nix-bitcoin/helper/makeShell.nix at master · 2140-dev/nix-bitcoin · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
{ configDir, shellVersion ? null, extraShellInitCmds ? (pkgs: "") }:
let
  pinned = import ../pkgs/nixpkgs-pinned.nix;
  pkgs = import nixpkgs { config = {}; overlays = []; };
  inherit (pkgs) lib;
  inherit (pinned) nixpkgs;
  nbPkgs = import ../pkgs { inherit pkgs; };
  cfgDir = toString configDir;
  setPath = lib.optionalString pkgs.stdenv.isLinux ''
    export PATH="${lib.makeBinPath [ nbPkgs.pinned.extra-container ]}''${PATH:+:}$PATH"
  '';
in
pkgs.stdenv.mkDerivation {
  name = "nix-bitcoin-environment";

  helpMessage = ''
    nix-bitcoin path: ${toString ../.}

    Available commands
    ==================
    deploy
      Run krops-deploy and eval-config in parallel.
      This ensures that eval failures appear quickly when deploying.
      In this case, deployment is stopped.

    krops-deploy
      Deploy your node via krops

    eval-config
      Evaluate your node system configuration

    build-config
       Build your node system on your local machine

    generate-secrets
      Create secrets required by your node configuration.
      Secrets are written to ./secrets/
      This function is automatically called by krops-deploy.

    update-nix-bitcoin
      Fetch and use the latest version of nix-bitcoin
  '';

  shellHook = ''
    export NIX_PATH="nixpkgs=${nixpkgs}:nix-bitcoin=${toString ../.}:."
    ${setPath}
    export NIX_BITCOIN_EXAMPLES_DIR="${cfgDir}"
    export nixpkgsUnstable="${pinned.nixpkgs-unstable}"

    # Set isInteractive=1 if
    # 1. stdout is a TTY, i.e. we're not piping the output
    # 2. the shell is interactive
    if [[ -t 1 && $- == *i* ]]; then isInteractive=1; else isInteractive=; fi

    # Make this a non-environment var
    export -n helpMessage

    help() { echo "$helpMessage"; }
    h() { help; }

    fetch-release() {
      ${toString ./fetch-release}
    }

    update-nix-bitcoin() {(
      set -euo pipefail
      releaseFile="${cfgDir}/nix-bitcoin-release.nix"
      current=$(cat "$releaseFile" 2>/dev/null || true)
      new=$(fetch-release)
      if [[ $new == $current ]]; then
        echo "nix-bitcoin-release.nix already contains the latest release"
      else
        echo "$new" > "$releaseFile"
        echo "Updated nix-bitcoin-release.nix"
        if [[ $isInteractive ]]; then
          exec nix-shell
        fi
      fi
    )}

    generate-secrets() {(
      set -euo pipefail
      config="${cfgDir}/krops/krops-configuration.nix"
      if [[ ! -e $config ]]; then
        config="${cfgDir}/configuration.nix"
      fi
      genSecrets=$(nix-build --no-out-link -I nixos-config="$config" \
                   '<nixpkgs/nixos>' -A config.nix-bitcoin.generateSecretsScript)
      mkdir -p "${cfgDir}/secrets"
      (cd "${cfgDir}/secrets"; $genSecrets)
    )}

    deploy() {(
      set -euo pipefail
      krops-deploy &
      kropsPid=$!
      if eval-config; then
        wait $kropsPid
      else
        # Kill all subprocesses
        kill $(pidClosure $kropsPid)
        return 1
      fi
    )}

    krops-deploy() {(
      set -euo pipefail
      generate-secrets
      # Ensure strict permissions on secrets/ directory before rsyncing it to
      # the target machine
      chmod 700 "${cfgDir}/secrets"
      $(nix-build --no-out-link "${cfgDir}/krops/deploy.nix")
    )}

    eval-config() {(
      set -euo pipefail
      system=$(getNodeSystem)
      NIXOS_CONFIG="${cfgDir}/krops/krops-configuration.nix" \
        nix-instantiate --eval ${nixpkgs}/nixos $system -A system.outPath | tr -d '"'
      echo
    )}

    build-config() {(
      set -euo pipefail
      system=$(getNodeSystem)
      NIXOS_CONFIG="${cfgDir}/krops/krops-configuration.nix" \
        nix-build --no-out-link ${nixpkgs}/nixos $system -A system
    )}

    getNodeSystem() {
      if [[ -e '${cfgDir}/krops/system' ]]; then
        echo -n "--argstr system "; cat '${cfgDir}/krops/system'
      elif [[ $OSTYPE == darwin* ]]; then
        # On macOS, `builtins.currentSystem` (`*-darwin`) can never equal
        # the node system (`*-linux`), so we can always provide a helpful error message:
        >&2 echo "Error, node system not set. See here how to fix this:"
        >&2 echo "https://github.com/fort-nix/nix-bitcoin/blob/master/docs/install.md#optional-specify-the-system-of-your-node"
        return 1
      fi
    };

    pidClosure() {
      echo "$1"
      for pid in $(ps -o pid= --ppid "$1"); do
        pidClosure "$pid"
      done
    }

    if [[ $isInteractive ]]; then
      ${pkgs.figlet}/bin/figlet "nix-bitcoin"
      echo 'Enter "h" or "help" for documentation.'
    fi

    # Don't run this hook when another nix-shell is run inside this shell
    unset shellHook

    ${extraShellInitCmds pkgs}
  '';
}