Skip to content

Instantly share code, notes, and snippets.

@niftynei

niftynei/configuration.nix

Last active March 1, 2023 16:26
Show Gist options
  • Save niftynei/8aeef52ac40648f744d506bd1b9cdfa0 to your computer and use it in GitHub Desktop.
Save niftynei/8aeef52ac40648f744d506bd1b9cdfa0 to your computer and use it in GitHub Desktop.
Download ZIP
nifty's nixos configuration.nix
Raw
configuration.nix
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
{ config, pkgs, lib, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the GRUB 2 boot loader.
# boot.loader.grub.enable = true;
# boot.loader.grub.version = 2;
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
# boot.loader.grub.device = "/dev/sdb"; # or "nodev" for efi only
boot = {
# Use the systemd-boot EFI boot loader.
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
};
networking.hostName = "hostname";
# NAT, needed for container setup
networking.nat = {
enable = true;
internalInterfaces = ["ve-+"];
externalInterface = "eno1";
enableIPv6 = true;
};
# Set your time zone.
time.timeZone = "America/Chicago";
# Define a user account. Don't forget to set a password with ‘passwd’.
users = {
users.nifty = {
isNormalUser = true;
extraGroups = [ "wheel" "bitcoin" "liquid" "clightning" "electrs" ]; # Enable ‘sudo’ for the user.
};
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
bottom
diskonaut
exa
file
git
iotop
pciutils
pv
tree
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
];
# if you want to use flakes keep this!
nix.extraOptions = "experimental-features = nix-command flakes";
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
# nix-bitcoin configs
nix-bitcoin.generateSecrets = true;
nix-bitcoin.operator.name = "bitcoiner";
services.bitcoind = {
enable = true;
dbCache = lib.mkForce 16384; # niftynote: this is really big
txindex = true;
extraConfig = ''
mempoolfullrbf=1
'';
};
# optional electrum server
services.electrs = {
enable = true;
};
# optional, run liquid network
services.liquidd = {
enable = true;
};
# turn on tor for CLN
nix-bitcoin.onionServices.clightning = {
enable = true;
public = true;
};
# CLN: set custom lightningd start flags this way.
# wanted to set --database-upgrade=true for Release Candidate builds.
# useful, not fully recommended
systemd.services.clightning.serviceConfig.ExecStart = lib.mkForce "${config.services.clightning.package}/bin/lightningd --lightning-dir=${config.services.clightning.dataDir} --database-upgrade=true";
services.clightning = {
enable = true;
# this lets me pick a tag/commit for a CLN build
package = pkgs.clightning.overrideAttrs (
orig:
let version = "v23.02rc3"; in
{
version = version;
src = pkgs.fetchFromGitHub {
owner = "ElementsProject";
repo = "lightning";
rev = "${version}";
fetchSubmodules = true;
sha256 = "sha256-xGttepiu6ds9+kUhUX+WavUs1yJ9V461SgMv+mWMzcE=";
};
# i run CLN as developer + with experimental-features on
configureFlags = [ "--enable-developer" "--disable-valgrind" "--enable-experimental-features" ];
makeFlags = [ "VERSION=${version}" ];
});
dataDir = "/var/lib/lightningd";
address = "127.0.0.1";
# this is my config file -- FILL THIS IN WITH YOUR INFO!!
extraConfig = ''
alias=FILL THIS IN
rgb=CC0099
log-level=debug
log-file=/var/lib/lightningd/logs/log
log-timestamps=true
fee-base=1000
fee-per-satoshi=5
allow-deprecated-apis=false
wumbo
experimental-offers
experimental-dual-fund
experimental-websocket-port=9999
funder-policy=match
funder-policy-mod=100
funder-per-channel-max=10000000sat
funder-per-channel-min=100000sat
funder-min-their-funding=100000sat
lease-fee-base-sat=500sat
lease-fee-basis=60
channel-fee-max-base-msat=100sat
channel-fee-max-proportional-thousandths=2
'';
};
# This is how my logrotate-to-email me script works. Missing some details here,
# as I moved the email pwd to a separate file. see https://github.com/niftynei/cln-logmaid/blob/master/parselogs.py
# which you'd put in the same directory as this file to build.
services.logrotate.settings."/var/lib/lightningd/logs/log" = {
enable = true;
frequency = "daily";
rotate = 7;
compress = true;
missingok = true;
dateext = true;
notifempty = true;
prerotate = let
python = pkgs.python3;
script = ./parselogs.py;
drv = pkgs.stdenv.mkDerivation {
name = "parselogs.py";
src = script;
buildInputs = [ python ];
buildCommand = "cp ${script} $out; patchShebangs $out";
};
in "${drv} /var/lib/lightningd/logs/log";
postrotate = "kill -HUP $(cat /var/lib/lightningd/lightningd-bitcoin.pid)";
};
}
Raw
flake.nix
{
description = "hostname conf";
outputs = inputs@{ self, nixpkgs, nix-bitcoin }: {
nixosConfigurations = {
hostname = nixpkgs.lib.nixosSystem {
modules = [
nix-bitcoin.nixosModules.default
./configuration.nix
(nix-bitcoin + "/modules/presets/secure-node.nix")
];
};
};
};
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment