Add guest user with same ssh keys as root and fix nodeinfo not waiting for clightning to warm up

configuration.nix

@@ -24,6 +24,7 @@ in {
   environment.systemPackages = with pkgs; [
      vim tmux clightning bitcoin
      nodeinfo
+     jq
   ];
   nixpkgs.config.packageOverrides = pkgs: {
     inherit nodeinfo;
@@ -69,12 +70,6 @@ in {
   # Open ports in the firewall.
   # Or disable the firewall altogether.
 
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  # users.users.guest = {
-  #   isNormalUser = true;
-  #   uid = 1000;
-  # };
-
   # This value determines the NixOS release with which your system is to be
   # compatible, in order to avoid breaking some software such as database
   # servers. You should change this only after NixOS release notes say you

modules/clightning.nix

@@ -52,6 +52,8 @@ in {
         { description = "Run clightningd";
           path  = [ pkgs.clightning pkgs.bitcoin ];
           wantedBy = [ "multi-user.target" ];
+          requires = [ "bitcoind.service" ];
+          after = [ "bitcoind.service" ];
           preStart = ''
             mkdir -p ${home}/.lightning
             ln -sf ${configFile} ${home}/.lightning/config
@@ -61,6 +63,7 @@ in {
               ExecStart = "${pkgs.clightning}/bin/lightningd";
               User = "clightning";
               Restart = "on-failure";
+              RestartSec = "10s";
               PrivateTmp = "true";
               ProtectSystem = "full";
               NoNewPrivileges = "true";

modules/nixbitcoin.nix

@@ -51,12 +51,31 @@ in {
     systemd.services.nodeinfo = {
       description = "Get node info";
       wantedBy = [ "multi-user.target" ];
+      after = [ "clightning.service" "tor.service" ];
       path  = [ pkgs.clightning pkgs.jq pkgs.sudo ];
       serviceConfig = {
-        ExecStart = "${pkgs.bash}/bin/bash -c ${pkgs.nodeinfo}/bin/nodeinfo";
+        ExecStart="${pkgs.bash}/bin/bash ${pkgs.nodeinfo}/bin/nodeinfo";
+        User = "root";
+        Type = "simple";
+        RemainAfterExit="yes";
+        Restart = "on-failure";
+        RestartSec = "10s";
+      };
+    };
+    # Define a user account. Don't forget to set a password with ‘passwd’.
+    users.users.guest = {
+      isNormalUser = true;
+    };
+    systemd.services.copy-root-authorized-keys = {
+      description = "Copy root authorized keys";
+      wantedBy = [ "multi-user.target" ];
+      path  = [ ];
+      serviceConfig = {
+        ExecStart = "${pkgs.bash}/bin/bash -c \"mkdir -p ${config.users.users.guest.home}/.ssh && cp ${config.users.users.root.home}/.vbox-nixops-client-key ${config.users.users.guest.home}/.ssh/authorized_keys && chown -R guest ${config.users.users.guest.home}/.ssh\"";
         user = "root";
         type = "oneshot";
       };
     };
+
   };
 }

pkgs/nodeinfo.sh

@@ -1,9 +1,15 @@
-sleep 5
+set -e
+set -o pipefail
+
 OUTFILE=/var/lib/nodeinfo.nix
+
+BITCOIND_ONION=$(cat /var/lib/tor/onion/bitcoind/hostname)
+CLIGHTNING_ID=$(sudo -u clightning lightning-cli getinfo | jq -r '.id')
+
 rm -f $OUTFILE
 {
     echo \{
-    echo "  bitcoind_onion = \"$(cat /var/lib/tor/onion/bitcoind/hostname)\";"
+    echo "  bitcoind_onion = \"$BITCOIND_ONION\";"
-    echo "  clightning_id = \"$(sudo -u clightning lightning-cli getinfo | jq -r '.id')\";"
+    echo "  clightning_id = \"$CLIGHTNING_ID\";"
     echo \}
 } > $OUTFILE