644 --- a/modules/clightning.nix +++ b/modules/clightning.nix @@ -1,25 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.clightning; - nbLib = config.nix-bitcoin.lib; - nbPkgs = config.nix-bitcoin.pkgs; - network = config.services.bitcoind.makeNetworkName "bitcoin" "regtest"; - configFile = pkgs.writeText "config" '' - network=${network} - bitcoin-datadir=${config.services.bitcoind.dataDir} - ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} - always-use-proxy=${boolToString cfg.always-use-proxy} - bind-addr=${cfg.address}:${toString cfg.port} - bitcoin-rpcconnect=${config.services.bitcoind.rpc.address} - bitcoin-rpcport=${toString config.services.bitcoind.rpc.port} - bitcoin-rpcuser=${config.services.bitcoind.rpc.users.public.name} - rpc-file-mode=0660 - ${cfg.extraConfig} - ''; -in { options.services.clightning = { enable = mkEnableOption "clightning"; address = mkOption { @@ -91,6 +73,25 @@ in { inherit (nbLib) enforceTor; }; + cfg = config.services.clightning; + nbLib = config.nix-bitcoin.lib; + nbPkgs = config.nix-bitcoin.pkgs; + network = config.services.bitcoind.makeNetworkName "bitcoin" "regtest"; + configFile = pkgs.writeText "config" '' + network=${network} + bitcoin-datadir=${config.services.bitcoind.dataDir} + ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} + always-use-proxy=${boolToString cfg.always-use-proxy} + bind-addr=${cfg.address}:${toString cfg.port} + bitcoin-rpcconnect=${config.services.bitcoind.rpc.address} + bitcoin-rpcport=${toString config.services.bitcoind.rpc.port} + bitcoin-rpcuser=${config.services.bitcoind.rpc.users.public.name} + rpc-file-mode=0660 + ${cfg.extraConfig} + ''; +in { + inherit options; + config = mkIf cfg.enable { services.bitcoind = { enable = true; diff --git a/modules/electrs.nix b/modules/electrs.nix index 880cc1a..f650954 100644 --- a/modules/electrs.nix +++ b/modules/electrs.nix @@ -2,11 +2,6 @@ with lib; let - cfg = config.services.electrs; - nbLib = config.nix-bitcoin.lib; - secretsDir = config.nix-bitcoin.secretsDir; - bitcoind = config.services.bitcoind; -in { options.services.electrs = { enable = mkEnableOption "electrs"; address = mkOption { @@ -54,6 +49,13 @@ in { enforceTor = nbLib.enforceTor; }; + cfg = config.services.electrs; + nbLib = config.nix-bitcoin.lib; + secretsDir = config.nix-bitcoin.secretsDir; + bitcoind = config.services.bitcoind; +in { + inherit options; + config = mkIf cfg.enable { assertions = [ { assertion = bitcoind.prune == 0; diff --git a/modules/hardware-wallets.nix b/modules/hardware-wallets.nix index b2e9352..cf95dc4 100644 --- a/modules/hardware-wallets.nix +++ b/modules/hardware-wallets.nix @@ -1,12 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.hardware-wallets; - dataDir = "/var/lib/hardware-wallets/"; - enabled = cfg.ledger || cfg.trezor; -in { options.services.hardware-wallets = { ledger = mkOption { type = types.bool; @@ -31,6 +26,12 @@ in { }; }; + cfg = config.services.hardware-wallets; + dataDir = "/var/lib/hardware-wallets/"; + enabled = cfg.ledger || cfg.trezor; +in { + inherit options; + config = mkMerge [ (mkIf (cfg.ledger || cfg.trezor) { assertions = [ diff --git a/modules/joinmarket-ob-watcher.nix b/modules/joinmarket-ob-watcher.nix index 4b9714b..b5378b5 100644 --- a/modules/joinmarket-ob-watcher.nix +++ b/modules/joinmarket-ob-watcher.nix @@ -2,6 +2,40 @@ with lib; let + options.services.joinmarket-ob-watcher = { + enable = mkEnableOption "JoinMarket orderbook watcher"; + address = mkOption { + type = types.str; + default = "127.0.0.1"; + description = "HTTP server address."; + }; + port = mkOption { + type = types.port; + default = 62601; + description = "HTTP server port."; + }; + dataDir = mkOption { + readOnly = true; + default = "/var/lib/joinmarket-ob-watcher"; + description = "The data directory for JoinMarket orderbook watcher."; + }; + user = mkOption { + type = types.str; + default = "joinmarket-ob-watcher"; + description = "The user as which to run JoinMarket."; + }; + group = mkOption { + type = types.str; + default = cfg.user; + description = "The group as which to run JoinMarket."; + }; + # This option is only used by netns-isolation + enforceTor = mkOption { + readOnly = true; + default = true; + }; + }; + cfg = config.services.joinmarket-ob-watcher; nbLib = config.nix-bitcoin.lib; nbPkgs = config.nix-bitcoin.pkgs; @@ -39,39 +73,7 @@ let ${socks5Settings} ''; in { - options.services.joinmarket-ob-watcher = { - enable = mkEnableOption "JoinMarket orderbook watcher"; - address = mkOption { - type = types.str; - default = "127.0.0.1"; - description = "HTTP server address."; - }; - port = mkOption { - type = types.port; - default = 62601; - description = "HTTP server port."; - }; - dataDir = mkOption { - readOnly = true; - default = "/var/lib/joinmarket-ob-watcher"; - description = "The data directory for JoinMarket orderbook watcher."; - }; - user = mkOption { - type = types.str; - default = "joinmarket-ob-watcher"; - description = "The user as which to run JoinMarket."; - }; - group = mkOption { - type = types.str; - default = cfg.user; - description = "The group as which to run JoinMarket."; - }; - # This option is only used by netns-isolation - enforceTor = mkOption { - readOnly = true; - default = true; - }; - }; + inherit options; config = mkIf cfg.enable { services.bitcoind.rpc.users.joinmarket-ob-watcher = { diff --git a/modules/joinmarket.nix b/modules/joinmarket.nix index a5aacc6..632a4b0 100644 --- a/modules/joinmarket.nix +++ b/modules/joinmarket.nix @@ -1,8 +1,102 @@ { config, lib, pkgs, ... }: with lib; - let + options.services.joinmarket = { + enable = mkEnableOption "JoinMarket"; + dataDir = mkOption { + type = types.path; + default = "/var/lib/joinmarket"; + description = "The data directory for JoinMarket."; + }; + user = mkOption { + type = types.str; + default = "joinmarket"; + description = "The user as which to run JoinMarket."; + }; + group = mkOption { + type = types.str; + default = cfg.user; + description = "The group as which to run JoinMarket."; + }; + rpcWalletFile = mkOption { + type = types.nullOr types.str; + default = "jm_wallet"; + description = '' + Name of the watch-only bitcoind wallet the JoinMarket addresses are imported to. + ''; + }; + cli = mkOption { + default = cli; + }; + # This option is only used by netns-isolation + enforceTor = mkOption { + readOnly = true; + default = true; + }; + inherit (nbLib) cliExec; + + yieldgenerator = { + enable = mkEnableOption "yield generator bot"; + ordertype = mkOption { + type = types.enum [ "reloffer" "absoffer" ]; + default = "reloffer"; + description = '' + Which fee type to actually use + ''; + }; + cjfee_a = mkOption { + type = types.ints.unsigned; + default = 500; + description = '' + Absolute offer fee you wish to receive for coinjoins (cj) in Satoshis + ''; + }; + cjfee_r = mkOption { + type = types.float; + default = 0.00002; + description = '' + Relative offer fee you wish to receive based on a cj's amount + ''; + }; + cjfee_factor = mkOption { + type = types.float; + default = 0.1; + description = '' + Variance around the average cj fee + ''; + }; + txfee = mkOption { + type = types.ints.unsigned; + default = 100; + description = '' + The average transaction fee you're adding to coinjoin transactions + ''; + }; + txfee_factor = mkOption { + type = types.float; + default = 0.3; + description = '' + Variance around the average tx fee + ''; + }; + minsize = mkOption { + type = types.ints.unsigned; + default = 100000; + description = '' + Minimum size of your cj offer in Satoshis. Lower cj amounts will be disregarded. + ''; + }; + size_factor = mkOption { + type = types.float; + default = 0.1; + description = '' + Variance around all offer sizes + ''; + }; + }; + }; + cfg = config.services.joinmarket; nbLib = config.nix-bitcoin.lib; nbPkgs = config.nix-bitcoin.pkgs; @@ -114,100 +208,7 @@ let chmod -R +x $out/bin ''; in { - options.services.joinmarket = { - enable = mkEnableOption "JoinMarket"; - dataDir = mkOption { - type = types.path; - default = "/var/lib/joinmarket"; - description = "The data directory for JoinMarket."; - }; - user = mkOption { - type = types.str; - default = "joinmarket"; - description = "The user as which to run JoinMarket."; - }; - group = mkOption { - type = types.str; - default = cfg.user; - description = "The group as which to run JoinMarket."; - }; - rpcWalletFile = mkOption { - type = types.nullOr types.str; - default = "jm_wallet"; - description = '' - Name of the watch-only bitcoind wallet the JoinMarket addresses