2020-01-12 22:52:40 +03:00
|
|
|
# Integration test, can be run without internet access.
|
|
|
|
|
2020-08-21 23:36:13 +03:00
|
|
|
# Make sure to update build() in ./run-tests.sh when adding new scenarios
|
2020-07-16 17:48:41 +03:00
|
|
|
{ scenario ? "default" }:
|
|
|
|
|
2020-01-12 22:52:40 +03:00
|
|
|
import ./make-test.nix rec {
|
2020-08-21 23:36:09 +03:00
|
|
|
name = "nix-bitcoin-${scenario}";
|
2020-01-12 22:52:40 +03:00
|
|
|
|
|
|
|
hardened = {
|
|
|
|
imports = [ <nixpkgs/nixos/modules/profiles/hardened.nix> ];
|
2020-08-04 16:32:06 +03:00
|
|
|
security.allowUserNamespaces = true; # re-enable disabled option
|
2020-01-12 22:52:40 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
machine = { pkgs, lib, ... }: with lib; {
|
|
|
|
imports = [
|
2020-04-07 23:47:32 +03:00
|
|
|
../modules/presets/secure-node.nix
|
2020-01-12 22:52:40 +03:00
|
|
|
../modules/secrets/generate-secrets.nix
|
|
|
|
# using the hardened profile increases total test duration by ~50%, so disable it for now
|
|
|
|
# hardened
|
|
|
|
];
|
|
|
|
|
2020-09-24 19:54:54 +03:00
|
|
|
# needed because duplicity requires 270 MB of free temp space, regardless of backup size.
|
|
|
|
virtualisation.diskSize = 1024;
|
|
|
|
|
2020-09-27 13:43:19 +03:00
|
|
|
nix-bitcoin.netns-isolation.enable = (scenario == "netns");
|
2020-06-18 13:22:44 +03:00
|
|
|
|
2020-01-12 22:52:40 +03:00
|
|
|
services.bitcoind.extraConfig = mkForce "connect=0";
|
|
|
|
|
|
|
|
services.clightning.enable = true;
|
|
|
|
services.spark-wallet.enable = true;
|
|
|
|
services.lightning-charge.enable = true;
|
|
|
|
services.nanopos.enable = true;
|
|
|
|
|
|
|
|
services.lnd.enable = true;
|
2020-08-04 11:24:49 +03:00
|
|
|
services.lnd.listenPort = 9736;
|
2020-07-10 17:09:31 +03:00
|
|
|
services.lightning-loop.enable = true;
|
2020-01-12 22:52:40 +03:00
|
|
|
|
|
|
|
services.electrs.enable = true;
|
|
|
|
|
|
|
|
services.liquidd = {
|
|
|
|
enable = true;
|
|
|
|
listen = mkForce false;
|
|
|
|
extraConfig = "noconnect=1";
|
|
|
|
};
|
|
|
|
|
|
|
|
services.nix-bitcoin-webindex.enable = true;
|
|
|
|
|
|
|
|
services.hardware-wallets = {
|
|
|
|
trezor = true;
|
|
|
|
ledger = true;
|
|
|
|
};
|
|
|
|
|
2020-06-23 14:03:16 +03:00
|
|
|
services.backups.enable = true;
|
|
|
|
|
2020-08-12 17:16:22 +03:00
|
|
|
services.btcpayserver.enable = true;
|
|
|
|
services.btcpayserver.lightningBackend = "lnd";
|
|
|
|
# needed to test macaroon creation
|
|
|
|
environment.systemPackages = with pkgs; [ openssl xxd ];
|
2020-05-18 12:51:18 +03:00
|
|
|
|
|
|
|
services.joinmarket.enable = true;
|
|
|
|
services.joinmarket.yieldgenerator = {
|
|
|
|
enable = true;
|
|
|
|
customParameters = ''
|
|
|
|
txfee = 200
|
|
|
|
cjfee_a = 300
|
|
|
|
'';
|
|
|
|
};
|
2020-08-12 17:16:22 +03:00
|
|
|
|
2020-01-12 22:52:40 +03:00
|
|
|
# to test that unused secrets are made inaccessible by 'setup-secrets'
|
|
|
|
systemd.services.generate-secrets.postStart = ''
|
|
|
|
install -o nobody -g nogroup -m777 <(:) /secrets/dummy
|
|
|
|
'';
|
|
|
|
};
|
2020-08-21 23:36:10 +03:00
|
|
|
testScript =
|
2020-09-27 13:43:11 +03:00
|
|
|
builtins.readFile ./tests.py + "\n\n" + builtins.readFile "${./.}/scenarios/${scenario}.py";
|
2020-01-12 22:52:40 +03:00
|
|
|
}
|