diff --git a/README.md b/README.md index c064cc6..08ddb14 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ cd nix-bitcoin/examples/ nix-shell ``` -The following example scripts set up a nix-bitcoin node according to `examples/configuration.nix` and then +The following example scripts set up a nix-bitcoin node according to [`examples/configuration.nix`](examples/configuration.nix) and then shut down immediately. They leave no traces (outside of `/nix/store`) on the host system. - [`./deploy-container.sh`](examples/deploy-container.sh) creates a [NixOS container](https://github.com/erikarvstedt/extra-container).\ @@ -48,6 +48,12 @@ shut down immediately. They leave no traces (outside of `/nix/store`) on the hos NixOps can be used to deploy to various other backends like cloud providers.\ Requires: [Nix](https://nixos.org/nix/), [VirtualBox](https://www.virtualbox.org) +- [`./deploy-container-minimal.sh`](examples/deploy-container-minimal.sh) creates a + container defined by [minimal-configuration.nix](examples/minimal-configuration.nix) that + doesn't use the [secure-node.nix](modules/presets/secure-node.nix) preset. + Also shows how to use nix-bitcoin in an existing NixOS config.\ + Requires: [Nix](https://nixos.org/), a systemd-based Linux distro and root privileges + Run the examples with option `--interactive` or `-i` to start a shell for interacting with the node: ```bash @@ -55,7 +61,7 @@ the node: ``` #### Tests -The internal test suite is also useful for exploring features. +The internal test suite is also useful for exploring features.\ The following `run-tests.sh` commands leave no traces (outside of `/nix/store`) on the host system. diff --git a/examples/deploy-container-minimal.sh b/examples/deploy-container-minimal.sh new file mode 100755 index 0000000..3e7f7eb --- /dev/null +++ b/examples/deploy-container-minimal.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec "${BASH_SOURCE[0]%/*}/deploy-container.sh" --minimal-config "$@" diff --git a/examples/deploy-container.sh b/examples/deploy-container.sh index c672fd0..f57df31 100755 --- a/examples/deploy-container.sh +++ b/examples/deploy-container.sh @@ -8,23 +8,36 @@ set -euo pipefail # Feel free to modify or to run nix-shell and execute individual statements of this # script in the interactive shell. -if [[ $(sysctl -n net.ipv4.ip_forward) != 1 ]]; then - echo "Error: IP forwarding (net.ipv4.ip_forward) is not enabled." - echo "Needed for container WAN access." - exit 1 -fi - if [[ ! -v IN_NIX_SHELL ]]; then echo "Running script in nix shell env..." cd "${BASH_SOURCE[0]%/*}" exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*" fi +if [[ $(sysctl -n net.ipv4.ip_forward || sudo sysctl -n net.ipv4.ip_forward) != 1 ]]; then + echo "Error: IP forwarding (net.ipv4.ip_forward) is not enabled." + echo "Needed for container WAN access." + exit 1 +fi + if [[ $EUID != 0 ]]; then # NixOS containers require root permissions exec sudo "PATH=$PATH" "NIX_PATH=$NIX_PATH" "IN_NIX_SHELL=$IN_NIX_SHELL" "${BASH_SOURCE[0]}" "$@" fi +interactive= +minimalConfig= +for arg in "$@"; do + case $arg in + -i|--interactive) + interactive=1 + ;; + --minimal-config) + minimalConfig=1 + ;; + esac +done + # These commands can also be executed interactively in a shell session demoCmds=' echo @@ -37,33 +50,39 @@ echo echo "lightning-cli state:" c lightning-cli getinfo echo -echo "Node info:" -c nodeinfo -echo echo "Bitcoind data dir:" sudo ls -al /var/lib/containers/demo-node/var/lib/bitcoind ' +nodeInfoCmd=' +echo +echo "Node info:" +c nodeinfo +' -case ${1:-} in - -i|--interactive) - runCmd= - ;; - *) - runCmd=(--run bash -c "$demoCmds") - ;; -esac +if [[ $minimalConfig ]]; then + configuration=minimal-configuration.nix +else + configuration=configuration.nix + demoCmds="${demoCmds}${nodeInfoCmd}" +fi + +if [[ $interactive ]]; then + runCmd= +else + runCmd=(--run bash -c "$demoCmds") +fi # Build container. # Learn more: https://github.com/erikarvstedt/extra-container # -read -d '' src <<'EOF' || true +read -d '' src < + ]; }; diff --git a/examples/minimal-configuration.nix b/examples/minimal-configuration.nix new file mode 100644 index 0000000..db6cc66 --- /dev/null +++ b/examples/minimal-configuration.nix @@ -0,0 +1,22 @@ +{ config, pkgs, lib, ... }: { + imports = [ + + + ]; + + services.bitcoind.enable = true; + services.clightning.enable = true; + + # When using nix-bitcoin as part of a larger NixOS configuration, set the following to enable + # interactive access to nix-bitcoin features (like bitcoin-cli) for your system's main user + nix-bitcoin.operator = { + enable = true; + name = "main"; # Set this to your system's main user + }; + + # The system's main unprivileged user + users.users.main = { + isNormalUser = true; + password = "a"; + }; +}