Merge fort-nix/nix-bitcoin#563: lnd: fix missing RPC permissions when bitcoind is pruned

67949a002a lnd: fix missing RPC permissions when bitcoind is pruned (Erik Arvstedt) 49303be2e0 test/shellcheck-services: fix error by excluding unavailable services (Erik Arvstedt) 46f17fe313 test/shellcheck-services: simplify accessing service definitions (Erik Arvstedt) Pull request description: ACKs for top commit: jonasnick: ACK 67949a002a Tree-SHA512: 28652d8ec67a164aef068f3df32d1ae8df4e0920cafedc6e3d568b631333b29e57f7370e54a82e7cde9710a3df0a1494ed94272af101d31dd7859a08bb363e4b
2022-10-28 08:37:57 +00:00
parent a7357c1176 67949a002a
commit 7c16fc5865
4 changed files with 51 additions and 52 deletions
--- a/test/lib/shellcheck-services.nix
+++ b/test/lib/shellcheck-services.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, extendModules, ... }:
+{ config, pkgs, lib, extendModules, ... }@args:
 with lib;
 let
  options = {
@@ -12,68 +12,38 @@ let
    };
  };

-  # TODO-EXTERNAL:
-  # This can be removed when https://github.com/NixOS/nixpkgs/pull/189836 is merged.
-  #
-  # A list of all systemd service definitions and their locations, with format
-  # [
-  #   {
-  #     file = ...;
-  #     value = { postgresql = ...; };
-  #   }
-  #   ...
-  # ]
-  systemdServiceDefs =
-    (extendModules {
-      modules = [
-        {
-          # Currently, NixOS modules only allow accessing option definition locations
-          # via type.merge.
-          # Override option `systemd.services` and use it to return the list of service defs.
-          options.systemd.services = lib.mkOption {
-            type = lib.types.anything // {
-              merge = loc: defs: defs;
-            };
-          };
-
-          # Disable all modules that define options.systemd.services so that these
-          # defs don't collide with our definition
-          disabledModules = [
-            "system/boot/systemd.nix"
-            # These files amend option systemd.services
-            "testing/service-runner.nix"
-            "security/systemd-confinement.nix"
-          ];
-
-          config._module.check = false;
-        }
-      ];
-    }).config.systemd.services;
-
  # A list of all service names that are defined by nix-bitcoin.
  # [ "bitcoind", "clightning", ... ]
  #
-  # Algorithm: Parse `systemdServiceDefs` and return all services that
-  # only have definitions located in the nix-bitcoin source.
+  # Algorithm: Parse defintions of `systemd.services` and return all services
+  # that only have definitions located in the nix-bitcoin source.
  nix-bitcoin-services = let
+    systemdServices = args.options.systemd.services;
+    configSystemdServices = args.config.systemd.services;
    nix-bitcoin-source = toString ../..;
    nbServices = collectServices true;
    nonNbServices = collectServices false;
    # Return set of services ({ service1 = true; service2 = true; ... })
    # which are either defined or not defined by nix-bitcoin, depending
    # on `fromNixBitcoin`.
-    collectServices = fromNixBitcoin: lib.listToAttrs (builtins.concatLists (map (def:
+    collectServices = fromNixBitcoin: lib.listToAttrs (builtins.concatLists (zipListsWith (services: file:
      let
-        isNbSource = lib.hasPrefix nix-bitcoin-source def.file;
+        isNbSource = lib.hasPrefix nix-bitcoin-source file;
      in
-        # Nix has nor boolean XOR, so use `if`
+        # Nix has no boolean XOR, so use `if`
        lib.optionals (if fromNixBitcoin then isNbSource else !isNbSource) (
-          (map (service: { name = service; value = true; }) (builtins.attrNames def.value))
+          (map (service: { name = service; value = true; }) (builtins.attrNames services))
        )
-    ) systemdServiceDefs));
+    # TODO-EXTERNAL:
+    # Use `systemdServices.definitionsWithLocations` when https://github.com/NixOS/nixpkgs/pull/189836
+    # is included in nixpkgs stable.
+    ) systemdServices.definitions systemdServices.files));
  in
-    # Set difference: nbServices - nonNbServices
-    builtins.filter (nbService: ! nonNbServices ? ${nbService}) (builtins.attrNames nbServices);
+    # Calculate set difference: nbServices - nonNbServices
+    # and exclude unavailable services (defined via `mkIf false ...`) by checking `configSystemdServices`.
+    builtins.filter (nbService:
+      configSystemdServices ? ${nbService} && (! nonNbServices ? ${nbService})
+    ) (builtins.attrNames nbServices);

  # The concatenated list of values of ExecStart, ExecStop, ... (`scriptAttrs`) of all `nix-bitcoin-services`.
  serviceCmds = let
--- a/test/run-tests.sh
+++ b/test/run-tests.sh
@@ -306,6 +306,7 @@ buildable() {
    scenario=regtest buildTest "$@"
    scenario=hardened buildTest "$@"
    scenario=clightningReplication buildTest "$@"
+    scenario=lndPruned buildTest "$@"
 }

 examples() {
--- a/test/tests.nix
+++ b/test/tests.nix
@@ -318,6 +318,12 @@ let
      services.btcpayserver.lbtc = mkForce false;
    };

+    # Test the special bitcoin RPC setup that lnd uses when bitcoin is pruned
+    lndPruned = {
+      services.lnd.enable = true;
+      services.bitcoind.prune = 1000;
+    };
+
    ## Examples / debug helper

    # Run a selection of tests in scenario 'netns'