are imported to. - ''; - }; - cli = mkOption { - default = cli; - }; - # This option is only used by netns-isolation - enforceTor = mkOption { - readOnly = true; - default = true; - }; - inherit (nbLib) cliExec; - - yieldgenerator = { - enable = mkEnableOption "yield generator bot"; - ordertype = mkOption { - type = types.enum [ "reloffer" "absoffer" ]; - default = "reloffer"; - description = '' - Which fee type to actually use - ''; - }; - cjfee_a = mkOption { - type = types.ints.unsigned; - default = 500; - description = '' - Absolute offer fee you wish to receive for coinjoins (cj) in Satoshis - ''; - }; - cjfee_r = mkOption { - type = types.float; - default = 0.00002; - description = '' - Relative offer fee you wish to receive based on a cj's amount - ''; - }; - cjfee_factor = mkOption { - type = types.float; - default = 0.1; - description = '' - Variance around the average cj fee - ''; - }; - txfee = mkOption { - type = types.ints.unsigned; - default = 100; - description = '' - The average transaction fee you're adding to coinjoin transactions - ''; - }; - txfee_factor = mkOption { - type = types.float; - default = 0.3; - description = '' - Variance around the average tx fee - ''; - }; - minsize = mkOption { - type = types.ints.unsigned; - default = 100000; - description = '' - Minimum size of your cj offer in Satoshis. Lower cj amounts will be disregarded. - ''; - }; - size_factor = mkOption { - type = types.float; - default = 0.1; - description = '' - Variance around all offer sizes - ''; - }; - }; - }; + inherit options; config = mkIf cfg.enable (mkMerge [{ services.bitcoind = { diff --git a/modules/lightning-loop.nix b/modules/lightning-loop.nix index 530b138..b7b388e 100644 --- a/modules/lightning-loop.nix +++ b/modules/lightning-loop.nix @@ -1,34 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.lightning-loop; - nbLib = config.nix-bitcoin.lib; - secretsDir = config.nix-bitcoin.secretsDir; - - lnd = config.services.lnd; - - network = config.services.bitcoind.network; - rpclisten = "${cfg.rpcAddress}:${toString cfg.rpcPort}"; - configFile = builtins.toFile "loop.conf" '' - datadir=${cfg.dataDir} - network=${network} - rpclisten=${rpclisten} - restlisten=${cfg.restAddress}:${toString cfg.restPort} - logdir=${cfg.dataDir}/logs - tlscertpath=${secretsDir}/loop-cert - tlskeypath=${secretsDir}/loop-key - - lnd.host=${lnd.rpcAddress}:${toString lnd.rpcPort} - lnd.macaroonpath=${lnd.networkDir}/admin.macaroon - lnd.tlspath=${lnd.certPath} - - ${optionalString (cfg.proxy != null) "server.proxy=${cfg.proxy}"} - - ${cfg.extraConfig} - ''; -in { options.services.lightning-loop = { enable = mkEnableOption "lightning-loop"; rpcAddress = mkOption { @@ -86,6 +59,34 @@ in { enforceTor = nbLib.enforceTor; }; + cfg = config.services.lightning-loop; + nbLib = config.nix-bitcoin.lib; + secretsDir = config.nix-bitcoin.secretsDir; + + lnd = config.services.lnd; + + network = config.services.bitcoind.network; + rpclisten = "${cfg.rpcAddress}:${toString cfg.rpcPort}"; + configFile = builtins.toFile "loop.conf" '' + datadir=${cfg.dataDir} + network=${network} + rpclisten=${rpclisten} + restlisten=${cfg.restAddress}:${toString cfg.restPort} + logdir=${cfg.dataDir}/logs + tlscertpath=${secretsDir}/loop-cert + tlskeypath=${secretsDir}/loop-key + + lnd.host=${lnd.rpcAddress}:${toString lnd.rpcPort} + lnd.macaroonpath=${lnd.networkDir}/admin.macaroon + lnd.tlspath=${lnd.certPath} + + ${optionalString (cfg.proxy != null) "server.proxy=${cfg.proxy}"} + + ${cfg.extraConfig} + ''; +in { + inherit options; + config = mkIf cfg.enable { services.lnd.enable = true; diff --git a/modules/lightning-pool.nix b/modules/lightning-pool.nix index 7f49f3d..4a9c9ca 100644 --- a/modules/lightning-pool.nix +++ b/modules/lightning-pool.nix @@ -1,27 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.lightning-pool; - nbLib = config.nix-bitcoin.lib; - - lnd = config.services.lnd; - - network = config.services.bitcoind.network; - rpclisten = "${cfg.rpcAddress}:${toString cfg.rpcPort}"; - configFile = builtins.toFile "pool.conf" '' - rpclisten=${rpclisten} - restlisten=${cfg.restAddress}:${toString cfg.restPort} - ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} - - lnd.host=${lnd.rpcAddress}:${toString