Skip to content

Commit

Permalink
Merge #662: Update to NixOS 23.11
Browse files Browse the repository at this point in the history
85bbdb8 python-bitcointx: 1.1.3 -> 1.1.4 (Erik Arvstedt)
1c07c5f python-packages: add workaround to reenable requirements checking (Erik Arvstedt)
dc1033f python-packages/joinmarket: update (Erik Arvstedt)
de51f20 python-packages/clightning: update (Erik Arvstedt)
e82da35 examples/deploy-krops: fix duplicate import error (Erik Arvstedt)
b110e2a fetch-node-modules: provide CA certs (Erik Arvstedt)
770a435 btcpayserver: fix PostgreSQL 15 user permissions (Erik Arvstedt)
9efcdaf treewide: use `vendorHash` for golang drvs (Erik Arvstedt)
be2028f mempool: use `recommendedBrotliSettings` (Erik Arvstedt)
1676445 update to NixOS 23.11 (Erik Arvstedt)
e4cb004 joinmarket: 0.9.9 -> 0.9.10 (nixbitcoin)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 85bbdb8

Tree-SHA512: d23ac210d4c373a2a726debdf57d96f86adf551ee7f088d460e400446a48b5ae667c60ee7d36f6ec755f48c04d543e7287f2210941af8bc8940013c8ab36473e
  • Loading branch information
jonasnick committed Dec 14, 2023
2 parents 1d73b21 + 85bbdb8 commit a2e1478
Show file tree
Hide file tree
Showing 45 changed files with 181 additions and 939 deletions.
2 changes: 1 addition & 1 deletion .cirrus.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ task:

container:
# Defined in https://github.com/nix-community/docker-nixpkgs
image: nixpkgs/nix-flakes:nixos-23.05
image: nixpkgs/nix-flakes:nixos-23.11

matrix:
- name: modules_test
Expand Down
6 changes: 3 additions & 3 deletions docs/install.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@ This is borrowed from the [NixOS manual](https://nixos.org/nixos/manual/index.ht
1. Obtain latest [NixOS](https://nixos.org/nixos/download.html). For example:

```
wget https://releases.nixos.org/nixos/23.05/nixos-23.05.3701.e9b4b56e5a20/nixos-minimal-23.05.3701.e9b4b56e5a20-x86_64-linux.iso
sha256sum nixos-minimal-23.05.3701.e9b4b56e5a20-x86_64-linux.iso
# output: 0bbc1919654a6b3212f7bdc9faf9e7a89ba5607e626e8d651a1cbb79ce2831c2
wget https://releases.nixos.org/nixos/23.11/nixos-23.11.1494.b4372c4924d9/nixos-minimal-23.11.1494.b4372c4924d9-x86_64-linux.iso
sha256sum nixos-minimal-23.11.1494.b4372c4924d9-x86_64-linux.iso
# output: f48cf810432c1f04b291c947b36f824823dfef8ebfa0e1906602a516450189d8
```
Alternatively you can build NixOS from source by following the instructions at https://nixos.org/nixos/manual/index.html#sec-building-cd.
Expand Down
2 changes: 1 addition & 1 deletion examples/configuration.nix
Original file line number Diff line number Diff line change
Expand Up @@ -318,7 +318,7 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
system.stateVersion = "23.11"; # Did you read the comment?

# The nix-bitcoin release version that your config is compatible with.
# When upgrading to a backwards-incompatible release, nix-bitcoin will display an
Expand Down
2 changes: 1 addition & 1 deletion examples/flakes/flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@

inputs.nix-bitcoin.url = "github:fort-nix/nix-bitcoin/release";
# You can also use a version branch to track a specific NixOS release
# inputs.nix-bitcoin.url = "github:fort-nix/nix-bitcoin/nixos-23.05";
# inputs.nix-bitcoin.url = "github:fort-nix/nix-bitcoin/nixos-23.11";

inputs.nixpkgs.follows = "nix-bitcoin/nixpkgs";
inputs.nixpkgs-unstable.follows = "nix-bitcoin/nixpkgs-unstable";
Expand Down
1 change: 0 additions & 1 deletion examples/krops-vm-configuration.nix
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,5 @@
./configuration.nix
<nix-bitcoin/modules/deployment/krops.nix>
<qemu-vm/vm-config.nix>
<nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
];
}
20 changes: 10 additions & 10 deletions flake.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
'';

inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-utils.url = "github:numtide/flake-utils";
extra-container = {
Expand Down
16 changes: 8 additions & 8 deletions modules/btcpayserver.nix
Original file line number Diff line number Diff line change
Expand Up @@ -138,16 +138,16 @@ in {
enable = true;
ensureDatabases = [ "btcpaydb" "nbxplorer" ];
ensureUsers = [
{
name = cfg.btcpayserver.user;
ensurePermissions."DATABASE btcpaydb" = "ALL PRIVILEGES";
}
{
name = cfg.nbxplorer.user;
ensurePermissions."DATABASE nbxplorer" = "ALL PRIVILEGES";
}
{ name = cfg.btcpayserver.user; }
{ name = cfg.nbxplorer.user; }
];
};
systemd.services.postgresql.postStart = lib.mkAfter ''
$PSQL -tAc '
ALTER DATABASE "btcpaydb" OWNER TO "${cfg.btcpayserver.user}";
ALTER DATABASE "nbxplorer" OWNER TO "${cfg.nbxplorer.user}";
'
'';

systemd.tmpfiles.rules = [
"d '${cfg.nbxplorer.dataDir}' 0770 ${cfg.nbxplorer.user} ${cfg.nbxplorer.group} - -"
Expand Down
2 changes: 1 addition & 1 deletion modules/joinmarket.nix
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,7 @@ let
segwit = true
native = true
merge_algorithm = default
gaplimit = 6
tx_fees = 3
tx_fees_factor = 0.2
absurd_fee_per_kb = 350000
Expand Down Expand Up @@ -252,7 +253,6 @@ let
txfee_contribution_factor = ${toString yg.txfee_contribution_factor}
minsize = ${toString yg.minsize}
size_factor = ${toString yg.size_factor}
gaplimit = 6
[SNICKER]
enabled = false
Expand Down
1 change: 1 addition & 0 deletions modules/mempool.nix
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,7 @@ in {
services.nginx = mkIf cfg.frontend.enable {
enable = true;
enableReload = true;
recommendedBrotliSettings = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
Expand Down
5 changes: 4 additions & 1 deletion pkgs/build-support/fetch-node-modules.nix
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# This is a modified version of
# https://github.com/NixOS/nixpkgs/pull/128749

{ lib, stdenvNoCC, makeWrapper, nodejs }:
{ lib, stdenvNoCC, makeWrapper, nodejs, cacert }:

{ src
, hash ? ""
Expand All @@ -25,6 +25,9 @@ stdenvNoCC.mkDerivation ({

phases = "unpackPhase patchPhase buildPhase installPhase";

# npm doesn't support var `SSL_CERT_FILE`.
NODE_EXTRA_CA_CERTS = "${cacert}/etc/ssl/certs/ca-bundle.crt";

buildPhase = ''
runHook preBuild
Expand Down
2 changes: 1 addition & 1 deletion pkgs/clightning-plugins/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ let
description = "Lightning node exporter for the prometheus timeseries server";
extraPkgs = [ prometheus_client ];
patchRequirements =
"--replace prometheus-client==0.6.0 prometheus-client==0.16.0"
"--replace prometheus-client==0.6.0 prometheus-client==0.17.1"
+ " --replace pyln-client~=0.9.3 pyln-client~=23.02";
};
rebalance = {
Expand Down
4 changes: 2 additions & 2 deletions pkgs/joinmarket/default.nix
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{ stdenv, lib, fetchFromGitHub, python3, nbPython3PackagesJoinmarket }:

let
version = "0.9.9";
version = "0.9.10";
src = fetchFromGitHub {
owner = "joinmarket-org";
repo = "joinmarket-clientserver";
rev = "v${version}";
sha256 = "sha256-dkeSgAhjNl8o/ATKYAlQxxCrur5fLdXuMDXSnWaxYP8=";
hash = "sha256-uNweI7VKC16CFn8MNOAvadcSnTjK/Fznfy4qctM5PR8=";
};

