Compare commits
No commits in common. "235a87946c1fcc59b606456ca85618bacabb73e8" and "744d8fe3798c9d40f9b939ebe2e899c76043c06d" have entirely different histories.
235a87946c
...
744d8fe379
Binary file not shown.
@ -367,10 +367,9 @@ in {
|
||||
proto.sam.enable = true;
|
||||
};
|
||||
|
||||
# Commented out to avoid trying to chown the nfs-mounted directory
|
||||
# systemd.tmpfiles.rules = [
|
||||
# "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
|
||||
# ];
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.bitcoind = {
|
||||
# Use `wants` instead of `requires` so that bitcoind and all dependent services
|
||||
@ -413,9 +412,9 @@ in {
|
||||
'';
|
||||
|
||||
# Enable RPC access for group
|
||||
# postStart = ''
|
||||
# chmod g=r '${cfg.dataDir}/${optionalString cfg.regtest "regtest/"}.cookie'
|
||||
# '';
|
||||
postStart = ''
|
||||
chmod g=r '${cfg.dataDir}/${optionalString cfg.regtest "regtest/"}.cookie'
|
||||
'';
|
||||
|
||||
serviceConfig = nbLib.defaultHardening // {
|
||||
Type = "notify";
|
||||
|
@ -61,10 +61,9 @@ in {
|
||||
listenWhitelisted = true;
|
||||
};
|
||||
|
||||
# Commented out to allow nfs mounts
|
||||
# systemd.tmpfiles.rules = [
|
||||
# "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
|
||||
# ];
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.electrs = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
@ -158,7 +158,7 @@ let
|
||||
onion_serving_host = ${cfg.messagingAddress}
|
||||
onion_serving_port = ${toString cfg.messagingPort}
|
||||
hidden_service_dir =
|
||||
directory_nodes = g3hv4uynnmynqqq2mchf3fcm3yd46kfzmcdogejuckgwknwyq5ya6iad.onion:5222,3kxw6lf5vf6y26emzwgibzhrzhmhqiw6ekrek3nqfjjmhwznb2moonad.onion:5222,bqlpq6ak24mwvuixixitift4yu42nxchlilrcqwk2ugn45tdclg42qid.onion:5222
|
||||
directory_nodes = 3kxw6lf5vf6y26emzwgibzhrzhmhqiw6ekrek3nqfjjmhwznb2moonad.onion:5222,jmdirjmioywe2s5jad7ts6kgcqg66rj6wujj6q77n6wbdrgocqwexzid.onion:5222,bqlpq6ak24mwvuixixitift4yu42nxchlilrcqwk2ugn45tdclg42qid.onion:5222
|
||||
|
||||
# irc.darkscience.net
|
||||
[MESSAGING:server1]
|
||||
|
@ -22,11 +22,6 @@ let self = {
|
||||
spark-wallet = pkgs.callPackage ./spark-wallet { };
|
||||
trustedcoin = pkgs.callPackage ./trustedcoin { };
|
||||
|
||||
# TODO-EXTERNAL:
|
||||
# Remove this when https://github.com/lightningnetwork/lnd/pull/7672
|
||||
# has been resolved
|
||||
lnd = pkgsUnstable.callPackage ./lnd { };
|
||||
|
||||
pyPkgs = import ./python-packages self pkgs.python3;
|
||||
inherit (self.pyPkgs)
|
||||
nbPython3Packages
|
||||
|
@ -1,12 +1,10 @@
|
||||
{ stdenv, lib, fetchFromGitHub, python3, nbPython3PackagesJoinmarket }:
|
||||
{ stdenv, lib, fetchurl, python3, nbPython3PackagesJoinmarket }:
|
||||
|
||||
let
|
||||
version = "0.9.9";
|
||||
src = fetchFromGitHub {
|
||||
owner = "joinmarket-org";
|
||||
repo = "joinmarket-clientserver";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-dkeSgAhjNl8o/ATKYAlQxxCrur5fLdXuMDXSnWaxYP8=";
|
||||
version = "0.9.8";
|
||||
src = fetchurl {
|
||||
url = "https://github.com/JoinMarket-Org/joinmarket-clientserver/archive/v${version}.tar.gz";
|
||||
sha256 = "1ab4smpyx966iiiip3g11bcslya37qhac1kgkbmsmlsdkpilw9di";
|
||||
};
|
||||
|
||||
runtimePackages = with nbPython3PackagesJoinmarket; [