lnd.rpcPort} - lnd.macaroondir=${lnd.networkDir} - lnd.tlspath=${lnd.certPath} - - ${cfg.extraConfig} - ''; -in { options.services.lightning-pool = { enable = mkEnableOption "lightning-pool"; rpcAddress = mkOption { @@ -79,6 +59,27 @@ in { enforceTor = nbLib.enforceTor; }; + cfg = config.services.lightning-pool; + nbLib = config.nix-bitcoin.lib; + + lnd = config.services.lnd; + + network = config.services.bitcoind.network; + rpclisten = "${cfg.rpcAddress}:${toString cfg.rpcPort}"; + configFile = builtins.toFile "pool.conf" '' + rpclisten=${rpclisten} + restlisten=${cfg.restAddress}:${toString cfg.restPort} + ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} + + lnd.host=${lnd.rpcAddress}:${toString lnd.rpcPort} + lnd.macaroondir=${lnd.networkDir} + lnd.tlspath=${lnd.certPath} + + ${cfg.extraConfig} + ''; +in { + inherit options; + config = mkIf cfg.enable { services.lnd.enable = true; diff --git a/modules/liquid.nix b/modules/liquid.nix index 6fe7d14..b729a11 100644 --- a/modules/liquid.nix +++ b/modules/liquid.nix @@ -1,73 +1,7 @@ { config, pkgs, lib, ... }: with lib; - let - cfg = config.services.liquidd; - nbLib = config.nix-bitcoin.lib; - nbPkgs = config.nix-bitcoin.pkgs; - secretsDir = config.nix-bitcoin.secretsDir; - pidFile = "${cfg.dataDir}/liquidd.pid"; - configFile = pkgs.writeText "elements.conf" '' - chain=${config.services.bitcoind.makeNetworkName "liquidv1" '' - regtest - [regtest]'' # Add [regtest] config section - } - ${optionalString (cfg.dbCache != null) "dbcache=${toString cfg.dbCache}"} - ${optionalString (cfg.prune != null) "prune=${toString cfg.prune}"} - ${optionalString (cfg.validatepegin != null) "validatepegin=${if cfg.validatepegin then "1" else "0"}"} - - # Connection options - ${optionalString cfg.listen "bind=${cfg.address}"} - port=${toString cfg.port} - ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} - listen=${if cfg.listen then "1" else "0"} - - # RPC server options - rpcport=${toString cfg.rpc.port} - ${concatMapStringsSep "\n" - (rpcUser: "rpcauth=${rpcUser.name}:${rpcUser.passwordHMAC}") - (attrValues cfg.rpc.users) - } - rpcbind=${cfg.rpc.address} - rpcconnect=${cfg.rpc.address} - ${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpcallowip} - rpcuser=${cfg.rpcuser} - mainchainrpchost=${config.services.bitcoind.rpc.address} - mainchainrpcport=${toString config.services.bitcoind.rpc.port} - mainchainrpcuser=${config.services.bitcoind.rpc.users.public.name} - - # Extra config options (from liquidd nixos service) - ${cfg.extraConfig} - ''; - cmdlineOptions = concatMapStringsSep " " (arg: "'${arg}'") [ - "-datadir=${cfg.dataDir}" - "-pid=${pidFile}" - ]; - hexStr = types.strMatching "[0-9a-f]+"; - rpcUserOpts = { name, ... }: { - options = { - name = mkOption { - type = types.str; - example = "alice"; - description = '' - Username for JSON-RPC connections. - ''; - }; - passwordHMAC = mkOption { - type = with types; uniq (strMatching "[0-9a-f]+\\$[0-9a-f]{64}"); - example = "f7efda5c189b999524f151318c0c86$d5b51b3beffbc02b724e5d095828e0bc8b2456e9ac8757ae3211a5d9b16a22ae"; - description = '' - Password HMAC-SHA-256 for JSON-RPC connections. Must be a string of the - format $. - ''; - }; - }; - config = { - name = mkDefault name; - }; - }; -in { options = { services.liquidd = { @@ -203,6 +137,73 @@ in { }; }; + cfg = config.services.liquidd; + nbLib = config.nix-bitcoin.lib; + nbPkgs = config.nix-bitcoin.pkgs; + secretsDir = config.nix-bitcoin.secretsDir; + pidFile = "${cfg.dataDir}/liquidd.pid"; + configFile = pkgs.writeText "elements.conf" '' + chain=${config.services.bitcoind.makeNetworkName "liquidv1" '' + regtest + [regtest]'' # Add [regtest] config section + } + ${optionalString (cfg.dbCache != null) "dbcache=${toString cfg.dbCache}"} + ${optionalString (cfg.prune != null) "prune=${toString cfg.prune}"} + ${optionalString (cfg.validatepegin != null) "validatepegin=${if cfg.validatepegin then "1" else "0"}"} + + # Connection options + ${optionalString cfg.listen "bind=${cfg.address}"} + port=${toString cfg.port} + ${optionalString (cfg.proxy != null) "proxy=${cfg.proxy}"} + listen=${if cfg.listen then "1" else "0"} + + # RPC server options + rpcport=${toString cfg.rpc.port} + ${concatMapStringsSep "\n" + (rpcUser: "rpcauth=${rpcUser.name}:${rpcUser.passwordHMAC}") + (attrValues