Erik Arvstedt
020433cec6
services: add helper fn setAllowedIPAddresses
...
Also use 'allowLocalIPAddresses' instead of 'allowTor' in bitcoind-import-banlist
which doesn't use Tor.
2021-03-22 13:20:45 +01:00
Erik Arvstedt
cdf27d9d0c
bitcoind: improve service timeouts
...
- Improve readability by using minutes
- set `TimeoutStopSec` like in bitcoin/contrib/init/bitcoind.service.
Stopping bitcoind can exceed the default timeout during IBD.
2021-03-16 12:46:19 +01:00
Erik Arvstedt
09cd3ce5e4
lnd: show curl error messages
2021-03-16 12:46:19 +01:00
Erik Arvstedt
d214605b32
spark-wallet: add flakes compatibility
...
Pure flakes can't use NIX_PATH.
2021-03-16 12:46:19 +01:00
Erik Arvstedt
81db927f66
spark-wallet/generate: remove supplement.json
...
This file is empty and has no effect.
2021-03-16 12:46:19 +01:00
Erik Arvstedt
84b3217c3d
fetch-release: minor improvements
...
This script is potentially fetched from an untrusted source and should
be in good shape to be easily auditable.
- Create just one TMPDIR
- Improve comments
- Use `cut` to extract sha256
- Use camelCase var names like in other scripts
2021-03-16 12:46:18 +01:00
Erik Arvstedt
45d0964e27
examples/shell.nix: minor improvements
...
- Use idiomatic var name `pkgs` for the imported nixpkgs.
- Don't add `figlet` to PATH because it's only used internally.
- Only print figlet in interactive shells to avoid interfering with
stdout when running `nix-shell --run <cmd>`.
- Define `fetch-release` as a function to enable running it via
`nix-shell --run fetch-release`
2021-03-16 12:46:18 +01:00
Erik Arvstedt
cc7149eb78
examples: improve robustness of deploy scripts
...
- The scripts now work within arbitrary nix-shells.
Previously, they failed when run from nix shells other than
`examples/shell.nix`.
- The scripts now work from arbitrary working dirs.
2021-03-16 12:46:18 +01:00
Jonas Nick
4022f86b92
Merge #296 : Remove nixops examples and as recommended deployment method; replace with krops
...
520a983862
docs: nixops-krops migration guide (nixbitcoin)
7c0b521785
docs: describe deploying with krops in installation tutorial (Jonas Nick)
eb6dff5478
docs: various improvements to installation tutorial (Jonas Nick)
e8b47f099c
examples: add deploy-krops.sh (Erik Arvstedt)
fe118b28ff
examples: add krops deployment method (Jonas Nick)
e017675d5e
krops: add package (Jonas Nick)
03db1a61b1
lnd, joinmarket: don't write to secrets dir (Erik Arvstedt)
55d87490ec
secrets: make configuration more robust (Erik Arvstedt)
b0c223e716
secrets: don't stop services when the secrets target stops (Erik Arvstedt)
b701cb5603
secrets: add option 'generateSecrets' (Erik Arvstedt)
03515a8da6
examples/qemu: disable hardened preset (Erik Arvstedt)
908af3bfb8
examples/deploy-qemu-vm: show progress when waiting (Erik Arvstedt)
ccba86a0f0
examples: extract common features for running QEMU VMs (Erik Arvstedt)
cb3d5446c8
examples: use relative paths to example files (Erik Arvstedt)
a4dabc7390
Remove nixops examples and documentation (Jonas Nick)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 520a983862
Tree-SHA512: 380fcda3528e703e8a218f92a216befbee6cc279952388b2df48c1bcb803b72336bbe6e4deed87f3f26caba7a5cb5ab60c2bcabf2b13eba56f34c47eb02e128a
2021-03-15 19:03:47 +00:00
nixbitcoin
520a983862
docs: nixops-krops migration guide
2021-03-15 19:02:58 +01:00
Jonas Nick
7c0b521785
docs: describe deploying with krops in installation tutorial
2021-03-15 19:02:58 +01:00
Jonas Nick
eb6dff5478
docs: various improvements to installation tutorial
...
- Update nixos iso
- Make sure to be root before parting and give instructions for checking
UEFI vs. legacy
- Instead of making user replace automatically generated nixos config,
explain how to add options.
