Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

electrs breaks when the datadir variable is set #86

Open
stevenroose opened this issue Jul 10, 2019 · 8 comments

Comments

Projects
None yet
3 participants
@stevenroose
Copy link

commented Jul 10, 2019

I set the electrs.dataDir variable to some other location and I'm getting these logs in electrs:

Jul 10 08:55:55 dasilva-nix s4j86k2qkxz8473v1gy7xh3q5jfxp743-unit-script-electrs-pre-start[1425]: chmod: cannot access '/media/bitcoin-extra/electrs/startscript.sh': No such file or directory

So I suppose this startscript.sh script is somehow hard-coded into a path, but then the datadir is used to invoke it. Why isn't that script really hardcoded and just put in some hardcoded location?

@stevenroose

This comment has been minimized.

Copy link
Author

commented Jul 10, 2019

So I guess it would either need a change like this:

diff --git a/modules/electrs.nix b/modules/electrs.nix
index 524bbd1..657c4c9 100644
--- a/modules/electrs.nix
+++ b/modules/electrs.nix
@@ -66,7 +66,7 @@ in {
       preStart = ''
         mkdir -m 0770 -p ${cfg.dataDir}
         chown 'electrs:electrs' ${cfg.dataDir}
-        echo "${pkgs.electrs}/bin/electrs -vvv ${index-batch-size} ${jsonrpc-import} --timestamp --db-dir ${cfg.dataDir} --daemon-dir /var/lib/bitcoind --cookie=${config.services.bitcoind.rpcuser}:$(cat /secrets/bitcoin-rpcpassword) --electrum-rpc-addr=127.0.0.1:${toString cfg.port}" > /var/lib/electrs/startscript.sh
+        echo "${pkgs.electrs}/bin/electrs -vvv ${index-batch-size} ${jsonrpc-import} --timestamp --db-dir ${cfg.dataDir} --daemon-dir /var/lib/bitcoind --cookie=${config.services.bitcoind.rpcuser}:$(cat /secrets/bitcoin-rpcpassword) --electrum-rpc-addr=127.0.0.1:${toString cfg.port}" > ${cfg.dataDir}/startscript.sh
         chown -R 'electrs:electrs' ${cfg.dataDir}
         chmod u+x ${cfg.dataDir}/startscript.sh
         '';    

Or like this:

diff --git a/modules/electrs.nix b/modules/electrs.nix
index 524bbd1..04e3ade 100644
--- a/modules/electrs.nix
+++ b/modules/electrs.nix
@@ -68,11 +68,11 @@ in {
         chown 'electrs:electrs' ${cfg.dataDir}
         echo "${pkgs.electrs}/bin/electrs -vvv ${index-batch-size} ${jsonrpc-import} --timestamp --db-dir ${cfg.dataDir} --daemon-dir /var/lib/bitcoind --cookie=${config.services.bitcoind.rpcuser}:$(cat /secrets/bitcoin-rpcpassword) --electrum-rpc-addr=127.0.0.1:${toString cfg.port}" > /var/lib/electrs/startscript.sh
         chown -R 'electrs:electrs' ${cfg.dataDir}
-        chmod u+x ${cfg.dataDir}/startscript.sh
+        chmod u+x /var/lib/electrs/startscript.sh
         '';    
       serviceConfig = {
         PermissionsStartOnly = "true";
-        ExecStart = "${pkgs.bash}/bin/bash ${cfg.dataDir}/startscript.sh";
+        ExecStart = "${pkgs.bash}/bin/bash /var/lib/electrs/startscript.sh";
         User = "electrs";
         Restart = "on-failure";
         RestartSec = "10s";

I guess I like the second one better. There is no need for the script to be in the datadir.

@jonasnick

This comment has been minimized.

Copy link
Member

commented Jul 11, 2019

Both versions are fine, although I'd have a preference for the first one as this would mean that the startscript is always in the datadir vs. it is only when you use the default datadir. I think the second one also needs to make sure that /var/lib/electrs exists.

@stevenroose

This comment has been minimized.

Copy link
Author

commented Jul 11, 2019

I agree with the "only sometimes in the datadir" issue. In principle it shouldn't be in the datadir, right? So we should kinda write it somewhere hidden. Not sure what are nix-conventional paths that packages can use, probably /var/lib/name is the one? I won't propose changing the default datadir, though.

Opinion, @nixbitcoin? Otherwise I can just PR the first change.

@jonasnick

This comment has been minimized.

Copy link
Member

commented Jul 11, 2019

In principle it shouldn't be in the datadir, right?

Yes, I agree. Perhaps it would be best to write it to a temporary dir? It's not supposed to persist or be written to anyway.

@nixbitcoin

This comment has been minimized.

Copy link
Member

commented Jul 16, 2019

Yes, startscript.sh should be written to a temporary dir that only the electrs user has access to.

The original reason for creating the startscript and not just running ${pkgs.electrs}/bin/electrs -vvv ${index-batch-size} ${jsonrpc-import} --timestamp --db-dir ${cfg.dataDir} --daemon-dir /var/lib/bitcoind --cookie=${config.services.bitcoind.rpcuser}:$(cat /secrets/bitcoin-rpcpassword) --electrum-rpc-addr=127.0.0.1:${toString cfg.port} was to avoid exposing the bitcoin rpc password to processes running under other users. I'm running ps -aux from different users and can't seem to see any electrs commands except by running ps -aux under root or electrs. Would it be better to just get rid of startscript.sh and put all this stuff in ExecStart?

@jonasnick

This comment has been minimized.

Copy link
Member

commented Jul 16, 2019

Right, if $(cat /secrets/bitcoin-rpcpassword) works in ExecStart should be equivalent security wise but simpler code wise.

@nixbitcoin

This comment has been minimized.

Copy link
Member

commented Jul 16, 2019

ACK. @stevenroose do you want to take this one?

@stevenroose

This comment has been minimized.

Copy link
Author

commented Jul 19, 2019

#93

Gave it a shot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.