diff --git a/.cirrus.yml b/.cirrus.yml index ec1a317..058ea3e 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -9,7 +9,7 @@ task: container: # Defined in https://github.com/nix-community/docker-nixpkgs - image: nixpkgs/nix-flakes:nixos-24.05 + image: nixpkgs/nix-flakes:nixos-24.11 matrix: - name: modules_test diff --git a/dev/README.md b/dev/README.md index 0e37eb3..522f106 100644 --- a/dev/README.md +++ b/dev/README.md @@ -97,8 +97,7 @@ It's easiest to use an existing service as a template: Most other services use packages that are already included in nixpkgs. ## Switching to a new NixOS release - -- [flake.nix](../flake.nix): update `nixpkgs.url` +- Run command `update-flake.sh 24.11` - [cirrus.yml](../.cirrus.yml): update toplevel container -> image attribute - [examples/configuration.nix](../examples/configuration.nix): update `system.stateVersion` - [examples/flakes/flake.nix](../examples/flakes/flake.nix): update `inputs.nix-bitcoin.url` diff --git a/examples/configuration.nix b/examples/configuration.nix index f4871a9..0f4918f 100644 --- a/examples/configuration.nix +++ b/examples/configuration.nix @@ -318,7 +318,7 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? + system.stateVersion = "24.11"; # Did you read the comment? # The nix-bitcoin release version that your config is compatible with. # When upgrading to a backwards-incompatible release, nix-bitcoin will display an diff --git a/examples/flakes/flake.nix b/examples/flakes/flake.nix index d273cee..63b69c4 100644 --- a/examples/flakes/flake.nix +++ b/examples/flakes/flake.nix @@ -10,7 +10,7 @@ inputs.nix-bitcoin.url = "github:fort-nix/nix-bitcoin/release"; # You can also use a version branch to track a specific NixOS release - # inputs.nix-bitcoin.url = "github:fort-nix/nix-bitcoin/nixos-24.05"; + # inputs.nix-bitcoin.url = "github:fort-nix/nix-bitcoin/nixos-24.11"; inputs.nixpkgs.follows = "nix-bitcoin/nixpkgs"; inputs.nixpkgs-unstable.follows = "nix-bitcoin/nixpkgs-unstable"; diff --git a/flake.lock b/flake.lock index 72117e1..baba37f 100644 --- a/flake.lock +++ b/flake.lock @@ -10,15 +10,16 @@ ] }, "locked": { - "lastModified": 1722175938, - "narHash": "sha256-HKyB4HD+NdX3T233bY31hm76v3/tdQBNeLLvopKbZeY=", + "lastModified": 1734005403, + "narHash": "sha256-vgh3TqfkFdnPxREBedw4MQehIDc3N8YyxBOB45n+AvU=", "owner": "erikarvstedt", "repo": "extra-container", - "rev": "37e7207ac9f857eedb58b208b9dc91cd6b24e651", + "rev": "f4de6c329b306a9d3a9798a30e060c166f781baa", "type": "github" }, "original": { "owner": "erikarvstedt", + "ref": "0.13", "repo": "extra-container", "type": "github" } @@ -43,16 +44,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1732749044, - "narHash": "sha256-T38FQOg0BV5M8FN1712fovzNakSOENEYs+CSkg31C9Y=", + "lastModified": 1733808091, + "narHash": "sha256-KWwINTQelKOoQgrXftxoqxmKFZb9pLVfnRvK270nkVk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0c5b4ecbed5b155b705336aa96d878e55acd8685", + "rev": "a0f3e10d94359665dba45b71b4227b0aeb851f8e", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 04c4a24..b5dd486 100644 --- a/flake.nix +++ b/flake.nix @@ -5,11 +5,11 @@ ''; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; flake-utils.url = "github:numtide/flake-utils"; extra-container = { - url = "github:erikarvstedt/extra-container"; + url = "github:erikarvstedt/extra-container/0.13"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; diff --git a/helper/update-flake.sh b/helper/update-flake.sh index 002fd0b..62b771a 100755 --- a/helper/update-flake.sh +++ b/helper/update-flake.sh @@ -2,7 +2,9 @@ set -euo pipefail # This script does the following: -# - Update all flake inputs, including nixpkgs +# - When called without arguments, update all flake inputs, including nixpkgs. +# - When called with a version argument, set input `nixpkgs` in `flake.nix` to the +# specified version and only update this input. # - Print version updates of pinned pkgs like so: # Pkg updates in nixpkgs unstable: # bitcoin: 0.20.0 -> 0.21.1 @@ -39,23 +41,11 @@ if [[ $forceRun ]] && ! git diff --quiet ../flake.