- Add boot.loader options directly to hardware-configuration.nix
- Copy .gitignore when setting up a deployment dir
- Stress that the first config that is deployed remotely must include ssh key.
- Debian: 9 Strech -> Debian 10 Buster
- nix: 2.3.3 -> 2.3.10
2021-03-15 19:02:58 +01:00
Erik Arvstedt
e8b47f099c
examples: add deploy-krops.sh
2021-03-15 19:02:58 +01:00
Jonas Nick
fe118b28ff
examples: add krops deployment method
2021-03-15 18:53:07 +01:00
Jonas Nick
e017675d5e
krops: add package
2021-03-15 18:53:07 +01:00
Erik Arvstedt
03db1a61b1
lnd, joinmarket: don't write to secrets dir
...
Keeping the secrets dir read-only is more simple and robust.
- lnd seed mnemonic creation and joinmarket wallet creation can be
run as the regular service user instead of root.
- It is easier to switch to a third-party secrets deployment
method in the future.
Don't create a seed mnemonic for lnd when a wallet exists.
This avoids creating unused mnemonics and helps simplifying
the migration command in `versioning.nix`.
2021-03-15 18:50:15 +01:00
Erik Arvstedt
55d87490ec
secrets: make configuration more robust
...
- Fail at evaluation when secrets setup is not configured.
Previously, bitcoind failed at runtime due to the missing secrets target.
- Fail at evaluation when conflicting secrets setup methods are used.
This happens when `secretsSetupMethod` has more than one definition.
2021-03-15 12:42:52 +00:00
Erik Arvstedt
b0c223e716
secrets: don't stop services when the secrets target stops
...
With krops or nixops the secrets target is always restarted during
the deployment process.
This previously caused unnecessary restarts of all nix-bitcoin services.
2021-03-15 12:42:52 +00:00
Erik Arvstedt
b701cb5603
secrets: add option 'generateSecrets'
...
Move this feature from a module preset to a regular option, so that it's
easily discoverable and accessible.
Simplify the implementation of `generateSecrets` by adding it to the
existing `setup-secrets` service script.
Also rename option setup-secrets -> setupSecrets.
2021-03-15 12:42:52 +00:00
Erik Arvstedt
03515a8da6
examples/qemu: disable hardened preset
...
- Hardening is irrelevant in examples
- The decreased performance is especially noticeable in VMs
2021-03-15 12:42:52 +00:00
Erik Arvstedt
908af3bfb8
examples/deploy-qemu-vm: show progress when waiting
...
This improves the user experience on VM startup, which can take a few
seconds.
2021-03-15 12:42:51 +00:00
Erik Arvstedt
ccba86a0f0
examples: extract common features for running QEMU VMs
...
Needed by commit: "examples: add deploy-krops.sh"
2021-03-15 12:42:51 +00:00
Erik Arvstedt
cb3d5446c8
examples: use relative paths to example files
...
This ensures that the examples files from the current example dir are used.
Previously, the default examples from the nix-bitcoin source were used.
2021-03-15 12:42:51 +00:00
Jonas Nick
a4dabc7390
Remove nixops examples and documentation
2021-03-15 12:42:47 +00:00
Jonas Nick
b07185915a
Merge #331 : nixops: remove libvirtd plugin
...
f1064761d7
nixops: remove libvirtd plugin (nixbitcoin)
Pull request description:
ACKs for top commit:
jonasnick:
ACK f1064761d7
erikarvstedt:
ACK f1064761d7
Tree-SHA512: 66c8fc20c2f210d5d37025cc1772330354a6a8ecbdb1fb9e8fcd1391030485c936ab28647f739bd90b083d627602ade39a5575114d69db8e8d1375989d5cdd0e
2021-03-14 14:42:43 +00:00
Jonas Nick
1377cf5147
Merge #337 : joinmarket: 0.8.1 -> 0.8.2
...
5ead2a7075
joinmarket: 0.8.1 -> 0.8.2 (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 5ead2a7075
Tree-SHA512: 2ac87f74a1008c058adef81d11049d985a64f435d75ef61584e8debdcc985f78c1d43430c09ee71c247a93908a5ba3a1efdcf91b0666a84b3269509a99685343
2021-03-10 21:24:12 +00:00
nixbitcoin
5ead2a7075
joinmarket: 0.8.1 -> 0.8.2
...