runtimePackages = with nbPython3PackagesJoinmarket; [
Expand Down
2 changes: 2 additions & 0 deletions pkgs/joinmarket/get-sha256.sh
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ git clone --depth 1 --branch "${newVersion}" -c advice.detachedHead=false https:
export GNUPGHOME=$tmpdir
echo "Fetching Adam Gibson's key"
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 2B6FC204D9BF332D062B461A141001A1AF77F20B 2> /dev/null
echo "Fetch Kristaps Kaupe's key"
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 70A1D47DD44F59DF8B22244333E472FE870C7E5D 2> /dev/null
echo
echo "Verifying commit"
git -C "$repo" verify-commit HEAD
Expand Down
2 changes: 1 addition & 1 deletion pkgs/lndinit/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ buildGoModule rec {
sha256 = "sha256-sO1DpbppCurxr9g9nUl9Vx82FJK1mTcUw3rY1Fm1wEU=";
};

vendorSha256 = "sha256-El44BS5Bu0K/klMxkajciU/R6uqiXBMOiLN536QztbE=";
vendorHash = "sha256-El44BS5Bu0K/klMxkajciU/R6uqiXBMOiLN536QztbE=";

subPackages = [ "." ];

Expand Down
14 changes: 7 additions & 7 deletions pkgs/pinned.nix
Original file line number Diff line number Diff line change
Expand Up @@ -4,21 +4,21 @@ pkgs: pkgsUnstable:
inherit (pkgs)
bitcoin
bitcoind
charge-lnd
elementsd
extra-container
lndconnect;

inherit (pkgsUnstable)
btcpayserver
charge-lnd
clightning
electrs
fulcrum
elementsd
extra-container
hwi
lightning-loop
lightning-pool
lnd
lndconnect
nbxplorer;

inherit (pkgsUnstable)
fulcrum;

inherit pkgs pkgsUnstable;
}
4 changes: 2 additions & 2 deletions pkgs/python-packages/bencoderpyx/default.nix
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{ lib, buildPythonPackage, fetchurl, cython, pytest, coverage }:
{ lib, buildPythonPackageWithDepsCheck, fetchurl, cython, pytest, coverage }:

buildPythonPackage rec {
buildPythonPackageWithDepsCheck rec {
pname = "bencoder.pyx";
version = "3.0.1";

Expand Down
4 changes: 2 additions & 2 deletions pkgs/python-packages/chromalog/default.nix
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{ lib, buildPythonPackage, fetchFromGitHub, colorama, future, six }:
buildPythonPackage rec {
{ lib, buildPythonPackageWithDepsCheck, fetchFromGitHub, colorama, future, six }:
buildPythonPackageWithDepsCheck rec {
pname = "chromalog";
version = "1.0.5";

Expand Down
69 changes: 13 additions & 56 deletions pkgs/python-packages/default.nix
Original file line number Diff line number Diff line change
@@ -1,19 +1,9 @@
nbPkgs: python3:
let
# Ignore eval error:
# `OpenSSL 1.1 is reaching its end of life on 2023/09/11 and cannot
# be supported through the NixOS 23.05 release cycle.`
# TODO-EXTERNAL: consider removing when
# https://github.com/Simplexum/python-bitcointx/issues/76 and
# https://github.com/JoinMarket-Org/joinmarket-clientserver#1451 are resolved.
openssl_1_1 = python3.pkgs.pkgs.openssl_1_1.overrideAttrs (old: {
meta = builtins.removeAttrs old.meta [ "knownVulnerabilities" ];
});
in
rec {
pyPkgsOverrides = self: super: let
inherit (self) callPackage;
clightningPkg = pkg: callPackage pkg { inherit (nbPkgs.pinned) clightning; };
joinmarketPkg = pkg: callPackage pkg { inherit (nbPkgs.joinmarket) version src; };
in
{
txzmq = callPackage ./txzmq {};
Expand All @@ -23,74 +13,41 @@ rec {
pyln-bolt7 = clightningPkg ./pyln-bolt7;
pylightning = clightningPkg ./pylightning;

# cryptography 41, required by pyln-proto
cryptography = callPackage ./specific-versions/cryptography_41 {
Security = super.darwin.apple_sdk.frameworks.Security;
};

# The versions of these packages that ship with nixos-23.05 are incompatible
# with cryptography 41
pyopenssl = callPackage ./specific-versions/pyopenssl_23_2 {};
service-identity = callPackage ./specific-versions/service-identity_23_1 {};

# The twisted package in nixos-23.05 runs a test that fails with
# service-identity 23.1. This package is backported from nixos-unstable
# and disables the test. (see
# https://github.com/twisted/twisted/issues/11877,
# https://github.com/NixOS/nixpkgs/commit/1ee622b10fcafcf2343960e3ffae0169afc59804)
twisted = callPackage ./specific-versions/twisted_22_10 {};