{nix,lock}; then exit 1 fi -# Support Nix >=2.19 -{ - versionGreaterThanOrEqual() { - [[ $1 != $(echo -e "$1\n$2" | sort -V | head -n1) || $1 == "$2" ]] - } - nixVersion=$(nix --version | cut -d\ -f 3) - if versionGreaterThanOrEqual "$nixVersion" 2.19; then - # https://nixos.org/manual/nix/stable/release-notes/rl-2.19#:~:text=nix%20flake%20update - nixUpdateArg=--flake - else - nixUpdateArg= - fi -} - -echo "Updating flake 'nixos-search'" -nix flake update $nixUpdateArg ../test/nixos-search -echo +if [[ ! $nixosVersion ]]; then + echo "Updating flake 'nixos-search'" + nix flake update --flake ../test/nixos-search + echo +fi versions=$(nix eval --json -f update-flake.nix versions) @@ -65,8 +55,10 @@ versions=$(nix eval --json -f update-flake.nix versions) echo "Updating main flake" if [[ $nixosVersion ]]; then sed -Ei "s|(nixpkgs.url = .*nixos-)[^\"]+|\1$nixosVersion|" ../flake.nix + nix flake update nixpkgs --flake .. +else + nix flake update --flake .. fi -nix flake update $nixUpdateArg .. echo nix eval --raw -f update-flake.nix --argstr prevVersions "$versions" showUpdates; echo diff --git a/modules/btcpayserver.nix b/modules/btcpayserver.nix index 2ea7e0e..97bbc87 100644 --- a/modules/btcpayserver.nix +++ b/modules/btcpayserver.nix @@ -168,7 +168,6 @@ in { lbtcnodeendpoint=${nbLib.addressWithPort liquidd.address liquidd.whitelistedPort} ''} postgres=User ID=${cfg.nbxplorer.user};Host=/run/postgresql;Database=nbxplorer - automigrate=1 ''; in rec { wantedBy = [ "multi-user.target" ]; diff --git a/modules/netns-isolation.nix b/modules/netns-isolation.nix index a521d58..602eb7f 100644 --- a/modules/netns-isolation.nix +++ b/modules/netns-isolation.nix @@ -91,7 +91,7 @@ let enabledServices = filterAttrs (n: v: isEnabled n) cfg.services; isEnabled = x: config.services.${x}.enable; - ip = "${pkgs.iproute}/bin/ip"; + ip = "${pkgs.iproute2}/bin/ip"; iptables = "${config.networking.firewall.package}/bin/iptables"; bridgeIp = "169.254.${toString cfg.addressblock}.10"; diff --git a/pkgs/pinned.nix b/pkgs/pinned.nix index c113af0..4bf6082 100644 --- a/pkgs/pinned.nix +++ b/pkgs/pinned.nix @@ -2,24 +2,25 @@ pkgs: pkgsUnstable: { inherit (pkgs) - charge-lnd - elementsd - extra-container - lightning-pool - lndconnect; - - inherit (pkgsUnstable) bitcoin bitcoind btcpayserver + charge-lnd clboss clightning electrs + elementsd + extra-container fulcrum hwi lightning-loop + lightning-pool lnd + lndconnect nbxplorer; + inherit (pkgsUnstable) + ; + inherit pkgs pkgsUnstable; } diff --git a/pkgs/python-packages/clnrest/default.nix b/pkgs/python-packages/clnrest/default.nix index 7f0e204..9a45c04 100644 --- a/pkgs/python-packages/clnrest/default.nix +++ b/pkgs/python-packages/clnrest/default.nix @@ -26,8 +26,9 @@ let postPatch = '' substituteInPlace pyproject.toml \ - --replace 'gevent = "^23.9.0.post1"' 'gevent = "24.2.1"' \ - --replace 'flask = "^2.3.3"' 'flask = "3.0.3"' + --replace-fail 'gevent = "^23.9.0.post1"' 'gevent = "24.2.1"' \ + --replace-fail 'gunicorn = "^21.2.0"' 'gunicorn = "23.0.0"' \ + --replace-fail 'flask = "^2.3.3"' 'flask = "3.0.3"' # Add extra required src files that are missing in pyproject.toml sed -i '/authors/a include = [ { path = "utilities", format = ["sdist", "wheel"] } ]' pyproject.toml diff --git