- add SNICKER to default config
- update package
- ob-watcher: copy vendorized js and css dependencies
- add missing dependency to jmbase
- use cryptography from pinned.nixpkgs-unstable
2021-03-10 13:33:49 +00:00
Jonas Nick
24b0824f4e
Merge #335 : lightning-loop: 0.11.3-beta -> 0.12.0-beta
...
6c9c820862
lightning-loop: 0.11.3-beta -> 0.12.0-beta (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 6c9c820862
Tree-SHA512: bd425e415c8a4aba370ad5bec48572d27f2d5c063b3eb88f60027acb9294fb1ddda9f5276e4930cf01342089e4fa2b7692f1b1cd6e25581879e8226fa1d74c48
2021-03-08 07:30:59 +00:00
nixbitcoin
6c9c820862
lightning-loop: 0.11.3-beta -> 0.12.0-beta
2021-03-07 18:28:08 +00:00
Jonas Nick
820de2e4c9
Merge #313 : Lightning pool
...
eb21012745
pool: add pkg, module & tests (kon)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK eb21012745
nixbitcoin:
ACK eb21012745
Tree-SHA512: 0083b5f7bcc803c475cce3414923f43df0b80d6b85aaa54d6b5da637f2aaa7ea6e7525a5eff41be49921bed0214972e356c79b6e4086468c13716c925ec6f8b0
2021-03-01 21:52:20 +00:00
kon
eb21012745
pool: add pkg, module & tests
2021-03-01 10:59:35 +01:00
Jonas Nick
f214a703a5
Merge #332 : update nixpkgs-unstable
...
32acaa5f48
update nixpkgs-unstable (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 32acaa5f48
jonasnick:
ACK 32acaa5f48
Tree-SHA512: b688c81da82ef5166fc8074471187f72188b3fb5dc455a9b24c5e3497e3406898185acd2e551356af3300578b2b98eeabf22edcbb7614f02f6ca34afa05b05b0
2021-02-25 08:03:24 +00:00
Jonas Nick
f66b2d569b
Merge #333 : electrs: v0.8.7 -> v0.8.8
...
eaa58505a7
electrs: v0.8.7 -> v0.8.8 (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK eaa58505a7
Tree-SHA512: 2de1bc08b4dd4ede38d8b98d58c85eb220003e491a7a16529b5a443576022b7ac067698ef8fa9336ee1af09e3e8db349291403e89ef40167b1ad46b2b0aefd01
2021-02-24 09:01:04 +00:00
Jonas Nick
e4fda43682
Merge #334 : bitcoind: secure-node remove assumevalid
...
b1c9e13033
bitcoind: secure-node remove assumevalid (nixbitcoin)
Pull request description:
ACKs for top commit:
nixbitcoin:
> ACK [b1c9e13
](b1c9e13033
)
erikarvstedt:
ACK b1c9e13033
Tree-SHA512: 85ad81a8f68f9d9a40f5331604c1fdecdfde595cd13d577ede210de178a7892d8c2f47ed9755a029cbcf3f50d2afdf03661bf69e865f19e08b8150d3e4c23468
2021-02-24 09:00:04 +00:00
nixbitcoin
b1c9e13033
bitcoind: secure-node remove assumevalid
2021-02-23 11:04:31 +00:00
nixbitcoin
32acaa5f48
update nixpkgs-unstable
...
btcpayserver: 1.0.5.9 -> 1.0.6.8
nbxplorer: 2.1.46 -> 2.1.49
2021-02-23 10:57:55 +00:00
nixbitcoin
eaa58505a7
electrs: v0.8.7 -> v0.8.8
2021-02-23 10:51:43 +00:00
nixbitcoin
f1064761d7
nixops: remove libvirtd plugin
...
Fix "Package 'libvirt-5.9.0' is marked as insecure, refusing to
evaluate."
2021-02-23 10:36:30 +00:00
Jonas Nick
e160e17dca
Merge #325 : bitcoind: enable cookie-based authentication
...
