f9683889d9
0a2c8e4864run-tests: add option --copy-src (Erik Arvstedt)803584a288backups: don't use hardcoded secrets dir (Erik Arvstedt)c29d44b49aci: use 'cachix watch-exec' (Erik Arvstedt)6a32812412services: add names for systemd helper scripts (Erik Arvstedt)6982699613services: use consistent layout (Erik Arvstedt)a43534dda0services: improve config file setup (Erik Arvstedt)18f2002cf0joinmarket-yieldgenerator: improve systemd journal output (Erik Arvstedt)9d0b8c8f6fjoinmarket-ob-watcher: use DynamicUser (Erik Arvstedt)e9c98f415cjoinmarket: explain need for tor control socket (Erik Arvstedt)d9c87b6a8fjoinmarket: fix wallet creation (Erik Arvstedt)7458350108treewide: remove deprecated types.loaOf (Erik Arvstedt)9cf038939ctreewide: use mkEnableOption (Erik Arvstedt)7a97304f13treewide: remove unit descriptions (Erik Arvstedt)a942177ecftreewide: remove user descriptions (Erik Arvstedt)4f6ff408eftreewide: remove unneeded string literals (Erik Arvstedt)e6a6c721c1treewide: streamline 'extraConfig' descriptions (Erik Arvstedt)e774c045detreewide: fix formatting (Erik Arvstedt)0b5b29a2a3netns-isolation: simplify permission definition for netns-exec (Erik Arvstedt)a587a2b02adefaultHardening: explain where @system-service is defined (Erik Arvstedt)bb3a69797eREADME: minor improvements (Erik Arvstedt)13fc9dfabfexamples: improve introductory comments (Erik Arvstedt)af2040f4c4netns-isolation: use 'true' for systemd option (Erik Arvstedt)c246bbb36ebitcoind, clightning, lnd: improve descriptions (Erik Arvstedt)7533f12ef1bitcoind, clightning, run-tests: minor refactoring (Erik Arvstedt)41fe9b0c1delementsd: minor refactoring (Erik Arvstedt)f0850d3f23btcpayserver: reorder config settings (Erik Arvstedt)d1c0ea9f85btcpayserver: add missing systemd postgresql dependency (Erik Arvstedt) Pull request description: ACKs for top commit: jonasnick: ACK0a2c8e4864Tree-SHA512: 5c81b36042fbb2f016c8e58ba9e05ef3389d5376b8df713d3258d2cd0b6a9239904531171aca8e49bea7039341d5fa91aa9474c6d98de849c25ede52deccc5a3
95 lines
2.2 KiB
Bash
Executable File
95 lines
2.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# This script demonstrates how to setup a nix-bitcoin node in a NixOS container.
|
|
# Running this script leaves no traces on your host system.
|
|
|
|
# This demo is a template for your own experiments.
|
|
# Run with option `--interactive` or `-i` to start a shell for interacting with
|
|
# the node.
|
|
|
|
if [[ ! -v IN_NIX_SHELL ]]; then
|
|
echo "Running script in nix shell env..."
|
|
cd "${BASH_SOURCE[0]%/*}"
|
|
exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
|
|
fi
|
|
|
|
if [[ $(sysctl -n net.ipv4.ip_forward || sudo sysctl -n net.ipv4.ip_forward) != 1 ]]; then
|
|
echo "Error: IP forwarding (net.ipv4.ip_forward) is not enabled."
|
|
echo "Needed for container WAN access."
|
|
exit 1
|
|
fi
|
|
|
|
if [[ $EUID != 0 ]]; then
|
|
# NixOS containers require root permissions
|
|
exec sudo "PATH=$PATH" "NIX_PATH=$NIX_PATH" "IN_NIX_SHELL=$IN_NIX_SHELL" "${BASH_SOURCE[0]}" "$@"
|
|
fi
|
|
|
|
interactive=
|
|
minimalConfig=
|
|
for arg in "$@"; do
|
|
case $arg in
|
|
-i|--interactive)
|
|
interactive=1
|
|
;;
|
|
--minimal-config)
|
|
minimalConfig=1
|
|
;;
|
|
esac
|
|
done
|
|
|
|
# These commands can also be executed interactively in a shell session
|
|
demoCmds='
|
|
echo
|
|
echo "Bitcoind service:"
|
|
c systemctl status bitcoind
|
|
echo
|
|
echo "Bitcoind network:"
|
|
c bitcoin-cli getnetworkinfo
|
|
echo
|
|
echo "lightning-cli state:"
|
|
c lightning-cli getinfo
|
|
echo
|
|
echo "Bitcoind data dir:"
|
|
sudo ls -al /var/lib/containers/demo-node/var/lib/bitcoind
|
|
'
|
|
nodeInfoCmd='
|
|
echo
|
|
echo "Node info:"
|
|
c nodeinfo
|
|
'
|
|
|
|
if [[ $minimalConfig ]]; then
|
|
configuration=minimal-configuration.nix
|
|
else
|
|
configuration=configuration.nix
|
|
demoCmds="${demoCmds}${nodeInfoCmd}"
|
|
fi
|
|
|
|
if [[ $interactive ]]; then
|
|
runCmd=()
|
|
else
|
|
runCmd=(--run bash -c "$demoCmds")
|
|
fi
|
|
|
|
# Build container.
|
|
# Learn more: https://github.com/erikarvstedt/extra-container
|
|
#
|
|
read -d '' src <<EOF || true
|
|
{ pkgs, lib, ... }: {
|
|
containers.demo-node = {
|
|
extra.addressPrefix = "10.250.0";
|
|
extra.enableWAN = true;
|
|
config = { pkgs, config, lib, ... }: {
|
|
imports = [
|
|
<nix-bitcoin/examples/${configuration}>
|
|
<nix-bitcoin/modules/secrets/generate-secrets.nix>
|
|
];
|
|
};
|
|
};
|
|
}
|
|
EOF
|
|
extra-container shell -E "$src" "${runCmd[@]}"
|
|
|
|
# The container is automatically deleted at exit
|