|
||||
|
@ -1,23 +1,25 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash -p git gnupg jq
|
||||
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
newVersion=$(curl -s "https://api.github.com/repos/joinmarket-org/joinmarket-clientserver/releases" | jq -r '.[0].tag_name')
|
||||
. "${BASH_SOURCE[0]%/*}/../../helper/run-in-nix-env" "git gnupg" "$@"
|
||||
|
||||
# Fetch release and GPG-verify the content hash
|
||||
tmpdir=$(mktemp -d /tmp/joinmarket-verify-gpg.XXX)
|
||||
repo=$tmpdir/repo
|
||||
git clone --depth 1 --branch "${newVersion}" -c advice.detachedHead=false https://github.com/joinmarket-org/joinmarket-clientserver "$repo"
|
||||
export GNUPGHOME=$tmpdir
|
||||
TMPDIR="$(mktemp -d -p /tmp)"
|
||||
trap 'rm -rf $TMPDIR' EXIT
|
||||
cd "$TMPDIR"
|
||||
|
||||
echo "Fetching latest release"
|
||||
git clone https://github.com/joinmarket-org/joinmarket-clientserver 2> /dev/null
|
||||
cd joinmarket-clientserver
|
||||
latest=$(git describe --tags "$(git rev-list --tags --max-count=1)")
|
||||
echo "Latest release is $latest"
|
||||
|
||||
# GPG verification
|
||||
export GNUPGHOME=$TMPDIR
|
||||
echo "Fetching Adam Gibson's key"
|
||||
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 2B6FC204D9BF332D062B461A141001A1AF77F20B 2> /dev/null
|
||||
echo
|
||||
echo "Verifying commit"
|
||||
git -C "$repo" verify-commit HEAD
|
||||
rm -rf "$repo"/.git
|
||||
newHash=$(nix hash path "$repo")
|
||||
rm -rf "$tmpdir"
|
||||
echo
|
||||
echo "Verifying latest release"
|
||||
git verify-tag "$latest"
|
||||
|
||||
echo "tag: $newVersion"
|
||||
echo "hash: $newHash"
|
||||
echo "tag: $latest"
|
||||
# The prefix option is necessary because GitHub prefixes the archive contents in this format
|
||||
echo "sha256: $(nix-hash --type sha256 --flat --base32 \
|
||||
<(git archive --format tar.gz --prefix=joinmarket-clientserver-"${latest//v}"/ "$latest"))"
|
||||
|
@ -1,12 +0,0 @@
|
||||
{ lnd, fetchpatch }:
|
||||
|
||||
lnd.overrideAttrs (_: {
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
# https://github.com/lightningnetwork/lnd/pull/7672
|
||||
name = "fix-PKCS8-cert-key-support";
|
||||
url = "https://github.com/lightningnetwork/lnd/commit/bfdd5db0d97a6d65489d980a917bbd2243dfe15c.patch";
|
||||
hash = "sha256-j9EirxyNi48DGzLuHcZ36LrFlbJLXrE8L+1TYh5Yznk=";
|
||||
})
|
||||
];
|
||||
})
|
@ -17,6 +17,7 @@ pkgs: pkgsUnstable:
|
||||
fulcrum
|
||||
hwi
|
||||
lightning-loop
|
||||
lnd
|
||||
nbxplorer;
|
||||
|
||||
inherit pkgs pkgsUnstable;
|
||||
|
@ -2,11 +2,11 @@
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "bencoder.pyx";
|
||||
version = "3.0.1";
|
||||
version = "2.0.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/whtsky/bencoder.pyx/archive/9a47768f3ceba9df9e6fbaa7c445f59960889009.tar.gz";
|
||||
sha256 = "1yh565xjbbhn49xjfms80ac8psjbzn66n8dcx0x8mn7zzjv06clz";
|
||||
url = "https://github.com/whtsky/bencoder.pyx/archive/v${version}.tar.gz";
|
||||
sha256 = "f3ff92ac706a7e4692bed5e6cbe205963327f3076f55e408eb948659923eac72";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cython ];
|
||||
|
@ -22,6 +22,7 @@ rec {
|
||||
};
|
||||
runes = callPackage ./runes {};
|
||||
sha256 = callPackage ./sha256 {};
|
||||
urldecode = callPackage ./urldecode {};
|
||||