4e9059dc07
bitcoind: rename group bitcoinrpc -> bitcoinrpc-public (nixbitcoin)
19e401b028
bitcoind: enable cookie-based authentication (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 4e9059dc07
Tree-SHA512: 9795a0fe7fdd84bc3ae94b882b106f7169205e3196ecdfc6dad01c4f2d62380711b6504f221a90f21e8cc34cda2e12df05a245d5c54f9ed7846d74835cac5e19
2021-02-18 12:08:44 +00:00
nixbitcoin
4e9059dc07
bitcoind: rename group bitcoinrpc -> bitcoinrpc-public
...
This makes it clear that services with this group can only use
public RPC calls.
2021-02-18 10:42:21 +00:00
nixbitcoin
19e401b028
bitcoind: enable cookie-based authentication
2021-02-18 10:40:09 +00:00
Jonas Nick
bcad047757
Merge #324 : Fix lnd onion
...
ecc601a6d6
onion-addresses: mirror nix-bitcoin.onionAddresses.access behavior (nixbitcoin)
e873326bfe
modules: use user & group options (nixbitcoin)
ccef870b74
spark-wallet: add user & group options (nixbitcoin)
85a1722545
lnd: add user & group options (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK ecc601a6d6
Tree-SHA512: 39da5f8e01b98a676af8a073c11df64df487b5c3ab01327a227d16f215826f5bf15ca9ac21b59934edc5e2bbb87e397c53fcbf7130bd10b00f1df359ab3328ba
2021-02-17 19:08:06 +00:00
nixbitcoin
ecc601a6d6
onion-addresses: mirror nix-bitcoin.onionAddresses.access behavior
...
This commit fixes an issue with LND, in which if both
nix-bitcoin.onionServices.lnd.public &
services.lnd.restOnionService.enable were enabled, one would try to
create a file named `lnd` and the other would try to create a directory
named `lnd` with a file named `lnd-rest` inside it. This would obiously
cause an error and fail the LND service.
2021-02-17 11:50:47 +00:00
nixbitcoin
e873326bfe
modules: use user & group options
...
I've tried my best to locate all uses of hardcoded usernames, but its
not guaranteed that all have been found/fixed.
2021-02-17 11:50:25 +00:00
nixbitcoin
ccef870b74
spark-wallet: add user & group options
2021-02-17 11:50:07 +00:00
nixbitcoin
85a1722545
lnd: add user & group options
2021-02-17 11:49:51 +00:00
Jonas Nick
eddc48ee62
Merge #322 : run-tests: Fix interrupt handling for --copy-src
...
8e3feece67
run-tests: fix interrupt handling for --copy-src (Erik Arvstedt)
Pull request description:
ACKs for top commit:
nixbitcoin:
ACK 8e3feece67
Tree-SHA512: ec4916facedb1f5988dccd0e80e08fcf1788a8425320676e6c48350aa69f29d302bb102408c52c748ac5a794735c0c00d7a95dbea91d735add40b5690817d272
2021-02-14 19:48:09 +00:00
Jonas Nick
14f81b403a
Merge #319 : joinmarket: 0.8.0-a5e8879 -> 0.8.1
...
42f7e9f874
joinmarket: 0.8.0-a5e8879 -> 0.8.1 (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 42f7e9f874
Tree-SHA512: 92dc19d0147a2a9fdcdaa20a78b7168e503149c1ca4bde084240628f6e09bf59f728232072eabdc8cd14146724e4b5bbf3ee2a668f27154a7169e7a9e53b94c4
2021-02-14 19:44:05 +00:00
nixbitcoin
42f7e9f874
joinmarket: 0.8.0-a5e8879 -> 0.8.1
...
- Update joinmarket package
- Revert unofficial release settings
- Move Yield Generator config to configFile
- Add new config option max_sweep_fee_change
2021-02-14 16:23:53 +00:00
Jonas Nick
1302f87c70
Merge #321 : Update nixpkgs
...
47e5442910
Update nixpkgs (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 47e5442910
Tree-SHA512: 4bbcd7711ca3fdf3b8cca36c22b60ceed79a965b3d844dffd44299357ddedd0522c1b5835c53ac0d07b8c0c9456b390d3414017b6d98c8eff469c0039114b471
2021-02-12 22:24:39 +00:00