cfg.rpc.users) + } + rpcbind=${cfg.rpc.address} + rpcconnect=${cfg.rpc.address} + ${lib.concatMapStrings (rpcallowip: "rpcallowip=${rpcallowip}\n") cfg.rpcallowip} + rpcuser=${cfg.rpcuser} + mainchainrpchost=${config.services.bitcoind.rpc.address} + mainchainrpcport=${toString config.services.bitcoind.rpc.port} + mainchainrpcuser=${config.services.bitcoind.rpc.users.public.name} + + # Extra config options (from liquidd nixos service) + ${cfg.extraConfig} + ''; + cmdlineOptions = concatMapStringsSep " " (arg: "'${arg}'") [ + "-datadir=${cfg.dataDir}" + "-pid=${pidFile}" + ]; + hexStr = types.strMatching "[0-9a-f]+"; + rpcUserOpts = { name, ... }: { + options = { + name = mkOption { + type = types.str; + example = "alice"; + description = '' + Username for JSON-RPC connections. + ''; + }; + passwordHMAC = mkOption { + type = with types; uniq (strMatching "[0-9a-f]+\\$[0-9a-f]{64}"); + example = "f7efda5c189b999524f151318c0c86$d5b51b3beffbc02b724e5d095828e0bc8b2456e9ac8757ae3211a5d9b16a22ae"; + description = '' + Password HMAC-SHA-256 for JSON-RPC connections. Must be a string of the + format $. + ''; + }; + }; + config = { + name = mkDefault name; + }; + }; +in { + inherit options; + config = mkIf cfg.enable { services.bitcoind.enable = true; diff --git a/modules/lnd-rest-onion-service.nix b/modules/lnd-rest-onion-service.nix index 344885e..8b2ea25 100644 --- a/modules/lnd-rest-onion-service.nix +++ b/modules/lnd-rest-onion-service.nix @@ -1,24 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.lnd.restOnionService; - nbLib = config.nix-bitcoin.lib; - runAsUser = config.nix-bitcoin.runAsUserCmd; - - lnd = config.services.lnd; - - bin = pkgs.writeScriptBin "lndconnect-rest-onion" '' - #!/usr/bin/env -S ${runAsUser} ${lnd.user} ${pkgs.bash}/bin/bash - - exec ${cfg.package}/bin/lndconnect \ - --host=$(cat ${config.nix-bitcoin.onionAddresses.dataDir}/lnd/lnd-rest) \ - --port=${toString lnd.restPort} \ - --lnddir=${lnd.dataDir} \ - --tlscertpath=${lnd.certPath} "$@" - ''; -in { options.services.lnd.restOnionService = { enable = mkOption { default = false; @@ -36,6 +19,24 @@ in { }; }; + cfg = config.services.lnd.restOnionService; + nbLib = config.nix-bitcoin.lib; + runAsUser = config.nix-bitcoin.runAsUserCmd; + + lnd = config.services.lnd; + + bin = pkgs.writeScriptBin "lndconnect-rest-onion" '' + #!/usr/bin/env -S ${runAsUser} ${lnd.user} ${pkgs.bash}/bin/bash + + exec ${cfg.package}/bin/lndconnect \ + --host=$(cat ${config.nix-bitcoin.onionAddresses.dataDir}/lnd/lnd-rest) \ + --port=${toString lnd.restPort} \ + --lnddir=${lnd.dataDir} \ + --tlscertpath=${lnd.certPath} "$@" + ''; +in { + inherit options; + config = mkIf cfg.enable { services.tor = { enable = true; diff --git a/modules/lnd.nix b/modules/lnd.nix index 5c7b5ec..7c1a84f 100644 --- a/modules/lnd.nix +++ b/modules/lnd.nix @@ -1,42 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.lnd; - nbLib = config.nix-bitcoin.lib; - secretsDir = config.nix-bitcoin.secretsDir; - runAsUser = config.nix-bitcoin.runAsUserCmd; - - bitcoind = config.services.bitcoind; - bitcoindRpcAddress = bitcoind.rpc.address; - networkDir = "${cfg.dataDir}/chain/bitcoin/${bitcoind.network}"; - configFile = pkgs.writeText "lnd.conf" '' - datadir=${cfg.dataDir} - logdir=${cfg.dataDir}/logs - tlscertpath=${cfg.certPath} - tlskeypath=${secretsDir}/lnd-key - - listen=${toString cfg.address}:${toString cfg.port} - rpclisten=${cfg.rpcAddress}:${toString cfg.rpcPort} - restlisten=${cfg.restAddress}:${toString cfg.restPort} - - bitcoin.${bitcoind.network}=1 - bitcoin.active=1 - bitcoin.node=bitcoind - - ${optionalString (cfg.enforceTor) "tor.active=true"} - ${optionalString (cfg.tor-socks != null) "tor.socks=${cfg.tor-socks}"} - - bitcoind.rpchost=${bitcoindRpcAddress}:${toString bitcoind.rpc.port} - bitcoind.rpcuser=${bitcoind.rpc.users.public.name} - bitcoind.zmqpubrawblock=${bitcoind.zmqpubrawblock} - bitcoind.zmqpubrawtx=${bitcoind.zmqpubrawtx} - - ${cfg.extraConfig} - ''; -in { - options.services.lnd = { enable = mkEnableOption "Lightning Network Daemon"; dataDir = mkOption { @@ -157,6 +122,42 @@ in { inherit (nbLib) enforceTor; }; + cfg = config.services.lnd; + nbLib = config.nix-bitcoin.lib; + secretsDir = config.nix-bitcoin.secretsDir; + runAsUser = config.nix-bitcoin.runAsUserCmd; + + bitcoind = config.services.bitcoind; + bitcoindRpcAddress = bitcoind.rpc.address; + networkDir = "${cfg.dataDir}/chain/bitcoin/${bitcoind.network}"; + configFile = pkgs.writeText "lnd.conf" '' + datadir=${cfg.dataDir} + logdir=${cfg.dataDir}/logs + tlscertpath=${cfg.certPath} + tlskeypath=${secretsDir}/lnd-key + + listen=${toString cfg.address}:${toString cfg.port} + rpclisten=${cfg.rpcAddress}:${toString cfg.rpcPort} + restlisten=${cfg.restAddress}:${toString cfg.restPort} + + bitcoin.