-
Notifications
You must be signed in to change notification settings - Fork 107
/
deploy-krops.sh
executable file
·130 lines (108 loc) · 3.6 KB
/
deploy-krops.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#!/usr/bin/env bash
set -euo pipefail
# This script demonstrates how to setup a nix-bitcoin node with krops.
# The node is deployed to a minimal NixOS QEMU VM.
# Running this script leaves no traces on your host system.
# This demo is a template for your own experiments.
# Run with option `--interactive` or `-i` to start a shell for interacting with
# the node.
# MAKE SURE TO REPLACE the SSH identity file if you use this script for
# anything serious.
if [[ ! -v NIX_BITCOIN_EXAMPLES_DIR ]]; then
echo "Running script in nix shell env..."
cd "${BASH_SOURCE[0]%/*}"
exec nix-shell --run "./${BASH_SOURCE[0]##*/} $*"
else
cd "$NIX_BITCOIN_EXAMPLES_DIR"
fi
source qemu-vm/run-vm.sh
echo "Building the target VM"
# Build the initial VM to which the nix-bitcoin node is deployed via krops
nix-build --out-link "$tmpDir/vm" - <<'EOF'
(import <nixpkgs/nixos> {
configuration = { config, lib, ... }: {
imports = [ <qemu-vm/vm-config.nix> ];
services.openssh.enable = true;
# Silence the following warning that appears when deploying via krops:
# warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring
nix.nixPath = lib.mkForce [];
system.stateVersion = lib.mkDefault config.system.nixos.release;
};
}).config.system.build.vm
EOF
vmNumCPUs=4
vmMemoryMiB=2048
sshPort=60734
# Start the VM in the background
runVM "$tmpDir/vm" "$vmNumCPUs" "$vmMemoryMiB" "$sshPort"
# Build the krops deploy script
export sshPort
nix-build --out-link "$tmpDir/krops-deploy" - <<'EOF'
let
krops = (import <nix-bitcoin> {}).krops;
extraSources = {
# Skip uploading nixpkgs to the target node.
# This works because /nix/store is shared with the target VM.
nixpkgs.symlink = toString <nixpkgs>;
nixos-config.file = toString <krops-vm-configuration.nix>;
qemu-vm.file = toString <qemu-vm>;
};
in
krops.pkgs.krops.writeCommand "krops-deploy" {
source = import <krops/sources.nix> { inherit extraSources krops; };
force = true;
target = {
user = "root";
host = "127.0.0.1";
port = builtins.getEnv "sshPort";
extraOptions = [
"-i" (toString <qemu-vm/id-vm>) "-oConnectTimeout=1"
"-oStrictHostKeyChecking=no" "-oUserKnownHostsFile=/dev/null" "-oLogLevel=ERROR"
"-oControlMaster=auto" "-oControlPath=${builtins.getEnv "tmpDir"}/ssh-connection" "-oControlPersist=60"
];
};
# "test" instead of "switch" to avoid installing a bootloader which
# is not possible in this VM
command = targetPath: ''
nixos-rebuild test -I /var/src
'';
}
EOF
echo "Building the nix-bitcoin node"
# Pre-build the nix-bitcoin node outside of the VM to save some time
nix-build --out-link "$tmpDir/store-paths" -E '
let
system = (import <nixpkgs/nixos> { configuration = <krops-vm-configuration.nix>; }).system;
pkgsUnstable = (import <nix-bitcoin/pkgs/nixpkgs-pinned.nix>).nixpkgs-unstable;
pkgs = import <nixpkgs> {};
in
pkgs.closureInfo { rootPaths = [ system pkgsUnstable ]; }
' > /dev/null
vmWaitForSSH
# Add the store paths that include the nix-bitcoin node
# to the nix store db in the VM
c "nix-store --load-db < $(realpath "$tmpDir/store-paths")/registration"
echo
echo "Generate secrets"
nix-shell --run generate-secrets
echo
echo "Deploy with krops"
"$tmpDir/krops-deploy"
echo
echo "Bitcoind service:"
c systemctl status bitcoind
echo
echo "Bitcoind network:"
c bitcoin-cli getnetworkinfo
echo
echo "lightning-cli state:"
c lightning-cli getinfo
echo
echo "Node info:"
c nodeinfo
case ${1:-} in
-i|--interactive)
. ./start-bash-session.sh
;;
esac
# Cleanup happens at exit (defined in qemu-vm/run-vm.sh)