a/pkgs/python-packages/joinmarket/default.nix b/pkgs/python-packages/joinmarket/default.nix index 854f1e5..2cdbb55 100644 --- a/pkgs/python-packages/joinmarket/default.nix +++ b/pkgs/python-packages/joinmarket/default.nix @@ -29,9 +29,8 @@ buildPythonPackage rec { inherit version src; format = "pyproject"; - # Since v0.9.11, Python older than v3.8 is not supported. Python v3.12 is - # still not supported. - disabled = (pythonOlder "3.8") || (pythonAtLeast "3.12"); + # Since v0.9.11, Python older than v3.8 is not supported. + disabled = pythonOlder "3.8"; nativeBuildInputs = [ setuptools @@ -75,9 +74,10 @@ buildPythonPackage rec { postPatch = '' substituteInPlace pyproject.toml \ - --replace-fail 'twisted==23.10.0' 'twisted==24.3.0' \ + --replace-fail 'twisted==23.10.0' 'twisted==24.7.0' \ --replace-fail 'service-identity==21.1.0' 'service-identity==24.1.0' \ - --replace-fail 'cryptography==41.0.6' 'cryptography==42.0.5' + --replace-fail 'cryptography==41.0.6' 'cryptography==43.0.1' \ + --replace-fail 'txtorcon==23.11.0' 'txtorcon==24.8.0' \ # Modify pyproject.toml to include only specific modules. Do not include 'jmqtui'. sed -i '/^\[tool.setuptools.packages.find\]/a include = ["jmbase", "jmbitcoin", "jmclient", "jmdaemon"]' pyproject.toml diff --git a/pkgs/python-packages/pyln-proto/default.nix b/pkgs/python-packages/pyln-proto/default.nix index cde5e44..98f7d6b 100644 --- a/pkgs/python-packages/pyln-proto/default.nix +++ b/pkgs/python-packages/pyln-proto/default.nix @@ -29,4 +29,9 @@ buildPythonPackage rec { checkInputs = [ pytestCheckHook ]; postUnpack = "sourceRoot=$sourceRoot/contrib/pyln-proto"; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace-fail 'cryptography = "^42"' 'cryptography = "43.0.1"' + ''; } diff --git a/test/clightning-replication.nix b/test/clightning-replication.nix index 729dd85..65382ea 100644 --- a/test/clightning-replication.nix +++ b/test/clightning-replication.nix @@ -14,6 +14,8 @@ let clientBaseConfig = { imports = [ ../modules/modules.nix ]; + system.switch.enable = true; + nixpkgs.pkgs = pkgs; nix-bitcoin.generateSecrets = true; diff --git a/test/lib/extra-container-check-version.sh b/test/lib/extra-container-check-version.sh index 1daf42e..a78a0bd 100644 --- a/test/lib/extra-container-check-version.sh +++ b/test/lib/extra-container-check-version.sh @@ -1,7 +1,7 @@ containerBin=$(type -P extra-container) || true -if [[ ! ($containerBin && $(realpath "$containerBin") == *extra-container-0.12*) ]]; then +if [[ ! ($containerBin && $(realpath "$containerBin") == *extra-container-0.13*) ]]; then echo - echo "Building extra-container. Skip this step by adding extra-container 0.12 to PATH." + echo "Building extra-container. Skip this step by adding extra-container 0.13 to PATH." nix build --out-link /tmp/extra-container "${BASH_SOURCE[0]%/*}"/../..#extra-container # When this script is run as root, e.g. when run in an extra-container shell, # chown the gcroot symlink to the regular (login) user so that the symlink can be diff --git a/test/tests.py b/test/tests.py index 4dee84c..fb0fe05 100644 --- a/test/tests.py +++ b/test/tests.py @@ -452,10 +452,10 @@ def _(): def expect_clightning_log(str): machine.wait_until_succeeds(log_has_string("clightning", str)) - expect_clightning_log("plugin-trustedcoin[^^]\[0m\s+bitcoind RPC working") + expect_clightning_log(r"plugin-trustedcoin\b.*?\bbitcoind RPC working") if "regtest" in enabled_tests: num_blocks = test_data["num_blocks"] - expect_clightning_log(f"plugin-trustedcoin[^^]\[0m\s+returning block {num_blocks}") + expect_clightning_log(rf"plugin-trustedcoin\b.*?\breturning block {num_blocks}") if "netns-isolation" in enabled_tests: