diff options
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/networking/bee-clef.nix | 107 | ||||
-rw-r--r-- | nixos/modules/services/networking/bee.nix | 9 | ||||
-rw-r--r-- | pkgs/applications/networking/bee/0001-clef-service-accept-default-CONFIGDIR-from-the-envir.patch | 44 | ||||
-rw-r--r-- | pkgs/applications/networking/bee/0002-nix-diff-for-substituteAll.patch | 25 | ||||
-rw-r--r-- | pkgs/applications/networking/bee/bee-clef.nix | 57 | ||||
-rw-r--r-- | pkgs/applications/networking/bee/ensure-clef-account | 47 | ||||
-rw-r--r-- | pkgs/top-level/aliases.nix | 1 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
9 files changed, 1 insertions, 292 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index ec022713e12e..d7e1dfe2c654 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -897,7 +897,6 @@ ./services/networking/autossh.nix ./services/networking/avahi-daemon.nix ./services/networking/babeld.nix - ./services/networking/bee-clef.nix ./services/networking/bee.nix ./services/networking/biboumi.nix ./services/networking/bind.nix diff --git a/nixos/modules/services/networking/bee-clef.nix b/nixos/modules/services/networking/bee-clef.nix deleted file mode 100644 index 75e76f019a71..000000000000 --- a/nixos/modules/services/networking/bee-clef.nix +++ /dev/null @@ -1,107 +0,0 @@ -{ config, lib, pkgs, ... }: - -# NOTE for now nothing is installed into /etc/bee-clef/. the config files are used as read-only from the nix store. - -with lib; -let - cfg = config.services.bee-clef; -in { - meta = { - maintainers = with maintainers; [ attila-lendvai ]; - }; - - ### interface - - options = { - services.bee-clef = { - enable = mkEnableOption (lib.mdDoc "clef external signer instance for Ethereum Swarm Bee"); - - dataDir = mkOption { - type = types.nullOr types.str; - default = "/var/lib/bee-clef"; - description = lib.mdDoc '' - Data dir for bee-clef. Beware that some helper scripts may not work when changed! - The service itself should work fine, though. - ''; - }; - - passwordFile = mkOption { - type = types.nullOr types.str; - default = "/var/lib/bee-clef/password"; - description = lib.mdDoc "Password file for bee-clef."; - }; - - user = mkOption { - type = types.str; - default = "bee-clef"; - description = lib.mdDoc '' - User the bee-clef daemon should execute under. - ''; - }; - - group = mkOption { - type = types.str; - default = "bee-clef"; - description = lib.mdDoc '' - Group the bee-clef daemon should execute under. - ''; - }; - }; - }; - - ### implementation - - config = mkIf cfg.enable { - # if we ever want to have rules.js under /etc/bee-clef/ - # environment.etc."bee-clef/rules.js".source = ${pkgs.bee-clef}/rules.js - - systemd.packages = [ pkgs.bee-clef ]; # include the upstream bee-clef.service file - - systemd.tmpfiles.rules = [ - "d '${cfg.dataDir}/' 0750 ${cfg.user} ${cfg.group}" - "d '${cfg.dataDir}/keystore' 0700 ${cfg.user} ${cfg.group}" - ]; - - systemd.services.bee-clef = { - path = [ - # these are needed for the ensure-clef-account script - pkgs.coreutils - pkgs.gnused - pkgs.gawk - ]; - - wantedBy = [ "bee.service" "multi-user.target" ]; - - serviceConfig = { - User = cfg.user; - Group = cfg.group; - ExecStartPre = ''${pkgs.bee-clef}/share/bee-clef/ensure-clef-account "${cfg.dataDir}" "${pkgs.bee-clef}/share/bee-clef/"''; - ExecStart = [ - "" # this hides/overrides what's in the original entry - "${pkgs.bee-clef}/share/bee-clef/bee-clef-service start" - ]; - ExecStop = [ - "" # this hides/overrides what's in the original entry - "${pkgs.bee-clef}/share/bee-clef/bee-clef-service stop" - ]; - Environment = [ - "CONFIGDIR=${cfg.dataDir}" - "PASSWORD_FILE=${cfg.passwordFile}" - ]; - }; - }; - - users.users = optionalAttrs (cfg.user == "bee-clef") { - bee-clef = { - group = cfg.group; - home = cfg.dataDir; - isSystemUser = true; - description = "Daemon user for the bee-clef service"; - }; - }; - - users.groups = optionalAttrs (cfg.group == "bee-clef") { - bee-clef = {}; - }; - }; -} diff --git a/nixos/modules/services/networking/bee.nix b/nixos/modules/services/networking/bee.nix index 962cfd30c3fe..9854142a2df2 100644 --- a/nixos/modules/services/networking/bee.nix +++ b/nixos/modules/services/networking/bee.nix @@ -73,13 +73,10 @@ in { } ]; - warnings = optional (! config.services.bee-clef.enable) "The bee service requires an external signer. Consider setting `config.services.bee-clef.enable` = true"; - services.bee.settings = { data-dir = lib.mkDefault "/var/lib/bee"; password-file = lib.mkDefault "/var/lib/bee/password"; clef-signer-enable = lib.mkDefault true; - clef-signer-endpoint = lib.mkDefault "/var/lib/bee-clef/clef.ipc"; swap-endpoint = lib.mkDefault "https://rpc.slock.it/goerli"; }; @@ -90,9 +87,6 @@ in { ]; systemd.services.bee = { - requires = optional config.services.bee-clef.enable - "bee-clef.service"; - wantedBy = [ "multi-user.target" ]; serviceConfig = { @@ -120,7 +114,6 @@ Bee has SWAP enabled by default and it needs ethereum endpoint to operate. It is recommended to use external signer with bee. Check documentation for more info: - SWAP https://docs.ethswarm.org/docs/installation/manual#swap-bandwidth-incentives -- External signer https://docs.ethswarm.org/docs/installation/bee-clef After you finish configuration run 'sudo bee-get-addr'." fi @@ -133,8 +126,6 @@ After you finish configuration run 'sudo bee-get-addr'." home = cfg.settings.data-dir; isSystemUser = true; description = "Daemon user for Ethereum Swarm Bee"; - extraGroups = optional config.services.bee-clef.enable - config.services.bee-clef.group; }; }; diff --git a/pkgs/applications/networking/bee/0001-clef-service-accept-default-CONFIGDIR-from-the-envir.patch b/pkgs/applications/networking/bee/0001-clef-service-accept-default-CONFIGDIR-from-the-envir.patch deleted file mode 100644 index fb551646b7c6..000000000000 --- a/pkgs/applications/networking/bee/0001-clef-service-accept-default-CONFIGDIR-from-the-envir.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 04933c578f51aa1f536991318dc5aede57f81c0d Mon Sep 17 00:00:00 2001 -From: Attila Lendvai <attila@lendvai.name> -Date: Sat, 30 Jan 2021 14:02:02 +0100 -Subject: [PATCH 1/2] clef-service: accept default CONFIGDIR from the - environment - ---- - packaging/bee-clef-service | 15 ++++++++++----- - 1 file changed, 10 insertions(+), 5 deletions(-) - -diff --git a/packaging/bee-clef-service b/packaging/bee-clef-service -index 10bcd92..34c7edd 100755 ---- a/packaging/bee-clef-service -+++ b/packaging/bee-clef-service -@@ -1,16 +1,21 @@ - #!/usr/bin/env sh - - start() { -- KEYSTORE=/var/lib/bee-clef/keystore -- CONFIGDIR=/var/lib/bee-clef -+ if [ -z "$CONFIGDIR" ]; then -+ CONFIGDIR=/var/lib/bee-clef -+ fi -+ if [ -z "$PASSWORD_FILE" ]; then -+ PASSWORD_FILE=${CONFIGDIR}/password -+ fi -+ KEYSTORE=${CONFIGDIR}/keystore -+ SECRET=$(cat ${PASSWORD_FILE}) - CHAINID=5 -- SECRET=$(cat /var/lib/bee-clef/password) - # clef with every start sets permissions back to 600 -- (sleep 4; chmod 660 /var/lib/bee-clef/clef.ipc) & -+ (sleep 4; chmod 660 ${CONFIGDIR}/clef.ipc) & - ( sleep 2; cat << EOF - { "jsonrpc": "2.0", "id":1, "result": { "text":"$SECRET" } } - EOF --) | clef --stdio-ui --keystore $KEYSTORE --configdir $CONFIGDIR --chainid $CHAINID --rules /etc/bee-clef/rules.js --nousb --4bytedb-custom /etc/bee-clef/4byte.json --pcscdpath "" --auditlog "" --loglevel 3 --ipcpath /var/lib/bee-clef -+) | clef --stdio-ui --keystore $KEYSTORE --configdir $CONFIGDIR --chainid $CHAINID --rules /etc/bee-clef/rules.js --nousb --4bytedb-custom /etc/bee-clef/4byte.json --pcscdpath "" --auditlog "" --loglevel 3 --ipcpath ${CONFIGDIR} - } - - stop() { --- -2.29.2 - diff --git a/pkgs/applications/networking/bee/0002-nix-diff-for-substituteAll.patch b/pkgs/applications/networking/bee/0002-nix-diff-for-substituteAll.patch deleted file mode 100644 index 611aed0b890a..000000000000 --- a/pkgs/applications/networking/bee/0002-nix-diff-for-substituteAll.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 1a1ab986245e8b74648a1a0adb5d1c7019561d18 Mon Sep 17 00:00:00 2001 -From: Attila Lendvai <attila@lendvai.name> -Date: Sat, 30 Jan 2021 15:24:57 +0100 -Subject: [PATCH 2/2] nix diff for substituteAll - ---- - packaging/bee-clef-service | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/packaging/bee-clef-service b/packaging/bee-clef-service -index 34c7edd..31e9d95 100755 ---- a/packaging/bee-clef-service -+++ b/packaging/bee-clef-service -@@ -15,7 +15,7 @@ start() { - ( sleep 2; cat << EOF - { "jsonrpc": "2.0", "id":1, "result": { "text":"$SECRET" } } - EOF --) | clef --stdio-ui --keystore $KEYSTORE --configdir $CONFIGDIR --chainid $CHAINID --rules /etc/bee-clef/rules.js --nousb --4bytedb-custom /etc/bee-clef/4byte.json --pcscdpath "" --auditlog "" --loglevel 3 --ipcpath ${CONFIGDIR} -+) | @clefBinary@ --stdio-ui --keystore $KEYSTORE --configdir $CONFIGDIR --chainid $CHAINID --rules @out@/share/bee-clef/rules.js --nousb --4bytedb-custom @out@/share/bee-clef/4byte.json --pcscdpath "" --auditlog "" --loglevel 3 --ipcpath ${CONFIGDIR} - } - - stop() { --- -2.29.2 - diff --git a/pkgs/applications/networking/bee/bee-clef.nix b/pkgs/applications/networking/bee/bee-clef.nix deleted file mode 100644 index 9e36f8670d46..000000000000 --- a/pkgs/applications/networking/bee/bee-clef.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ version ? "release", stdenv, lib, fetchFromGitHub, go-ethereum }: - -stdenv.mkDerivation rec { - pname = "bee-clef"; - version = "0.4.7"; - - src = fetchFromGitHub { - owner = "ethersphere"; - repo = "bee-clef"; - rev = "refs/tags/v${version}"; - sha256 = "1sfwql0kvnir8b9ggpqcyc0ar995gxgfbhqb1xpfzp6wl0g3g4zz"; - }; - - buildInputs = [ go-ethereum ]; - - clefBinary = "${go-ethereum}/bin/clef"; - - patches = [ - ./0001-clef-service-accept-default-CONFIGDIR-from-the-envir.patch - ./0002-nix-diff-for-substituteAll.patch - ]; - - dontBuild = true; - - installPhase = '' - mkdir -p $out/bin/ - mkdir -p $out/share/bee-clef/ - mkdir -p $out/lib/systemd/system/ - cp packaging/bee-clef.service $out/lib/systemd/system/ - substituteAll packaging/bee-clef-service $out/share/bee-clef/bee-clef-service - substituteAll ${./ensure-clef-account} $out/share/bee-clef/ensure-clef-account - substituteAll packaging/bee-clef-keys $out/bin/bee-clef-keys - cp packaging/rules.js packaging/4byte.json $out/share/bee-clef/ - chmod +x $out/bin/bee-clef-keys - chmod +x $out/share/bee-clef/bee-clef-service - chmod +x $out/share/bee-clef/ensure-clef-account - patchShebangs $out/ - ''; - - meta = with lib; { - # homepage = "https://gateway.ethswarm.org/bzz/docs.swarm.eth/docs/installation/bee-clef/"; - homepage = "https://docs.ethswarm.org/docs/installation/bee-clef"; - description = "External signer for Ethereum Swarm Bee"; - longDescription = '' - clef is go-ethereum's external signer. - - bee-clef is