${bitcoind.network}=1 + bitcoin.active=1 + bitcoin.node=bitcoind + + ${optionalString (cfg.enforceTor) "tor.active=true"} + ${optionalString (cfg.tor-socks != null) "tor.socks=${cfg.tor-socks}"} + + bitcoind.rpchost=${bitcoindRpcAddress}:${toString bitcoind.rpc.port} + bitcoind.rpcuser=${bitcoind.rpc.users.public.name} + bitcoind.zmqpubrawblock=${bitcoind.zmqpubrawblock} + bitcoind.zmqpubrawtx=${bitcoind.zmqpubrawtx} + + ${cfg.extraConfig} + ''; +in { + + inherit options; + config = mkIf cfg.enable { assertions = [ { assertion = bitcoind.prune == 0; diff --git a/modules/netns-isolation.nix b/modules/netns-isolation.nix index e7ea4c5..88e486d 100644 --- a/modules/netns-isolation.nix +++ b/modules/netns-isolation.nix @@ -1,50 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.nix-bitcoin.netns-isolation; - - netns = builtins.mapAttrs (n: v: { - inherit (v) id; - address = "169.254.${toString cfg.addressblock}.${toString v.id}"; - availableNetns = availableNetns.${n}; - netnsName = "nb-${n}"; - }) enabledServices; - - # Symmetric netns connection matrix - # if clightning.connections = [ "bitcoind" ]; then - # availableNetns.bitcoind = [ "clighting" ]; - # and - # availableNetns.clighting = [ "bitcoind" ]; - # - # FIXME: Although negligible for our purposes, this calculation's runtime - # is in the order of (number of connections * number of services), - # because attrsets and lists are fully copied on each update with '//' or '++'. - # This can only be improved with an update in the nix language. - # - availableNetns = let - # base = { clightning = [ "bitcoind" ]; ... } - base = builtins.mapAttrs (n: v: - builtins.filter isEnabled v.connections - ) enabledServices; - in - foldl (xs: s1: - foldl (xs: s2: - xs // { "${s2}" = xs.${s2} ++ [ s1 ]; } - ) xs cfg.services.${s1}.connections - ) base (builtins.attrNames base); - - enabledServices = filterAttrs (n: v: isEnabled n) cfg.services; - isEnabled = x: config.services.${x}.enable; - - ip = "${pkgs.iproute}/bin/ip"; - iptables = "${config.networking.firewall.package}/bin/iptables"; - - bridgeIp = "169.254.${toString cfg.addressblock}.10"; - - mkCliExec = service: "exec netns-exec ${netns.${service}.netnsName}"; -in { options.nix-bitcoin.netns-isolation = { enable = mkEnableOption "netns isolation"; @@ -92,6 +49,50 @@ in { }; }; + cfg = config.nix-bitcoin.netns-isolation; + + netns = builtins.mapAttrs (n: v: { + inherit (v) id; + address = "169.254.${toString cfg.addressblock}.${toString v.id}"; + availableNetns = availableNetns.${n}; + netnsName = "nb-${n}"; + }) enabledServices; + + # Symmetric netns connection matrix + # if clightning.connections = [ "bitcoind" ]; then + # availableNetns.bitcoind = [ "clighting" ]; + # and + # availableNetns.clighting = [ "bitcoind" ]; + # + # FIXME: Although negligible for our purposes, this calculation's runtime + # is in the order of (number of connections * number of services), + # because attrsets and lists are fully copied on each update with '//' or '++'. + # This can only be improved with an update in the nix language. + # + availableNetns = let + # base = { clightning = [ "bitcoind" ]; ... } + base = builtins.mapAttrs (n: v: + builtins.filter isEnabled v.connections + ) enabledServices; + in + foldl (xs: s1: + foldl (xs: s2: + xs // { "${s2}" = xs.${s2} ++ [ s1 ]; } + ) xs cfg.services.${s1}.connections + ) base (builtins.attrNames base); + + enabledServices = filterAttrs (n: v: isEnabled n) cfg.services; + isEnabled = x: config.services.${x}.enable; + + ip = "${pkgs.iproute}/bin/ip"; + iptables = "${config.networking.firewall.package}/bin/iptables"; + + bridgeIp = "169.254.${toString cfg.addressblock}.10"; + + mkCliExec = service: "exec netns-exec ${netns.${service}.netnsName}"; +in { + inherit options; + config = mkIf cfg.enable (mkMerge [ # Base infrastructure diff --git a/modules/nodeinfo.nix b/modules/nodeinfo.nix index c395bfb..5a9599c 100644 --- a/modules/nodeinfo.nix +++ b/modules/nodeinfo.nix @@ -2,6 +2,16 @@ with lib; let + options = { + nix-bitcoin.nodeinfo = { + enable = mkEnableOption "nodeinfo"; + program = mkOption { + readOnly = true; + default = script; + }; + }; + }; + cfg = config.nix-bitcoin.nodeinfo; # Services included in the output @@ -102,15 +112,7 @@ let inherit (config.services.tor.relay) onionServices; in { - options = { - nix-bitcoin.nodeinfo = { - enable = mkEnableOption "nodeinfo"; - program = mkOption { - readOnly = true; - default = script; - }; - }; - }; + inherit options; config = { environment.systemPackages = optional cfg.enable script; diff --git a/modules/onion-addresses.nix b/modules/onion-addresses.nix index e3872a9..9a5cd47 100644 --- a/modules/onion-addresses.nix +++ b/modules/onion-addresses.nix @@ -7,11 +7,7 @@ { config, lib, ... }: with lib; - let - cfg = config.nix-bitcoin.onionAddresses; - nbLib = config.nix-bitcoin.lib; -in { options.nix-bitcoin.onionAddresses = { access = mkOption { type = with types; attrsOf (listOf str); @@ -42,6 +38,11 @@ in { }; }; + cfg = config.nix-bitcoin.onionAddresses; + nbLib = config.nix-bitcoin.lib; +in { + inherit options; + config = mkIf (cfg.access != {} || cfg.services != []) { systemd.services.onion-addresses = { wantedBy = [ "tor.service" ]; diff --git a/modules/onion-services.nix b/modules/onion-services.nix index a6d39a0..25c9f45 100644 --- a/modules/onion-services.nix +++ b/modules/onion-services.nix @@ -7,19 +7,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.nix-bitcoin.onionServices; - nbLib = config.nix-bitcoin.lib; - - services = builtins.attrNames cfg; - - activeServices = builtins.filter (service: - config.services.${service}.enable && cfg.${service}.enable - ) services; - - publicServices = builtins.filter (service: cfg.${service}.public) activeServices; -in { options.nix-bitcoin.onionServices = mkOption { default = {}; type = with types; attrsOf (submodule ( @@ -52,6 +40,19 @@ in { )); }; + cfg = config.nix-bitcoin.onionServices; + nbLib = config.nix-bitcoin.lib; + + services = builtins.attrNames cfg; + + activeServices = builtins.filter (service: + config.services.${service}.enable && cfg.${service}.enable + ) services; + + publicServices = builtins.filter (service: cfg.${service}.public) activeServices; +in { + inherit options; + config = mkMerge [ (mkIf (cfg != {}) { # Define hidden services diff --git a/modules/operator.nix b/modules/operator.nix index f336f82..627f8d1 100644 --- a/modules/operator.nix +++ b/modules/operator.nix @@ -8,8 +8,6 @@ with lib; let - cfg = config.nix-bitcoin.operator; -in { options.nix-bitcoin.operator = { enable = mkEnableOption "operator user"; name = mkOption { @@ -29,6 +27,10 @@ in { }; }; + cfg = config.nix-bitcoin.operator; +in { + inherit options; + config = mkIf cfg.enable { users.users.${cfg.name} = { isNormalUser = true; diff --git a/modules/recurring-donations.nix b/modules/recurring-donations.nix index 7d0680b..84922a0 100644 --- a/modules/recurring-donations.nix +++ b/modules/recurring-donations.nix @@ -1,8 +1,39 @@ { config, lib, pkgs, ... }: with lib; - let + options.services.recurring-donations = { + enable = mkEnableOption "recurring-donations"; + tallycoin = mkOption { + type = types.attrs; + default = {}; + description = '' + This option is used to specify tallycoin donation receivers using an + attribute set. For example the following setting instructs the module + to repeatedly send 1000 satoshis to djbooth007. + { + "djbooth007" = 1000; + } + ''; + }; + interval = mkOption { + type = types.str; + default = "Mon *-*-* 00:00:00"; + description = '' + Schedules the donations. Default is weekly on Mon 00:00:00. See `man + systemd.time` for further options. + ''; + }; + randomizedDelaySec = mkOption { + type = types.int; + default = 86400; + description = '' + Random delay to add to scheduled time for donation. Default is one day. + ''; + }; + enforceTor = nbLib.enforceTor; + }; + cfg = config.services.recurring-donations; nbLib = config.nix-bitcoin.lib; recurring-donations-script = pkgs.writeScript "recurring-donations.sh" '' @@ -40,37 +71,7 @@ let } ''; in { - options.services.recurring-donations = { - enable = mkEnableOption "recurring-donations"; - tallycoin = mkOption { - type = types.attrs; - default = {}; - description = '' - This option is used to specify tallycoin donation receivers using an - attribute set. For example the following setting instructs the module - to repeatedly send 1000 satoshis to djbooth007. - { - "djbooth007" = 1000; - } - ''; - }; - interval = mkOption { - type = types.str; - default = "Mon *-*-* 00:00:00"; - description = '' - Schedules the donations. Default is weekly on Mon 00:00:00. See `man - systemd.time` for further options. - ''; - }; - randomizedDelaySec = mkOption { - type = types.int; - default = 86400; - description = '' - Random delay to add to scheduled time for donation. Default is one day. - ''; - }; - enforceTor = nbLib.enforceTor; - }; + inherit options; config = mkIf cfg.enable { services.clightning.enable = true; diff --git a/modules/spark-wallet.nix b/modules/spark-wallet.nix index bdefea8..73b2b9a 100644 --- a/modules/spark-wallet.nix +++ b/modules/spark-wallet.nix @@ -1,27 +1,7 @@ { config, lib, pkgs, ... }: with lib; - let - cfg = config.services.spark-wallet; - nbLib = config.nix-bitcoin.lib; - - # Use wasabi rate provider because the default (bitstamp) doesn't accept - # connections through Tor - torRateProvider = "--rate-provider wasabi --proxy socks5h://${config.nix-bitcoin.torClientAddressWithPort}"; - startScript = '' - ${optionalString (cfg.getPublicAddressCmd != "") '' - publicURL="--public-url http://$(${cfg.getPublicAddressCmd})" - ''} - exec ${config.nix-bitcoin.pkgs.spark-wallet}/bin/spark-wallet \ - --ln-path '${config.services.clightning.networkDir}' \ - --host ${cfg.address} --port ${toString cfg.port} \ - --config '${config.nix-bitcoin.secretsDir}/spark-wallet-login' \ - ${optionalString cfg.enforceTor torRateProvider} \ - $publicURL \ - --pairing-qr --print-key ${cfg.extraArgs} - ''; -in { options.services.spark-wallet = { enable = mkEnableOption "spark-wallet"; address = mkOption { @@ -61,6 +41,27 @@ in { inherit (nbLib) enforceTor; }; + cfg = config.services.spark-wallet; + nbLib = config.nix-bitcoin.lib; + + # Use wasabi rate provider because the default (bitstamp) doesn't accept + # connections through Tor + torRateProvider = "--rate-provider wasabi --proxy socks5h://${config.nix-bitcoin.torClientAddressWithPort}"; + startScript = '' + ${optionalString (cfg.getPublicAddressCmd != "") '' + publicURL="--public-url http://$(${cfg.getPublicAddressCmd})" + ''} + exec ${config.nix-bitcoin.pkgs.spark-wallet}/bin/spark-wallet \ + --ln-path '${config.services.clightning.networkDir}' \ + --host ${cfg.address} --port ${toString cfg.port} \ + --config '${config.nix-bitcoin.secretsDir}/spark-wallet-login' \ + ${optionalString cfg.enforceTor torRateProvider} \ + $publicURL \ + --pairing-qr --print-key ${cfg.extraArgs} + ''; +in { + inherit options; + config = mkIf cfg.enable { services.clightning.enable = true; diff --git a/modules/versioning.nix b/modules/versioning.nix index 76c8af8..c57add6 100644 --- a/modules/versioning.nix +++ b/modules/versioning.nix @@ -7,6 +7,21 @@ with lib; let + options = { + nix-bitcoin.configVersion = mkOption { + type = with types; nullOr str; + default = null; + description = '' + Set this option to the nix-bitcoin release version that your config is + compatible with. + + When upgrading to a backwards-incompatible release, nix-bitcoin will throw an + error during evaluation and provide hints for migrating your config to the + new release. + ''; + }; + }; + version = config.nix-bitcoin.configVersion; # Sorted by increasing version numbers @@ -161,20 +176,7 @@ in ./obsolete-options.nix ]; - options = { - nix-bitcoin.configVersion = mkOption { - type = with types; nullOr str; - default = null; - description = '' - Set this option to the nix-bitcoin release version that your config is - compatible with. - - When upgrading to a backwards-incompatible release, nix-bitcoin will throw an - error during evaluation and provide hints for migrating your config to the - new release. - ''; - }; - }; + inherit options; config = { # Force evaluation. An actual option value is never assigned