# Used by cryptography 41, backported from nixpkgs-unstable
setuptoolsRustBuildHook = callPackage ./setuptools-rust-hook {};

# bitstring 3.1.9, required by pyln-proto
bitstring = callPackage ./specific-versions/bitstring.nix {};

# Packages only used by joinmarket
bencoderpyx = callPackage ./bencoderpyx {};
chromalog = callPackage ./chromalog {};
python-bitcointx = callPackage ./python-bitcointx {
inherit (nbPkgs) secp256k1;
openssl = openssl_1_1;
};
python-bitcointx = callPackage ./python-bitcointx { inherit (nbPkgs) secp256k1; };
runes = callPackage ./runes {};
sha256 = callPackage ./sha256 {};
};

# Joinmarket requires a custom package set because it uses older versions of Python pkgs
pyPkgsOverridesJoinmarket = self: super: let
inherit (self) callPackage;
joinmarketPkg = pkg: callPackage pkg { inherit (nbPkgs.joinmarket) version src; };
in
(pyPkgsOverrides self super) // {
joinmarketbase = joinmarketPkg ./jmbase;
joinmarketclient = joinmarketPkg ./jmclient;
joinmarketbitcoin = joinmarketPkg ./jmbitcoin;
joinmarketdaemon = joinmarketPkg ./jmdaemon;

## Specific versions of packages that already exist in nixpkgs

# cryptography 3.3.2, required by joinmarketdaemon
cryptography = callPackage ./specific-versions/cryptography {
openssl = openssl_1_1;
cryptography_vectors = callPackage ./specific-versions/cryptography/vectors.nix {};
};

# autobahn 20.12.3, required by joinmarketclient
autobahn = callPackage ./specific-versions/autobahn.nix {};

# pyopenssl 21.0.0, required by joinmarketdaemon
pyopenssl = callPackage ./specific-versions/pyopenssl.nix {};

# txtorcon 22.0.0, required by joinmarketdaemon
txtorcon = callPackage ./specific-versions/txtorcon.nix {};
# A version of `buildPythonPackage` which checks that Python package
# requirements are met.
# This was the case for NixOS <= 23.05.
# TODO-EXTERNAL: Remove when this is resolved:
# https://github.com/NixOS/nixpkgs/issues/253131
buildPythonPackageWithDepsCheck = attrs:
self.buildPythonPackage (attrs // {
dontUsePypaInstall = true;
nativeBuildInputs = (attrs.nativeBuildInputs or []) ++ [ self.pipInstallHook ];
});
};

nbPython3Packages = (python3.override {
packageOverrides = pyPkgsOverrides;
}).pkgs;

nbPython3PackagesJoinmarket = (python3.override {
packageOverrides = pyPkgsOverridesJoinmarket;
}).pkgs;
nbPython3PackagesJoinmarket = nbPython3Packages;
}
15 changes: 11 additions & 4 deletions pkgs/python-packages/jmbase/default.nix
Original file line number Diff line number Diff line change
@@ -1,17 +1,24 @@
{ version, src, lib, buildPythonPackage, fetchurl, future, twisted, service-identity, chromalog, txtorcon }:
{ version, src, lib, buildPythonPackageWithDepsCheck, fetchurl, future, twisted, service-identity, chromalog, txtorcon, pyaes }:

buildPythonPackage rec {
buildPythonPackageWithDepsCheck rec {
pname = "joinmarketbase";
inherit version src;

postUnpack = "sourceRoot=$sourceRoot/jmbase";

propagatedBuildInputs = [ future twisted service-identity chromalog txtorcon pyaes ];

patchPhase = ''
sed -i 's|twisted==22.4.0|twisted==22.10.0|' setup.py
sed -i 's|twisted==22.4.0|twisted==23.8.0|' setup.py
sed -i 's|service-identity==21.1.0|service-identity==23.1.0|' setup.py
'';

propagatedBuildInputs = [ future twisted service-identity chromalog txtorcon ];
# Has no tests
doCheck = false;

pythonImportsCheck = [
"jmbase"
];

meta = with lib; {
homepage = "https://github.com/Joinmarket-Org/joinmarket-clientserver";
Expand Down
Loading

0 comments on commit a2e1478

Please sign in to comment.