a package that starts up a vanilla clef instance as a systemd service, - but configured in such a way that is suitable for bee (relaxed security for - automated operation). - - This package contains the files necessary to run the bee-clef service. - ''; - license = with licenses; [ bsd3 ]; - maintainers = with maintainers; [ attila-lendvai ]; - platforms = go-ethereum.meta.platforms; - }; -} diff --git a/pkgs/applications/networking/bee/ensure-clef-account b/pkgs/applications/networking/bee/ensure-clef-account deleted file mode 100644 index def67ff9cc33..000000000000 --- a/pkgs/applications/networking/bee/ensure-clef-account +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/env sh - -set -e - -# NOTE This file is called by the systemd service in its preStart -# hook, but it's not Nix specific in any way. Ideally, the same file -# should be called from the postinst scripts of the other packages, -# but... the world is not ideal. - -# What follows was extracted from, and should be in sync with -# https://github.com/ethersphere/bee-clef/tree/master/packaging - -DATA_DIR="$1" -CONFIG_DIR="$2" -PASSWORD_FILE=${DATA_DIR}/password -MASTERSEED=${DATA_DIR}/masterseed.json -KEYSTORE=${DATA_DIR}/keystore - -echo "ensure-clef-account $DATA_DIR $CONFIG_DIR" - -if ! test -f ${PASSWORD_FILE}; then - < /dev/urandom tr -dc _A-Z-a-z-0-9 2> /dev/null | head -c32 > ${PASSWORD_FILE} - chmod 0400 ${PASSWORD_FILE} - echo "Initialized ${PASSWORD_FILE} from /dev/urandom" -fi - -if ! test -f ${MASTERSEED}; then - parse_json() { echo $1|sed -e 's/[{}]/''/g'|sed -e 's/", "/'\",\"'/g'|sed -e 's/" ,"/'\",\"'/g'|sed -e 's/" , "/'\",\"'/g'|sed -e 's/","/'\"---SEPERATOR---\"'/g'|awk -F=':' -v RS='---SEPERATOR---' "\$1~/\"$2\"/ {print}"|sed -e "s/\"$2\"://"|tr -d "\n\t"|sed -e 's/\\"/"/g'|sed -e 's/\\\\/\\/g'|sed -e 's/^[ \t]*//g'|sed -e 's/^"//' -e 's/"$//' ; } - SECRET=$(cat ${PASSWORD_FILE}) - CLEF="@clefBinary@ --configdir ${DATA_DIR} --keystore ${KEYSTORE} --stdio-ui" - $CLEF init >/dev/null << EOF -$SECRET -$SECRET -EOF - $CLEF newaccount >/dev/null << EOF -$SECRET -EOF - $CLEF setpw 0x$(parse_json $(cat ${KEYSTORE}/*) address) >/dev/null << EOF -$SECRET -$SECRET -$SECRET -EOF - $CLEF attest $(sha256sum ${CONFIG_DIR}/rules.js | cut -d' ' -f1 | tr -d '\n') >/dev/null << EOF -$SECRET -EOF - echo "Clef data dir initialized" -fi diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 5c8847a493be..b9a8f74908d6 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -97,6 +97,7 @@ mapAliases ({ bazel_3 = throw "bazel 3 is past end of life as it is not an lts version"; # Added 2023-02-02 bedup = throw "bedup was removed because it was broken and abandoned upstream"; # added 2023-02-04 bee-unstable = throw "bee-unstable has been removed, use 'bee' instead"; # Added 2024-02-12 + bee-clef = throw "bee-clef has been removed as the upstream project was archived"; # Added 2024-02-12 beignet = throw "beignet was removed as it was never ported from old llvmPackages_6 upstream"; # added 2024-01-08 binance = throw "binance has been removed, because it depends on a very outdated and insecure version of electron"; # Added 2023-11-09 bird2 = bird; # Added 2022-02-21 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 3b85bbc974b1..d6dc837a5b1f 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6623,8 +6623,6 @@ with pkgs; bee = callPackage ../applications/networking/bee/bee.nix { }; - bee-clef = callPackage ../applications/networking/bee/bee-clef.nix { }; - beetsPackages = lib.recurseIntoAttrs (callPackage ../tools/audio/beets { }); inherit (beetsPackages) beets beets-unstable; |