};
|
||||
|
||||
# Joinmarket requires a custom package set because it uses older versions of Python pkgs
|
||||
@ -46,10 +47,12 @@ rec {
|
||||
# autobahn 20.12.3, required by joinmarketclient
|
||||
autobahn = callPackage ./specific-versions/autobahn.nix {};
|
||||
|
||||
# pyopenssl 21.0.0, required by joinmarketdaemon
|
||||
pyopenssl = callPackage ./specific-versions/pyopenssl.nix {};
|
||||
# pyopenssl 20.0.1, required by joinmarketdaemon
|
||||
pyopenssl = callPackage ./specific-versions/pyopenssl.nix {
|
||||
openssl = super.pkgs.openssl_1_1;
|
||||
};
|
||||
|
||||
# twisted 22.4.0, required by joinmarketbase
|
||||
# twisted 22.4.0, compatible with pyopenssl 20.0.1
|
||||
twisted = callPackage ./specific-versions/twisted.nix {};
|
||||
};
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ version, src, lib, buildPythonPackage, fetchurl, pyaes, python-bitcointx, joinmarketbase }:
|
||||
{ version, src, lib, buildPythonPackage, fetchurl, urldecode, pyaes, python-bitcointx, joinmarketbase }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "joinmarketbitcoin";
|
||||
@ -6,7 +6,7 @@ buildPythonPackage rec {
|
||||
|
||||
postUnpack = "sourceRoot=$sourceRoot/jmbitcoin";
|
||||
|
||||
propagatedBuildInputs = [ pyaes python-bitcointx ];
|
||||
propagatedBuildInputs = [ urldecode pyaes python-bitcointx ];
|
||||
|
||||
checkInputs = [ joinmarketbase ];
|
||||
|
||||
|
@ -8,12 +8,6 @@ buildPythonPackage rec {
|
||||
|
||||
propagatedBuildInputs = [ txtorcon cryptography pyopenssl libnacl joinmarketbase ];
|
||||
|
||||
# libnacl 1.8.0 is not on github
|
||||
patchPhase = ''
|
||||
substituteInPlace setup.py \
|
||||
--replace "'libnacl==1.8.0'" "'libnacl==1.7.2'"
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Client library for Bitcoin coinjoins";
|
||||
homepage = "https://github.com/Joinmarket-Org/joinmarket-clientserver";
|
||||
|
@ -6,50 +6,17 @@
|
||||
, cryptography
|
||||
, pyasn1
|
||||
, idna
|
||||
, pytestCheckHook
|
||||
, pytest
|
||||
, pretend
|
||||
, flaky
|
||||
, glibcLocales
|
||||
, six
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pyopenssl";
|
||||
version = "21.0.0";
|
||||
|
||||
src = fetchPypi {
|
||||
pname = "pyOpenSSL";
|
||||
inherit version;
|
||||
sha256 = "5e2d8c5e46d0d865ae933bef5230090bdaf5506281e9eec60fa250ee80600cb3";
|
||||
};
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
||||
# Seems to fail unpredictably on Darwin. See https://hydra.nixos.org/build/49877419/nixlog/1
|
||||
# for one example, but I've also seen ContextTests.test_set_verify_callback_exception fail.
|
||||
doCheck = !stdenv.isDarwin;
|
||||
|
||||
nativeBuildInputs = [ openssl ];
|
||||
propagatedBuildInputs = [ cryptography pyasn1 idna six ];
|
||||
|
||||
checkInputs = [ pytestCheckHook pretend flaky glibcLocales ];
|
||||
|
||||
preCheck = ''
|
||||
export LANG="en_US.UTF-8"
|
||||
'';
|
||||
|
||||
disabledTests = [
|
||||
# https://github.com/pyca/pyopenssl/issues/692
|
||||
# These tests, we disable always.
|
||||
"test_set_default_verify_paths"
|
||||
"test_fallback_default_verify_paths"
|
||||
# https://github.com/pyca/pyopenssl/issues/768
|
||||
"test_wantWriteError"
|
||||
# https://github.com/pyca/pyopenssl/issues/1043
|
||||
"test_alpn_call_failure"
|
||||
] ++ lib.optionals (lib.hasPrefix "libressl" openssl.meta.name) [
|
||||
let
|
||||
# https://github.com/pyca/pyopenssl/issues/791
|
||||
# These tests, we disable in the case that libressl is passed in as openssl.
|
||||
failingLibresslTests = [
|
||||
"test_op_no_compression"
|
||||
"test_npn_advertise_error"
|
||||
"test_npn_select_error"
|
||||
@ -62,21 +29,64 @@ buildPythonPackage rec {
|
||||
"test_verify_with_revoked"
|
||||
"test_set_notAfter"
|
||||
"test_set_notBefore"
|
||||
] ++ lib.optionals (lib.versionAtLeast (lib.getVersion openssl.name) "1.1") [
|
||||
# these tests are extremely tightly wed to the exact output of the openssl cli tool, including exact punctuation.
|
||||
];
|
||||
|
||||
# these tests are extremely tightly wed to the exact output of the openssl cli tool,
|
||||
# including exact punctuation.
|
||||
failingOpenSSL_1_1Tests = [
|
||||
"test_dump_certificate"
|
||||
"test_dump_privatekey_text"
|
||||
"test_dump_certificate_request"
|
||||
"test_export_text"
|
||||
] ++ lib.optionals stdenv.is32bit [
|
||||
# https://github.com/pyca/pyopenssl/issues/974
|
||||
"test_verify_with_time"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Python wrapper around the OpenSSL library";
|
||||
homepage = "https://github.com/pyca/pyopenssl";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ SuperSandro2000 ];
|
||||
disabledTests = [
|
||||
# https://github.com/pyca/pyopenssl/issues/692
|
||||
# These tests, we disable always.
|
||||
"test_set_default_verify_paths"
|
||||
"test_fallback_default_verify_paths"
|
||||
# https://github.com/pyca/pyopenssl/issues/768
|
||||
"test_wantWriteError"
|
||||
] ++ (
|
||||
lib.optionals (lib.hasPrefix "libressl" openssl.meta.name) failingLibresslTests
|
||||
) ++ (
|
||||
lib.optionals (lib.versionAtLeast (lib.getVersion openssl.name) "1.1") failingOpenSSL_1_1Tests
|
||||
) ++ (
|
||||
# https://github.com/pyca/pyopenssl/issues/974
|
||||
lib.optionals stdenv.is32bit [ "test_verify_with_time" ]
|
||||
);
|
||||
|
||||
# Compose the final string expression, including the "-k" and the single quotes.
|
||||
testExpression = lib.optionalString (disabledTests != [])
|
||||
"-k 'not ${lib.concatStringsSep " and not " disabledTests}'";
|
||||
|
||||
in
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pyopenssl";
|
||||
version = "20.0.1";
|
||||
|
||||
src = fetchPypi {
|
||||
pname = "pyOpenSSL";
|
||||
inherit version;
|
||||
sha256 = "4c231c759543ba02560fcd2480c48dcec4dae34c9da7d3747c508227e0624b51";
|
||||
};
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
||||
checkPhase = ''
|
||||
runHook preCheck
|
||||
export LANG="en_US.UTF-8"
|
||||
py.test tests ${testExpression}
|
||||
runHook postCheck
|
||||
'';
|
||||
|
||||
# Seems to fail unpredictably on Darwin. See https://hydra.nixos.org/build/49877419/nixlog/1
|
||||
# for one example, but I've also seen ContextTests.test_set_verify_callback_exception fail.
|
||||
doCheck = !stdenv.isDarwin;
|
||||
|
||||
nativeBuildInputs = [ openssl ];
|
||||
propagatedBuildInputs = [ cryptography pyasn1 idna six ];
|
||||
|
||||
checkInputs = [ pytest pretend flaky glibcLocales ];
|
||||
}
|
||||
|
16
pkgs/python-packages/urldecode/default.nix
Normal file
16
pkgs/python-packages/urldecode/default.nix
Normal file
@ -0,0 +1,16 @@
|
||||
{ lib, buildPythonPackage, fetchPypi }:
|
||||
buildPythonPackage rec {
|
||||
pname = "urldecode";
|
||||
version = "0.1";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "0w8my7kdwxppsfzzi1b2cxhypm6r1fsrnb2hnd752axq4gfsddjj";
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "A simple function to decode an encoded url";
|
||||
homepage = "https://github.com/jennyq/urldecode";
|
||||
maintainers = with maintainers; [ nixbitcoin ];
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user